On Windows we need to be able to create both Linux and Windows OCI spec
files by default to support WCOW and LCOW scenarios. This merges the
compile time differences into runtime differences between the two based
on the spec and platform the user sets.
It maintains the old behavior with Default specs resulting in the
platform default the binary is compiled for.
Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
These opts either inherit the parent cgroup device.list or append the
default unix devices like /dev/null /dev/random so that the container
has access.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
The behaviour was changed in 99df1a9e11 ("Set gid 0 when no group is
specified"), part of #2529.
Take the opportunity to tighten up the grammar a bit too.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
This change is to match Docker's implementaion of setting gid and groups
to 0 when no gid is specified but an explicit uid is set.
Fixes#2527
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This allows users to provide args for the process arguments while
creating the base spec with an image. It provides the same symantics as
Docker where additional args replace the CMD while leaving the
ENTRYPOINT the same.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This change allows implementations to resolve the location of the actual data
using OCI descriptor fields such as MediaType.
No OCI descriptor field is written to the store.
No change on gRPC API.
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
This allows Go to build third party packages correctly without vendoring
issues what want to create their own SpecOpts.
Fixes#2289
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
In a few places we check for nil types when modifying a spec,
but in many cases we do not so we could get a panic if the
passed in type was not filled. Because the generated spec is
filled we will not notice this but users may get unexpected
panics.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
