summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--SECURITY.md4
-rw-r--r--pkg/api/handlers/compat/info.go34
-rw-r--r--test/apiv2/20-containers.at5
-rw-r--r--test/python/docker/__init__.py21
-rw-r--r--test/python/docker/compat/test_system.py5
5 files changed, 56 insertions, 13 deletions
diff --git a/SECURITY.md b/SECURITY.md
index 1f6d5088d..6f919afbb 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,3 +1,3 @@
-## Security and Disclosure Information Policy for the Libpod Project
+## Security and Disclosure Information Policy for the Podman Project
-The Libpod Project follows the [Security and Disclosure Information Policy](https://github.com/containers/common/blob/main/SECURITY.md) for the Containers Projects.
+The Podman Project follows the [Security and Disclosure Information Policy](https://github.com/containers/common/blob/main/SECURITY.md) for the Containers Projects.
diff --git a/pkg/api/handlers/compat/info.go b/pkg/api/handlers/compat/info.go
index 42a513002..2dfca2f30 100644
--- a/pkg/api/handlers/compat/info.go
+++ b/pkg/api/handlers/compat/info.go
@@ -11,6 +11,7 @@ import (
"github.com/containers/common/pkg/config"
"github.com/containers/common/pkg/sysinfo"
+ "github.com/containers/image/v5/pkg/sysregistriesv2"
"github.com/containers/podman/v4/libpod"
"github.com/containers/podman/v4/libpod/define"
"github.com/containers/podman/v4/pkg/api/handlers"
@@ -108,7 +109,7 @@ func GetInfo(w http.ResponseWriter, r *http.Request) {
Log: infoData.Plugins.Log,
},
ProductLicense: "Apache-2.0",
- RegistryConfig: new(registry.ServiceConfig),
+ RegistryConfig: getServiceConfig(runtime),
RuncCommit: docker.Commit{},
Runtimes: getRuntimes(configInfo),
SecurityOptions: getSecOpts(sysInfo),
@@ -133,6 +134,37 @@ func GetInfo(w http.ResponseWriter, r *http.Request) {
utils.WriteResponse(w, http.StatusOK, info)
}
+func getServiceConfig(runtime *libpod.Runtime) *registry.ServiceConfig {
+ var indexConfs map[string]*registry.IndexInfo
+
+ regs, err := sysregistriesv2.GetRegistries(runtime.SystemContext())
+ if err == nil {
+ indexConfs = make(map[string]*registry.IndexInfo, len(regs))
+ for _, reg := range regs {
+ mirrors := make([]string, len(reg.Mirrors))
+ for i, mirror := range reg.Mirrors {
+ mirrors[i] = mirror.Location
+ }
+ indexConfs[reg.Prefix] = &registry.IndexInfo{
+ Name: reg.Prefix,
+ Mirrors: mirrors,
+ Secure: !reg.Insecure,
+ }
+ }
+ } else {
+ log.Warnf("failed to get registries configuration: %v", err)
+ indexConfs = make(map[string]*registry.IndexInfo)
+ }
+
+ return &registry.ServiceConfig{
+ AllowNondistributableArtifactsCIDRs: make([]*registry.NetIPNet, 0),
+ AllowNondistributableArtifactsHostnames: make([]string, 0),
+ InsecureRegistryCIDRs: make([]*registry.NetIPNet, 0),
+ IndexConfigs: indexConfs,
+ Mirrors: make([]string, 0),
+ }
+}
+
func getGraphStatus(storeInfo map[string]string) [][2]string {
graphStatus := make([][2]string, 0, len(storeInfo))
for k, v := range storeInfo {
diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at
index 72003984f..e6d49ac25 100644
--- a/test/apiv2/20-containers.at
+++ b/test/apiv2/20-containers.at
@@ -18,6 +18,11 @@ podman rm -a -f &>/dev/null
t GET "libpod/containers/json (at start: clean slate)" 200 length=0
+# Regression test for #12904
+podman run --rm -d --replace --name foo $IMAGE sh -c "echo 123;sleep 42"
+t POST "containers/foo/attach?logs=true&stream=false" 200
+t POST "containers/foo/kill" 204
+
podman run -v /tmp:/tmp $IMAGE true
t GET libpod/containers/json 200 length=0
diff --git a/test/python/docker/__init__.py b/test/python/docker/__init__.py
index 80fc2a133..816667b82 100644
--- a/test/python/docker/__init__.py
+++ b/test/python/docker/__init__.py
@@ -42,16 +42,19 @@ class Podman(object):
os.environ["CONTAINERS_REGISTRIES_CONF"] = os.path.join(
self.anchor_directory, "registry.conf"
)
- p = configparser.ConfigParser()
- p.read_dict(
- {
- "registries.search": {"registries": "['quay.io', 'docker.io']"},
- "registries.insecure": {"registries": "[]"},
- "registries.block": {"registries": "[]"},
- }
- )
+ conf = """unqualified-search-registries = ["docker.io", "quay.io"]
+
+[[registry]]
+location="localhost:5000"
+insecure=true
+
+[[registry.mirror]]
+location = "mirror.localhost:5000"
+
+"""
+
with open(os.environ["CONTAINERS_REGISTRIES_CONF"], "w") as w:
- p.write(w)
+ w.write(conf)
os.environ["CNI_CONFIG_PATH"] = os.path.join(
self.anchor_directory, "cni", "net.d"
diff --git a/test/python/docker/compat/test_system.py b/test/python/docker/compat/test_system.py
index 131b18991..a928de0ee 100644
--- a/test/python/docker/compat/test_system.py
+++ b/test/python/docker/compat/test_system.py
@@ -54,7 +54,10 @@ class TestSystem(unittest.TestCase):
return super().tearDownClass()
def test_Info(self):
- self.assertIsNotNone(self.client.info())
+ info = self.client.info()
+ self.assertIsNotNone(info)
+ self.assertEqual(info["RegistryConfig"]["IndexConfigs"]["localhost:5000"]["Secure"], False)
+ self.assertEqual(info["RegistryConfig"]["IndexConfigs"]["localhost:5000"]["Mirrors"], ["mirror.localhost:5000"])
def test_info_container_details(self):
info = self.client.info()