summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrzej Klajnert <github@aklajnert.pl>2022-01-14 16:47:23 +0100
committerAndrzej Klajnert <github@aklajnert.pl>2022-01-15 12:47:49 +0100
commit420303b9433d081b2507202221a2e912b3509f4c (patch)
treeb8304a06ed1139af07f856bc67b6431517e53fba
parentab7228b3c27719e447de4dffe9b3fd7f67d6f346 (diff)
downloadpodman-420303b9433d081b2507202221a2e912b3509f4c.tar.gz
podman-420303b9433d081b2507202221a2e912b3509f4c.tar.bz2
podman-420303b9433d081b2507202221a2e912b3509f4c.zip
Recursively copy cert files.
[NO NEW TESTS NEEDED] Signed-off-by: Andrzej Klajnert <github@aklajnert.pl>
-rw-r--r--pkg/machine/ignition.go85
1 files changed, 46 insertions, 39 deletions
diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go
index ac2cf71cf..09228553c 100644
--- a/pkg/machine/ignition.go
+++ b/pkg/machine/ignition.go
@@ -1,3 +1,4 @@
+//go:build amd64 || arm64
// +build amd64 arm64
package machine
@@ -423,61 +424,67 @@ func getCerts(certsDir string, isDir bool) []File {
files []File
)
- certs, err := ioutil.ReadDir(certsDir)
if isDir {
- if err == nil {
- for _, cert := range certs {
- b, err := ioutil.ReadFile(filepath.Join(certsDir, cert.Name()))
+ err := filepath.Walk(certsDir, func(path string, info os.FileInfo, err error) error {
+ if err == nil && !info.IsDir() {
+ certPath, err := filepath.Rel(certsDir, path)
if err != nil {
- logrus.Warnf("Unable to read cert file %s", err.Error())
- continue
+ logrus.Warnf("%s", err)
+ return nil
+ }
+
+ file, err := prepareCertFile(filepath.Join(certsDir, certPath), certPath)
+ if err == nil {
+ files = append(files, file)
}
- files = append(files, File{
- Node: Node{
- Group: getNodeGrp("root"),
- Path: filepath.Join("/etc/containers/certs.d/", cert.Name()),
- User: getNodeUsr("root"),
- },
- FileEmbedded1: FileEmbedded1{
- Append: nil,
- Contents: Resource{
- Source: encodeDataURLPtr(string(b)),
- },
- Mode: intToPtr(0644),
- },
- })
}
- } else {
+
+ return nil
+ })
+ if err != nil {
if !os.IsNotExist(err) {
logrus.Warnf("Unable to copy certs via ignition, error while reading certs from %s: %s", certsDir, err.Error())
}
}
} else {
fileName := filepath.Base(certsDir)
- b, err := ioutil.ReadFile(certsDir)
- if err != nil {
- logrus.Warnf("Unable to read cert file %s", err.Error())
- return files
+ file, err := prepareCertFile(certsDir, fileName)
+ if err == nil {
+ files = append(files, file)
}
- files = append(files, File{
- Node: Node{
- Group: getNodeGrp("root"),
- Path: filepath.Join("/etc/containers/certs.d/", fileName),
- User: getNodeUsr("root"),
- },
- FileEmbedded1: FileEmbedded1{
- Append: nil,
- Contents: Resource{
- Source: encodeDataURLPtr(string(b)),
- },
- Mode: intToPtr(0644),
- },
- })
}
return files
}
+func prepareCertFile(path string, name string) (File, error) {
+ b, err := ioutil.ReadFile(path)
+ if err != nil {
+ logrus.Warnf("Unable to read cert file %s", err.Error())
+ return File{}, err
+ }
+
+ targetPath := filepath.Join("/etc/containers/certs.d", name)
+
+ logrus.Debugf("Copying cert file from '%s' to '%s'.", path, targetPath)
+
+ file := File{
+ Node: Node{
+ Group: getNodeGrp("root"),
+ Path: targetPath,
+ User: getNodeUsr("root"),
+ },
+ FileEmbedded1: FileEmbedded1{
+ Append: nil,
+ Contents: Resource{
+ Source: encodeDataURLPtr(string(b)),
+ },
+ Mode: intToPtr(0644),
+ },
+ }
+ return file, nil
+}
+
func getProxyVariables() string {
proxyOpts := ""
for _, variable := range config.ProxyEnv {