Documentation ¶
Overview ¶
Package spec implements OCI runtime spec support.
Index ¶
- Constants
- func New(o ...Option) (*runtime.Spec, error)
- func Write(path string, o ...Option) error
- type GID
- type Groupname
- type Groups
- type Option
- func WithCPULimit(limit string) Option
- func WithHostNetwork() Option
- func WithImageConfig(cfg *ociv1.ConfigFile, passwd, group string) Option
- func WithMemoryLimit(limit string) Option
- func WithRootFS(path string, readonly bool) Option
- func WithUser(user string, p Passwd) Option
- func WithUserAndGroup(user, group string, p Passwd) Option
- func WithUserOnly(user string, p Passwd) Option
- type Passwd
- type UID
- type Username
Constants ¶
const ( UnknownUID = UID(-1) UnknownGID = GID(-1) )
Unknown UID and GIDs.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Option ¶
An Option specifies optional OCI runtime configuration.
func WithCPULimit ¶
WithCPULimit limits the container's CPU usage per the supplied Kubernetes-style limit string (e.g. 0.5 or 500m for half a core).
func WithHostNetwork ¶
func WithHostNetwork() Option
WithHostNetwork configures the container to share the host's (i.e. xfn container's) network namespace.
func WithImageConfig ¶
func WithImageConfig(cfg *ociv1.ConfigFile, passwd, group string) Option
WithImageConfig extends a Spec with configuration derived from an OCI image config file. If the image config specifies a user it will be resolved using the supplied passwd and group files.
func WithMemoryLimit ¶
WithMemoryLimit limits the container's memory usage per the supplied Kubernetes-style limit string (e.g. 512Mi).
func WithRootFS ¶
WithRootFS configures a container's rootfs.
func WithUser ¶
WithUser resolves an OCI image config user string in order to set the spec's process user. According to the OCI image config v1.0 spec: "For Linux based systems, all of the following are valid: user, uid, user:group, uid:gid, uid:group, user:gid. If group/GID is not specified, the default group and supplementary groups of the given user/UID in /etc/passwd from the container are applied."
func WithUserAndGroup ¶
WithUserAndGroup resolves an OCI image config user string in order to set the spec's process user. The supplied user string must either be an integer UID (that may or may not exist in the container's /etc/passwd) or a username that exists in the container's /etc/passwd. The supplied group must either be an integer GID (that may or may not exist in the container's /etc/group) or a group name that exists in the container's /etc/group.
func WithUserOnly ¶
WithUserOnly resolves an OCI Image config user string in order to set the spec's process user. The supplied user string must either be an integer UID (that may or may not exist in the container's /etc/passwd) or a username that exists in the container's /etc/passwd. The supplied user string must not contain any group information.
type Passwd ¶
Passwd (and group) file data.
func ParsePasswd ¶
ParsePasswd parses the supplied passwd and group data.
func ParsePasswdFiles ¶
ParsePasswdFiles parses the passwd and group files at the supplied paths. If either path does not exist it returns empty Passwd data.