Add generate systemd -e/--env option

-e/--env option sets environment variables to the systemd unit files.

Fixes: #15523

Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>

2 files changed, 102 insertions, 93 deletions

diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go
index 1f8c519b7..6f546b0ab 100644
--- a/pkg/systemd/generate/containers.go
+++ b/pkg/systemd/generate/containers.go
@@ -22,85 +22,40 @@ import (
 // containerInfo contains data required for generating a container's systemd
 // unit file.
 type containerInfo struct {
-	// ServiceName of the systemd service.
-	ServiceName string
-	// Name or ID of the container.
-	ContainerNameOrID string
-	// Type of the unit.
-	Type string
-	// NotifyAccess of the unit.
-	NotifyAccess string
-	// StopTimeout sets the timeout Podman waits before killing the container
-	// during service stop.
-	StopTimeout uint
-	// RestartPolicy of the systemd unit (e.g., no, on-failure, always).
-	RestartPolicy string
-	// Custom number of restart attempts.
-	StartLimitBurst string
-	// PIDFile of the service. Required for forking services. Must point to the
-	// PID of the associated conmon process.
-	PIDFile string
-	// ContainerIDFile to be used in the unit.
-	ContainerIDFile string
-	// GenerateTimestamp, if set the generated unit file has a time stamp.
-	GenerateTimestamp bool
-	// BoundToServices are the services this service binds to.  Note that this
-	// service runs after them.
-	BoundToServices []string
-	// PodmanVersion for the header. Will be set internally. Will be auto-filled
-	// if left empty.
-	PodmanVersion string
-	// Executable is the path to the podman executable. Will be auto-filled if
-	// left empty.
-	Executable string
-	// RootFlags contains the root flags which were used to create the container
-	// Only used with --new
-	RootFlags string
-	// TimeStamp at the time of creating the unit file. Will be set internally.
-	TimeStamp string
-	// CreateCommand is the full command plus arguments of the process the
-	// container has been created with.
-	CreateCommand []string
-	// containerEnv stores the container environment variables
-	containerEnv []string
-	// ExtraEnvs contains the container environment variables referenced
-	// by only the key in the container create command, e.g. --env FOO.
-	// This is only used with --new
-	ExtraEnvs []string
-	// EnvVariable is generate.EnvVariable and must not be set.
-	EnvVariable string
-	// ExecStartPre of the unit.
-	ExecStartPre string
-	// ExecStart of the unit.
-	ExecStart string
-	// TimeoutStartSec of the unit.
-	TimeoutStartSec uint
-	// TimeoutStopSec of the unit.
-	TimeoutStopSec uint
-	// ExecStop of the unit.
-	ExecStop string
-	// ExecStopPost of the unit.
-	ExecStopPost string
-	// Removes autogenerated by Podman and timestamp if set to true
-	GenerateNoHeader bool
-	// If not nil, the container is part of the pod.  We can use the
-	// podInfo to extract the relevant data.
-	Pod *podInfo
-	// Location of the GraphRoot for the container.  Required for ensuring the
-	// volume has finished mounting when coming online at boot.
-	GraphRoot string
-	// Location of the RunRoot for the container.  Required for ensuring the tmpfs
-	// or volume exists and is mounted when coming online at boot.
-	RunRoot string
-	// Add %i and %I to description and execute parts
-	IdentifySpecifier bool
-	// Wants are the list of services that this service is (weak) dependent on. This
-	// option does not influence the order in which services are started or stopped.
-	Wants []string
-	// After ordering dependencies between the list of services and this service.
-	After []string
-	// Similar to Wants, but declares a stronger requirement dependency.
-	Requires []string
+	ServiceName            string
+	ContainerNameOrID      string
+	Type                   string
+	NotifyAccess           string
+	StopTimeout            uint
+	RestartPolicy          string
+	StartLimitBurst        string
+	PIDFile                string
+	ContainerIDFile        string
+	GenerateTimestamp      bool
+	BoundToServices        []string
+	PodmanVersion          string
+	Executable             string
+	RootFlags              string
+	TimeStamp              string
+	CreateCommand          []string
+	containerEnv           []string
+	ExtraEnvs              []string
+	EnvVariable            string
+	AdditionalEnvVariables []string
+	ExecStartPre           string
+	ExecStart              string
+	TimeoutStartSec        uint
+	TimeoutStopSec         uint
+	ExecStop               string
+	ExecStopPost           string
+	GenerateNoHeader       bool
+	Pod                    *podInfo
+	GraphRoot              string
+	RunRoot                string
+	IdentifySpecifier      bool
+	Wants                  []string
+	After                  []string
+	Requires               []string
 }
 
 const containerTemplate = headerTemplate + `
@@ -127,6 +82,10 @@ Environment={{{{.EnvVariable}}}}=%n{{{{- if (eq .IdentifySpecifier true) }}}}-%i
 {{{{- if .ExtraEnvs}}}}
 Environment={{{{- range $index, $value := .ExtraEnvs -}}}}{{{{if $index}}}} {{{{end}}}}{{{{ $value }}}}{{{{end}}}}
 {{{{- end}}}}
+{{{{- if .AdditionalEnvVariables}}}}
+{{{{- range $index, $value := .AdditionalEnvVariables -}}}}{{{{if $index}}}}{{{{end}}}}
+Environment={{{{ $value }}}}{{{{end}}}}
+{{{{- end}}}}
 Restart={{{{.RestartPolicy}}}}
 {{{{- if .StartLimitBurst}}}}
 StartLimitBurst={{{{.StartLimitBurst}}}}
@@ -211,19 +170,20 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste
 	envs := config.Spec.Process.Env
 
 	info := containerInfo{
-		ServiceName:       serviceName,
-		ContainerNameOrID: nameOrID,
-		RestartPolicy:     define.DefaultRestartPolicy,
-		PIDFile:           conmonPidFile,
-		TimeoutStartSec:   startTimeout,
-		StopTimeout:       stopTimeout,
-		GenerateTimestamp: true,
-		CreateCommand:     createCommand,
-		RunRoot:           runRoot,
-		containerEnv:      envs,
-		Wants:             options.Wants,
-		After:             options.After,
-		Requires:          options.Requires,
+		ServiceName:            serviceName,
+		ContainerNameOrID:      nameOrID,
+		RestartPolicy:          define.DefaultRestartPolicy,
+		PIDFile:                conmonPidFile,
+		TimeoutStartSec:        startTimeout,
+		StopTimeout:            stopTimeout,
+		GenerateTimestamp:      true,
+		CreateCommand:          createCommand,
+		RunRoot:                runRoot,
+		containerEnv:           envs,
+		Wants:                  options.Wants,
+		After:                  options.After,
+		Requires:               options.Requires,
+		AdditionalEnvVariables: options.AdditionalEnvVariables,
 	}
 
 	return &info, nil
@@ -324,6 +284,9 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 	info.ExecStart = "{{{{.Executable}}}} start {{{{.ContainerNameOrID}}}}"
 	info.ExecStop = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.ContainerNameOrID}}}}"
 	info.ExecStopPost = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.ContainerNameOrID}}}}"
+	for i, env := range info.AdditionalEnvVariables {
+		info.AdditionalEnvVariables[i] = escapeSystemdArg(env)
+	}
 
 	// Assemble the ExecStart command when creating a new container.
 	//
diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go
index 873cbfbb3..7f92e75b8 100644
--- a/pkg/systemd/generate/containers_test.go
+++ b/pkg/systemd/generate/containers_test.go
@@ -784,6 +784,33 @@ NotifyAccess=all
 WantedBy=default.target
 `
 
+	goodEnvironment := `# container-foobar.service
+# autogenerated by Podman CI
+
+[Unit]
+Description=Podman container-foobar.service
+Documentation=man:podman-generate-systemd(1)
+Wants=network-online.target
+After=network-online.target
+RequiresMountsFor=/var/run/containers/storage
+
+[Service]
+Environment=PODMAN_SYSTEMD_UNIT=%n
+Environment=FOO=abc
+Environment="BAR=my test"
+Environment=USER=%%a
+Restart=on-failure
+TimeoutStopSec=70
+ExecStart=/usr/bin/podman start foobar
+ExecStop=/usr/bin/podman stop -t 10 foobar
+ExecStopPost=/usr/bin/podman stop -t 10 foobar
+PIDFile=/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid
+Type=forking
+
+[Install]
+WantedBy=default.target
+`
+
 	goodNewWithRestartPolicy := `# jadda-jadda.service
 # autogenerated by Podman CI
 
@@ -1424,7 +1451,7 @@ WantedBy=default.target
 			false,
 			false,
 		},
-		{"good with environment variables",
+		{"good with container environment variables",
 			containerInfo{
 				Executable:        "/usr/bin/podman",
 				ServiceName:       "jadda-jadda",
@@ -1444,6 +1471,25 @@ WantedBy=default.target
 			false,
 			false,
 		},
+		{"good with systemd environment variables",
+			containerInfo{
+				Executable:             "/usr/bin/podman",
+				ServiceName:            "container-foobar",
+				ContainerNameOrID:      "foobar",
+				PIDFile:                "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid",
+				StopTimeout:            10,
+				PodmanVersion:          "CI",
+				GraphRoot:              "/var/lib/containers/storage",
+				RunRoot:                "/var/run/containers/storage",
+				EnvVariable:            define.EnvVariable,
+				AdditionalEnvVariables: []string{"FOO=abc", "BAR=my test", "USER=%a"},
+			},
+			goodEnvironment,
+			false,
+			false,
+			false,
+			false,
+		},
 		{"good with restart policy",
 			containerInfo{
 				Executable:        "/usr/bin/podman",