github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-26 15:32:30 +00:00
Code Issues Projects Releases Wiki Activity

agent-ctl: Align agent-ctl OCI Spec with oci-spec-rs

Browse Source 
This commit aligns the OCI Spec used within agent-ctl
with the oci-spec-rs definition and operations. This
enhancement ensures that agent-ctl adheres to the latest
OCI standards and provides a more consistent and reliable
experience for managing container images and configurations.

Fixes #9766

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
This commit is contained in:
Alex Lyn 2024-07-16 16:04:28 +08:00
parent faffee8909
commit c500fd5761
3 changed files with 227 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

286
src/tools/agent-ctl/Cargo.lock generated
View File

@ -263,12 +263,6 @@ version = "1.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]]
name = "bitflags"
version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1"
[[package]]
name = "bitmask-enum"
version = "2.1.0"
@ -384,6 +378,16 @@ version = "1.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610"
[[package]]
name = "bytes"
version = "0.4.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "206fdffcfa2df7cbe15601ef46c813fce0965eb3286db6b56c583b814b51c81c"
dependencies = [
"byteorder",
"iovec",
]
[[package]]
name = "bytes"
version = "1.4.0"
@ -396,7 +400,7 @@ version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fbdc32a78afc325d71a48d13084f1c3ddf67cc5dc06c6e5439a8630b14612cad"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"cfg-if 1.0.0",
"libc",
]
@ -471,8 +475,8 @@ checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c"
dependencies = [
"ansi_term",
"atty",
"bitflags 1.3.2",
"strsim",
"bitflags",
"strsim 0.8.0",
"textwrap",
"unicode-width",
"vec_map",
@ -589,8 +593,18 @@ version = "0.14.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7b750cb3417fd1b327431a470f388520309479ab0bf5e323505daf0290cd3850"
dependencies = [
"darling_core",
"darling_macro",
"darling_core 0.14.4",
"darling_macro 0.14.4",
]
[[package]]
name = "darling"
version = "0.20.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "83b2eb4d90d12bdda5ed17de686c2acb4c57914f8f921b8da7e112b5a36f3fe1"
dependencies = [
"darling_core 0.20.9",
"darling_macro 0.20.9",
]
[[package]]
@ -606,17 +620,42 @@ dependencies = [
"syn 1.0.109",
]
[[package]]
name = "darling_core"
version = "0.20.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "622687fe0bac72a04e5599029151f5796111b90f1baaa9b544d807a5e31cd120"
dependencies = [
"fnv",
"ident_case",
"proc-macro2",
"quote",
"strsim 0.11.1",
"syn 2.0.18",
]
[[package]]
name = "darling_macro"
version = "0.14.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4aab4dbc9f7611d8b55048a3a16d2d010c2c8334e46304b40ac1cc14bf3b48e"
dependencies = [
"darling_core",
"darling_core 0.14.4",
"quote",
"syn 1.0.109",
]
[[package]]
name = "darling_macro"
version = "0.20.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178"
dependencies = [
"darling_core 0.20.9",
"quote",
"syn 2.0.18",
]
[[package]]
name = "derivative"
version = "2.2.0"
@ -639,6 +678,37 @@ dependencies = [
"syn 1.0.109",
]
[[package]]
name = "derive_builder"
version = "0.20.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0350b5cb0331628a5916d6c5c0b72e97393b8b6b03b47a9284f4e7f5a405ffd7"
dependencies = [
"derive_builder_macro",
]
[[package]]
name = "derive_builder_core"
version = "0.20.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d48cda787f839151732d396ac69e3473923d54312c070ee21e9effcaa8ca0b1d"
dependencies = [
"darling 0.20.9",
"proc-macro2",
"quote",
"syn 2.0.18",
]
[[package]]
name = "derive_builder_macro"
version = "0.20.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "206868b8242f27cecce124c19fd88157fbd0dd334df2587f36417bafbc85097b"
dependencies = [
"derive_builder_core",
"syn 2.0.18",
]
[[package]]
name = "digest"
version = "0.10.7"
@ -887,6 +957,18 @@ dependencies = [
"wasi 0.11.0+wasi-snapshot-preview1",
]
[[package]]
name = "getset"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e45727250e75cc04ff2846a66397da8ef2b3db8e40e0cef4df67950a07621eb9"
dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
"syn 1.0.109",
]
[[package]]
name = "gimli"
version = "0.29.0"
@ -917,6 +999,12 @@ dependencies = [
"unicode-segmentation",
]
[[package]]
name = "heck"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
[[package]]
name = "hermit-abi"
version = "0.1.19"
@ -998,7 +1086,7 @@ version = "0.9.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f8069d3ec154eb856955c1c0fbffefbf5f3c40a104ec912d4797314c1801abff"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"futures-core",
"inotify-sys",
"libc",
@ -1034,6 +1122,15 @@ dependencies = [
"windows-sys 0.48.0",
]
[[package]]
name = "iovec"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e"
dependencies = [
"libc",
]
[[package]]
name = "itertools"
version = "0.10.5"
@ -1071,7 +1168,7 @@ dependencies = [
"libc",
"logging",
"nix 0.23.2",
"oci",
"oci-spec",
"protobuf 3.2.0",
"protocols",
"rand",
@ -1098,9 +1195,10 @@ dependencies = [
"lazy_static",
"libc",
"nix 0.24.3",
"oci",
"oci-spec",
"once_cell",
"rand",
"runtime-spec",
"safe-path",
"serde",
"serde_json",
@ -1121,7 +1219,7 @@ dependencies = [
"glob",
"lazy_static",
"num_cpus",
"oci",
"oci-spec",
"regex",
"safe-path",
"serde",
@ -1174,9 +1272,9 @@ dependencies = [
[[package]]
name = "memchr"
version = "2.5.0"
version = "2.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d"
checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3"
[[package]]
name = "memoffset"
@ -1196,15 +1294,6 @@ dependencies = [
"autocfg",
]
[[package]]
name = "memoffset"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a"
dependencies = [
"autocfg",
]
[[package]]
name = "miniz_oxide"
version = "0.7.3"
@ -1237,7 +1326,7 @@ version = "0.23.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"cc",
"cfg-if 1.0.0",
"libc",
@ -1250,7 +1339,7 @@ version = "0.24.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fa52e972a9a719cecb6864fb88568781eb706bac2cd1d4f04a648542dbf78069"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"cfg-if 1.0.0",
"libc",
"memoffset 0.6.5",
@ -1263,7 +1352,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4"
dependencies = [
"autocfg",
"bitflags 1.3.2",
"bitflags",
"cfg-if 1.0.0",
"libc",
]
@ -1274,25 +1363,13 @@ version = "0.26.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"cfg-if 1.0.0",
"libc",
"memoffset 0.7.1",
"pin-utils",
]
[[package]]
name = "nix"
version = "0.27.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053"
dependencies = [
"bitflags 2.5.0",
"cfg-if 1.0.0",
"libc",
"memoffset 0.9.1",
]
[[package]]
name = "ntapi"
version = "0.4.1"
@ -1340,20 +1417,27 @@ dependencies = [
]
[[package]]
name = "oci"
version = "0.1.0"
name = "oci-spec"
version = "0.6.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3f5a3fe998d50101ae009351fec56d88a69f4ed182e11000e711068c2f5abf72"
dependencies = [
"libc",
"derive_builder",
"getset",
"once_cell",
"regex",
"serde",
"serde_derive",
"serde_json",
"strum",
"strum_macros",
"thiserror",
]
[[package]]
name = "once_cell"
version = "1.18.0"
version = "1.19.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
[[package]]
name = "ordered-stream"
@ -1419,7 +1503,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b2d323e8ca7996b3e23126511a523f7e62924d93ecd5ae73b333815b0eb3dce"
dependencies = [
"autocfg",
"bitflags 1.3.2",
"bitflags",
"cfg-if 1.0.0",
"concurrent-queue",
"libc",
@ -1453,6 +1537,7 @@ dependencies = [
"proc-macro-error-attr",
"proc-macro2",
"quote",
"syn 1.0.109",
"version_check",
]
@ -1482,7 +1567,7 @@ version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "de5e2533f59d08fcf364fd374ebda0692a70bd6d7e66ef97f306f45c6c5d8020"
dependencies = [
"bytes",
"bytes 1.4.0",
"prost-derive",
]
@ -1492,8 +1577,8 @@ version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603"
dependencies = [
"bytes",
"heck",
"bytes 1.4.0",
"heck 0.3.3",
"itertools",
"log",
"multimap",
@ -1523,7 +1608,7 @@ version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "603bbd6394701d13f3f25aada59c7de9d35a6a5887cfc156181234a44002771b"
dependencies = [
"bytes",
"bytes 1.4.0",
"prost",
]
@ -1597,7 +1682,8 @@ dependencies = [
name = "protocols"
version = "0.1.0"
dependencies = [
"oci",
"kata-sys-util",
"oci-spec",
"protobuf 3.2.0",
"serde",
"serde_json",
@ -1627,9 +1713,9 @@ dependencies = [
[[package]]
name = "quote"
version = "1.0.28"
version = "1.0.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488"
checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7"
dependencies = [
"proc-macro2",
]
@ -1696,7 +1782,7 @@ version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a"
dependencies = [
"bitflags 1.3.2",
"bitflags",
]
[[package]]
@ -1705,7 +1791,7 @@ version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29"
dependencies = [
"bitflags 1.3.2",
"bitflags",
]
[[package]]
@ -1721,9 +1807,21 @@ dependencies = [
[[package]]
name = "regex"
version = "1.8.3"
version = "1.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390"
checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f"
dependencies = [
"aho-corasick",
"memchr",
"regex-automata",
"regex-syntax",
]
[[package]]
name = "regex-automata"
version = "0.4.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df"
dependencies = [
"aho-corasick",
"memchr",
@ -1732,9 +1830,9 @@ dependencies = [
[[package]]
name = "regex-syntax"
version = "0.7.2"
version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78"
checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b"
[[package]]
name = "rend"
@ -1753,7 +1851,7 @@ checksum = "527a97cdfef66f65998b5f3b637c26f5a5ec09cc52a3f9932313ac645f4190f5"
dependencies = [
"bitvec",
"bytecheck",
"bytes",
"bytes 1.4.0",
"hashbrown",
"ptr_meta",
"rend",
@ -1783,6 +1881,16 @@ dependencies = [
"libc",
]
[[package]]
name = "runtime-spec"
version = "0.1.0"
dependencies = [
"libc",
"serde",
"serde_derive",
"serde_json",
]
[[package]]
name = "rust_decimal"
version = "1.33.1"
@ -1791,7 +1899,7 @@ checksum = "06676aec5ccb8fc1da723cc8c0f9a46549f21ebb8753d3915c6c41db1e7f1dc4"
dependencies = [
"arrayvec",
"borsh",
"bytes",
"bytes 1.4.0",
"num-traits",
"rand",
"rkyv",
@ -1811,7 +1919,7 @@ version = "0.37.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d"
dependencies = [
"bitflags 1.3.2",
"bitflags",
"errno",
"io-lifetimes",
"libc",
@ -1837,12 +1945,13 @@ dependencies = [
"lazy_static",
"libc",
"nix 0.24.3",
"oci",
"oci-spec",
"path-absolutize",
"protobuf 3.2.0",
"protocols",
"regex",
"rlimit",
"runtime-spec",
"scan_fmt",
"scopeguard",
"serde",
@ -1911,7 +2020,7 @@ version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6eb8ec7724e4e524b2492b510e66957fe1a2c76c26a6975ec80823f2439da685"
dependencies = [
"darling_core",
"darling_core 0.14.4",
"serde-rename-rule",
"syn 1.0.109",
]
@ -1922,7 +2031,7 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26416dc95fcd46b0e4b12a3758043a229a6914050aaec2e8191949753ed4e9aa"
dependencies = [
"darling",
"darling 0.14.4",
"proc-macro2",
"quote",
"serde-attributes",
@ -2105,6 +2214,31 @@ version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
[[package]]
name = "strsim"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
[[package]]
name = "strum"
version = "0.26.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06"
[[package]]
name = "strum_macros"
version = "0.26.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be"
dependencies = [
"heck 0.5.0",
"proc-macro2",
"quote",
"rustversion",
"syn 2.0.18",
]
[[package]]
name = "subprocess"
version = "0.2.9"
@ -2301,7 +2435,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba4f4a02a7a80d6f274636f0aa95c7e383b912d41fe721a31f29e29698585a4a"
dependencies = [
"backtrace",
"bytes",
"bytes 1.4.0",
"libc",
"mio",
"pin-project-lite",
@ -2324,11 +2458,11 @@ dependencies = [
[[package]]
name = "tokio-vsock"
version = "0.5.0"
version = "0.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2e336ac4b36df625d5429a735dd5847732fe5f62010e3ce0c50f3705d44730f8"
checksum = "9b33556828911d16e24d8b5d336446b0bf6b4b9bfda52cbdc2fa35b7a2862ebc"
dependencies = [
"bytes",
"bytes 0.4.12",
"futures",
"libc",
"tokio",
@ -2497,12 +2631,12 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
[[package]]
name = "vsock"
version = "0.4.0"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2dfb6e7a74830912f1f4a7655227c9ded1ea4e9136676311fedf54bedb412f35"
checksum = "e32675ee2b3ce5df274c0ab52d19b28789632406277ca26bffee79a8e27dc133"
dependencies = [
"libc",
"nix 0.27.1",
"nix 0.23.2",
]
[[package]]

2
src/tools/agent-ctl/Cargo.toml
View File

@ -13,7 +13,7 @@ license = "Apache-2.0"
[dependencies]
protocols = { path = "../../libs/protocols", features = ["with-serde"] }
rustjail = { path = "../../agent/rustjail" }
oci = { path = "../../libs/oci" }
oci-spec = { version = "0.6.8", features = ["runtime"] }
clap = "2.33.0"
lazy_static = "1.4.0"

425
src/tools/agent-ctl/src/utils.rs
View File

@ -5,23 +5,9 @@
use crate::types::{Config, Options};
use anyhow::{anyhow, Result};
use oci::{
Linux as ociLinux, Mount as ociMount, Process as ociProcess, Root as ociRoot, Spec as ociSpec,
};
use protocols::oci::{
Box as ttrpcBox, Linux as ttrpcLinux, LinuxBlockIO as ttrpcLinuxBlockIO,
LinuxCPU as ttrpcLinuxCPU, LinuxCapabilities as ttrpcLinuxCapabilities,
LinuxDevice as ttrpcLinuxDevice, LinuxDeviceCgroup as ttrpcLinuxDeviceCgroup,
LinuxHugepageLimit as ttrpcLinuxHugepageLimit, LinuxIDMapping as ttrpcLinuxIDMapping,
LinuxIntelRdt as ttrpcLinuxIntelRdt, LinuxInterfacePriority as ttrpcLinuxInterfacePriority,
LinuxMemory as ttrpcLinuxMemory, LinuxNamespace as ttrpcLinuxNamespace,
LinuxNetwork as ttrpcLinuxNetwork, LinuxPids as ttrpcLinuxPids,
LinuxResources as ttrpcLinuxResources, LinuxSeccomp as ttrpcLinuxSeccomp,
LinuxSeccompArg as ttrpcLinuxSeccompArg, LinuxSyscall as ttrpcLinuxSyscall,
LinuxThrottleDevice as ttrpcLinuxThrottleDevice, LinuxWeightDevice as ttrpcLinuxWeightDevice,
Mount as ttrpcMount, Process as ttrpcProcess, Root as ttrpcRoot, Spec as ttrpcSpec,
User as ttrpcUser,
};
use oci::{Root as ociRoot, Spec as ociSpec};
use oci_spec::runtime as oci;
use protocols::oci::{Mount as ttrpcMount, Root as ttrpcRoot, Spec as ttrpcSpec};
use rand::Rng;
use serde::de::DeserializeOwned;
use slog::{debug, warn};
@ -251,7 +237,7 @@ fn config_file_from_bundle_dir(bundle_dir: &str) -> Result<String> {
}
fn root_oci_to_ttrpc(bundle_dir: &str, root: &ociRoot) -> Result<ttrpcRoot> {
let root_dir = root.path.clone();
let root_dir = root.path().clone().display().to_string();
let path = if root_dir.starts_with('/') {
root_dir
@ -267,400 +253,20 @@ fn root_oci_to_ttrpc(bundle_dir: &str, root: &ociRoot) -> Result<ttrpcRoot> {
let ttrpc_root = ttrpcRoot {
Path: path,
Readonly: root.readonly,
Readonly: root.readonly().unwrap_or_default(),
..Default::default()
};
Ok(ttrpc_root)
}
fn process_oci_to_ttrpc(p: &ociProcess) -> ttrpcProcess {
let console_size = match &p.console_size {
Some(s) => {
let mut b = ttrpcBox::new();
b.set_Width(s.width);
b.set_Height(s.height);
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
};
let oom_score_adj: i64 = match p.oom_score_adj {
Some(s) => s.into(),
None => 0,
};
let mut user = ttrpcUser::new();
user.set_UID(p.user.uid);
user.set_GID(p.user.gid);
user.set_AdditionalGids(p.user.additional_gids.clone());
// FIXME: Implement RLimits OCI spec handling (copy from p.rlimits)
//let rlimits = vec![ttrpcPOSIXRlimit::new()];
let rlimits = Vec::new();
let capabilities = match &p.capabilities {
Some(c) => {
let mut gc = ttrpcLinuxCapabilities::new();
gc.set_Bounding(c.bounding.clone());
gc.set_Effective(c.effective.clone());
gc.set_Inheritable(c.inheritable.clone());
gc.set_Permitted(c.permitted.clone());
gc.set_Ambient(c.ambient.clone());
protobuf::MessageField::some(gc)
}
None => protobuf::MessageField::none(),
};
let mut env = Vec::new();
for pair in &p.env {
env.push(pair.to_string());
}
ttrpcProcess {
Terminal: p.terminal,
ConsoleSize: console_size,
User: protobuf::MessageField::some(user),
Args: p.args.clone(),
Env: env,
Cwd: p.cwd.clone(),
Capabilities: capabilities,
Rlimits: rlimits,
NoNewPrivileges: p.no_new_privileges,
ApparmorProfile: p.apparmor_profile.clone(),
OOMScoreAdj: oom_score_adj,
SelinuxLabel: p.selinux_label.clone(),
..Default::default()
}
}
fn mount_oci_to_ttrpc(m: &ociMount) -> ttrpcMount {
let mut ttrpc_options = Vec::new();
for op in &m.options {
ttrpc_options.push(op.to_string());
}
ttrpcMount {
destination: m.destination.clone(),
source: m.source.clone(),
type_: m.r#type.clone(),
options: ttrpc_options,
..Default::default()
}
}
fn idmaps_oci_to_ttrpc(res: &[oci::LinuxIdMapping]) -> Vec<ttrpcLinuxIDMapping> {
let mut ttrpc_idmaps = Vec::new();
for m in res.iter() {
let mut idmapping = ttrpcLinuxIDMapping::default();
idmapping.set_HostID(m.host_id);
idmapping.set_ContainerID(m.container_id);
idmapping.set_Size(m.size);
ttrpc_idmaps.push(idmapping);
}
ttrpc_idmaps
}
fn devices_oci_to_ttrpc(res: &[oci::LinuxDeviceCgroup]) -> Vec<ttrpcLinuxDeviceCgroup> {
let mut ttrpc_devices = Vec::new();
for d in res.iter() {
let mut device = ttrpcLinuxDeviceCgroup::default();
device.set_Major(d.major.unwrap_or(0));
device.set_Minor(d.minor.unwrap_or(0));
device.set_Access(d.access.clone());
device.set_Type(d.r#type.clone());
device.set_Allow(d.allow);
ttrpc_devices.push(device);
}
ttrpc_devices
}
fn memory_oci_to_ttrpc(res: &Option<oci::LinuxMemory>) -> protobuf::MessageField<ttrpcLinuxMemory> {
let memory = if res.is_some() {
let mem = res.as_ref().unwrap();
protobuf::MessageField::some(ttrpcLinuxMemory {
Limit: mem.limit.unwrap_or(0),
Reservation: mem.reservation.unwrap_or(0),
Swap: mem.swap.unwrap_or(0),
Kernel: mem.kernel.unwrap_or(0),
KernelTCP: mem.kernel_tcp.unwrap_or(0),
Swappiness: mem.swappiness.unwrap_or(0),
DisableOOMKiller: mem.disable_oom_killer.unwrap_or(false),
..Default::default()
})
} else {
protobuf::MessageField::none()
};
memory
}
fn cpu_oci_to_ttrpc(res: &Option<oci::LinuxCpu>) -> protobuf::MessageField<ttrpcLinuxCPU> {
match &res {
Some(s) => {
let mut cpu = ttrpcLinuxCPU::default();
cpu.set_Shares(s.shares.unwrap_or(0));
cpu.set_Quota(s.quota.unwrap_or(0));
cpu.set_Period(s.period.unwrap_or(0));
cpu.set_RealtimeRuntime(s.realtime_runtime.unwrap_or(0));
cpu.set_RealtimePeriod(s.realtime_period.unwrap_or(0));
protobuf::MessageField::some(cpu)
}
None => protobuf::MessageField::none(),
}
}
fn pids_oci_to_ttrpc(res: &Option<oci::LinuxPids>) -> protobuf::MessageField<ttrpcLinuxPids> {
match &res {
Some(s) => {
let mut b = ttrpcLinuxPids::new();
b.set_Limit(s.limit);
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
}
}
fn hugepage_limits_oci_to_ttrpc(res: &[oci::LinuxHugepageLimit]) -> Vec<ttrpcLinuxHugepageLimit> {
let mut ttrpc_hugepage_limits = Vec::new();
for h in res.iter() {
let mut hugepage_limit = ttrpcLinuxHugepageLimit::default();
hugepage_limit.set_Limit(h.limit);
hugepage_limit.set_Pagesize(h.page_size.clone());
ttrpc_hugepage_limits.push(hugepage_limit);
}
ttrpc_hugepage_limits
}
fn network_oci_to_ttrpc(
res: &Option<oci::LinuxNetwork>,
) -> protobuf::MessageField<ttrpcLinuxNetwork> {
match &res {
Some(s) => {
let mut b = ttrpcLinuxNetwork::new();
b.set_ClassID(s.class_id.unwrap_or(0));
let mut priorities = Vec::new();
for pr in s.priorities.iter() {
let mut lip = ttrpcLinuxInterfacePriority::new();
lip.set_Name(pr.name.clone());
lip.set_Priority(pr.priority);
priorities.push(lip);
}
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
}
}
fn weight_devices_oci_to_ttrpc(res: &[oci::LinuxWeightDevice]) -> Vec<ttrpcLinuxWeightDevice> {
let mut ttrpc_weight_devices = Vec::new();
for dev in res.iter() {
let mut device = ttrpcLinuxWeightDevice::default();
device.set_Major(dev.blk.major);
device.set_Minor(dev.blk.minor);
let weight: u32 = match dev.weight {
Some(s) => s.into(),
None => 0,
};
device.set_Weight(weight);
let leaf_weight: u32 = match dev.leaf_weight {
Some(s) => s.into(),
None => 0,
};
device.set_LeafWeight(leaf_weight);
ttrpc_weight_devices.push(device);
}
ttrpc_weight_devices
}
fn throttle_devices_oci_to_ttrpc(
res: &[oci::LinuxThrottleDevice],
) -> Vec<ttrpcLinuxThrottleDevice> {
let mut ttrpc_throttle_devices = Vec::new();
for dev in res.iter() {
let mut device = ttrpcLinuxThrottleDevice::default();
device.set_Major(dev.blk.major);
device.set_Minor(dev.blk.minor);
device.set_Rate(dev.rate);
ttrpc_throttle_devices.push(device);
}
ttrpc_throttle_devices
}
fn block_io_oci_to_ttrpc(
res: &Option<oci::LinuxBlockIo>,
) -> protobuf::MessageField<ttrpcLinuxBlockIO> {
match &res {
Some(s) => {
let mut b = ttrpcLinuxBlockIO::new();
let weight: u32 = match s.weight {
Some(s) => s.into(),
None => 0,
};
let leaf_weight: u32 = match s.leaf_weight {
Some(s) => s.into(),
None => 0,
};
b.set_Weight(weight);
b.set_LeafWeight(leaf_weight);
b.set_WeightDevice(weight_devices_oci_to_ttrpc(&s.weight_device));
b.set_ThrottleReadBpsDevice(throttle_devices_oci_to_ttrpc(&s.throttle_read_bps_device));
b.set_ThrottleReadIOPSDevice(throttle_devices_oci_to_ttrpc(
&s.throttle_read_iops_device,
));
b.set_ThrottleWriteBpsDevice(throttle_devices_oci_to_ttrpc(
&s.throttle_write_bps_device,
));
b.set_ThrottleWriteIOPSDevice(throttle_devices_oci_to_ttrpc(
&s.throttle_write_iops_device,
));
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
}
}
fn resources_oci_to_ttrpc(res: &oci::LinuxResources) -> ttrpcLinuxResources {
let devices = devices_oci_to_ttrpc(&res.devices);
let memory = memory_oci_to_ttrpc(&res.memory);
let cpu = cpu_oci_to_ttrpc(&res.cpu);
let pids = pids_oci_to_ttrpc(&res.pids);
let hugepage_limits = hugepage_limits_oci_to_ttrpc(&res.hugepage_limits);
let block_io = block_io_oci_to_ttrpc(&res.block_io);
let network = network_oci_to_ttrpc(&res.network);
ttrpcLinuxResources {
Devices: devices,
Memory: memory,
CPU: cpu,
Pids: pids,
BlockIO: block_io,
HugepageLimits: hugepage_limits,
Network: network,
..Default::default()
}
}
fn namespace_oci_to_ttrpc(res: &[oci::LinuxNamespace]) -> Vec<ttrpcLinuxNamespace> {
let mut ttrpc_namespace = Vec::new();
for n in res.iter() {
let mut ns = ttrpcLinuxNamespace::default();
ns.set_Path(n.path.clone());
ns.set_Type(n.r#type.clone());
ttrpc_namespace.push(ns);
}
ttrpc_namespace
}
fn linux_devices_oci_to_ttrpc(res: &[oci::LinuxDevice]) -> Vec<ttrpcLinuxDevice> {
let mut ttrpc_linux_devices = Vec::new();
for n in res.iter() {
let mut ld = ttrpcLinuxDevice::default();
ld.set_FileMode(n.file_mode.unwrap_or(0));
ld.set_GID(n.gid.unwrap_or(0));
ld.set_UID(n.uid.unwrap_or(0));
ld.set_Major(n.major);
ld.set_Minor(n.minor);
ld.set_Path(n.path.clone());
ld.set_Type(n.r#type.clone());
ttrpc_linux_devices.push(ld);
}
ttrpc_linux_devices
}
fn seccomp_oci_to_ttrpc(sec: &oci::LinuxSeccomp) -> ttrpcLinuxSeccomp {
let mut ttrpc_seccomp = ttrpcLinuxSeccomp::default();
let mut ttrpc_arch = Vec::new();
for a in &sec.architectures {
ttrpc_arch.push(std::string::String::from(a));
}
ttrpc_seccomp.set_Architectures(ttrpc_arch);
ttrpc_seccomp.set_DefaultAction(sec.default_action.clone());
let mut ttrpc_flags = Vec::new();
for f in &sec.flags {
ttrpc_flags.push(std::string::String::from(f));
}
ttrpc_seccomp.set_Flags(ttrpc_flags);
let mut ttrpc_syscalls = Vec::new();
for sys in &sec.syscalls {
let mut ttrpc_sys = ttrpcLinuxSyscall::default();
ttrpc_sys.set_Action(sys.action.clone());
let mut ttrpc_args = Vec::new();
for arg in &sys.args {
let mut a = ttrpcLinuxSeccompArg::default();
a.set_Index(arg.index as u64);
a.set_Op(arg.op.clone());
a.set_Value(arg.value);
a.set_ValueTwo(arg.value_two);
ttrpc_args.push(a);
}
ttrpc_sys.set_Args(ttrpc_args);
ttrpc_syscalls.push(ttrpc_sys);
}
ttrpc_seccomp.set_Syscalls(ttrpc_syscalls);
ttrpc_seccomp
}
fn intel_rdt_oci_to_ttrpc(ir: &oci::LinuxIntelRdt) -> ttrpcLinuxIntelRdt {
let mut ttrpc_intel_rdt = ttrpcLinuxIntelRdt::default();
ttrpc_intel_rdt.set_L3CacheSchema(ir.l3_cache_schema.clone());
ttrpc_intel_rdt
}
fn linux_oci_to_ttrpc(l: &ociLinux) -> ttrpcLinux {
let uid_mappings = idmaps_oci_to_ttrpc(&l.uid_mappings);
let gid_mappings = idmaps_oci_to_ttrpc(&l.gid_mappings);
let ttrpc_linux_resources = match &l.resources {
Some(s) => {
let b = resources_oci_to_ttrpc(s);
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
};
let ttrpc_namespaces = namespace_oci_to_ttrpc(&l.namespaces);
let ttrpc_linux_devices = linux_devices_oci_to_ttrpc(&l.devices);
let ttrpc_seccomp = match &l.seccomp {
Some(s) => {
let b = seccomp_oci_to_ttrpc(s);
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
};
let ttrpc_intel_rdt = match &l.intel_rdt {
Some(s) => {
let b = intel_rdt_oci_to_ttrpc(s);
protobuf::MessageField::some(b)
}
None => protobuf::MessageField::none(),
};
ttrpcLinux {
UIDMappings: uid_mappings,
GIDMappings: gid_mappings,
Sysctl: l.sysctl.clone(),
Resources: ttrpc_linux_resources,
CgroupsPath: l.cgroups_path.clone(),
Namespaces: ttrpc_namespaces,
Devices: ttrpc_linux_devices,
Seccomp: ttrpc_seccomp,
RootfsPropagation: l.rootfs_propagation.clone(),
MaskedPaths: l.masked_paths.clone(),
ReadonlyPaths: l.readonly_paths.clone(),
MountLabel: l.mount_label.clone(),
IntelRdt: ttrpc_intel_rdt,
..Default::default()
}
}
fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result<ttrpcSpec> {
let process = match &oci.process {
Some(p) => protobuf::MessageField::some(process_oci_to_ttrpc(p)),
let process = match &oci.process() {
Some(p) => protobuf::MessageField::some(p.clone().into()),
None => protobuf::MessageField::none(),
};
let root = match &oci.root {
let root = match &oci.root() {
Some(r) => {
let ttrpc_root = root_oci_to_ttrpc(bundle_dir, r)?;
@ -669,13 +275,14 @@ fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result<ttrpcSpec>
None => protobuf::MessageField::none(),
};
let mut mounts = Vec::new();
for m in &oci.mounts {
mounts.push(mount_oci_to_ttrpc(m));
let mut mounts: Vec<ttrpcMount> = Vec::new();
let oci_mounts = oci.mounts().clone().unwrap_or_default();
for m in oci_mounts {
mounts.push(m.clone().into());
}
let linux = match &oci.linux {
Some(l) => protobuf::MessageField::some(linux_oci_to_ttrpc(l)),
let linux = match &oci.linux() {
Some(l) => protobuf::MessageField::some(l.clone().into()),
None => protobuf::MessageField::none(),
};
@ -688,7 +295,7 @@ fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result<ttrpcSpec>
let hostname = "".to_string();
let ttrpc_spec = ttrpcSpec {
Version: oci.version.clone(),
Version: oci.version().clone(),
Process: process,
Root: root,
Hostname: hostname,
@ -721,7 +328,7 @@ fn split_uri(uri: &str) -> Result<(String, String)> {
}
pub fn spec_file_to_string(spec_file: String) -> Result<String> {
let oci_spec = ociSpec::load(&spec_file).map_err(|e| anyhow!(e))?;
let oci_spec = ociSpec::load(spec_file).map_err(|e| anyhow!(e))?;
serde_json::to_string(&oci_spec).map_err(|e| anyhow!(e))
}