opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-01 19:21:04 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
podman/pkg/machine/ocipull/policy.go
Brent Baude d7bc7b7b41 do not require policy.json 
we are having second thoughts about *requiring* a policy.json on podman
machine hosts.  we are concerned that we need to work out some more use
cases to be sure we do not make choices now that limit us in the near
term future. for example, should the policy files be the same for
container images and machine images? And should one live on the host
machine and the other live in the machine?

therefore, if a policy.json *is* present in the correct location, we will use and honor it; however, if it does not, we will allow the machine image to be pulled without a policy.

Signed-off-by: Brent Baude <baude@redhat.com>
Co-authored-by: Paul Holzinger <45212748+Luap99@users.noreply.github.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
2024-03-13 09:07:51 -05:00

34 lines
1.1 KiB
Go
Raw Blame History

package ocipull
import (
"os"
"path/filepath"
"github.com/sirupsen/logrus"
)
// DefaultPolicyJSONPath should be overwritten at build time with the real path to the directory where
// the shipped policy.json file is located. This can either be absolute path or a relative path. If it
// is relative it will be resolved relative to the podman binary and NOT the CWD.
//
// use "-X github.com/containers/podman/v5/pkg/machine/ocipull.DefaultPolicyJSONPath=/somepath" in go ldflags to overwrite this
var DefaultPolicyJSONPath = ""
const policyfile = "policy.json"
// policyPaths returns a slice of possible directories where a policy.json might live
func policyPaths() []string {
paths := localPolicyOverwrites()
if DefaultPolicyJSONPath != "" {
if filepath.IsAbs(DefaultPolicyJSONPath) {
return append(paths, filepath.Join(DefaultPolicyJSONPath, policyfile))
}
p, err := os.Executable()
if err != nil {
logrus.Warnf("could not resolve relative path to binary: %q", err)
}
paths = append(paths, filepath.Join(filepath.Dir(p), DefaultPolicyJSONPath, policyfile))
}
return paths
}
Reference in New Issue View Git Blame Copy Permalink