From eb101936e6ab21009b130a9e3ddfa939f416ca40 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 17 Apr 2020 14:16:28 -0400 Subject: Handle Linux Capabilities correctly If user sets capabilities list we need handle minimal capabilities. Also handle seccomp-policy being passed in. Signed-off-by: Daniel J Walsh --- cmd/podman/common/specgen.go | 1 + 1 file changed, 1 insertion(+) (limited to 'cmd/podman') diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index b8526993c..7550bf784 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -424,6 +424,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string } } + s.SeccompPolicy = c.SeccompPolicy // TODO any idea why this was done // storage.go from spec/ // grab it -- cgit v1.2.3-54-g00ecf From b35a0d0cd2bad55e7d1a7c8d77322d2ff3f43600 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Sun, 19 Apr 2020 07:53:24 -0400 Subject: Fix podman inspect to accept -l and -s fields Podman inspect has a breaking change in that it dropped --latest and --size options. This PR adds these back. Lots of tests rely on podman inspect -l. Signed-off-by: Daniel J Walsh --- cmd/podman/images/inspect.go | 26 ++++++++++++++------------ cmd/podman/inspect.go | 31 +++++++++++++++++-------------- pkg/domain/entities/types.go | 1 + 3 files changed, 32 insertions(+), 26 deletions(-) (limited to 'cmd/podman') diff --git a/cmd/podman/images/inspect.go b/cmd/podman/images/inspect.go index 4482ceee5..11bef02ba 100644 --- a/cmd/podman/images/inspect.go +++ b/cmd/podman/images/inspect.go @@ -20,11 +20,13 @@ import ( var ( // Command: podman image _inspect_ inspectCmd = &cobra.Command{ - Use: "inspect [flags] IMAGE", - Short: "Display the configuration of an image", - Long: `Displays the low-level information on an image identified by name or ID.`, - RunE: inspect, - Example: `podman image inspect alpine`, + Use: "inspect [flags] IMAGE", + Short: "Display the configuration of an image", + Long: `Displays the low-level information on an image identified by name or ID.`, + RunE: inspect, + Example: `podman inspect alpine + podman inspect --format "imageId: {{.Id}} size: {{.Size}}" alpine + podman inspect --format "image: {{.ImageName}} driver: {{.Driver}}" myctr`, } inspectOpts *entities.InspectOptions ) @@ -39,14 +41,14 @@ func init() { } func inspect(cmd *cobra.Command, args []string) error { - latestContainer := inspectOpts.Latest - - if len(args) == 0 && !latestContainer { - return errors.Errorf("container or image name must be specified: podman inspect [options [...]] name") + if inspectOpts.Size { + return fmt.Errorf("--size can only be used for containers") } - - if len(args) > 0 && latestContainer { - return errors.Errorf("you cannot provide additional arguments with --latest") + if inspectOpts.Latest { + return fmt.Errorf("--latest can only be used for containers") + } + if len(args) == 0 { + return errors.Errorf("image name must be specified: podman image inspect [options [...]] name") } results, err := registry.ImageEngine().Inspect(context.Background(), args, *inspectOpts) diff --git a/cmd/podman/inspect.go b/cmd/podman/inspect.go index e67bc326b..93bf58bdd 100644 --- a/cmd/podman/inspect.go +++ b/cmd/podman/inspect.go @@ -1,10 +1,8 @@ package main import ( - "context" "fmt" - "github.com/containers/image/v5/docker/reference" "github.com/containers/libpod/cmd/podman/common" "github.com/containers/libpod/cmd/podman/containers" "github.com/containers/libpod/cmd/podman/images" @@ -21,11 +19,12 @@ var ( // Command: podman _inspect_ Object_ID inspectCmd = &cobra.Command{ Use: "inspect [flags] {CONTAINER_ID | IMAGE_ID}", - Args: cobra.ExactArgs(1), Short: "Display the configuration of object denoted by ID", Long: "Displays the low-level information on an object identified by name or ID", TraverseChildren: true, RunE: inspect, + Example: `podman inspect alpine + podman inspect --format "imageId: {{.Id}} size: {{.Size}}" alpine`, } ) @@ -35,21 +34,25 @@ func init() { Command: inspectCmd, }) inspectOpts = common.AddInspectFlagSet(inspectCmd) + flags := inspectCmd.Flags() + flags.StringVarP(&inspectOpts.Type, "type", "t", "", "Return JSON for specified type, (image or container) (default \"all\")") + if !registry.IsRemote() { + flags.BoolVarP(&inspectOpts.Latest, "latest", "l", false, "Act on the latest container podman is aware of (containers only)") + } } func inspect(cmd *cobra.Command, args []string) error { - // First check if the input is even valid for an image - if _, err := reference.Parse(args[0]); err == nil { - if found, err := registry.ImageEngine().Exists(context.Background(), args[0]); err != nil { - return err - } else if found.Value { - return images.Inspect(cmd, args, inspectOpts) + switch inspectOpts.Type { + case "image": + return images.Inspect(cmd, args, inspectOpts) + case "container": + return containers.Inspect(cmd, args, inspectOpts) + case "": + if err := images.Inspect(cmd, args, inspectOpts); err == nil { + return nil } - } - if found, err := registry.ContainerEngine().ContainerExists(context.Background(), args[0]); err != nil { - return err - } else if found.Value { return containers.Inspect(cmd, args, inspectOpts) + default: + return fmt.Errorf("invalid type %q is must be 'container' or 'image'", inspectOpts.Type) } - return fmt.Errorf("%s not found on system", args[0]) } diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go index b89aa869a..096af2df2 100644 --- a/pkg/domain/entities/types.go +++ b/pkg/domain/entities/types.go @@ -50,6 +50,7 @@ type InspectOptions struct { Format string `json:",omitempty"` Latest bool `json:",omitempty"` Size bool `json:",omitempty"` + Type string `json:",omitempty"` } // All API and CLI diff commands and diff sub-commands use the same options -- cgit v1.2.3-54-g00ecf