containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix --dns* and --network not set to host conflict 

Close #3553
This PR makes --dns, --dns-option, --dns-search, and --network not set to host flag mutually exclusive for podman build and create. Returns conflict error if both flags are set.

Signed-off-by: Qi Wang <qiwan@redhat.com>
This commit is contained in:
Qi Wang 2019-07-15 13:54:12 -04:00
parent adcde2383f
commit 3f721f8b17
4 changed files with 38 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/podman/create.go
View File

@ -2,6 +2,7 @@ package main
import (
"fmt"
"strings"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/pkg/adapter"
@ -77,6 +78,16 @@ func createInit(c *cliconfig.PodmanCommand) error {
logrus.Warn("setting security options with --privileged has no effect")
}
var setNet string
if c.IsSet("network") {
setNet = c.String("network")
} else if c.IsSet("net") {
setNet = c.String("net")
}
if (c.IsSet("dns") || c.IsSet("dns-opt") || c.IsSet("dns-search")) && (setNet == "none" || strings.HasPrefix(setNet, "container:")) {
return errors.Errorf("conflicting options: dns and the network mode.")
}
// Docker-compatibility: the "-h" flag for run/create is reserved for
// the hostname (see https://github.com/containers/libpod/issues/1367).

8
docs/podman-create.1.md
View File

@ -206,7 +206,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:
**--dns**=*dns*
Set custom DNS servers
Set custom DNS servers. Invalid if using **--dns** and **--network** that is set to 'none' or 'container:<name|id>'.
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
@ -218,11 +218,11 @@ The **/etc/resolv.conf** file in the image will be used without changes.
**--dns-option**=*option*
Set custom DNS options
Set custom DNS options. Invalid if using **--dns-option** and **--network** that is set to 'none' or 'container:<name|id>'.
**--dns-search**=*domain*
Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain)
**--entrypoint**=*"command"* | *'["command", "arg1", ...]'*
@ -491,7 +491,7 @@ This works for both background and foreground containers.
**--network**, **--net**="*bridge*"
Set the Network mode for the container
Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'.
'bridge': create a network stack on the default bridge
'none': no networking
'container:<name|id>': reuse another container's network stack

10
docs/podman-run.1.md
View File

@ -212,7 +212,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:
**--dns**=*dns*
Set custom DNS servers
Set custom DNS servers. Invalid if using **--dns** with **--network** that is set to 'none' or 'container:<name|id>'.
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
@ -224,11 +224,11 @@ The **/etc/resolv.conf** file in the image will be used without changes.
**--dns-option**=*option*
Set custom DNS options
Set custom DNS options. Invalid if using **--dns-option** with **--network** that is set to 'none' or 'container:<name|id>'.
**--dns-search**=*domain*
Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain)
**--entrypoint**=*"command"* | *'["command", "arg1", ...]'*
@ -502,9 +502,9 @@ to the container with **--name** then it will generate a random
string name. The name is useful any place you need to identify a container.
This works for both background and foreground containers.
**--network**, **--net**=*mode*
**--network**, **--net**=*node*
Set the Network mode for the container:
Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'.
- `bridge`: create a network stack on the default bridge
- `none`: no networking
- `container:<name|id>`: reuse another container's network stack

18
test/e2e/run_dns_test.go
View File

@ -94,4 +94,22 @@ var _ = Describe("Podman run dns", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.LineInOutputContains("foobar")).To(BeTrue())
})
It("podman run mutually excludes --dns* and --network", func() {
session := podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "container:ALPINE", ALPINE})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Not(Equal(0)))
session = podmanTest.Podman([]string{"run", "--dns-opt=1.2.3.4", "--network", "container:ALPINE", ALPINE})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Not(Equal(0)))
session = podmanTest.Podman([]string{"run", "--dns-search=foobar.com", "--network", "none", ALPINE})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Not(Equal(0)))
session = podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "host", ALPINE})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To((Equal(0)))
})
})