opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-26 12:56:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12861 from aklajnert/recursively_copy_certs

Browse Source 
ignition: recursively copy cert files
This commit is contained in:
OpenShift Merge Robot
2022-01-15 15:55:16 +01:00
committed by GitHub
parent a50d0837b6 420303b943
commit fff9e8755c
1 changed files with 46 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
pkg/machine/ignition.go
View File

@ -1,3 +1,4 @@
//go:build amd64 || arm64
// +build amd64 arm64 // +build amd64 arm64
package machine package machine
@ -423,46 +424,54 @@ func getCerts(certsDir string, isDir bool) []File {
files []File files []File
) )
certs, err := ioutil.ReadDir(certsDir)
if isDir { if isDir {
if err == nil { err := filepath.Walk(certsDir, func(path string, info os.FileInfo, err error) error {
for _, cert := range certs { if err == nil && !info.IsDir() {
b, err := ioutil.ReadFile(filepath.Join(certsDir, cert.Name())) certPath, err := filepath.Rel(certsDir, path)
if err != nil { if err != nil {
logrus.Warnf("Unable to read cert file %s", err.Error()) logrus.Warnf("%s", err)
continue return nil
} }
files = append(files, File{
Node: Node{ file, err := prepareCertFile(filepath.Join(certsDir, certPath), certPath)
Group: getNodeGrp("root"), if err == nil {
Path: filepath.Join("/etc/containers/certs.d/", cert.Name()), files = append(files, file)
User: getNodeUsr("root"), }
}, }
FileEmbedded1: FileEmbedded1{
Append: nil, return nil
Contents: Resource{
Source: encodeDataURLPtr(string(b)),
},
Mode: intToPtr(0644),
},
}) })
} if err != nil {
} else {
if !os.IsNotExist(err) { if !os.IsNotExist(err) {
logrus.Warnf("Unable to copy certs via ignition, error while reading certs from %s: %s", certsDir, err.Error()) logrus.Warnf("Unable to copy certs via ignition, error while reading certs from %s: %s", certsDir, err.Error())
} }
} }
} else { } else {
fileName := filepath.Base(certsDir) fileName := filepath.Base(certsDir)
b, err := ioutil.ReadFile(certsDir) file, err := prepareCertFile(certsDir, fileName)
if err == nil {
files = append(files, file)
}
}
return files
}
func prepareCertFile(path string, name string) (File, error) {
b, err := ioutil.ReadFile(path)
if err != nil { if err != nil {
logrus.Warnf("Unable to read cert file %s", err.Error()) logrus.Warnf("Unable to read cert file %s", err.Error())
return files return File{}, err
} }
files = append(files, File{
targetPath := filepath.Join("/etc/containers/certs.d", name)
logrus.Debugf("Copying cert file from '%s' to '%s'.", path, targetPath)
file := File{
Node: Node{ Node: Node{
Group: getNodeGrp("root"), Group: getNodeGrp("root"),
Path: filepath.Join("/etc/containers/certs.d/", fileName), Path: targetPath,
User: getNodeUsr("root"), User: getNodeUsr("root"),
}, },
FileEmbedded1: FileEmbedded1{ FileEmbedded1: FileEmbedded1{
@ -472,10 +481,8 @@ func getCerts(certsDir string, isDir bool) []File {
}, },
Mode: intToPtr(0644), Mode: intToPtr(0644),
}, },
})
} }
return file, nil
return files
} }
func getProxyVariables() string { func getProxyVariables() string {