diff options
Diffstat (limited to 'pkg')
27 files changed, 210 insertions, 46 deletions
diff --git a/pkg/api/handlers/compat/secrets.go b/pkg/api/handlers/compat/secrets.go index 86e3887a4..7dd17ea94 100644 --- a/pkg/api/handlers/compat/secrets.go +++ b/pkg/api/handlers/compat/secrets.go @@ -11,31 +11,25 @@ import ( "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" - "github.com/gorilla/schema" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" ) func ListSecrets(w http.ResponseWriter, r *http.Request) { var ( runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) ) - query := struct { - Filters map[string][]string `schema:"filters"` - }{} - - if err := decoder.Decode(&query, r.URL.Query()); err != nil { - utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + filtersMap, err := util.PrepareFilters(r) + if err != nil { + utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } - if len(query.Filters) > 0 { - utils.Error(w, "filters not supported", http.StatusBadRequest, - errors.Wrapf(errors.New("bad parameter"), "filters not supported")) - return - } ic := abi.ContainerEngine{Libpod: runtime} - reports, err := ic.SecretList(r.Context()) + listOptions := entities.SecretListRequest{ + Filters: *filtersMap, + } + reports, err := ic.SecretList(r.Context(), listOptions) if err != nil { utils.InternalServerError(w, err) return diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index b36cb75f1..2a32966cc 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -1028,7 +1028,8 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // - in: query // name: t // type: integer - // description: timeout before sending kill signal to container + // default: 10 + // description: number of seconds to wait before killing container // produces: // - application/json // responses: diff --git a/pkg/api/server/register_secrets.go b/pkg/api/server/register_secrets.go index ca9790e93..129912179 100644 --- a/pkg/api/server/register_secrets.go +++ b/pkg/api/server/register_secrets.go @@ -44,6 +44,14 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - secrets // summary: List secrets // description: Returns a list of secrets + // parameters: + // - in: query + // name: filters + // type: string + // description: | + // JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: + // - `name=[name]` Matches secrets name (accepts regex). + // - `id=[id]` Matches for full or partial ID. // produces: // - application/json // parameters: @@ -110,6 +118,14 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - secrets (compat) // summary: List secrets // description: Returns a list of secrets + // parameters: + // - in: query + // name: filters + // type: string + // description: | + // JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: + // - `name=[name]` Matches secrets name (accepts regex). + // - `id=[id]` Matches for full or partial ID. // produces: // - application/json // parameters: diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 39e0fc5df..3beafa585 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -501,6 +501,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { if err != nil { return err } + hdr.Uid, hdr.Gid = 0, 0 orig, ok := seen[di] if ok { hdr.Typeflag = tar.TypeLink @@ -532,6 +533,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { return lerr } hdr.Name = name + hdr.Uid, hdr.Gid = 0, 0 if lerr := tw.WriteHeader(hdr); lerr != nil { return lerr } @@ -545,6 +547,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { return lerr } hdr.Name = name + hdr.Uid, hdr.Gid = 0, 0 if lerr := tw.WriteHeader(hdr); lerr != nil { return lerr } diff --git a/pkg/bindings/secrets/secrets.go b/pkg/bindings/secrets/secrets.go index b741d3e5c..c439971c9 100644 --- a/pkg/bindings/secrets/secrets.go +++ b/pkg/bindings/secrets/secrets.go @@ -18,7 +18,11 @@ func List(ctx context.Context, options *ListOptions) ([]*entities.SecretInfoRepo if err != nil { return nil, err } - response, err := conn.DoRequest(nil, http.MethodGet, "/secrets/json", nil, nil) + params, err := options.ToParams() + if err != nil { + return nil, err + } + response, err := conn.DoRequest(nil, http.MethodGet, "/secrets/json", params, nil) if err != nil { return secrs, err } diff --git a/pkg/bindings/secrets/types.go b/pkg/bindings/secrets/types.go index a64dea1b4..01c3c248d 100644 --- a/pkg/bindings/secrets/types.go +++ b/pkg/bindings/secrets/types.go @@ -3,6 +3,7 @@ package secrets //go:generate go run ../generator/generator.go ListOptions // ListOptions are optional options for inspecting secrets type ListOptions struct { + Filters map[string][]string } //go:generate go run ../generator/generator.go InspectOptions diff --git a/pkg/bindings/secrets/types_list_options.go b/pkg/bindings/secrets/types_list_options.go index 568e021a8..e4501dde8 100644 --- a/pkg/bindings/secrets/types_list_options.go +++ b/pkg/bindings/secrets/types_list_options.go @@ -19,3 +19,19 @@ func (o *ListOptions) Changed(fieldName string) bool { func (o *ListOptions) ToParams() (url.Values, error) { return util.ToParams(o) } + +// WithFilters +func (o *ListOptions) WithFilters(value map[string][]string) *ListOptions { + v := value + o.Filters = v + return o +} + +// GetFilters +func (o *ListOptions) GetFilters() map[string][]string { + var filters map[string][]string + if o.Filters == nil { + return filters + } + return o.Filters +} diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go index bd011d309..3da31d8a0 100644 --- a/pkg/domain/entities/engine_container.go +++ b/pkg/domain/entities/engine_container.go @@ -72,6 +72,7 @@ type ContainerEngine interface { PodExists(ctx context.Context, nameOrID string) (*BoolReport, error) PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error) PodKill(ctx context.Context, namesOrIds []string, options PodKillOptions) ([]*PodKillReport, error) + PodLogs(ctx context.Context, pod string, options PodLogsOptions) error PodPause(ctx context.Context, namesOrIds []string, options PodPauseOptions) ([]*PodPauseReport, error) PodPrune(ctx context.Context, options PodPruneOptions) ([]*PodPruneReport, error) PodPs(ctx context.Context, options PodPSOptions) ([]*ListPodsReport, error) @@ -85,7 +86,7 @@ type ContainerEngine interface { SetupRootless(ctx context.Context, noMoveProcess bool) error SecretCreate(ctx context.Context, name string, reader io.Reader, options SecretCreateOptions) (*SecretCreateReport, error) SecretInspect(ctx context.Context, nameOrIDs []string) ([]*SecretInfoReport, []error, error) - SecretList(ctx context.Context) ([]*SecretInfoReport, error) + SecretList(ctx context.Context, opts SecretListRequest) ([]*SecretInfoReport, error) SecretRm(ctx context.Context, nameOrID []string, opts SecretRmOptions) ([]*SecretRmReport, error) Shutdown(ctx context.Context) SystemDf(ctx context.Context, options SystemDfOptions) (*SystemDfReport, error) diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 10bd7e5ce..d9dd0c532 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -133,6 +133,14 @@ type PodCreateOptions struct { Userns specgen.Namespace } +// PodLogsOptions describes the options to extract pod logs. +type PodLogsOptions struct { + // Other fields are exactly same as ContainerLogOpts + ContainerLogsOptions + // If specified will only fetch the logs of specified container + ContainerName string +} + type ContainerCreateOptions struct { Annotation []string Attach []string @@ -426,3 +434,22 @@ func ValidatePodStatsOptions(args []string, options *PodStatsOptions) error { return errors.New("--all, --latest and arguments cannot be used together") } } + +// Converts PodLogOptions to ContainerLogOptions +func PodLogsOptionsToContainerLogsOptions(options PodLogsOptions) ContainerLogsOptions { + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := ContainerLogsOptions{ + Details: options.Details, + Latest: options.Latest, + Follow: options.Follow, + Names: options.Names, + Since: options.Since, + Until: options.Until, + Tail: options.Tail, + Timestamps: options.Timestamps, + StdoutWriter: options.StdoutWriter, + StderrWriter: options.StderrWriter, + } + return containerLogsOpts +} diff --git a/pkg/domain/entities/secrets.go b/pkg/domain/entities/secrets.go index 56a1465b7..55b470d7b 100644 --- a/pkg/domain/entities/secrets.go +++ b/pkg/domain/entities/secrets.go @@ -16,7 +16,7 @@ type SecretCreateOptions struct { } type SecretListRequest struct { - Filters map[string]string + Filters map[string][]string } type SecretListReport struct { diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go index 98233f60d..6b432c214 100644 --- a/pkg/domain/infra/abi/pods.go +++ b/pkg/domain/infra/abi/pods.go @@ -83,6 +83,46 @@ func (ic *ContainerEngine) PodKill(ctx context.Context, namesOrIds []string, opt return reports, nil } +func (ic *ContainerEngine) PodLogs(ctx context.Context, nameOrID string, options entities.PodLogsOptions) error { + // Implementation accepts slice + podName := []string{nameOrID} + pod, err := getPodsByContext(false, options.Latest, podName, ic.Libpod) + if err != nil { + return err + } + // Get pod containers + podCtrs, err := pod[0].AllContainers() + if err != nil { + return err + } + + ctrNames := []string{} + // Check if `kubectl pod logs -c ctrname <podname>` alike command is used + if options.ContainerName != "" { + ctrFound := false + for _, ctr := range podCtrs { + if ctr.ID() == options.ContainerName || ctr.Name() == options.ContainerName { + ctrNames = append(ctrNames, options.ContainerName) + ctrFound = true + } + } + if !ctrFound { + return errors.Wrapf(define.ErrNoSuchCtr, "container %s is not in pod %s", options.ContainerName, nameOrID) + } + } else { + // No container name specified select all containers + for _, ctr := range podCtrs { + ctrNames = append(ctrNames, ctr.Name()) + } + } + + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := entities.PodLogsOptionsToContainerLogsOptions(options) + + return ic.ContainerLogs(ctx, ctrNames, containerLogsOpts) +} + func (ic *ContainerEngine) PodPause(ctx context.Context, namesOrIds []string, options entities.PodPauseOptions) ([]*entities.PodPauseReport, error) { reports := []*entities.PodPauseReport{} pods, err := getPodsByContext(options.All, options.Latest, namesOrIds, ic.Libpod) diff --git a/pkg/domain/infra/abi/secrets.go b/pkg/domain/infra/abi/secrets.go index 0bdb4ce60..2bf8eaae3 100644 --- a/pkg/domain/infra/abi/secrets.go +++ b/pkg/domain/infra/abi/secrets.go @@ -7,6 +7,7 @@ import ( "path/filepath" "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/domain/utils" "github.com/pkg/errors" ) @@ -84,7 +85,7 @@ func (ic *ContainerEngine) SecretInspect(ctx context.Context, nameOrIDs []string return reports, errs, nil } -func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretInfoReport, error) { +func (ic *ContainerEngine) SecretList(ctx context.Context, opts entities.SecretListRequest) ([]*entities.SecretInfoReport, error) { manager, err := ic.Libpod.SecretsManager() if err != nil { return nil, err @@ -95,19 +96,25 @@ func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretIn } report := make([]*entities.SecretInfoReport, 0, len(secretList)) for _, secret := range secretList { - reportItem := entities.SecretInfoReport{ - ID: secret.ID, - CreatedAt: secret.CreatedAt, - UpdatedAt: secret.CreatedAt, - Spec: entities.SecretSpec{ - Name: secret.Name, - Driver: entities.SecretDriverSpec{ - Name: secret.Driver, - Options: secret.DriverOptions, + result, err := utils.IfPassesSecretsFilter(secret, opts.Filters) + if err != nil { + return nil, err + } + if result { + reportItem := entities.SecretInfoReport{ + ID: secret.ID, + CreatedAt: secret.CreatedAt, + UpdatedAt: secret.CreatedAt, + Spec: entities.SecretSpec{ + Name: secret.Name, + Driver: entities.SecretDriverSpec{ + Name: secret.Driver, + Options: secret.DriverOptions, + }, }, - }, + } + report = append(report, &reportItem) } - report = append(report, &reportItem) } return report, nil } diff --git a/pkg/domain/infra/tunnel/pods.go b/pkg/domain/infra/tunnel/pods.go index 480adb88a..8139216b3 100644 --- a/pkg/domain/infra/tunnel/pods.go +++ b/pkg/domain/infra/tunnel/pods.go @@ -42,6 +42,16 @@ func (ic *ContainerEngine) PodKill(ctx context.Context, namesOrIds []string, opt return reports, nil } +func (ic *ContainerEngine) PodLogs(_ context.Context, nameOrIDs string, options entities.PodLogsOptions) error { + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := entities.PodLogsOptionsToContainerLogsOptions(options) + + // interface only accepts slice, keep everything consistent + name := []string{options.ContainerName} + return ic.ContainerLogs(nil, name, containerLogsOpts) +} + func (ic *ContainerEngine) PodPause(ctx context.Context, namesOrIds []string, options entities.PodPauseOptions) ([]*entities.PodPauseReport, error) { foundPods, err := getPodsByContext(ic.ClientCtx, options.All, namesOrIds) if err != nil { diff --git a/pkg/domain/infra/tunnel/secrets.go b/pkg/domain/infra/tunnel/secrets.go index ecbb80931..6337c7fbe 100644 --- a/pkg/domain/infra/tunnel/secrets.go +++ b/pkg/domain/infra/tunnel/secrets.go @@ -43,8 +43,9 @@ func (ic *ContainerEngine) SecretInspect(ctx context.Context, nameOrIDs []string return allInspect, errs, nil } -func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretInfoReport, error) { - secrs, _ := secrets.List(ic.ClientCtx, nil) +func (ic *ContainerEngine) SecretList(ctx context.Context, opts entities.SecretListRequest) ([]*entities.SecretInfoReport, error) { + options := new(secrets.ListOptions).WithFilters(opts.Filters) + secrs, _ := secrets.List(ic.ClientCtx, options) return secrs, nil } diff --git a/pkg/domain/utils/secrets_filters.go b/pkg/domain/utils/secrets_filters.go new file mode 100644 index 000000000..3ff7c7530 --- /dev/null +++ b/pkg/domain/utils/secrets_filters.go @@ -0,0 +1,24 @@ +package utils + +import ( + "strings" + + "github.com/containers/common/pkg/secrets" + "github.com/containers/podman/v3/pkg/util" + "github.com/pkg/errors" +) + +func IfPassesSecretsFilter(s secrets.Secret, filters map[string][]string) (bool, error) { + result := true + for key, filterValues := range filters { + switch strings.ToLower(key) { + case "name": + result = util.StringMatchRegexSlice(s.Name, filterValues) + case "id": + result = util.StringMatchRegexSlice(s.ID, filterValues) + default: + return false, errors.Errorf("invalid filter %q", key) + } + } + return result, nil +} diff --git a/pkg/machine/config.go b/pkg/machine/config.go index db9bfa7de..cad71ba49 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/connection.go b/pkg/machine/connection.go index 3edcbd10e..ed1093264 100644 --- a/pkg/machine/connection.go +++ b/pkg/machine/connection.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/fcos.go b/pkg/machine/fcos.go index 85cedcd5a..4ea965b7f 100644 --- a/pkg/machine/fcos.go +++ b/pkg/machine/fcos.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 1d77083d0..a9289d6b3 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/ignition_schema.go b/pkg/machine/ignition_schema.go index 6ac8af826..aa4b8e060 100644 --- a/pkg/machine/ignition_schema.go +++ b/pkg/machine/ignition_schema.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/keys.go b/pkg/machine/keys.go index 81ec44ea8..319fc2b4e 100644 --- a/pkg/machine/keys.go +++ b/pkg/machine/keys.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/pull.go b/pkg/machine/pull.go index 662896de5..f79ac6ec4 100644 --- a/pkg/machine/pull.go +++ b/pkg/machine/pull.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 013f28960..3d0fa4094 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package qemu diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index dc7703724..855a39c56 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package qemu diff --git a/pkg/machine/qemu/options_darwin.go b/pkg/machine/qemu/options_darwin.go index 440937131..124358db8 100644 --- a/pkg/machine/qemu/options_darwin.go +++ b/pkg/machine/qemu/options_darwin.go @@ -2,14 +2,12 @@ package qemu import ( "os" - - "github.com/pkg/errors" ) func getRuntimeDir() (string, error) { tmpDir, ok := os.LookupEnv("TMPDIR") if !ok { - return "", errors.New("unable to resolve TMPDIR") + tmpDir = "/tmp" } return tmpDir, nil } diff --git a/pkg/machine/qemu/options_darwin_arm64.go b/pkg/machine/qemu/options_darwin_arm64.go index 8c651584e..43cd3d69d 100644 --- a/pkg/machine/qemu/options_darwin_arm64.go +++ b/pkg/machine/qemu/options_darwin_arm64.go @@ -1,6 +1,7 @@ package qemu import ( + "os" "os/exec" "path/filepath" ) @@ -16,7 +17,7 @@ func (v *MachineVM) addArchOptions() []string { "-accel", "tcg", "-cpu", "cortex-a57", "-M", "virt,highmem=off", - "-drive", "file=/usr/local/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on", + "-drive", "file=" + getEdk2CodeFd("edk2-aarch64-code.fd") + ",if=pflash,format=raw,readonly=on", "-drive", "file=" + ovmfDir + ",if=pflash,format=raw"} return opts } @@ -35,3 +36,23 @@ func (v *MachineVM) archRemovalFiles() []string { func getOvmfDir(imagePath, vmName string) string { return filepath.Join(filepath.Dir(imagePath), vmName+"_ovmf_vars.fd") } + +/* + * QEmu can be installed in multiple locations on MacOS, especially on + * Apple Silicon systems. A build from source will likely install it in + * /usr/local/bin, whereas Homebrew package management standard is to + * install in /opt/homebrew + */ +func getEdk2CodeFd(name string) string { + dirs := []string{ + "/usr/local/share/qemu", + "/opt/homebrew/share/qemu", + } + for _, dir := range dirs { + fullpath := filepath.Join(dir, name) + if _, err := os.Stat(fullpath); err == nil { + return fullpath + } + } + return name +} diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index cb992d8b6..6eba0bc3c 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -1,4 +1,4 @@ -// +build linux darwin +// +build !windows package util |