diff options
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/api/handlers/compat/containers_attach.go | 82 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/exec.go | 24 | ||||
| -rw-r--r-- | pkg/api/handlers/libpod/images.go | 12 | ||||
| -rw-r--r-- | pkg/api/handlers/libpod/pods.go | 30 | ||||
| -rw-r--r-- | pkg/api/server/register_images.go | 10 | ||||
| -rw-r--r-- | pkg/api/server/register_volumes.go | 38 | ||||
| -rw-r--r-- | pkg/api/tags.yaml | 2 | ||||
| -rw-r--r-- | pkg/bindings/containers/attach.go | 2 | ||||
| -rw-r--r-- | pkg/bindings/containers/containers.go | 2 | ||||
| -rw-r--r-- | pkg/bindings/images/images.go | 1 | ||||
| -rw-r--r-- | pkg/domain/entities/images.go | 2 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/images.go | 1 | ||||
| -rw-r--r-- | pkg/domain/infra/abi/system.go | 3 | ||||
| -rw-r--r-- | pkg/spec/config_linux_cgo.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/config_linux.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/config_linux_cgo.go | 2 | ||||
| -rw-r--r-- | pkg/specgen/generate/container.go | 40 | ||||
| -rw-r--r-- | pkg/specgen/specgen.go | 7 |
18 files changed, 149 insertions, 113 deletions
diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go index 2d63ac56d..e20d48d86 100644 --- a/pkg/api/handlers/compat/containers_attach.go +++ b/pkg/api/handlers/compat/containers_attach.go @@ -1,12 +1,7 @@ package compat import ( - "bufio" - "fmt" - "io" - "net" "net/http" - "strings" "github.com/containers/podman/v2/libpod" "github.com/containers/podman/v2/libpod/define" @@ -97,75 +92,30 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { return } - connection, buffer, err := AttachConnection(w, r) - if err != nil { - utils.InternalServerError(w, err) - return - } - logrus.Debugf("Hijack for attach of container %s successful", ctr.ID()) + idleTracker := r.Context().Value("idletracker").(*idletracker.IdleTracker) + hijackChan := make(chan bool, 1) // Perform HTTP attach. // HTTPAttach will handle everything about the connection from here on // (including closing it and writing errors to it). - if err := ctr.HTTPAttach(connection, buffer, streams, detachKeys, nil, query.Stream, query.Logs); err != nil { + if err := ctr.HTTPAttach(r, w, streams, detachKeys, nil, query.Stream, query.Logs, hijackChan); err != nil { + hijackComplete := <-hijackChan + // We can't really do anything about errors anymore. HTTPAttach // should be writing them to the connection. logrus.Errorf("Error attaching to container %s: %v", ctr.ID(), err) - } - logrus.Debugf("Attach for container %s completed successfully", ctr.ID()) -} - -type HijackedConnection struct { - net.Conn // Connection - idleTracker *idletracker.IdleTracker // Connection tracker -} - -func (c HijackedConnection) Close() error { - logrus.Debugf("Hijacked connection closed") - - c.idleTracker.TrackHijackedClosed() - return c.Conn.Close() -} - -func AttachConnection(w http.ResponseWriter, r *http.Request) (net.Conn, *bufio.ReadWriter, error) { - idleTracker := r.Context().Value("idletracker").(*idletracker.IdleTracker) - - // Hijack the connection - hijacker, ok := w.(http.Hijacker) - if !ok { - return nil, nil, errors.Errorf("unable to hijack connection") - } - - connection, buffer, err := hijacker.Hijack() - if err != nil { - return nil, nil, errors.Wrapf(err, "error hijacking connection") - } - trackedConnection := HijackedConnection{ - Conn: connection, - idleTracker: idleTracker, + if hijackComplete { + // We do need to tell the idle tracker that the + // connection has been closed, though. We can guarantee + // that is true after HTTPAttach exits. + idleTracker.TrackHijackedClosed() + } else { + // A hijack was not successfully completed. We need to + // report the error normally. + utils.InternalServerError(w, err) + } } - WriteAttachHeaders(r, trackedConnection) - - return trackedConnection, buffer, nil -} - -func WriteAttachHeaders(r *http.Request, connection io.Writer) { - // AttachHeader is the literal header sent for upgraded/hijacked connections for - // attach, sourced from Docker at: - // https://raw.githubusercontent.com/moby/moby/b95fad8e51bd064be4f4e58a996924f343846c85/api/server/router/container/container_routes.go - // Using literally to ensure compatibility with existing clients. - c := r.Header.Get("Connection") - proto := r.Header.Get("Upgrade") - if len(proto) == 0 || !strings.EqualFold(c, "Upgrade") { - // OK - can't upgrade if not requested or protocol is not specified - fmt.Fprintf(connection, - "HTTP/1.1 200 OK\r\nContent-Type: application/vnd.docker.raw-stream\r\n\r\n") - } else { - // Upraded - fmt.Fprintf(connection, - "HTTP/1.1 101 UPGRADED\r\nContent-Type: application/vnd.docker.raw-stream\r\nConnection: Upgrade\r\nUpgrade: %s\r\n\r\n", - proto) - } + logrus.Debugf("Attach for container %s completed successfully", ctr.ID()) } diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index 7a62a2b58..1db950f85 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -10,6 +10,7 @@ import ( "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/pkg/api/handlers" "github.com/containers/podman/v2/pkg/api/handlers/utils" + "github.com/containers/podman/v2/pkg/api/server/idletracker" "github.com/containers/podman/v2/pkg/specgen/generate" "github.com/gorilla/mux" "github.com/pkg/errors" @@ -173,15 +174,24 @@ func ExecStartHandler(w http.ResponseWriter, r *http.Request) { return } - connection, buffer, err := AttachConnection(w, r) - if err != nil { - utils.InternalServerError(w, err) - return - } - logrus.Debugf("Hijack for attach of container %s exec session %s successful", sessionCtr.ID(), sessionID) + idleTracker := r.Context().Value("idletracker").(*idletracker.IdleTracker) + hijackChan := make(chan bool, 1) + + if err := sessionCtr.ExecHTTPStartAndAttach(sessionID, r, w, nil, nil, nil, hijackChan); err != nil { + hijackComplete := <-hijackChan - if err := sessionCtr.ExecHTTPStartAndAttach(sessionID, connection, buffer, nil, nil, nil); err != nil { logrus.Errorf("Error attaching to container %s exec session %s: %v", sessionCtr.ID(), sessionID, err) + + if hijackComplete { + // We do need to tell the idle tracker that the + // connection has been closed, though. We can guarantee + // that is true after HTTPAttach exits. + idleTracker.TrackHijackedClosed() + } else { + // A hijack was not successfully completed. We need to + // report the error normally. + utils.InternalServerError(w, err) + } } logrus.Debugf("Attach for container %s exec session %s completed successfully", sessionCtr.ID(), sessionID) diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 51013acf1..8d3fc4e00 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -338,11 +338,12 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value("runtime").(*libpod.Runtime) decoder := r.Context().Value("decoder").(*schema.Decoder) query := struct { - Reference string `schema:"reference"` - OverrideOS string `schema:"overrideOS"` - OverrideArch string `schema:"overrideArch"` - TLSVerify bool `schema:"tlsVerify"` - AllTags bool `schema:"allTags"` + Reference string `schema:"reference"` + OverrideOS string `schema:"overrideOS"` + OverrideArch string `schema:"overrideArch"` + OverrideVariant string `schema:"overrideVariant"` + TLSVerify bool `schema:"tlsVerify"` + AllTags bool `schema:"allTags"` }{ TLSVerify: true, } @@ -393,6 +394,7 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) { DockerRegistryCreds: authConf, OSChoice: query.OverrideOS, ArchitectureChoice: query.OverrideArch, + VariantChoice: query.OverrideVariant, } if _, found := r.URL.Query()["tlsVerify"]; found { dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) diff --git a/pkg/api/handlers/libpod/pods.go b/pkg/api/handlers/libpod/pods.go index 6e704fe65..8f8292567 100644 --- a/pkg/api/handlers/libpod/pods.go +++ b/pkg/api/handlers/libpod/pods.go @@ -135,8 +135,8 @@ func PodStop(w http.ResponseWriter, r *http.Request) { } } var errs []error //nolint - for _, err := range responses { - errs = append(errs, err) + for id, err := range responses { + errs = append(errs, errors.Wrapf(err, "error stopping container %s", id)) } report := entities.PodStopReport{ Errs: errs, @@ -164,12 +164,12 @@ func PodStart(w http.ResponseWriter, r *http.Request) { return } responses, err := pod.Start(r.Context()) - if err != nil { + if err != nil && errors.Cause(err) != define.ErrPodPartialFail { utils.Error(w, "Something went wrong", http.StatusInternalServerError, err) return } - for _, err := range responses { - errs = append(errs, err) + for id, err := range responses { + errs = append(errs, errors.Wrapf(err, "error starting container %s", id)) } report := entities.PodStartReport{ Errs: errs, @@ -220,12 +220,12 @@ func PodRestart(w http.ResponseWriter, r *http.Request) { return } responses, err := pod.Restart(r.Context()) - if err != nil { + if err != nil && errors.Cause(err) != define.ErrPodPartialFail { utils.Error(w, "Something went wrong", http.StatusInternalServerError, err) return } - for _, err := range responses { - errs = append(errs, err) + for id, err := range responses { + errs = append(errs, errors.Wrapf(err, "error restarting container %s", id)) } report := entities.PodRestartReport{ Errs: errs, @@ -271,12 +271,12 @@ func PodPause(w http.ResponseWriter, r *http.Request) { return } responses, err := pod.Pause() - if err != nil { + if err != nil && errors.Cause(err) != define.ErrPodPartialFail { utils.Error(w, "Something went wrong", http.StatusInternalServerError, err) return } - for _, v := range responses { - errs = append(errs, v) + for id, v := range responses { + errs = append(errs, errors.Wrapf(v, "error pausing container %s", id)) } report := entities.PodPauseReport{ Errs: errs, @@ -295,12 +295,12 @@ func PodUnpause(w http.ResponseWriter, r *http.Request) { return } responses, err := pod.Unpause() - if err != nil { + if err != nil && errors.Cause(err) != define.ErrPodPartialFail { utils.Error(w, "failed to pause pod", http.StatusInternalServerError, err) return } - for _, v := range responses { - errs = append(errs, v) + for id, v := range responses { + errs = append(errs, errors.Wrapf(v, "error unpausing container %s", id)) } report := entities.PodUnpauseReport{ Errs: errs, @@ -403,7 +403,7 @@ func PodKill(w http.ResponseWriter, r *http.Request) { } responses, err := pod.Kill(uint(sig)) - if err != nil { + if err != nil && errors.Cause(err) != define.ErrPodPartialFail { utils.Error(w, "failed to kill pod", http.StatusInternalServerError, err) return } diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index cb4ce4fe7..64258a073 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -625,7 +625,7 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // swagger:operation POST /libpod/images/{name:.*}/push libpod libpodPushImage // --- // tags: - // - images (libpod) + // - images // summary: Push Image // description: Push an image to a container registry // parameters: @@ -905,12 +905,16 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // description: "username:password for the registry" // type: string // - in: query + // name: overrideArch + // description: Pull image for the specified architecture. + // type: string + // - in: query // name: overrideOS // description: Pull image for the specified operating system. // type: string // - in: query - // name: overrideArch - // description: Pull image for the specified architecture. + // name: overrideVariant + // description: Pull image for the specified variant. // type: string // - in: query // name: tlsVerify diff --git a/pkg/api/server/register_volumes.go b/pkg/api/server/register_volumes.go index 8f7848ed4..22488b158 100644 --- a/pkg/api/server/register_volumes.go +++ b/pkg/api/server/register_volumes.go @@ -9,8 +9,10 @@ import ( ) func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { - // swagger:operation POST /libpod/volumes/create volumes libpodCreateVolume + // swagger:operation POST /libpod/volumes/create libpod libpodCreateVolume // --- + // tags: + // - volumes // summary: Create a volume // parameters: // - in: body @@ -26,8 +28,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { // '500': // "$ref": "#/responses/InternalError" r.Handle(VersionedPath("/libpod/volumes/create"), s.APIHandler(libpod.CreateVolume)).Methods(http.MethodPost) - // swagger:operation GET /libpod/volumes/json volumes libpodListVolumes + // swagger:operation GET /libpod/volumes/json libpod libpodListVolumes // --- + // tags: + // - volumes // summary: List volumes // description: Returns a list of volumes // produces: @@ -48,8 +52,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { // '500': // "$ref": "#/responses/InternalError" r.Handle(VersionedPath("/libpod/volumes/json"), s.APIHandler(libpod.ListVolumes)).Methods(http.MethodGet) - // swagger:operation POST /libpod/volumes/prune volumes libpodPruneVolumes + // swagger:operation POST /libpod/volumes/prune libpod libpodPruneVolumes // --- + // tags: + // - volumes // summary: Prune volumes // produces: // - application/json @@ -59,8 +65,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { // '500': // "$ref": "#/responses/InternalError" r.Handle(VersionedPath("/libpod/volumes/prune"), s.APIHandler(libpod.PruneVolumes)).Methods(http.MethodPost) - // swagger:operation GET /libpod/volumes/{name}/json volumes libpodInspectVolume + // swagger:operation GET /libpod/volumes/{name}/json libpod libpodInspectVolume // --- + // tags: + // - volumes // summary: Inspect volume // parameters: // - in: path @@ -78,8 +86,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { // '500': // "$ref": "#/responses/InternalError" r.Handle(VersionedPath("/libpod/volumes/{name}/json"), s.APIHandler(libpod.InspectVolume)).Methods(http.MethodGet) - // swagger:operation DELETE /libpod/volumes/{name} volumes libpodRemoveVolume + // swagger:operation DELETE /libpod/volumes/{name} libpod libpodRemoveVolume // --- + // tags: + // - volumes // summary: Remove volume // parameters: // - in: path @@ -110,6 +120,8 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { // swagger:operation GET /volumes compat listVolumes // --- + // tags: + // - volumes (compat) // summary: List volumes // description: Returns a list of volume // produces: @@ -134,8 +146,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { r.Handle(VersionedPath("/volumes"), s.APIHandler(compat.ListVolumes)).Methods(http.MethodGet) r.Handle("/volumes", s.APIHandler(compat.ListVolumes)).Methods(http.MethodGet) - // swagger:operation POST /volumes/create volumes createVolume + // swagger:operation POST /volumes/create compat createVolume // --- + // tags: + // - volumes (compat) // summary: Create a volume // parameters: // - in: body @@ -153,8 +167,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { r.Handle(VersionedPath("/volumes/create"), s.APIHandler(compat.CreateVolume)).Methods(http.MethodPost) r.Handle("/volumes/create", s.APIHandler(compat.CreateVolume)).Methods(http.MethodPost) - // swagger:operation GET /volumes/{name} volumes inspectVolume + // swagger:operation GET /volumes/{name} compat inspectVolume // --- + // tags: + // - volumes (compat) // summary: Inspect volume // parameters: // - in: path @@ -174,8 +190,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { r.Handle(VersionedPath("/volumes/{name}"), s.APIHandler(compat.InspectVolume)).Methods(http.MethodGet) r.Handle("/volumes/{name}", s.APIHandler(compat.InspectVolume)).Methods(http.MethodGet) - // swagger:operation DELETE /volumes/{name} volumes removeVolume + // swagger:operation DELETE /volumes/{name} compat removeVolume // --- + // tags: + // - volumes (compat) // summary: Remove volume // parameters: // - in: path @@ -204,8 +222,10 @@ func (s *APIServer) registerVolumeHandlers(r *mux.Router) error { r.Handle(VersionedPath("/volumes/{name}"), s.APIHandler(compat.RemoveVolume)).Methods(http.MethodDelete) r.Handle("/volumes/{name}", s.APIHandler(compat.RemoveVolume)).Methods(http.MethodDelete) - // swagger:operation POST /volumes/prune volumes pruneVolumes + // swagger:operation POST /volumes/prune compat pruneVolumes // --- + // tags: + // - volumes (compat) // summary: Prune volumes // produces: // - application/json diff --git a/pkg/api/tags.yaml b/pkg/api/tags.yaml index f86f8dbea..0cfb3f440 100644 --- a/pkg/api/tags.yaml +++ b/pkg/api/tags.yaml @@ -23,5 +23,7 @@ tags: description: Actions related to images for the compatibility endpoints - name: networks (compat) description: Actions related to compatibility networks + - name: volumes (compat) + description: Actions related to volumes for the compatibility endpoints - name: system (compat) description: Actions related to Podman and compatibility engines diff --git a/pkg/bindings/containers/attach.go b/pkg/bindings/containers/attach.go index c035b6391..3bd85fbae 100644 --- a/pkg/bindings/containers/attach.go +++ b/pkg/bindings/containers/attach.go @@ -46,6 +46,8 @@ func Attach(ctx context.Context, nameOrID string, detachKeys *string, logs, stre stderr = (io.Writer)(nil) } + logrus.Infof("Going to attach to container %q", nameOrID) + conn, err := bindings.GetClient(ctx) if err != nil { return err diff --git a/pkg/bindings/containers/containers.go b/pkg/bindings/containers/containers.go index c1eb23233..981912665 100644 --- a/pkg/bindings/containers/containers.go +++ b/pkg/bindings/containers/containers.go @@ -13,6 +13,7 @@ import ( "github.com/containers/podman/v2/pkg/bindings" "github.com/containers/podman/v2/pkg/domain/entities" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) var ( @@ -180,6 +181,7 @@ func Restart(ctx context.Context, nameOrID string, timeout *int) error { // or a partial/full ID. The optional parameter for detach keys are to override the default // detach key sequence. func Start(ctx context.Context, nameOrID string, detachKeys *string) error { + logrus.Infof("Going to start container %q", nameOrID) conn, err := bindings.GetClient(ctx) if err != nil { return err diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go index 12d1a9ce9..9f6e78b79 100644 --- a/pkg/bindings/images/images.go +++ b/pkg/bindings/images/images.go @@ -365,6 +365,7 @@ func Pull(ctx context.Context, rawImage string, options entities.ImagePullOption params.Set("reference", rawImage) params.Set("overrideArch", options.OverrideArch) params.Set("overrideOS", options.OverrideOS) + params.Set("overrideVariant", options.OverrideVariant) if options.SkipTLSVerify != types.OptionalBoolUndefined { // Note: we have to verify if skipped is false. verifyTLS := bool(options.SkipTLSVerify == types.OptionalBoolFalse) diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index cb970b09a..3a12a4e22 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -137,6 +137,8 @@ type ImagePullOptions struct { // OverrideOS will overwrite the local operating system (OS) for image // pulls. OverrideOS string + // OverrideVariant will overwrite the local variant for image pulls. + OverrideVariant string // Quiet can be specified to suppress pull progress when pulling. Ignored // for remote calls. Quiet bool diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 70d740bb5..6b94ca9c0 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -251,6 +251,7 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, options entiti DockerCertPath: options.CertDir, OSChoice: options.OverrideOS, ArchitectureChoice: options.OverrideArch, + VariantChoice: options.OverrideVariant, DockerInsecureSkipTLSVerify: options.SkipTLSVerify, } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 478fac1d5..ff1052d86 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -8,6 +8,7 @@ import ( "os/exec" "path/filepath" "strconv" + "strings" "github.com/containers/common/pkg/config" "github.com/containers/podman/v2/libpod/define" @@ -73,7 +74,7 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, cmd *cobra.Command) initCommand, err := ioutil.ReadFile("/proc/1/comm") // On errors, default to systemd - runsUnderSystemd := err != nil || string(initCommand) == "systemd" + runsUnderSystemd := err != nil || strings.TrimRight(string(initCommand), "\n") == "systemd" unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { diff --git a/pkg/spec/config_linux_cgo.go b/pkg/spec/config_linux_cgo.go index 186a3a788..da92f511f 100644 --- a/pkg/spec/config_linux_cgo.go +++ b/pkg/spec/config_linux_cgo.go @@ -5,10 +5,10 @@ package createconfig import ( "io/ioutil" + goSeccomp "github.com/containers/common/pkg/seccomp" "github.com/containers/podman/v2/pkg/seccomp" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" - goSeccomp "github.com/seccomp/containers-golang" "github.com/sirupsen/logrus" ) diff --git a/pkg/specgen/generate/config_linux.go b/pkg/specgen/generate/config_linux.go index 35508c023..1d5dcd8e7 100644 --- a/pkg/specgen/generate/config_linux.go +++ b/pkg/specgen/generate/config_linux.go @@ -90,7 +90,7 @@ func DevicesFromPath(g *generate.Generator, devicePath string) error { } st, err := os.Stat(resolvedDevicePath) if err != nil { - return errors.Wrapf(err, "cannot stat %s", devicePath) + return errors.Wrapf(err, "cannot stat device path %s", devicePath) } if st.IsDir() { found := false diff --git a/pkg/specgen/generate/config_linux_cgo.go b/pkg/specgen/generate/config_linux_cgo.go index f35d56750..21a1c910d 100644 --- a/pkg/specgen/generate/config_linux_cgo.go +++ b/pkg/specgen/generate/config_linux_cgo.go @@ -6,12 +6,12 @@ import ( "context" "io/ioutil" + goSeccomp "github.com/containers/common/pkg/seccomp" "github.com/containers/podman/v2/libpod/image" "github.com/containers/podman/v2/pkg/seccomp" "github.com/containers/podman/v2/pkg/specgen" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" - goSeccomp "github.com/seccomp/containers-golang" "github.com/sirupsen/logrus" ) diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 53d160442..147ebd61b 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -2,6 +2,7 @@ package generate import ( "context" + "os" "github.com/containers/image/v5/manifest" "github.com/containers/podman/v2/libpod" @@ -62,14 +63,24 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat if err != nil { return nil, err } - // Get Default Environment - defaultEnvs, err := envLib.ParseSlice(rtc.Containers.Env) + // First transform the os env into a map. We need it for the labels later in + // any case. + osEnv, err := envLib.ParseSlice(os.Environ()) if err != nil { - return nil, errors.Wrap(err, "Env fields in containers.conf failed to parse") + return nil, errors.Wrap(err, "error parsing host environment variables") } + // Get Default Environment from containers.conf + defaultEnvs, err := envLib.ParseSlice(rtc.GetDefaultEnv()) + if err != nil { + return nil, errors.Wrap(err, "error parsing fields in containers.conf") + } + if defaultEnvs["containers"] == "" { + defaultEnvs["containers"] = "podman" + } var envs map[string]string + // Image Environment defaults if newImage != nil { // Image envs from the image if they don't exist // already, overriding the default environments @@ -82,9 +93,30 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat if err != nil { return nil, errors.Wrap(err, "Env fields from image failed to parse") } + defaultEnvs = envLib.Join(defaultEnvs, envs) + } + + // Caller Specified defaults + if s.EnvHost { + defaultEnvs = envLib.Join(defaultEnvs, osEnv) + } else if s.HTTPProxy { + for _, envSpec := range []string{ + "http_proxy", + "HTTP_PROXY", + "https_proxy", + "HTTPS_PROXY", + "ftp_proxy", + "FTP_PROXY", + "no_proxy", + "NO_PROXY", + } { + if v, ok := osEnv[envSpec]; ok { + defaultEnvs[envSpec] = v + } + } } - s.Env = envLib.Join(envLib.Join(defaultEnvs, envs), s.Env) + s.Env = envLib.Join(defaultEnvs, s.Env) // Labels and Annotations annotations := make(map[string]string) diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index a52225f87..cca05eddb 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -43,6 +43,13 @@ type ContainerBasicConfig struct { // image's configuration. // Optional. Command []string `json:"command,omitempty"` + // EnvHost indicates that the host environment should be added to container + // Optional. + EnvHost bool `json:"env_host,omitempty"` + // EnvHTTPProxy indicates that the http host proxy environment variables + // should be added to container + // Optional. + HTTPProxy bool `json:"httpproxy,omitempty"` // Env is a set of environment variables that will be set in the // container. // Optional. |