warn instead of error, lift logic to main.go

Signed-off-by: Evan Miller <miller.evan815@gmail.com>

cmd/quadlet/main.go

@@ -574,6 +574,20 @@ func warnIfAmbiguousName(unit *parser.UnitFile, group string) {
 	}
 }
 
+// Warns if the unit has any properties defined in the Service group that are known to cause issues.
+// We want to warn instead of erroring to avoid breaking any existing users' units,
+// or to allow users to use these properties if they know what they are doing.
+// We implement this here instead of in quadlet.initServiceUnitFile to avoid
+// having to refactor a large amount of code in the generator just for a warning.
+func warnIfUnsupportedServiceKeys(unit *parser.UnitFile) {
+	for _, key := range quadlet.UnsupportedServiceKeys {
+		_, hasKey := unit.Lookup(quadlet.ServiceGroup, key)
+		if hasKey {
+			Logf("Warning: using key %s in the Service group is not supported - use at your own risk", key)
+		}
+	}
+}
+
 func generateUnitsInfoMap(units []*parser.UnitFile) map[string]*quadlet.UnitInfo {
 	unitsInfoMap := make(map[string]*quadlet.UnitInfo)
 	for _, unit := range units {
@@ -722,6 +736,8 @@ func process() bool {
 		var service *parser.UnitFile
 		var warnings, err error
 
+		warnIfUnsupportedServiceKeys(unit)
+
 		switch {
 		case strings.HasSuffix(unit.Filename, ".container"):
 			warnIfAmbiguousName(unit, quadlet.ContainerGroup)

pkg/systemd/quadlet/quadlet.go

@@ -2248,14 +2248,6 @@ func initServiceUnitFile(quadletUnitFile *parser.UnitFile, isUser bool, unitsInf
 		return nil, nil, err
 	}
 
-	// These Service keys cannot be used in a Quadlet unit
-	for _, key := range UnsupportedServiceKeys {
-		_, hasKey := quadletUnitFile.Lookup(ServiceGroup, key)
-		if hasKey {
-			return nil, nil, fmt.Errorf("using key %s in the Service group is not supported", key)
-		}
-	}
-
 	service := quadletUnitFile.Dup()
 	service.Filename = unitInfo.ServiceFileName()
 

test/e2e/quadlet/service-dynamicuser.build

@@ -1,4 +1,8 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
+
+[Build]
+ImageTag=localhost/imagename
+SetWorkingDirectory=unit
+
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.container

@@ -1,4 +1,7 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
+
+[Container]
+Image=localhost/imagename
+
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.image

@@ -1,4 +1,7 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
+
+[Image]
+Image=localhost/imagename
+
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.kube

@@ -1,4 +1,7 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
+
+[Kube]
+Yaml=deployment.yml
+
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.network

@@ -1,4 +1,3 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.pod

@@ -1,4 +1,3 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-dynamicuser.volume

@@ -1,4 +1,3 @@
-## assert-failed
 ## assert-stderr-contains "using key DynamicUser in the Service group is not supported"
 [Service]
 DynamicUser=foobar

test/e2e/quadlet/service-group.container

@@ -1,7 +1,8 @@
-## assert-failed
 ## assert-stderr-contains "using key Group in the Service group is not supported"
 [Container]
+Image=localhost/imagename
 # This is fine
+User=1000
 Group=1000
 
 [Service]

test/e2e/quadlet/service-user.container

@@ -1,6 +1,6 @@
-## assert-failed
 ## assert-stderr-contains "using key User in the Service group is not supported"
 [Container]
+Image=localhost/imagename
 # This is fine
 User=1000
 

test/e2e/quadlet_test.go

@@ -1096,6 +1096,16 @@ BOGUS=foo
 		runWarningQuadletTestCase,
 		Entry("label-unsupported-escape.container", "label-unsupported-escape.container", "unsupported escape char"),
 		Entry("shortname.container", "shortname.container", "Warning: shortname.container specifies the image \"shortname\" which not a fully qualified image name. This is not ideal for performance and security reasons. See the podman-pull manpage discussion of short-name-aliases.conf for details."),
+
+		Entry("Unsupported Service Key - User", "service-user.container", "Warning: using key User in the Service group is not supported"),
+		Entry("Unsupported Service Key - Group", "service-group.container", "Warning: using key Group in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.build", "service-dynamicuser.build", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.container", "service-dynamicuser.container", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.image", "service-dynamicuser.image", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.kube", "service-dynamicuser.kube", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.network", "service-dynamicuser.network", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.pod", "service-dynamicuser.pod", "Warning: using key DynamicUser in the Service group is not supported"),
+		Entry("Unsupported Service Key - DynamicUser.volume", "service-dynamicuser.volume", "Warning: using key DynamicUser in the Service group is not supported"),
 	)
 
 	DescribeTable("Running expected error quadlet test case",
@@ -1126,16 +1136,6 @@ BOGUS=foo
 		Entry("Build - Neither WorkingDirectory nor File Key", "neither-workingdirectory-nor-file.build", "converting \"neither-workingdirectory-nor-file.build\": neither SetWorkingDirectory, nor File key specified"),
 		Entry("Build - No ImageTag Key", "no-imagetag.build", "converting \"no-imagetag.build\": no ImageTag key specified"),
 		Entry("emptyline.container", "emptyline.container", "converting \"emptyline.container\": no Image or Rootfs key specified"),
-
-		Entry("Unsupported Service Key - User", "service-user.container", "converting \"service-user.container\": using key User in the Service group is not supported"),
-		Entry("Unsupported Service Key - Group", "service-group.container", "converting \"service-group.container\": using key Group in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.build", "service-dynamicuser.build", "converting \"service-dynamicuser.build\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.container", "service-dynamicuser.container", "converting \"service-dynamicuser.container\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.image", "service-dynamicuser.image", "converting \"service-dynamicuser.image\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.kube", "service-dynamicuser.kube", "converting \"service-dynamicuser.kube\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.network", "service-dynamicuser.network", "converting \"service-dynamicuser.network\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.pod", "service-dynamicuser.pod", "converting \"service-dynamicuser.pod\": using key DynamicUser in the Service group is not supported"),
-		Entry("Unsupported Service Key - DynamicUser.volume", "service-dynamicuser.volume", "converting \"service-dynamicuser.volume\": using key DynamicUser in the Service group is not supported"),
 	)
 
 	DescribeTable("Running success quadlet with ServiceName test case",