Skip to content

Add support for runtime flags in containers.conf #27310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add support for runtime flags in containers.conf #27310

wants to merge 2 commits into from
+40 −4

Conversation

mheon
Copy link
Member

@mheon mheon commented Oct 16, 2025

Replaces #26892

Does this PR introduce a user-facing change?

Add Engine.runtimes_flags configuration option to containers.conf allowing users to specify default runtime flags for each runtime. Flags should be specified without '--' leading up to it.

@CowRules @mheon
Add default runtime flags in config
0a20e22 
Added a way to define default runtime flags in config.

Fixes: https://github.com/containers/common/issues/715

Default runtime flags should be defined as shown below:

[engine.runtimes_flags]
runsc = [
  "net-raw",
]

crun = [
  "debug",
]

Signed-off-by: Rosvaldas Atstupėnas <[email protected]>
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Oct 16, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mheon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 16, 2025
@mheon mheon mentioned this pull request Oct 16, 2025
Closed
@mheon mheon force-pushed the default-runtime-flags branch from f62fd54 to f7a60eb Compare October 16, 2025 20:48
danishprakash
danishprakash reviewed Oct 17, 2025
View reviewed changes
Copy link
Contributor

@danishprakash danishprakash left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps an entry in containers.conf (https://github.com/containers/container-libs/blob/main/common/pkg/config/containers.conf) and the associated man page would be helpful.

@Luap99 Luap99 added the 5.7 label Oct 17, 2025
@Luap99
Copy link
Member

Luap99 commented Oct 17, 2025

Perhaps an entry in containers.conf (https://github.com/containers/container-libs/blob/main/common/pkg/config/containers.conf) and the associated man page would be helpful.

They are already documented there https://github.com/containers/container-libs/blob/c4c5e00ad22d4280b27b45fe274a24e72b938fb6/common/pkg/config/containers.conf#L875-L878

Luap99
Luap99 reviewed Oct 17, 2025
View reviewed changes
test/system/030-run.bats Outdated
containersConf=$PODMAN_TMPDIR/containers.conf
cat >$containersConf <<EOF
[engine]
runtime="crun"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ricardobranco777 Do you have crun installed on your test system? I think this must use $(podman_runtime) instead to use the proper test runtime so the right error can be triggered

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ricardobranco777 Do you have crun installed on your test system?

Both crun & runc can be installed in the openQA SUT VM.

I think this must use $(podman_runtime) instead to use the proper test runtime so the right error can be triggered

Agree. This test has passed on systems without crun, I guess because podman picks runc if crun is not available..

test/system/030-run.bats
Comment on lines 70 to 73
[engine.runtimes_flags]
crun = [
"invalidflag",
]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit testing wise it would be nice to define some other runtimes and ensure flags are indeed only set for each specific runtime.

Though given the "urgency" for this I am fine with the test as is minus the other comment

@mheon mheon force-pushed the default-runtime-flags branch from f7a60eb to 43ff7a4 Compare October 17, 2025 14:34
@mheon
Copy link
Member Author

mheon commented Oct 17, 2025

Tests are green, this is ready

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Luap99 Luap99 Luap99 left review comments

+2 more reviewers

@ricardobranco777 ricardobranco777 ricardobranco777 left review comments

@danishprakash danishprakash danishprakash left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

5.7 approved Indicates a PR has been approved by an approver from all required OWNERS files. release-note

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mheon @Luap99 @ricardobranco777 @danishprakash @CowRules