Skip to content

Commit

Permalink
feat: Add Support for idmapping in finch-daemon
Browse files Browse the repository at this point in the history
Signed-off-by: Shubhranshu153 <[email protected]>
  • Loading branch information
Shubhranshu153 committed Oct 30, 2024
1 parent 2d280b8 commit dff7a03
Show file tree
Hide file tree
Showing 3 changed files with 73 additions and 4 deletions.
7 changes: 3 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,6 @@ restore-mod:
mv build/go.mod.bak go.mod
mv build/go.sum.bak go.sum

clean-build-dir:
rm -rf build

clean:
@rm -f $(BINARIES)
@rm -rf $(BIN)
Expand Down Expand Up @@ -108,8 +105,10 @@ $(GOLINT): linux
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(BIN) v1.60.3

.PHONY: lint
lint: linux $(GOLINT)
lint: linux $(GOLINT) patch-nerdctl
go mod edit -replace=github.com/containerd/[email protected]=./build/nerdctl && go mod tidy
$(GOLINT) run ./...
$(MAKE) restore-mod

.PHONY: test-unit
test-unit: linux
Expand Down
14 changes: 14 additions & 0 deletions internal/service/container/create.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package container
import (
"context"
"fmt"
"strings"

"github.com/containerd/containerd"
"github.com/containerd/containerd/cio"
Expand All @@ -20,6 +21,17 @@ import (
"github.com/runfinch/finch-daemon/pkg/errdefs"
)

// ExtractUsernsFromLabels searches for a label with the prefix
// "runfinch.com/internal/userns=" and sets the Userns field.
func extractUsernsFromLabels(createOpt *types.ContainerCreateOptions) {
for _, label := range createOpt.Label {
if strings.HasPrefix(label, "runfinch.com/internal/userns=") {
createOpt.Userns = strings.TrimPrefix(label, "runfinch.com/internal/userns=")
return // Exit after the first match
}
}
}

func (s *service) Create(ctx context.Context, image string, cmd []string, createOpt types.ContainerCreateOptions, netOpt types.NetworkOptions) (cid string, err error) {
// Set path to nerdctl binary required for OCI hooks and logging
if createOpt.NerdctlCmd == "" {
Expand All @@ -31,6 +43,8 @@ func (s *service) Create(ctx context.Context, image string, cmd []string, create
createOpt.NerdctlArgs = []string{}
}

extractUsernsFromLabels(&createOpt)

// translate network IDs to names because nerdctl currently does not recognize networks by their IDs during create.
// TODO: remove this when the issue is fixed upstream.
if err := s.translateNetworkIds(&netOpt); err != nil {
Expand Down
56 changes: 56 additions & 0 deletions internal/service/container/create_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -287,3 +287,59 @@ var _ = Describe("Container Create API ", func() {
})
})
})

var _ = Describe("Extracting Userns from Labels", func() {
var (
createOpt *types.ContainerCreateOptions
)

BeforeEach(func() {
createOpt = &types.ContainerCreateOptions{}
})

Describe("when there are labels", func() {
Context("with a matching userns label", func() {
BeforeEach(func() {
createOpt.Label = []string{"runfinch.com/internal/userns=test-namespace", "other.label=value"}
})

It("should extract the userns correctly", func() {
extractUsernsFromLabels(createOpt)
Expect(createOpt.Userns).To(Equal("test-namespace"))
})
})

Context("without a matching userns label", func() {
BeforeEach(func() {
createOpt.Label = []string{"other.label=value"}
})

It("should not set userns", func() {
extractUsernsFromLabels(createOpt)
Expect(createOpt.Userns).To(BeEmpty())
})
})

Context("with multiple matching userns labels", func() {
BeforeEach(func() {
createOpt.Label = []string{"runfinch.com/internal/userns=test-namespace", "runfinch.com/internal/userns=another-namespace"}
})

It("should extract only the first userns label", func() {
extractUsernsFromLabels(createOpt)
Expect(createOpt.Userns).To(Equal("test-namespace"))
})
})

Context("when the label list is empty", func() {
BeforeEach(func() {
createOpt.Label = []string{}
})

It("should not set userns", func() {
extractUsernsFromLabels(createOpt)
Expect(createOpt.Userns).To(BeEmpty())
})
})
})
})

0 comments on commit dff7a03

Please sign in to comment.