From 72e715a1109426114ef054042be28014380a246d Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Fri, 9 Sep 2022 10:57:45 -0400 Subject: Use new secret store API Refactored secrets API in common for stability purposes. Move podman to said API. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui --- .../common/libnetwork/network/interface.go | 42 ++++++++++++++-------- .../containers/common/pkg/config/default.go | 2 -- .../containers/common/pkg/secrets/secrets.go | 33 +++++++++++++---- vendor/modules.txt | 2 +- 4 files changed, 54 insertions(+), 25 deletions(-) (limited to 'vendor') diff --git a/vendor/github.com/containers/common/libnetwork/network/interface.go b/vendor/github.com/containers/common/libnetwork/network/interface.go index 545655fd3..2093e1049 100644 --- a/vendor/github.com/containers/common/libnetwork/network/interface.go +++ b/vendor/github.com/containers/common/libnetwork/network/interface.go @@ -132,29 +132,41 @@ func defaultNetworkBackend(store storage.Store, conf *config.Config) (backend ty return types.CNI, nil } - // now check if there are already containers, images and CNI networks (new install?) + // If there are any containers then return CNI cons, err := store.Containers() if err != nil { return "", err } - if len(cons) == 0 { - imgs, err := store.Images() - if err != nil { + if len(cons) != 0 { + return types.CNI, nil + } + + // If there are any non ReadOnly images then return CNI + imgs, err := store.Images() + if err != nil { + return "", err + } + for _, i := range imgs { + if !i.ReadOnly { + return types.CNI, nil + } + } + + // If there are CNI Networks then return CNI + cniInterface, err := getCniInterface(conf) + if err == nil { + nets, err := cniInterface.NetworkList() + // there is always a default network so check > 1 + if err != nil && !errors.Is(err, os.ErrNotExist) { return "", err } - if len(imgs) == 0 { - cniInterface, err := getCniInterface(conf) - if err == nil { - nets, err := cniInterface.NetworkList() - // there is always a default network so check <= 1 - if err == nil && len(nets) <= 1 { - // we have a fresh system so use netavark - return types.Netavark, nil - } - } + + if len(nets) > 1 { + // we do not have a fresh system so use CNI + return types.CNI, nil } } - return types.CNI, nil + return types.Netavark, nil } func getCniInterface(conf *config.Config) (types.ContainerNetwork, error) { diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index b0d62779b..3a3a558a1 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -280,8 +280,6 @@ func defaultConfigFromMemory() (*EngineConfig, error) { } c.TmpDir = tmp - c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log") - c.EventsLogFileMaxSize = eventsLogMaxSize(DefaultEventsLogSizeMax) c.CompatAPIEnforceDockerHub = true diff --git a/vendor/github.com/containers/common/pkg/secrets/secrets.go b/vendor/github.com/containers/common/pkg/secrets/secrets.go index ff12fa799..705da3dda 100644 --- a/vendor/github.com/containers/common/pkg/secrets/secrets.go +++ b/vendor/github.com/containers/common/pkg/secrets/secrets.go @@ -72,13 +72,15 @@ type Secret struct { Name string `json:"name"` // ID is the unique secret ID ID string `json:"id"` + // Labels are labels on the secret + Labels map[string]string `json:"labels,omitempty"` // Metadata stores other metadata on the secret Metadata map[string]string `json:"metadata,omitempty"` // CreatedAt is when the secret was created CreatedAt time.Time `json:"createdAt"` // Driver is the driver used to store secret data Driver string `json:"driver"` - // DriverOptions is other metadata needed to use the driver + // DriverOptions are extra options used to run this driver DriverOptions map[string]string `json:"driverOptions"` } @@ -100,6 +102,16 @@ type SecretsDriver interface { Delete(id string) error } +// StoreOptions are optional metadata fields that can be set when storing a new secret +type StoreOptions struct { + // DriverOptions are extra options used to run this driver + DriverOpts map[string]string + // Metadata stores extra metadata on the secret + Metadata map[string]string + // Labels are labels on the secret + Labels map[string]string +} + // NewManager creates a new secrets manager // rootPath is the directory where the secrets data file resides func NewManager(rootPath string) (*SecretsManager, error) { @@ -129,7 +141,7 @@ func NewManager(rootPath string) (*SecretsManager, error) { // Store takes a name, creates a secret and stores the secret metadata and the secret payload. // It returns a generated ID that is associated with the secret. // The max size for secret data is 512kB. -func (s *SecretsManager) Store(name string, data []byte, driverType string, driverOpts map[string]string, metadata map[string]string) (string, error) { +func (s *SecretsManager) Store(name string, data []byte, driverType string, options StoreOptions) (string, error) { err := validateSecretName(name) if err != nil { return "", err @@ -168,16 +180,23 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, driv } } - if metadata == nil { - metadata = make(map[string]string) + if options.Metadata == nil { + options.Metadata = make(map[string]string) + } + if options.Labels == nil { + options.Labels = make(map[string]string) + } + if options.DriverOpts == nil { + options.DriverOpts = make(map[string]string) } secr.Driver = driverType - secr.Metadata = metadata + secr.Metadata = options.Metadata secr.CreatedAt = time.Now() - secr.DriverOptions = driverOpts + secr.DriverOptions = options.DriverOpts + secr.Labels = options.Labels - driver, err := getDriver(driverType, driverOpts) + driver, err := getDriver(driverType, options.DriverOpts) if err != nil { return "", err } diff --git a/vendor/modules.txt b/vendor/modules.txt index 43fa24b56..a2ac343f3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -110,7 +110,7 @@ github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/util -# github.com/containers/common v0.49.2-0.20220908074553-1a09baf471c4 +# github.com/containers/common v0.49.2-0.20220909190843-e5685792b5d7 ## explicit github.com/containers/common/libimage github.com/containers/common/libimage/define -- cgit v1.2.3-54-g00ecf