github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/libpod/define/annotations.go (about) 1 package define 2 3 const ( 4 // InspectAnnotationCIDFile is used by Inspect to determine if a 5 // container ID file was created for the container. 6 // If an annotation with this key is found in the OCI spec, it will be 7 // used in the output of Inspect(). 8 InspectAnnotationCIDFile = "io.podman.annotations.cid-file" 9 // InspectAnnotationAutoremove is used by Inspect to determine if a 10 // container will be automatically removed on exit. 11 // If an annotation with this key is found in the OCI spec and is one of 12 // the two supported boolean values (InspectResponseTrue and 13 // InspectResponseFalse) it will be used in the output of Inspect(). 14 InspectAnnotationAutoremove = "io.podman.annotations.autoremove" 15 // InspectAnnotationVolumesFrom is used by Inspect to identify 16 // containers whose volumes are are being used by this container. 17 // It is expected to be a comma-separated list of container names and/or 18 // IDs. 19 // If an annotation with this key is found in the OCI spec, it will be 20 // used in the output of Inspect(). 21 InspectAnnotationVolumesFrom = "io.podman.annotations.volumes-from" 22 // InspectAnnotationPrivileged is used by Inspect to identify containers 23 // which are privileged (IE, running with elevated privileges). 24 // It is expected to be a boolean, populated by one of 25 // InspectResponseTrue or InspectResponseFalse. 26 // If an annotation with this key is found in the OCI spec, it will be 27 // used in the output of Inspect(). 28 InspectAnnotationPrivileged = "io.podman.annotations.privileged" 29 // InspectAnnotationPublishAll is used by Inspect to identify containers 30 // which have all the ports from their image published. 31 // It is expected to be a boolean, populated by one of 32 // InspectResponseTrue or InspectResponseFalse. 33 // If an annotation with this key is found in the OCI spec, it will be 34 // used in the output of Inspect(). 35 InspectAnnotationPublishAll = "io.podman.annotations.publish-all" 36 // InspectAnnotationInit is used by Inspect to identify containers that 37 // mount an init binary in. 38 // It is expected to be a boolean, populated by one of 39 // InspectResponseTrue or InspectResponseFalse. 40 // If an annotation with this key is found in the OCI spec, it will be 41 // used in the output of Inspect(). 42 InspectAnnotationInit = "io.podman.annotations.init" 43 // InspectAnnotationLabel is used by Inspect to identify containers with 44 // special SELinux-related settings. It is used to populate the output 45 // of the SecurityOpt setting. 46 // If an annotation with this key is found in the OCI spec, it will be 47 // used in the output of Inspect(). 48 InspectAnnotationLabel = "io.podman.annotations.label" 49 // InspectAnnotationSeccomp is used by Inspect to identify containers 50 // with special Seccomp-related settings. It is used to populate the 51 // output of the SecurityOpt setting in Inspect. 52 // If an annotation with this key is found in the OCI spec, it will be 53 // used in the output of Inspect(). 54 InspectAnnotationSeccomp = "io.podman.annotations.seccomp" 55 // InspectAnnotationApparmor is used by Inspect to identify containers 56 // with special Apparmor-related settings. It is used to populate the 57 // output of the SecurityOpt setting. 58 // If an annotation with this key is found in the OCI spec, it will be 59 // used in the output of Inspect(). 60 InspectAnnotationApparmor = "io.podman.annotations.apparmor" 61 62 // InspectResponseTrue is a boolean True response for an inspect 63 // annotation. 64 InspectResponseTrue = "TRUE" 65 // InspectResponseFalse is a boolean False response for an inspect 66 // annotation. 67 InspectResponseFalse = "FALSE" 68 69 // CheckpointAnnotationName is used by Container Checkpoint when creating a 70 // checkpoint image to specify the original human-readable name for the 71 // container. 72 CheckpointAnnotationName = "io.podman.annotations.checkpoint.name" 73 74 // CheckpointAnnotationRawImageName is used by Container Checkpoint when 75 // creating a checkpoint image to specify the original unprocessed name of 76 // the image used to create the container (as specified by the user). 77 CheckpointAnnotationRawImageName = "io.podman.annotations.checkpoint.rawImageName" 78 79 // CheckpointAnnotationRootfsImageID is used by Container Checkpoint when 80 // creating a checkpoint image to specify the original ID of the image used 81 // to create the container. 82 CheckpointAnnotationRootfsImageID = "io.podman.annotations.checkpoint.rootfsImageID" 83 84 // CheckpointAnnotationRootfsImageName is used by Container Checkpoint when 85 // creating a checkpoint image to specify the original image name used to 86 // create the container. 87 CheckpointAnnotationRootfsImageName = "io.podman.annotations.checkpoint.rootfsImageName" 88 89 // CheckpointAnnotationPodmanVersion is used by Container Checkpoint when 90 // creating a checkpoint image to specify the version of Podman used on the 91 // host where the checkpoint was created. 92 CheckpointAnnotationPodmanVersion = "io.podman.annotations.checkpoint.podman.version" 93 94 // CheckpointAnnotationCriuVersion is used by Container Checkpoint when 95 // creating a checkpoint image to specify the version of CRIU used on the 96 // host where the checkpoint was created. 97 CheckpointAnnotationCriuVersion = "io.podman.annotations.checkpoint.criu.version" 98 99 // CheckpointAnnotationRuntimeName is used by Container Checkpoint when 100 // creating a checkpoint image to specify the runtime used on the host where 101 // the checkpoint was created. 102 CheckpointAnnotationRuntimeName = "io.podman.annotations.checkpoint.runtime.name" 103 104 // CheckpointAnnotationRuntimeVersion is used by Container Checkpoint when 105 // creating a checkpoint image to specify the version of runtime used on the 106 // host where the checkpoint was created. 107 CheckpointAnnotationRuntimeVersion = "io.podman.annotations.checkpoint.runtime.version" 108 109 // CheckpointAnnotationConmonVersion is used by Container Checkpoint when 110 // creating a checkpoint image to specify the version of conmon used on 111 // the host where the checkpoint was created. 112 CheckpointAnnotationConmonVersion = "io.podman.annotations.checkpoint.conmon.version" 113 114 // CheckpointAnnotationHostArch is used by Container Checkpoint when 115 // creating a checkpoint image to specify the CPU architecture of the host 116 // on which the checkpoint was created. 117 CheckpointAnnotationHostArch = "io.podman.annotations.checkpoint.host.arch" 118 119 // CheckpointAnnotationHostKernel is used by Container Checkpoint when 120 // creating a checkpoint image to specify the kernel version used by the 121 // host where the checkpoint was created. 122 CheckpointAnnotationHostKernel = "io.podman.annotations.checkpoint.host.kernel" 123 124 // CheckpointAnnotationCgroupVersion is used by Container Checkpoint when 125 // creating a checkpoint image to specify the cgroup version used by the 126 // host where the checkpoint was created. 127 CheckpointAnnotationCgroupVersion = "io.podman.annotations.checkpoint.cgroups.version" 128 129 // CheckpointAnnotationDistributionVersion is used by Container Checkpoint 130 // when creating a checkpoint image to specify the version of host 131 // distribution on which the checkpoint was created. 132 CheckpointAnnotationDistributionVersion = "io.podman.annotations.checkpoint.distribution.version" 133 134 // CheckpointAnnotationDistributionName is used by Container Checkpoint when 135 // creating a checkpoint image to specify the name of host distribution on 136 // which the checkpoint was created. 137 CheckpointAnnotationDistributionName = "io.podman.annotations.checkpoint.distribution.name" 138 // MaxKubeAnnotation is the max length of annotations allowed by Kubernetes. 139 MaxKubeAnnotation = 63 140 ) 141 142 // IsReservedAnnotation returns true if the specified value corresponds to an 143 // already reserved annotation that Podman sets during container creation. 144 func IsReservedAnnotation(value string) bool { 145 switch value { 146 case InspectAnnotationCIDFile, InspectAnnotationAutoremove, InspectAnnotationVolumesFrom, InspectAnnotationPrivileged, InspectAnnotationPublishAll, InspectAnnotationInit, InspectAnnotationLabel, InspectAnnotationSeccomp, InspectAnnotationApparmor, InspectResponseTrue, InspectResponseFalse: 147 return true 148 149 default: 150 return false 151 } 152 }