mirror of
https://github.com/containers/podman.git
synced 2025-08-24 10:04:57 +08:00
35290c9b32
The new golangci-lint version 1.60.1 has problems with typecheck when linting remote files. We have certain pakcages that should never be inlcuded in remote but the typecheck tries to compile all of them but this never works and it seems to ignore the exclude files we gave it. To fix this the proper way is to mark all packages we only use locally with !remote tags. This is a bit ugly but more correct. I also moved the DecodeChanges() code around as it is called from the client so the handles package which should only be remote doesn't really fit anyway. Signed-off-by: Paul Holzinger <pholzing@redhat.com> Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
97 lines
2.8 KiB
Go
97 lines
2.8 KiB
Go
//go:build !remote
|
|
|
|
package libpod
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/containers/podman/v5/libpod"
|
|
"github.com/containers/podman/v5/pkg/api/handlers/utils"
|
|
api "github.com/containers/podman/v5/pkg/api/types"
|
|
"github.com/containers/podman/v5/pkg/domain/entities"
|
|
"github.com/containers/podman/v5/pkg/specgen"
|
|
"github.com/containers/podman/v5/pkg/specgen/generate"
|
|
"github.com/containers/podman/v5/pkg/specgenutil"
|
|
"github.com/containers/storage"
|
|
)
|
|
|
|
// CreateContainer takes a specgenerator and makes a container. It returns
|
|
// the new container ID on success along with any warnings.
|
|
func CreateContainer(w http.ResponseWriter, r *http.Request) {
|
|
runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
|
|
conf, err := runtime.GetConfigNoCopy()
|
|
if err != nil {
|
|
utils.InternalServerError(w, err)
|
|
return
|
|
}
|
|
|
|
// copy vars here and not leak config pointers into specgen
|
|
noHosts := conf.Containers.NoHosts
|
|
privileged := conf.Containers.Privileged
|
|
|
|
// we have to set the default before we decode to make sure the correct default is set when the field is unset
|
|
sg := specgen.SpecGenerator{
|
|
ContainerNetworkConfig: specgen.ContainerNetworkConfig{
|
|
UseImageHosts: &noHosts,
|
|
},
|
|
ContainerSecurityConfig: specgen.ContainerSecurityConfig{
|
|
Umask: conf.Containers.Umask,
|
|
Privileged: &privileged,
|
|
},
|
|
}
|
|
|
|
if err := json.NewDecoder(r.Body).Decode(&sg); err != nil {
|
|
utils.Error(w, http.StatusInternalServerError, fmt.Errorf("decode(): %w", err))
|
|
return
|
|
}
|
|
if sg.Passwd == nil {
|
|
t := true
|
|
sg.Passwd = &t
|
|
}
|
|
|
|
// need to check for memory limit to adjust swap
|
|
if sg.ResourceLimits != nil && sg.ResourceLimits.Memory != nil {
|
|
s := ""
|
|
var l int64
|
|
if sg.ResourceLimits.Memory.Swap != nil {
|
|
s = strconv.Itoa(int(*sg.ResourceLimits.Memory.Swap))
|
|
}
|
|
if sg.ResourceLimits.Memory.Limit != nil {
|
|
l = *sg.ResourceLimits.Memory.Limit
|
|
}
|
|
specgenutil.LimitToSwap(sg.ResourceLimits.Memory, s, l)
|
|
}
|
|
|
|
warn, err := generate.CompleteSpec(r.Context(), runtime, &sg)
|
|
if err != nil {
|
|
if errors.Is(err, storage.ErrImageUnknown) {
|
|
utils.Error(w, http.StatusNotFound, fmt.Errorf("no such image: %w", err))
|
|
return
|
|
}
|
|
utils.InternalServerError(w, err)
|
|
return
|
|
}
|
|
|
|
rtSpec, spec, opts, err := generate.MakeContainer(r.Context(), runtime, &sg, false, nil)
|
|
if err != nil {
|
|
if errors.Is(err, storage.ErrImageUnknown) {
|
|
utils.Error(w, http.StatusNotFound, fmt.Errorf("no such image: %w", err))
|
|
return
|
|
}
|
|
utils.InternalServerError(w, err)
|
|
return
|
|
}
|
|
ctr, err := generate.ExecuteCreate(r.Context(), runtime, rtSpec, spec, false, opts...)
|
|
if err != nil {
|
|
utils.InternalServerError(w, err)
|
|
return
|
|
}
|
|
|
|
response := entities.ContainerCreateResponse{ID: ctr.ID(), Warnings: warn}
|
|
utils.WriteJSON(w, http.StatusCreated, response)
|
|
}
|