Use new secret store API

Refactored secrets API in common for stability purposes. Move podman to
said API.

[NO NEW TESTS NEEDED]

Signed-off-by: Ashley Cui <acui@redhat.com>

vendor/github.com/containers/common/libnetwork/network/interface.go

@@ -132,29 +132,41 @@ func defaultNetworkBackend(store storage.Store, conf *config.Config) (backend ty
 		return types.CNI, nil
 	}
 
-	// now check if there are already containers, images and CNI networks (new install?)
+	// If there are any containers then return CNI
 	cons, err := store.Containers()
 	if err != nil {
 		return "", err
 	}
-	if len(cons) == 0 {
-		imgs, err := store.Images()
-		if err != nil {
-			return "", err
-		}
-		if len(imgs) == 0 {
-			cniInterface, err := getCniInterface(conf)
-			if err == nil {
-				nets, err := cniInterface.NetworkList()
-				// there is always a default network so check <= 1
-				if err == nil && len(nets) <= 1 {
-					// we have a fresh system so use netavark
-					return types.Netavark, nil
-				}
-			}
+	if len(cons) != 0 {
+		return types.CNI, nil
+	}
+
+	// If there are any non ReadOnly images then return CNI
+	imgs, err := store.Images()
+	if err != nil {
+		return "", err
+	}
+	for _, i := range imgs {
+		if !i.ReadOnly {
+			return types.CNI, nil
 		}
 	}
-	return types.CNI, nil
+
+	// If there are CNI Networks then return CNI
+	cniInterface, err := getCniInterface(conf)
+	if err == nil {
+		nets, err := cniInterface.NetworkList()
+		// there is always a default network so check > 1
+		if err != nil && !errors.Is(err, os.ErrNotExist) {
+			return "", err
+		}
+
+		if len(nets) > 1 {
+			// we do not have a fresh system so use CNI
+			return types.CNI, nil
+		}
+	}
+	return types.Netavark, nil
 }
 
 func getCniInterface(conf *config.Config) (types.ContainerNetwork, error) {

vendor/github.com/containers/common/pkg/config/default.go

@@ -280,8 +280,6 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 	}
 	c.TmpDir = tmp
 
-	c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log")
-
 	c.EventsLogFileMaxSize = eventsLogMaxSize(DefaultEventsLogSizeMax)
 
 	c.CompatAPIEnforceDockerHub = true

vendor/github.com/containers/common/pkg/secrets/secrets.go

@@ -72,13 +72,15 @@ type Secret struct {
 	Name string `json:"name"`
 	// ID is the unique secret ID
 	ID string `json:"id"`
+	// Labels are labels on the secret
+	Labels map[string]string `json:"labels,omitempty"`
 	// Metadata stores other metadata on the secret
 	Metadata map[string]string `json:"metadata,omitempty"`
 	// CreatedAt is when the secret was created
 	CreatedAt time.Time `json:"createdAt"`
 	// Driver is the driver used to store secret data
 	Driver string `json:"driver"`
-	// DriverOptions is other metadata needed to use the driver
+	// DriverOptions are extra options used to run this driver
 	DriverOptions map[string]string `json:"driverOptions"`
 }
 
@@ -100,6 +102,16 @@ type SecretsDriver interface {
 	Delete(id string) error
 }
 
+// StoreOptions are optional metadata fields that can be set when storing a new secret
+type StoreOptions struct {
+	// DriverOptions are extra options used to run this driver
+	DriverOpts map[string]string
+	// Metadata stores extra metadata on the secret
+	Metadata map[string]string
+	// Labels are labels on the secret
+	Labels map[string]string
+}
+
 // NewManager creates a new secrets manager
 // rootPath is the directory where the secrets data file resides
 func NewManager(rootPath string) (*SecretsManager, error) {
@@ -129,7 +141,7 @@ func NewManager(rootPath string) (*SecretsManager, error) {
 // Store takes a name, creates a secret and stores the secret metadata and the secret payload.
 // It returns a generated ID that is associated with the secret.
 // The max size for secret data is 512kB.
-func (s *SecretsManager) Store(name string, data []byte, driverType string, driverOpts map[string]string, metadata map[string]string) (string, error) {
+func (s *SecretsManager) Store(name string, data []byte, driverType string, options StoreOptions) (string, error) {
 	err := validateSecretName(name)
 	if err != nil {
 		return "", err
@@ -168,16 +180,23 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, driv
 		}
 	}
 
-	if metadata == nil {
-		metadata = make(map[string]string)
+	if options.Metadata == nil {
+		options.Metadata = make(map[string]string)
+	}
+	if options.Labels == nil {
+		options.Labels = make(map[string]string)
+	}
+	if options.DriverOpts == nil {
+		options.DriverOpts = make(map[string]string)
 	}
 
 	secr.Driver = driverType
-	secr.Metadata = metadata
+	secr.Metadata = options.Metadata
 	secr.CreatedAt = time.Now()
-	secr.DriverOptions = driverOpts
+	secr.DriverOptions = options.DriverOpts
+	secr.Labels = options.Labels
 
-	driver, err := getDriver(driverType, driverOpts)
+	driver, err := getDriver(driverType, options.DriverOpts)
 	if err != nil {
 		return "", err
 	}