Skip to content

Commit

Permalink
Merge pull request containers#1119 from rhatdan/path
Browse files Browse the repository at this point in the history
Add support for returning image path with ARCH and OS Substitutions

Signed-off-by: Charlie Doern <[email protected]>
  • Loading branch information
openshift-merge-robot authored and cdoern committed Aug 26, 2022
2 parents b3ac39a + da59fe0 commit 1fb3e74
Show file tree
Hide file tree
Showing 7 changed files with 74 additions and 19 deletions.
12 changes: 7 additions & 5 deletions docs/containers.conf.5.md
Original file line number Diff line number Diff line change
Expand Up @@ -441,7 +441,7 @@ and the logfile will not be rotated.

**events_logger**="journald"

The default method to use when logging events.
The default method to use when logging events.

The default method is different based on the platform that
Podman is being run upon. To determine the current value,
Expand Down Expand Up @@ -711,11 +711,13 @@ The size of the disk in GB created when init-ing a podman-machine VM

**image**=""

Default image used when creating a new VM using `podman machine init`.
Default image URI when creating a new VM using `podman machine init`.
Options: On Linux/Mac, `testing`, `stable`, `next`. On Windows, the major
version of the OS (e.g `35`). For all platforms you can alternatively specify
a custom path or download URL to an image. The default is `testing` on
Linux/Mac, and `35` on Windows.
version of the OS (e.g `36`) for Fedora 36. For all platforms you can
alternatively specify a custom download URL to an image. Container engines
translate URIs $OS and $ARCH to the native OS and ARCH. URI "https://example.com/$OS/$ARCH/foobar.ami" would become "https://example.com/linux/amd64/foobar.ami" on a Linux AMD machine.
The default value
is `testing` on Linux/Mac, and on Windows.

**memory**=2048

Expand Down
13 changes: 13 additions & 0 deletions pkg/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"os"
"os/exec"
"path/filepath"
"runtime"
"sort"
"strings"
"sync"
Expand Down Expand Up @@ -824,6 +825,18 @@ func (c *Config) Validate() error {
return nil
}

// URI returns the URI Path to the machine image
func (m *MachineConfig) URI() string {
uri := m.Image
for _, val := range []string{"$ARCH", "$arch"} {
uri = strings.Replace(uri, val, runtime.GOARCH, 1)
}
for _, val := range []string{"$OS", "$os"} {
uri = strings.Replace(uri, val, runtime.GOOS, 1)
}
return uri
}

func (c *EngineConfig) findRuntime() string {
// Search for crun first followed by runc, kata, runsc
for _, name := range []string{"crun", "runc", "runj", "kata", "runsc"} {
Expand Down
7 changes: 6 additions & 1 deletion pkg/config/config_local_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@
package config

import (
"fmt"
"io/ioutil"
"os"
"path"
"runtime"
"strings"

"github.com/containers/common/libnetwork/types"
Expand Down Expand Up @@ -433,7 +435,10 @@ var _ = Describe("Config Local", func() {
config2, err := NewConfig("testdata/containers_default.conf")
// Then
gomega.Expect(err).To(gomega.BeNil())
gomega.Expect(config2.Machine.Image).To(gomega.Equal("stable"))
path := "https://example.com/$OS/$ARCH/foobar.ami"
gomega.Expect(config2.Machine.Image).To(gomega.Equal(path))
val := fmt.Sprintf("https://example.com/%s/%s/foobar.ami", runtime.GOOS, runtime.GOARCH)
gomega.Expect(config2.Machine.URI()).To(gomega.BeEquivalentTo(val))
})

It("CompatAPIEnforceDockerHub", func() {
Expand Down
13 changes: 10 additions & 3 deletions pkg/config/containers.conf
Original file line number Diff line number Diff line change
Expand Up @@ -671,9 +671,16 @@ default_sysctls = [
#
#disk_size=10

# The image used when creating a podman-machine VM.
#
#image = "testing"
# Default image URI when creating a new VM using `podman machine init`.
# Options: On Linux/Mac, `testing`, `stable`, `next`. On Windows, the major
# version of the OS (e.g `36`) for Fedora 36. For all platforms you can
# alternatively specify a custom download URL to an image. Container engines
# translate URIs $OS and $ARCH to the native OS and ARCH. URI
# "https://example.com/$OS/$ARCH/foobar.ami" becomes
# "https://example.com/linux/amd64/foobar.ami" on a Linux AMD machine.
# The default value is `testing`.
#
# image = "testing"

# Memory in MB a machine is created with.
#
Expand Down
3 changes: 2 additions & 1 deletion pkg/config/testdata/containers_default.conf
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,8 @@ cpus=2
disk_size = 20

# The image used when creating a podman-machine VM.
image = "stable"
image = "https://example.com/$OS/$ARCH/foobar.ami"

# Memory in MB a machine is created with.

memory=1024
Expand Down
4 changes: 4 additions & 0 deletions pkg/config/testdata/containers_override.conf
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ events_logfile_path = "/tmp/events.log"
events_logfile_max_size="500"
pod_exit_policy="stop"

[machine]
# The image used when creating a podman-machine VM.
image = "https://example.com/$OS/$ARCH/foobar.ami"

[secrets]
driver = "pass"

Expand Down
41 changes: 32 additions & 9 deletions pkg/ssh/connection_golang.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package ssh
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"io"
"net"
Expand Down Expand Up @@ -272,17 +273,39 @@ func ValidateAndConfigure(uri *url.URL, iden string) (*ssh.ClientConfig, error)
if err != nil {
return nil, err
}
keyFilePath := filepath.Join(homedir.Get(), ".ssh", "known_hosts")
known, err := knownhosts.New(keyFilePath)
if err != nil {
return nil, fmt.Errorf("error creating host key callback function for %s: %w", keyFilePath, err)
}

var keyErr *knownhosts.KeyError
cfg := &ssh.ClientConfig{
User: uri.User.Username(),
Auth: authMethods,
HostKeyCallback: known,
Timeout: tick,
User: uri.User.Username(),
Auth: authMethods,
HostKeyCallback: ssh.HostKeyCallback(func(host string, remote net.Addr, pubKey ssh.PublicKey) error {
keyFilePath := filepath.Join(homedir.Get(), ".ssh", "known_hosts")
known, err := knownhosts.New(keyFilePath)
if err != nil {
if os.IsNotExist(err) {
logrus.Warn("podman will soon require host key verification. This means a known_hosts file must exist in the user's ssh directory and a verified key must be within it")
return nil
} else {
return err
}
}
hErr := known(host, remote, pubKey)
if errors.As(hErr, &keyErr) && len(keyErr.Want) > 0 {
logrus.Warn("WARNING: %v of type %v is not a key of %s", ssh.FingerprintSHA256(pubKey), pubKey.Type(), host)
return keyErr
} else if errors.As(hErr, &keyErr) && len(keyErr.Want) == 0 {
logrus.Warn("key not found in known_hosts, podman will soon require keys to exist in known_hosts. If you are using a podman machinr or an old system connection, please recreate using podman machine init or podman system connection add")
}
return nil
}),
Timeout: tick,
HostKeyAlgorithms: []string{
ssh.KeyAlgoRSA,
ssh.KeyAlgoDSA,
ssh.KeyAlgoECDSA384,
ssh.KeyAlgoECDSA521,
ssh.KeyAlgoED25519,
},
}
return cfg, nil
}
Expand Down

0 comments on commit 1fb3e74

Please sign in to comment.