From cc846a8cd901705316e2b06013beb5c6bde44bfc Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 9 Feb 2021 08:25:59 -0500 Subject: [PATCH 1/2] Support annotations from containers.conf Currently podman does not use the annotations specified in the containers.conf. This PR fixes this. Signed-off-by: Daniel J Walsh --- pkg/specgen/generate/container.go | 10 ++++++++++ test/e2e/config/containers.conf | 2 ++ test/e2e/containers_conf_test.go | 11 +++++++++++ 3 files changed, 23 insertions(+) diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go index 31d317bf83..f2af9dd5f8 100644 --- a/pkg/specgen/generate/container.go +++ b/pkg/specgen/generate/container.go @@ -3,6 +3,7 @@ package generate import ( "context" "os" + "strings" "github.com/containers/image/v5/manifest" "github.com/containers/podman/v2/libpod" @@ -197,6 +198,15 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat annotations[ann.ContainerType] = ann.ContainerTypeContainer } + for _, v := range rtc.Containers.Annotations { + split := strings.SplitN(v, "=", 2) + k := split[0] + v := "" + if len(split) == 2 { + v = split[1] + } + annotations[k] = v + } // now pass in the values from client for k, v := range s.Annotations { annotations[k] = v diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf index 5a5e4b7a50..fdf679664b 100644 --- a/test/e2e/config/containers.conf +++ b/test/e2e/config/containers.conf @@ -53,6 +53,8 @@ tz = "Pacific/Honolulu" umask = "0002" +annotations=["run.oci.keep_original_groups=1",] + [engine] network_cmd_options=["allow_host_loopback=true"] diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index 719ac9fac8..c78c93b8cd 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -320,4 +320,15 @@ var _ = Describe("Podman run", func() { Expect(session.OutputToString()).To(Equal("0022")) }) + It("podman run containers.conf annotations test", func() { + //containers.conf is set to "run.oci.keep_original_groups=1" + session := podmanTest.Podman([]string{"create", "--rm", "--name", "test", fedoraMinimal}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .Config.Annotations }}", "test"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.OutputToString()).To(ContainSubstring("run.oci.keep_original_groups:1")) + }) + }) From 46385dd609efb3ab36d326f9e32b6e04f31d8867 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 9 Feb 2021 11:42:30 -0500 Subject: [PATCH 2/2] Restart service when CONTAINERS_CONF changes Service needs to be restarted in order to read the CONTAINERS_CONF file. Not resetting this can lead to lots of flakes, since the test will use whatever the host system has to be set in it's containers.conf. Fixes: https://github.com/containers/podman/issues/9286 Signed-off-by: Daniel J Walsh --- test/e2e/run_test.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 76d362288b..934b78202e 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -332,6 +332,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", ALPINE, "grep", "CapBnd", "/proc/self/status"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -424,6 +427,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test with image", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } dockerfile := `FROM busybox USER bin` podmanTest.BuildImage(dockerfile, "test", "false")