Skip to content

Commit

Permalink
Merge pull request containers#7586 from ashley-cui/rokube
Browse files Browse the repository at this point in the history
Add read-only volume mount to play kube
  • Loading branch information
openshift-merge-robot authored Sep 11, 2020
2 parents 2bdb177 + 20f73b8 commit 26fb8d2
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 2 deletions.
6 changes: 5 additions & 1 deletion pkg/domain/infra/abi/play.go
Original file line number Diff line number Diff line change
Expand Up @@ -556,14 +556,18 @@ func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container
containerConfig.Env = envs

for _, volume := range containerYAML.VolumeMounts {
var readonly string
hostPath, exists := volumes[volume.Name]
if !exists {
return nil, errors.Errorf("Volume mount %s specified for container but not configured in volumes", volume.Name)
}
if err := parse.ValidateVolumeCtrDir(volume.MountPath); err != nil {
return nil, errors.Wrapf(err, "error in parsing MountPath")
}
containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s", hostPath, volume.MountPath))
if volume.ReadOnly {
readonly = ":ro"
}
containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s%s", hostPath, volume.MountPath, readonly))
}
return &containerConfig, nil
}
Expand Down
44 changes: 43 additions & 1 deletion test/e2e/play_kube_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,12 @@ spec:
hostPort: {{ .Port }}
protocol: TCP
workingDir: /
volumeMounts:
{{ if .VolumeMount }}
- name: {{.VolumeName}}
mountPath: {{ .VolumeMountPath }}
readonly: {{.VolumeReadOnly}}
{{ end }}
{{ end }}
{{ end }}
{{ end }}
Expand Down Expand Up @@ -383,12 +389,16 @@ type Ctr struct {
PullPolicy string
HostIP string
Port string
VolumeMount bool
VolumeMountPath string
VolumeName string
VolumeReadOnly bool
}

// getCtr takes a list of ctrOptions and returns a Ctr with sane defaults
// and the configured options
func getCtr(options ...ctrOption) *Ctr {
c := Ctr{defaultCtrName, defaultCtrImage, defaultCtrCmd, defaultCtrArg, true, false, nil, nil, "", "", ""}
c := Ctr{defaultCtrName, defaultCtrImage, defaultCtrCmd, defaultCtrArg, true, false, nil, nil, "", "", "", false, "", "", false}
for _, option := range options {
option(&c)
}
Expand Down Expand Up @@ -448,6 +458,15 @@ func withHostIP(ip string, port string) ctrOption {
}
}

func withVolumeMount(mountPath string, readonly bool) ctrOption {
return func(c *Ctr) {
c.VolumeMountPath = mountPath
c.VolumeName = defaultVolName
c.VolumeReadOnly = readonly
c.VolumeMount = true
}
}

func getCtrNameInPod(pod *Pod) string {
return fmt.Sprintf("%s-%s", pod.Name, defaultCtrName)
}
Expand Down Expand Up @@ -1035,4 +1054,27 @@ spec:
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).NotTo(Equal(0))
})

It("podman play kube test with read only volume", func() {
hostPathLocation := filepath.Join(tempdir, "file")
f, err := os.Create(hostPathLocation)
Expect(err).To(BeNil())
f.Close()

ctr := getCtr(withVolumeMount(hostPathLocation, true), withImage(BB))
pod := getPod(withVolume(getVolume("File", hostPathLocation)), withCtr(ctr))
err = generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())

kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))

inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "'{{.HostConfig.Binds}}'"})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))

correct := fmt.Sprintf("%s:%s:%s", hostPathLocation, hostPathLocation, "ro")
Expect(inspect.OutputToString()).To(ContainSubstring(correct))
})
})

0 comments on commit 26fb8d2

Please sign in to comment.