Support sig-proxy for podman-remote attach and start

Signals were not proxied for attach and start for podman-remote. Now they are. Signed-off-by: Ashley Cui <acui@redhat.com>
containers · Jan 3, 2023 · 9055919 · 9055919
1 parent 28d04bc
commit 9055919
Show file tree

Hide file tree

Showing 2 changed files with 114 additions and 4 deletions.
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
@@ -546,6 +546,13 @@ func (ic *ContainerEngine) ContainerAttach(ctx context.Context, nameOrID string,
 		return fmt.Errorf("you can only attach to running containers")
 	}
 	options := new(containers.AttachOptions).WithStream(true).WithDetachKeys(opts.DetachKeys)
+	if opts.SigProxy {
+		remoteProxySignals(ctr.ID, func(signal string) error {
+			killOpts := entities.KillOptions{All: false, Latest: false, Signal: signal}
+			_, err := ic.ContainerKill(ctx, []string{ctr.ID}, killOpts)
+			return err
+		})
+	}
 	return containers.Attach(ic.ClientCtx, nameOrID, opts.Stdin, opts.Stdout, opts.Stderr, nil, options)
 }
 
@@ -611,7 +618,7 @@ func (ic *ContainerEngine) ContainerExecDetached(ctx context.Context, nameOrID s
 	return sessionID, nil
 }
 
-func startAndAttach(ic *ContainerEngine, name string, detachKeys *string, input, output, errput *os.File) error {
+func startAndAttach(ic *ContainerEngine, name string, detachKeys *string, sigProxy bool, input, output, errput *os.File) error {
 	if output == nil && errput == nil {
 		fmt.Printf("%s\n", name)
 	}
@@ -621,6 +628,14 @@ func startAndAttach(ic *ContainerEngine, name string, detachKeys *string, input,
 	if dk := detachKeys; dk != nil {
 		options.WithDetachKeys(*dk)
 	}
+	if sigProxy {
+		remoteProxySignals(name, func(signal string) error {
+			killOpts := entities.KillOptions{All: false, Latest: false, Signal: signal}
+			_, err := ic.ContainerKill(ic.ClientCtx, []string{name}, killOpts)
+			return err
+		})
+	}
+
 	go func() {
 		err := containers.Attach(ic.ClientCtx, name, input, output, errput, attachReady, options)
 		attachErr <- err
@@ -693,7 +708,7 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri
 		}
 		ctrRunning := ctr.State == define.ContainerStateRunning.String()
 		if options.Attach {
-			err = startAndAttach(ic, name, &options.DetachKeys, options.Stdin, options.Stdout, options.Stderr)
+			err = startAndAttach(ic, name, &options.DetachKeys, options.SigProxy, options.Stdin, options.Stdout, options.Stderr)
 			if err == define.ErrDetach {
 				// User manually detached
 				// Exit cleanly immediately
@@ -851,7 +866,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
 			return err
 		})
 	}
-	if err := startAndAttach(ic, con.ID, &opts.DetachKeys, opts.InputStream, opts.OutputStream, opts.ErrorStream); err != nil {
+	if err := startAndAttach(ic, con.ID, &opts.DetachKeys, opts.SigProxy, opts.InputStream, opts.OutputStream, opts.ErrorStream); err != nil {
 		if err == define.ErrDetach {
 			return &report, nil
 		}

diff --git a/test/system/032-sig-proxy.bats b/test/system/032-sig-proxy.bats
@@ -2,7 +2,7 @@
 
 load helpers
 
-@test "podman sigkill" {
+@test "podman run sigkill" {
     $PODMAN run -i --name foo $IMAGE sh -c 'trap "echo BYE;exit 0" INT;echo READY;while :;do sleep 0.1;done' &
     local kidpid=$!
 
@@ -40,4 +40,99 @@ load helpers
     run_podman rm -f -t0 foo
 }
 
+@test "podman start sigkill" {
+
+    $PODMAN create --name foo $IMAGE sh -c 'trap "echo BYE;exit 0" INT;echo READY;while :;do sleep 0.1;done' 
+    $PODMAN start --attach foo &
+    local kidpid=$!
+
+    # Wait for container to appear
+    local timeout=5
+    while :;do
+          sleep 0.5
+          run_podman '?' container exists foo
+          if [[ $status -eq 0 ]]; then
+              break
+          fi
+          timeout=$((timeout - 1))
+          if [[ $timeout -eq 0 ]]; then
+              die "Timed out waiting for container to start"
+          fi
+    done
+
+    wait_for_ready foo
+
+    # Signal, and wait for container to exit
+    kill -INT $kidpid
+    local timeout=10
+    while :;do
+          sleep 0.5
+          run_podman logs foo
+          if [[ "$output" =~ BYE ]]; then
+              break
+          fi
+          timeout=$((timeout - 1))
+          if [[ $timeout -eq 0 ]]; then
+              die "Timed out waiting for BYE from container"
+          fi
+    done
+
+    run_podman rm -f -t0 foo
+}
+
+@test "podman attach sigkill" {
+    $PODMAN run --name foo $IMAGE sh -c 'trap "echo BYE;exit 0" INT;echo READY;while :;do sleep 0.1;done' &
+
+    # Wait for container to appear
+    local timeout=5
+    while :;do
+          sleep 0.5
+          run_podman '?' container exists foo
+          if [[ $status -eq 0 ]]; then
+              break
+          fi
+          timeout=$((timeout - 1))
+          if [[ $timeout -eq 0 ]]; then
+              die "Timed out waiting for container to start"
+          fi
+    done
+
+    wait_for_ready foo
+
+    $PODMAN attach foo &
+    local kidpid=$!
+
+    # Wait for attach process to start
+    local timeout=5
+    while :;do
+          sleep 0.5
+          run_podman '?' container exists foo
+          if ps -p $kidpid > /dev/null
+          then
+            break
+          fi
+          timeout=$((timeout - 1))
+          if [[ $timeout -eq 0 ]]; then
+              die "Timed out waiting for attach"
+          fi
+    done
+
+    # Signal, and wait for container to exit
+    kill -INT $kidpid
+    local timeout=10
+    while :;do
+          sleep 0.5
+          run_podman logs foo
+          if [[ "$output" =~ BYE ]]; then
+              break
+          fi
+          timeout=$((timeout - 1))
+          if [[ $timeout -eq 0 ]]; then
+              die "Timed out waiting for BYE from container"
+          fi
+    done
+
+    run_podman rm -f -t0 foo
+}
+
 # vim: filetype=sh