From 79f5aed31618b7d1b3c47f08ba9b33e600851232 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 12 Nov 2020 22:04:54 +0100 Subject: [PATCH 1/2] Add podman build --net alias for --network Fixes #8332 Signed-off-by: Paul Holzinger --- cmd/podman/images/build.go | 1 + docs/source/markdown/podman-build.1.md | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go index f48d1cd94e..09914db930 100644 --- a/cmd/podman/images/build.go +++ b/cmd/podman/images/build.go @@ -128,6 +128,7 @@ func buildFlags(flags *pflag.FlagSet) { } flags.AddFlagSet(&fromAndBudFlags) _ = flags.MarkHidden("signature-policy") + flags.SetNormalizeFunc(buildahCLI.AliasFlags) } // build executes the build command. diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md index f9568b5d3f..d785d6c37d 100644 --- a/docs/source/markdown/podman-build.1.md +++ b/docs/source/markdown/podman-build.1.md @@ -394,7 +394,7 @@ The format of `LIMIT` is `[]`. Unit can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. -#### **--network**=*mode* +#### **--network**=*mode*, **--net** Sets the configuration for network namespaces when handling `RUN` instructions. From eab0905fa16bf2b5a9efdab3b6e6d6a1e321e4f2 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 12 Nov 2020 22:50:00 +0100 Subject: [PATCH 2/2] Fix namespace flag parsing for podman build The namespace options for pid,ipc,uts were completely ignored. The network namespace did not accept `none`. This commit fixes these issues simply by calling `parse.NamespaceOptions` from buildah instead of implementing our own logic. Signed-off-by: Paul Holzinger --- cmd/podman/images/build.go | 39 +------------------------------------- 1 file changed, 1 insertion(+), 38 deletions(-) diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go index 09914db930..b192799d6f 100644 --- a/cmd/podman/images/build.go +++ b/cmd/podman/images/build.go @@ -14,7 +14,6 @@ import ( "github.com/containers/podman/v2/cmd/podman/utils" "github.com/containers/podman/v2/pkg/domain/entities" "github.com/docker/go-units" - "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -315,22 +314,11 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil } } - nsValues, err := getNsValues(flags) + nsValues, networkPolicy, err := parse.NamespaceOptions(c) if err != nil { return nil, err } - networkPolicy := buildah.NetworkDefault - for _, ns := range nsValues { - if ns.Name == "none" { - networkPolicy = buildah.NetworkDisabled - break - } else if !filepath.IsAbs(ns.Path) { - networkPolicy = buildah.NetworkEnabled - break - } - } - // `buildah bud --layers=false` acts like `docker build --squash` does. // That is all of the new layers created during the build process are // condensed into one, any layers present prior to this build are retained @@ -451,28 +439,3 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil return &entities.BuildOptions{BuildOptions: opts}, nil } - -func getNsValues(flags *buildFlagsWrapper) ([]buildah.NamespaceOption, error) { - var ret []buildah.NamespaceOption - if flags.Network != "" { - switch { - case flags.Network == "host": - ret = append(ret, buildah.NamespaceOption{ - Name: string(specs.NetworkNamespace), - Host: true, - }) - case flags.Network == "container": - ret = append(ret, buildah.NamespaceOption{ - Name: string(specs.NetworkNamespace), - }) - case flags.Network[0] == '/': - ret = append(ret, buildah.NamespaceOption{ - Name: string(specs.NetworkNamespace), - Path: flags.Network, - }) - default: - return nil, errors.Errorf("unsupported configuration network=%s", flags.Network) - } - } - return ret, nil -}