-
Notifications
You must be signed in to change notification settings - Fork 766
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
run: add support for inline --network
in RUN
statements
#4566
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: flouthoc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold wait for openshift/imagebuilder#247 and a rebase so this PR does not points to a fork. |
LGTM once the imagebuilder PR is merged and you vendor from that. |
Will rebase this after: openshift/imagebuilder#247 |
It's merged. |
@rhatdan @TomSweeneyRedHat Rebased. @containers/buildah-maintainers PTAL |
We need commit openshift/imagebuilder@598142f Signed-off-by: Aditya R <arajan@redhat.com>
dc9d40c
to
c70284f
Compare
tests/bud.bats
Outdated
@test "build with inline RUN --network=host" { | ||
run_buildah build $WITH_POLICY_JSON -t source -f $BUDFILES/inline-network/Dockerfile1 | ||
expect_output --substring "Connecting to google.com" | ||
expect_output --substring "index.html" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps this should be running readlink /proc/self/ns/net
both during inside and after the build and comparing the two.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
True a better test will be readlink /proc/self/ns/net
@nalind @rhatdan @vrothberg @giuseppe @containers/buildah-maintainers PTAL |
Buildah should allow clients to support inline --network in RUN stmts so users can create isolate or expose a particular build containers. ```Dockerfile FROM alpine RUN --network=host wget google.com RUN --network=none wget google.com ``` Closes: containers#4230 Signed-off-by: Aditya R <arajan@redhat.com>
LGTM |
@rhatdan @containers/buildah-maintainers PTAL |
/lgtm |
/hold cancel |
Document RUN --network added in containers/buildah#4566 [NO NEW TESTS NEEDED] [CI:DOCS] Signed-off-by: Aditya R <arajan@redhat.com>
Document RUN --network added in containers/buildah#4566 [NO NEW TESTS NEEDED] [CI:DOCS] Signed-off-by: Aditya R <arajan@redhat.com>
Buildah should allow clients to support inline --network in RUN stmts so users
can create isolate or expose a particular build containers.
What type of PR is this?
What this PR does / why we need it:
How to verify it
Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Closes: #4230