volume: add two new options copy and nocopy #14734
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
the change needed for c/common: containers/common#1075 |
flouthoc
suggested changes
Jun 27, 2022
There was a problem hiding this comment.
PR on c/common containers/common#1075 is merged so following PR can now vendor c/common.
|
I think it is better to find get #14654 merged |
giuseppe
force-pushed
the
copyup-switch-order
branch
from
4054288 to
9cf5e91
Compare
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
giuseppe
force-pushed
the
copyup-switch-order
branch
from
9cf5e91 to
dc32b4d
Compare
|
code LGTM |
Signed-off-by: Giuseppe Scrivano <[email protected]>
avoid any I/O operation on the volume if the source directory is empty. This is useful on network file systems (since CAP_DAC_OVERRIDE is not honored) where the root user might not have enough privileges to perform an I/O operation on the NFS mount but the user running inside the container has. [NO NEW TESTS NEEDED] it needs a setup with a network file system Signed-off-by: Giuseppe Scrivano <[email protected]>
the two operations are equivalent since securejoin.SecureJoin() has solved the symlinks. Prefer the Lstat version though to make sure symlinks are never resolved and we do not end up using a path on the host. Signed-off-by: Giuseppe Scrivano <[email protected]>
add two new options to the volume create command: copy and nocopy. When nocopy is specified, the files from the container image are not copied up to the volume. Closes: containers#14722 Signed-off-by: Giuseppe Scrivano <[email protected]>
giuseppe
force-pushed
the
copyup-switch-order
branch
from
dc32b4d to
aada13f
Compare
|
/lgtm |
openshift-ci
bot
added
the
do-not-merge/hold
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
edsantiago
added a commit
to edsantiago/libpod
that referenced
this pull request
Sep 9, 2022
This one is a nightmare, because --volume has been edited in four different files throughout the years (five if you count podman-build, which I am not including in this PR). Those edits have not always been done in sync. The list of options was reordered 2022-06-28 by Giuseppe in containers#14734, but only in podman-create and -run (not in podman-pod-*). No explanation of why, but I'll assume he knew what he was doing, and have accepted that for the reference copy. There was also a big edit in containers#8519. The "Propagation property...bind mounted" sentence first appeared in pod-clone, in containers#14299 by cdoern, with no obvious source of where it came from. I choose to include it in the reference copy. The "**copy**" option seems to work in pod-create, so I'm including it in the reference copy. Someone please yell loudly if this is not the case. The "disables SELinux separation for containers used in the build", no idea, changed that to just "for the container/pod" The "advanced users / overlay / upperdir / workdir" paragraph makes zero sense to me, but hey, I assume it applies to all the commands, so I put it in the reference copy. Finally, there's still a mishmash of backticks, asterisks, underscores, and even quotation marks. Someone is gonna have to perform major cleanup on this one day, but at least it'll be in only one place. Signed-off-by: Ed Santiago <[email protected]>
github-actions
bot
added
the
locked - please file new issue/PR
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
more details in each patch commit message
Does this PR introduce a user-facing change?