| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure we have permissions to restore file extended attributes.
[1] ... all processes have read access to extended security attributes,
and write access is limited to processes that have the CAP_SYS_ADMIN
capability.
[2] The file owner and processes capable of CAP_FOWNER are granted the
right to modify ACLs of a file. This is analogous to the permissions
required for accessing the file mode. (On current Linux systems, root
is the only user with the CAP_FOWNER capability.)
[1] https://linux.die.net/man/5/attr
[2] https://linux.die.net/man/1/setfacl
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since skopeo v0.1.29 [1] blobs are saved without the .tar extension.
This commit changes the docker-source module to handle both cases (with
or without .tar extension)
[1] commit: projectatomic/skopeo@43acc74
Fix skopeo tests with changes to dir transport
The dir transport has been changed to save the blobs without the .tar extension
Fixes the skopeo tests failing due to this change
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
This reverts commit 6146e9ab5e36ff894b8c95d00a45db6181ad8472.
|
| |
|
|
|
|
|
| |
Preserve extended file attributes of extracted rootfs as described in
https://github.com/opencontainers/image-spec/blob/master/layer.md
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since skopeo v0.1.29 blobs are saved without the .tar extension.
See commit: projectatomic/skopeo@43acc74
Fix skopeo tests with changes to dir transport
The dir transport has been changed to save the blobs without the .tar extension
Fixes the skopeo tests failing due to this change
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit b38f588 (source-docker: Show error if skopeo not installed)
introduced a check used by Docker-souce to verify that skopeo is
installed. However, the unit test cases in TestDockerSource do not
aim to ensure that skopeo is installed and therefore this check is
redundant.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
| |
Use pylint/pycodestyle modules instead of calling the executables
to ensure that Python 3 code is checked with Py 3 version of
pylint/pycodestyle.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch resolves the following pylint warning:
R: 1, 0: Similar lines in 2 files
==virtBootstrap.sources.docker_source:306
==virtBootstrap.sources.file_source:87
dest,
self.uid_map,
self.gid_map,
(self.root_password is None) # Create new disk?
)
else:
raise Exception("Unknown format:" + self.output_format)
(duplicate-code)
R: 1, 0: Similar lines in 2 files
==virtBootstrap.sources.file_source:50
==virtBootstrap.sources.virt_builder_source:58
self.output_format = kwargs.get('fmt', utils.DEFAULT_OUTPUT_FORMAT)
self.uid_map = kwargs.get('uid_map', [])
self.gid_map = kwargs.get('gid_map', [])
self.root_password = kwargs.get('root_password', None)
self.progress = kwargs['progress'].update_progress
(duplicate-code)
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Specify string format arguments as logging function parameters
(logging-not-lazy)
https://docs.python.org/3/library/logging.html#logging.Logger.debug
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
| |
E261 at least two spaces before inline comment
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
| |
E713 test for membership should be 'not in'
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
| |
Resolves pylint: "W292 no newline at end of file"
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We should give Pylint the name of a python package or module. [1]
A python module is a file containing Python definitions and statements
or directory containing the input script (__init__.py) [2]
1: https://pylint.readthedocs.io/en/latest/user_guide/run.html#invoking-pylint
2: https://docs.python.org/2/tutorial/modules.html
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When `skopeo inspect --raw docker://feodra` is used the returned
manifest content contains a list with manifests for specific
platforms [1] rather than a list with layers.
By using `skopeo inpect docker://fedora` the correct manifest
content is retrieved and a list with layers is provided. In addition,
skopeo handles the difference between schemaVersion 1 and 2.
[1] https://docs.docker.com/registry/spec/manifest-v2-2/#manifest-list-field-descriptions
|
| |
|
|
|
|
|
| |
The `skopeo copy` command has changed it's behaviour to keep only a files for
single container image per directory. To get around this and keep cache of
downloaded images is used temporary destination directory for 'skopeo copy'
and image files are then moved in the cache folder.
|
| |
|
|
| |
Show appropriate error message when skopeo is not installed.
|
| |
|
|
|
| |
Show appropriate error message when the python bindings for
libguestfs are not installed.
|
| |
|
|
|
| |
Add utility function to check whether an executable is available in
the PATH env variable.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Clean up the file, tell the world we are now stable enough, generate
ChangeLog and AUTHORS files and add license header. Add the test files
to the distribution.
|
| | |
|
| |
|
|
|
|
|
| |
Tests need the HOME environment variable, tell tox to pass it to the
virtual environment.
Also fix line endings of tox.ini to unix ones.
|
| |
|
|
|
|
| |
Since python3 strings are already Unicode-capable, there have no
decode() function. Libguestfs content strings can be either python 2
or 3 strings, only decode them to utf-8 for python2.
|
| |
|
|
|
|
|
|
|
| |
The current code was trying to save time by adding all drives to the
guestfs handle and launch the instance from it. However, this doesn't
fly since backing chain images would be used more than once.
To bad for performance, but sticking to one layer per guestfs launch
is safer and gets the tests to the pass.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
These documentation can be seen using:
$ pydoc virtBootstrap
|
| |
|
|
|
| |
Show warning message and don't allow ownership mapping for non-root
user when the output format is 'dir'.
|
| |
|
|
|
|
|
|
|
| |
The default source code encoding in Python2.* is ASCII (PEP 263 [1])
and in Python3.* is UTF-8 (PEP 3120 [2]). Define the encoding on top
of each file for consistency.
[1] https://www.python.org/dev/peps/pep-0263/
[2] https://www.python.org/dev/peps/pep-3120/
|
| |
|
|
|
| |
Allow the user to specify path for temporary directory used by
virt-bootstrap using the `VIRTBOOTSTRAP_TMPDIR` environment variable.
|
| |
|
|
| |
Use more general description for source URI.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add implementation for virt-builder source which aims to create
container root file system from VM image build with virt-builder.
Usage examples:
$ virt-bootstrap virt-builder://fedora-25 /tmp/foo
$ virt-bootstrap virt-builder://ubuntu-16.04 /tmp/bar --root-password secret
$ virt-bootstrap virt-builder://fedora-25 /tmp/foo -f qcow2 --idmap 0:1000:10
$ sudo virt-bootstrap virt-builder://fedora-25 /tmp/foo --idmap 0:1000:10
Tests are also introduced along with the implementation. They cover
creation of root file system and UID/GID mapping for 'dir' and 'qcow2'
output format by mocking the build_image() method to avoid the time
consuming call to virt-builder which might also require network
connection with function which creates dummy disk image.
Setting root password is handled by virt-builder and hence the
introduced test only ensures that the password string is passed
correctly.
|
| |
|
|
|
|
|
|
| |
Use the python bindings of libguestfs to create additional qcow2 image
which has as backing file the last layer (layer-0.qcow2 for FileSource)
and insert hashed value of given root password in the /etc/shadow file.
Note: This additional qcow2 image is also used to apply UID/GID map.
|
| |
|
|
|
|
|
|
|
|
|
| |
Apply ownership mapping in qcow2 images using libguestfs python
bindings. To make this solution more general we introduce function
guestfs_walk() which will return the root file system tree of disk
image along with UID/GID values.
These changes are applied in additional qcow2 disk image using the
last layer as backing file. For FileSource this is layer-1.qcow2
with backing file layer-0.qcow2.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the python bindings of libguestfs to create qcow2 image with
backing chains to mimic the layers of container image.
This commit also changes the behavior of FileSource when 'qcow2'
output format is used. Now the string layer-0.qcow2 will be used
as name of the output file.
This change is applied in the test suite as an update to the function
get_image_path().
|
| | |
|
| |
|
|
|
| |
Make the code for setting password hash in the content of shadow file
reusable and hence can be used with qcow2 output format.
|
| |
|
|
|
|
|
|
| |
Resolve an issue when only uid_map or only gid_map is specified.
We set the default values to None. However, `len(None)` will raise
an exception. To avoid this we need to set the default values to
[] (empty list).
|
| |
|
|
|
|
| |
Split the function mapping_uid_gid in two parts so that the code which
makes both lists map_uid and map_gid with equal length can be
reused.
|
| |
|
|
|
| |
Move the functions implementing UID/GID mapping in the utils module
and hence they can be reused with qcow2 output format.
|
