diff --git a/Dockerfile b/Dockerfile index 228170d..5899bb5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -42,6 +42,13 @@ RUN set -ex; \ mv bin/podman /usr/local/bin/podman; \ podman --help >/dev/null; \ ! ldd /usr/local/bin/podman +RUN set -ex; \ +# overwrites the default bin directory so quadlet looks for the podman binary in /usr/local/bin + export LDFLAGS_QUADLET="-X github.com/containers/podman/v5/pkg/systemd/quadlet._binDir=/usr/local/bin"; \ + CGO_ENABLED=0 make bin/quadlet LDFLAGS_PODMAN="-s -w -extldflags '-static' ${LDFLAGS_QUADLET}" BUILDTAGS='${PODMAN_BUILDTAGS}'; \ + mkdir -p /usr/local/libexec/podman; \ + mv bin/quadlet /usr/local/libexec/podman/quadlet; \ + ! ldd /usr/local/libexec/podman/quadlet RUN set -ex; \ CGO_ENABLED=0 make bin/rootlessport BUILDFLAGS=" -mod=vendor -ldflags=\"-s -w -extldflags '-static'\""; \ mkdir -p /usr/local/lib/podman; \ @@ -188,6 +195,7 @@ COPY conf/crun-containers.conf /etc/containers/containers.conf FROM rootlesspodmanbase AS podmanall RUN apk add --no-cache iptables ip6tables COPY --from=catatonit /catatonit/catatonit /usr/local/lib/podman/catatonit +COPY --from=podman /usr/local/libexec/podman/quadlet /usr/local/libexec/podman/quadlet COPY --from=runc /usr/local/bin/runc /usr/local/bin/runc COPY --from=aardvark-dns /aardvark-dns/target/release/aardvark-dns /usr/local/lib/podman/aardvark-dns COPY --from=podman /etc/containers/seccomp.json /etc/containers/seccomp.json diff --git a/Makefile b/Makefile index 2a95c99..025fc76 100644 --- a/Makefile +++ b/Makefile @@ -114,8 +114,13 @@ tar: .podman-from-container .podman-from-container: podman rm -rf $(ASSET_DIR) mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/local + mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/lib/systemd/user-generators/ + mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/lib/systemd/system-generators/ cp -r $(IMAGE_ROOTFS)/etc/containers $(ASSET_DIR)/etc/containers cp -r $(IMAGE_ROOTFS)/usr/local/lib $(ASSET_DIR)/usr/local/lib + cp -r $(IMAGE_ROOTFS)/usr/local/libexec $(ASSET_DIR)/usr/local/libexec + ln -s ../../../local/libexec/podman/quadlet $(ASSET_DIR)/usr/lib/systemd/user-generators/podman-user-generator + ln -s ../../../local/libexec/podman/quadlet $(ASSET_DIR)/usr/lib/systemd/system-generators/podman-system-generator cp -r $(IMAGE_ROOTFS)/usr/local/bin $(ASSET_DIR)/usr/local/bin cp README.md $(ASSET_DIR)/ diff --git a/README.md b/README.md index 0739055..a0d743a 100644 --- a/README.md +++ b/README.md @@ -148,4 +148,6 @@ sudo rm -rf /usr/lib/systemd/system/podman* sudo rm -rf /usr/lib/systemd/user/podman* sudo rm -rf /usr/local/bin/{crun,fuse-overlayfs,fusermount3,pasta,pasta.avx2,podman,runc} sudo rm -rf /usr/local/lib/podman +sudo rm -rf /usr/local/libexec/podman +sudo rm /usr/lib/systemd/{user,system}-generators/podman-user-generator ``` diff --git a/test/quadlet/hello_world.container b/test/quadlet/hello_world.container new file mode 100644 index 0000000..893bc6e --- /dev/null +++ b/test/quadlet/hello_world.container @@ -0,0 +1,19 @@ +[Unit] +Description=hello_world +After=local-fs.target + +[Container] +Image=docker.io/hello-world +ContainerName=hello_world + +# Network +PublishPort=8080:8080 + +# Environment +Environment=HELLO=WORLD + +[Service] +Restart=on-failure + +[Install] +WantedBy=multi-user.target default.target diff --git a/test/rootful.bats b/test/rootful.bats index 8552c58..2fa6544 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -38,3 +38,25 @@ skipIfDockerUnavailableAndNotRunAsRoot() { skipIfDockerUnavailableAndNotRunAsRoot testPortForwarding -u root:root -v "$PODMAN_ROOT_DATA_DIR:/var/lib/containers/storage" "${PODMAN_IMAGE}" } + +@test "$TEST_PREFIX quadlet - generate service" { + if [ "${TEST_SKIP_QUADLET:-}" = true ]; then + skip "TEST_SKIP_QUADLET=true" + fi + $DOCKER run --rm -u podman:podman \ + -v "$BATS_TEST_DIRNAME/quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ + --pull=never "${PODMAN_IMAGE}" \ + /usr/local/libexec/podman/quadlet -dryrun > /tmp/test.service # this goes to tmp because we are not root below + + expected_values=( + "--name hello_world" + "--publish 8080:8080" + "--env HELLO=WORLD" + "docker.io/hello-world" + ) + + for value in "${expected_values[@]}"; do + run grep -q -- "$value" "/tmp/test.service" + [ "$status" -eq 0 ] || fail "Expected '$value' not found in /tmp/test.service" + done +} \ No newline at end of file