From 956a9af86f5976ffc3fdce2fe873ffb3d6ca1d86 Mon Sep 17 00:00:00 2001 From: Celian Raimbault Date: Fri, 13 Dec 2024 10:13:50 +0100 Subject: [PATCH 1/2] [fix-podman-config] fixed --- resources/local/podman/vm.go | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/resources/local/podman/vm.go b/resources/local/podman/vm.go index 6461e513c..f819bace6 100644 --- a/resources/local/podman/vm.go +++ b/resources/local/podman/vm.go @@ -20,6 +20,7 @@ type VMArgs struct { //go:embed data/Dockerfile var dockerfileContent string +var customDockerConfig string = "{}" func NewInstance(e resourceslocal.Environment, args VMArgs, opts ...pulumi.ResourceOption) (address pulumi.StringOutput, user string, port int, err error) { interpreter := []string{"/bin/bash", "-c"} @@ -49,14 +50,22 @@ func NewInstance(e resourceslocal.Environment, args VMArgs, opts ...pulumi.Resou return pulumi.StringOutput{}, "", -1, err } + // Use a config to avoid docker hooks that can call vault or other services (credHelpers) + err = os.WriteFile(path.Join(dataPath, "config.json"), []byte(customDockerConfig), 0600) + if err != nil { + return pulumi.StringOutput{}, "", -1, err + } + + podmanCommand := "podman --config " + dataPath + opts = utils.MergeOptions(opts, e.WithProviders(config.ProviderCommand)) // TODO use NewLocalRunner // requires a refactor to pass interpreter buildPodman, err := local.NewCommand(e.Ctx(), e.CommonNamer().ResourceName("podman-build", args.Name), &local.CommandArgs{ Interpreter: pulumi.ToStringArray(interpreter), Environment: pulumi.StringMap{"DOCKER_HOST_SSH_PUBLIC_KEY": pulumi.String(string(publicKey))}, - Create: pulumi.Sprintf("podman build --format=docker --build-arg DOCKER_HOST_SSH_PUBLIC_KEY=\"$DOCKER_HOST_SSH_PUBLIC_KEY\" -t %s .", args.Name), - Delete: pulumi.Sprintf("podman rmi %s", args.Name), + Create: pulumi.Sprintf("%s build --format=docker --build-arg DOCKER_HOST_SSH_PUBLIC_KEY=\"$DOCKER_HOST_SSH_PUBLIC_KEY\" -t %s .", podmanCommand, args.Name), + Delete: pulumi.Sprintf("%s rmi %s", podmanCommand, args.Name), Triggers: pulumi.Array{}, AssetPaths: pulumi.StringArray{}, Dir: pulumi.String(dataPath), @@ -68,8 +77,8 @@ func NewInstance(e resourceslocal.Environment, args VMArgs, opts ...pulumi.Resou runPodman, err := local.NewCommand(e.Ctx(), e.CommonNamer().ResourceName("podman-run", args.Name), &local.CommandArgs{ Interpreter: pulumi.ToStringArray(interpreter), Environment: pulumi.StringMap{"DOCKER_HOST_SSH_PUBLIC_KEY": pulumi.String(string(publicKey))}, - Create: pulumi.Sprintf("podman run -d --name=%[1]s_run -p 50022:22 %[1]s", args.Name), - Delete: pulumi.Sprintf("podman stop %[1]s_run && podman rm %[1]s_run", args.Name), + Create: pulumi.Sprintf("%s run -d --name=%[2]s_run -p 50022:22 %[2]s", podmanCommand, args.Name), + Delete: pulumi.Sprintf("%s stop %[2]s_run && podman rm %[2]s_run", podmanCommand, args.Name), Triggers: pulumi.Array{}, AssetPaths: pulumi.StringArray{}, Dir: pulumi.String(dataPath), From 78bb5f6da965d26132c2e0d403e8b4c453b73eef Mon Sep 17 00:00:00 2001 From: Celian Raimbault Date: Fri, 13 Dec 2024 10:17:27 +0100 Subject: [PATCH 2/2] [fix-podman-config] Format --- resources/local/podman/vm.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/local/podman/vm.go b/resources/local/podman/vm.go index f819bace6..6ec2bf8e2 100644 --- a/resources/local/podman/vm.go +++ b/resources/local/podman/vm.go @@ -20,7 +20,7 @@ type VMArgs struct { //go:embed data/Dockerfile var dockerfileContent string -var customDockerConfig string = "{}" +var customDockerConfig = "{}" func NewInstance(e resourceslocal.Environment, args VMArgs, opts ...pulumi.ResourceOption) (address pulumi.StringOutput, user string, port int, err error) { interpreter := []string{"/bin/bash", "-c"}