Allow passing the OCI runtime an empty command #21312
Conversation
|
You need to add [NO NEW TESTS NEEDED] or add a test to allow tests to run. What does crun report if you don't have an entrypoint or cmd in the image? |
|
/approve |
Since it's a new behavior, we really need a test. @giuseppe PTAL |
|
could we just use a dummy entrypoint for the image? With this change, the error code is more difficult to understand: The nice thing about catching it early in Podman is that we can give a suggestion about either the CMD or ENTRYPOINT being empty, which is not known to the OCI runtime: |
|
Would it make sense to default the entrypoint to "/bin/sh -c" for this case rather then failing, with a Debug message stating the default? |
Let's figure out what Docker does. We aim at being compatible but for sure can punch some holes where needed. |
Docker also complains when there is no entrypoint: |
|
I think it is fine to be compatibile with Docker, but we can do better in this case. Bottom line, I don't want a failure if running an OCI Runtime that does not require a command and a command makes little sense when running a image.
|
Are we talking of unit tests or integration tests? Where should this test go? |
|
I would test with system tests. Basically build an image with Command="" and Entrypoint="" then try to run it. |
albertofaria
force-pushed
the
no-entrypoint
branch
from
2de018c to
165c2f8
Compare
openshift-ci
bot
added
the
approved
|
This new version passes the OCI runtime an empty string entrypoint instead of no entrypoint at all, so that the resulting error message is the same as if an inexistent entrypoint was set. |
albertofaria
force-pushed
the
no-entrypoint
branch
from
165c2f8 to
74936b2
Compare
|
Changes LGTM, but the tests are very red. |
albertofaria
force-pushed
the
no-entrypoint
branch
from
74936b2 to
e873783
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: albertofaria, rhatdan, vrothberg The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Some OCI runtimes (cf. [1]) may tolerate container images that don't specify an entrypoint even if no entrypoint is given on the command line. In those cases, it's annoying for the user to have to pass a "" argument to podman. If no entrypoint is given, make the behavior the same as if an empty "" entrypoint was given. [1] https://github.com/containers/crun-vm Signed-off-by: Alberto Faria <afaria@redhat.com>
albertofaria
force-pushed
the
no-entrypoint
branch
from
e873783 to
5cc83da
Compare
|
The single test failure seems to be transient. |
Yes, that job flakes a lot at the moment. I restarted it ✔️ |
|
/lgtm |
openshift-merge-bot
bot
merged commit fcac504
into
containers:main
github-actions
bot
added
the
locked - please file new issue/PR
Some OCI runtimes (cf. [1]) may tolerate container images that don't specify an entrypoint together with no entrypoint being specified in the command line. In those cases, it's annoying for the user to have to pass a "" argument to podman.
[1] https://github.com/containers/crun-vm
Does this PR introduce a user-facing change?