Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

migrate Podman to containers/common/libimage #10147

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions cmd/podman/common/createparse.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
package common

import (
"github.com/containers/podman/v3/pkg/util"
"github.com/containers/common/pkg/config"
"github.com/pkg/errors"
)

Expand All @@ -13,7 +13,7 @@ func (c *ContainerCLIOpts) validate() error {
return errors.Errorf(`the --rm option conflicts with --restart, when the restartPolicy is not "" and "no"`)
}

if _, err := util.ValidatePullType(c.Pull); err != nil {
if _, err := config.ParsePullPolicy(c.Pull); err != nil {
return err
}

Expand Down
18 changes: 10 additions & 8 deletions cmd/podman/containers/create.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ import (
"strings"

"github.com/containers/common/pkg/config"
"github.com/containers/image/v5/storage"
storageTransport "github.com/containers/image/v5/storage"
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/util"
"github.com/containers/storage"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
Expand Down Expand Up @@ -238,6 +238,8 @@ func createInit(c *cobra.Command) error {
return nil
}

// TODO: we should let the backend take care of the pull policy (which it
// does!). The code below is at risk of causing regression and code divergence.
func pullImage(imageName string) (string, error) {
pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
if err != nil {
Expand All @@ -252,7 +254,7 @@ func pullImage(imageName string) (string, error) {
// Assume we specified a local image without the explicit storage transport.
fallthrough

case imageRef.Transport().Name() == storage.Transport.Name():
case imageRef.Transport().Name() == storageTransport.Transport.Name():
br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName)
if err != nil {
return "", err
Expand All @@ -272,15 +274,15 @@ func pullImage(imageName string) (string, error) {
}
}

if pullPolicy != config.PullImageAlways {
if pullPolicy != config.PullPolicyAlways {
logrus.Info("--platform --arch and --os causes the pull policy to be \"always\"")
pullPolicy = config.PullImageAlways
pullPolicy = config.PullPolicyAlways
}
}

if imageMissing || pullPolicy == config.PullImageAlways {
if pullPolicy == config.PullImageNever {
return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName)
if imageMissing || pullPolicy == config.PullPolicyAlways {
if pullPolicy == config.PullPolicyNever {
return "", errors.Wrap(storage.ErrImageUnknown, imageName)
}
pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
Authfile: cliVals.Authfile,
Expand Down
26 changes: 24 additions & 2 deletions cmd/podman/images/trust_set.go
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
package images

import (
"net/url"
"regexp"

"github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/libpod/image"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
Expand Down Expand Up @@ -53,7 +55,7 @@ File(s) must exist before using this command`)
func setTrust(cmd *cobra.Command, args []string) error {
validTrustTypes := []string{"accept", "insecureAcceptAnything", "reject", "signedBy"}

valid, err := image.IsValidImageURI(args[0])
valid, err := isValidImageURI(args[0])
if err != nil || !valid {
return err
}
Expand All @@ -63,3 +65,23 @@ func setTrust(cmd *cobra.Command, args []string) error {
}
return registry.ImageEngine().SetTrust(registry.Context(), args, setOptions)
}

// isValidImageURI checks if image name has valid format
func isValidImageURI(imguri string) (bool, error) {
uri := "http://" + imguri
u, err := url.Parse(uri)
if err != nil {
return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
}
reg := regexp.MustCompile(`^[a-zA-Z0-9-_\.]+\/?:?[0-9]*[a-z0-9-\/:]*$`)
ret := reg.FindAllString(u.Host, -1)
if len(ret) == 0 {
return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
}
reg = regexp.MustCompile(`^[a-z0-9-:\./]*$`)
ret = reg.FindAllString(u.Fragment, -1)
if len(ret) == 0 {
return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
}
return true, nil
}
2 changes: 2 additions & 0 deletions cmd/podman/manifest/add.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@ func add(cmd *cobra.Command, args []string) error {
return err
}

// FIXME: (@vrothberg) this interface confuses me a lot. Why are they
// not two arguments?
manifestAddOpts.Images = []string{args[1], args[0]}

if manifestAddOpts.CredentialsCLI != "" {
Expand Down
18 changes: 12 additions & 6 deletions docs/source/markdown/podman-build.1.md
Original file line number Diff line number Diff line change
Expand Up @@ -381,12 +381,6 @@ BUILDAH\_LAYERS environment variable. `export BUILDAH_LAYERS=true`
Log output which would be sent to standard output and standard error to the
specified file instead of to standard output and standard error.

#### **\-\-loglevel**=*number*

Adjust the logging level up or down. Valid option values range from -2 to 3,
with 3 being roughly equivalent to using the global *--debug* option, and
values below 0 omitting even error messages which accompany fatal errors.

#### **\-\-manifest** "manifest"

Name of the manifest list to which the image will be added. Creates the manifest list
Expand Down Expand Up @@ -490,6 +484,18 @@ commands specified by the **RUN** instruction.
Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME
environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc`


#### **\-\-secret**=**id=id,src=path**

Pass secret information to be used in the Containerfile for building images
in a safe way that will not end up stored in the final image, or be seen in other stages.
The secret will be mounted in the container at the default location of `/run/secrets/id`.

To later use the secret, use the --mount flag in a `RUN` instruction within a `Containerfile`:

`RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret`


#### **\-\-security-opt**=*option*

Security Options
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ require (
github.com/container-orchestrated-devices/container-device-interface v0.0.0-20210325223243-f99e8b6c10b9
github.com/containernetworking/cni v0.8.1
github.com/containernetworking/plugins v0.9.1
github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8
github.com/containers/common v0.37.1
github.com/containers/buildah v1.20.2-0.20210504130217-903dc56408ac
github.com/containers/common v0.37.2-0.20210503193405-42134aa138ce
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.11.1
github.com/containers/ocicrypt v1.1.1
Expand Down
Loading