Use constants for mount types

libpod/container_inspect.go

@@ -277,12 +277,12 @@ func (c *Container) GetMounts(namedVolumes []*ContainerNamedVolume, imageVolumes
 	for _, mount := range mounts {
 		// It's a mount.
 		// Is it a tmpfs? If so, discard.
-		if mount.Type == "tmpfs" {
+		if mount.Type == define.TypeTmpfs {
 			continue
 		}
 
 		mountStruct := define.InspectMount{}
-		mountStruct.Type = "bind"
+		mountStruct.Type = define.TypeBind
 		mountStruct.Source = mount.Source
 		mountStruct.Destination = mount.Destination
 
@@ -534,7 +534,7 @@ func (c *Container) generateInspectContainerHostConfig(ctrSpec *spec.Spec, named
 		}
 	}
 	for _, mount := range mounts {
-		if mount.Type == "tmpfs" {
+		if mount.Type == define.TypeTmpfs {
 			tmpfs[mount.Destination] = strings.Join(mount.Options, ",")
 		} else {
 			// TODO - maybe we should parse for empty source/destination

libpod/container_internal_common.go

@@ -351,7 +351,7 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc
 			}
 			switch o {
 			case "U":
-				if m.Type == "tmpfs" {
+				if m.Type == define.TypeTmpfs {
 					options = append(options, []string{fmt.Sprintf("uid=%d", execUser.Uid), fmt.Sprintf("gid=%d", execUser.Gid)}...)
 				} else {
 					// only chown on initial creation of container
@@ -581,7 +581,7 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc
 		// Runc and other runtimes may choke on them.
 		// Easy solution: use securejoin to do a scoped evaluation of
 		// the links, then trim off the mount prefix.
-		if m.Type == "tmpfs" {
+		if m.Type == define.TypeTmpfs {
 			finalPath, err := securejoin.SecureJoin(c.state.Mountpoint, m.Destination)
 			if err != nil {
 				return nil, nil, fmt.Errorf("resolving symlinks for mount destination %s: %w", m.Destination, err)
@@ -1598,10 +1598,10 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
 	if options.TargetFile != "" || options.CheckpointImageID != "" {
 		for dstPath, srcPath := range c.state.BindMounts {
 			newMount := spec.Mount{
-				Type:        "bind",
+				Type:        define.TypeBind,
 				Source:      srcPath,
 				Destination: dstPath,
-				Options:     []string{"bind", "private"},
+				Options:     []string{define.TypeBind, "private"},
 			}
 			if c.IsReadOnly() && dstPath != "/dev/shm" {
 				newMount.Options = append(newMount.Options, "ro", "nosuid", "noexec", "nodev")
@@ -1962,7 +1962,7 @@ func (c *Container) makeBindMounts() error {
 			case m.Destination == "/run/.containerenv":
 				hasRunContainerenv = true
 				break Loop
-			case m.Destination == "/run" && m.Source != "tmpfs":
+			case m.Destination == "/run" && m.Source != define.TypeTmpfs:
 				hasRunContainerenv = true
 				break Loop
 			}

libpod/container_internal_linux.go

@@ -30,7 +30,7 @@ import (
 )
 
 var (
-	bindOptions = []string{"bind", "rprivate"}
+	bindOptions = []string{define.TypeBind, "rprivate"}
 )
 
 func (c *Container) mountSHM(shmOptions string) error {
@@ -39,7 +39,7 @@ func (c *Container) mountSHM(shmOptions string) error {
 		contextType = "rootcontext"
 	}
 
-	if err := unix.Mount("shm", c.config.ShmDir, "tmpfs", unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV,
+	if err := unix.Mount("shm", c.config.ShmDir, define.TypeTmpfs, unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV,
 		label.FormatMountLabelByType(shmOptions, c.config.MountLabel, contextType)); err != nil {
 		return fmt.Errorf("failed to mount shm tmpfs %q: %w", c.config.ShmDir, err)
 	}
@@ -225,8 +225,8 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 		}
 		tmpfsMnt := spec.Mount{
 			Destination: dest,
-			Type:        "tmpfs",
-			Source:      "tmpfs",
+			Type:        define.TypeTmpfs,
+			Source:      define.TypeTmpfs,
 			Options:     append(options, "tmpcopyup", shmSizeSystemdMntOpt),
 		}
 		g.AddMount(tmpfsMnt)
@@ -237,8 +237,8 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 		}
 		tmpfsMnt := spec.Mount{
 			Destination: dest,
-			Type:        "tmpfs",
-			Source:      "tmpfs",
+			Type:        define.TypeTmpfs,
+			Source:      define.TypeTmpfs,
 			Options:     append(options, "tmpcopyup", shmSizeSystemdMntOpt),
 		}
 		g.AddMount(tmpfsMnt)
@@ -271,9 +271,9 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 		} else {
 			systemdMnt = spec.Mount{
 				Destination: "/sys/fs/cgroup",
-				Type:        "bind",
+				Type:        define.TypeBind,
 				Source:      "/sys/fs/cgroup",
-				Options:     []string{"bind", "private", "rw"},
+				Options:     []string{define.TypeBind, "private", "rw"},
 			}
 		}
 		g.AddMount(systemdMnt)
@@ -282,7 +282,7 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 		if hasCgroupNs && !hasSystemdMount {
 			return errors.New("cgroup namespace is not supported with cgroup v1 and systemd mode")
 		}
-		mountOptions := []string{"bind", "rprivate"}
+		mountOptions := []string{define.TypeBind, "rprivate"}
 
 		if !hasSystemdMount {
 			skipMount := hasSystemdMount
@@ -311,7 +311,7 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 			if !skipMount {
 				systemdMnt := spec.Mount{
 					Destination: "/sys/fs/cgroup/systemd",
-					Type:        "bind",
+					Type:        define.TypeBind,
 					Source:      "/sys/fs/cgroup/systemd",
 					Options:     mountOptions,
 				}

libpod/container_path_resolution.go

@@ -5,6 +5,7 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/containers/podman/v4/libpod/define"
 	securejoin "github.com/cyphar/filepath-securejoin"
 	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/sirupsen/logrus"
@@ -155,7 +156,7 @@ func isPathOnVolume(c *Container, containerPath string) bool {
 func findBindMount(c *Container, containerPath string) *specs.Mount {
 	cleanedPath := filepath.Clean(containerPath)
 	for _, m := range c.config.Spec.Mounts {
-		if m.Type != "bind" {
+		if m.Type != define.TypeBind {
 			continue
 		}
 		if cleanedPath == filepath.Clean(m.Destination) {

libpod/define/mount_linux.go

@@ -9,5 +9,5 @@ const (
 
 var (
 	// Mount potions for bind
-	BindOptions = []string{"bind"}
+	BindOptions = []string{TypeBind}
 )

libpod/networking_linux.go

@@ -22,6 +22,7 @@ import (
 	netUtil "github.com/containers/common/libnetwork/util"
 	"github.com/containers/common/pkg/netns"
 	"github.com/containers/common/pkg/util"
+	"github.com/containers/podman/v4/libpod/define"
 	"github.com/containers/podman/v4/pkg/rootless"
 	"github.com/containers/podman/v4/utils"
 	"github.com/containers/storage/pkg/lockfile"
@@ -180,7 +181,7 @@ func (r *RootlessNetNS) Do(toRun func() error) error {
 		// see: https://github.com/containers/podman/issues/10929
 		if strings.HasPrefix(resolvePath, "/run/systemd/resolve/") {
 			rsr := r.getPath("/run/systemd/resolve")
-			err = unix.Mount("", rsr, "tmpfs", unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV, "")
+			err = unix.Mount("", rsr, define.TypeTmpfs, unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV, "")
 			if err != nil {
 				return fmt.Errorf("failed to mount tmpfs on %q for rootless netns: %w", rsr, err)
 			}

libpod/runtime_volume_common.go

@@ -78,7 +78,7 @@ func (r *Runtime) newVolume(ctx context.Context, noCreatePluginVolume bool, opti
 		for key, val := range volume.config.Options {
 			switch strings.ToLower(key) {
 			case "device":
-				if strings.ToLower(volume.config.Options["type"]) == "bind" {
+				if strings.ToLower(volume.config.Options["type"]) == define.TypeBind {
 					if _, err := os.Stat(val); err != nil {
 						return nil, fmt.Errorf("invalid volume option %s for driver 'local': %w", key, err)
 					}

libpod/volume_internal_common.go

@@ -101,7 +101,7 @@ func (v *Volume) mount() error {
 	}
 	switch volType {
 	case "":
-	case "bind":
+	case define.TypeBind:
 		mountArgs = append(mountArgs, "-o", volType)
 	default:
 		mountArgs = append(mountArgs, "-t", volType)

pkg/api/handlers/compat/containers_create.go

@@ -414,7 +414,7 @@ func cliOpts(cc handlers.CreateContainerConfig, rtc *config.Config) (*entities.C
 		Expose:            expose,
 		GroupAdd:          cc.HostConfig.GroupAdd,
 		Hostname:          cc.Config.Hostname,
-		ImageVolume:       "bind",
+		ImageVolume:       define.TypeBind,
 		Init:              init,
 		Interactive:       cc.Config.OpenStdin,
 		IPC:               string(cc.HostConfig.IpcMode),

pkg/domain/entities/pods.go

@@ -312,7 +312,7 @@ type ContainerCreateOptions struct {
 func NewInfraContainerCreateOptions() ContainerCreateOptions {
 	options := ContainerCreateOptions{
 		IsInfra:          true,
-		ImageVolume:      "bind",
+		ImageVolume:      define.TypeBind,
 		MemorySwappiness: -1,
 	}
 	return options

pkg/domain/infra/abi/play.go

@@ -66,7 +66,7 @@ func (ic *ContainerEngine) createServiceContainer(ctx context.Context, name stri
 
 	ctrOpts := entities.ContainerCreateOptions{
 		// Inherited from infra containers
-		ImageVolume:      "bind",
+		ImageVolume:      define.TypeBind,
 		IsInfra:          false,
 		MemorySwappiness: -1,
 		ReadOnly:         true,
@@ -1150,7 +1150,7 @@ func (ic *ContainerEngine) importVolume(ctx context.Context, vol *libpod.Volume,
 	// Check if volume is using `local` driver and has mount options type other than tmpfs
 	if len(driver) == 0 || driver == define.VolumeDriverLocal {
 		if mountOptionType, ok := volumeOptions["type"]; ok {
-			if mountOptionType != "tmpfs" && !volumeMountStatus.Value {
+			if mountOptionType != define.TypeTmpfs && !volumeMountStatus.Value {
 				return fmt.Errorf("volume is using a driver %s and volume is not mounted on %s", driver, mountPoint)
 			}
 		}

pkg/specgen/container_validate.go

@@ -17,7 +17,7 @@ var (
 	// SdNotifyModeValues describes the only values that SdNotifyMode can be
 	SdNotifyModeValues = []string{define.SdNotifyModeContainer, define.SdNotifyModeConmon, define.SdNotifyModeIgnore}
 	// ImageVolumeModeValues describes the only values that ImageVolumeMode can be
-	ImageVolumeModeValues = []string{"ignore", "tmpfs", "anonymous"}
+	ImageVolumeModeValues = []string{"ignore", define.TypeTmpfs, "anonymous"}
 )
 
 func exclusiveOptions(opt1, opt2 string) error {

pkg/specgen/generate/kube/kube.go

@@ -182,7 +182,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 	if len(s.ImageVolumeMode) == 0 {
 		s.ImageVolumeMode = rtc.Engine.ImageVolumeMode
 	}
-	if s.ImageVolumeMode == "bind" {
+	if s.ImageVolumeMode == define.TypeBind {
 		s.ImageVolumeMode = "anonymous"
 	}
 
@@ -422,7 +422,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 			mount := spec.Mount{
 				Destination: volume.MountPath,
 				Source:      volumeSource.Source,
-				Type:        "bind",
+				Type:        define.TypeBind,
 				Options:     options,
 			}
 			if len(volume.SubPath) > 0 {

pkg/specgen/generate/oci_freebsd.go

@@ -102,7 +102,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 			},
 			spec.Mount{
 				Destination: "/dev/shm",
-				Type:        "tmpfs",
+				Type:        define.TypeTmpfs,
 				Source:      "shm",
 				Options:     []string{"notmpcopyup"},
 			},

pkg/specgen/generate/oci_linux.go

@@ -107,15 +107,15 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 		}
 		sysMnt := spec.Mount{
 			Destination: "/sys",
-			Type:        "bind",
+			Type:        define.TypeBind,
 			Source:      "/sys",
 			Options:     []string{"rprivate", "nosuid", "noexec", "nodev", r, "rbind"},
 		}
 		g.AddMount(sysMnt)
 		g.RemoveMount("/sys/fs/cgroup")
 		sysFsCgroupMnt := spec.Mount{
 			Destination: "/sys/fs/cgroup",
-			Type:        "bind",
+			Type:        define.TypeBind,
 			Source:      "/sys/fs/cgroup",
 			Options:     []string{"rprivate", "nosuid", "noexec", "nodev", r, "rbind"},
 		}
@@ -151,8 +151,8 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 		g.RemoveMount("/dev/pts")
 		devPts := spec.Mount{
 			Destination: "/dev/pts",
-			Type:        "devpts",
-			Source:      "devpts",
+			Type:        define.TypeDevpts,
+			Source:      define.TypeDevpts,
 			Options:     []string{"rprivate", "nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"},
 		}
 		g.AddMount(devPts)
@@ -164,9 +164,9 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 		g.RemoveMount("/dev/mqueue")
 		devMqueue := spec.Mount{
 			Destination: "/dev/mqueue",
-			Type:        "bind", // constant ?
+			Type:        define.TypeBind, // constant ?
 			Source:      "/dev/mqueue",
-			Options:     []string{"bind", "nosuid", "noexec", "nodev"},
+			Options:     []string{define.TypeBind, "nosuid", "noexec", "nodev"},
 		}
 		g.AddMount(devMqueue)
 	}

pkg/specgen/generate/storage.go

@@ -224,7 +224,7 @@ func getImageVolumes(ctx context.Context, img *libimage.Image, s *specgen.SpecGe
 			newVol.Options = []string{"rprivate", "rw", "nodev", "exec"}
 			volumes[cleanDest] = newVol
 			logrus.Debugf("Adding anonymous image volume at %q", cleanDest)
-		case "tmpfs":
+		case define.TypeTmpfs:
 			mount := spec.Mount{
 				Destination: cleanDest,
 				Source:      define.TypeTmpfs,

pkg/specgenutil/specgen.go

@@ -552,7 +552,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions
 	if len(s.ImageVolumeMode) == 0 {
 		s.ImageVolumeMode = rtc.Engine.ImageVolumeMode
 	}
-	if s.ImageVolumeMode == "bind" {
+	if s.ImageVolumeMode == define.TypeBind {
 		s.ImageVolumeMode = "anonymous"
 	}
 

pkg/specgenutil/volumes.go

@@ -247,7 +247,7 @@ func parseMountOptions(mountType string, args []string) (*spec.Mount, error) {
 			if mountType != define.TypeBind {
 				return nil, fmt.Errorf("%q option not supported for %q mount types", kv[0], mountType)
 			}
-			mnt.Options = append(mnt.Options, "bind")
+			mnt.Options = append(mnt.Options, define.TypeBind)
 		case "bind-propagation":
 			if mountType != define.TypeBind {
 				return nil, fmt.Errorf("%q option not supported for %q mount types", kv[0], mountType)

pkg/util/mountOpts.go

@@ -4,6 +4,8 @@ import (
 	"errors"
 	"fmt"
 	"strings"
+
+	"github.com/containers/podman/v4/libpod/define"
 )
 
 var (
@@ -131,7 +133,7 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string
 			foundCopyUp = true
 			// do not propagate notmpcopyup to the OCI runtime
 			continue
-		case "bind", "rbind":
+		case define.TypeBind, "rbind":
 			if isTmpfs {
 				return nil, fmt.Errorf("the 'bind' and 'rbind' options are not allowed with tmpfs mounts: %w", ErrBadMntOption)
 			}

test/e2e/generate_kube_test.go

@@ -1280,8 +1280,8 @@ USER test1`
 
 	It("podman generate kube on named volume with options", func() {
 		vol := "complex-named-volume"
-		volDevice := "tmpfs"
-		volType := "tmpfs"
+		volDevice := define.TypeTmpfs
+		volType := define.TypeTmpfs
 		volOpts := "nodev,noexec"
 
 		session := podmanTest.Podman([]string{"volume", "create", "--opt", "device=" + volDevice, "--opt", "type=" + volType, "--opt", "o=" + volOpts, vol})