opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 19:44:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #25645 from jankaluza/24418

Browse Source 
Add support for --pids-limit in podman kube play.
This commit is contained in:
openshift-merge-bot[bot]
2025-03-26 16:15:45 +00:00
committed by GitHub
parent f5ab9d1530 f15b0887c7
commit cb2466004f
5 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/specgen/generate/kube/kube.go
View File

@ -375,6 +375,20 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
s.Annotations[define.InspectAnnotationApparmor] = apparmor
}
if pidslimit, ok := annotations[define.PIDsLimitAnnotation+"/"+opts.Container.Name]; ok {
s.Annotations[define.PIDsLimitAnnotation] = pidslimit
pidslimitAsInt, err := strconv.ParseInt(pidslimit, 10, 0)
if err != nil {
return nil, err
}
if s.ResourceLimits == nil {
s.ResourceLimits = &spec.LinuxResources{}
}
s.ResourceLimits.Pids = &spec.LinuxPids{
Limit: pidslimitAsInt,
}
}
if label, ok := opts.Annotations[define.InspectAnnotationLabel+"/"+opts.Container.Name]; ok {
if label == "nested" {
s.ContainerSecurityConfig.LabelNested = &localTrue