diff options
Diffstat (limited to 'pkg')
48 files changed, 769 insertions, 631 deletions
diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go index 971b6aa50..d3277b815 100644 --- a/pkg/api/handlers/compat/containers.go +++ b/pkg/api/handlers/compat/containers.go @@ -76,7 +76,12 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { return } if len(report) > 0 && report[0].Err != nil { - utils.InternalServerError(w, report[0].Err) + err = report[0].Err + if errors.Cause(err) == define.ErrNoSuchCtr { + utils.ContainerNotFound(w, name, err) + return + } + utils.InternalServerError(w, err) return } @@ -307,6 +312,34 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error } } + portMappings, err := l.PortMappings() + if err != nil { + return nil, err + } + + ports := make([]types.Port, len(portMappings)) + for idx, portMapping := range portMappings { + ports[idx] = types.Port{ + IP: portMapping.HostIP, + PrivatePort: uint16(portMapping.ContainerPort), + PublicPort: uint16(portMapping.HostPort), + Type: portMapping.Protocol, + } + } + inspect, err := l.Inspect(false) + if err != nil { + return nil, err + } + + n, err := json.Marshal(inspect.NetworkSettings) + if err != nil { + return nil, err + } + networkSettings := types.SummaryNetworkSettings{} + if err := json.Unmarshal(n, &networkSettings); err != nil { + return nil, err + } + return &handlers.Container{Container: types.Container{ ID: l.ID(), Names: []string{fmt.Sprintf("/%s", l.Name())}, @@ -314,7 +347,7 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error ImageID: imageID, Command: strings.Join(l.Command(), " "), Created: l.CreatedTime().Unix(), - Ports: nil, + Ports: ports, SizeRw: sizeRW, SizeRootFs: sizeRootFs, Labels: l.Labels(), @@ -324,7 +357,7 @@ func LibpodToContainer(l *libpod.Container, sz bool) (*handlers.Container, error NetworkMode string `json:",omitempty"` }{ "host"}, - NetworkSettings: nil, + NetworkSettings: &networkSettings, Mounts: nil, }, ContainerCreateConfig: types.ContainerCreateConfig{}, diff --git a/pkg/api/handlers/compat/containers_stop.go b/pkg/api/handlers/compat/containers_stop.go index 0526865b9..3ae223693 100644 --- a/pkg/api/handlers/compat/containers_stop.go +++ b/pkg/api/handlers/compat/containers_stop.go @@ -39,11 +39,11 @@ func StopContainer(w http.ResponseWriter, r *http.Request) { Ignore: query.Ignore, } if utils.IsLibpodRequest(r) { - if query.LibpodTimeout > 0 { + if _, found := r.URL.Query()["timeout"]; found { options.Timeout = &query.LibpodTimeout } } else { - if query.DockerTimeout > 0 { + if _, found := r.URL.Query()["t"]; found { options.Timeout = &query.DockerTimeout } } diff --git a/pkg/api/handlers/compat/images.go b/pkg/api/handlers/compat/images.go index 1a4dd939e..e5caa9ea5 100644 --- a/pkg/api/handlers/compat/images.go +++ b/pkg/api/handlers/compat/images.go @@ -1,6 +1,7 @@ package compat import ( + "context" "encoding/json" "fmt" "io" @@ -11,11 +12,13 @@ import ( "github.com/containers/buildah" "github.com/containers/image/v5/manifest" + "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" image2 "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/auth" + "github.com/containers/podman/v3/pkg/channel" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/util" "github.com/gorilla/schema" @@ -236,33 +239,103 @@ func CreateImageFromImage(w http.ResponseWriter, r *http.Request) { if sys := runtime.SystemContext(); sys != nil { registryOpts.DockerCertPath = sys.DockerCertPath } - img, err := runtime.ImageRuntime().New(r.Context(), - fromImage, - "", // signature policy - authfile, - nil, // writer - ®istryOpts, - image2.SigningOptions{}, - nil, // label - util.PullImageAlways, - ) - if err != nil { - utils.Error(w, "Something went wrong.", http.StatusInternalServerError, err) - return + + stderr := channel.NewWriter(make(chan []byte)) + defer stderr.Close() + + progress := make(chan types.ProgressProperties) + + var img string + runCtx, cancel := context.WithCancel(context.Background()) + go func() { + defer cancel() + + newImage, err := runtime.ImageRuntime().New( + runCtx, + fromImage, + "", // signature policy + authfile, + nil, // writer + ®istryOpts, + image2.SigningOptions{}, + nil, // label + util.PullImageAlways, + progress) + if err != nil { + stderr.Write([]byte(err.Error() + "\n")) + } else { + img = newImage.ID() + } + }() + + flush := func() { + if flusher, ok := w.(http.Flusher); ok { + flusher.Flush() + } } - // Success - utils.WriteResponse(w, http.StatusOK, struct { - Status string `json:"status"` - Error string `json:"error,omitempty"` - Progress string `json:"progress"` - ProgressDetail map[string]string `json:"progressDetail"` - Id string `json:"id"` // nolint - }{ - Status: fmt.Sprintf("pulling image (%s) from %s (Download complete)", img.Tag, strings.Join(img.Names(), ", ")), - ProgressDetail: map[string]string{}, - Id: img.ID(), - }) + w.WriteHeader(http.StatusOK) + w.Header().Add("Content-Type", "application/json") + flush() + + enc := json.NewEncoder(w) + enc.SetEscapeHTML(true) + var failed bool + +loop: // break out of for/select infinite loop + for { + var report struct { + Stream string `json:"stream,omitempty"` + Status string `json:"status,omitempty"` + Progress struct { + Current uint64 `json:"current,omitempty"` + Total int64 `json:"total,omitempty"` + } `json:"progressDetail,omitempty"` + Error string `json:"error,omitempty"` + Id string `json:"id,omitempty"` // nolint + } + + select { + case e := <-progress: + switch e.Event { + case types.ProgressEventNewArtifact: + report.Status = "Pulling fs layer" + case types.ProgressEventRead: + report.Status = "Downloading" + report.Progress.Current = e.Offset + report.Progress.Total = e.Artifact.Size + case types.ProgressEventSkipped: + report.Status = "Already exists" + case types.ProgressEventDone: + report.Status = "Download complete" + } + report.Id = e.Artifact.Digest.Encoded()[0:12] + if err := enc.Encode(report); err != nil { + stderr.Write([]byte(err.Error())) + } + flush() + case e := <-stderr.Chan(): + failed = true + report.Error = string(e) + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + case <-runCtx.Done(): + if !failed { + report.Status = "Pull complete" + report.Id = img[0:12] + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + } + break loop // break out of for/select infinite loop + case <-r.Context().Done(): + // Client has closed connection + break loop // break out of for/select infinite loop + } + } } func GetImage(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 2c70352e0..7751b91a7 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -77,6 +77,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Devices string `schema:"devices"` Dockerfile string `schema:"dockerfile"` DropCapabilities string `schema:"dropcaps"` + DNSServers string `schema:"dnsservers"` + DNSOptions string `schema:"dnsoptions"` + DNSSearch string `schema:"dnssearch"` Excludes string `schema:"excludes"` ForceRm bool `schema:"forcerm"` From string `schema:"from"` @@ -104,6 +107,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Squash bool `schema:"squash"` Tag []string `schema:"t"` Target string `schema:"target"` + Timestamp int64 `schema:"timestamp"` }{ Dockerfile: "Dockerfile", Registry: "docker.io", @@ -159,6 +163,36 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { devices = m } + var dnsservers = []string{} + if _, found := r.URL.Query()["dnsservers"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSServers), &m); err != nil { + utils.BadRequest(w, "dnsservers", query.DNSServers, err) + return + } + dnsservers = m + } + + var dnsoptions = []string{} + if _, found := r.URL.Query()["dnsoptions"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSOptions), &m); err != nil { + utils.BadRequest(w, "dnsoptions", query.DNSOptions, err) + return + } + dnsoptions = m + } + + var dnssearch = []string{} + if _, found := r.URL.Query()["dnssearch"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSSearch), &m); err != nil { + utils.BadRequest(w, "dnssearches", query.DNSSearch, err) + return + } + dnssearch = m + } + var output string if len(query.Tag) > 0 { output = query.Tag[0] @@ -221,9 +255,17 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { // convert label formats var labels = []string{} if _, found := r.URL.Query()["labels"]; found { - if err := json.Unmarshal([]byte(query.Labels), &labels); err != nil { - utils.BadRequest(w, "labels", query.Labels, err) - return + makeLabels := make(map[string]string) + err := json.Unmarshal([]byte(query.Labels), &makeLabels) + if err == nil { + for k, v := range makeLabels { + labels = append(labels, k+"="+v) + } + } else { + if err := json.Unmarshal([]byte(query.Labels), &labels); err != nil { + utils.BadRequest(w, "labels", query.Labels, err) + return + } } } jobs := 1 @@ -276,6 +318,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { CPUQuota: query.CpuQuota, CPUShares: query.CpuShares, CPUSetCPUs: query.CpuSetCpus, + DNSServers: dnsservers, + DNSOptions: dnsoptions, + DNSSearch: dnssearch, HTTPProxy: query.HTTPProxy, Memory: query.Memory, MemorySwap: query.MemSwap, @@ -318,6 +363,11 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Target: query.Target, } + if _, found := r.URL.Query()["timestamp"]; found { + ts := time.Unix(query.Timestamp, 0) + buildOptions.Timestamp = &ts + } + runCtx, cancel := context.WithCancel(context.Background()) var imageID string go func() { diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go index 4f613338f..db02af445 100644 --- a/pkg/api/handlers/compat/images_push.go +++ b/pkg/api/handlers/compat/images_push.go @@ -1,6 +1,8 @@ package compat import ( + "context" + "encoding/json" "fmt" "io/ioutil" "net/http" @@ -10,11 +12,14 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/auth" + "github.com/containers/podman/v3/pkg/channel" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/storage" + "github.com/docker/docker/pkg/jsonmessage" "github.com/gorilla/schema" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // PushImage is the handler for the compat http endpoint for pushing images. @@ -82,6 +87,8 @@ func PushImage(w http.ResponseWriter, r *http.Request) { Password: password, Username: username, DigestFile: digestFile.Name(), + Quiet: true, + Progress: make(chan types.ProgressProperties), } if _, found := r.URL.Query()["tlsVerify"]; found { options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) @@ -94,31 +101,103 @@ func PushImage(w http.ResponseWriter, r *http.Request) { destination = imageName } - if err := imageEngine.Push(r.Context(), imageName, destination, options); err != nil { - if errors.Cause(err) != storage.ErrImageUnknown { - utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName)) - return + errorWriter := channel.NewWriter(make(chan []byte)) + defer errorWriter.Close() + + statusWriter := channel.NewWriter(make(chan []byte)) + defer statusWriter.Close() + + runCtx, cancel := context.WithCancel(context.Background()) + var failed bool + + go func() { + defer cancel() + + statusWriter.Write([]byte(fmt.Sprintf("The push refers to repository [%s]", imageName))) + + err := imageEngine.Push(runCtx, imageName, destination, options) + if err != nil { + if errors.Cause(err) != storage.ErrImageUnknown { + errorWriter.Write([]byte("An image does not exist locally with the tag: " + imageName)) + } else { + errorWriter.Write([]byte(err.Error())) + } } + }() - utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "error pushing image %q", imageName)) - return + flush := func() { + if flusher, ok := w.(http.Flusher); ok { + flusher.Flush() + } } - digestBytes, err := ioutil.ReadAll(digestFile) - if err != nil { - utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to read digest tmp file")) - return - } + w.WriteHeader(http.StatusOK) + w.Header().Add("Content-Type", "application/json") + flush() - tag := query.Tag - if tag == "" { - tag = "latest" - } - respData := struct { - Status string `json:"status"` - }{ - Status: fmt.Sprintf("%s: digest: %s size: null", tag, string(digestBytes)), - } + enc := json.NewEncoder(w) + enc.SetEscapeHTML(true) + +loop: // break out of for/select infinite loop + for { + var report jsonmessage.JSONMessage - utils.WriteJSON(w, http.StatusOK, &respData) + select { + case e := <-options.Progress: + switch e.Event { + case types.ProgressEventNewArtifact: + report.Status = "Preparing" + case types.ProgressEventRead: + report.Status = "Pushing" + report.Progress = &jsonmessage.JSONProgress{ + Current: int64(e.Offset), + Total: e.Artifact.Size, + } + case types.ProgressEventSkipped: + report.Status = "Layer already exists" + case types.ProgressEventDone: + report.Status = "Pushed" + } + report.ID = e.Artifact.Digest.Encoded()[0:12] + if err := enc.Encode(report); err != nil { + errorWriter.Write([]byte(err.Error())) + } + flush() + case e := <-statusWriter.Chan(): + report.Status = string(e) + if err := enc.Encode(report); err != nil { + errorWriter.Write([]byte(err.Error())) + } + flush() + case e := <-errorWriter.Chan(): + failed = true + report.Error = &jsonmessage.JSONError{ + Message: string(e), + } + report.ErrorMessage = string(e) + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + case <-runCtx.Done(): + if !failed { + digestBytes, err := ioutil.ReadAll(digestFile) + if err == nil { + tag := query.Tag + if tag == "" { + tag = "latest" + } + report.Status = fmt.Sprintf("%s: digest: %s", tag, string(digestBytes)) + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + } + } + break loop // break out of for/select infinite loop + case <-r.Context().Done(): + // Client has closed connection + break loop // break out of for/select infinite loop + } + } } diff --git a/pkg/api/handlers/compat/networks.go b/pkg/api/handlers/compat/networks.go index 1a04b4289..28e90ac28 100644 --- a/pkg/api/handlers/compat/networks.go +++ b/pkg/api/handlers/compat/networks.go @@ -180,16 +180,18 @@ func findPluginByName(plugins []*libcni.NetworkConfig, pluginType string) ([]byt func ListNetworks(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) - query := struct { - Filters map[string][]string `schema:"filters"` - }{ - // override any golang type defaults - } - if err := decoder.Decode(&query, r.URL.Query()); err != nil { + filters, err := filtersFromRequest(r) + if err != nil { utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } + filterMap := map[string][]string{} + for _, filter := range filters { + split := strings.SplitN(filter, "=", 2) + if len(split) > 1 { + filterMap[split[0]] = append(filterMap[split[0]], split[1]) + } + } config, err := runtime.GetConfig() if err != nil { utils.InternalServerError(w, err) @@ -205,7 +207,7 @@ func ListNetworks(w http.ResponseWriter, r *http.Request) { reports := []*types.NetworkResource{} logrus.Debugf("netNames: %q", strings.Join(netNames, ", ")) for _, name := range netNames { - report, err := getNetworkResourceByNameOrID(name, runtime, query.Filters) + report, err := getNetworkResourceByNameOrID(name, runtime, filterMap) if err != nil { utils.InternalServerError(w, err) return diff --git a/pkg/api/handlers/compat/secrets.go b/pkg/api/handlers/compat/secrets.go index c5ee8c324..86e3887a4 100644 --- a/pkg/api/handlers/compat/secrets.go +++ b/pkg/api/handlers/compat/secrets.go @@ -40,7 +40,21 @@ func ListSecrets(w http.ResponseWriter, r *http.Request) { utils.InternalServerError(w, err) return } - utils.WriteResponse(w, http.StatusOK, reports) + if utils.IsLibpodRequest(r) { + utils.WriteResponse(w, http.StatusOK, reports) + return + } + // Docker compat expects a version field that increments when the secret is updated + // We currently can't update a secret, so we default the version to 1 + compatReports := make([]entities.SecretInfoReportCompat, 0, len(reports)) + for _, report := range reports { + compatRep := entities.SecretInfoReportCompat{ + SecretInfoReport: *report, + Version: entities.SecretVersion{Index: 1}, + } + compatReports = append(compatReports, compatRep) + } + utils.WriteResponse(w, http.StatusOK, compatReports) } func InspectSecret(w http.ResponseWriter, r *http.Request) { @@ -59,7 +73,21 @@ func InspectSecret(w http.ResponseWriter, r *http.Request) { utils.SecretNotFound(w, name, errs[0]) return } - utils.WriteResponse(w, http.StatusOK, reports[0]) + if len(reports) < 1 { + utils.InternalServerError(w, err) + return + } + if utils.IsLibpodRequest(r) { + utils.WriteResponse(w, http.StatusOK, reports[0]) + return + } + // Docker compat expects a version field that increments when the secret is updated + // We currently can't update a secret, so we default the version to 1 + compatReport := entities.SecretInfoReportCompat{ + SecretInfoReport: *reports[0], + Version: entities.SecretVersion{Index: 1}, + } + utils.WriteResponse(w, http.StatusOK, compatReport) } func RemoveSecret(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/api/handlers/compat/version.go b/pkg/api/handlers/compat/version.go index d90a892c1..fae147440 100644 --- a/pkg/api/handlers/compat/version.go +++ b/pkg/api/handlers/compat/version.go @@ -10,6 +10,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/version" docker "github.com/docker/docker/api/types" "github.com/pkg/errors" ) @@ -35,20 +36,20 @@ func VersionHandler(w http.ResponseWriter, r *http.Request) { Name: "Podman Engine", Version: versionInfo.Version, Details: map[string]string{ - "APIVersion": utils.APIVersion[utils.LibpodTree][utils.CurrentAPIVersion].String(), + "APIVersion": version.APIVersion[version.Libpod][version.CurrentAPI].String(), "Arch": goRuntime.GOARCH, "BuildTime": time.Unix(versionInfo.Built, 0).Format(time.RFC3339), "Experimental": "true", "GitCommit": versionInfo.GitCommit, "GoVersion": versionInfo.GoVersion, "KernelVersion": infoData.Host.Kernel, - "MinAPIVersion": utils.APIVersion[utils.LibpodTree][utils.MinimalAPIVersion].String(), + "MinAPIVersion": version.APIVersion[version.Libpod][version.MinimalAPI].String(), "Os": goRuntime.GOOS, }, }} - apiVersion := utils.APIVersion[utils.CompatTree][utils.CurrentAPIVersion] - minVersion := utils.APIVersion[utils.CompatTree][utils.MinimalAPIVersion] + apiVersion := version.APIVersion[version.Compat][version.CurrentAPI] + minVersion := version.APIVersion[version.Compat][version.MinimalAPI] utils.WriteResponse(w, http.StatusOK, entities.ComponentVersion{ Version: docker.Version{ diff --git a/pkg/api/handlers/libpod/copy.go b/pkg/api/handlers/libpod/copy.go deleted file mode 100644 index 4b345bacc..000000000 --- a/pkg/api/handlers/libpod/copy.go +++ /dev/null @@ -1,12 +0,0 @@ -package libpod - -import ( - "net/http" - - "github.com/containers/podman/v3/pkg/api/handlers/utils" - "github.com/pkg/errors" -) - -func Archive(w http.ResponseWriter, r *http.Request) { - utils.Error(w, "not implemented", http.StatusNotImplemented, errors.New("not implemented")) -} diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 1a2483784..83fe23621 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -451,6 +451,7 @@ func PushImage(w http.ResponseWriter, r *http.Request) { Password: password, Format: query.Format, All: query.All, + Quiet: true, } if _, found := r.URL.Query()["tlsVerify"]; found { options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) diff --git a/pkg/api/handlers/libpod/images_pull.go b/pkg/api/handlers/libpod/images_pull.go index c8b777be4..e2e4b53b4 100644 --- a/pkg/api/handlers/libpod/images_pull.go +++ b/pkg/api/handlers/libpod/images_pull.go @@ -136,7 +136,8 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) { &dockerRegistryOptions, image.SigningOptions{}, nil, - util.PullImageAlways) + util.PullImageAlways, + nil) if err != nil { stderr.Write([]byte(err.Error() + "\n")) } else { diff --git a/pkg/api/handlers/utils/handler.go b/pkg/api/handlers/utils/handler.go index b3c674788..7625f9546 100644 --- a/pkg/api/handlers/utils/handler.go +++ b/pkg/api/handlers/utils/handler.go @@ -10,49 +10,14 @@ import ( "unsafe" "github.com/blang/semver" + "github.com/containers/podman/v3/version" "github.com/gorilla/mux" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) -type ( - // VersionTree determines which API endpoint tree for version - VersionTree int - // VersionLevel determines which API level, current or something from the past - VersionLevel int -) - -const ( - // LibpodTree supports Libpod endpoints - LibpodTree = VersionTree(iota) - // CompatTree supports Libpod endpoints - CompatTree - - // CurrentAPIVersion announces what is the current API level - CurrentAPIVersion = VersionLevel(iota) - // MinimalAPIVersion announces what is the oldest API level supported - MinimalAPIVersion -) - var ( - // See https://docs.docker.com/engine/api/v1.40/ - // libpod compat handlers are expected to honor docker API versions - - // APIVersion provides the current and minimal API versions for compat and libpod endpoint trees - // Note: GET|HEAD /_ping is never versioned and provides the API-Version and Libpod-API-Version headers to allow - // clients to shop for the Version they wish to support - APIVersion = map[VersionTree]map[VersionLevel]semver.Version{ - LibpodTree: { - CurrentAPIVersion: semver.MustParse("3.0.0"), - MinimalAPIVersion: semver.MustParse("3.0.0"), - }, - CompatTree: { - CurrentAPIVersion: semver.MustParse("1.40.0"), - MinimalAPIVersion: semver.MustParse("1.24.0"), - }, - } - // ErrVersionNotGiven returned when version not given by client ErrVersionNotGiven = errors.New("version not given in URL path") // ErrVersionNotSupported returned when given version is too old @@ -98,14 +63,14 @@ func SupportedVersion(r *http.Request, condition string) (semver.Version, error) // SupportedVersionWithDefaults validates that the version provided by client valid is supported by server // minimal API version <= client path version <= maximum API version focused on the endpoint tree from URL func SupportedVersionWithDefaults(r *http.Request) (semver.Version, error) { - tree := CompatTree + tree := version.Compat if IsLibpodRequest(r) { - tree = LibpodTree + tree = version.Libpod } return SupportedVersion(r, - fmt.Sprintf(">=%s <=%s", APIVersion[tree][MinimalAPIVersion].String(), - APIVersion[tree][CurrentAPIVersion].String())) + fmt.Sprintf(">=%s <=%s", version.APIVersion[tree][version.MinimalAPI].String(), + version.APIVersion[tree][version.CurrentAPI].String())) } // WriteResponse encodes the given value as JSON or string and renders it for http client diff --git a/pkg/api/handlers/utils/handler_test.go b/pkg/api/handlers/utils/handler_test.go index d9fd22b80..18a1d2678 100644 --- a/pkg/api/handlers/utils/handler_test.go +++ b/pkg/api/handlers/utils/handler_test.go @@ -7,17 +7,18 @@ import ( "net/http/httptest" "testing" + "github.com/containers/podman/v3/version" "github.com/gorilla/mux" ) func TestSupportedVersion(t *testing.T) { req, err := http.NewRequest("GET", - fmt.Sprintf("/v%s/libpod/testing/versions", APIVersion[LibpodTree][CurrentAPIVersion]), + fmt.Sprintf("/v%s/libpod/testing/versions", version.APIVersion[version.Libpod][version.CurrentAPI]), nil) if err != nil { t.Fatal(err) } - req = mux.SetURLVars(req, map[string]string{"version": APIVersion[LibpodTree][CurrentAPIVersion].String()}) + req = mux.SetURLVars(req, map[string]string{"version": version.APIVersion[version.Libpod][version.CurrentAPI].String()}) rr := httptest.NewRecorder() handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/api/server/handler_api.go b/pkg/api/server/handler_api.go index e7bf94fc6..28b8706a8 100644 --- a/pkg/api/server/handler_api.go +++ b/pkg/api/server/handler_api.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/auth" + "github.com/containers/podman/v3/version" "github.com/google/uuid" "github.com/sirupsen/logrus" ) @@ -55,10 +56,10 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { c = context.WithValue(c, "idletracker", s.idleTracker) // nolint r = r.WithContext(c) - cv := utils.APIVersion[utils.CompatTree][utils.CurrentAPIVersion] + cv := version.APIVersion[version.Compat][version.CurrentAPI] w.Header().Set("API-Version", fmt.Sprintf("%d.%d", cv.Major, cv.Minor)) - lv := utils.APIVersion[utils.LibpodTree][utils.CurrentAPIVersion].String() + lv := version.APIVersion[version.Libpod][version.CurrentAPI].String() w.Header().Set("Libpod-API-Version", lv) w.Header().Set("Server", "Libpod/"+lv+" ("+runtime.GOOS+")") @@ -72,5 +73,5 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { // VersionedPath prepends the version parsing code // any handler may override this default when registering URL(s) func VersionedPath(p string) string { - return "/v{version:[0-9][0-9.]*}" + p + return "/v{version:[0-9][0-9A-Za-z.-]*}" + p } diff --git a/pkg/api/server/register_archive.go b/pkg/api/server/register_archive.go index 2a5cfba0b..2ac126644 100644 --- a/pkg/api/server/register_archive.go +++ b/pkg/api/server/register_archive.go @@ -91,7 +91,7 @@ func (s *APIServer) registerArchiveHandlers(r *mux.Router) error { Libpod */ - // swagger:operation POST /libpod/containers/{name}/archive libpod libpodPutArchive + // swagger:operation PUT /libpod/containers/{name}/archive libpod libpodPutArchive // --- // summary: Copy files into a container // description: Copy a tar archive of files into a container diff --git a/pkg/api/server/register_pods.go b/pkg/api/server/register_pods.go index 949bf80e2..c66cc48ff 100644 --- a/pkg/api/server/register_pods.go +++ b/pkg/api/server/register_pods.go @@ -36,7 +36,6 @@ func (s *APIServer) registerPodsHandlers(r *mux.Router) error { // name: create // description: attributes for creating a pod // schema: - // type: object // $ref: "#/definitions/PodSpecGenerator" // responses: // 200: diff --git a/pkg/api/server/register_secrets.go b/pkg/api/server/register_secrets.go index 1c5f5954b..531623845 100644 --- a/pkg/api/server/register_secrets.go +++ b/pkg/api/server/register_secrets.go @@ -115,7 +115,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // parameters: // responses: // '200': - // "$ref": "#/responses/SecretListResponse" + // "$ref": "#/responses/SecretListCompatResponse" // '500': // "$ref": "#/responses/InternalError" r.Handle(VersionedPath("/secrets"), s.APIHandler(compat.ListSecrets)).Methods(http.MethodGet) @@ -158,7 +158,7 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - application/json // responses: // '200': - // "$ref": "#/responses/SecretInspectResponse" + // "$ref": "#/responses/SecretInspectCompatResponse" // '404': // "$ref": "#/responses/NoSuchSecret" // '500': diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go index 0cf51e5a6..53095c295 100644 --- a/pkg/autoupdate/autoupdate.go +++ b/pkg/autoupdate/autoupdate.go @@ -304,6 +304,7 @@ func updateImage(runtime *libpod.Runtime, name string, options Options) (*image. image.SigningOptions{}, nil, util.PullImageAlways, + nil, ) if err != nil { return nil, err diff --git a/pkg/bindings/bindings.go b/pkg/bindings/bindings.go deleted file mode 100644 index 14f306910..000000000 --- a/pkg/bindings/bindings.go +++ /dev/null @@ -1,26 +0,0 @@ -// Package bindings provides golang-based access -// to the Podman REST API. Users can then interact with API endpoints -// to manage containers, images, pods, etc. -// -// This package exposes a series of methods that allow users to firstly -// create their connection with the API endpoints. Once the connection -// is established, users can then manage the Podman container runtime. -package bindings - -import ( - "github.com/blang/semver" -) - -var ( - // PTrue is a convenience variable that can be used in bindings where - // a pointer to a bool (optional parameter) is required. - pTrue = true - PTrue = &pTrue - // PFalse is a convenience variable that can be used in bindings where - // a pointer to a bool (optional parameter) is required. - pFalse = false - PFalse = &pFalse - - // APIVersion - podman will fail to run if this value is wrong - APIVersion = semver.MustParse("2.0.0") -) diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index ad16498d5..21a8e7a8b 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -14,6 +14,7 @@ import ( "github.com/blang/semver" "github.com/containers/podman/v3/pkg/terminal" + "github.com/containers/podman/v3/version" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -25,7 +26,7 @@ var ( BasePath = &url.URL{ Scheme: "http", Host: "d", - Path: "/v" + APIVersion.String() + "/libpod", + Path: "/v" + version.APIVersion[version.Libpod][version.CurrentAPI].String() + "/libpod", } ) @@ -168,15 +169,16 @@ func pingNewConnection(ctx context.Context) error { return err } - switch APIVersion.Compare(versionSrv) { + switch version.APIVersion[version.Libpod][version.MinimalAPI].Compare(versionSrv) { case -1, 0: // Server's job when Client version is equal or older return nil case 1: - return errors.Errorf("server API version is too old. Client %q server %q", APIVersion.String(), versionSrv.String()) + return errors.Errorf("server API version is too old. Client %q server %q", + version.APIVersion[version.Libpod][version.MinimalAPI].String(), versionSrv.String()) } } - return errors.Errorf("ping response was %q", response.StatusCode) + return errors.Errorf("ping response was %d", response.StatusCode) } func sshClient(_url *url.URL, secure bool, passPhrase string, identity string) (Connection, error) { diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 6e16461e5..1cbd28c37 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -87,6 +87,28 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO params.Add("devices", d) } + if dnsservers := options.CommonBuildOpts.DNSServers; len(dnsservers) > 0 { + c, err := jsoniter.MarshalToString(dnsservers) + if err != nil { + return nil, err + } + params.Add("dnsservers", c) + } + if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 { + c, err := jsoniter.MarshalToString(dnsoptions) + if err != nil { + return nil, err + } + params.Add("dnsoptions", c) + } + if dnssearch := options.CommonBuildOpts.DNSSearch; len(dnssearch) > 0 { + c, err := jsoniter.MarshalToString(dnssearch) + if err != nil { + return nil, err + } + params.Add("dnssearch", c) + } + if caps := options.DropCapabilities; len(caps) > 0 { c, err := jsoniter.MarshalToString(caps) if err != nil { @@ -185,6 +207,12 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO if options.Squash { params.Set("squash", "1") } + + if options.Timestamp != nil { + t := *options.Timestamp + params.Set("timestamp", strconv.FormatInt(t.Unix(), 10)) + } + var ( headers map[string]string err error diff --git a/pkg/bindings/test/attach_test.go b/pkg/bindings/test/attach_test.go index 16090e104..fbdf18d44 100644 --- a/pkg/bindings/test/attach_test.go +++ b/pkg/bindings/test/attach_test.go @@ -35,7 +35,7 @@ var _ = Describe("Podman containers attach", func() { It("can run top in container", func() { name := "TopAttachTest" - id, err := bt.RunTopContainer(&name, nil, nil) + id, err := bt.RunTopContainer(&name, nil) Expect(err).ShouldNot(HaveOccurred()) tickTock := time.NewTimer(2 * time.Second) diff --git a/pkg/bindings/test/common_test.go b/pkg/bindings/test/common_test.go index 588f38930..9bac4b620 100644 --- a/pkg/bindings/test/common_test.go +++ b/pkg/bindings/test/common_test.go @@ -188,14 +188,14 @@ func (b *bindingTest) restoreImageFromCache(i testImage) { // Run a container within or without a pod // and add or append the alpine image to it -func (b *bindingTest) RunTopContainer(containerName *string, insidePod *bool, podName *string) (string, error) { +func (b *bindingTest) RunTopContainer(containerName *string, podName *string) (string, error) { s := specgen.NewSpecGenerator(alpine.name, false) s.Terminal = false s.Command = []string{"/usr/bin/top"} if containerName != nil { s.Name = *containerName } - if insidePod != nil && podName != nil { + if podName != nil { s.Pod = *podName } ctr, err := containers.CreateWithSpec(b.conn, s, nil) diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index f2ab197ce..b0ddc7862 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -55,7 +55,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by name", func() { // Pausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -69,7 +69,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a running container by id", func() { // Pausing by id should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -83,7 +83,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by name", func() { // Unpausing by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -99,7 +99,7 @@ var _ = Describe("Podman containers ", func() { It("podman unpause a running container by ID", func() { // Unpausing by ID should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Pause by name err = containers.Pause(bt.conn, name, nil) @@ -118,7 +118,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by name", func() { // Pausing a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -131,7 +131,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a paused container by id", func() { // Pausing a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -144,7 +144,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by name", func() { // Pausing a stopped container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -157,7 +157,7 @@ var _ = Describe("Podman containers ", func() { It("podman pause a stopped container by id", func() { // Pausing a stopped container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -170,7 +170,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove a paused container by id without force", func() { // Removing a paused container without force should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -183,7 +183,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove a paused container by id with force", func() { // Removing a paused container with force should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -194,7 +194,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a paused container by name", func() { // Stopping a paused container by name should fail var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -207,7 +207,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a paused container by id", func() { // Stopping a paused container by id should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -220,7 +220,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by name", func() { // Stopping a running container by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -234,7 +234,7 @@ var _ = Describe("Podman containers ", func() { It("podman stop a running container by ID", func() { // Stopping a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -256,7 +256,7 @@ var _ = Describe("Podman containers ", func() { Expect(code).To(BeNumerically("==", http.StatusNotFound)) errChan := make(chan error) - _, err = bt.RunTopContainer(&name, nil, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) go func() { exitCode, err = containers.Wait(bt.conn, name, nil) @@ -278,7 +278,7 @@ var _ = Describe("Podman containers ", func() { running = define.ContainerStateRunning ) errChan := make(chan error) - _, err := bt.RunTopContainer(&name, nil, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) go func() { exitCode, err = containers.Wait(bt.conn, name, new(containers.WaitOptions).WithCondition([]define.ContainerStatus{pause})) @@ -317,7 +317,7 @@ var _ = Describe("Podman containers ", func() { // a container that has no healthcheck should be a 409 var name = "top" - bt.RunTopContainer(&name, bindings.PFalse, nil) + bt.RunTopContainer(&name, nil) _, err = containers.RunHealthCheck(bt.conn, name, nil) Expect(err).ToNot(BeNil()) code, _ = bindings.CheckResponseCode(err) @@ -376,7 +376,7 @@ var _ = Describe("Podman containers ", func() { It("podman top", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // By name @@ -414,7 +414,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by name", func() { // Container existence check by name should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -424,7 +424,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by ID", func() { // Container existence check by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid, nil) Expect(err).To(BeNil()) @@ -434,7 +434,7 @@ var _ = Describe("Podman containers ", func() { It("podman container exists in local storage by short ID", func() { // Container existence check by short ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) containerExists, err := containers.Exists(bt.conn, cid[0:12], nil) Expect(err).To(BeNil()) @@ -452,7 +452,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by name with SIGINT", func() { // Killing a running container should work var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, name, new(containers.KillOptions).WithSignal("SIGINT")) Expect(err).To(BeNil()) @@ -463,7 +463,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGTERM", func() { // Killing a running container by ID should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGTERM")) Expect(err).To(BeNil()) @@ -474,7 +474,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by ID with SIGKILL", func() { // Killing a running container by ID with TERM should work var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("SIGKILL")) Expect(err).To(BeNil()) @@ -483,7 +483,7 @@ var _ = Describe("Podman containers ", func() { It("podman kill a running container by bogus signal", func() { //Killing a running container by bogus signal should fail var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Kill(bt.conn, cid, new(containers.KillOptions).WithSignal("foobar")) Expect(err).ToNot(BeNil()) @@ -495,9 +495,9 @@ var _ = Describe("Podman containers ", func() { // Killing latest container should work var name1 = "first" var name2 = "second" - _, err := bt.RunTopContainer(&name1, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name1, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) containerLatestList, err := containers.List(bt.conn, new(containers.ListOptions).WithLast(1)) Expect(err).To(BeNil()) @@ -526,7 +526,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -541,7 +541,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune stopped containers with filters", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -575,7 +575,7 @@ var _ = Describe("Podman containers ", func() { It("podman prune running containers", func() { // Start the container. var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Check if the container is running. @@ -598,7 +598,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Inspecting running container should succeed _, err = containers.Inspect(bt.conn, name, nil) @@ -607,7 +607,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect stopped container", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -618,7 +618,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect running container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) _, err = containers.Inspect(bt.conn, name, new(containers.InspectOptions).WithSize(true)) Expect(err).To(BeNil()) @@ -626,7 +626,7 @@ var _ = Describe("Podman containers ", func() { It("podman inspect stopped container with size", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -643,7 +643,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, nil) @@ -654,7 +654,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, nil) @@ -665,7 +665,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithForce(true)) @@ -676,7 +676,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithForce(true)) @@ -687,7 +687,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithVolumes(true)) @@ -698,7 +698,7 @@ var _ = Describe("Podman containers ", func() { It("podman remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithVolumes(true)) @@ -709,7 +709,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by name", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, name, new(containers.RemoveOptions).WithVolumes(true).WithForce(true)) @@ -720,7 +720,7 @@ var _ = Describe("Podman containers ", func() { It("podman forcibly remove running container and volume by ID", func() { var name = "top" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) // Removing running container should fail err = containers.Remove(bt.conn, cid, new(containers.RemoveOptions).WithForce(true).WithVolumes(true)) @@ -732,9 +732,9 @@ var _ = Describe("Podman containers ", func() { It("List containers with filters", func() { var name = "top" var name2 = "top2" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) s := specgen.NewSpecGenerator(alpine.name, false) s.Terminal = true @@ -753,7 +753,7 @@ var _ = Describe("Podman containers ", func() { podName := "testpod" ctrName := "testctr" bt.Podcreate(&podName) - _, err := bt.RunTopContainer(&ctrName, bindings.PTrue, &podName) + _, err := bt.RunTopContainer(&ctrName, &podName) Expect(err).To(BeNil()) lastNum := 1 diff --git a/pkg/bindings/test/exec_test.go b/pkg/bindings/test/exec_test.go index 7a21be77f..c10452eaf 100644 --- a/pkg/bindings/test/exec_test.go +++ b/pkg/bindings/test/exec_test.go @@ -4,7 +4,6 @@ import ( "time" "github.com/containers/podman/v3/pkg/api/handlers" - "github.com/containers/podman/v3/pkg/bindings" "github.com/containers/podman/v3/pkg/bindings/containers" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -33,7 +32,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create makes an exec session", func() { name := "testCtr" - cid, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + cid, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) @@ -53,7 +52,7 @@ var _ = Describe("Podman containers exec", func() { It("Podman exec create with bad command fails", func() { name := "testCtr" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) execConfig := new(handlers.ExecCreateConfig) diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go index db51d1e68..688bf049f 100644 --- a/pkg/bindings/test/images_test.go +++ b/pkg/bindings/test/images_test.go @@ -101,7 +101,7 @@ var _ = Describe("Podman images", func() { // Start a container with alpine image var top string = "top" - _, err = bt.RunTopContainer(&top, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&top, nil) Expect(err).To(BeNil()) // we should now have a container called "top" running containerResponse, err := containers.Inspect(bt.conn, "top", nil) diff --git a/pkg/bindings/test/info_test.go b/pkg/bindings/test/info_test.go index 3ca4b99b3..f61e8c370 100644 --- a/pkg/bindings/test/info_test.go +++ b/pkg/bindings/test/info_test.go @@ -49,17 +49,17 @@ var _ = Describe("Podman info", func() { _, err := containers.CreateWithSpec(bt.conn, s, nil) Expect(err).To(BeNil()) - idPause, err := bt.RunTopContainer(nil, nil, nil) + idPause, err := bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) err = containers.Pause(bt.conn, idPause, nil) Expect(err).To(BeNil()) - idStop, err := bt.RunTopContainer(nil, nil, nil) + idStop, err := bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, idStop, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(nil, nil, nil) + _, err = bt.RunTopContainer(nil, nil) Expect(err).To(BeNil()) info, err := system.Info(bt.conn, nil) diff --git a/pkg/bindings/test/pods_test.go b/pkg/bindings/test/pods_test.go index 2b4eb05d3..b06ff31a2 100644 --- a/pkg/bindings/test/pods_test.go +++ b/pkg/bindings/test/pods_test.go @@ -63,7 +63,7 @@ var _ = Describe("Podman pods", func() { Expect(err).To(BeNil()) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) podSummary, err = pods.List(bt.conn, nil) // Verify no errors. @@ -93,7 +93,7 @@ var _ = Describe("Podman pods", func() { _, err = pods.Start(bt.conn, newpod, nil) Expect(err).To(BeNil()) - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) // Expected err with invalid filter params @@ -179,7 +179,7 @@ var _ = Describe("Podman pods", func() { Expect(code).To(BeNumerically("==", http.StatusNotFound)) // Adding an alpine container to the existing pod - _, err = bt.RunTopContainer(nil, bindings.PTrue, &newpod) + _, err = bt.RunTopContainer(nil, &newpod) Expect(err).To(BeNil()) // Binding needs to be modified to inspect the pod state. diff --git a/pkg/bindings/test/system_test.go b/pkg/bindings/test/system_test.go index a68a8099c..68e9d9301 100644 --- a/pkg/bindings/test/system_test.go +++ b/pkg/bindings/test/system_test.go @@ -4,7 +4,6 @@ import ( "sync" "time" - "github.com/containers/podman/v3/pkg/bindings" "github.com/containers/podman/v3/pkg/bindings/containers" "github.com/containers/podman/v3/pkg/bindings/pods" "github.com/containers/podman/v3/pkg/bindings/system" @@ -41,7 +40,7 @@ var _ = Describe("Podman system", func() { It("podman events", func() { var name = "top" - _, err := bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err := bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) filters := make(map[string][]string) @@ -72,7 +71,7 @@ var _ = Describe("Podman system", func() { Expect(err).To(BeNil()) // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) @@ -98,14 +97,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume @@ -132,14 +131,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start second container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume should work @@ -167,14 +166,14 @@ var _ = Describe("Podman system", func() { // Start and stop a container to enter in exited state. var name = "top" - _, err = bt.RunTopContainer(&name, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name, nil) Expect(err).To(BeNil()) err = containers.Stop(bt.conn, name, nil) Expect(err).To(BeNil()) // Start second container and leave in running var name2 = "top2" - _, err = bt.RunTopContainer(&name2, bindings.PFalse, nil) + _, err = bt.RunTopContainer(&name2, nil) Expect(err).To(BeNil()) // Adding an unused volume should work diff --git a/pkg/checkpoint/checkpoint_restore.go b/pkg/checkpoint/checkpoint_restore.go index a608762b5..77a993128 100644 --- a/pkg/checkpoint/checkpoint_restore.go +++ b/pkg/checkpoint/checkpoint_restore.go @@ -4,15 +4,14 @@ import ( "context" "io/ioutil" "os" - "path/filepath" + metadata "github.com/checkpoint-restore/checkpointctl/lib" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/errorhandling" "github.com/containers/podman/v3/pkg/util" "github.com/containers/storage/pkg/archive" - jsoniter "github.com/json-iterator/go" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -20,21 +19,6 @@ import ( // Prefixing the checkpoint/restore related functions with 'cr' -// crImportFromJSON imports the JSON files stored in the exported -// checkpoint tarball -func crImportFromJSON(filePath string, v interface{}) error { - content, err := ioutil.ReadFile(filePath) - if err != nil { - return errors.Wrap(err, "failed to read container definition for restore") - } - json := jsoniter.ConfigCompatibleWithStandardLibrary - if err = json.Unmarshal(content, v); err != nil { - return errors.Wrapf(err, "failed to unmarshal container definition %s for restore", filePath) - } - - return nil -} - // CRImportCheckpoint it the function which imports the information // from checkpoint tarball and re-creates the container from that information func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOptions entities.RestoreOptions) ([]*libpod.Container, error) { @@ -48,13 +32,13 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt options := &archive.TarOptions{ // Here we only need the files config.dump and spec.dump ExcludePatterns: []string{ - "checkpoint", - "artifacts", - "ctr.log", - "rootfs-diff.tar", - "network.status", - "deleted.files", "volumes", + "ctr.log", + "artifacts", + metadata.RootFsDiffTar, + metadata.DeletedFilesFile, + metadata.NetworkStatusFile, + metadata.CheckpointDirectory, }, } dir, err := ioutil.TempDir("", "checkpoint") @@ -73,13 +57,13 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt // Load spec.dump from temporary directory dumpSpec := new(spec.Spec) - if err := crImportFromJSON(filepath.Join(dir, "spec.dump"), dumpSpec); err != nil { + if _, err := metadata.ReadJSONFile(dumpSpec, dir, metadata.SpecDumpFile); err != nil { return nil, err } // Load config.dump from temporary directory config := new(libpod.ContainerConfig) - if err = crImportFromJSON(filepath.Join(dir, "config.dump"), config); err != nil { + if _, err = metadata.ReadJSONFile(config, dir, metadata.ConfigDumpFile); err != nil { return nil, err } @@ -121,7 +105,7 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt return nil, err } - _, err = runtime.ImageRuntime().New(ctx, config.RootfsImageName, rtc.Engine.SignaturePolicyPath, "", writer, nil, image.SigningOptions{}, nil, util.PullImageMissing) + _, err = runtime.ImageRuntime().New(ctx, config.RootfsImageName, rtc.Engine.SignaturePolicyPath, "", writer, nil, image.SigningOptions{}, nil, util.PullImageMissing, nil) if err != nil { return nil, err } diff --git a/pkg/checkpoint/crutils/checkpoint_restore_utils.go b/pkg/checkpoint/crutils/checkpoint_restore_utils.go new file mode 100644 index 000000000..53ff55865 --- /dev/null +++ b/pkg/checkpoint/crutils/checkpoint_restore_utils.go @@ -0,0 +1,191 @@ +package crutils + +import ( + "io" + "os" + "os/exec" + "path/filepath" + + metadata "github.com/checkpoint-restore/checkpointctl/lib" + "github.com/containers/storage/pkg/archive" + "github.com/opencontainers/selinux/go-selinux/label" + "github.com/pkg/errors" +) + +// This file mainly exist to make the checkpoint/restore functions +// available for other users. One possible candidate would be CRI-O. + +// CRImportCheckpointWithoutConfig imports the checkpoint archive (input) +// into the directory destination without "config.dump" and "spec.dump" +func CRImportCheckpointWithoutConfig(destination, input string) error { + archiveFile, err := os.Open(input) + if err != nil { + return errors.Wrapf(err, "Failed to open checkpoint archive %s for import", input) + } + + defer archiveFile.Close() + options := &archive.TarOptions{ + ExcludePatterns: []string{ + // Import everything else besides the container config + metadata.ConfigDumpFile, + metadata.SpecDumpFile, + }, + } + if err = archive.Untar(archiveFile, destination, options); err != nil { + return errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", input) + } + + return nil +} + +// CRRemoveDeletedFiles loads the list of deleted files and if +// it exists deletes all files listed. +func CRRemoveDeletedFiles(id, baseDirectory, containerRootDirectory string) error { + deletedFiles, _, err := metadata.ReadContainerCheckpointDeletedFiles(baseDirectory) + if os.IsNotExist(errors.Unwrap(errors.Unwrap(err))) { + // No files to delete. Just return + return nil + } + + if err != nil { + return errors.Wrapf(err, "failed to read deleted files file") + } + + for _, deleteFile := range deletedFiles { + // Using RemoveAll as deletedFiles, which is generated from 'podman diff' + // lists completely deleted directories as a single entry: 'D /root'. + if err := os.RemoveAll(filepath.Join(containerRootDirectory, deleteFile)); err != nil { + return errors.Wrapf(err, "failed to delete files from container %s during restore", id) + } + } + + return nil +} + +// CRApplyRootFsDiffTar applies the tar archive found in baseDirectory with the +// root file system changes on top of containerRootDirectory +func CRApplyRootFsDiffTar(baseDirectory, containerRootDirectory string) error { + rootfsDiffPath := filepath.Join(baseDirectory, metadata.RootFsDiffTar) + if _, err := os.Stat(rootfsDiffPath); err != nil { + // Only do this if a rootfs-diff.tar actually exists + return nil + } + + rootfsDiffFile, err := os.Open(rootfsDiffPath) + if err != nil { + return errors.Wrap(err, "failed to open root file-system diff file") + } + defer rootfsDiffFile.Close() + + if err := archive.Untar(rootfsDiffFile, containerRootDirectory, nil); err != nil { + return errors.Wrapf(err, "failed to apply root file-system diff file %s", rootfsDiffPath) + } + + return nil +} + +// CRCreateRootFsDiffTar goes through the 'changes' and can create two files: +// * metadata.RootFsDiffTar will contain all new and changed files +// * metadata.DeletedFilesFile will contain a list of deleted files +// With these two files it is possible to restore the container file system to the same +// state it was during checkpointing. +// Changes to directories (owner, mode) are not handled. +func CRCreateRootFsDiffTar(changes *[]archive.Change, mountPoint, destination string) (includeFiles []string, err error) { + if len(*changes) == 0 { + return includeFiles, nil + } + + var rootfsIncludeFiles []string + var deletedFiles []string + + rootfsDiffPath := filepath.Join(destination, metadata.RootFsDiffTar) + + for _, file := range *changes { + if file.Kind == archive.ChangeAdd { + rootfsIncludeFiles = append(rootfsIncludeFiles, file.Path) + continue + } + if file.Kind == archive.ChangeDelete { + deletedFiles = append(deletedFiles, file.Path) + continue + } + fileName, err := os.Stat(file.Path) + if err != nil { + continue + } + if !fileName.IsDir() && file.Kind == archive.ChangeModify { + rootfsIncludeFiles = append(rootfsIncludeFiles, file.Path) + continue + } + } + + if len(rootfsIncludeFiles) > 0 { + rootfsTar, err := archive.TarWithOptions(mountPoint, &archive.TarOptions{ + Compression: archive.Uncompressed, + IncludeSourceDir: true, + IncludeFiles: rootfsIncludeFiles, + }) + if err != nil { + return includeFiles, errors.Wrapf(err, "error exporting root file-system diff to %q", rootfsDiffPath) + } + rootfsDiffFile, err := os.Create(rootfsDiffPath) + if err != nil { + return includeFiles, errors.Wrapf(err, "error creating root file-system diff file %q", rootfsDiffPath) + } + defer rootfsDiffFile.Close() + if _, err = io.Copy(rootfsDiffFile, rootfsTar); err != nil { + return includeFiles, err + } + + includeFiles = append(includeFiles, metadata.RootFsDiffTar) + } + + if len(deletedFiles) == 0 { + return includeFiles, nil + } + + if _, err := metadata.WriteJSONFile(deletedFiles, destination, metadata.DeletedFilesFile); err != nil { + return includeFiles, nil + } + + includeFiles = append(includeFiles, metadata.DeletedFilesFile) + + return includeFiles, nil +} + +// CRCreateFileWithLabel creates an empty file and sets the corresponding ('fileLabel') +// SELinux label on the file. +// This is necessary for CRIU log files because CRIU infects the processes in +// the container with a 'parasite' and this will also try to write to the log files +// from the context of the container processes. +func CRCreateFileWithLabel(directory, fileName, fileLabel string) error { + logFileName := filepath.Join(directory, fileName) + + logFile, err := os.OpenFile(logFileName, os.O_CREATE, 0o600) + if err != nil { + return errors.Wrapf(err, "failed to create file %q", logFileName) + } + defer logFile.Close() + if err = label.SetFileLabel(logFileName, fileLabel); err != nil { + return errors.Wrapf(err, "failed to label file %q", logFileName) + } + + return nil +} + +// CRRuntimeSupportsCheckpointRestore tests if the given runtime at 'runtimePath' +// supports checkpointing. The checkpoint restore interface has no definition +// but crun implements all commands just as runc does. Whathh runc does it the +// official definition of the checkpoint/restore interface. +func CRRuntimeSupportsCheckpointRestore(runtimePath string) bool { + // Check if the runtime implements checkpointing. Currently only + // runc's and crun's checkpoint/restore implementation is supported. + cmd := exec.Command(runtimePath, "checkpoint", "--help") + if err := cmd.Start(); err != nil { + return false + } + if err := cmd.Wait(); err == nil { + return true + } + return false +} diff --git a/pkg/copy/fileinfo.go b/pkg/copy/fileinfo.go index b95bcd90c..fb711311c 100644 --- a/pkg/copy/fileinfo.go +++ b/pkg/copy/fileinfo.go @@ -7,8 +7,8 @@ import ( "os" "path/filepath" "strings" - "time" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" ) @@ -22,14 +22,7 @@ var ErrENOENT = errors.New("No such file or directory") // FileInfo describes a file or directory and is returned by // (*CopyItem).Stat(). -type FileInfo struct { - Name string `json:"name"` - Size int64 `json:"size"` - Mode os.FileMode `json:"mode"` - ModTime time.Time `json:"mtime"` - IsDir bool `json:"isDir"` - LinkTarget string `json:"linkTarget"` -} +type FileInfo = define.FileInfo // EncodeFileInfo serializes the specified FileInfo as a base64 encoded JSON // payload. Intended for Docker compat. diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index ac965834a..7d074f89d 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -8,7 +8,6 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/pkg/copy" "github.com/containers/podman/v3/pkg/specgen" "github.com/cri-o/ocicni/pkg/ocicni" ) @@ -145,7 +144,7 @@ type ContainerInspectReport struct { } type ContainerStatReport struct { - copy.FileInfo + define.FileInfo } type CommitOptions struct { diff --git a/pkg/domain/entities/engine.go b/pkg/domain/entities/engine.go index f23d964e5..af996ad1e 100644 --- a/pkg/domain/entities/engine.go +++ b/pkg/domain/entities/engine.go @@ -1,11 +1,7 @@ package entities import ( - "context" - "io" - "github.com/containers/common/pkg/config" - "github.com/opentracing/opentracing-go" "github.com/spf13/pflag" ) @@ -37,22 +33,19 @@ type PodmanConfig struct { *config.Config *pflag.FlagSet - CGroupUsage string // rootless code determines Usage message - ConmonPath string // --conmon flag will set Engine.ConmonPath - CPUProfile string // Hidden: Should CPU profile be taken - EngineMode EngineMode // ABI or Tunneling mode - Identity string // ssh identity for connecting to server - MaxWorks int // maximum number of parallel threads - RegistriesConf string // allows for specifying a custom registries.conf - Remote bool // Connection to Podman API Service will use RESTful API - RuntimePath string // --runtime flag will set Engine.RuntimePath - RuntimeFlags []string // global flags for the container runtime - Span opentracing.Span // tracing object - SpanCloser io.Closer // Close() for tracing object - SpanCtx context.Context // context to use when tracing - Syslog bool // write to StdOut and Syslog, not supported when tunneling - Trace bool // Hidden: Trace execution - URI string // URI to RESTful API Service + CGroupUsage string // rootless code determines Usage message + ConmonPath string // --conmon flag will set Engine.ConmonPath + CPUProfile string // Hidden: Should CPU profile be taken + EngineMode EngineMode // ABI or Tunneling mode + Identity string // ssh identity for connecting to server + MaxWorks int // maximum number of parallel threads + RegistriesConf string // allows for specifying a custom registries.conf + Remote bool // Connection to Podman API Service will use RESTful API + RuntimePath string // --runtime flag will set Engine.RuntimePath + RuntimeFlags []string // global flags for the container runtime + Syslog bool // write to StdOut and Syslog, not supported when tunneling + Trace bool // Hidden: Trace execution + URI string // URI to RESTful API Service Runroot string StorageDriver string diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index 19109f873..7999d8209 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -203,6 +203,8 @@ type ImagePushOptions struct { SignBy string // SkipTLSVerify to skip HTTPS and certificate verification. SkipTLSVerify types.OptionalBool + // Progress to get progress notifications + Progress chan types.ProgressProperties } // ImageSearchOptions are the arguments for searching images. diff --git a/pkg/domain/entities/secrets.go b/pkg/domain/entities/secrets.go index 3481cbe05..8ede981da 100644 --- a/pkg/domain/entities/secrets.go +++ b/pkg/domain/entities/secrets.go @@ -42,6 +42,15 @@ type SecretInfoReport struct { Spec SecretSpec } +type SecretInfoReportCompat struct { + SecretInfoReport + Version SecretVersion +} + +type SecretVersion struct { + Index int +} + type SecretSpec struct { Name string Driver SecretDriverSpec @@ -78,6 +87,13 @@ type SwagSecretListResponse struct { Body []*SecretInfoReport } +// Secret list response +// swagger:response SecretListCompatResponse +type SwagSecretListCompatResponse struct { + // in:body + Body []*SecretInfoReportCompat +} + // Secret inspect response // swagger:response SecretInspectResponse type SwagSecretInspectResponse struct { @@ -85,6 +101,13 @@ type SwagSecretInspectResponse struct { Body SecretInfoReport } +// Secret inspect compat +// swagger:response SecretInspectCompatResponse +type SwagSecretInspectCompatResponse struct { + // in:body + Body SecretInfoReportCompat +} + // No such secret // swagger:response NoSuchSecret type SwagErrNoSuchSecret struct { diff --git a/pkg/domain/infra/abi/archive.go b/pkg/domain/infra/abi/archive.go index 528771ee7..2ea63aa5e 100644 --- a/pkg/domain/infra/abi/archive.go +++ b/pkg/domain/infra/abi/archive.go @@ -3,72 +3,16 @@ package abi import ( "context" "io" - "path/filepath" - "strings" - buildahCopiah "github.com/containers/buildah/copier" - "github.com/containers/buildah/pkg/chrootuser" - "github.com/containers/buildah/util" - "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/containers/storage" - "github.com/containers/storage/pkg/archive" - "github.com/containers/storage/pkg/idtools" - "github.com/opencontainers/runtime-spec/specs-go" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) -// NOTE: Only the parent directory of the container path must exist. The path -// itself may be created while copying. func (ic *ContainerEngine) ContainerCopyFromArchive(ctx context.Context, nameOrID string, containerPath string, reader io.Reader) (entities.ContainerCopyFunc, error) { container, err := ic.Libpod.LookupContainer(nameOrID) if err != nil { return nil, err } - - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - unmount := func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - } - - _, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) - if err != nil { - unmount() - return nil, err - } - - decompressed, err := archive.DecompressStream(reader) - if err != nil { - unmount() - return nil, err - } - - idMappings, idPair, err := getIDMappingsAndPair(container, resolvedRoot) - if err != nil { - unmount() - return nil, err - } - - logrus.Debugf("Container copy *to* %q (resolved: %q) on container %q (ID: %s)", containerPath, resolvedContainerPath, container.Name(), container.ID()) - - return func() error { - defer unmount() - defer decompressed.Close() - putOptions := buildahCopiah.PutOptions{ - UIDMap: idMappings.UIDMap, - GIDMap: idMappings.GIDMap, - ChownDirs: idPair, - ChownFiles: idPair, - } - return buildahCopiah.Put(resolvedRoot, resolvedContainerPath, putOptions, decompressed) - }, nil + return container.CopyFromArchive(ctx, containerPath, reader) } func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID string, containerPath string, writer io.Writer) (entities.ContainerCopyFunc, error) { @@ -76,108 +20,5 @@ func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID if err != nil { return nil, err } - - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - unmount := func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - } - - // Make sure that "/" copies the *contents* of the mount point and not - // the directory. - if containerPath == "/" { - containerPath = "/." - } - - statInfo, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) - if err != nil { - unmount() - return nil, err - } - - idMappings, idPair, err := getIDMappingsAndPair(container, resolvedRoot) - if err != nil { - unmount() - return nil, err - } - - logrus.Debugf("Container copy *from* %q (resolved: %q) on container %q (ID: %s)", containerPath, resolvedContainerPath, container.Name(), container.ID()) - - return func() error { - defer container.Unmount(false) - getOptions := buildahCopiah.GetOptions{ - // Unless the specified points to ".", we want to copy the base directory. - KeepDirectoryNames: statInfo.IsDir && filepath.Base(containerPath) != ".", - UIDMap: idMappings.UIDMap, - GIDMap: idMappings.GIDMap, - ChownDirs: idPair, - ChownFiles: idPair, - } - return buildahCopiah.Get(resolvedRoot, "", getOptions, []string{resolvedContainerPath}, writer) - }, nil -} - -// getIDMappingsAndPair returns the ID mappings for the container and the host -// ID pair. -func getIDMappingsAndPair(container *libpod.Container, containerMount string) (*storage.IDMappingOptions, *idtools.IDPair, error) { - user, err := getContainerUser(container, containerMount) - if err != nil { - return nil, nil, err - } - - idMappingOpts, err := container.IDMappings() - if err != nil { - return nil, nil, err - } - - hostUID, hostGID, err := util.GetHostIDs(idtoolsToRuntimeSpec(idMappingOpts.UIDMap), idtoolsToRuntimeSpec(idMappingOpts.GIDMap), user.UID, user.GID) - if err != nil { - return nil, nil, err - } - - idPair := idtools.IDPair{UID: int(hostUID), GID: int(hostGID)} - return &idMappingOpts, &idPair, nil -} - -// getContainerUser returns the specs.User of the container. -func getContainerUser(container *libpod.Container, mountPoint string) (specs.User, error) { - userspec := container.Config().User - - uid, gid, _, err := chrootuser.GetUser(mountPoint, userspec) - u := specs.User{ - UID: uid, - GID: gid, - Username: userspec, - } - - if !strings.Contains(userspec, ":") { - groups, err2 := chrootuser.GetAdditionalGroupsForUser(mountPoint, uint64(u.UID)) - if err2 != nil { - if errors.Cause(err2) != chrootuser.ErrNoSuchUser && err == nil { - err = err2 - } - } else { - u.AdditionalGids = groups - } - } - - return u, err -} - -// idtoolsToRuntimeSpec converts idtools ID mapping to the one of the runtime spec. -func idtoolsToRuntimeSpec(idMaps []idtools.IDMap) (convertedIDMap []specs.LinuxIDMapping) { - for _, idmap := range idMaps { - tempIDMap := specs.LinuxIDMapping{ - ContainerID: uint32(idmap.ContainerID), - HostID: uint32(idmap.HostID), - Size: uint32(idmap.Size), - } - convertedIDMap = append(convertedIDMap, tempIDMap) - } - return convertedIDMap + return container.CopyToArchive(ctx, containerPath, writer) } diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 4790bd58c..637531ee9 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -301,14 +301,14 @@ func (ic *ContainerEngine) ContainerRm(ctx context.Context, namesOrIds []string, for _, ctr := range names { logrus.Debugf("Evicting container %q", ctr) report := entities.RmReport{Id: ctr} - id, err := ic.Libpod.EvictContainer(ctx, ctr, options.Volumes) + _, err := ic.Libpod.EvictContainer(ctx, ctr, options.Volumes) if err != nil { if options.Ignore && errors.Cause(err) == define.ErrNoSuchCtr { logrus.Debugf("Ignoring error (--allow-missing): %v", err) reports = append(reports, &report) continue } - report.Err = errors.Wrapf(err, "failed to evict container: %q", id) + report.Err = err reports = append(reports, &report) continue } diff --git a/pkg/domain/infra/abi/containers_stat.go b/pkg/domain/infra/abi/containers_stat.go index 1baeb9178..98a23c70b 100644 --- a/pkg/domain/infra/abi/containers_stat.go +++ b/pkg/domain/infra/abi/containers_stat.go @@ -2,139 +2,20 @@ package abi import ( "context" - "os" - "path/filepath" - "strings" - buildahCopiah "github.com/containers/buildah/copier" - "github.com/containers/podman/v3/libpod" - "github.com/containers/podman/v3/pkg/copy" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) -func (ic *ContainerEngine) containerStat(container *libpod.Container, containerMountPoint string, containerPath string) (*entities.ContainerStatReport, string, string, error) { - // Make sure that "/" copies the *contents* of the mount point and not - // the directory. - if containerPath == "/" { - containerPath += "/." - } - - // Now resolve the container's path. It may hit a volume, it may hit a - // bind mount, it may be relative. - resolvedRoot, resolvedContainerPath, err := container.ResolvePath(context.Background(), containerMountPoint, containerPath) - if err != nil { - return nil, "", "", err - } - - statInfo, statInfoErr := secureStat(resolvedRoot, resolvedContainerPath) - if statInfoErr != nil { - // Not all errors from secureStat map to ErrNotExist, so we - // have to look into the error string. Turning it into an - // ENOENT let's the API handlers return the correct status code - // which is crucial for the remote client. - if os.IsNotExist(err) || strings.Contains(statInfoErr.Error(), "o such file or directory") { - statInfoErr = copy.ErrENOENT - } - // If statInfo is nil, there's nothing we can do anymore. A - // non-nil statInfo may indicate a symlink where we must have - // a closer look. - if statInfo == nil { - return nil, "", "", statInfoErr - } - } - - // Now make sure that the info's LinkTarget is relative to the - // container's mount. - var absContainerPath string - - if statInfo.IsSymlink { - // Evaluated symlinks are always relative to the container's mount point. - absContainerPath = statInfo.ImmediateTarget - } else if strings.HasPrefix(resolvedContainerPath, containerMountPoint) { - // If the path is on the container's mount point, strip it off. - absContainerPath = strings.TrimPrefix(resolvedContainerPath, containerMountPoint) - absContainerPath = filepath.Join("/", absContainerPath) - } else { - // No symlink and not on the container's mount point, so let's - // move it back to the original input. It must have evaluated - // to a volume or bind mount but we cannot return host paths. - absContainerPath = containerPath - } - - // Now we need to make sure to preserve the base path as specified by - // the user. The `filepath` packages likes to remove trailing slashes - // and dots that are crucial to the copy logic. - absContainerPath = copy.PreserveBasePath(containerPath, absContainerPath) - resolvedContainerPath = copy.PreserveBasePath(containerPath, resolvedContainerPath) - - info := copy.FileInfo{ - IsDir: statInfo.IsDir, - Name: filepath.Base(absContainerPath), - Size: statInfo.Size, - Mode: statInfo.Mode, - ModTime: statInfo.ModTime, - LinkTarget: absContainerPath, - } - - return &entities.ContainerStatReport{FileInfo: info}, resolvedRoot, resolvedContainerPath, statInfoErr -} - func (ic *ContainerEngine) ContainerStat(ctx context.Context, nameOrID string, containerPath string) (*entities.ContainerStatReport, error) { container, err := ic.Libpod.LookupContainer(nameOrID) if err != nil { return nil, err } - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - defer func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - }() - - statReport, _, _, err := ic.containerStat(container, containerMountPoint, containerPath) - return statReport, err -} - -// secureStat extracts file info for path in a chroot'ed environment in root. -func secureStat(root string, path string) (*buildahCopiah.StatForItem, error) { - var glob string - var err error - - // If root and path are equal, then dir must be empty and the glob must - // be ".". - if filepath.Clean(root) == filepath.Clean(path) { - glob = "." - } else { - glob, err = filepath.Rel(root, path) - if err != nil { - return nil, err - } - } - - globStats, err := buildahCopiah.Stat(root, "", buildahCopiah.StatOptions{}, []string{glob}) - if err != nil { - return nil, err - } - - if len(globStats) != 1 { - return nil, errors.Errorf("internal error: secureStat: expected 1 item but got %d", len(globStats)) - } - - stat, exists := globStats[0].Results[glob] // only one glob passed, so that's okay - if !exists { - return nil, copy.ErrENOENT - } + info, err := container.Stat(ctx, containerPath) - var statErr error - if stat.Error != "" { - statErr = errors.New(stat.Error) + if info != nil { + return &entities.ContainerStatReport{FileInfo: *info}, err } - return stat, statErr + return nil, err } diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 46d967789..c02eb2bfc 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -247,7 +247,7 @@ func pull(ctx context.Context, runtime *image.Runtime, rawImage string, options } if !options.AllTags { - newImage, err := runtime.New(ctx, rawImage, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, label, options.PullPolicy) + newImage, err := runtime.New(ctx, rawImage, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, label, options.PullPolicy, nil) if err != nil { return nil, err } @@ -280,7 +280,7 @@ func pull(ctx context.Context, runtime *image.Runtime, rawImage string, options foundIDs := []string{} for _, tag := range tags { name := rawImage + ":" + tag - newImage, err := runtime.New(ctx, name, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, nil, util.PullImageAlways) + newImage, err := runtime.New(ctx, name, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, nil, util.PullImageAlways, nil) if err != nil { logrus.Errorf("error pulling image %q", name) continue @@ -376,7 +376,8 @@ func (ir *ImageEngine) Push(ctx context.Context, source string, destination stri options.Compress, signOptions, &dockerRegistryOptions, - nil) + nil, + options.Progress) if err != nil && errors.Cause(err) != storage.ErrImageUnknown { // Image might be a manifest list so attempt a manifest push if _, manifestErr := ir.ManifestPush(ctx, source, destination, options); manifestErr == nil { @@ -583,8 +584,9 @@ func (ir *ImageEngine) Remove(ctx context.Context, images []string, opts entitie report.Deleted = append(report.Deleted, results.Deleted) report.Untagged = append(report.Untagged, results.Untagged...) return nil - case storage.ErrImageUnknown: - // The image must have been removed already (see #6510). + case storage.ErrImageUnknown, storage.ErrLayerUnknown: + // The image must have been removed already (see #6510) + // or the storage is corrupted (see #9617). report.Deleted = append(report.Deleted, img.ID()) report.Untagged = append(report.Untagged, img.ID()) return nil @@ -638,6 +640,10 @@ func (ir *ImageEngine) Remove(ctx context.Context, images []string, opts entitie for _, id := range images { img, err := ir.Libpod.ImageRuntime().NewFromLocal(id) if err != nil { + // attempt to remove image from storage + if forceErr := ir.Libpod.RemoveImageFromStorage(id); forceErr == nil { + continue + } rmErrors = append(rmErrors, err) continue } diff --git a/pkg/domain/infra/abi/network.go b/pkg/domain/infra/abi/network.go index 50a74032c..edde8ece6 100644 --- a/pkg/domain/infra/abi/network.go +++ b/pkg/domain/infra/abi/network.go @@ -96,7 +96,15 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o } // We need to iterate containers looking to see if they belong to the given network for _, c := range containers { - if util.StringInSlice(name, c.Config().Networks) { + networks, _, err := c.Networks() + // if container vanished or network does not exist, go to next container + if errors.Is(err, define.ErrNoSuchNetwork) || errors.Is(err, define.ErrNoSuchCtr) { + continue + } + if err != nil { + return reports, err + } + if util.StringInSlice(name, networks) { // if user passes force, we nuke containers and pods if !options.Force { // Without the force option, we return an error diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index c5e20a607..b7ca69281 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -221,7 +221,7 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY } // This ensures the image is the image store - newImage, err := ic.Libpod.ImageRuntime().New(ctx, container.Image, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullPolicy) + newImage, err := ic.Libpod.ImageRuntime().New(ctx, container.Image, options.SignaturePolicy, options.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullPolicy, nil) if err != nil { return nil, err } diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go index bf5dee2ce..34c9138e3 100644 --- a/pkg/registries/registries.go +++ b/pkg/registries/registries.go @@ -24,7 +24,10 @@ var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/re // FIXME: This should be centralized in a global SystemContext initializer inherited throughout the code, // not haphazardly called throughout the way it is being called now. func SystemRegistriesConfPath() string { - if envOverride := os.Getenv("REGISTRIES_CONFIG_PATH"); len(envOverride) > 0 { + if envOverride, ok := os.LookupEnv("CONTAINERS_REGISTRIES_CONF"); ok { + return envOverride + } + if envOverride, ok := os.LookupEnv("REGISTRIES_CONFIG_PATH"); ok { return envOverride } diff --git a/pkg/specgen/generate/config_linux.go b/pkg/specgen/generate/config_linux.go index 2792d0cb7..5c945cff3 100644 --- a/pkg/specgen/generate/config_linux.go +++ b/pkg/specgen/generate/config_linux.go @@ -8,6 +8,7 @@ import ( "path/filepath" "strings" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/util" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -37,7 +38,7 @@ func addPrivilegedDevices(g *generate.Generator) error { for _, d := range hostDevices { devMnt := spec.Mount{ Destination: d.Path, - Type: TypeBind, + Type: define.TypeBind, Source: d.Path, Options: []string{"slave", "nosuid", "noexec", "rw", "rbind"}, } @@ -259,7 +260,7 @@ func addDevice(g *generate.Generator, device string) error { } devMnt := spec.Mount{ Destination: dst, - Type: TypeBind, + Type: define.TypeBind, Source: src, Options: []string{"slave", "nosuid", "noexec", perm, "rbind"}, } diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index 23a9ce831..4eae09a5e 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -2,12 +2,14 @@ package generate import ( "context" + "path" "strings" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/libpod/image" + "github.com/containers/podman/v3/pkg/cgroups" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/specgen" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -157,8 +159,32 @@ func canMountSys(isRootless, isNewUserns bool, s *specgen.SpecGenerator) bool { return true } +func getCGroupPermissons(unmask []string) string { + ro := "ro" + rw := "rw" + cgroup := "/sys/fs/cgroup" + + cgroupv2, _ := cgroups.IsCgroup2UnifiedMode() + if !cgroupv2 { + return ro + } + + if unmask != nil && unmask[0] == "ALL" { + return rw + } + + for _, p := range unmask { + if path.Clean(p) == cgroup { + return rw + } + } + return ro +} + +// SpecGenToOCI returns the base configuration for the container. func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string) (*spec.Spec, error) { - cgroupPerm := "ro" + cgroupPerm := getCGroupPermissons(s.Unmask) + g, err := generate.New("linux") if err != nil { return nil, err @@ -251,7 +277,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt g.RemoveMount("/proc") procMount := spec.Mount{ Destination: "/proc", - Type: TypeBind, + Type: define.TypeBind, Source: "/proc", Options: []string{"rbind", "nosuid", "noexec", "nodev"}, } diff --git a/pkg/specgen/generate/storage.go b/pkg/specgen/generate/storage.go index 0bb1421f6..e135f4728 100644 --- a/pkg/specgen/generate/storage.go +++ b/pkg/specgen/generate/storage.go @@ -10,6 +10,7 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" @@ -18,16 +19,6 @@ import ( "github.com/sirupsen/logrus" ) -// TODO unify this in one place - maybe libpod/define -const ( - // TypeBind is the type for mounting host dir - TypeBind = "bind" - // TypeVolume is the type for named volumes - TypeVolume = "volume" - // TypeTmpfs is the type for mounting tmpfs - TypeTmpfs = "tmpfs" -) - var ( errDuplicateDest = errors.Errorf("duplicate mount destination") ) @@ -156,7 +147,7 @@ func finalizeMounts(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Ru // Final step: maps to arrays finalMounts := make([]spec.Mount, 0, len(baseMounts)) for _, mount := range baseMounts { - if mount.Type == TypeBind { + if mount.Type == define.TypeBind { absSrc, err := filepath.Abs(mount.Source) if err != nil { return nil, nil, nil, errors.Wrapf(err, "error getting absolute path of %s", mount.Source) @@ -208,8 +199,8 @@ func getImageVolumes(ctx context.Context, img *image.Image, s *specgen.SpecGener case "tmpfs": mount := spec.Mount{ Destination: cleanDest, - Source: TypeTmpfs, - Type: TypeTmpfs, + Source: define.TypeTmpfs, + Type: define.TypeTmpfs, Options: []string{"rprivate", "rw", "nodev", "exec"}, } mounts[cleanDest] = mount @@ -277,7 +268,7 @@ func getVolumesFrom(volumesFrom []string, runtime *libpod.Runtime) (map[string]s return nil, nil, errors.Errorf("error retrieving container %s spec for volumes-from", ctr.ID()) } for _, mnt := range spec.Mounts { - if mnt.Type != TypeBind { + if mnt.Type != define.TypeBind { continue } if _, exists := userVolumes[mnt.Destination]; exists { @@ -338,9 +329,9 @@ func getVolumesFrom(volumesFrom []string, runtime *libpod.Runtime) (map[string]s func addContainerInitBinary(s *specgen.SpecGenerator, path string) (spec.Mount, error) { mount := spec.Mount{ Destination: "/dev/init", - Type: TypeBind, + Type: define.TypeBind, Source: path, - Options: []string{TypeBind, "ro"}, + Options: []string{define.TypeBind, "ro"}, } if path == "" { @@ -393,13 +384,13 @@ func SupersedeUserMounts(mounts []spec.Mount, configMount []spec.Mount) []spec.M func InitFSMounts(mounts []spec.Mount) error { for i, m := range mounts { switch { - case m.Type == TypeBind: + case m.Type == define.TypeBind: opts, err := util.ProcessOptions(m.Options, false, m.Source) if err != nil { return err } mounts[i].Options = opts - case m.Type == TypeTmpfs && filepath.Clean(m.Destination) != "/dev": + case m.Type == define.TypeTmpfs && filepath.Clean(m.Destination) != "/dev": opts, err := util.ProcessOptions(m.Options, true, "") if err != nil { return err diff --git a/pkg/terminal/util.go b/pkg/terminal/util.go index 231b47974..04e12f6b3 100644 --- a/pkg/terminal/util.go +++ b/pkg/terminal/util.go @@ -10,11 +10,11 @@ import ( "path/filepath" "sync" + "github.com/containers/storage/pkg/homedir" "github.com/sirupsen/logrus" "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/knownhosts" "golang.org/x/crypto/ssh/terminal" - "k8s.io/client-go/util/homedir" ) var ( @@ -105,7 +105,7 @@ func ReadLogin() []byte { func HostKey(host string) ssh.PublicKey { // parse OpenSSH known_hosts file // ssh or use ssh-keyscan to get initial key - knownHosts := filepath.Join(homedir.HomeDir(), ".ssh", "known_hosts") + knownHosts := filepath.Join(homedir.Get(), ".ssh", "known_hosts") fd, err := os.Open(knownHosts) if err != nil { logrus.Error(err) diff --git a/pkg/tracing/tracing.go b/pkg/tracing/tracing.go deleted file mode 100644 index 5be24faaa..000000000 --- a/pkg/tracing/tracing.go +++ /dev/null @@ -1,29 +0,0 @@ -package tracing - -import ( - "fmt" - "io" - - "github.com/opentracing/opentracing-go" - "github.com/uber/jaeger-client-go" - "github.com/uber/jaeger-client-go/config" -) - -// Init returns an instance of Jaeger Tracer that samples 100% of traces and logs all spans to stdout. -func Init(service string) (opentracing.Tracer, io.Closer) { - cfg := &config.Configuration{ - ServiceName: service, - Sampler: &config.SamplerConfig{ - Type: "const", - Param: 1, - }, - Reporter: &config.ReporterConfig{ - LogSpans: true, - }, - } - tracer, closer, err := cfg.NewTracer(config.Logger(jaeger.StdLogger)) - if err != nil { - panic(fmt.Sprintf("ERROR: cannot init Jaeger: %v\n", err)) - } - return tracer, closer -} |