From 675d775eb54f1614a542dfcbbc5a4aa857cc0db0 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 21 Feb 2022 17:12:22 -0500 Subject: [PATCH] Add --context-dir option to podman play kube This option was requested so that users could specify alternate locations to find context directories for each image build. It requites the --build option to be set. Partion Fix: https://github.com/containers/podman/issues/12485 Signed-off-by: Daniel J Walsh --- cmd/podman/play/kube.go | 9 +++- docs/source/markdown/podman-play-kube.1.md | 8 +++- pkg/domain/entities/play.go | 2 + pkg/domain/infra/abi/play.go | 12 +++-- test/system/700-play.bats | 52 ++++++++++++++++++++++ 5 files changed, 76 insertions(+), 7 deletions(-) diff --git a/cmd/podman/play/kube.go b/cmd/podman/play/kube.go index 1a430f2dc2..563a6251c6 100644 --- a/cmd/podman/play/kube.go +++ b/cmd/podman/play/kube.go @@ -119,9 +119,11 @@ func init() { buildFlagName := "build" flags.BoolVar(&kubeOptions.BuildCLI, buildFlagName, false, "Build all images in a YAML (given Containerfiles exist)") - } - if !registry.IsRemote() { + contextDirFlagName := "context-dir" + flags.StringVar(&kubeOptions.ContextDir, contextDirFlagName, "", "Path to top level of context directory") + _ = kubeCmd.RegisterFlagCompletionFunc(contextDirFlagName, completion.AutocompleteDefault) + flags.StringVar(&kubeOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)") _ = flags.MarkHidden("signature-policy") @@ -147,6 +149,9 @@ func kube(cmd *cobra.Command, args []string) error { return err } } + if kubeOptions.ContextDir != "" && kubeOptions.Build != types.OptionalBoolTrue { + return errors.New("--build must be specified when using --context-dir option") + } if kubeOptions.CredentialsCLI != "" { creds, err := util.ParseRegistryCreds(kubeOptions.CredentialsCLI) if err != nil { diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md index 389affc3ab..328210d343 100644 --- a/docs/source/markdown/podman-play-kube.1.md +++ b/docs/source/markdown/podman-play-kube.1.md @@ -115,7 +115,7 @@ environment variable. `export REGISTRY_AUTH_FILE=path` #### **--build** -Build images even if they are found in the local storage. Use `--build=false` to completely disable builds. +Build images even if they are found in the local storage. Use `--build=false` to completely disable builds. (This option is not available with the remote Podman client) #### **--cert-dir**=*path* @@ -124,10 +124,14 @@ Please refer to containers-certs.d(5) for details. (This option is not available #### **--configmap**=*path* -Use Kubernetes configmap YAML at path to provide a source for environment variable values within the containers of the pod. +Use Kubernetes configmap YAML at path to provide a source for environment variable values within the containers of the pod. (This option is not available with the remote Podman client) Note: The *--configmap* option can be used multiple times or a comma-separated list of paths can be used to pass multiple Kubernetes configmap YAMLs. +#### **--context-dir**=*path* + +Use *path* as the build context directory for each image. Requires --build option be true. (This option is not available with the remote Podman client) + #### **--creds** The [username[:password]] to use to authenticate with the registry if required. diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go index 43fa3a712b..7614a40124 100644 --- a/pkg/domain/entities/play.go +++ b/pkg/domain/entities/play.go @@ -14,6 +14,8 @@ type PlayKubeOptions struct { Build types.OptionalBool // CertDir - to a directory containing TLS certifications and keys. CertDir string + // ContextDir - directory containing image contexts used for Build + ContextDir string // Down indicates whether to bring contents of a yaml file "down" // as in stop Down bool diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 8cbf5da9a7..213d8ceb77 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -354,9 +354,15 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY containers := make([]*libpod.Container, 0, len(podYAML.Spec.Containers)) initContainers := make([]*libpod.Container, 0, len(podYAML.Spec.InitContainers)) - cwd, err := os.Getwd() - if err != nil { - return nil, err + + var cwd string + if options.ContextDir != "" { + cwd = options.ContextDir + } else { + cwd, err = os.Getwd() + if err != nil { + return nil, err + } } for _, initCtr := range podYAML.Spec.InitContainers { diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 88c7cad87a..07c5d124fb 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -168,3 +168,55 @@ _EOF run_podman pod rm -t 0 -f test_pod run_podman rmi -f userimage:latest } + +@test "podman play --build --context-dir" { + skip_if_remote "--build is not supported in context remote" + testUserYaml=" +apiVersion: v1 +kind: Pod +metadata: + labels: + app: test + name: test_pod +spec: + containers: + - command: + - id + env: + - name: PATH + value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + - name: TERM + value: xterm + - name: container + value: podman + image: quay.io/libpod/userimage + name: test + resources: {} +status: {} +" + +mkdir -p $PODMAN_TMPDIR/userimage +cat > $PODMAN_TMPDIR/userimage/Containerfile << _EOF +from $IMAGE +USER bin +_EOF + + echo "$testUserYaml" > $PODMAN_TMPDIR/test.yaml + run_podman 125 play kube --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman play kube --replace --context-dir=$PODMAN_TMPDIR --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman inspect --format "{{ .Config.User }}" test_pod-test + is "$output" bin "expect container within pod to run as the bin user" + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod + run_podman rmi -f userimage:latest + + cd $PODMAN_TMPDIR + run_podman play kube --replace --build --start=false $PODMAN_TMPDIR/test.yaml + run_podman inspect --format "{{ .Config.User }}" test_pod-test + is "$output" bin "expect container within pod to run as the bin user" + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod + run_podman rmi -f userimage:latest +}