diff options
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/api/handlers/compat/containers_stop.go | 4 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/images_build.go | 36 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/images_push.go | 121 | ||||
| -rw-r--r-- | pkg/api/handlers/libpod/images.go | 1 | ||||
| -rw-r--r-- | pkg/bindings/images/build.go | 22 | ||||
| -rw-r--r-- | pkg/copy/fileinfo.go | 11 | ||||
| -rw-r--r-- | pkg/domain/entities/containers.go | 3 | ||||
| -rw-r--r-- | pkg/domain/entities/engine.go | 33 | ||||
| -rw-r--r-- | pkg/domain/entities/images.go | 2 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/archive.go | 163 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/containers_stat.go | 127 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/images.go | 3 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/network.go | 10 | ||||
| -rw-r--r-- | pkg/specgen/generate/config_linux.go | 5 | ||||
| -rw-r--r-- | pkg/specgen/generate/oci.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/storage.go | 27 | ||||
| -rw-r--r-- | pkg/terminal/util.go | 4 | ||||
| -rw-r--r-- | pkg/tracing/tracing.go | 29 |
18 files changed, 211 insertions, 392 deletions
diff --git a/pkg/api/handlers/compat/containers_stop.go b/pkg/api/handlers/compat/containers_stop.go index 0526865b9..3ae223693 100644 --- a/pkg/api/handlers/compat/containers_stop.go +++ b/pkg/api/handlers/compat/containers_stop.go @@ -39,11 +39,11 @@ func StopContainer(w http.ResponseWriter, r *http.Request) { Ignore: query.Ignore, } if utils.IsLibpodRequest(r) { - if query.LibpodTimeout > 0 { + if _, found := r.URL.Query()["timeout"]; found { options.Timeout = &query.LibpodTimeout } } else { - if query.DockerTimeout > 0 { + if _, found := r.URL.Query()["t"]; found { options.Timeout = &query.DockerTimeout } } diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index e06f93b89..392f688dd 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -77,6 +77,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Devices string `schema:"devices"` Dockerfile string `schema:"dockerfile"` DropCapabilities string `schema:"dropcaps"` + DNSServers string `schema:"dnsservers"` + DNSOptions string `schema:"dnsoptions"` + DNSSearch string `schema:"dnssearch"` Excludes string `schema:"excludes"` ForceRm bool `schema:"forcerm"` From string `schema:"from"` @@ -160,6 +163,36 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { devices = m } + var dnsservers = []string{} + if _, found := r.URL.Query()["dnsservers"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSServers), &m); err != nil { + utils.BadRequest(w, "dnsservers", query.DNSServers, err) + return + } + dnsservers = m + } + + var dnsoptions = []string{} + if _, found := r.URL.Query()["dnsoptions"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSOptions), &m); err != nil { + utils.BadRequest(w, "dnsoptions", query.DNSOptions, err) + return + } + dnsoptions = m + } + + var dnssearch = []string{} + if _, found := r.URL.Query()["dnssearch"]; found { + var m = []string{} + if err := json.Unmarshal([]byte(query.DNSSearch), &m); err != nil { + utils.BadRequest(w, "dnssearches", query.DNSSearch, err) + return + } + dnssearch = m + } + var output string if len(query.Tag) > 0 { output = query.Tag[0] @@ -285,6 +318,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { CPUQuota: query.CpuQuota, CPUShares: query.CpuShares, CPUSetCPUs: query.CpuSetCpus, + DNSServers: dnsservers, + DNSOptions: dnsoptions, + DNSSearch: dnssearch, HTTPProxy: query.HTTPProxy, Memory: query.Memory, MemorySwap: query.MemSwap, diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go index 4f613338f..db02af445 100644 --- a/pkg/api/handlers/compat/images_push.go +++ b/pkg/api/handlers/compat/images_push.go @@ -1,6 +1,8 @@ package compat import ( + "context" + "encoding/json" "fmt" "io/ioutil" "net/http" @@ -10,11 +12,14 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/auth" + "github.com/containers/podman/v3/pkg/channel" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/storage" + "github.com/docker/docker/pkg/jsonmessage" "github.com/gorilla/schema" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // PushImage is the handler for the compat http endpoint for pushing images. @@ -82,6 +87,8 @@ func PushImage(w http.ResponseWriter, r *http.Request) { Password: password, Username: username, DigestFile: digestFile.Name(), + Quiet: true, + Progress: make(chan types.ProgressProperties), } if _, found := r.URL.Query()["tlsVerify"]; found { options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) @@ -94,31 +101,103 @@ func PushImage(w http.ResponseWriter, r *http.Request) { destination = imageName } - if err := imageEngine.Push(r.Context(), imageName, destination, options); err != nil { - if errors.Cause(err) != storage.ErrImageUnknown { - utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName)) - return + errorWriter := channel.NewWriter(make(chan []byte)) + defer errorWriter.Close() + + statusWriter := channel.NewWriter(make(chan []byte)) + defer statusWriter.Close() + + runCtx, cancel := context.WithCancel(context.Background()) + var failed bool + + go func() { + defer cancel() + + statusWriter.Write([]byte(fmt.Sprintf("The push refers to repository [%s]", imageName))) + + err := imageEngine.Push(runCtx, imageName, destination, options) + if err != nil { + if errors.Cause(err) != storage.ErrImageUnknown { + errorWriter.Write([]byte("An image does not exist locally with the tag: " + imageName)) + } else { + errorWriter.Write([]byte(err.Error())) + } } + }() - utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "error pushing image %q", imageName)) - return + flush := func() { + if flusher, ok := w.(http.Flusher); ok { + flusher.Flush() + } } - digestBytes, err := ioutil.ReadAll(digestFile) - if err != nil { - utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to read digest tmp file")) - return - } + w.WriteHeader(http.StatusOK) + w.Header().Add("Content-Type", "application/json") + flush() - tag := query.Tag - if tag == "" { - tag = "latest" - } - respData := struct { - Status string `json:"status"` - }{ - Status: fmt.Sprintf("%s: digest: %s size: null", tag, string(digestBytes)), - } + enc := json.NewEncoder(w) + enc.SetEscapeHTML(true) + +loop: // break out of for/select infinite loop + for { + var report jsonmessage.JSONMessage - utils.WriteJSON(w, http.StatusOK, &respData) + select { + case e := <-options.Progress: + switch e.Event { + case types.ProgressEventNewArtifact: + report.Status = "Preparing" + case types.ProgressEventRead: + report.Status = "Pushing" + report.Progress = &jsonmessage.JSONProgress{ + Current: int64(e.Offset), + Total: e.Artifact.Size, + } + case types.ProgressEventSkipped: + report.Status = "Layer already exists" + case types.ProgressEventDone: + report.Status = "Pushed" + } + report.ID = e.Artifact.Digest.Encoded()[0:12] + if err := enc.Encode(report); err != nil { + errorWriter.Write([]byte(err.Error())) + } + flush() + case e := <-statusWriter.Chan(): + report.Status = string(e) + if err := enc.Encode(report); err != nil { + errorWriter.Write([]byte(err.Error())) + } + flush() + case e := <-errorWriter.Chan(): + failed = true + report.Error = &jsonmessage.JSONError{ + Message: string(e), + } + report.ErrorMessage = string(e) + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + case <-runCtx.Done(): + if !failed { + digestBytes, err := ioutil.ReadAll(digestFile) + if err == nil { + tag := query.Tag + if tag == "" { + tag = "latest" + } + report.Status = fmt.Sprintf("%s: digest: %s", tag, string(digestBytes)) + if err := enc.Encode(report); err != nil { + logrus.Warnf("Failed to json encode error %q", err.Error()) + } + flush() + } + } + break loop // break out of for/select infinite loop + case <-r.Context().Done(): + // Client has closed connection + break loop // break out of for/select infinite loop + } + } } diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 1a2483784..83fe23621 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -451,6 +451,7 @@ func PushImage(w http.ResponseWriter, r *http.Request) { Password: password, Format: query.Format, All: query.All, + Quiet: true, } if _, found := r.URL.Query()["tlsVerify"]; found { options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 27706fd2c..1cbd28c37 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -87,6 +87,28 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO params.Add("devices", d) } + if dnsservers := options.CommonBuildOpts.DNSServers; len(dnsservers) > 0 { + c, err := jsoniter.MarshalToString(dnsservers) + if err != nil { + return nil, err + } + params.Add("dnsservers", c) + } + if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 { + c, err := jsoniter.MarshalToString(dnsoptions) + if err != nil { + return nil, err + } + params.Add("dnsoptions", c) + } + if dnssearch := options.CommonBuildOpts.DNSSearch; len(dnssearch) > 0 { + c, err := jsoniter.MarshalToString(dnssearch) + if err != nil { + return nil, err + } + params.Add("dnssearch", c) + } + if caps := options.DropCapabilities; len(caps) > 0 { c, err := jsoniter.MarshalToString(caps) if err != nil { diff --git a/pkg/copy/fileinfo.go b/pkg/copy/fileinfo.go index b95bcd90c..fb711311c 100644 --- a/pkg/copy/fileinfo.go +++ b/pkg/copy/fileinfo.go @@ -7,8 +7,8 @@ import ( "os" "path/filepath" "strings" - "time" + "github.com/containers/podman/v3/libpod/define" "github.com/pkg/errors" ) @@ -22,14 +22,7 @@ var ErrENOENT = errors.New("No such file or directory") // FileInfo describes a file or directory and is returned by // (*CopyItem).Stat(). -type FileInfo struct { - Name string `json:"name"` - Size int64 `json:"size"` - Mode os.FileMode `json:"mode"` - ModTime time.Time `json:"mtime"` - IsDir bool `json:"isDir"` - LinkTarget string `json:"linkTarget"` -} +type FileInfo = define.FileInfo // EncodeFileInfo serializes the specified FileInfo as a base64 encoded JSON // payload. Intended for Docker compat. diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index ac965834a..7d074f89d 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -8,7 +8,6 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod/define" - "github.com/containers/podman/v3/pkg/copy" "github.com/containers/podman/v3/pkg/specgen" "github.com/cri-o/ocicni/pkg/ocicni" ) @@ -145,7 +144,7 @@ type ContainerInspectReport struct { } type ContainerStatReport struct { - copy.FileInfo + define.FileInfo } type CommitOptions struct { diff --git a/pkg/domain/entities/engine.go b/pkg/domain/entities/engine.go index f23d964e5..af996ad1e 100644 --- a/pkg/domain/entities/engine.go +++ b/pkg/domain/entities/engine.go @@ -1,11 +1,7 @@ package entities import ( - "context" - "io" - "github.com/containers/common/pkg/config" - "github.com/opentracing/opentracing-go" "github.com/spf13/pflag" ) @@ -37,22 +33,19 @@ type PodmanConfig struct { *config.Config *pflag.FlagSet - CGroupUsage string // rootless code determines Usage message - ConmonPath string // --conmon flag will set Engine.ConmonPath - CPUProfile string // Hidden: Should CPU profile be taken - EngineMode EngineMode // ABI or Tunneling mode - Identity string // ssh identity for connecting to server - MaxWorks int // maximum number of parallel threads - RegistriesConf string // allows for specifying a custom registries.conf - Remote bool // Connection to Podman API Service will use RESTful API - RuntimePath string // --runtime flag will set Engine.RuntimePath - RuntimeFlags []string // global flags for the container runtime - Span opentracing.Span // tracing object - SpanCloser io.Closer // Close() for tracing object - SpanCtx context.Context // context to use when tracing - Syslog bool // write to StdOut and Syslog, not supported when tunneling - Trace bool // Hidden: Trace execution - URI string // URI to RESTful API Service + CGroupUsage string // rootless code determines Usage message + ConmonPath string // --conmon flag will set Engine.ConmonPath + CPUProfile string // Hidden: Should CPU profile be taken + EngineMode EngineMode // ABI or Tunneling mode + Identity string // ssh identity for connecting to server + MaxWorks int // maximum number of parallel threads + RegistriesConf string // allows for specifying a custom registries.conf + Remote bool // Connection to Podman API Service will use RESTful API + RuntimePath string // --runtime flag will set Engine.RuntimePath + RuntimeFlags []string // global flags for the container runtime + Syslog bool // write to StdOut and Syslog, not supported when tunneling + Trace bool // Hidden: Trace execution + URI string // URI to RESTful API Service Runroot string StorageDriver string diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index 19109f873..7999d8209 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -203,6 +203,8 @@ type ImagePushOptions struct { SignBy string // SkipTLSVerify to skip HTTPS and certificate verification. SkipTLSVerify types.OptionalBool + // Progress to get progress notifications + Progress chan types.ProgressProperties } // ImageSearchOptions are the arguments for searching images. diff --git a/pkg/domain/infra/abi/archive.go b/pkg/domain/infra/abi/archive.go index 528771ee7..2ea63aa5e 100644 --- a/pkg/domain/infra/abi/archive.go +++ b/pkg/domain/infra/abi/archive.go @@ -3,72 +3,16 @@ package abi import ( "context" "io" - "path/filepath" - "strings" - buildahCopiah "github.com/containers/buildah/copier" - "github.com/containers/buildah/pkg/chrootuser" - "github.com/containers/buildah/util" - "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/containers/storage" - "github.com/containers/storage/pkg/archive" - "github.com/containers/storage/pkg/idtools" - "github.com/opencontainers/runtime-spec/specs-go" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) -// NOTE: Only the parent directory of the container path must exist. The path -// itself may be created while copying. func (ic *ContainerEngine) ContainerCopyFromArchive(ctx context.Context, nameOrID string, containerPath string, reader io.Reader) (entities.ContainerCopyFunc, error) { container, err := ic.Libpod.LookupContainer(nameOrID) if err != nil { return nil, err } - - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - unmount := func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - } - - _, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) - if err != nil { - unmount() - return nil, err - } - - decompressed, err := archive.DecompressStream(reader) - if err != nil { - unmount() - return nil, err - } - - idMappings, idPair, err := getIDMappingsAndPair(container, resolvedRoot) - if err != nil { - unmount() - return nil, err - } - - logrus.Debugf("Container copy *to* %q (resolved: %q) on container %q (ID: %s)", containerPath, resolvedContainerPath, container.Name(), container.ID()) - - return func() error { - defer unmount() - defer decompressed.Close() - putOptions := buildahCopiah.PutOptions{ - UIDMap: idMappings.UIDMap, - GIDMap: idMappings.GIDMap, - ChownDirs: idPair, - ChownFiles: idPair, - } - return buildahCopiah.Put(resolvedRoot, resolvedContainerPath, putOptions, decompressed) - }, nil + return container.CopyFromArchive(ctx, containerPath, reader) } func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID string, containerPath string, writer io.Writer) (entities.ContainerCopyFunc, error) { @@ -76,108 +20,5 @@ func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID if err != nil { return nil, err } - - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - unmount := func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - } - - // Make sure that "/" copies the *contents* of the mount point and not - // the directory. - if containerPath == "/" { - containerPath = "/." - } - - statInfo, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) - if err != nil { - unmount() - return nil, err - } - - idMappings, idPair, err := getIDMappingsAndPair(container, resolvedRoot) - if err != nil { - unmount() - return nil, err - } - - logrus.Debugf("Container copy *from* %q (resolved: %q) on container %q (ID: %s)", containerPath, resolvedContainerPath, container.Name(), container.ID()) - - return func() error { - defer container.Unmount(false) - getOptions := buildahCopiah.GetOptions{ - // Unless the specified points to ".", we want to copy the base directory. - KeepDirectoryNames: statInfo.IsDir && filepath.Base(containerPath) != ".", - UIDMap: idMappings.UIDMap, - GIDMap: idMappings.GIDMap, - ChownDirs: idPair, - ChownFiles: idPair, - } - return buildahCopiah.Get(resolvedRoot, "", getOptions, []string{resolvedContainerPath}, writer) - }, nil -} - -// getIDMappingsAndPair returns the ID mappings for the container and the host -// ID pair. -func getIDMappingsAndPair(container *libpod.Container, containerMount string) (*storage.IDMappingOptions, *idtools.IDPair, error) { - user, err := getContainerUser(container, containerMount) - if err != nil { - return nil, nil, err - } - - idMappingOpts, err := container.IDMappings() - if err != nil { - return nil, nil, err - } - - hostUID, hostGID, err := util.GetHostIDs(idtoolsToRuntimeSpec(idMappingOpts.UIDMap), idtoolsToRuntimeSpec(idMappingOpts.GIDMap), user.UID, user.GID) - if err != nil { - return nil, nil, err - } - - idPair := idtools.IDPair{UID: int(hostUID), GID: int(hostGID)} - return &idMappingOpts, &idPair, nil -} - -// getContainerUser returns the specs.User of the container. -func getContainerUser(container *libpod.Container, mountPoint string) (specs.User, error) { - userspec := container.Config().User - - uid, gid, _, err := chrootuser.GetUser(mountPoint, userspec) - u := specs.User{ - UID: uid, - GID: gid, - Username: userspec, - } - - if !strings.Contains(userspec, ":") { - groups, err2 := chrootuser.GetAdditionalGroupsForUser(mountPoint, uint64(u.UID)) - if err2 != nil { - if errors.Cause(err2) != chrootuser.ErrNoSuchUser && err == nil { - err = err2 - } - } else { - u.AdditionalGids = groups - } - } - - return u, err -} - -// idtoolsToRuntimeSpec converts idtools ID mapping to the one of the runtime spec. -func idtoolsToRuntimeSpec(idMaps []idtools.IDMap) (convertedIDMap []specs.LinuxIDMapping) { - for _, idmap := range idMaps { - tempIDMap := specs.LinuxIDMapping{ - ContainerID: uint32(idmap.ContainerID), - HostID: uint32(idmap.HostID), - Size: uint32(idmap.Size), - } - convertedIDMap = append(convertedIDMap, tempIDMap) - } - return convertedIDMap + return container.CopyToArchive(ctx, containerPath, writer) } diff --git a/pkg/domain/infra/abi/containers_stat.go b/pkg/domain/infra/abi/containers_stat.go index 1baeb9178..98a23c70b 100644 --- a/pkg/domain/infra/abi/containers_stat.go +++ b/pkg/domain/infra/abi/containers_stat.go @@ -2,139 +2,20 @@ package abi import ( "context" - "os" - "path/filepath" - "strings" - buildahCopiah "github.com/containers/buildah/copier" - "github.com/containers/podman/v3/libpod" - "github.com/containers/podman/v3/pkg/copy" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) -func (ic *ContainerEngine) containerStat(container *libpod.Container, containerMountPoint string, containerPath string) (*entities.ContainerStatReport, string, string, error) { - // Make sure that "/" copies the *contents* of the mount point and not - // the directory. - if containerPath == "/" { - containerPath += "/." - } - - // Now resolve the container's path. It may hit a volume, it may hit a - // bind mount, it may be relative. - resolvedRoot, resolvedContainerPath, err := container.ResolvePath(context.Background(), containerMountPoint, containerPath) - if err != nil { - return nil, "", "", err - } - - statInfo, statInfoErr := secureStat(resolvedRoot, resolvedContainerPath) - if statInfoErr != nil { - // Not all errors from secureStat map to ErrNotExist, so we - // have to look into the error string. Turning it into an - // ENOENT let's the API handlers return the correct status code - // which is crucial for the remote client. - if os.IsNotExist(err) || strings.Contains(statInfoErr.Error(), "o such file or directory") { - statInfoErr = copy.ErrENOENT - } - // If statInfo is nil, there's nothing we can do anymore. A - // non-nil statInfo may indicate a symlink where we must have - // a closer look. - if statInfo == nil { - return nil, "", "", statInfoErr - } - } - - // Now make sure that the info's LinkTarget is relative to the - // container's mount. - var absContainerPath string - - if statInfo.IsSymlink { - // Evaluated symlinks are always relative to the container's mount point. - absContainerPath = statInfo.ImmediateTarget - } else if strings.HasPrefix(resolvedContainerPath, containerMountPoint) { - // If the path is on the container's mount point, strip it off. - absContainerPath = strings.TrimPrefix(resolvedContainerPath, containerMountPoint) - absContainerPath = filepath.Join("/", absContainerPath) - } else { - // No symlink and not on the container's mount point, so let's - // move it back to the original input. It must have evaluated - // to a volume or bind mount but we cannot return host paths. - absContainerPath = containerPath - } - - // Now we need to make sure to preserve the base path as specified by - // the user. The `filepath` packages likes to remove trailing slashes - // and dots that are crucial to the copy logic. - absContainerPath = copy.PreserveBasePath(containerPath, absContainerPath) - resolvedContainerPath = copy.PreserveBasePath(containerPath, resolvedContainerPath) - - info := copy.FileInfo{ - IsDir: statInfo.IsDir, - Name: filepath.Base(absContainerPath), - Size: statInfo.Size, - Mode: statInfo.Mode, - ModTime: statInfo.ModTime, - LinkTarget: absContainerPath, - } - - return &entities.ContainerStatReport{FileInfo: info}, resolvedRoot, resolvedContainerPath, statInfoErr -} - func (ic *ContainerEngine) ContainerStat(ctx context.Context, nameOrID string, containerPath string) (*entities.ContainerStatReport, error) { container, err := ic.Libpod.LookupContainer(nameOrID) if err != nil { return nil, err } - containerMountPoint, err := container.Mount() - if err != nil { - return nil, err - } - - defer func() { - if err := container.Unmount(false); err != nil { - logrus.Errorf("Error unmounting container: %v", err) - } - }() - - statReport, _, _, err := ic.containerStat(container, containerMountPoint, containerPath) - return statReport, err -} - -// secureStat extracts file info for path in a chroot'ed environment in root. -func secureStat(root string, path string) (*buildahCopiah.StatForItem, error) { - var glob string - var err error - - // If root and path are equal, then dir must be empty and the glob must - // be ".". - if filepath.Clean(root) == filepath.Clean(path) { - glob = "." - } else { - glob, err = filepath.Rel(root, path) - if err != nil { - return nil, err - } - } - - globStats, err := buildahCopiah.Stat(root, "", buildahCopiah.StatOptions{}, []string{glob}) - if err != nil { - return nil, err - } - - if len(globStats) != 1 { - return nil, errors.Errorf("internal error: secureStat: expected 1 item but got %d", len(globStats)) - } - - stat, exists := globStats[0].Results[glob] // only one glob passed, so that's okay - if !exists { - return nil, copy.ErrENOENT - } + info, err := container.Stat(ctx, containerPath) - var statErr error - if stat.Error != "" { - statErr = errors.New(stat.Error) + if info != nil { + return &entities.ContainerStatReport{FileInfo: *info}, err } - return stat, statErr + return nil, err } diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index ffd4856fe..b1751b8b6 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -376,7 +376,8 @@ func (ir *ImageEngine) Push(ctx context.Context, source string, destination stri options.Compress, signOptions, &dockerRegistryOptions, - nil) + nil, + options.Progress) if err != nil && errors.Cause(err) != storage.ErrImageUnknown { // Image might be a manifest list so attempt a manifest push if _, manifestErr := ir.ManifestPush(ctx, source, destination, options); manifestErr == nil { diff --git a/pkg/domain/infra/abi/network.go b/pkg/domain/infra/abi/network.go index 50a74032c..edde8ece6 100644 --- a/pkg/domain/infra/abi/network.go +++ b/pkg/domain/infra/abi/network.go @@ -96,7 +96,15 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o } // We need to iterate containers looking to see if they belong to the given network for _, c := range containers { - if util.StringInSlice(name, c.Config().Networks) { + networks, _, err := c.Networks() + // if container vanished or network does not exist, go to next container + if errors.Is(err, define.ErrNoSuchNetwork) || errors.Is(err, define.ErrNoSuchCtr) { + continue + } + if err != nil { + return reports, err + } + if util.StringInSlice(name, networks) { // if user passes force, we nuke containers and pods if !options.Force { // Without the force option, we return an error diff --git a/pkg/specgen/generate/config_linux.go b/pkg/specgen/generate/config_linux.go index 2792d0cb7..5c945cff3 100644 --- a/pkg/specgen/generate/config_linux.go +++ b/pkg/specgen/generate/config_linux.go @@ -8,6 +8,7 @@ import ( "path/filepath" "strings" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/rootless" "github.com/containers/podman/v3/pkg/util" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -37,7 +38,7 @@ func addPrivilegedDevices(g *generate.Generator) error { for _, d := range hostDevices { devMnt := spec.Mount{ Destination: d.Path, - Type: TypeBind, + Type: define.TypeBind, Source: d.Path, Options: []string{"slave", "nosuid", "noexec", "rw", "rbind"}, } @@ -259,7 +260,7 @@ func addDevice(g *generate.Generator, device string) error { } devMnt := spec.Mount{ Destination: dst, - Type: TypeBind, + Type: define.TypeBind, Source: src, Options: []string{"slave", "nosuid", "noexec", perm, "rbind"}, } diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index eb4dbc944..4eae09a5e 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -277,7 +277,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt g.RemoveMount("/proc") procMount := spec.Mount{ Destination: "/proc", - Type: TypeBind, + Type: define.TypeBind, Source: "/proc", Options: []string{"rbind", "nosuid", "noexec", "nodev"}, } diff --git a/pkg/specgen/generate/storage.go b/pkg/specgen/generate/storage.go index 0bb1421f6..e135f4728 100644 --- a/pkg/specgen/generate/storage.go +++ b/pkg/specgen/generate/storage.go @@ -10,6 +10,7 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" @@ -18,16 +19,6 @@ import ( "github.com/sirupsen/logrus" ) -// TODO unify this in one place - maybe libpod/define -const ( - // TypeBind is the type for mounting host dir - TypeBind = "bind" - // TypeVolume is the type for named volumes - TypeVolume = "volume" - // TypeTmpfs is the type for mounting tmpfs - TypeTmpfs = "tmpfs" -) - var ( errDuplicateDest = errors.Errorf("duplicate mount destination") ) @@ -156,7 +147,7 @@ func finalizeMounts(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Ru // Final step: maps to arrays finalMounts := make([]spec.Mount, 0, len(baseMounts)) for _, mount := range baseMounts { - if mount.Type == TypeBind { + if mount.Type == define.TypeBind { absSrc, err := filepath.Abs(mount.Source) if err != nil { return nil, nil, nil, errors.Wrapf(err, "error getting absolute path of %s", mount.Source) @@ -208,8 +199,8 @@ func getImageVolumes(ctx context.Context, img *image.Image, s *specgen.SpecGener case "tmpfs": mount := spec.Mount{ Destination: cleanDest, - Source: TypeTmpfs, - Type: TypeTmpfs, + Source: define.TypeTmpfs, + Type: define.TypeTmpfs, Options: []string{"rprivate", "rw", "nodev", "exec"}, } mounts[cleanDest] = mount @@ -277,7 +268,7 @@ func getVolumesFrom(volumesFrom []string, runtime *libpod.Runtime) (map[string]s return nil, nil, errors.Errorf("error retrieving container %s spec for volumes-from", ctr.ID()) } for _, mnt := range spec.Mounts { - if mnt.Type != TypeBind { + if mnt.Type != define.TypeBind { continue } if _, exists := userVolumes[mnt.Destination]; exists { @@ -338,9 +329,9 @@ func getVolumesFrom(volumesFrom []string, runtime *libpod.Runtime) (map[string]s func addContainerInitBinary(s *specgen.SpecGenerator, path string) (spec.Mount, error) { mount := spec.Mount{ Destination: "/dev/init", - Type: TypeBind, + Type: define.TypeBind, Source: path, - Options: []string{TypeBind, "ro"}, + Options: []string{define.TypeBind, "ro"}, } if path == "" { @@ -393,13 +384,13 @@ func SupersedeUserMounts(mounts []spec.Mount, configMount []spec.Mount) []spec.M func InitFSMounts(mounts []spec.Mount) error { for i, m := range mounts { switch { - case m.Type == TypeBind: + case m.Type == define.TypeBind: opts, err := util.ProcessOptions(m.Options, false, m.Source) if err != nil { return err } mounts[i].Options = opts - case m.Type == TypeTmpfs && filepath.Clean(m.Destination) != "/dev": + case m.Type == define.TypeTmpfs && filepath.Clean(m.Destination) != "/dev": opts, err := util.ProcessOptions(m.Options, true, "") if err != nil { return err diff --git a/pkg/terminal/util.go b/pkg/terminal/util.go index 231b47974..04e12f6b3 100644 --- a/pkg/terminal/util.go +++ b/pkg/terminal/util.go @@ -10,11 +10,11 @@ import ( "path/filepath" "sync" + "github.com/containers/storage/pkg/homedir" "github.com/sirupsen/logrus" "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/knownhosts" "golang.org/x/crypto/ssh/terminal" - "k8s.io/client-go/util/homedir" ) var ( @@ -105,7 +105,7 @@ func ReadLogin() []byte { func HostKey(host string) ssh.PublicKey { // parse OpenSSH known_hosts file // ssh or use ssh-keyscan to get initial key - knownHosts := filepath.Join(homedir.HomeDir(), ".ssh", "known_hosts") + knownHosts := filepath.Join(homedir.Get(), ".ssh", "known_hosts") fd, err := os.Open(knownHosts) if err != nil { logrus.Error(err) diff --git a/pkg/tracing/tracing.go b/pkg/tracing/tracing.go deleted file mode 100644 index 5be24faaa..000000000 --- a/pkg/tracing/tracing.go +++ /dev/null @@ -1,29 +0,0 @@ -package tracing - -import ( - "fmt" - "io" - - "github.com/opentracing/opentracing-go" - "github.com/uber/jaeger-client-go" - "github.com/uber/jaeger-client-go/config" -) - -// Init returns an instance of Jaeger Tracer that samples 100% of traces and logs all spans to stdout. -func Init(service string) (opentracing.Tracer, io.Closer) { - cfg := &config.Configuration{ - ServiceName: service, - Sampler: &config.SamplerConfig{ - Type: "const", - Param: 1, - }, - Reporter: &config.ReporterConfig{ - LogSpans: true, - }, - } - tracer, closer, err := cfg.NewTracer(config.Logger(jaeger.StdLogger)) - if err != nil { - panic(fmt.Sprintf("ERROR: cannot init Jaeger: %v\n", err)) - } - return tracer, closer -} |