github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Implements WithNoNewKeyring

Browse Source 
It does not override existing CreateOptions but assumes that the
TaskInfo's options are of type CreateOptions.

Signed-off-by: Oliver Stenbom <ostenbom@pivotal.io>
This commit is contained in:
Oliver Stenbom
2018-05-28 12:26:56 +03:00
parent c9ea816cda
commit 7132ca2775
2 changed files with 78 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
task_opts_linux.go
View File

@@ -18,7 +18,9 @@ package containerd
import (
"context"
"errors"
"github.com/containerd/containerd/linux/runctypes"
"github.com/opencontainers/runtime-spec/specs-go"
)
@@ -29,3 +31,18 @@ func WithResources(resources *specs.LinuxResources) UpdateTaskOpts {
return nil
}
}
// WithNoNewKeyring causes tasks not to be created with a new keyring for secret storage.
// There is an upper limit on the number of keyrings in a linux system
func WithNoNewKeyring(ctx context.Context, c *Client, ti *TaskInfo) error {
if ti.Options == nil {
ti.Options = &runctypes.CreateOptions{}
}
opts, ok := ti.Options.(*runctypes.CreateOptions)
if !ok {
return errors.New("could not cast TaskInfo Options to CreateOptions")
}
opts.NoNewKeyring = true
return nil
}