opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-20 09:03:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6951 from mheon/check_full_command

Browse Source 
When determining systemd mode, use full command
This commit is contained in:
OpenShift Merge Robot
2020-07-14 21:09:00 +02:00
committed by GitHub
parent a9a751feef 05988fc74f
commit c078e936bf
6 changed files with 104 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libpod/container_inspect.go
View File

@ -289,6 +289,7 @@ func (c *Container) generateInspectContainerConfig(spec *spec.Spec) *define.Insp
ctrConfig.OpenStdin = c.config.Stdin ctrConfig.OpenStdin = c.config.Stdin
ctrConfig.Image = c.config.RootfsImageName ctrConfig.Image = c.config.RootfsImageName
ctrConfig.SystemdMode = c.config.Systemd
// Leave empty is not explicitly overwritten by user // Leave empty is not explicitly overwritten by user
if len(c.config.Command) != 0 { if len(c.config.Command) != 0 {

57
libpod/define/container_inspect.go
View File

@ -57,6 +57,10 @@ type InspectContainerConfig struct {
// Timezone is the timezone inside the container. // Timezone is the timezone inside the container.
// Local means it has the same timezone as the host machine // Local means it has the same timezone as the host machine
Timezone string `json:"Timezone,omitempty"` Timezone string `json:"Timezone,omitempty"`
// SystemdMode is whether the container is running in systemd mode. In
// systemd mode, the container configuration is customized to optimize
// running systemd in the container.
SystemdMode bool `json:"SystemdMode,omitempty"`
} }
// InspectRestartPolicy holds information about the container's restart policy. // InspectRestartPolicy holds information about the container's restart policy.
@ -631,3 +635,56 @@ type InspectContainerData struct {
Config *InspectContainerConfig `json:"Config"` Config *InspectContainerConfig `json:"Config"`
HostConfig *InspectContainerHostConfig `json:"HostConfig"` HostConfig *InspectContainerHostConfig `json:"HostConfig"`
} }
// InspectExecSession contains information about a given exec session.
type InspectExecSession struct {
// CanRemove is legacy and used purely for compatibility reasons.
// Will always be set to true, unless the exec session is running.
CanRemove bool `json:"CanRemove"`
// ContainerID is the ID of the container this exec session is attached
// to.
ContainerID string `json:"ContainerID"`
// DetachKeys are the detach keys used by the exec session.
// If set to "" the default keys are being used.
// Will show "<none>" if no detach keys are set.
DetachKeys string `json:"DetachKeys"`
// ExitCode is the exit code of the exec session. Will be set to 0 if
// the exec session has not yet exited.
ExitCode int `json:"ExitCode"`
// ID is the ID of the exec session.
ID string `json:"ID"`
// OpenStderr is whether the container's STDERR stream will be attached.
// Always set to true if the exec session created a TTY.
OpenStderr bool `json:"OpenStderr"`
// OpenStdin is whether the container's STDIN stream will be attached
// to.
OpenStdin bool `json:"OpenStdin"`
// OpenStdout is whether the container's STDOUT stream will be attached.
// Always set to true if the exec session created a TTY.
OpenStdout bool `json:"OpenStdout"`
// Running is whether the exec session is running.
Running bool `json:"Running"`
// Pid is the PID of the exec session's process.
// Will be set to 0 if the exec session is not running.
Pid int `json:"Pid"`
// ProcessConfig contains information about the exec session's process.
ProcessConfig *InspectExecProcess `json:"ProcessConfig"`
}
// InspectExecProcess contains information about the process in a given exec
// session.
type InspectExecProcess struct {
// Arguments are the arguments to the entrypoint command of the exec
// session.
Arguments []string `json:"arguments"`
// Entrypoint is the entrypoint for the exec session (the command that
// will be executed in the container).
Entrypoint string `json:"entrypoint"`
// Privileged is whether the exec session will be started with elevated
// privileges.
Privileged bool `json:"privileged"`
// Tty is whether the exec session created a terminal.
Tty bool `json:"tty"`
// User is the user the exec session was started as.
User string `json:"user"`
}

54
libpod/define/ctr_inspect.go
View File

@ -1,54 +0,0 @@
package define
// InspectExecSession contains information about a given exec session.
type InspectExecSession struct {
// CanRemove is legacy and used purely for compatibility reasons.
// Will always be set to true, unless the exec session is running.
CanRemove bool `json:"CanRemove"`
// ContainerID is the ID of the container this exec session is attached
// to.
ContainerID string `json:"ContainerID"`
// DetachKeys are the detach keys used by the exec session.
// If set to "" the default keys are being used.
// Will show "<none>" if no detach keys are set.
DetachKeys string `json:"DetachKeys"`
// ExitCode is the exit code of the exec session. Will be set to 0 if
// the exec session has not yet exited.
ExitCode int `json:"ExitCode"`
// ID is the ID of the exec session.
ID string `json:"ID"`
// OpenStderr is whether the container's STDERR stream will be attached.
// Always set to true if the exec session created a TTY.
OpenStderr bool `json:"OpenStderr"`
// OpenStdin is whether the container's STDIN stream will be attached
// to.
OpenStdin bool `json:"OpenStdin"`
// OpenStdout is whether the container's STDOUT stream will be attached.
// Always set to true if the exec session created a TTY.
OpenStdout bool `json:"OpenStdout"`
// Running is whether the exec session is running.
Running bool `json:"Running"`
// Pid is the PID of the exec session's process.
// Will be set to 0 if the exec session is not running.
Pid int `json:"Pid"`
// ProcessConfig contains information about the exec session's process.
ProcessConfig *InspectExecProcess `json:"ProcessConfig"`
}
// InspectExecProcess contains information about the process in a given exec
// session.
type InspectExecProcess struct {
// Arguments are the arguments to the entrypoint command of the exec
// session.
Arguments []string `json:"arguments"`
// Entrypoint is the entrypoint for the exec session (the command that
// will be executed in the container).
Entrypoint string `json:"entrypoint"`
// Privileged is whether the exec session will be started with elevated
// privileges.
Privileged bool `json:"privileged"`
// Tty is whether the exec session created a terminal.
Tty bool `json:"tty"`
// User is the user the exec session was started as.
User string `json:"user"`
}

16
pkg/specgen/generate/container_create.go
View File

@ -106,11 +106,12 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
return nil, err return nil, err
} }
if s.PreserveFDs > 0 { command, err := makeCommand(ctx, s, newImage, rtc)
options = append(options, libpod.WithPreserveFDs(s.PreserveFDs)) if err != nil {
return nil, err
} }
opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, newImage) opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, newImage, command)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -122,17 +123,21 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
} }
options = append(options, libpod.WithExitCommand(exitCommandArgs)) options = append(options, libpod.WithExitCommand(exitCommandArgs))
runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod) runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod, command)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return rt.NewContainer(ctx, runtimeSpec, options...) return rt.NewContainer(ctx, runtimeSpec, options...)
} }
func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, img *image.Image) ([]libpod.CtrCreateOption, error) { func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator, pod *libpod.Pod, volumes []*specgen.NamedVolume, img *image.Image, command []string) ([]libpod.CtrCreateOption, error) {
var options []libpod.CtrCreateOption var options []libpod.CtrCreateOption
var err error var err error
if s.PreserveFDs > 0 {
options = append(options, libpod.WithPreserveFDs(s.PreserveFDs))
}
if s.Stdin { if s.Stdin {
options = append(options, libpod.WithStdin()) options = append(options, libpod.WithStdin())
} }
@ -148,7 +153,6 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
case "false": case "false":
break break
case "", "true": case "", "true":
command := s.Command
if len(command) == 0 { if len(command) == 0 {
command, err = img.Cmd(ctx) command, err = img.Cmd(ctx)
if err != nil { if err != nil {

6
pkg/specgen/generate/oci.go
View File

@ -126,7 +126,7 @@ func makeCommand(ctx context.Context, s *specgen.SpecGenerator, img *image.Image
return finalCommand, nil return finalCommand, nil
} }
func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod) (*spec.Spec, error) { func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *image.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string) (*spec.Spec, error) {
var ( var (
inUserNS bool inUserNS bool
) )
@ -252,10 +252,6 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
} }
g.SetProcessCwd(s.WorkDir) g.SetProcessCwd(s.WorkDir)
finalCmd, err := makeCommand(ctx, s, newImage, rtc)
if err != nil {
return nil, err
}
g.SetProcessArgs(finalCmd) g.SetProcessArgs(finalCmd)
g.SetProcessTerminal(s.Terminal) g.SetProcessTerminal(s.Terminal)

35
test/e2e/systemd_test.go
View File

@ -112,5 +112,40 @@ WantedBy=multi-user.target
systemctl.WaitWithDefaultTimeout() systemctl.WaitWithDefaultTimeout()
Expect(systemctl.ExitCode()).To(Equal(0)) Expect(systemctl.ExitCode()).To(Equal(0))
Expect(strings.Contains(systemctl.OutputToString(), "State:")).To(BeTrue()) Expect(strings.Contains(systemctl.OutputToString(), "State:")).To(BeTrue())
result := podmanTest.Podman([]string{"inspect", ctrName})
result.WaitWithDefaultTimeout()
Expect(result.ExitCode()).To(Equal(0))
conData := result.InspectContainerToJSON()
Expect(len(conData)).To(Equal(1))
Expect(conData[0].Config.SystemdMode).To(BeTrue())
})
It("podman create container with systemd entrypoint triggers systemd mode", func() {
ctrName := "testCtr"
run := podmanTest.Podman([]string{"create", "--name", ctrName, "--entrypoint", "/sbin/init", ubi_init})
run.WaitWithDefaultTimeout()
Expect(run.ExitCode()).To(Equal(0))
result := podmanTest.Podman([]string{"inspect", ctrName})
result.WaitWithDefaultTimeout()
Expect(result.ExitCode()).To(Equal(0))
conData := result.InspectContainerToJSON()
Expect(len(conData)).To(Equal(1))
Expect(conData[0].Config.SystemdMode).To(BeTrue())
})
It("podman create container with systemd=always triggers systemd mode", func() {
ctrName := "testCtr"
run := podmanTest.Podman([]string{"create", "--name", ctrName, "--systemd", "always", ALPINE})
run.WaitWithDefaultTimeout()
Expect(run.ExitCode()).To(Equal(0))
result := podmanTest.Podman([]string{"inspect", ctrName})
result.WaitWithDefaultTimeout()
Expect(result.ExitCode()).To(Equal(0))
conData := result.InspectContainerToJSON()
Expect(len(conData)).To(Equal(1))
Expect(conData[0].Config.SystemdMode).To(BeTrue())
}) })
}) })