Handle podman build --dns-search

Fixes: https://github.com/containers/podman/issues/9574

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
2021-03-02 15:44:45 -05:00
parent 01ffe2c30a
commit 326f3eda31
5 changed files with 83 additions and 43 deletions

View File

@ -20,7 +20,6 @@ import (
"github.com/containers/podman/v3/cmd/podman/registry" "github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/utils" "github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/docker/go-units"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -299,6 +298,11 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
} }
} }
commonOpts, err := parse.CommonBuildOptions(c)
if err != nil {
return nil, err
}
pullPolicy := imagebuildah.PullIfMissing pullPolicy := imagebuildah.PullIfMissing
if c.Flags().Changed("pull") && flags.Pull { if c.Flags().Changed("pull") && flags.Pull {
pullPolicy = imagebuildah.PullAlways pullPolicy = imagebuildah.PullAlways
@ -362,22 +366,6 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
reporter = logfile reporter = logfile
} }
var memoryLimit, memorySwap int64
var err error
if c.Flags().Changed("memory") {
memoryLimit, err = units.RAMInBytes(flags.Memory)
if err != nil {
return nil, err
}
}
if c.Flags().Changed("memory-swap") {
memorySwap, err = units.RAMInBytes(flags.MemorySwap)
if err != nil {
return nil, err
}
}
nsValues, networkPolicy, err := parse.NamespaceOptions(c) nsValues, networkPolicy, err := parse.NamespaceOptions(c)
if err != nil { if err != nil {
return nil, err return nil, err
@ -463,21 +451,7 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil
BlobDirectory: flags.BlobCache, BlobDirectory: flags.BlobCache,
CNIConfigDir: flags.CNIConfigDir, CNIConfigDir: flags.CNIConfigDir,
CNIPluginPath: flags.CNIPlugInPath, CNIPluginPath: flags.CNIPlugInPath,
CommonBuildOpts: &buildah.CommonBuildOptions{ CommonBuildOpts: commonOpts,
AddHost: flags.AddHost,
CPUPeriod: flags.CPUPeriod,
CPUQuota: flags.CPUQuota,
CPUSetCPUs: flags.CPUSetCPUs,
CPUSetMems: flags.CPUSetMems,
CPUShares: flags.CPUShares,
CgroupParent: flags.CgroupParent,
HTTPProxy: flags.HTTPProxy,
Memory: memoryLimit,
MemorySwap: memorySwap,
ShmSize: flags.ShmSize,
Ulimit: flags.Ulimit,
Volumes: flags.Volumes,
},
Compression: compression, Compression: compression,
ConfigureNetwork: networkPolicy, ConfigureNetwork: networkPolicy,
ContextDirectory: contextDir, ContextDirectory: contextDir,

View File

@ -259,7 +259,7 @@ solely for scripting compatibility.
#### **--dns**=*dns* #### **--dns**=*dns*
Set custom DNS servers Set custom DNS servers to be used during the build.
This option can be used to override the DNS configuration passed to the This option can be used to override the DNS configuration passed to the
container. Typically this is necessary when the host DNS configuration is container. Typically this is necessary when the host DNS configuration is
@ -272,11 +272,11 @@ image will be used without changes.
#### **--dns-option**=*option* #### **--dns-option**=*option*
Set custom DNS options Set custom DNS options to be used during the build.
#### **--dns-search**=*domain* #### **--dns-search**=*domain*
Set custom DNS search domains Set custom DNS search domains to be used during the build.
#### **--file**, **-f**=*Containerfile* #### **--file**, **-f**=*Containerfile*

View File

@ -77,6 +77,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
Devices string `schema:"devices"` Devices string `schema:"devices"`
Dockerfile string `schema:"dockerfile"` Dockerfile string `schema:"dockerfile"`
DropCapabilities string `schema:"dropcaps"` DropCapabilities string `schema:"dropcaps"`
DNSServers string `schema:"dnsservers"`
DNSOptions string `schema:"dnsoptions"`
DNSSearch string `schema:"dnssearch"`
Excludes string `schema:"excludes"` Excludes string `schema:"excludes"`
ForceRm bool `schema:"forcerm"` ForceRm bool `schema:"forcerm"`
From string `schema:"from"` From string `schema:"from"`
@ -160,6 +163,36 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
devices = m devices = m
} }
var dnsservers = []string{}
if _, found := r.URL.Query()["dnsservers"]; found {
var m = []string{}
if err := json.Unmarshal([]byte(query.DNSServers), &m); err != nil {
utils.BadRequest(w, "dnsservers", query.DNSServers, err)
return
}
dnsservers = m
}
var dnsoptions = []string{}
if _, found := r.URL.Query()["dnsoptions"]; found {
var m = []string{}
if err := json.Unmarshal([]byte(query.DNSOptions), &m); err != nil {
utils.BadRequest(w, "dnsoptions", query.DNSOptions, err)
return
}
dnsoptions = m
}
var dnssearch = []string{}
if _, found := r.URL.Query()["dnssearch"]; found {
var m = []string{}
if err := json.Unmarshal([]byte(query.DNSSearch), &m); err != nil {
utils.BadRequest(w, "dnssearches", query.DNSSearch, err)
return
}
dnssearch = m
}
var output string var output string
if len(query.Tag) > 0 { if len(query.Tag) > 0 {
output = query.Tag[0] output = query.Tag[0]
@ -285,6 +318,9 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
CPUQuota: query.CpuQuota, CPUQuota: query.CpuQuota,
CPUShares: query.CpuShares, CPUShares: query.CpuShares,
CPUSetCPUs: query.CpuSetCpus, CPUSetCPUs: query.CpuSetCpus,
DNSServers: dnsservers,
DNSOptions: dnsoptions,
DNSSearch: dnssearch,
HTTPProxy: query.HTTPProxy, HTTPProxy: query.HTTPProxy,
Memory: query.Memory, Memory: query.Memory,
MemorySwap: query.MemSwap, MemorySwap: query.MemSwap,

View File

@ -87,6 +87,28 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
params.Add("devices", d) params.Add("devices", d)
} }
if dnsservers := options.CommonBuildOpts.DNSServers; len(dnsservers) > 0 {
c, err := jsoniter.MarshalToString(dnsservers)
if err != nil {
return nil, err
}
params.Add("dnsservers", c)
}
if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 {
c, err := jsoniter.MarshalToString(dnsoptions)
if err != nil {
return nil, err
}
params.Add("dnsoptions", c)
}
if dnssearch := options.CommonBuildOpts.DNSSearch; len(dnssearch) > 0 {
c, err := jsoniter.MarshalToString(dnssearch)
if err != nil {
return nil, err
}
params.Add("dnssearch", c)
}
if caps := options.DropCapabilities; len(caps) > 0 { if caps := options.DropCapabilities; len(caps) > 0 {
c, err := jsoniter.MarshalToString(caps) c, err := jsoniter.MarshalToString(caps)
if err != nil { if err != nil {

View File

@ -168,6 +168,9 @@ EOF
CAT_SECRET="cat /run/secrets/$secret_filename" CAT_SECRET="cat /run/secrets/$secret_filename"
fi fi
# For --dns-search: a domain that is unlikely to exist
local nosuchdomain=nx$(random_string 10).net
# Command to run on container startup with no args # Command to run on container startup with no args
cat >$tmpdir/mycmd <<EOF cat >$tmpdir/mycmd <<EOF
#!/bin/sh #!/bin/sh
@ -218,17 +221,22 @@ RUN chown 2:3 /bin/mydefaultcmd
RUN $CAT_SECRET RUN $CAT_SECRET
CMD ["/bin/mydefaultcmd","$s_echo"] CMD ["/bin/mydefaultcmd","$s_echo"]
RUN cat /etc/resolv.conf
EOF EOF
# cd to the dir, so we test relative paths (important for podman-remote) # cd to the dir, so we test relative paths (important for podman-remote)
cd $PODMAN_TMPDIR cd $PODMAN_TMPDIR
run_podman ${MOUNTS_CONF} build \ run_podman ${MOUNTS_CONF} build \
--dns-search $nosuchdomain \
-t build_test -f build-test/Containerfile build-test -t build_test -f build-test/Containerfile build-test
local iid="${lines[-1]}" local iid="${lines[-1]}"
# Make sure 'podman build' had the secret mounted # Make sure 'podman build' had the secret mounted
is "$output" ".*$secret_contents.*" "podman build has /run/secrets mounted" is "$output" ".*$secret_contents.*" "podman build has /run/secrets mounted"
is "$output" ".*search $nosuchdomain" \
"--dns-search added to /etc/resolv.conf"
if is_remote; then if is_remote; then
ENVHOST="" ENVHOST=""
else else