Add missing user-facing part to allow volume subpath mounts #22040
Conversation
The code enabling volume subpath mounts has been merged in containers#17992 but no user-facing change was made. The documentation was also not updated. Signed-off-by: Vasyl Gello <[email protected]>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: basilgello The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
pkg/specgenutil/volumes.go
Outdated
| @@ -371,6 +371,19 @@ func parseMountOptions(mountType string, args []string) (*spec.Mount, error) { | |||
| return nil, fmt.Errorf("host directory cannot be empty: %w", errOptionArg) | |||
| } | |||
| mnt.Source = value | |||
| case "subpath": | |||
| if setSubpath { | |||
| return nil, fmt.Errorf("cannot pass 'subpath' option more than once: %w", errOptionArg) | |||
There was a problem hiding this comment.
nit: This error should use %q and name like the one just below.
basilgello
force-pushed
the
subpaths-main
branch
from
bc819ff
to
dcf9dae
Compare
|
Cockpit tests failed for commit dcf9daed49d7abce3a3fdf74668c387ecf49d965. @martinpitt, @jelly, @mvollmer please check. |
Signed-off-by: Vasyl Gello <[email protected]>
Signed-off-by: Vasyl Gello <[email protected]>
basilgello
force-pushed
the
subpaths-main
branch
from
dcf9dae
to
dc75dfb
Compare
|
Cockpit tests failed for commit dc75dfbf2b7b26b704af11fad36e8722094b966c. @martinpitt, @jelly, @mvollmer please check. |
|
@giuseppe you mentioned the security implications of this features in the linked issue. I think 17992 solved them, so please review. |
| @@ -14,7 +14,7 @@ import ( | |||
|
|
|||
| // ValidateVolumeOpts validates a volume's options | |||
| func ValidateVolumeOpts(options []string) ([]string, error) { | |||
| var foundRootPropagation, foundRWRO, foundLabelChange, bindType, foundExec, foundDev, foundSuid, foundChown, foundUpperDir, foundWorkDir, foundCopy, foundCopySymlink int | |||
| var foundRootPropagation, foundRWRO, foundLabelChange, bindType, foundExec, foundDev, foundSuid, foundChown, foundUpperDir, foundWorkDir, foundCopy, foundCopySymlink, foundVolumeSubpath int | |||
There was a problem hiding this comment.
these changes must go in the https://github.com/containers/common project and then revendor them
There was a problem hiding this comment.
I understand that, but I need some details.
Is the correct procedure here as follows?
- Move this commit into separate PR in containers/common
- Wait for it to be merged
go get -u github.com/containers/common && go mod vendorin this PR- Rebase this PR with new
go.{mod,sum}andvendor
There was a problem hiding this comment.
sorry, forgot to submit the review.
basilgello
force-pushed
the
subpaths-main
branch
5 times, most recently
from
6b07be0
to
efcefef
Compare
Signed-off-by: Vasyl Gello <[email protected]>
basilgello
force-pushed
the
subpaths-main
branch
from
efcefef
to
6bbfcae
Compare
|
Cockpit tests failed for commit f85ce21fec0ab218e7732968dab92975f8448021. @martinpitt, @jelly, @mvollmer please check. |
|
Cockpit tests failed for commit 9b0c13633f7a91bf686aaa40f049127167180d15. @martinpitt, @jelly, @mvollmer please check. |
|
Cockpit tests failed for commit 9beab8b153142b87108b408c66d1f24df9f26df2. @martinpitt, @jelly, @mvollmer please check. |
|
Cockpit tests failed for commit 6b07be0767af417279a8077a797a8271aa00d12b. @martinpitt, @jelly, @mvollmer please check. |
|
Cockpit tests failed for commit efcefefa05dc3860d115b2c3602482ee9c76a704. @martinpitt, @jelly, @mvollmer please check. |
|
Cockpit tests failed for commit 6bbfcae. @martinpitt, @jelly, @mvollmer please check. |
|
Docker has implemented this feature using the It's probably worth updating this pr to adopt the same option names so that the cli and api are compatible. |
openshift-merge-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@basilgello Poke - are you still working on this? If not, we may take over to push this over the finish line |
|
Let me spliy the PR tomorrow morning @mheon Should we follow up Docker convention as larsks mentioned or the current syntax is fine? |
|
Also I postponded the split because I expected to get primary ACK from @giuseppe or other code owner but I did not get it to the date + several other issues on my side. |
|
Docker convention would be preferred. Sorry for the sudden attention, we're starting to prep for Podman 5.1 and this came up as something that could get in. |
|
It is OK and I needed that nudge :) I will do the split and link the derived PRs to this one. I am using this PR in https://salsa.debian.org/neurodebian-team/neurodebian-bot for 2 months. |
|
@mheon I need your help :) In #22410 you added AFAIK the merged code is still in dev branch so I think it is better to rename all user-facing |
|
We can also keep the existing subpath option and add volume-subpath as an
alias to it, so both the current one and the Docker compatible one work
…On Wed, May 8, 2024 at 11:51 Vasyl Gello ***@***.***> wrote:
@mheon <https://github.com/mheon> I need your help :) In #22410
<#22410> you added subpath
option to image mounts. But Docker chose to name subpath option as
volume-subpath (as larsks mentioned, just the wrong PR
<docker/cli#4331>) Now if I change the
user-facing option name for volume and mount to Docker's one, should I also
rename the image mount option and its docs?
AFAIK the merged code is still in dev branch so I think it is better to
rename all user-facing subpath option name to volume-subpath. WDYT?
—
Reply to this email directly, view it on GitHub
<#22040 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AB3AOCHJELQZRZX2JALSX7LZBJCXRAVCNFSM6AAAAABEV4W6CGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMBQHA4DSNJUGA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Add missing user-facing "subpath" option to mount subpaths of named volumes.
Does this PR introduce a user-facing change?
Yes, adding "subpath" as valid mount and volume option in podman-container-create(1), podman-run(1).