container.conf: support attributed string slices

All `[]string`s in containers.conf have now been migrated to attributed string slices which require some adjustments in Buildah and Podman. [NO NEW TESTS NEEDED] Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2025-12-02 11:08:36 +08:00 · 2023-10-25 14:56:03 +02:00
parent 0242a7439e
commit e966c86d98
65 changed files with 10709 additions and 320 deletions
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -102,6 +102,8 @@ var (
 		"/usr/libexec/docker/cli-plugins/docker-compose",
 		"podman-compose",
 	}
+
+	defaultContainerEnv = []string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}
 )

 // nolint:unparam
@@ -191,41 +193,39 @@ func defaultConfig() (*Config, error) {

 	return &Config{
 		Containers: ContainersConfig{
-			Annotations:         []string{},
+			Annotations:         attributedstring.Slice{},
 			ApparmorProfile:     DefaultApparmorProfile,
 			BaseHostsFile:       "",
 			CgroupNS:            cgroupNS,
 			Cgroups:             getDefaultCgroupsMode(),
-			DNSOptions:          []string{},
-			DNSSearches:         []string{},
-			DNSServers:          []string{},
-			DefaultCapabilities: DefaultCapabilities,
-			DefaultSysctls:      []string{},
-			DefaultUlimits:      getDefaultProcessLimits(),
-			Devices:             []string{},
+			DNSOptions:          attributedstring.Slice{},
+			DNSSearches:         attributedstring.Slice{},
+			DNSServers:          attributedstring.Slice{},
+			DefaultCapabilities: attributedstring.NewSlice(DefaultCapabilities),
+			DefaultSysctls:      attributedstring.Slice{},
+			DefaultUlimits:      attributedstring.NewSlice(getDefaultProcessLimits()),
+			Devices:             attributedstring.Slice{},
 			EnableKeyring:       true,
 			EnableLabeling:      selinuxEnabled(),
-			Env: attributedstring.Slice{
-				Values: []string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"},
-			},
-			EnvHost:    false,
-			HTTPProxy:  true,
-			IPCNS:      "shareable",
-			Init:       false,
-			InitPath:   "",
-			LogDriver:  defaultLogDriver(),
-			LogSizeMax: DefaultLogSizeMax,
-			Mounts:     attributedstring.Slice{},
-			NetNS:      "private",
-			NoHosts:    false,
-			PidNS:      "private",
-			PidsLimit:  DefaultPidsLimit,
-			ShmSize:    DefaultShmSize,
-			TZ:         "",
-			UTSNS:      "private",
-			Umask:      "0022",
-			UserNSSize: DefaultUserNSSize, // Deprecated
-			Volumes:    attributedstring.Slice{},
+			Env:                 attributedstring.NewSlice(defaultContainerEnv),
+			EnvHost:             false,
+			HTTPProxy:           true,
+			IPCNS:               "shareable",
+			Init:                false,
+			InitPath:            "",
+			LogDriver:           defaultLogDriver(),
+			LogSizeMax:          DefaultLogSizeMax,
+			Mounts:              attributedstring.Slice{},
+			NetNS:               "private",
+			NoHosts:             false,
+			PidNS:               "private",
+			PidsLimit:           DefaultPidsLimit,
+			ShmSize:             DefaultShmSize,
+			TZ:                  "",
+			UTSNS:               "private",
+			Umask:               "0022",
+			UserNSSize:          DefaultUserNSSize, // Deprecated
+			Volumes:             attributedstring.Slice{},
 		},
 		Network: NetworkConfig{
 			DefaultNetwork:            "podman",
@@ -233,8 +233,8 @@ func defaultConfig() (*Config, error) {
 			DefaultSubnetPools:        DefaultSubnetPools,
 			DefaultRootlessNetworkCmd: "slirp4netns",
 			DNSBindPort:               0,
-			CNIPluginDirs:             DefaultCNIPluginDirs,
-			NetavarkPluginDirs:        DefaultNetavarkPluginDirs,
+			CNIPluginDirs:             attributedstring.NewSlice(DefaultCNIPluginDirs),
+			NetavarkPluginDirs:        attributedstring.NewSlice(DefaultNetavarkPluginDirs),
 		},
 		Engine:  *defaultEngineConfig,
 		Secrets: defaultSecretConfig(),
@@ -263,7 +263,7 @@ func defaultMachineConfig() MachineConfig {
 		Image:    getDefaultMachineImage(),
 		Memory:   2048,
 		User:     getDefaultMachineUser(),
-		Volumes:  getDefaultMachineVolumes(),
+		Volumes:  attributedstring.NewSlice(getDefaultMachineVolumes()),
 	}
 }

@@ -288,7 +288,7 @@ func defaultEngineConfig() (*EngineConfig, error) {
 	c.EventsLogFileMaxSize = eventsLogMaxSize(DefaultEventsLogSizeMax)

 	c.CompatAPIEnforceDockerHub = true
-	c.ComposeProviders = getDefaultComposeProviders() // may vary across supported platforms
+	c.ComposeProviders.Set(getDefaultComposeProviders()) // may vary across supported platforms
 	c.ComposeWarningLogs = true

 	if path, ok := os.LookupEnv("CONTAINERS_STORAGE_CONF"); ok {
@@ -312,11 +312,11 @@ func defaultEngineConfig() (*EngineConfig, error) {
 	c.VolumePluginTimeout = DefaultVolumePluginTimeout
 	c.CompressionFormat = "gzip"

-	c.HelperBinariesDir = defaultHelperBinariesDir
+	c.HelperBinariesDir.Set(defaultHelperBinariesDir)
 	if additionalHelperBinariesDir != "" {
-		c.HelperBinariesDir = append(c.HelperBinariesDir, additionalHelperBinariesDir)
+		c.HelperBinariesDir.Set(append(c.HelperBinariesDir.Get(), additionalHelperBinariesDir))
 	}
-	c.HooksDir = DefaultHooksDirs
+	c.HooksDir.Set(DefaultHooksDirs)
 	c.ImageDefaultTransport = _defaultTransport
 	c.ImageVolumeMode = _defaultImageVolumeMode

@@ -401,10 +401,8 @@ func defaultEngineConfig() (*EngineConfig, error) {
 	// Needs to be called after populating c.OCIRuntimes.
 	c.OCIRuntime = c.findRuntime()

-	c.ConmonEnvVars = []string{
-		"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
-	}
-	c.ConmonPath = []string{
+	c.ConmonEnvVars.Set([]string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"})
+	c.ConmonPath.Set([]string{
 		"/usr/libexec/podman/conmon",
 		"/usr/local/libexec/podman/conmon",
 		"/usr/local/lib/podman/conmon",
@@ -413,8 +411,8 @@ func defaultEngineConfig() (*EngineConfig, error) {
 		"/usr/local/bin/conmon",
 		"/usr/local/sbin/conmon",
 		"/run/current-system/sw/bin/conmon",
-	}
-	c.ConmonRsPath = []string{
+	})
+	c.ConmonRsPath.Set([]string{
 		"/usr/libexec/podman/conmonrs",
 		"/usr/local/libexec/podman/conmonrs",
 		"/usr/local/lib/podman/conmonrs",
@@ -423,9 +421,9 @@ func defaultEngineConfig() (*EngineConfig, error) {
 		"/usr/local/bin/conmonrs",
 		"/usr/local/sbin/conmonrs",
 		"/run/current-system/sw/bin/conmonrs",
-	}
+	})
 	c.PullPolicy = DefaultPullPolicy
-	c.RuntimeSupportsJSON = []string{
+	c.RuntimeSupportsJSON.Set([]string{
 		"crun",
 		"runc",
 		"kata",
@@ -433,9 +431,9 @@ func defaultEngineConfig() (*EngineConfig, error) {
 		"youki",
 		"krun",
 		"ocijail",
-	}
-	c.RuntimeSupportsNoCgroups = []string{"crun", "krun"}
-	c.RuntimeSupportsKVM = []string{"kata", "kata-runtime", "kata-qemu", "kata-fc", "krun"}
+	})
+	c.RuntimeSupportsNoCgroups.Set([]string{"crun", "krun"})
+	c.RuntimeSupportsKVM.Set([]string{"kata", "kata-runtime", "kata-qemu", "kata-fc", "krun"})
 	c.NoPivotRoot = false

 	c.InfraImage = DefaultInfraImage
@@ -505,7 +503,7 @@ func (c *Config) SecurityOptions() []string {

 // Sysctls returns the default sysctls to set in containers.
 func (c *Config) Sysctls() []string {
-	return c.Containers.DefaultSysctls
+	return c.Containers.DefaultSysctls.Get()
 }

 // Volumes returns the default set of volumes that should be mounted in containers.
@@ -520,27 +518,27 @@ func (c *Config) Mounts() []string {

 // Devices returns the default additional devices for containers.
 func (c *Config) Devices() []string {
-	return c.Containers.Devices
+	return c.Containers.Devices.Get()
 }

 // DNSServers returns the default DNS servers to add to resolv.conf in containers.
 func (c *Config) DNSServers() []string {
-	return c.Containers.DNSServers
+	return c.Containers.DNSServers.Get()
 }

 // DNSSerches returns the default DNS searches to add to resolv.conf in containers.
 func (c *Config) DNSSearches() []string {
-	return c.Containers.DNSSearches
+	return c.Containers.DNSSearches.Get()
 }

 // DNSOptions returns the default DNS options to add to resolv.conf in containers.
 func (c *Config) DNSOptions() []string {
-	return c.Containers.DNSOptions
+	return c.Containers.DNSOptions.Get()
 }

 // Env returns the default additional environment variables to add to containers.
 func (c *Config) Env() []string {
-	return c.Containers.Env.Values
+	return c.Containers.Env.Get()
 }

 // IPCNS returns the default IPC Namespace configuration to run containers with.
@@ -575,7 +573,7 @@ func (c *Config) ShmSize() string {

 // Ulimits returns the default ulimits to use in containers.
 func (c *Config) Ulimits() []string {
-	return c.Containers.DefaultUlimits
+	return c.Containers.DefaultUlimits.Get()
 }

 // PidsLimit returns the default maximum number of pids to use in containers.
@@ -620,7 +618,7 @@ func (c *Config) MachineEnabled() bool {

 // MachineVolumes returns volumes to mount into the VM.
 func (c *Config) MachineVolumes() ([]string, error) {
-	return machineVolumes(c.Machine.Volumes)
+	return machineVolumes(c.Machine.Volumes.Get())
 }

 func machineVolumes(volumes []string) ([]string, error) {