Merge pull request #1100 from tonistiigi/overlay-readonly
cache: force overlay readonly by removing upperdirdocker-19.03
commit
4b7741dc29
|
@ -2,6 +2,7 @@ package cache
|
|||
|
||||
import (
|
||||
"context"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/containerd/containerd/mount"
|
||||
|
@ -429,6 +430,10 @@ func (m *readOnlyMounter) Mount() ([]mount.Mount, error) {
|
|||
return nil, err
|
||||
}
|
||||
for i, m := range mounts {
|
||||
if m.Type == "overlay" {
|
||||
mounts[i].Options = readonlyOverlay(m.Options)
|
||||
continue
|
||||
}
|
||||
opts := make([]string, 0, len(m.Options))
|
||||
for _, opt := range m.Options {
|
||||
if opt != "rw" {
|
||||
|
@ -440,3 +445,23 @@ func (m *readOnlyMounter) Mount() ([]mount.Mount, error) {
|
|||
}
|
||||
return mounts, nil
|
||||
}
|
||||
|
||||
func readonlyOverlay(opt []string) []string {
|
||||
out := make([]string, 0, len(opt))
|
||||
upper := ""
|
||||
for _, o := range opt {
|
||||
if strings.HasPrefix(o, "upperdir=") {
|
||||
upper = strings.TrimPrefix(o, "upperdir=")
|
||||
} else if !strings.HasPrefix(o, "workdir=") {
|
||||
out = append(out, o)
|
||||
}
|
||||
}
|
||||
if upper != "" {
|
||||
for i, o := range out {
|
||||
if strings.HasPrefix(o, "lowerdir=") {
|
||||
out[i] = "lowerdir=" + upper + ":" + strings.TrimPrefix(o, "lowerdir=")
|
||||
}
|
||||
}
|
||||
}
|
||||
return out
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue