( sandboxID string, netNSPath string, containerName string, imageName string, config *runtime.ContainerConfig, sandboxConfig *runtime.PodSandboxConfig, imageConfig *imagespec.ImageConfig, extraMounts []*runtime.Mount, ociRuntime criconfig.Runtime, )
| 975 | } |
| 976 | |
| 977 | func (c *criService) buildWindowsSpec( |
| 978 | sandboxID string, |
| 979 | netNSPath string, |
| 980 | containerName string, |
| 981 | imageName string, |
| 982 | config *runtime.ContainerConfig, |
| 983 | sandboxConfig *runtime.PodSandboxConfig, |
| 984 | imageConfig *imagespec.ImageConfig, |
| 985 | extraMounts []*runtime.Mount, |
| 986 | ociRuntime criconfig.Runtime, |
| 987 | ) (_ []oci.SpecOpts, retErr error) { |
| 988 | var specOpts []oci.SpecOpts |
| 989 | specOpts = append(specOpts, customopts.WithProcessCommandLineOrArgsForWindows(config, imageConfig)) |
| 990 | |
| 991 | // All containers in a pod need to have HostProcess set if it was set on the pod, |
| 992 | // and vice versa no containers in the pod can be HostProcess if the pods spec |
| 993 | // didn't have the field set. The only case that is valid is if these are the same value. |
| 994 | cntrHpc := config.GetWindows().GetSecurityContext().GetHostProcess() |
| 995 | sandboxHpc := sandboxConfig.GetWindows().GetSecurityContext().GetHostProcess() |
| 996 | if cntrHpc != sandboxHpc { |
| 997 | return nil, errors.New("pod spec and all containers inside must have the HostProcess field set to be valid") |
| 998 | } |
| 999 | |
| 1000 | if config.GetWorkingDir() != "" { |
| 1001 | specOpts = append(specOpts, oci.WithProcessCwd(config.GetWorkingDir())) |
| 1002 | } else if imageConfig.WorkingDir != "" { |
| 1003 | specOpts = append(specOpts, oci.WithProcessCwd(imageConfig.WorkingDir)) |
| 1004 | } else if cntrHpc { |
| 1005 | specOpts = append(specOpts, oci.WithProcessCwd(`C:\hpc`)) |
| 1006 | } |
| 1007 | |
| 1008 | if config.GetTty() { |
| 1009 | specOpts = append(specOpts, oci.WithTTY) |
| 1010 | } |
| 1011 | |
| 1012 | // Apply envs from image config first, so that envs from container config |
| 1013 | // can override them. |
| 1014 | env := append([]string{}, imageConfig.Env...) |
| 1015 | for _, e := range config.GetEnvs() { |
| 1016 | env = append(env, e.GetKey()+"="+e.GetValue()) |
| 1017 | } |
| 1018 | specOpts = append(specOpts, oci.WithEnv(env)) |
| 1019 | |
| 1020 | specOpts = append(specOpts, |
| 1021 | // Clear the root location since hcsshim expects it. |
| 1022 | // NOTE: readonly rootfs doesn't work on windows. |
| 1023 | customopts.WithoutRoot, |
| 1024 | oci.WithWindowsNetworkNamespace(netNSPath), |
| 1025 | oci.WithHostname(sandboxConfig.GetHostname()), |
| 1026 | ) |
| 1027 | |
| 1028 | specOpts = append(specOpts, customopts.WithWindowsMounts(c.os, config, extraMounts), customopts.WithWindowsDevices(config)) |
| 1029 | |
| 1030 | // Start with the image config user and override below if RunAsUsername is not "". |
| 1031 | username := imageConfig.User |
| 1032 | |
| 1033 | windowsConfig := config.GetWindows() |
| 1034 | if windowsConfig != nil { |
no test coverage detected