Allow users to specify stdin into containers

Some commands within a Containerfile, might need input from users. For example confirmation commands from Apt. Adding a --stdin flag will allows users to interact with containers while running inside of buildah bud. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2020-12-10 20:56:17 -05:00 · 2020-12-10 20:56:17 -05:00 · dc57eea023
parent 7734b68d6a
commit dc57eea023
4 changed files with 31 additions and 0 deletions
--- a/cmd/buildah/bud.go
+++ b/cmd/buildah/bud.go
@ -1,6 +1,7 @@
 package main

 import (
+	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@ -197,6 +198,10 @@ func budCmd(c *cobra.Command, inputArgs []string, iopts budOptions) error {
 		return errors.Wrapf(err, "error evaluating symlinks in build context path")
 	}

+	var stdin io.Reader
+	if iopts.Stdin {
+		stdin = os.Stdin
+	}
 	var stdout, stderr, reporter *os.File
 	stdout = os.Stdout
 	stderr = os.Stderr
@ -321,6 +326,7 @@ func budCmd(c *cobra.Command, inputArgs []string, iopts budOptions) error {
 		From:                    iopts.From,
 		IDMappingOptions:        idmappingOptions,
 		IIDFile:                 iopts.Iidfile,
+		In:                      stdin,
 		Isolation:               isolation,
 		Labels:                  iopts.Label,
 		Layers:                  layers,
--- a/docs/buildah-bud.md
+++ b/docs/buildah-bud.md
@ -492,6 +492,12 @@ Sign the built image using the GPG key that matches the specified fingerprint.
 Squash all of the image's new layers into a single new layer; any preexisting layers
 are not squashed.

+**--stdin**
+
+Pass stdin into the RUN containers. Sometime commands being RUN within a Containerfile
+want to request information from the user. For example apt asking for a confirmation for install.
+Use --stdin to be able to interact from the terminal during the build.
+
 **--tag**, **-t** *imageName*

 Specifies the name which will be assigned to the resulting image if the build
--- a/pkg/cli/common.go
+++ b/pkg/cli/common.go
@ -82,6 +82,7 @@ type BudResults struct {
 	SignaturePolicy     string
 	SignBy              string
 	Squash              bool
+	Stdin               bool
 	Tag                 []string
 	Target              string
 	TLSVerify           bool
@ -217,6 +218,7 @@ func GetBudFlags(flags *BudResults) pflag.FlagSet {
 		panic(fmt.Sprintf("error marking the signature-policy flag as hidden: %v", err))
 	}
 	fs.BoolVar(&flags.Squash, "squash", false, "squash newly built layers into a single new layer")
+	fs.BoolVar(&flags.Stdin, "stdin", false, "pass stdin into containers")
 	fs.StringArrayVarP(&flags.Tag, "tag", "t", []string{}, "tagged `name` to apply to the built image")
 	fs.StringVar(&flags.Target, "target", "", "set the target build stage to build")
 	fs.Int64Var(&flags.Timestamp, "timestamp", 0, "set created timestamp to the specified epoch seconds to allow for deterministic builds, defaults to current time")
--- a/tests/bud.bats
+++ b/tests/bud.bats
@ -2441,3 +2441,20 @@ EOF
  expect_output --substring "STEP 1: FROM alpine AS builder"
  expect_output --substring "STEP 2: FROM busybox"
 }
+
+@test "bud test no --stdin" {
+  _prefetch alpine
+  mytmpdir=${TESTDIR}/my-dir
+  mkdir -p ${mytmpdir}
+cat > $mytmpdir/Containerfile << _EOF
+FROM alpine
+RUN read -t 1 x && echo test got \<\$x\>
+RUN touch /tmp/done
+_EOF
+
+  # fail without --stdin
+  run_buildah 1 bud -t testbud --signature-policy ${TESTSDIR}/policy.json ${mytmpdir} <<< input
+
+  run_buildah bud --stdin -t testbud --signature-policy ${TESTSDIR}/policy.json ${mytmpdir} <<< input
+  expect_output --substring "test got <input>"
+}