Make this more like the runtime spec, using the RFC 2119 keywords for
both JSON-author and CRI-O requirements. This also clarifies the
regular expression language (POSIX EREs), links to a JSON spec, and
tightens wording for the various matching criteria.
I think the hook-config format could be improved (versioning it, and
reusing the runtime-spec hook structure instead of renaming 'path' to
'hook', dropping 'timeout', etc.). But I'm leaving that sort of thing
to future work.
Signed-off-by: W. Trevor King <wking@tremily.us>
These backticks landed with the rest of the hook docs in 139d0841 (Add
support for oci-hooks to libkpod, 2017-08-12, #562). But "CRI-O" is
the project name, so it doesn't need backticks. We would need
backticks if we used the executable filename "crio".
Signed-off-by: W. Trevor King <wking@tremily.us>
If a packager wants to be able to support addititional arguments on his
hook this will allow them to setup the configuration with these arguments.
For example this would allow a hook developer to add support for a --debug
flag to change the level of debugging in his hook.
In order to complete this task, I had to vendor in the latest
github.com://opencontainers/runtime-tools, which caused me to have to fix a
Mount and Capability interface calls
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add new directory /etc/crio/hooks.d, where packagers can drop a json config
file to specify a hook.
The json must specify a valid executable to run.
The json must also specify which stage(s) to run the hook:
prestart, poststart, poststop
The json must specify under which criteria the hook should be launched
If the container HasBindMounts
If the container cmd matches a list of regular expressions
If the containers annotations matches a list of regular expressions.
If any of these match the the hook will be launched.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
