diff --git a/container_opts.go b/container_opts.go index 4c534fe12..fb22a9096 100644 --- a/container_opts.go +++ b/container_opts.go @@ -5,10 +5,12 @@ import ( "github.com/containerd/containerd/containers" "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/oci" "github.com/containerd/containerd/platforms" "github.com/containerd/typeurl" "github.com/gogo/protobuf/types" "github.com/opencontainers/image-spec/identity" + specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" ) @@ -164,3 +166,29 @@ func WithContainerExtension(name string, extension interface{}) NewContainerOpts return nil } } + +// WithNewSpec generates a new spec for a new container +func WithNewSpec(opts ...oci.SpecOpts) NewContainerOpts { + return func(ctx context.Context, client *Client, c *containers.Container) error { + s, err := oci.GenerateSpec(ctx, client, c, opts...) + if err != nil { + return err + } + c.Spec, err = typeurl.MarshalAny(s) + return err + } +} + +// WithSpec sets the provided spec on the container +func WithSpec(s *specs.Spec, opts ...oci.SpecOpts) NewContainerOpts { + return func(ctx context.Context, client *Client, c *containers.Container) error { + for _, o := range opts { + if err := o(ctx, client, c, s); err != nil { + return err + } + } + var err error + c.Spec, err = typeurl.MarshalAny(s) + return err + } +} diff --git a/container_opts_unix.go b/container_opts_unix.go index e2cd7c939..bb431e51f 100644 --- a/container_opts_unix.go +++ b/container_opts_unix.go @@ -6,12 +6,17 @@ import ( "context" "encoding/json" "fmt" + "io/ioutil" + "os" + "path/filepath" + "syscall" "github.com/containerd/containerd/api/types" "github.com/containerd/containerd/containers" "github.com/containerd/containerd/content" "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/images" + "github.com/containerd/containerd/mount" "github.com/containerd/containerd/platforms" "github.com/gogo/protobuf/proto" protobuf "github.com/gogo/protobuf/types" @@ -19,6 +24,7 @@ import ( "github.com/opencontainers/image-spec/identity" "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" + "golang.org/x/sys/unix" ) // WithCheckpoint allows a container to be created from the checkpointed information @@ -122,3 +128,91 @@ func decodeIndex(ctx context.Context, store content.Store, id digest.Digest) (*v return &index, nil } + +// WithRemappedSnapshot creates a new snapshot and remaps the uid/gid for the +// filesystem to be used by a container with user namespaces +func WithRemappedSnapshot(id string, i Image, uid, gid uint32) NewContainerOpts { + return withRemappedSnapshotBase(id, i, uid, gid, false) +} + +// WithRemappedSnapshotView is similar to WithRemappedSnapshot but rootfs is mounted as read-only. +func WithRemappedSnapshotView(id string, i Image, uid, gid uint32) NewContainerOpts { + return withRemappedSnapshotBase(id, i, uid, gid, true) +} + +func withRemappedSnapshotBase(id string, i Image, uid, gid uint32, readonly bool) NewContainerOpts { + return func(ctx context.Context, client *Client, c *containers.Container) error { + diffIDs, err := i.(*image).i.RootFS(ctx, client.ContentStore(), platforms.Default()) + if err != nil { + return err + } + + setSnapshotterIfEmpty(c) + + var ( + snapshotter = client.SnapshotService(c.Snapshotter) + parent = identity.ChainID(diffIDs).String() + usernsID = fmt.Sprintf("%s-%d-%d", parent, uid, gid) + ) + if _, err := snapshotter.Stat(ctx, usernsID); err == nil { + if _, err := snapshotter.Prepare(ctx, id, usernsID); err == nil { + c.SnapshotKey = id + c.Image = i.Name() + return nil + } else if !errdefs.IsNotFound(err) { + return err + } + } + mounts, err := snapshotter.Prepare(ctx, usernsID+"-remap", parent) + if err != nil { + return err + } + if err := remapRootFS(mounts, uid, gid); err != nil { + snapshotter.Remove(ctx, usernsID) + return err + } + if err := snapshotter.Commit(ctx, usernsID, usernsID+"-remap"); err != nil { + return err + } + if readonly { + _, err = snapshotter.View(ctx, id, usernsID) + } else { + _, err = snapshotter.Prepare(ctx, id, usernsID) + } + if err != nil { + return err + } + c.SnapshotKey = id + c.Image = i.Name() + return nil + } +} + +func remapRootFS(mounts []mount.Mount, uid, gid uint32) error { + root, err := ioutil.TempDir("", "ctd-remap") + if err != nil { + return err + } + defer os.RemoveAll(root) + for _, m := range mounts { + if err := m.Mount(root); err != nil { + return err + } + } + defer unix.Unmount(root, 0) + return filepath.Walk(root, incrementFS(root, uid, gid)) +} + +func incrementFS(root string, uidInc, gidInc uint32) filepath.WalkFunc { + return func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + var ( + stat = info.Sys().(*syscall.Stat_t) + u, g = int(stat.Uid + uidInc), int(stat.Gid + gidInc) + ) + // be sure the lchown the path as to not de-reference the symlink to a host file + return os.Lchown(path, u, g) + } +} diff --git a/helpers_unix_test.go b/helpers_unix_test.go index 089be2620..51c034e10 100644 --- a/helpers_unix_test.go +++ b/helpers_unix_test.go @@ -7,28 +7,29 @@ import ( "fmt" "github.com/containerd/containerd/containers" + "github.com/containerd/containerd/oci" specs "github.com/opencontainers/runtime-spec/specs-go" ) const newLine = "\n" -func withExitStatus(es int) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func withExitStatus(es int) oci.SpecOpts { + return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error { s.Process.Args = []string{"sh", "-c", fmt.Sprintf("exit %d", es)} return nil } } -func withProcessArgs(args ...string) SpecOpts { - return WithProcessArgs(args...) +func withProcessArgs(args ...string) oci.SpecOpts { + return oci.WithProcessArgs(args...) } -func withCat() SpecOpts { - return WithProcessArgs("cat") +func withCat() oci.SpecOpts { + return oci.WithProcessArgs("cat") } -func withTrue() SpecOpts { - return WithProcessArgs("true") +func withTrue() oci.SpecOpts { + return oci.WithProcessArgs("true") } func withExecExitStatus(s *specs.Process, es int) { @@ -41,5 +42,5 @@ func withExecArgs(s *specs.Process, args ...string) { var ( withNewSnapshot = WithNewSnapshot - withImageConfig = WithImageConfig + withImageConfig = oci.WithImageConfig ) diff --git a/oci/client.go b/oci/client.go new file mode 100644 index 000000000..bac2aa9c4 --- /dev/null +++ b/oci/client.go @@ -0,0 +1,21 @@ +package oci + +import ( + "context" + + "github.com/containerd/containerd/content" + "github.com/containerd/containerd/snapshot" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// Client interface used by SpecOpt +type Client interface { + SnapshotService(snapshotterName string) snapshot.Snapshotter + ContentStore() content.Store +} + +// Image interface used by some SpecOpt to query image configuration +type Image interface { + // Config descriptor for the image. + Config(ctx context.Context) (ocispec.Descriptor, error) +} diff --git a/spec.go b/oci/spec.go similarity index 75% rename from spec.go rename to oci/spec.go index 850f470a0..558a3570f 100644 --- a/spec.go +++ b/oci/spec.go @@ -1,4 +1,4 @@ -package containerd +package oci import ( "context" @@ -9,7 +9,7 @@ import ( // GenerateSpec will generate a default spec from the provided image // for use as a containerd container -func GenerateSpec(ctx context.Context, client *Client, c *containers.Container, opts ...SpecOpts) (*specs.Spec, error) { +func GenerateSpec(ctx context.Context, client Client, c *containers.Container, opts ...SpecOpts) (*specs.Spec, error) { s, err := createDefaultSpec(ctx, c.ID) if err != nil { return nil, err diff --git a/oci/spec_opts.go b/oci/spec_opts.go new file mode 100644 index 000000000..c940c7aab --- /dev/null +++ b/oci/spec_opts.go @@ -0,0 +1,35 @@ +package oci + +import ( + "context" + + "github.com/containerd/containerd/containers" + specs "github.com/opencontainers/runtime-spec/specs-go" +) + +// SpecOpts sets spec specific information to a newly generated OCI spec +type SpecOpts func(context.Context, Client, *containers.Container, *specs.Spec) error + +// WithProcessArgs replaces the args on the generated spec +func WithProcessArgs(args ...string) SpecOpts { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { + s.Process.Args = args + return nil + } +} + +// WithProcessCwd replaces the current working directory on the generated spec +func WithProcessCwd(cwd string) SpecOpts { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { + s.Process.Cwd = cwd + return nil + } +} + +// WithHostname sets the container's hostname +func WithHostname(name string) SpecOpts { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { + s.Hostname = name + return nil + } +} diff --git a/spec_opts_unix.go b/oci/spec_opts_unix.go similarity index 69% rename from spec_opts_unix.go rename to oci/spec_opts_unix.go index 01d5121d4..e24ef5f6e 100644 --- a/spec_opts_unix.go +++ b/oci/spec_opts_unix.go @@ -1,6 +1,6 @@ // +build !windows -package containerd +package oci import ( "context" @@ -16,12 +16,9 @@ import ( "github.com/containerd/containerd/containers" "github.com/containerd/containerd/content" - "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/fs" "github.com/containerd/containerd/images" "github.com/containerd/containerd/namespaces" - "github.com/containerd/containerd/platforms" - "github.com/opencontainers/image-spec/identity" "github.com/opencontainers/image-spec/specs-go/v1" "github.com/opencontainers/runc/libcontainer/user" specs "github.com/opencontainers/runtime-spec/specs-go" @@ -30,7 +27,7 @@ import ( // WithTTY sets the information on the spec as well as the environment variables for // using a TTY -func WithTTY(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func WithTTY(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Process.Terminal = true s.Process.Env = append(s.Process.Env, "TERM=xterm") return nil @@ -38,7 +35,7 @@ func WithTTY(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spe // WithHostNamespace allows a task to run inside the host's linux namespace func WithHostNamespace(ns specs.LinuxNamespaceType) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { for i, n := range s.Linux.Namespaces { if n.Type == ns { s.Linux.Namespaces = append(s.Linux.Namespaces[:i], s.Linux.Namespaces[i+1:]...) @@ -52,7 +49,7 @@ func WithHostNamespace(ns specs.LinuxNamespaceType) SpecOpts { // WithLinuxNamespace uses the passed in namespace for the spec. If a namespace of the same type already exists in the // spec, the existing namespace is replaced by the one provided. func WithLinuxNamespace(ns specs.LinuxNamespace) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { for i, n := range s.Linux.Namespaces { if n.Type == ns.Type { before := s.Linux.Namespaces[:i] @@ -68,13 +65,15 @@ func WithLinuxNamespace(ns specs.LinuxNamespace) SpecOpts { } // WithImageConfig configures the spec to from the configuration of an Image -func WithImageConfig(i Image) SpecOpts { - return func(ctx context.Context, client *Client, c *containers.Container, s *specs.Spec) error { - var ( - image = i.(*image) - store = client.ContentStore() - ) - ic, err := image.i.Config(ctx, store, platforms.Default()) +func WithImageConfig(image Image) SpecOpts { + return func(ctx context.Context, client Client, c *containers.Container, s *specs.Spec) error { + store := client.ContentStore() + // TODO: needs review. Previous this passed in a store, now it's using + // a store that is part of the client. This makes the assumption that + // the client store is the same as the one wrapped by `image`. + // Is this assumption safe? Should the interface be changed to accept + // a store instead of wrapping one? + ic, err := image.Config(ctx) if err != nil { return err } @@ -140,7 +139,7 @@ func WithImageConfig(i Image) SpecOpts { // WithRootFSPath specifies unmanaged rootfs path. func WithRootFSPath(path string) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { if s.Root == nil { s.Root = &specs.Root{} } @@ -152,7 +151,7 @@ func WithRootFSPath(path string) SpecOpts { // WithRootFSReadonly sets specs.Root.Readonly to true func WithRootFSReadonly() SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { if s.Root == nil { s.Root = &specs.Root{} } @@ -161,22 +160,14 @@ func WithRootFSReadonly() SpecOpts { } } -// WithResources sets the provided resources on the spec for task updates -func WithResources(resources *specs.LinuxResources) UpdateTaskOpts { - return func(ctx context.Context, client *Client, r *UpdateTaskInfo) error { - r.Resources = resources - return nil - } -} - // WithNoNewPrivileges sets no_new_privileges on the process for the container -func WithNoNewPrivileges(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func WithNoNewPrivileges(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Process.NoNewPrivileges = true return nil } // WithHostHostsFile bind-mounts the host's /etc/hosts into the container as readonly -func WithHostHostsFile(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func WithHostHostsFile(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Mounts = append(s.Mounts, specs.Mount{ Destination: "/etc/hosts", Type: "bind", @@ -187,7 +178,7 @@ func WithHostHostsFile(_ context.Context, _ *Client, _ *containers.Container, s } // WithHostResolvconf bind-mounts the host's /etc/resolv.conf into the container as readonly -func WithHostResolvconf(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func WithHostResolvconf(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Mounts = append(s.Mounts, specs.Mount{ Destination: "/etc/resolv.conf", Type: "bind", @@ -198,7 +189,7 @@ func WithHostResolvconf(_ context.Context, _ *Client, _ *containers.Container, s } // WithHostLocaltime bind-mounts the host's /etc/localtime into the container as readonly -func WithHostLocaltime(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { +func WithHostLocaltime(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Mounts = append(s.Mounts, specs.Mount{ Destination: "/etc/localtime", Type: "bind", @@ -211,7 +202,7 @@ func WithHostLocaltime(_ context.Context, _ *Client, _ *containers.Container, s // WithUserNamespace sets the uid and gid mappings for the task // this can be called multiple times to add more mappings to the generated spec func WithUserNamespace(container, host, size uint32) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { var hasUserns bool for _, ns := range s.Linux.Namespaces { if ns.Type == specs.UserNamespace { @@ -235,68 +226,9 @@ func WithUserNamespace(container, host, size uint32) SpecOpts { } } -// WithRemappedSnapshot creates a new snapshot and remaps the uid/gid for the -// filesystem to be used by a container with user namespaces -func WithRemappedSnapshot(id string, i Image, uid, gid uint32) NewContainerOpts { - return withRemappedSnapshotBase(id, i, uid, gid, false) -} - -// WithRemappedSnapshotView is similar to WithRemappedSnapshot but rootfs is mounted as read-only. -func WithRemappedSnapshotView(id string, i Image, uid, gid uint32) NewContainerOpts { - return withRemappedSnapshotBase(id, i, uid, gid, true) -} - -func withRemappedSnapshotBase(id string, i Image, uid, gid uint32, readonly bool) NewContainerOpts { - return func(ctx context.Context, client *Client, c *containers.Container) error { - diffIDs, err := i.(*image).i.RootFS(ctx, client.ContentStore(), platforms.Default()) - if err != nil { - return err - } - - setSnapshotterIfEmpty(c) - - var ( - snapshotter = client.SnapshotService(c.Snapshotter) - parent = identity.ChainID(diffIDs).String() - usernsID = fmt.Sprintf("%s-%d-%d", parent, uid, gid) - ) - if _, err := snapshotter.Stat(ctx, usernsID); err == nil { - if _, err := snapshotter.Prepare(ctx, id, usernsID); err == nil { - c.SnapshotKey = id - c.Image = i.Name() - return nil - } else if !errdefs.IsNotFound(err) { - return err - } - } - mounts, err := snapshotter.Prepare(ctx, usernsID+"-remap", parent) - if err != nil { - return err - } - if err := remapRootFS(mounts, uid, gid); err != nil { - snapshotter.Remove(ctx, usernsID) - return err - } - if err := snapshotter.Commit(ctx, usernsID, usernsID+"-remap"); err != nil { - return err - } - if readonly { - _, err = snapshotter.View(ctx, id, usernsID) - } else { - _, err = snapshotter.Prepare(ctx, id, usernsID) - } - if err != nil { - return err - } - c.SnapshotKey = id - c.Image = i.Name() - return nil - } -} - // WithCgroup sets the container's cgroup path func WithCgroup(path string) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Linux.CgroupsPath = path return nil } @@ -305,7 +237,7 @@ func WithCgroup(path string) SpecOpts { // WithNamespacedCgroup uses the namespace set on the context to create a // root directory for containers in the cgroup with the id as the subcgroup func WithNamespacedCgroup() SpecOpts { - return func(ctx context.Context, _ *Client, c *containers.Container, s *specs.Spec) error { + return func(ctx context.Context, _ Client, c *containers.Container, s *specs.Spec) error { namespace, err := namespaces.NamespaceRequired(ctx) if err != nil { return err @@ -317,7 +249,7 @@ func WithNamespacedCgroup() SpecOpts { // WithUIDGID allows the UID and GID for the Process to be set func WithUIDGID(uid, gid uint32) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Process.User.UID = uid s.Process.User.GID = gid return nil @@ -329,7 +261,7 @@ func WithUIDGID(uid, gid uint32) SpecOpts { // or uid is not found in /etc/passwd, it sets gid to be the same with // uid, and not returns error. func WithUserID(uid uint32) SpecOpts { - return func(ctx context.Context, client *Client, c *containers.Container, s *specs.Spec) error { + return func(ctx context.Context, client Client, c *containers.Container, s *specs.Spec) error { if c.Snapshotter == "" { return errors.Errorf("no snapshotter set for container") } @@ -386,7 +318,7 @@ func WithUserID(uid uint32) SpecOpts { // does not exist, or the username is not found in /etc/passwd, // it returns error. func WithUsername(username string) SpecOpts { - return func(ctx context.Context, client *Client, c *containers.Container, s *specs.Spec) error { + return func(ctx context.Context, client Client, c *containers.Container, s *specs.Spec) error { if c.Snapshotter == "" { return errors.Errorf("no snapshotter set for container") } diff --git a/spec_opts_windows.go b/oci/spec_opts_windows.go similarity index 69% rename from spec_opts_windows.go rename to oci/spec_opts_windows.go index 1fc5d5e37..72b527e10 100644 --- a/spec_opts_windows.go +++ b/oci/spec_opts_windows.go @@ -1,6 +1,6 @@ // +build windows -package containerd +package oci import ( "context" @@ -16,13 +16,10 @@ import ( ) // WithImageConfig configures the spec to from the configuration of an Image -func WithImageConfig(i Image) SpecOpts { - return func(ctx context.Context, client *Client, _ *containers.Container, s *specs.Spec) error { - var ( - image = i.(*image) - store = client.ContentStore() - ) - ic, err := image.i.Config(ctx, store, platforms.Default()) +func WithImageConfig(image Image) SpecOpts { + return func(ctx context.Context, client Client, _ *containers.Container, s *specs.Spec) error { + store := client.ContentStore() + ic, err := image.Config(ctx) if err != nil { return err } @@ -55,7 +52,7 @@ func WithImageConfig(i Image) SpecOpts { // WithTTY sets the information on the spec as well as the environment variables for // using a TTY func WithTTY(width, height int) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { + return func(_ context.Context, _ Client, _ *containers.Container, s *specs.Spec) error { s.Process.Terminal = true if s.Process.ConsoleSize == nil { s.Process.ConsoleSize = &specs.Box{} @@ -65,11 +62,3 @@ func WithTTY(width, height int) SpecOpts { return nil } } - -// WithResources sets the provided resources on the spec for task updates -func WithResources(resources *specs.WindowsResources) UpdateTaskOpts { - return func(ctx context.Context, client *Client, r *UpdateTaskInfo) error { - r.Resources = resources - return nil - } -} diff --git a/spec_unix.go b/oci/spec_unix.go similarity index 79% rename from spec_unix.go rename to oci/spec_unix.go index 00e814962..c8f3b37af 100644 --- a/spec_unix.go +++ b/oci/spec_unix.go @@ -1,17 +1,11 @@ // +build !windows -package containerd +package oci import ( "context" - "io/ioutil" - "os" "path/filepath" - "syscall" - "golang.org/x/sys/unix" - - "github.com/containerd/containerd/mount" "github.com/containerd/containerd/namespaces" specs "github.com/opencontainers/runtime-spec/specs-go" ) @@ -173,32 +167,3 @@ func createDefaultSpec(ctx context.Context, id string) (*specs.Spec, error) { } return s, nil } - -func remapRootFS(mounts []mount.Mount, uid, gid uint32) error { - root, err := ioutil.TempDir("", "ctd-remap") - if err != nil { - return err - } - defer os.RemoveAll(root) - for _, m := range mounts { - if err := m.Mount(root); err != nil { - return err - } - } - defer unix.Unmount(root, 0) - return filepath.Walk(root, incrementFS(root, uid, gid)) -} - -func incrementFS(root string, uidInc, gidInc uint32) filepath.WalkFunc { - return func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - var ( - stat = info.Sys().(*syscall.Stat_t) - u, g = int(stat.Uid + uidInc), int(stat.Gid + gidInc) - ) - // be sure the lchown the path as to not de-reference the symlink to a host file - return os.Lchown(path, u, g) - } -} diff --git a/spec_unix_test.go b/oci/spec_unix_test.go similarity index 99% rename from spec_unix_test.go rename to oci/spec_unix_test.go index 053831658..7532d1913 100644 --- a/spec_unix_test.go +++ b/oci/spec_unix_test.go @@ -1,6 +1,6 @@ // +build !windows -package containerd +package oci import ( "context" diff --git a/spec_windows.go b/oci/spec_windows.go similarity index 96% rename from spec_windows.go rename to oci/spec_windows.go index 16a58b446..64c228883 100644 --- a/spec_windows.go +++ b/oci/spec_windows.go @@ -1,4 +1,4 @@ -package containerd +package oci import ( "context" diff --git a/spec_opts.go b/spec_opts.go deleted file mode 100644 index 2dbf8214a..000000000 --- a/spec_opts.go +++ /dev/null @@ -1,74 +0,0 @@ -package containerd - -import ( - "context" - - "github.com/containerd/containerd/containers" - "github.com/containerd/typeurl" - specs "github.com/opencontainers/runtime-spec/specs-go" -) - -// SpecOpts sets spec specific information to a newly generated OCI spec -type SpecOpts func(context.Context, *Client, *containers.Container, *specs.Spec) error - -// WithProcessArgs replaces the args on the generated spec -func WithProcessArgs(args ...string) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { - s.Process.Args = args - return nil - } -} - -// WithProcessCwd replaces the current working directory on the generated spec -func WithProcessCwd(cwd string) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { - s.Process.Cwd = cwd - return nil - } -} - -// WithHostname sets the container's hostname -func WithHostname(name string) SpecOpts { - return func(_ context.Context, _ *Client, _ *containers.Container, s *specs.Spec) error { - s.Hostname = name - return nil - } -} - -// WithNewSpec generates a new spec for a new container -func WithNewSpec(opts ...SpecOpts) NewContainerOpts { - return func(ctx context.Context, client *Client, c *containers.Container) error { - s, err := createDefaultSpec(ctx, c.ID) - if err != nil { - return err - } - for _, o := range opts { - if err := o(ctx, client, c, s); err != nil { - return err - } - } - any, err := typeurl.MarshalAny(s) - if err != nil { - return err - } - c.Spec = any - return nil - } -} - -// WithSpec sets the provided spec on the container -func WithSpec(s *specs.Spec, opts ...SpecOpts) NewContainerOpts { - return func(ctx context.Context, client *Client, c *containers.Container) error { - for _, o := range opts { - if err := o(ctx, client, c, s); err != nil { - return err - } - } - any, err := typeurl.MarshalAny(s) - if err != nil { - return err - } - c.Spec = any - return nil - } -} diff --git a/task_opts_linux.go b/task_opts_linux.go new file mode 100644 index 000000000..5b91cb548 --- /dev/null +++ b/task_opts_linux.go @@ -0,0 +1,15 @@ +package containerd + +import ( + "context" + + "github.com/opencontainers/runtime-spec/specs-go" +) + +// WithResources sets the provided resources for task updates +func WithResources(resources *specs.LinuxResources) UpdateTaskOpts { + return func(ctx context.Context, client *Client, r *UpdateTaskInfo) error { + r.Resources = resources + return nil + } +} diff --git a/task_opts_windows.go b/task_opts_windows.go new file mode 100644 index 000000000..425fcc723 --- /dev/null +++ b/task_opts_windows.go @@ -0,0 +1,15 @@ +package containerd + +import ( + "context" + + specs "github.com/opencontainers/runtime-spec/specs-go" +) + +// WithResources sets the provided resources on the spec for task updates +func WithResources(resources *specs.WindowsResources) UpdateTaskOpts { + return func(ctx context.Context, client Client, r *UpdateTaskInfo) error { + r.Resources = resources + return nil + } +}