rkt · yifan-gu · Apr 12, 2016 · Apr 12, 2016 · Apr 12, 2016 · Apr 12, 2016
diff --git a/stage1/init/common/mount.go b/stage1/init/common/mount.go
@@ -56,16 +56,16 @@ func IsMountReadOnly(vol types.Volume, mountPoints []types.MountPoint) bool {
 	return isMPReadOnly(mountPoints, vol.Name)
 }
 
-func convertedFromDocker(ra *schema.RuntimeApp) bool {
-	ann := ra.Annotations
+func convertedFromDocker(im *schema.ImageManifest) bool {
+	ann := im.Annotations
 	_, ok := ann.Get("appc.io/docker/repository")
 	return ok
 }
 
 // GenerateMounts maps MountPoint paths to volumes, returning a list of mounts,
 // each with a parameter indicating if it's an implicit empty volume from a
 // Docker image.
-func GenerateMounts(ra *schema.RuntimeApp, volumes map[types.ACName]types.Volume) []mountWrapper {
+func GenerateMounts(ra *schema.RuntimeApp, volumes map[types.ACName]types.Volume, imageManifest *schema.ImageManifest) []mountWrapper {
 	app := ra.App
 
 	var genMnts []mountWrapper
@@ -101,7 +101,7 @@ func GenerateMounts(ra *schema.RuntimeApp, volumes map[types.ACName]types.Volume
 				GID:  &defaultGID,
 			}
 
-			dockerImplicit := convertedFromDocker(ra)
+			dockerImplicit := convertedFromDocker(imageManifest)
 			log.Printf("warning: no volume specified for mount point %q, implicitly creating an \"empty\" volume. This volume will be removed when the pod is garbage-collected.", mp.Name)
 			if dockerImplicit {
 				log.Printf("Docker converted image, initializing implicit volume with data contained at the mount point %q.", mp.Name)
@@ -162,11 +162,10 @@ func PrepareMountpoints(volPath string, targetPath string, vol *types.Volume, do
 				return errwrap.Wrap(fmt.Errorf("error copying image files to empty volume %q", volPath), err)
 			}
 		}
-	} else {
-		if err := os.MkdirAll(volPath, 0770); err != nil {
-			return errwrap.Wrap(fmt.Errorf("error creating %q", volPath), err)
-		}
+	}
 
+	if err := os.MkdirAll(volPath, 0770); err != nil {
+		return errwrap.Wrap(fmt.Errorf("error creating %q", volPath), err)
 	}
 	if err := os.Chown(volPath, Uid, Gid); err != nil {
 		return errwrap.Wrap(fmt.Errorf("could not change owner of %q", volPath), err)

diff --git a/stage1/init/common/pod.go b/stage1/init/common/pod.go
@@ -629,7 +629,8 @@ func appToNspawnArgs(p *stage1commontypes.Pod, ra *schema.RuntimeApp) ([]string,
 		vols[v.Name] = v
 	}
 
-	mounts := GenerateMounts(ra, vols)
+	imageManifest := p.Images[appName.String()]
+	mounts := GenerateMounts(ra, vols, imageManifest)
 	for _, m := range mounts {
 		vol := vols[m.Volume]
 

diff --git a/stage1/init/kvm.go b/stage1/init/kvm.go
@@ -48,9 +48,10 @@ func KvmNetworkingToSystemd(p *stage1commontypes.Pod, n *networking.Networking)
 	return nil
 }
 
-func mountSharedVolumes(root string, volumes []types.Volume, ra *schema.RuntimeApp) error {
+func mountSharedVolumes(root string, p *stage1commontypes.Pod, ra *schema.RuntimeApp) error {
 	app := ra.App
 	appName := ra.Name
+	volumes := p.Manifest.Volumes
 	vols := make(map[types.ACName]types.Volume)
 	for _, v := range volumes {
 		vols[v.Name] = v
@@ -64,7 +65,8 @@ func mountSharedVolumes(root string, volumes []types.Volume, ra *schema.RuntimeA
 		return errwrap.Wrap(fmt.Errorf("could not change permissions of %q", sharedVolPath), err)
 	}
 
-	mounts := stage1initcommon.GenerateMounts(ra, vols)
+	imageManifest := p.Images[appName.String()]
+	mounts := stage1initcommon.GenerateMounts(ra, vols, imageManifest)
 	for _, m := range mounts {
 		vol := vols[m.Volume]
 
@@ -155,7 +157,7 @@ func ensureDestinationExists(source, destination string) error {
 
 func prepareMountsForApp(s1Root string, p *stage1commontypes.Pod, ra *schema.RuntimeApp) error {
 	// bind mount all shared volumes (we don't use mechanism for bind-mounting given by nspawn)
-	if err := mountSharedVolumes(s1Root, p.Manifest.Volumes, ra); err != nil {
+	if err := mountSharedVolumes(s1Root, p, ra); err != nil {
 		return errwrap.Wrap(errors.New("failed to prepare mount point"), err)
 	}
 

diff --git a/tests/rkt_run_pod_manifest_test.go b/tests/rkt_run_pod_manifest_test.go
@@ -41,23 +41,6 @@ func stringP(s string) *string {
 	return &s
 }
 
-func generatePodManifestFile(t *testing.T, manifest *schema.PodManifest) string {
-	tmpDir := testutils.GetValueFromEnvOrPanic("FUNCTIONAL_TMP")
-	f, err := ioutil.TempFile(tmpDir, "rkt-test-manifest-")
-	if err != nil {
-		t.Fatalf("Cannot create tmp pod manifest: %v", err)
-	}
-
-	data, err := json.Marshal(manifest)
-	if err != nil {
-		t.Fatalf("Cannot marshal pod manifest: %v", err)
-	}
-	if err := ioutil.WriteFile(f.Name(), data, 0600); err != nil {
-		t.Fatalf("Cannot write pod manifest file: %v", err)
-	}
-	return f.Name()
-}
-
 func verifyHostFile(t *testing.T, tmpdir, filename string, i int, expectedResult string) {
 	filePath := path.Join(tmpdir, filename)
 	defer os.Remove(filePath)

diff --git a/tests/rkt_tests.go b/tests/rkt_tests.go
@@ -679,6 +679,23 @@ func runRktTrust(t *testing.T, ctx *testutils.RktRunCtx, prefix string, keyIndex
 	}
 }
 
+func generatePodManifestFile(t *testing.T, manifest *schema.PodManifest) string {
+	tmpDir := testutils.GetValueFromEnvOrPanic("FUNCTIONAL_TMP")
+	f, err := ioutil.TempFile(tmpDir, "rkt-test-manifest-")
+	if err != nil {
+		t.Fatalf("Cannot create tmp pod manifest: %v", err)
+	}
+
+	data, err := json.Marshal(manifest)
+	if err != nil {
+		t.Fatalf("Cannot marshal pod manifest: %v", err)
+	}
+	if err := ioutil.WriteFile(f.Name(), data, 0600); err != nil {
+		t.Fatalf("Cannot write pod manifest file: %v", err)
+	}
+	return f.Name()
+}
+
 func checkUserNS() error {
 	// CentOS 7 pretends to support user namespaces, but does not.
 	// See https://bugzilla.redhat.com/show_bug.cgi?id=1168776#c5

diff --git a/tests/rkt_volume_test.go b/tests/rkt_volume_test.go
@@ -24,6 +24,9 @@ import (
 	"time"
 
 	"github.com/coreos/rkt/tests/testutils"
+
+	"github.com/appc/spec/schema"
+	"github.com/appc/spec/schema/types"
 )
 
 var volTests = []struct {
@@ -169,8 +172,8 @@ func TestDockerVolumeSemantics(t *testing.T) {
 	defer ctx.Cleanup()
 
 	var dockerVolImage []string
-	for _, tt := range volDockerTests {
-		img := patchTestACI("rkt-volume-image.aci", fmt.Sprintf("--mounts=mydir,path=%s,readOnly=false", tt.dir))
+	for i, tt := range volDockerTests {
+		img := patchTestACI(fmt.Sprintf("rkt-volume-image-%d.aci", i), fmt.Sprintf("--mounts=mydir,path=%s,readOnly=false", tt.dir))
 		defer os.Remove(img)
 		dockerVolImage = append(dockerVolImage, img)
 	}
@@ -184,3 +187,52 @@ func TestDockerVolumeSemantics(t *testing.T) {
 		runRktAndCheckOutput(t, cmd, expected, false)
 	}
 }
+
+func TestDockerVolumeSemanticsPodManifest(t *testing.T) {
+	ctx := testutils.NewRktRunCtx()
+	defer ctx.Cleanup()
+
+	for i, tt := range volDockerTests {
+		t.Logf("Running test #%v on directory %s", i, tt.dir)
+
+		hash := patchImportAndFetchHash(fmt.Sprintf("rkt-volume-image-pm-%d.aci", i), []string{fmt.Sprintf("--mounts=mydir,path=%s,readOnly=false", tt.dir)}, t, ctx)
+
+		imgID, err := types.NewHash(hash)
+		if err != nil {
+			t.Fatalf("Cannot generate types.Hash from %v: %v", hash, err)
+		}
+
+		pm := &schema.PodManifest{
+			ACKind:    schema.PodManifestKind,
+			ACVersion: schema.AppContainerVersion,
+			Apps: []schema.RuntimeApp{
+				{
+					Name: "rkt-volume-image",
+					App: &types.App{
+						Exec:  []string{"/inspect", "--read-file"},
+						User:  "0",
+						Group: "0",
+						Environment: []types.EnvironmentVariable{
+							{"FILE", fmt.Sprintf("%s/file", tt.dir)},
+						},
+						MountPoints: []types.MountPoint{
+							{"mydir", tt.dir, false},
+						},
+					},
+					Image: schema.RuntimeImage{
+						ID: *imgID,
+					},
+				},
+			},
+		}
+
+		manifestFile := generatePodManifestFile(t, pm)
+		defer os.Remove(manifestFile)
+
+		cmd := fmt.Sprintf("%s --debug --insecure-options=image run --pod-manifest=%s", ctx.Cmd(), manifestFile)
+
+		expected := fmt.Sprintf("<<<%s>>>", tt.expectedContent)
+
+		runRktAndCheckOutput(t, cmd, expected, false)
+	}
+}