WIP Save authfile in container config. #6254
Conversation
Signed-off-by: Ondřej Kraus <[email protected]>
openshift-ci-robot
added
the
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: neVERberleRfellerER The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
needs-ok-to-test
|
Hi @neVERberleRfellerER. Thanks for your PR. I'm waiting for a containers member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
There was a problem hiding this comment.
Just a couple of nits. Can you add a test to https://github.com/containers/libpod/blob/master/test/e2e/inspect_test.go to make sure we're not regressing in the future?
@rhatdan LGTM
| @@ -414,6 +414,8 @@ type ContainerConfig struct { | |||
|
|
|||
| // HealthCheckConfig has the health check command and related timings | |||
| HealthCheckConfig *manifest.Schema2HealthConfig `json:"healthcheck"` | |||
|
|
|||
| Authfile string `json:"authfile"` | |||
| @@ -510,6 +510,8 @@ type InspectContainerHostConfig struct { | |||
| IOMaximumIOps uint64 `json:"IOMaximumIOps"` | |||
| // IOMaximumBandwidth is Windows-only and not presently implemented. | |||
| IOMaximumBandwidth uint64 `json:"IOMaximumBandwidth"` | |||
| //Authfile is path to used authfile | |||
There was a problem hiding this comment.
| //Authfile is path to used authfile | |
| // Authfile is the path to the auth file used at container creation. |
| @@ -130,6 +130,8 @@ type ContainerBasicConfig struct { | |||
| // Remove indicates if the container should be removed once it has been started | |||
| // and exits | |||
| Remove bool `json:"remove"` | |||
| //Authfile is path to authfile to use | |||
There was a problem hiding this comment.
| //Authfile is path to authfile to use | |
| // Authfile is the path to auth file to use |
|
@mheon PTAL Cool to put that in the config or shall we use a label? |
|
Note that it's important to only store the auth file if it was actually specified by the user on the CLI via |
|
@vrothberg I'll admit I haven't been paying attention to the previous discussion here - what's the logic for making this a part of container config? Pros/cons vs. using labels? My initial instinct is that we should use a label, but I could be convinced otherwise. |
@neVERberleRfellerER is currently working on wiring authfile support into The idea now is to store the authfile at container-creation time. During auto-update, we can look up if a container was created with a non-default authfile and use that instead when contacting the registry. I recall that you preferred storing certain data in labels rather than extending the container config. This may be such a case. |
|
My initial impression from this is that it should probably be a label similar to the ones we use for Inspect options (it's not strictly necessary for Libpod operation, but if it's there we'll know what to do with it). |
|
Since #6188 has been merged this isn't useful anymore. Let me know if you want authfile in container config for different reasons. |
github-actions
bot
added
the
locked - please file new issue/PR
This is one possible approach usable as base for #6188 .