Swarm config: use absolute paths for mount destination strings
Needed for runc >= 1.0.0-rc94.
See runc issue 2928.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9303376242
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
e4b9915803
commit
afbb1277a3
3 changed files with 15 additions and 2 deletions
|
@ -716,6 +716,17 @@ func getSecretTargetPath(r *swarmtypes.SecretReference) string {
|
|||
return filepath.Join(containerSecretMountPath, r.File.Name)
|
||||
}
|
||||
|
||||
// getConfigTargetPath makes sure that config paths inside the container are
|
||||
// absolute, as required by the runtime spec, and enforced by runc >= 1.0.0-rc94.
|
||||
// see https://github.com/opencontainers/runc/issues/2928
|
||||
func getConfigTargetPath(r *swarmtypes.ConfigReference) string {
|
||||
if filepath.IsAbs(r.File.Name) {
|
||||
return r.File.Name
|
||||
}
|
||||
|
||||
return filepath.Join(containerConfigMountPath, r.File.Name)
|
||||
}
|
||||
|
||||
// CreateDaemonEnvironment creates a new environment variable slice for this container.
|
||||
func (container *Container) CreateDaemonEnvironment(tty bool, linkedEnv []string) []string {
|
||||
// Setup environment
|
||||
|
|
|
@ -27,6 +27,7 @@ const (
|
|||
// for the graceful container stop before forcefully terminating it.
|
||||
DefaultStopTimeout = 10
|
||||
|
||||
containerConfigMountPath = "/"
|
||||
containerSecretMountPath = "/run/secrets"
|
||||
)
|
||||
|
||||
|
@ -242,7 +243,7 @@ func (container *Container) SecretMounts() ([]Mount, error) {
|
|||
}
|
||||
mounts = append(mounts, Mount{
|
||||
Source: fPath,
|
||||
Destination: r.File.Name,
|
||||
Destination: getConfigTargetPath(r),
|
||||
Writable: false,
|
||||
})
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
containerConfigMountPath = `C:\`
|
||||
containerSecretMountPath = `C:\ProgramData\Docker\secrets`
|
||||
containerInternalSecretMountPath = `C:\ProgramData\Docker\internal\secrets`
|
||||
containerInternalConfigsDirPath = `C:\ProgramData\Docker\internal\configs`
|
||||
|
@ -87,7 +88,7 @@ func (container *Container) CreateConfigSymlinks() error {
|
|||
if configRef.File == nil {
|
||||
continue
|
||||
}
|
||||
resolvedPath, _, err := container.ResolvePath(configRef.File.Name)
|
||||
resolvedPath, _, err := container.ResolvePath(getConfigTargetPath(configRef))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue