Users expect to be able to use Symbolic links in the
ADD and COPY commands in Dockerfiles. We need to evaluate
these and pull in the correct content.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1007
Approved by: nalind
Break runSetupIntermediateMountNamespace() into its own package.
Move stringInSlice(), getHostIDs(), and getHostRootIDs() into the util
subdirectory and export them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #796
Approved by: rhatdan
Add a field to AddOrCopyOptions that can take an io.Writer, more often a
hash.Hash returned by digest.Digester's Hash() method, to calculate a
sum over what we add or copy.
Make the help output summarizing the arguments that "buildah add" and
"buildah copy" accept more closely match their man pages.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #766
Approved by: rhatdan
In Run(), when the userspec doesn't specify a group, if the specified
user has supplemental group memberships, pass them along to the runtime.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Use ID mapping information when setting permissions on content that we
add to the container, and on secrets that we copy in, on pipes that we
use for stdio, and when extracting the whole filesystem as a "layer".
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Add options to the CLI that specify which cgroups we execute "run"
commands under, and controlling how we set up namespaces for them.
Pass them down to Builders that we create, and allow them to be
overridden by options passed to Builder.Run().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
I have made a subpackage of libpod to handle chrootuser,
using the user code from buildah.
This patch removes user handling from buildah and uses
projectatomic/libpod/pkg/chrootuser
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #377
Approved by: nalind
buildah bud was not setting the mount label on the image
so SELinux in enforcing mode is blocking writing to the image
This patch also fixes a similar problem with the `buildah mount`
command
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #332
Approved by: TomSweeneyRedHat
Use Errorf() from 'errors' rather than 'fmt' to help with stack traces.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #130
Approved by: rhatdan
Impove error reporting by wrapping all returned err functions with
error.Wrapf
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #124
Approved by: nalind
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #125
Approved by: nalind
Maintain the container configuration in multiple formats in the Buildah
object, initializing one based on the other, depending on which format
the source image used for its configuration.
Replace directly manipulated fields in the Buildah object (Annotations,
CreatedBy, OS, Architecture, Maintainer, User, Workdir, Env, Cmd,
Entrypoint, Expose, Labels, and Volumes) with accessor functions which
update both configurations and which read from whichever one we consider
to be authoritative. Drop Args because we weren't using them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #102
Approved by: rhatdan
When saving the contents of a URL to a local file, attempt to set mtime
based on the response's Last-Modified header, if there is one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #58
Approved by: nalind
When the destination for an ADD or COPY operation ends with a path
separator, take that as an indicator that the destination should be a
directory, that we should create it if it doesn't already exist, and
that any files we're copying should be placed in the directory.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #56
Approved by: rhatdan
When copying or adding a source directory, copy the directory's contents
to the destination directory, to better match Dockerfile COPY behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #50
Approved by: rhatdan
In Copy(), instead of flagging a container not being mounted as an
error, do what we do in Run(), which is to mount it first and then
unmount when we're done.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Change copy behavior so that the destination can be a file rather than a
directory if we're copying a single item.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Always make sure the working directory exists before attempting to run
anything inside of it, and before attempting to copy contents into it or
one of its subdirectories.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Use the chrootarchive package instead of the archive package in the
implementation of "add", in an attempt to avoid problems with tarballs
with unusual paths in their headers.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Simplify our implementation of copy/add to always assume that the
destination location will be a directory. Trying to be cleverer, like
cp is, would just be confusing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add "add" and "copy" CLI commands, which end up calling the same buildah
method, differing only in whether or not they tell it to attempt to
extract local sources when those sources appear to be archive files
("add" does, "copy" does not).
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Daniel J Walsh
Nalin Dahyabhai
Fabio Bertinatto