github.com/containerd/containerd@v22.0.0-20200918172823-438c87b8e050+incompatible/cmd/ctr/commands/commands.go (about) 1 /* 2 Copyright The containerd Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package commands 18 19 import ( 20 "encoding/json" 21 "fmt" 22 "os" 23 "path/filepath" 24 "strings" 25 26 "github.com/containerd/containerd/defaults" 27 "github.com/urfave/cli" 28 ) 29 30 var ( 31 // SnapshotterFlags are cli flags specifying snapshotter names 32 SnapshotterFlags = []cli.Flag{ 33 cli.StringFlag{ 34 Name: "snapshotter", 35 Usage: "snapshotter name. Empty value stands for the default value.", 36 EnvVar: "CONTAINERD_SNAPSHOTTER", 37 }, 38 } 39 40 // LabelFlag is a cli flag specifying labels 41 LabelFlag = cli.StringSliceFlag{ 42 Name: "label", 43 Usage: "labels to attach to the image", 44 } 45 46 // RegistryFlags are cli flags specifying registry options 47 RegistryFlags = []cli.Flag{ 48 cli.BoolFlag{ 49 Name: "skip-verify,k", 50 Usage: "skip SSL certificate validation", 51 }, 52 cli.BoolFlag{ 53 Name: "plain-http", 54 Usage: "allow connections using plain HTTP", 55 }, 56 cli.StringFlag{ 57 Name: "user,u", 58 Usage: "user[:password] Registry user and password", 59 }, 60 cli.StringFlag{ 61 Name: "refresh", 62 Usage: "refresh token for authorization server", 63 }, 64 cli.StringFlag{ 65 Name: "hosts-dir", 66 // compatible with "/etc/docker/certs.d" 67 Usage: "Custom hosts configuration directory", 68 }, 69 cli.StringFlag{ 70 Name: "tlscacert", 71 Usage: "path to TLS root CA", 72 }, 73 cli.StringFlag{ 74 Name: "tlscert", 75 Usage: "path to TLS client certificate", 76 }, 77 cli.StringFlag{ 78 Name: "tlskey", 79 Usage: "path to TLS client key", 80 }, 81 } 82 83 // ContainerFlags are cli flags specifying container options 84 ContainerFlags = []cli.Flag{ 85 cli.StringFlag{ 86 Name: "config,c", 87 Usage: "path to the runtime-specific spec config file", 88 }, 89 cli.StringFlag{ 90 Name: "cwd", 91 Usage: "specify the working directory of the process", 92 }, 93 cli.StringSliceFlag{ 94 Name: "env", 95 Usage: "specify additional container environment variables (i.e. FOO=bar)", 96 }, 97 cli.StringFlag{ 98 Name: "env-file", 99 Usage: "specify additional container environment variables in a file(i.e. FOO=bar, one per line)", 100 }, 101 cli.StringSliceFlag{ 102 Name: "label", 103 Usage: "specify additional labels (i.e. foo=bar)", 104 }, 105 cli.StringSliceFlag{ 106 Name: "mount", 107 Usage: "specify additional container mount (ex: type=bind,src=/tmp,dst=/host,options=rbind:ro)", 108 }, 109 cli.BoolFlag{ 110 Name: "net-host", 111 Usage: "enable host networking for the container", 112 }, 113 cli.BoolFlag{ 114 Name: "privileged", 115 Usage: "run privileged container", 116 }, 117 cli.BoolFlag{ 118 Name: "read-only", 119 Usage: "set the containers filesystem as readonly", 120 }, 121 cli.StringFlag{ 122 Name: "runtime", 123 Usage: "runtime name", 124 Value: defaults.DefaultRuntime, 125 }, 126 cli.BoolFlag{ 127 Name: "tty,t", 128 Usage: "allocate a TTY for the container", 129 }, 130 cli.StringSliceFlag{ 131 Name: "with-ns", 132 Usage: "specify existing Linux namespaces to join at container runtime (format '<nstype>:<path>')", 133 }, 134 cli.StringFlag{ 135 Name: "pid-file", 136 Usage: "file path to write the task's pid", 137 }, 138 cli.IntFlag{ 139 Name: "gpus", 140 Usage: "add gpus to the container", 141 }, 142 cli.BoolFlag{ 143 Name: "allow-new-privs", 144 Usage: "turn off OCI spec's NoNewPrivileges feature flag", 145 }, 146 cli.Uint64Flag{ 147 Name: "memory-limit", 148 Usage: "memory limit (in bytes) for the container", 149 }, 150 cli.StringSliceFlag{ 151 Name: "device", 152 Usage: "add a device to a container", 153 }, 154 cli.BoolFlag{ 155 Name: "seccomp", 156 Usage: "enable the default seccomp profile", 157 }, 158 cli.StringFlag{ 159 Name: "seccomp-profile", 160 Usage: "file path to custom seccomp profile. seccomp must be set to true, before using seccomp-profile", 161 }, 162 } 163 ) 164 165 // ObjectWithLabelArgs returns the first arg and a LabelArgs object 166 func ObjectWithLabelArgs(clicontext *cli.Context) (string, map[string]string) { 167 var ( 168 first = clicontext.Args().First() 169 labelStrings = clicontext.Args().Tail() 170 ) 171 172 return first, LabelArgs(labelStrings) 173 } 174 175 // LabelArgs returns a map of label key,value pairs 176 func LabelArgs(labelStrings []string) map[string]string { 177 labels := make(map[string]string, len(labelStrings)) 178 for _, label := range labelStrings { 179 parts := strings.SplitN(label, "=", 2) 180 key := parts[0] 181 value := "true" 182 if len(parts) > 1 { 183 value = parts[1] 184 } 185 186 labels[key] = value 187 } 188 189 return labels 190 } 191 192 // PrintAsJSON prints input in JSON format 193 func PrintAsJSON(x interface{}) { 194 b, err := json.MarshalIndent(x, "", " ") 195 if err != nil { 196 fmt.Fprintf(os.Stderr, "can't marshal %+v as a JSON string: %v\n", x, err) 197 } 198 fmt.Println(string(b)) 199 } 200 201 // WritePidFile writes the pid atomically to a file 202 func WritePidFile(path string, pid int) error { 203 path, err := filepath.Abs(path) 204 if err != nil { 205 return err 206 } 207 tempPath := filepath.Join(filepath.Dir(path), fmt.Sprintf(".%s", filepath.Base(path))) 208 f, err := os.OpenFile(tempPath, os.O_RDWR|os.O_CREATE|os.O_EXCL|os.O_SYNC, 0666) 209 if err != nil { 210 return err 211 } 212 _, err = fmt.Fprintf(f, "%d", pid) 213 f.Close() 214 if err != nil { 215 return err 216 } 217 return os.Rename(tempPath, path) 218 }