8758d08bb4
API v1.20 (Docker Engine v1.11.0) and older allowed a HostConfig to be passed when starting a container. This feature was deprecated in API v1.21 (Docker Engine v1.10.0) in3e7405aea8, and removed in API v1.23 (Docker Engine v1.12.0) in commit0a8386c8be. API v1.23 and older are deprecated, and this patch removes the feature. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
81 lines
2.5 KiB
Go
81 lines
2.5 KiB
Go
package runconfig // import "github.com/docker/docker/runconfig"
|
|
|
|
import (
|
|
"encoding/json"
|
|
"io"
|
|
|
|
"github.com/docker/docker/api/types/container"
|
|
networktypes "github.com/docker/docker/api/types/network"
|
|
"github.com/docker/docker/pkg/sysinfo"
|
|
)
|
|
|
|
// ContainerDecoder implements httputils.ContainerDecoder
|
|
// calling DecodeContainerConfig.
|
|
type ContainerDecoder struct {
|
|
GetSysInfo func() *sysinfo.SysInfo
|
|
}
|
|
|
|
// DecodeConfig makes ContainerDecoder to implement httputils.ContainerDecoder
|
|
func (r ContainerDecoder) DecodeConfig(src io.Reader) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
|
|
var si *sysinfo.SysInfo
|
|
if r.GetSysInfo != nil {
|
|
si = r.GetSysInfo()
|
|
} else {
|
|
si = sysinfo.New()
|
|
}
|
|
|
|
return decodeContainerConfig(src, si)
|
|
}
|
|
|
|
// decodeContainerConfig decodes a json encoded config into a ContainerConfigWrapper
|
|
// struct and returns both a Config and a HostConfig struct, and performs some
|
|
// validation. Certain parameters need daemon-side validation that cannot be done
|
|
// on the client, as only the daemon knows what is valid for the platform.
|
|
// Be aware this function is not checking whether the resulted structs are nil,
|
|
// it's your business to do so
|
|
func decodeContainerConfig(src io.Reader, si *sysinfo.SysInfo) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
|
|
var w ContainerConfigWrapper
|
|
if err := loadJSON(src, &w); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
|
|
hc := w.getHostConfig()
|
|
if hc == nil {
|
|
// We may not be passed a host config, such as in the case of docker commit
|
|
return w.Config, hc, w.NetworkingConfig, nil
|
|
}
|
|
if err := validateNetMode(w.Config, hc); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if err := validateIsolation(hc); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if err := validateQoS(hc); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if err := validateResources(hc, si); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if err := validatePrivileged(hc); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if err := validateReadonlyRootfs(hc); err != nil {
|
|
return nil, nil, nil, err
|
|
}
|
|
if w.Config != nil && w.Config.Volumes == nil {
|
|
w.Config.Volumes = make(map[string]struct{})
|
|
}
|
|
return w.Config, hc, w.NetworkingConfig, nil
|
|
}
|
|
|
|
// loadJSON is similar to api/server/httputils.ReadJSON()
|
|
func loadJSON(src io.Reader, out interface{}) error {
|
|
dec := json.NewDecoder(src)
|
|
if err := dec.Decode(&out); err != nil {
|
|
return invalidJSONError{Err: err}
|
|
}
|
|
if dec.More() {
|
|
return validationError("unexpected content after JSON")
|
|
}
|
|
return nil
|
|
}
|