From b9313d355e8cd6307d8772ad9c21958ffe981e5b Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Wed, 16 Oct 2019 11:57:45 -0400 Subject: [PATCH] pull/create: add --override-arch/--override-os flags Add --override-arch and --override-os as hidden flags, in line with the global flag names that skopeo uses, so that we can test behavior around manifest lists without having to conditionalize more of it by arch. Signed-off-by: Nalin Dahyabhai --- API.md | 4 ++++ cmd/podman/build.go | 7 ++++++- cmd/podman/cliconfig/config.go | 2 ++ cmd/podman/common.go | 10 ++++++++++ cmd/podman/pull.go | 6 ++++++ cmd/podman/shared/create.go | 7 ++++++- cmd/podman/shared/intermediate.go | 2 ++ cmd/podman/shared/intermediate_varlink.go | 4 ++++ cmd/podman/varlink/io.podman.varlink | 2 ++ libpod/image/docker_registry_options.go | 8 ++++++++ libpod/image/pull.go | 8 ++++++++ 11 files changed, 58 insertions(+), 2 deletions(-) diff --git a/API.md b/API.md index 1cbdacb129..e79f6ee5ef 100755 --- a/API.md +++ b/API.md @@ -1557,6 +1557,10 @@ oomKillDisable [?bool](#?bool) oomScoreAdj [?int](#?int) +overrideArch [?string](#?string) + +overrideOS [?string](#?string) + pid [?string](#?string) pidsLimit [?int](#?int) diff --git a/cmd/podman/build.go b/cmd/podman/build.go index f4efea544e..e9ebc50aa3 100644 --- a/cmd/podman/build.go +++ b/cmd/podman/build.go @@ -9,6 +9,7 @@ import ( "github.com/containers/buildah" "github.com/containers/buildah/imagebuildah" buildahcli "github.com/containers/buildah/pkg/cli" + "github.com/containers/image/v5/types" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/adapter" @@ -360,7 +361,11 @@ func buildCmd(c *cliconfig.BuildValues) error { RuntimeArgs: runtimeFlags, SignaturePolicyPath: c.SignaturePolicy, Squash: c.Squash, - Target: c.Target, + SystemContext: &types.SystemContext{ + OSChoice: c.OverrideOS, + ArchitectureChoice: c.OverrideArch, + }, + Target: c.Target, } return runtime.Build(getContext(), c, options, containerfiles) } diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go index 86258a543f..1bb5fa30cc 100644 --- a/cmd/podman/cliconfig/config.go +++ b/cmd/podman/cliconfig/config.go @@ -431,6 +431,8 @@ type PullValues struct { Authfile string CertDir string Creds string + OverrideArch string + OverrideOS string Quiet bool SignaturePolicy string TlsVerify bool diff --git a/cmd/podman/common.go b/cmd/podman/common.go index e93586b624..33a8485533 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -370,6 +370,16 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "oom-score-adj", 0, "Tune the host's OOM preferences (-1000 to 1000)", ) + createFlags.String( + "override-arch", "", + "use `ARCH` instead of the architecture of the machine for choosing images", + ) + markFlagHidden(createFlags, "override-arch") + createFlags.String( + "override-os", "", + "use `OS` instead of the running OS for choosing images", + ) + markFlagHidden(createFlags, "override-os") createFlags.String( "pid", "", "PID namespace to use", diff --git a/cmd/podman/pull.go b/cmd/podman/pull.go index 905b1987d7..d647931477 100644 --- a/cmd/podman/pull.go +++ b/cmd/podman/pull.go @@ -54,6 +54,10 @@ func init() { flags.BoolVar(&pullCommand.AllTags, "all-tags", false, "All tagged images in the repository will be pulled") flags.StringVar(&pullCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry") flags.BoolVarP(&pullCommand.Quiet, "quiet", "q", false, "Suppress output information when pulling images") + flags.StringVar(&pullCommand.OverrideArch, "override-arch", "", "use `ARCH` instead of the architecture of the machine for choosing images") + markFlagHidden(flags, "override-arch") + flags.StringVar(&pullCommand.OverrideOS, "override-os", "", "use `OS` instead of the running OS for choosing images") + markFlagHidden(flags, "override-os") // Disabled flags for the remote client if !remote { flags.StringVar(&pullCommand.Authfile, "authfile", shared.GetAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") @@ -122,6 +126,8 @@ func pullCmd(c *cliconfig.PullValues) (retError error) { dockerRegistryOptions := image.DockerRegistryOptions{ DockerRegistryCreds: registryCreds, DockerCertPath: c.CertDir, + OSChoice: c.OverrideOS, + ArchitectureChoice: c.OverrideArch, } if c.IsSet("tls-verify") { dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.TlsVerify) diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index f37f5fa62e..759903c19e 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -89,7 +89,12 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod. return nil, nil, err } - newImage, err := runtime.ImageRuntime().New(ctx, name, rtc.SignaturePolicyPath, GetAuthFile(c.String("authfile")), writer, nil, image.SigningOptions{}, nil, pullType) + dockerRegistryOptions := image.DockerRegistryOptions{ + OSChoice: c.String("override-os"), + ArchitectureChoice: c.String("override-arch"), + } + + newImage, err := runtime.ImageRuntime().New(ctx, name, rtc.SignaturePolicyPath, GetAuthFile(c.String("authfile")), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType) if err != nil { return nil, nil, err } diff --git a/cmd/podman/shared/intermediate.go b/cmd/podman/shared/intermediate.go index 0f71dc0876..bc12bd2a56 100644 --- a/cmd/podman/shared/intermediate.go +++ b/cmd/podman/shared/intermediate.go @@ -428,6 +428,8 @@ func NewIntermediateLayer(c *cliconfig.PodmanCommand, remote bool) GenericCLIRes m["no-hosts"] = newCRBool(c, "no-hosts") m["oom-kill-disable"] = newCRBool(c, "oom-kill-disable") m["oom-score-adj"] = newCRInt(c, "oom-score-adj") + m["override-arch"] = newCRString(c, "override-arch") + m["override-os"] = newCRString(c, "override-os") m["pid"] = newCRString(c, "pid") m["pids-limit"] = newCRInt64(c, "pids-limit") m["pod"] = newCRString(c, "pod") diff --git a/cmd/podman/shared/intermediate_varlink.go b/cmd/podman/shared/intermediate_varlink.go index c95470a723..89bd523244 100644 --- a/cmd/podman/shared/intermediate_varlink.go +++ b/cmd/podman/shared/intermediate_varlink.go @@ -131,6 +131,8 @@ func (g GenericCLIResults) MakeVarlink() iopodman.Create { Network: StringToPtr(g.Find("network")), OomKillDisable: BoolToPtr(g.Find("oom-kill-disable")), OomScoreAdj: AnyIntToInt64Ptr(g.Find("oom-score-adj")), + OverrideOS: StringToPtr(g.Find("override-os")), + OverrideArch: StringToPtr(g.Find("override-arch")), Pid: StringToPtr(g.Find("pid")), PidsLimit: AnyIntToInt64Ptr(g.Find("pids-limit")), Pod: StringToPtr(g.Find("pod")), @@ -389,6 +391,8 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults { m["no-hosts"] = boolFromVarlink(opts.NoHosts, "no-hosts", false) m["oom-kill-disable"] = boolFromVarlink(opts.OomKillDisable, "oon-kill-disable", false) m["oom-score-adj"] = intFromVarlink(opts.OomScoreAdj, "oom-score-adj", nil) + m["override-os"] = stringFromVarlink(opts.OverrideOS, "override-os", nil) + m["override-arch"] = stringFromVarlink(opts.OverrideArch, "override-arch", nil) m["pid"] = stringFromVarlink(opts.Pid, "pid", nil) m["pids-limit"] = int64FromVarlink(opts.PidsLimit, "pids-limit", nil) m["pod"] = stringFromVarlink(opts.Pod, "pod", nil) diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink index dca366bc55..9ec7d1172f 100644 --- a/cmd/podman/varlink/io.podman.varlink +++ b/cmd/podman/varlink/io.podman.varlink @@ -342,6 +342,8 @@ type Create ( noHosts: ?bool, oomKillDisable: ?bool, oomScoreAdj: ?int, + overrideArch: ?string, + overrideOS: ?string, pid: ?string, pidsLimit: ?int, pod: ?string, diff --git a/libpod/image/docker_registry_options.go b/libpod/image/docker_registry_options.go index 75417fe8b9..62a4af4653 100644 --- a/libpod/image/docker_registry_options.go +++ b/libpod/image/docker_registry_options.go @@ -26,6 +26,10 @@ type DockerRegistryOptions struct { // certificates and allows connecting to registries without encryption // - or forces it on even if registries.conf has the registry configured as insecure. DockerInsecureSkipTLSVerify types.OptionalBool + // If not "", overrides the use of platform.GOOS when choosing an image or verifying OS match. + OSChoice string + // If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match. + ArchitectureChoice string } // GetSystemContext constructs a new system context from a parent context. the values in the DockerRegistryOptions, and other parameters. @@ -35,12 +39,16 @@ func (o DockerRegistryOptions) GetSystemContext(parent *types.SystemContext, add DockerCertPath: o.DockerCertPath, DockerInsecureSkipTLSVerify: o.DockerInsecureSkipTLSVerify, DockerArchiveAdditionalTags: additionalDockerArchiveTags, + OSChoice: o.OSChoice, + ArchitectureChoice: o.ArchitectureChoice, } if parent != nil { sc.SignaturePolicyPath = parent.SignaturePolicyPath sc.AuthFilePath = parent.AuthFilePath sc.DirForceCompress = parent.DirForceCompress sc.DockerRegistryUserAgent = parent.DockerRegistryUserAgent + sc.OSChoice = parent.OSChoice + sc.ArchitectureChoice = parent.ArchitectureChoice } return sc } diff --git a/libpod/image/pull.go b/libpod/image/pull.go index 7584ed9d8e..7f5dc33b9a 100644 --- a/libpod/image/pull.go +++ b/libpod/image/pull.go @@ -223,6 +223,10 @@ func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName s var goal *pullGoal sc := GetSystemContext(signaturePolicyPath, authfile, false) + if dockerOptions != nil { + sc.OSChoice = dockerOptions.OSChoice + sc.ArchitectureChoice = dockerOptions.ArchitectureChoice + } sc.BlobInfoCacheDir = filepath.Join(ir.store.GraphRoot(), "cache") srcRef, err := alltransports.ParseImageName(inputName) if err != nil { @@ -246,6 +250,10 @@ func (ir *Runtime) pullImageFromReference(ctx context.Context, srcRef types.Imag defer span.Finish() sc := GetSystemContext(signaturePolicyPath, authfile, false) + if dockerOptions != nil { + sc.OSChoice = dockerOptions.OSChoice + sc.ArchitectureChoice = dockerOptions.ArchitectureChoice + } goal, err := ir.pullGoalFromImageReference(ctx, srcRef, transports.ImageName(srcRef), sc) if err != nil { return nil, errors.Wrapf(err, "error determining pull goal for image %q", transports.ImageName(srcRef))