diff --git a/src/libs/kata-types/src/mount.rs b/src/libs/kata-types/src/mount.rs index eac2afbffb..00b3b62a3e 100644 --- a/src/libs/kata-types/src/mount.rs +++ b/src/libs/kata-types/src/mount.rs @@ -47,6 +47,9 @@ pub const SANDBOX_BIND_MOUNTS_RO: &str = ":ro"; /// SANDBOX_BIND_MOUNTS_RO is for sandbox bindmounts with readwrite pub const SANDBOX_BIND_MOUNTS_RW: &str = ":rw"; +/// KATA_VIRTUAL_VOLUME_PREFIX is for container image guest pull +pub const KATA_VIRTUAL_VOLUME_PREFIX: &str = "io.katacontainers.volume="; + /// Directly assign a block volume to vm and mount it inside guest. pub const KATA_VIRTUAL_VOLUME_DIRECT_BLOCK: &str = "direct_block"; /// Present a container image as a generic block device. @@ -384,7 +387,15 @@ impl KataVirtualVolume { pub fn from_base64(value: &str) -> Result { let json = base64::decode(value)?; let volume: KataVirtualVolume = serde_json::from_slice(&json)?; + + Ok(volume) + } + + /// Decode and deserialize a virtual volume object from base64 encoded json string and validate it. + pub fn from_base64_and_validate(value: &str) -> Result { + let volume = Self::from_base64(value)?; volume.validate()?; + Ok(volume) } } @@ -532,7 +543,7 @@ pub fn adjust_rootfs_mounts() -> Result> { // Create a new Vec with a single Mount entry. // This Mount's options will contain the base64-encoded virtual volume. Ok(vec![Mount { - options: vec![format!("{}={}", "io.katacontainers.volume", b64_vol)], + options: vec![format!("{}{}", KATA_VIRTUAL_VOLUME_PREFIX, b64_vol)], ..Default::default() // Use default values for other Mount fields }]) } @@ -647,7 +658,8 @@ mod tests { volume.direct_volume = Some(DirectAssignedVolume { metadata }); let value = volume.to_base64().unwrap(); - let volume2: KataVirtualVolume = KataVirtualVolume::from_base64(value.as_str()).unwrap(); + let volume2: KataVirtualVolume = + KataVirtualVolume::from_base64_and_validate(value.as_str()).unwrap(); assert_eq!(volume.volume_type, volume2.volume_type); assert_eq!(volume.source, volume2.source); assert_eq!(volume.fs_type, volume2.fs_type); diff --git a/src/runtime-rs/crates/resource/src/rootfs/virtual_volume.rs b/src/runtime-rs/crates/resource/src/rootfs/virtual_volume.rs index 32cf69a76a..18e01b7488 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/virtual_volume.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/virtual_volume.rs @@ -9,6 +9,7 @@ use std::{collections::HashMap, path::PathBuf}; use anyhow::{anyhow, Context, Result}; use async_trait::async_trait; +use kata_types::mount::ImagePullVolume; use oci_spec::runtime as oci; use serde_json; use tokio::sync::RwLock; @@ -17,13 +18,12 @@ use hypervisor::device::device_manager::DeviceManager; use kata_types::{ annotations, container::ContainerType, - mount::{KataVirtualVolume, KATA_VIRTUAL_VOLUME_IMAGE_GUEST_PULL}, + mount::{KataVirtualVolume, KATA_VIRTUAL_VOLUME_IMAGE_GUEST_PULL, KATA_VIRTUAL_VOLUME_PREFIX}, }; /// Image guest-pull related consts const KUBERNETES_CRI_IMAGE_NAME: &str = "io.kubernetes.cri.image-name"; const KUBERNETES_CRIO_IMAGE_NAME: &str = "io.kubernetes.cri-o.ImageName"; -const KATA_VIRTUAL_VOLUME_PREFIX: &str = "io.katacontainers.volume="; const KATA_VIRTUAL_VOLUME_TYPE_OVERLAY_FS: &str = "overlayfs"; const KATA_GUEST_ROOT_SHARED_FS: &str = "/run/kata-containers/"; @@ -85,11 +85,16 @@ fn handle_virtual_volume_storage( let mut virtual_volume_info = virt_volume.clone(); // Merge metadata - for (k, v) in annotations.iter() { - if let Some(ref mut image_pull) = virtual_volume_info.image_pull { + if let Some(ref mut image_pull) = virtual_volume_info.image_pull { + for (k, v) in annotations.iter() { image_pull.metadata.insert(k.to_owned(), v.to_owned()); } + } else { + virtual_volume_info.image_pull = Some(ImagePullVolume { + metadata: annotations.clone(), + }); } + // Serialize ImagePull as JSON let image_pull_info = serde_json::to_string(&virtual_volume_info.image_pull) .map_err(|e| anyhow!(e.to_string()))?;