Having a separate function holding the details of this makes reading
createSandboxContainer easier.
While I was moving the code, I've also cleaned up two things:
* The nil capabilities check is now earlier, where before it had been
between the ALL handling and the non-ALL handling.
* I've added a capPrefixed variable to avoid having multiple
toCAPPrefixed calls per capability.
Signed-off-by: W. Trevor King <wking@tremily.us>
If a packager wants to be able to support addititional arguments on his
hook this will allow them to setup the configuration with these arguments.
For example this would allow a hook developer to add support for a --debug
flag to change the level of debugging in his hook.
In order to complete this task, I had to vendor in the latest
github.com://opencontainers/runtime-tools, which caused me to have to fix a
Mount and Capability interface calls
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If server/Server.createSandboxContainer() fails after calling
server/Server.StorageRuntimeServer().CreateContainer(), cleanup logic in
server/Server.CreateContainer() won't try to clean it up, but we still
need to clean up the on-disk container and its layer.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add an UntagImage() method to pkg/storage/ImageServer, which will check
if the passed-in NameOrID is a name. If so, it merely removes that name
from the image, removing the image only if it was the last name that the
image had. If the NameOrID is an image ID, the image is removed, as
RemoveImage() does.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The image's canonical reference is a name with a digest of the image's
manifest, so in imageService.ImageStatus() and
imageService.ListImages(), divide the image's name list into tagged and
digested values, and if we have names, add canonical versions.
In Server.ContainerStatus(), return the image name as it was given to us
as the image, and the image digested reference as the image reference.
In Server.ListImages(), be sure to only return tagged names in the
RepoTags field. In Server.ImageStatus(), also return canonical
references in the RepoDigests field.
In Server.PullImage(), be sure that we consistently return the same
image reference for an image, whether we ended up pulling it or not.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The tests are trying to read an write configuration files and check that the
fields are being set or saved properly.
A folder fixtures/ was created on server/ as well adding an example crio.conf
file to it.
Note: some extra paths about Vagrant and VSCode were added to gitignore.
Signed-off-by: Álex González <agonzalezro@gmail.com>
Add an UntagImage() method to pkg/storage/ImageServer, which will check
if the passed-in NameOrID is a name. If so, it merely removes that name
from the image, removing the image only if it was the last name that the
image had. If the NameOrID is an image ID, the image is removed, as
RemoveImage() does.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The image's canonical reference is a name with a digest of the image's
manifest, so compute and return that value as the image's reference in
ImageStatus() and in ContainerStatus().
We don't auto-store a name based on the image digest when we pull one by
tag, but then CRI doesn't need us to do that.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
