diff options
Diffstat (limited to 'pkg/adapter')
-rw-r--r-- | pkg/adapter/client.go | 50 | ||||
-rw-r--r-- | pkg/adapter/client_config.go | 32 | ||||
-rw-r--r-- | pkg/adapter/containers_remote.go | 2 | ||||
-rw-r--r-- | pkg/adapter/runtime.go | 5 | ||||
-rw-r--r-- | pkg/adapter/runtime_remote.go | 41 |
5 files changed, 74 insertions, 56 deletions
diff --git a/pkg/adapter/client.go b/pkg/adapter/client.go index f672a92a6..01914834f 100644 --- a/pkg/adapter/client.go +++ b/pkg/adapter/client.go @@ -10,44 +10,56 @@ import ( "github.com/varlink/go/varlink" ) -type VarlinkConnectionInfo struct { - RemoteUserName string - RemoteHost string - VarlinkAddress string -} - -// Connect provides a varlink connection -func (r RemoteRuntime) Connect() (*varlink.Connection, error) { - var ( - err error - connection *varlink.Connection - ) +var remoteEndpoint *Endpoint - logLevel := r.cmd.LogLevel +func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) { + if remoteEndpoint == nil { + remoteEndpoint = &Endpoint{Unknown, ""} + } else { + return remoteEndpoint, nil + } // I'm leaving this here for now as a document of the birdge format. It can be removed later once the bridge // function is more flushed out. - //bridge := `ssh -T root@192.168.122.1 "/usr/bin/varlink -A '/usr/bin/podman varlink \$VARLINK_ADDRESS' bridge"` + // bridge := `ssh -T root@192.168.122.1 "/usr/bin/varlink -A '/usr/bin/podman varlink \$VARLINK_ADDRESS' bridge"` if len(r.cmd.RemoteHost) > 0 { // The user has provided a remote host endpoint if len(r.cmd.RemoteUserName) < 1 { return nil, errors.New("you must provide a username when providing a remote host name") } - bridge := fmt.Sprintf(`ssh -T %s@%s /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`, r.cmd.RemoteUserName, r.cmd.RemoteHost, logLevel) - connection, err = varlink.NewBridge(bridge) + remoteEndpoint.Type = BridgeConnection + remoteEndpoint.Connection = fmt.Sprintf( + `ssh -T %s@%s /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`, + r.cmd.RemoteUserName, r.cmd.RemoteHost, r.cmd.LogLevel) + } else if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" { - connection, err = varlink.NewBridge(bridge) + remoteEndpoint.Type = BridgeConnection + remoteEndpoint.Connection = bridge } else { address := os.Getenv("PODMAN_VARLINK_ADDRESS") if address == "" { address = DefaultAddress } - connection, err = varlink.NewConnection(address) + remoteEndpoint.Type = DirectConnection + remoteEndpoint.Connection = address } + return +} + +// Connect provides a varlink connection +func (r RemoteRuntime) Connect() (*varlink.Connection, error) { + ep, err := r.RemoteEndpoint() if err != nil { return nil, err } - return connection, nil + + switch ep.Type { + case DirectConnection: + return varlink.NewConnection(ep.Connection) + case BridgeConnection: + return varlink.NewBridge(ep.Connection) + } + return nil, errors.New(fmt.Sprintf("Unable to determine type of varlink connection: %s", ep.Connection)) } // RefreshConnection is used to replace the current r.Conn after things like diff --git a/pkg/adapter/client_config.go b/pkg/adapter/client_config.go index d165ef1cc..3559b16e3 100644 --- a/pkg/adapter/client_config.go +++ b/pkg/adapter/client_config.go @@ -2,3 +2,35 @@ package adapter // DefaultAddress is the default address of the varlink socket const DefaultAddress = "unix:/run/podman/io.podman" + +// EndpointType declares the type of server connection +type EndpointType int + +// Enum of connection types +const ( + Unknown = iota - 1 // Unknown connection type + BridgeConnection // BridgeConnection proxy connection via ssh + DirectConnection // DirectConnection socket connection to server +) + +// String prints ASCII string for EndpointType +func (e EndpointType) String() string { + // declare an array of strings + // ... operator counts how many + // items in the array (7) + names := [...]string{ + "BridgeConnection", + "DirectConnection", + } + + if e < BridgeConnection || e > DirectConnection { + return "Unknown" + } + return names[e] +} + +// Endpoint type and connection string to use +type Endpoint struct { + Type EndpointType + Connection string +} diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go index 63b0f9d2f..c34495b3d 100644 --- a/pkg/adapter/containers_remote.go +++ b/pkg/adapter/containers_remote.go @@ -561,7 +561,7 @@ func (r *LocalRuntime) attach(ctx context.Context, stdin, stdout *os.File, cid s if err != nil { return nil, err } - resize := make(chan remotecommand.TerminalSize) + resize := make(chan remotecommand.TerminalSize, 5) haveTerminal := terminal.IsTerminal(int(os.Stdin.Fd())) // Check if we are attached to a terminal. If we are, generate resize diff --git a/pkg/adapter/runtime.go b/pkg/adapter/runtime.go index 21613c425..37ee1b737 100644 --- a/pkg/adapter/runtime.go +++ b/pkg/adapter/runtime.go @@ -398,3 +398,8 @@ func (r *LocalRuntime) GetPodsByStatus(statuses []string) ([]*libpod.Pod, error) func (r *LocalRuntime) GetVersion() (libpod.Version, error) { return libpod.GetVersion() } + +// RemoteEndpoint resolve interface requirement +func (r *LocalRuntime) RemoteEndpoint() (*Endpoint, error) { + return nil, errors.New("RemoteEndpoint() not implemented for local connection") +} diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go index e86287462..e0c0898bd 100644 --- a/pkg/adapter/runtime_remote.go +++ b/pkg/adapter/runtime_remote.go @@ -182,10 +182,7 @@ func (r *LocalRuntime) NewImageFromLocal(name string) (*ContainerImage, error) { // LoadFromArchiveReference creates an image from a local archive func (r *LocalRuntime) LoadFromArchiveReference(ctx context.Context, srcRef types.ImageReference, signaturePolicyPath string, writer io.Writer) ([]*ContainerImage, error) { var iid string - // TODO We need to find a way to leak certDir, creds, and the tlsverify into this function, normally this would - // come from cli options but we don't want want those in here either. - tlsverify := true - reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, srcRef.DockerReference().String(), "", "", signaturePolicyPath, &tlsverify) + reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, srcRef.DockerReference().String()) if err != nil { return nil, err } @@ -217,21 +214,7 @@ func (r *LocalRuntime) New(ctx context.Context, name, signaturePolicyPath, authf if label != nil { return nil, errors.New("the remote client function does not support checking a remote image for a label") } - var ( - tlsVerify bool - tlsVerifyPtr *bool - ) - if dockeroptions.DockerInsecureSkipTLSVerify == types.OptionalBoolFalse { - tlsVerify = true - tlsVerifyPtr = &tlsVerify - - } - if dockeroptions.DockerInsecureSkipTLSVerify == types.OptionalBoolTrue { - tlsVerify = false - tlsVerifyPtr = &tlsVerify - } - - reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, name, dockeroptions.DockerCertPath, "", signaturePolicyPath, tlsVerifyPtr) + reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, name) if err != nil { return nil, err } @@ -429,9 +412,8 @@ func (r *LocalRuntime) Build(ctx context.Context, c *cliconfig.BuildValues, opti Quiet: options.Quiet, RemoteIntermediateCtrs: options.RemoveIntermediateCtrs, // ReportWriter: - RuntimeArgs: options.RuntimeArgs, - SignaturePolicyPath: options.SignaturePolicyPath, - Squash: options.Squash, + RuntimeArgs: options.RuntimeArgs, + Squash: options.Squash, } // tar the file outputFile, err := ioutil.TempFile("", "varlink_tar_send") @@ -570,20 +552,7 @@ func (r *LocalRuntime) RemoveVolumes(ctx context.Context, c *cliconfig.VolumeRmV func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error { - var ( - tls *bool - tlsVerify bool - ) - if dockerRegistryOptions.DockerInsecureSkipTLSVerify == types.OptionalBoolTrue { - tlsVerify = false - tls = &tlsVerify - } - if dockerRegistryOptions.DockerInsecureSkipTLSVerify == types.OptionalBoolFalse { - tlsVerify = true - tls = &tlsVerify - } - - reply, err := iopodman.PushImage().Send(r.Conn, varlink.More, srcName, destination, tls, signaturePolicyPath, "", dockerRegistryOptions.DockerCertPath, forceCompress, manifestMIMEType, signingOptions.RemoveSignatures, signingOptions.SignBy) + reply, err := iopodman.PushImage().Send(r.Conn, varlink.More, srcName, destination, forceCompress, manifestMIMEType, signingOptions.RemoveSignatures, signingOptions.SignBy) if err != nil { return err } |