12:29 p.m.
On Wed, 6 Nov 2019, Valentin Rothberg wrote:
On Wed, Nov 6, 2019 at 5:31 PM Robert P. J. Day <rpjday(a)crashcourse.ca> wrote:
reading brent's recent piece on security, and noticed the "podman
container runlabel" command which allows one to define a label for
convenience. however, every example i've seen of that uses precisely
the label of "RUN," as if that's the only possibility.
can you not define multiple runlabels for a single image? that seems
like the obvious thing to support, but if one looks at examples, it's
not clear.
Yes, an image can have multiple "runlabels". The label to be used
for execution can be specified via the CLI and there is no
requirement for it to be named "RUN". It's described in the man page
[1] but I understand the question and think this example is a good
addition to the man page which should help to make it clearer.
[1]https://github.com/containers/libpod/blob/master/docs/source/markdown/p...
runlabel.1.md
i would suggest two tweaks to make this absolutely clear. first, the
example should include at least two "LABEL" lines -- if all an example
ever supplies is a single LABEL line, it might still leave the
impression that only one is allowed.
also, use an example with a goofy name, to make it clear that the
label name is arbitrary, something like:
LABEL INSTALL ...
LABEL RUN ...
LABEL BUILDMYSTUFF ...
those changes would make it obvious what is supported, i think.
rday