From e698b8caca9413a437a3d5ade87d690ba0969f22 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Fri, 19 Nov 2021 16:40:49 +0100 Subject: [PATCH] containers.conf: add option to enforce docker.io for compat API Add an option to containers.conf as a knob to enforce short-name resolution to Docker Hub in Podman's compatibility REST API. By popular request, turn it on by default. Signed-off-by: Valentin Rothberg --- pkg/config/config.go | 6 ++++++ pkg/config/config_local_test.go | 12 ++++++++++++ pkg/config/containers.conf | 5 +++++ pkg/config/default.go | 2 ++ pkg/config/testdata/containers_default.conf | 6 +++++- 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/pkg/config/config.go b/pkg/config/config.go index 1a5370a39..7ce0e5022 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -215,6 +215,12 @@ type EngineConfig struct { // The first path pointing to a valid file will be used. ConmonPath []string `toml:"conmon_path,omitempty"` + // CompatAPIEnforceDockerHub enforces using docker.io for completing + // short names in Podman's compatibility REST API. Note that this will + // ignore unqualified-search-registries and short-name aliases defined + // in containers-registries.conf(5). + CompatAPIEnforceDockerHub bool `toml:"compat_api_enforce_docker_hub,omitempty"` + // DetachKeys is the sequence of keys used to detach a container. DetachKeys string `toml:"detach_keys,omitempty"` diff --git a/pkg/config/config_local_test.go b/pkg/config/config_local_test.go index 458007c2b..fe11237ca 100644 --- a/pkg/config/config_local_test.go +++ b/pkg/config/config_local_test.go @@ -385,6 +385,18 @@ var _ = Describe("Config Local", func() { gomega.Expect(config2.Machine.Image).To(gomega.Equal("stable")) }) + It("CompatAPIEnforceDockerHub", func() { + // Given + config, err := NewConfig("") + gomega.Expect(err).To(gomega.BeNil()) + gomega.Expect(config.Engine.CompatAPIEnforceDockerHub).To(gomega.Equal(true)) + // When + config2, err := NewConfig("testdata/containers_default.conf") + // Then + gomega.Expect(err).To(gomega.BeNil()) + gomega.Expect(config2.Engine.CompatAPIEnforceDockerHub).To(gomega.Equal(false)) + }) + It("Set machine disk", func() { // Given config, err := NewConfig("") diff --git a/pkg/config/containers.conf b/pkg/config/containers.conf index 0c3ea8054..8e305b57e 100644 --- a/pkg/config/containers.conf +++ b/pkg/config/containers.conf @@ -317,6 +317,11 @@ default_sysctls = [ # "/usr/local/sbin/conmon" #] +# Enforces using docker.io for completing short names in Podman's compatibility +# REST API. Note that this will ignore unqualified-search-registries and +# short-name aliases defined in containers-registries.conf(5). +#compat_api_enforce_docker_hub = true + # Specify the keys sequence used to detach a container. # Format is a single character [a-Z] or a comma separated sequence of # `ctrl-`, where `` is one of: diff --git a/pkg/config/default.go b/pkg/config/default.go index af4a6d9d5..9a7cb6582 100644 --- a/pkg/config/default.go +++ b/pkg/config/default.go @@ -243,6 +243,8 @@ func defaultConfigFromMemory() (*EngineConfig, error) { c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log") + c.CompatAPIEnforceDockerHub = true + if path, ok := os.LookupEnv("CONTAINERS_STORAGE_CONF"); ok { types.SetDefaultConfigFilePath(path) } diff --git a/pkg/config/testdata/containers_default.conf b/pkg/config/testdata/containers_default.conf index 902568efb..e6d32ba23 100644 --- a/pkg/config/testdata/containers_default.conf +++ b/pkg/config/testdata/containers_default.conf @@ -17,7 +17,6 @@ devices = [ # profile name is "container-default". apparmor_profile = "container-default" - # List of default capabilities for containers. If it is empty or commented out, # only the capabilities defined in the containers json file by the user/kube # will be added. @@ -133,6 +132,11 @@ conmon_path = [ "/usr/local/sbin/conmon" ] +# Enforces using docker.io for completing short names in Podman's compatibility +# REST API. Note that this will ignore unqualified-search-registries and +# short-name aliases defined in containers-registries.conf(5). +compat_api_enforce_docker_hub = false + # Environment variables to be used when running the container engine (e.g., Podman, Buildah). # For example "http_proxy=internal.proxy.company.com". # Note these environment variables will not be used within the container.