mirror of
https://github.com/containers/podman.git
synced 2025-06-20 17:13:43 +08:00
Handle podman build --dns-search
Fixes: https://github.com/containers/podman/issues/9574 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
@ -20,7 +20,6 @@ import (
|
|||||||
"github.com/containers/podman/v3/cmd/podman/registry"
|
"github.com/containers/podman/v3/cmd/podman/registry"
|
||||||
"github.com/containers/podman/v3/cmd/podman/utils"
|
"github.com/containers/podman/v3/cmd/podman/utils"
|
||||||
"github.com/containers/podman/v3/pkg/domain/entities"
|
"github.com/containers/podman/v3/pkg/domain/entities"
|
||||||
"github.com/docker/go-units"
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
@ -299,6 +298,11 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
commonOpts, err := parse.CommonBuildOptions(c)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
pullPolicy := imagebuildah.PullIfMissing
|
pullPolicy := imagebuildah.PullIfMissing
|
||||||
if c.Flags().Changed("pull") && flags.Pull {
|
if c.Flags().Changed("pull") && flags.Pull {
|
||||||
pullPolicy = imagebuildah.PullAlways
|
pullPolicy = imagebuildah.PullAlways
|
||||||
@ -362,22 +366,6 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
|
|||||||
reporter = logfile
|
reporter = logfile
|
||||||
}
|
}
|
||||||
|
|
||||||
var memoryLimit, memorySwap int64
|
|
||||||
var err error
|
|
||||||
if c.Flags().Changed("memory") {
|
|
||||||
memoryLimit, err = units.RAMInBytes(flags.Memory)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if c.Flags().Changed("memory-swap") {
|
|
||||||
memorySwap, err = units.RAMInBytes(flags.MemorySwap)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
nsValues, networkPolicy, err := parse.NamespaceOptions(c)
|
nsValues, networkPolicy, err := parse.NamespaceOptions(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -463,21 +451,7 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
|
|||||||
BlobDirectory: flags.BlobCache,
|
BlobDirectory: flags.BlobCache,
|
||||||
CNIConfigDir: flags.CNIConfigDir,
|
CNIConfigDir: flags.CNIConfigDir,
|
||||||
CNIPluginPath: flags.CNIPlugInPath,
|
CNIPluginPath: flags.CNIPlugInPath,
|
||||||
CommonBuildOpts: &buildah.CommonBuildOptions{
|
CommonBuildOpts: commonOpts,
|
||||||
AddHost: flags.AddHost,
|
|
||||||
CPUPeriod: flags.CPUPeriod,
|
|
||||||
CPUQuota: flags.CPUQuota,
|
|
||||||
CPUSetCPUs: flags.CPUSetCPUs,
|
|
||||||
CPUSetMems: flags.CPUSetMems,
|
|
||||||
CPUShares: flags.CPUShares,
|
|
||||||
CgroupParent: flags.CgroupParent,
|
|
||||||
HTTPProxy: flags.HTTPProxy,
|
|
||||||
Memory: memoryLimit,
|
|
||||||
MemorySwap: memorySwap,
|
|
||||||
ShmSize: flags.ShmSize,
|
|
||||||
Ulimit: flags.Ulimit,
|
|
||||||
Volumes: flags.Volumes,
|
|
||||||
},
|
|
||||||
Compression: compression,
|
Compression: compression,
|
||||||
ConfigureNetwork: networkPolicy,
|
ConfigureNetwork: networkPolicy,
|
||||||
ContextDirectory: contextDir,
|
ContextDirectory: contextDir,
|
||||||
|
@ -259,7 +259,7 @@ solely for scripting compatibility.
|
|||||||
|
|
||||||
#### **--dns**=*dns*
|
#### **--dns**=*dns*
|
||||||
|
|
||||||
Set custom DNS servers
|
Set custom DNS servers to be used during the build.
|
||||||
|
|
||||||
This option can be used to override the DNS configuration passed to the
|
This option can be used to override the DNS configuration passed to the
|
||||||
container. Typically this is necessary when the host DNS configuration is
|
container. Typically this is necessary when the host DNS configuration is
|
||||||
@ -272,11 +272,11 @@ image will be used without changes.
|
|||||||
|
|
||||||
#### **--dns-option**=*option*
|
#### **--dns-option**=*option*
|
||||||
|
|
||||||
Set custom DNS options
|
Set custom DNS options to be used during the build.
|
||||||
|
|
||||||
#### **--dns-search**=*domain*
|
#### **--dns-search**=*domain*
|
||||||
|
|
||||||
Set custom DNS search domains
|
Set custom DNS search domains to be used during the build.
|
||||||
|
|
||||||
#### **--file**, **-f**=*Containerfile*
|
#### **--file**, **-f**=*Containerfile*
|
||||||
|
|
||||||
|
@ -77,6 +77,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
|
|||||||
Devices string `schema:"devices"`
|
Devices string `schema:"devices"`
|
||||||
Dockerfile string `schema:"dockerfile"`
|
Dockerfile string `schema:"dockerfile"`
|
||||||
DropCapabilities string `schema:"dropcaps"`
|
DropCapabilities string `schema:"dropcaps"`
|
||||||
|
DNSServers string `schema:"dnsservers"`
|
||||||
|
DNSOptions string `schema:"dnsoptions"`
|
||||||
|
DNSSearch string `schema:"dnssearch"`
|
||||||
Excludes string `schema:"excludes"`
|
Excludes string `schema:"excludes"`
|
||||||
ForceRm bool `schema:"forcerm"`
|
ForceRm bool `schema:"forcerm"`
|
||||||
From string `schema:"from"`
|
From string `schema:"from"`
|
||||||
@ -160,6 +163,36 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
|
|||||||
devices = m
|
devices = m
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var dnsservers = []string{}
|
||||||
|
if _, found := r.URL.Query()["dnsservers"]; found {
|
||||||
|
var m = []string{}
|
||||||
|
if err := json.Unmarshal([]byte(query.DNSServers), &m); err != nil {
|
||||||
|
utils.BadRequest(w, "dnsservers", query.DNSServers, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
dnsservers = m
|
||||||
|
}
|
||||||
|
|
||||||
|
var dnsoptions = []string{}
|
||||||
|
if _, found := r.URL.Query()["dnsoptions"]; found {
|
||||||
|
var m = []string{}
|
||||||
|
if err := json.Unmarshal([]byte(query.DNSOptions), &m); err != nil {
|
||||||
|
utils.BadRequest(w, "dnsoptions", query.DNSOptions, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
dnsoptions = m
|
||||||
|
}
|
||||||
|
|
||||||
|
var dnssearch = []string{}
|
||||||
|
if _, found := r.URL.Query()["dnssearch"]; found {
|
||||||
|
var m = []string{}
|
||||||
|
if err := json.Unmarshal([]byte(query.DNSSearch), &m); err != nil {
|
||||||
|
utils.BadRequest(w, "dnssearches", query.DNSSearch, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
dnssearch = m
|
||||||
|
}
|
||||||
|
|
||||||
var output string
|
var output string
|
||||||
if len(query.Tag) > 0 {
|
if len(query.Tag) > 0 {
|
||||||
output = query.Tag[0]
|
output = query.Tag[0]
|
||||||
@ -285,6 +318,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
|
|||||||
CPUQuota: query.CpuQuota,
|
CPUQuota: query.CpuQuota,
|
||||||
CPUShares: query.CpuShares,
|
CPUShares: query.CpuShares,
|
||||||
CPUSetCPUs: query.CpuSetCpus,
|
CPUSetCPUs: query.CpuSetCpus,
|
||||||
|
DNSServers: dnsservers,
|
||||||
|
DNSOptions: dnsoptions,
|
||||||
|
DNSSearch: dnssearch,
|
||||||
HTTPProxy: query.HTTPProxy,
|
HTTPProxy: query.HTTPProxy,
|
||||||
Memory: query.Memory,
|
Memory: query.Memory,
|
||||||
MemorySwap: query.MemSwap,
|
MemorySwap: query.MemSwap,
|
||||||
|
@ -87,6 +87,28 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
|
|||||||
params.Add("devices", d)
|
params.Add("devices", d)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if dnsservers := options.CommonBuildOpts.DNSServers; len(dnsservers) > 0 {
|
||||||
|
c, err := jsoniter.MarshalToString(dnsservers)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
params.Add("dnsservers", c)
|
||||||
|
}
|
||||||
|
if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 {
|
||||||
|
c, err := jsoniter.MarshalToString(dnsoptions)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
params.Add("dnsoptions", c)
|
||||||
|
}
|
||||||
|
if dnssearch := options.CommonBuildOpts.DNSSearch; len(dnssearch) > 0 {
|
||||||
|
c, err := jsoniter.MarshalToString(dnssearch)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
params.Add("dnssearch", c)
|
||||||
|
}
|
||||||
|
|
||||||
if caps := options.DropCapabilities; len(caps) > 0 {
|
if caps := options.DropCapabilities; len(caps) > 0 {
|
||||||
c, err := jsoniter.MarshalToString(caps)
|
c, err := jsoniter.MarshalToString(caps)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -168,6 +168,9 @@ EOF
|
|||||||
CAT_SECRET="cat /run/secrets/$secret_filename"
|
CAT_SECRET="cat /run/secrets/$secret_filename"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# For --dns-search: a domain that is unlikely to exist
|
||||||
|
local nosuchdomain=nx$(random_string 10).net
|
||||||
|
|
||||||
# Command to run on container startup with no args
|
# Command to run on container startup with no args
|
||||||
cat >$tmpdir/mycmd <<EOF
|
cat >$tmpdir/mycmd <<EOF
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
@ -218,17 +221,22 @@ RUN chown 2:3 /bin/mydefaultcmd
|
|||||||
RUN $CAT_SECRET
|
RUN $CAT_SECRET
|
||||||
|
|
||||||
CMD ["/bin/mydefaultcmd","$s_echo"]
|
CMD ["/bin/mydefaultcmd","$s_echo"]
|
||||||
|
RUN cat /etc/resolv.conf
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# cd to the dir, so we test relative paths (important for podman-remote)
|
# cd to the dir, so we test relative paths (important for podman-remote)
|
||||||
cd $PODMAN_TMPDIR
|
cd $PODMAN_TMPDIR
|
||||||
run_podman ${MOUNTS_CONF} build \
|
run_podman ${MOUNTS_CONF} build \
|
||||||
|
--dns-search $nosuchdomain \
|
||||||
-t build_test -f build-test/Containerfile build-test
|
-t build_test -f build-test/Containerfile build-test
|
||||||
local iid="${lines[-1]}"
|
local iid="${lines[-1]}"
|
||||||
|
|
||||||
# Make sure 'podman build' had the secret mounted
|
# Make sure 'podman build' had the secret mounted
|
||||||
is "$output" ".*$secret_contents.*" "podman build has /run/secrets mounted"
|
is "$output" ".*$secret_contents.*" "podman build has /run/secrets mounted"
|
||||||
|
|
||||||
|
is "$output" ".*search $nosuchdomain" \
|
||||||
|
"--dns-search added to /etc/resolv.conf"
|
||||||
|
|
||||||
if is_remote; then
|
if is_remote; then
|
||||||
ENVHOST=""
|
ENVHOST=""
|
||||||
else
|
else
|
||||||
|
Reference in New Issue
Block a user