github.com/containerd/Containerd@v1.4.13/cmd/ctr/commands/commands.go (about) 1 /* 2 Copyright The containerd Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package commands 18 19 import ( 20 "encoding/json" 21 "fmt" 22 "os" 23 "path/filepath" 24 "strings" 25 26 "github.com/containerd/containerd/defaults" 27 "github.com/urfave/cli" 28 ) 29 30 var ( 31 // SnapshotterFlags are cli flags specifying snapshotter names 32 SnapshotterFlags = []cli.Flag{ 33 cli.StringFlag{ 34 Name: "snapshotter", 35 Usage: "snapshotter name. Empty value stands for the default value.", 36 EnvVar: "CONTAINERD_SNAPSHOTTER", 37 }, 38 } 39 40 // LabelFlag is a cli flag specifying labels 41 LabelFlag = cli.StringSliceFlag{ 42 Name: "label", 43 Usage: "labels to attach to the image", 44 } 45 46 // RegistryFlags are cli flags specifying registry options 47 RegistryFlags = []cli.Flag{ 48 cli.BoolFlag{ 49 Name: "skip-verify,k", 50 Usage: "skip SSL certificate validation", 51 }, 52 cli.BoolFlag{ 53 Name: "plain-http", 54 Usage: "allow connections using plain HTTP", 55 }, 56 cli.StringFlag{ 57 Name: "user,u", 58 Usage: "user[:password] Registry user and password", 59 }, 60 cli.StringFlag{ 61 Name: "refresh", 62 Usage: "refresh token for authorization server", 63 }, 64 cli.StringFlag{ 65 Name: "hosts-dir", 66 // compatible with "/etc/docker/certs.d" 67 Usage: "Custom hosts configuration directory", 68 }, 69 cli.StringFlag{ 70 Name: "tlscacert", 71 Usage: "path to TLS root CA", 72 }, 73 cli.StringFlag{ 74 Name: "tlscert", 75 Usage: "path to TLS client certificate", 76 }, 77 cli.StringFlag{ 78 Name: "tlskey", 79 Usage: "path to TLS client key", 80 }, 81 } 82 83 // ContainerFlags are cli flags specifying container options 84 ContainerFlags = []cli.Flag{ 85 cli.StringFlag{ 86 Name: "config,c", 87 Usage: "path to the runtime-specific spec config file", 88 }, 89 cli.StringFlag{ 90 Name: "cwd", 91 Usage: "specify the working directory of the process", 92 }, 93 cli.StringSliceFlag{ 94 Name: "env", 95 Usage: "specify additional container environment variables (i.e. FOO=bar)", 96 }, 97 cli.StringFlag{ 98 Name: "env-file", 99 Usage: "specify additional container environment variables in a file(i.e. FOO=bar, one per line)", 100 }, 101 cli.StringSliceFlag{ 102 Name: "label", 103 Usage: "specify additional labels (i.e. foo=bar)", 104 }, 105 cli.StringSliceFlag{ 106 Name: "mount", 107 Usage: "specify additional container mount (ex: type=bind,src=/tmp,dst=/host,options=rbind:ro)", 108 }, 109 cli.BoolFlag{ 110 Name: "net-host", 111 Usage: "enable host networking for the container", 112 }, 113 cli.BoolFlag{ 114 Name: "privileged", 115 Usage: "run privileged container", 116 }, 117 cli.BoolFlag{ 118 Name: "read-only", 119 Usage: "set the containers filesystem as readonly", 120 }, 121 cli.StringFlag{ 122 Name: "runtime", 123 Usage: "runtime name", 124 Value: defaults.DefaultRuntime, 125 }, 126 cli.BoolFlag{ 127 Name: "tty,t", 128 Usage: "allocate a TTY for the container", 129 }, 130 cli.StringSliceFlag{ 131 Name: "with-ns", 132 Usage: "specify existing Linux namespaces to join at container runtime (format '<nstype>:<path>')", 133 }, 134 cli.StringFlag{ 135 Name: "pid-file", 136 Usage: "file path to write the task's pid", 137 }, 138 cli.IntFlag{ 139 Name: "gpus", 140 Usage: "add gpus to the container", 141 }, 142 cli.BoolFlag{ 143 Name: "allow-new-privs", 144 Usage: "turn off OCI spec's NoNewPrivileges feature flag", 145 }, 146 cli.Uint64Flag{ 147 Name: "memory-limit", 148 Usage: "memory limit (in bytes) for the container", 149 }, 150 cli.StringSliceFlag{ 151 Name: "device", 152 Usage: "add a device to a container", 153 }, 154 cli.BoolFlag{ 155 Name: "seccomp", 156 Usage: "enable the default seccomp profile", 157 }, 158 } 159 ) 160 161 // ObjectWithLabelArgs returns the first arg and a LabelArgs object 162 func ObjectWithLabelArgs(clicontext *cli.Context) (string, map[string]string) { 163 var ( 164 first = clicontext.Args().First() 165 labelStrings = clicontext.Args().Tail() 166 ) 167 168 return first, LabelArgs(labelStrings) 169 } 170 171 // LabelArgs returns a map of label key,value pairs 172 func LabelArgs(labelStrings []string) map[string]string { 173 labels := make(map[string]string, len(labelStrings)) 174 for _, label := range labelStrings { 175 parts := strings.SplitN(label, "=", 2) 176 key := parts[0] 177 value := "true" 178 if len(parts) > 1 { 179 value = parts[1] 180 } 181 182 labels[key] = value 183 } 184 185 return labels 186 } 187 188 // PrintAsJSON prints input in JSON format 189 func PrintAsJSON(x interface{}) { 190 b, err := json.MarshalIndent(x, "", " ") 191 if err != nil { 192 fmt.Fprintf(os.Stderr, "can't marshal %+v as a JSON string: %v\n", x, err) 193 } 194 fmt.Println(string(b)) 195 } 196 197 // WritePidFile writes the pid atomically to a file 198 func WritePidFile(path string, pid int) error { 199 path, err := filepath.Abs(path) 200 if err != nil { 201 return err 202 } 203 tempPath := filepath.Join(filepath.Dir(path), fmt.Sprintf(".%s", filepath.Base(path))) 204 f, err := os.OpenFile(tempPath, os.O_RDWR|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0666) 205 if err != nil { 206 return err 207 } 208 _, err = fmt.Fprintf(f, "%d", pid) 209 f.Close() 210 if err != nil { 211 return err 212 } 213 return os.Rename(tempPath, path) 214 }