github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/engine/runconfig/config.go (about)

     1  package runconfig // import "github.com/docker/docker/runconfig"
     2  
     3  import (
     4  	"encoding/json"
     5  	"io"
     6  
     7  	"github.com/docker/docker/api/types/container"
     8  	networktypes "github.com/docker/docker/api/types/network"
     9  	"github.com/docker/docker/pkg/sysinfo"
    10  )
    11  
    12  // ContainerDecoder implements httputils.ContainerDecoder
    13  // calling DecodeContainerConfig.
    14  type ContainerDecoder struct {
    15  	GetSysInfo func() *sysinfo.SysInfo
    16  }
    17  
    18  // DecodeConfig makes ContainerDecoder to implement httputils.ContainerDecoder
    19  func (r ContainerDecoder) DecodeConfig(src io.Reader) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
    20  	var si *sysinfo.SysInfo
    21  	if r.GetSysInfo != nil {
    22  		si = r.GetSysInfo()
    23  	} else {
    24  		si = sysinfo.New(true)
    25  	}
    26  
    27  	return decodeContainerConfig(src, si)
    28  }
    29  
    30  // DecodeHostConfig makes ContainerDecoder to implement httputils.ContainerDecoder
    31  func (r ContainerDecoder) DecodeHostConfig(src io.Reader) (*container.HostConfig, error) {
    32  	return decodeHostConfig(src)
    33  }
    34  
    35  // decodeContainerConfig decodes a json encoded config into a ContainerConfigWrapper
    36  // struct and returns both a Config and a HostConfig struct
    37  // Be aware this function is not checking whether the resulted structs are nil,
    38  // it's your business to do so
    39  func decodeContainerConfig(src io.Reader, si *sysinfo.SysInfo) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
    40  	var w ContainerConfigWrapper
    41  
    42  	decoder := json.NewDecoder(src)
    43  	if err := decoder.Decode(&w); err != nil {
    44  		return nil, nil, nil, err
    45  	}
    46  
    47  	hc := w.getHostConfig()
    48  
    49  	// Perform platform-specific processing of Volumes and Binds.
    50  	if w.Config != nil && hc != nil {
    51  
    52  		// Initialize the volumes map if currently nil
    53  		if w.Config.Volumes == nil {
    54  			w.Config.Volumes = make(map[string]struct{})
    55  		}
    56  	}
    57  
    58  	// Certain parameters need daemon-side validation that cannot be done
    59  	// on the client, as only the daemon knows what is valid for the platform.
    60  	if err := validateNetMode(w.Config, hc); err != nil {
    61  		return nil, nil, nil, err
    62  	}
    63  
    64  	// Validate isolation
    65  	if err := validateIsolation(hc); err != nil {
    66  		return nil, nil, nil, err
    67  	}
    68  
    69  	// Validate QoS
    70  	if err := validateQoS(hc); err != nil {
    71  		return nil, nil, nil, err
    72  	}
    73  
    74  	// Validate Resources
    75  	if err := validateResources(hc, si); err != nil {
    76  		return nil, nil, nil, err
    77  	}
    78  
    79  	// Validate Privileged
    80  	if err := validatePrivileged(hc); err != nil {
    81  		return nil, nil, nil, err
    82  	}
    83  
    84  	// Validate ReadonlyRootfs
    85  	if err := validateReadonlyRootfs(hc); err != nil {
    86  		return nil, nil, nil, err
    87  	}
    88  
    89  	return w.Config, hc, w.NetworkingConfig, nil
    90  }