Merge pull request #7436 from rhatdan/variant

Add support for image pull overrides
2025-05-21 00:56:36 +08:00 · 2020-08-28 16:02:56 -04:00
parent c069e0bad9 3c6603a2f8
commit 97780a110b
16 changed files with 67 additions and 24 deletions
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@ -323,13 +323,16 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
 		"override-arch", "",
 		"use `ARCH` instead of the architecture of the machine for choosing images",
 	)
-	// markFlagHidden(createFlags, "override-arch")
 	createFlags.StringVar(
 		&cf.OverrideOS,
 		"override-os", "",
 		"use `OS` instead of the running OS for choosing images",
 	)
-	// markFlagHidden(createFlags, "override-os")
+	createFlags.StringVar(
+		&cf.OverrideVariant,
+		"override-variant", "",
+		"Use _VARIANT_ instead of the running architecture variant for choosing images",
+	)
 	createFlags.String(
 		"pid", "",
 		"PID namespace to use",
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@ -65,6 +65,7 @@ type ContainerCLIOpts struct {
 	OOMScoreAdj       int
 	OverrideArch      string
 	OverrideOS        string
+	OverrideVariant   string
 	PID               string
 	PIDsLimit         *int64
 	Pod               string
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@ -66,9 +66,6 @@ func createFlags(flags *pflag.FlagSet) {
 		_ = flags.MarkHidden("env-host")
 		_ = flags.MarkHidden("http-proxy")
 	}
-	// Not sure we want these exposed yet.  If we do, they need to be documented in man pages
-	_ = flags.MarkHidden("override-arch")
-	_ = flags.MarkHidden("override-os")
 }

 func init() {
@ -254,10 +251,11 @@ func pullImage(imageName string) (string, error) {
 			return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName)
 		}
 		pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
-			Authfile:     cliVals.Authfile,
-			Quiet:        cliVals.Quiet,
-			OverrideArch: cliVals.OverrideArch,
-			OverrideOS:   cliVals.OverrideOS,
+			Authfile:        cliVals.Authfile,
+			Quiet:           cliVals.Quiet,
+			OverrideArch:    cliVals.OverrideArch,
+			OverrideOS:      cliVals.OverrideOS,
+			OverrideVariant: cliVals.OverrideVariant,
 		})
 		if pullErr != nil {
 			return "", pullErr
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@ -70,9 +70,6 @@ func runFlags(flags *pflag.FlagSet) {
 		_ = flags.MarkHidden("http-proxy")
 		_ = flags.MarkHidden("preserve-fds")
 	}
-	// Not sure we want these exposed yet.  If we do, they need to be documented in man pages
-	_ = flags.MarkHidden("override-arch")
-	_ = flags.MarkHidden("override-os")
 }
 func init() {
 	registry.Commands = append(registry.Commands, registry.CliCommand{
--- a/cmd/podman/images/pull.go
+++ b/cmd/podman/images/pull.go
@ -82,6 +82,7 @@ func pullFlags(flags *pflag.FlagSet) {
 	flags.StringVar(&pullOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
 	flags.StringVar(&pullOptions.OverrideArch, "override-arch", "", "Use `ARCH` instead of the architecture of the machine for choosing images")
 	flags.StringVar(&pullOptions.OverrideOS, "override-os", "", "Use `OS` instead of the running OS for choosing images")
+	flags.StringVar(&pullOptions.OverrideVariant, "override-variant", "", " use VARIANT instead of the running architecture variant for choosing images")
 	flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
 	flags.BoolVarP(&pullOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
 	flags.StringVar(&pullOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
--- a/completions/bash/podman
+++ b/completions/bash/podman
@ -1980,12 +1980,16 @@ _podman_manifest_remove() {
 _podman_pull() {
    local options_with_args="
    --authfile
-    --creds
    --cert-dir
+    --creds
+    --override-arch
+    --override-os
+    --override-variant
    "
    local boolean_options="
 	--all-tags
 	-a
+	--disable-content-trust
 	--help
 	-h
 	--quiet
@ -2160,6 +2164,9 @@ _podman_container_run() {
 		--no-healthcheck
 		--no-hosts
 		--oom-score-adj
+		--override-arch
+		--override-os
+		--override-variant
 		--pid
 		--pids-limit
 		--pod
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@ -599,6 +599,15 @@ Whether to disable OOM Killer for the container or not.

 Tune the host's OOM preferences for containers (accepts -1000 to 1000)

+**--override-arch**=*ARCH*
+Override the architecture, defaults to hosts, of the image to be pulled. For example, `arm`.
+
+**--override-os**=*OS*
+Override the OS, defaults to hosts, of the image to be pulled. For example, `windows`.
+
+**--override-variant**=*VARIANT*
+Use _VARIANT_ instead of the default architecture variant of the container image.  Some images can use multiple variants of the arm architectures, such as arm/v5 and arm/v7.
+
 **--pid**=*pid*

 Set the PID mode for the container
--- a/docs/source/markdown/podman-pull.1.md
+++ b/docs/source/markdown/podman-pull.1.md
@ -79,12 +79,15 @@ This is a Docker specific option to disable image verification to a Docker
 registry and is not supported by Podman.  This flag is a NOOP and provided
 solely for scripting compatibility.

-**--override-os**=*OS*
-Use OS instead of the running OS for choosing images
-
 **--override-arch**=*ARCH*
+Override the architecture, defaults to hosts, of the image to be pulled. For example, `arm`.

-Override the machine's default architecture of the image to be pulled. For example, `arm`.
+**--override-os**=*OS*
+Override the OS, defaults to hosts, of the image to be pulled. For example, `windows`.
+
+**--override-variant**=*VARIANT*
+
+Use _VARIANT_ instead of the default architecture variant of the container image.  Some images can use multiple variants of the arm architectures, such as arm/v5 and arm/v7.

 **--quiet**, **-q**

--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@ -608,6 +608,15 @@ Whether to disable OOM Killer for the container or not.

 Tune the host's OOM preferences for containers (accepts values from **-1000** to **1000**).

+**--override-arch**=*ARCH*
+Override the architecture, defaults to hosts, of the image to be pulled. For example, `arm`.
+
+**--override-os**=*OS*
+Override the OS, defaults to hosts, of the image to be pulled. For example, `windows`.
+
+**--override-variant**=*VARIANT*
+Use _VARIANT_ instead of the default architecture variant of the container image.  Some images can use multiple variants of the arm architectures, such as arm/v5 and arm/v7.
+
 **--pid**=*mode*

 Set the PID namespace mode for the container.
--- a/libpod/image/docker_registry_options.go
+++ b/libpod/image/docker_registry_options.go
@ -30,6 +30,8 @@ type DockerRegistryOptions struct {
 	OSChoice string
 	// If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match.
 	ArchitectureChoice string
+	// If not "", overrides_VARIANT_ instead of the running architecture variant for choosing images.
+	VariantChoice string
 	// RegistriesConfPath can be used to override the default path of registries.conf.
 	RegistriesConfPath string
 }
@ -43,6 +45,7 @@ func (o DockerRegistryOptions) GetSystemContext(parent *types.SystemContext, add
 		DockerArchiveAdditionalTags: additionalDockerArchiveTags,
 		OSChoice:                    o.OSChoice,
 		ArchitectureChoice:          o.ArchitectureChoice,
+		VariantChoice:               o.VariantChoice,
 		BigFilesTemporaryDir:        parse.GetTempDir(),
 	}
 	if parent != nil {
--- a/libpod/image/pull.go
+++ b/libpod/image/pull.go
@ -228,6 +228,7 @@ func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName s
 	if dockerOptions != nil {
 		sc.OSChoice = dockerOptions.OSChoice
 		sc.ArchitectureChoice = dockerOptions.ArchitectureChoice
+		sc.VariantChoice = dockerOptions.VariantChoice
 	}
 	sc.BlobInfoCacheDir = filepath.Join(ir.store.GraphRoot(), "cache")
 	srcRef, err := alltransports.ParseImageName(inputName)
@ -260,6 +261,7 @@ func (ir *Runtime) pullImageFromReference(ctx context.Context, srcRef types.Imag
 	if dockerOptions != nil {
 		sc.OSChoice = dockerOptions.OSChoice
 		sc.ArchitectureChoice = dockerOptions.ArchitectureChoice
+		sc.VariantChoice = dockerOptions.VariantChoice
 	}
 	goal, err := ir.pullGoalFromImageReference(ctx, srcRef, transports.ImageName(srcRef), sc)
 	if err != nil {
--- a/pkg/api/handlers/libpod/images.go
+++ b/pkg/api/handlers/libpod/images.go
@ -338,11 +338,12 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value("runtime").(*libpod.Runtime)
 	decoder := r.Context().Value("decoder").(*schema.Decoder)
 	query := struct {
-		Reference    string `schema:"reference"`
-		OverrideOS   string `schema:"overrideOS"`
-		OverrideArch string `schema:"overrideArch"`
-		TLSVerify    bool   `schema:"tlsVerify"`
-		AllTags      bool   `schema:"allTags"`
+		Reference       string `schema:"reference"`
+		OverrideOS      string `schema:"overrideOS"`
+		OverrideArch    string `schema:"overrideArch"`
+		OverrideVariant string `schema:"overrideVariant"`
+		TLSVerify       bool   `schema:"tlsVerify"`
+		AllTags         bool   `schema:"allTags"`
 	}{
 		TLSVerify: true,
 	}
@ -393,6 +394,7 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) {
 		DockerRegistryCreds: authConf,
 		OSChoice:            query.OverrideOS,
 		ArchitectureChoice:  query.OverrideArch,
+		VariantChoice:       query.OverrideVariant,
 	}
 	if _, found := r.URL.Query()["tlsVerify"]; found {
 		dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@ -905,12 +905,16 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
 	//     description: "username:password for the registry"
 	//     type: string
 	//   - in: query
+	//     name: overrideArch
+	//     description: Pull image for the specified architecture.
+	//     type: string
+	//   - in: query
 	//     name: overrideOS
 	//     description: Pull image for the specified operating system.
 	//     type: string
 	//   - in: query
-	//     name: overrideArch
-	//     description: Pull image for the specified architecture.
+	//     name: overrideVariant
+	//     description: Pull image for the specified variant.
 	//     type: string
 	//   - in: query
 	//     name: tlsVerify
--- a/pkg/bindings/images/images.go
+++ b/pkg/bindings/images/images.go
@ -365,6 +365,7 @@ func Pull(ctx context.Context, rawImage string, options entities.ImagePullOption
 	params.Set("reference", rawImage)
 	params.Set("overrideArch", options.OverrideArch)
 	params.Set("overrideOS", options.OverrideOS)
+	params.Set("overrideVariant", options.OverrideVariant)
 	if options.SkipTLSVerify != types.OptionalBoolUndefined {
 		// Note: we have to verify if skipped is false.
 		verifyTLS := bool(options.SkipTLSVerify == types.OptionalBoolFalse)
--- a/pkg/domain/entities/images.go
+++ b/pkg/domain/entities/images.go
@ -137,6 +137,8 @@ type ImagePullOptions struct {
 	// OverrideOS will overwrite the local operating system (OS) for image
 	// pulls.
 	OverrideOS string
+	// OverrideVariant will overwrite the local variant for image pulls.
+	OverrideVariant string
 	// Quiet can be specified to suppress pull progress when pulling.  Ignored
 	// for remote calls.
 	Quiet bool
--- a/pkg/domain/infra/abi/images.go
+++ b/pkg/domain/infra/abi/images.go
@ -251,6 +251,7 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, options entiti
 		DockerCertPath:              options.CertDir,
 		OSChoice:                    options.OverrideOS,
 		ArchitectureChoice:          options.OverrideArch,
+		VariantChoice:               options.OverrideVariant,
 		DockerInsecureSkipTLSVerify: options.SkipTLSVerify,
 	}