deep-stack/kompose
7
0
Fork 0
forked from LaconicNetwork/kompose
Code Pull Requests Activity

feat: add read only fs support

Browse Source 
Signed-off-by: AhmedGrati <ahmedgrati1999@gmail.com>
This commit is contained in:
AhmedGrati 2023-07-14 15:56:04 +01:00
parent 21509824ff
commit 4a08d41242
3 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/kobject/kobject.go
View File

@ -110,6 +110,7 @@ type ServiceConfig struct {
WorkingDir string `compose:""`
DomainName string `compose:"domainname"`
HostName string `compose:"hostname"`
ReadOnly bool `compose:"read_only"`
Args []string `compose:"args"`
VolList []string `compose:"volumes"`
Network []string `compose:"network"`

1
pkg/loader/compose/compose.go
View File

@ -462,6 +462,7 @@ func dockerComposeToKomposeMapping(composeObject *types.Project) (kobject.Kompos
serviceConfig.Expose = composeServiceConfig.Expose
serviceConfig.Privileged = composeServiceConfig.Privileged
serviceConfig.User = composeServiceConfig.User
serviceConfig.ReadOnly = composeServiceConfig.ReadOnly
serviceConfig.Stdin = composeServiceConfig.StdinOpen
serviceConfig.Tty = composeServiceConfig.Tty
serviceConfig.TmpFs = composeServiceConfig.Tmpfs

5
pkg/transformer/kubernetes/k8sutils.go
View File

@ -573,6 +573,11 @@ func (k *Kubernetes) UpdateKubernetesObjects(name string, service kobject.Servic
securityContext.Capabilities = capabilities
}
//set readOnlyRootFilesystem if it is enabled
if service.ReadOnly {
securityContext.ReadOnlyRootFilesystem = &service.ReadOnly
}
// update template only if securityContext is not empty
if *securityContext != (api.SecurityContext{}) {
template.Spec.Containers[0].SecurityContext = securityContext