opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-02 23:39:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

new "image" mount type

Browse Source 
Add a new "image" mount type to `--mount`.  The source of the mount is
the name or ID of an image.  The destination is the path inside the
container.  Image mounts further support an optional `rw,readwrite`
parameter which if set to "true" will yield the mount writable inside
the container.  Note that no changes are propagated to the image mount
on the host (which in any case is read only).

Mounts are overlay mounts.  To support read-only overlay mounts, vendor
a non-release version of Buildah.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
This commit is contained in:
Valentin Rothberg
2020-10-26 11:35:02 +01:00
parent cce6c6cd40
commit 65a618886e
168 changed files with 6143 additions and 10606 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
vendor/github.com/containers/buildah/pull.go generated vendored
View File

@ -238,9 +238,18 @@ func pullImage(ctx context.Context, store storage.Store, srcRef types.ImageRefer
if blocked {
return nil, errors.Errorf("pull access to registry for %q is blocked by configuration", transports.ImageName(srcRef))
}
if err := checkRegistrySourcesAllows("pull from", srcRef); err != nil {
insecure, err := checkRegistrySourcesAllows("pull from", srcRef)
if err != nil {
return nil, err
}
if insecure {
if sc.DockerInsecureSkipTLSVerify == types.OptionalBoolFalse {
return nil, errors.Errorf("can't require tls verification on an insecured registry")
}
sc.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue
sc.OCIInsecureSkipTLSVerify = true
sc.DockerDaemonInsecureSkipTLSVerify = true
}
destName, err := localImageNameForReference(ctx, store, srcRef)
if err != nil {