Merge pull request #9716 from Luap99/remote-libpod

Do not leak libpod package into the remote client
author: OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> 2021-03-15 14:25:30 -0400
committer: GitHub <noreply@github.com> 2021-03-15 14:25:30 -0400
commit: e7dc59252bd722377938ac3e6b4fd7e077f05293 (patch)
tree: 6a51b88aa97db1ff7dfa0313876b28844764aab1 /pkg
parent: fc02d16e728dfdd5a5f2e3bc622bbceb7f8c0d24 (diff)
parent: 8de56070393ad449dc54ae622d9b82f28a6a5c52 (diff)
download: podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.tar.gz
podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.tar.bz2
podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.zip
12 files changed, 74 insertions, 61 deletions
diff --git a/pkg/api/handlers/compat/networks.go b/pkg/api/handlers/compat/networks.go
index 28e90ac28..dfb1d7fda 100644
--- a/pkg/api/handlers/compat/networks.go
+++ b/pkg/api/handlers/compat/networks.go
@@ -16,6 +16,7 @@ import (
 	"github.com/containers/podman/v3/pkg/api/handlers/utils"
 	"github.com/containers/podman/v3/pkg/domain/entities"
 	"github.com/containers/podman/v3/pkg/domain/infra/abi"
+	networkid "github.com/containers/podman/v3/pkg/network"
 	"github.com/docker/docker/api/types"
 	dockerNetwork "github.com/docker/docker/api/types/network"
 	"github.com/gorilla/schema"
@@ -135,7 +136,7 @@ func getNetworkResourceByNameOrID(nameOrID string, runtime *libpod.Runtime, filt
 
 	report := types.NetworkResource{
 		Name:       conf.Name,
-		ID:         network.GetNetworkID(conf.Name),
+		ID:         networkid.GetNetworkID(conf.Name),
 		Created:    time.Unix(int64(stat.Ctim.Sec), int64(stat.Ctim.Nsec)), // nolint: unconvert
 		Scope:      "local",
 		Driver:     network.DefaultNetworkDriver,
diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go
index 53095c295..e271b9466 100644
--- a/pkg/autoupdate/autoupdate.go
+++ b/pkg/autoupdate/autoupdate.go
@@ -13,7 +13,7 @@ import (
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/libpod/image"
 	"github.com/containers/podman/v3/pkg/systemd"
-	systemdGen "github.com/containers/podman/v3/pkg/systemd/generate"
+	systemdDefine "github.com/containers/podman/v3/pkg/systemd/define"
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -178,10 +178,10 @@ func AutoUpdate(runtime *libpod.Runtime, options Options) ([]string, []error) {
 	updatedUnits := []string{}
 	for _, ctr := range containersToRestart {
 		labels := ctr.Labels()
-		unit, exists := labels[systemdGen.EnvVariable]
+		unit, exists := labels[systemdDefine.EnvVariable]
 		if !exists {
 			// Shouldn't happen but let's be sure of it.
-			errs = append(errs, errors.Errorf("error auto-updating container %q: no %s label found", ctr.ID(), systemdGen.EnvVariable))
+			errs = append(errs, errors.Errorf("error auto-updating container %q: no %s label found", ctr.ID(), systemdDefine.EnvVariable))
 			continue
 		}
 		_, err := conn.RestartUnit(unit, "replace", nil)
diff --git a/pkg/domain/filters/containers.go b/pkg/domain/filters/containers.go
index 6f4b4e8a0..98b8f7e88 100644
--- a/pkg/domain/filters/containers.go
+++ b/pkg/domain/filters/containers.go
@@ -7,7 +7,7 @@ import (
 
 	"github.com/containers/podman/v3/libpod"
 	"github.com/containers/podman/v3/libpod/define"
-	"github.com/containers/podman/v3/libpod/network"
+	"github.com/containers/podman/v3/pkg/network"
 	"github.com/containers/podman/v3/pkg/timetype"
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/pkg/errors"
diff --git a/pkg/domain/filters/helpers.go b/pkg/domain/filters/helpers.go
deleted file mode 100644
index 6a5fb68b1..000000000
--- a/pkg/domain/filters/helpers.go
+++ /dev/null
@@ -1,20 +0,0 @@
-package filters
-
-import (
-	"net/url"
-	"strings"
-
-	"github.com/pkg/errors"
-)
-
-func ParseFilterArgumentsIntoFilters(filters []string) (url.Values, error) {
-	parsedFilters := make(url.Values)
-	for _, f := range filters {
-		t := strings.SplitN(f, "=", 2)
-		if len(t) < 2 {
-			return parsedFilters, errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f)
-		}
-		parsedFilters.Add(t[0], t[1])
-	}
-	return parsedFilters, nil
-}
diff --git a/pkg/domain/filters/pods.go b/pkg/domain/filters/pods.go
index 53d10213a..0490a4848 100644
--- a/pkg/domain/filters/pods.go
+++ b/pkg/domain/filters/pods.go
@@ -6,7 +6,7 @@ import (
 
 	"github.com/containers/podman/v3/libpod"
 	"github.com/containers/podman/v3/libpod/define"
-	"github.com/containers/podman/v3/libpod/network"
+	"github.com/containers/podman/v3/pkg/network"
 	"github.com/containers/podman/v3/pkg/util"
 	"github.com/pkg/errors"
 )
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index b7ca69281..efc7c86e3 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -173,13 +173,13 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
 	var ctrRestartPolicy string
 	switch podYAML.Spec.RestartPolicy {
 	case v1.RestartPolicyAlways:
-		ctrRestartPolicy = libpod.RestartPolicyAlways
+		ctrRestartPolicy = define.RestartPolicyAlways
 	case v1.RestartPolicyOnFailure:
-		ctrRestartPolicy = libpod.RestartPolicyOnFailure
+		ctrRestartPolicy = define.RestartPolicyOnFailure
 	case v1.RestartPolicyNever:
-		ctrRestartPolicy = libpod.RestartPolicyNo
+		ctrRestartPolicy = define.RestartPolicyNo
 	default: // Default to Always
-		ctrRestartPolicy = libpod.RestartPolicyAlways
+		ctrRestartPolicy = define.RestartPolicyAlways
 	}
 
 	configMaps := []v1.ConfigMap{}
diff --git a/pkg/network/network.go b/pkg/network/network.go
new file mode 100644
index 000000000..44132ca28
--- /dev/null
+++ b/pkg/network/network.go
@@ -0,0 +1,27 @@
+package network
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"strings"
+
+	"github.com/containernetworking/cni/libcni"
+)
+
+// GetCNIPlugins returns a list of plugins that a given network
+// has in the form of a string
+func GetCNIPlugins(list *libcni.NetworkConfigList) string {
+	plugins := make([]string, 0, len(list.Plugins))
+	for _, plug := range list.Plugins {
+		plugins = append(plugins, plug.Network.Type)
+	}
+	return strings.Join(plugins, ",")
+}
+
+// GetNetworkID return the network ID for a given name.
+// It is just the sha256 hash but this should be good enough.
+// The caller has to make sure it is only called with the network name.
+func GetNetworkID(name string) string {
+	hash := sha256.Sum256([]byte(name))
+	return hex.EncodeToString(hash[:])
+}
diff --git a/pkg/systemd/define/const.go b/pkg/systemd/define/const.go
new file mode 100644
index 000000000..1b50be5db
--- /dev/null
+++ b/pkg/systemd/define/const.go
@@ -0,0 +1,9 @@
+package define
+
+// EnvVariable "PODMAN_SYSTEMD_UNIT" is set in all generated systemd units and
+// is set to the unit's (unique) name.
+const EnvVariable = "PODMAN_SYSTEMD_UNIT"
+
+// RestartPolicies includes all valid restart policies to be used in a unit
+// file.
+var RestartPolicies = []string{"no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", "always"}
diff --git a/pkg/systemd/generate/common.go b/pkg/systemd/generate/common.go
index bbd1a5f92..94a6f4cb5 100644
--- a/pkg/systemd/generate/common.go
+++ b/pkg/systemd/generate/common.go
@@ -4,25 +4,18 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/containers/podman/v3/pkg/systemd/define"
 	"github.com/pkg/errors"
 )
 
-// EnvVariable "PODMAN_SYSTEMD_UNIT" is set in all generated systemd units and
-// is set to the unit's (unique) name.
-const EnvVariable = "PODMAN_SYSTEMD_UNIT"
-
 // minTimeoutStopSec is the minimal stop timeout for generated systemd units.
 // Once exceeded, processes of the services are killed and the cgroup(s) are
 // cleaned up.
 const minTimeoutStopSec = 60
 
-// RestartPolicies includes all valid restart policies to be used in a unit
-// file.
-var RestartPolicies = []string{"no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", "always"}
-
 // validateRestartPolicy checks that the user-provided policy is valid.
 func validateRestartPolicy(restart string) error {
-	for _, i := range RestartPolicies {
+	for _, i := range define.RestartPolicies {
 		if i == restart {
 			return nil
 		}
diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go
index 92c6d8865..9343a5067 100644
--- a/pkg/systemd/generate/containers.go
+++ b/pkg/systemd/generate/containers.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/containers/podman/v3/libpod"
 	"github.com/containers/podman/v3/pkg/domain/entities"
+	"github.com/containers/podman/v3/pkg/systemd/define"
 	"github.com/containers/podman/v3/version"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -173,7 +174,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 		info.Executable = executable
 	}
 
-	info.EnvVariable = EnvVariable
+	info.EnvVariable = define.EnvVariable
 	info.ExecStart = "{{{{.Executable}}}} start {{{{.ContainerNameOrID}}}}"
 	info.ExecStop = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.ContainerNameOrID}}}}"
 	info.ExecStopPost = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.ContainerNameOrID}}}}"
diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go
index 747c54699..ebbbdb786 100644
--- a/pkg/systemd/generate/containers_test.go
+++ b/pkg/systemd/generate/containers_test.go
@@ -4,6 +4,7 @@ import (
 	"testing"
 
 	"github.com/containers/podman/v3/pkg/domain/entities"
+	"github.com/containers/podman/v3/pkg/systemd/define"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -398,7 +399,7 @@ WantedBy=multi-user.target default.target
 				PIDFile:           "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid",
 				StopTimeout:       22,
 				PodmanVersion:     "CI",
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodID,
 			false,
@@ -414,7 +415,7 @@ WantedBy=multi-user.target default.target
 				PIDFile:           "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid",
 				StopTimeout:       22,
 				PodmanVersion:     "CI",
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodIDNoHeaderInfo,
 			false,
@@ -430,7 +431,7 @@ WantedBy=multi-user.target default.target
 				PIDFile:           "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid",
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodName,
 			false,
@@ -447,7 +448,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				BoundToServices:   []string{"pod", "a", "b", "c"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNameBoundTo,
 			false,
@@ -462,7 +463,7 @@ WantedBy=multi-user.target default.target
 				PIDFile:       "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid",
 				StopTimeout:   10,
 				PodmanVersion: "CI",
-				EnvVariable:   EnvVariable,
+				EnvVariable:   define.EnvVariable,
 			},
 			"",
 			false,
@@ -479,7 +480,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "container", "run", "--name", "jadda-jadda", "--hostname", "hello-world", "awesome-image:latest", "command", "arg1", "...", "argN", "foo=arg \"with \" space"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodWithNameAndGeneric,
 			true,
@@ -496,7 +497,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "-d", "--name", "jadda-jadda", "--hostname", "hello-world", "awesome-image:latest", "command", "arg1", "...", "argN"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodWithExplicitShortDetachParam,
 			true,
@@ -513,7 +514,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "-d", "--name", "jadda-jadda", "--hostname", "hello-world", "awesome-image:latest", "command", "arg1", "...", "argN"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 				Pod: &podInfo{
 					PodIDFile: "%t/pod-foobar.pod-id-file",
 				},
@@ -533,7 +534,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "--detach", "--name", "jadda-jadda", "--hostname", "hello-world", "awesome-image:latest", "command", "arg1", "...", "argN"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNameNewDetach,
 			true,
@@ -550,7 +551,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodIDNew,
 			true,
@@ -567,7 +568,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "--detach=true", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			genGoodNewDetach("--detach=true"),
 			true,
@@ -584,7 +585,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "--detach=false", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			genGoodNewDetach("-d"),
 			true,
@@ -601,7 +602,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "--name", "test", "-p", "80:80", "--detach=false", "awesome-image:latest", "somecmd", "--detach=false"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNameNewDetachFalseWithCmd,
 			true,
@@ -618,7 +619,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "--name", "test", "-p", "80:80", "--detach=false", "--detach=false", "awesome-image:latest", "somecmd", "--detach=false"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNameNewDetachFalseWithCmd,
 			true,
@@ -635,7 +636,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "-dti", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			genGoodNewDetach("-dti"),
 			true,
@@ -652,7 +653,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "run", "-tid", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			genGoodNewDetach("-tid"),
 			true,
@@ -669,7 +670,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       42,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "--events-backend", "none", "--runroot", "/root", "run", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNewRootFlags,
 			true,
@@ -686,7 +687,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "container", "create", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodContainerCreate,
 			true,
@@ -703,7 +704,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "create", "--name", "test", "--log-driver=journald", "--log-opt=tag={{.Name}}", "awesome-image:latest"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNewWithJournaldTag,
 			true,
@@ -720,7 +721,7 @@ WantedBy=multi-user.target default.target
 				StopTimeout:       10,
 				PodmanVersion:     "CI",
 				CreateCommand:     []string{"I'll get stripped", "create", "--name", "test", "awesome-image:latest", "sh", "-c", "kill $$ && echo %\\"},
-				EnvVariable:       EnvVariable,
+				EnvVariable:       define.EnvVariable,
 			},
 			goodNewWithSpecialChars,
 			true,
diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go
index 8c0401278..f96058d36 100644
--- a/pkg/systemd/generate/pods.go
+++ b/pkg/systemd/generate/pods.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/containers/podman/v3/libpod"
 	"github.com/containers/podman/v3/pkg/domain/entities"
+	"github.com/containers/podman/v3/pkg/systemd/define"
 	"github.com/containers/podman/v3/version"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -237,7 +238,7 @@ func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions)
 		info.Executable = executable
 	}
 
-	info.EnvVariable = EnvVariable
+	info.EnvVariable = define.EnvVariable
 	info.ExecStart = "{{{{.Executable}}}} start {{{{.InfraNameOrID}}}}"
 	info.ExecStop = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.InfraNameOrID}}}}"
 	info.ExecStopPost = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.InfraNameOrID}}}}"
author	OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>	2021-03-15 14:25:30 -0400
committer	GitHub <noreply@github.com>	2021-03-15 14:25:30 -0400
commit	e7dc59252bd722377938ac3e6b4fd7e077f05293 (patch)
tree	6a51b88aa97db1ff7dfa0313876b28844764aab1 /pkg
parent	fc02d16e728dfdd5a5f2e3bc622bbceb7f8c0d24 (diff)
parent	8de56070393ad449dc54ae622d9b82f28a6a5c52 (diff)
download	podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.tar.gz podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.tar.bz2 podman-e7dc59252bd722377938ac3e6b4fd7e077f05293.zip