validateMountOptions performs client-side validation of mount options. Similar validation happens on the daemon side, but this validation allows us to produce user-friendly errors matching command-line options.
(m *mount.Mount)
| 12 | // validation happens on the daemon side, but this validation allows us to |
| 13 | // produce user-friendly errors matching command-line options. |
| 14 | func validateMountOptions(m *mount.Mount) error { |
| 15 | if err := validateExclusiveOptions(m); err != nil { |
| 16 | return err |
| 17 | } |
| 18 | |
| 19 | if m.BindOptions != nil { |
| 20 | if m.BindOptions.ReadOnlyNonRecursive && !m.ReadOnly { |
| 21 | return errors.New("option 'bind-recursive=writable' requires 'readonly' to be specified in conjunction") |
| 22 | } |
| 23 | if m.BindOptions.ReadOnlyForceRecursive { |
| 24 | if !m.ReadOnly { |
| 25 | return errors.New("option 'bind-recursive=readonly' requires 'readonly' to be specified in conjunction") |
| 26 | } |
| 27 | if m.BindOptions.Propagation != mount.PropagationRPrivate { |
| 28 | // FIXME(thaJeztah): this is missing daemon-side validation |
| 29 | // |
| 30 | // docker run --rm --mount type=bind,src=/var/run,target=/foo,bind-recursive=readonly,readonly alpine |
| 31 | // # no error |
| 32 | return errors.New("option 'bind-recursive=readonly' requires 'bind-propagation=rprivate' to be specified in conjunction") |
| 33 | } |
| 34 | } |
| 35 | } |
| 36 | |
| 37 | return nil |
| 38 | } |
| 39 | |
| 40 | // validateExclusiveOptions checks if the given mount config only contains |
| 41 | // options for the given mount-type. |
no test coverage detected
searching dependent graphs…