From cb1756901403e1a7a0a1e4da1ca17295685c047c Mon Sep 17 00:00:00 2001 From: v Date: Sun, 9 Mar 2025 21:32:07 +0100 Subject: [PATCH 01/14] test quadlet --- .github/workflows/release.yml | 138 +++++++++++++++++----------------- Dockerfile | 8 ++ Makefile | 5 ++ conf/generators/.gitkeep | 0 4 files changed, 82 insertions(+), 69 deletions(-) create mode 100644 conf/generators/.gitkeep diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f051780..5559353 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,59 +34,59 @@ jobs: uname -a docker --version - - name: Build & test - run: make images test + # - name: Build & test + # run: make images test - name: Build signed archives - run: make clean multiarch-tar TAR_TARGET=signed-tar + run: make clean multiarch-tar TAR_TARGET=tar env: GPG_SIGN_KEY: ${{ secrets.GPG_SIGN_KEY }} GPG_SIGN_KEY_PASSPHRASE: ${{ secrets.GPG_SIGN_KEY_PASSPHRASE }} - - name: Log into GitHub registry - run: echo "$GITHUB_TOKEN" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - env: - GITHUB_TOKEN: ${{ github.token }} - - - name: Log into DockerHub registry - run: echo "$DOCKERHUB_TOKEN" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin - env: - DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Push images - run: | - set -eu - - GITHUB_IMAGE_REPO=ghcr.io/mgoltzsche/podman - GITHUB_IMAGE_REPO=$(echo $GITHUB_IMAGE_REPO | tr '[A-Z]' '[a-z]') - DOCKERHUB_IMAGE_REPO=docker.io/mgoltzsche/podman - - # Strip git ref prefix from version - TAGS=$(echo "$GITHUB_REF" | sed -e 's,.*/\(.*\),\1,') - # Strip "v" prefix from tag name - [[ "$GITHUB_REF" == "refs/tags/v"* ]] && TAGS=$(echo $TAGS | sed -e 's/^v//') - # Expand tags: 1.2.3 -> 1 1.2 1.2.3 - TAGS="$(echo "$TAGS" | sed -E -e 's/^((([0-9]+)\.[0-9]+)\.[0-9]+)$/\3 \2 \1/')" - - for IMAGE in $PODMAN_REMOTE_IMAGE $PODMAN_IMAGE $PODMAN_MINIMAL_IMAGE; do - TAG_SUFFIX=$(echo $IMAGE | sed -E -e 's/^([^-]+)//') - LATEST_TAG="$([ "$TAG_SUFFIX" ] && echo $TAG_SUFFIX | sed -E -e 's/^-//' || echo latest)" - [ "$TAGS" == "master" ] && IMAGE_TAGS="$LATEST_TAG" || IMAGE_TAGS="$LATEST_TAG $TAGS" - TAG_OPTS= - printf 'Pushing image tags: ' - for TAG in $IMAGE_TAGS; do - [ "$TAG" = "$LATEST_TAG" ] || TAG="${TAG}${TAG_SUFFIX}" - TAG_OPTS="$TAG_OPTS -t $DOCKERHUB_IMAGE_REPO:$TAG -t $GITHUB_IMAGE_REPO:$TAG" - printf ' %s' "$TAG" - done - echo - echo "Pushing $IMAGE image to $DOCKERHUB_IMAGE_REPO and $GITHUB_IMAGE_REPO" - make "$IMAGE" PODMAN_BUILD_OPTS="$TAG_OPTS" PODMAN_MINIMAL_BUILD_OPTS="$TAG_OPTS" PODMAN_REMOTE_BUILD_OPTS="$TAG_OPTS" - done - env: - BUILDX_OUTPUT: type=registry - PLATFORM: linux/arm64/v8,linux/amd64 - GITHUB_REF: ${{ github.ref }} + # - name: Log into GitHub registry + # run: echo "$GITHUB_TOKEN" | docker login ghcr.io -u ${{ github.actor }} --password-stdin + # env: + # GITHUB_TOKEN: ${{ github.token }} + + # - name: Log into DockerHub registry + # run: echo "$DOCKERHUB_TOKEN" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin + # env: + # DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + + # - name: Push images + # run: | + # set -eu + + # GITHUB_IMAGE_REPO=ghcr.io/mgoltzsche/podman + # GITHUB_IMAGE_REPO=$(echo $GITHUB_IMAGE_REPO | tr '[A-Z]' '[a-z]') + # DOCKERHUB_IMAGE_REPO=docker.io/mgoltzsche/podman + + # # Strip git ref prefix from version + # TAGS=$(echo "$GITHUB_REF" | sed -e 's,.*/\(.*\),\1,') + # # Strip "v" prefix from tag name + # [[ "$GITHUB_REF" == "refs/tags/v"* ]] && TAGS=$(echo $TAGS | sed -e 's/^v//') + # # Expand tags: 1.2.3 -> 1 1.2 1.2.3 + # TAGS="$(echo "$TAGS" | sed -E -e 's/^((([0-9]+)\.[0-9]+)\.[0-9]+)$/\3 \2 \1/')" + + # for IMAGE in $PODMAN_REMOTE_IMAGE $PODMAN_IMAGE $PODMAN_MINIMAL_IMAGE; do + # TAG_SUFFIX=$(echo $IMAGE | sed -E -e 's/^([^-]+)//') + # LATEST_TAG="$([ "$TAG_SUFFIX" ] && echo $TAG_SUFFIX | sed -E -e 's/^-//' || echo latest)" + # [ "$TAGS" == "master" ] && IMAGE_TAGS="$LATEST_TAG" || IMAGE_TAGS="$LATEST_TAG $TAGS" + # TAG_OPTS= + # printf 'Pushing image tags: ' + # for TAG in $IMAGE_TAGS; do + # [ "$TAG" = "$LATEST_TAG" ] || TAG="${TAG}${TAG_SUFFIX}" + # TAG_OPTS="$TAG_OPTS -t $DOCKERHUB_IMAGE_REPO:$TAG -t $GITHUB_IMAGE_REPO:$TAG" + # printf ' %s' "$TAG" + # done + # echo + # echo "Pushing $IMAGE image to $DOCKERHUB_IMAGE_REPO and $GITHUB_IMAGE_REPO" + # make "$IMAGE" PODMAN_BUILD_OPTS="$TAG_OPTS" PODMAN_MINIMAL_BUILD_OPTS="$TAG_OPTS" PODMAN_REMOTE_BUILD_OPTS="$TAG_OPTS" + # done + # env: + # BUILDX_OUTPUT: type=registry + # PLATFORM: linux/arm64/v8,linux/amd64 + # GITHUB_REF: ${{ github.ref }} - name: Create release if: github.ref != 'refs/heads/master' @@ -100,17 +100,17 @@ jobs: draft: false prerelease: true - - name: Upload arm64 archive signature - if: github.ref != 'refs/heads/master' - id: upload-arm64-archive-signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps - asset_path: ./build/asset/podman-linux-arm64.tar.gz.asc - asset_name: podman-linux-arm64.tar.gz.asc - asset_content_type: application/octet-stream + # - name: Upload arm64 archive signature + # if: github.ref != 'refs/heads/master' + # id: upload-arm64-archive-signature + # uses: actions/upload-release-asset@v1 + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # with: + # upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps + # asset_path: ./build/asset/podman-linux-arm64.tar.gz.asc + # asset_name: podman-linux-arm64.tar.gz.asc + # asset_content_type: application/octet-stream - name: Upload arm64 archive if: github.ref != 'refs/heads/master' @@ -124,17 +124,17 @@ jobs: asset_name: podman-linux-arm64.tar.gz asset_content_type: application/octet-stream - - name: Upload amd64 archive signature - if: github.ref != 'refs/heads/master' - id: upload-amd64-archive-signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps - asset_path: ./build/asset/podman-linux-amd64.tar.gz.asc - asset_name: podman-linux-amd64.tar.gz.asc - asset_content_type: application/octet-stream + # - name: Upload amd64 archive signature + # if: github.ref != 'refs/heads/master' + # id: upload-amd64-archive-signature + # uses: actions/upload-release-asset@v1 + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # with: + # upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps + # asset_path: ./build/asset/podman-linux-amd64.tar.gz.asc + # asset_name: podman-linux-amd64.tar.gz.asc + # asset_content_type: application/octet-stream - name: Upload amd64 archive if: github.ref != 'refs/heads/master' diff --git a/Dockerfile b/Dockerfile index 228170d..da329dd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -42,6 +42,13 @@ RUN set -ex; \ mv bin/podman /usr/local/bin/podman; \ podman --help >/dev/null; \ ! ldd /usr/local/bin/podman +RUN set -ex; \ +# overwrites the default bin directory so quadlet looks for the podman binary in /usr/local/bin + export LDFLAGS_QUADLET="-X github.com/containers/podman/v5/pkg/systemd/quadlet._binDir=/usr/local/bin"; \ + CGO_ENABLED=0 make bin/quadlet LDFLAGS_PODMAN="-s -w -extldflags '-static' ${LDFLAGS_QUADLET}" BUILDTAGS='${PODMAN_BUILDTAGS}'; \ + mkdir -p /usr/local/libexec/podman; \ + mv bin/quadlet /usr/local/libexec/podman/quadlet; \ + ! ldd /usr/local/libexec/podman/quadlet RUN set -ex; \ CGO_ENABLED=0 make bin/rootlessport BUILDFLAGS=" -mod=vendor -ldflags=\"-s -w -extldflags '-static'\""; \ mkdir -p /usr/local/lib/podman; \ @@ -155,6 +162,7 @@ LABEL maintainer="Max Goltzsche " RUN apk add --no-cache tzdata ca-certificates COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon COPY --from=podman /usr/local/lib/podman/rootlessport /usr/local/lib/podman/rootlessport +COPY --from=podman /usr/local/libexec/podman/quadlet /usr/local/libexec/podman/quadlet COPY --from=podman /usr/local/bin/podman /usr/local/bin/podman COPY --from=passt /passt/bin/ /usr/local/bin/ COPY --from=netavark /netavark/target/release/netavark /usr/local/lib/podman/netavark diff --git a/Makefile b/Makefile index 2a95c99..025fc76 100644 --- a/Makefile +++ b/Makefile @@ -114,8 +114,13 @@ tar: .podman-from-container .podman-from-container: podman rm -rf $(ASSET_DIR) mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/local + mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/lib/systemd/user-generators/ + mkdir -p $(ASSET_DIR)/etc $(ASSET_DIR)/usr/lib/systemd/system-generators/ cp -r $(IMAGE_ROOTFS)/etc/containers $(ASSET_DIR)/etc/containers cp -r $(IMAGE_ROOTFS)/usr/local/lib $(ASSET_DIR)/usr/local/lib + cp -r $(IMAGE_ROOTFS)/usr/local/libexec $(ASSET_DIR)/usr/local/libexec + ln -s ../../../local/libexec/podman/quadlet $(ASSET_DIR)/usr/lib/systemd/user-generators/podman-user-generator + ln -s ../../../local/libexec/podman/quadlet $(ASSET_DIR)/usr/lib/systemd/system-generators/podman-system-generator cp -r $(IMAGE_ROOTFS)/usr/local/bin $(ASSET_DIR)/usr/local/bin cp README.md $(ASSET_DIR)/ diff --git a/conf/generators/.gitkeep b/conf/generators/.gitkeep new file mode 100644 index 0000000..e69de29 From 3ec7d5afa071bd94cafc9e60eff54bd6f7003dc5 Mon Sep 17 00:00:00 2001 From: v Date: Mon, 10 Mar 2025 22:09:22 +0100 Subject: [PATCH 02/14] revert release.yml --- .github/workflows/release.yml | 138 +++++++++++++++++----------------- 1 file changed, 69 insertions(+), 69 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5559353..f051780 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,59 +34,59 @@ jobs: uname -a docker --version - # - name: Build & test - # run: make images test + - name: Build & test + run: make images test - name: Build signed archives - run: make clean multiarch-tar TAR_TARGET=tar + run: make clean multiarch-tar TAR_TARGET=signed-tar env: GPG_SIGN_KEY: ${{ secrets.GPG_SIGN_KEY }} GPG_SIGN_KEY_PASSPHRASE: ${{ secrets.GPG_SIGN_KEY_PASSPHRASE }} - # - name: Log into GitHub registry - # run: echo "$GITHUB_TOKEN" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - # env: - # GITHUB_TOKEN: ${{ github.token }} - - # - name: Log into DockerHub registry - # run: echo "$DOCKERHUB_TOKEN" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin - # env: - # DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} - - # - name: Push images - # run: | - # set -eu - - # GITHUB_IMAGE_REPO=ghcr.io/mgoltzsche/podman - # GITHUB_IMAGE_REPO=$(echo $GITHUB_IMAGE_REPO | tr '[A-Z]' '[a-z]') - # DOCKERHUB_IMAGE_REPO=docker.io/mgoltzsche/podman - - # # Strip git ref prefix from version - # TAGS=$(echo "$GITHUB_REF" | sed -e 's,.*/\(.*\),\1,') - # # Strip "v" prefix from tag name - # [[ "$GITHUB_REF" == "refs/tags/v"* ]] && TAGS=$(echo $TAGS | sed -e 's/^v//') - # # Expand tags: 1.2.3 -> 1 1.2 1.2.3 - # TAGS="$(echo "$TAGS" | sed -E -e 's/^((([0-9]+)\.[0-9]+)\.[0-9]+)$/\3 \2 \1/')" - - # for IMAGE in $PODMAN_REMOTE_IMAGE $PODMAN_IMAGE $PODMAN_MINIMAL_IMAGE; do - # TAG_SUFFIX=$(echo $IMAGE | sed -E -e 's/^([^-]+)//') - # LATEST_TAG="$([ "$TAG_SUFFIX" ] && echo $TAG_SUFFIX | sed -E -e 's/^-//' || echo latest)" - # [ "$TAGS" == "master" ] && IMAGE_TAGS="$LATEST_TAG" || IMAGE_TAGS="$LATEST_TAG $TAGS" - # TAG_OPTS= - # printf 'Pushing image tags: ' - # for TAG in $IMAGE_TAGS; do - # [ "$TAG" = "$LATEST_TAG" ] || TAG="${TAG}${TAG_SUFFIX}" - # TAG_OPTS="$TAG_OPTS -t $DOCKERHUB_IMAGE_REPO:$TAG -t $GITHUB_IMAGE_REPO:$TAG" - # printf ' %s' "$TAG" - # done - # echo - # echo "Pushing $IMAGE image to $DOCKERHUB_IMAGE_REPO and $GITHUB_IMAGE_REPO" - # make "$IMAGE" PODMAN_BUILD_OPTS="$TAG_OPTS" PODMAN_MINIMAL_BUILD_OPTS="$TAG_OPTS" PODMAN_REMOTE_BUILD_OPTS="$TAG_OPTS" - # done - # env: - # BUILDX_OUTPUT: type=registry - # PLATFORM: linux/arm64/v8,linux/amd64 - # GITHUB_REF: ${{ github.ref }} + - name: Log into GitHub registry + run: echo "$GITHUB_TOKEN" | docker login ghcr.io -u ${{ github.actor }} --password-stdin + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: Log into DockerHub registry + run: echo "$DOCKERHUB_TOKEN" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin + env: + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Push images + run: | + set -eu + + GITHUB_IMAGE_REPO=ghcr.io/mgoltzsche/podman + GITHUB_IMAGE_REPO=$(echo $GITHUB_IMAGE_REPO | tr '[A-Z]' '[a-z]') + DOCKERHUB_IMAGE_REPO=docker.io/mgoltzsche/podman + + # Strip git ref prefix from version + TAGS=$(echo "$GITHUB_REF" | sed -e 's,.*/\(.*\),\1,') + # Strip "v" prefix from tag name + [[ "$GITHUB_REF" == "refs/tags/v"* ]] && TAGS=$(echo $TAGS | sed -e 's/^v//') + # Expand tags: 1.2.3 -> 1 1.2 1.2.3 + TAGS="$(echo "$TAGS" | sed -E -e 's/^((([0-9]+)\.[0-9]+)\.[0-9]+)$/\3 \2 \1/')" + + for IMAGE in $PODMAN_REMOTE_IMAGE $PODMAN_IMAGE $PODMAN_MINIMAL_IMAGE; do + TAG_SUFFIX=$(echo $IMAGE | sed -E -e 's/^([^-]+)//') + LATEST_TAG="$([ "$TAG_SUFFIX" ] && echo $TAG_SUFFIX | sed -E -e 's/^-//' || echo latest)" + [ "$TAGS" == "master" ] && IMAGE_TAGS="$LATEST_TAG" || IMAGE_TAGS="$LATEST_TAG $TAGS" + TAG_OPTS= + printf 'Pushing image tags: ' + for TAG in $IMAGE_TAGS; do + [ "$TAG" = "$LATEST_TAG" ] || TAG="${TAG}${TAG_SUFFIX}" + TAG_OPTS="$TAG_OPTS -t $DOCKERHUB_IMAGE_REPO:$TAG -t $GITHUB_IMAGE_REPO:$TAG" + printf ' %s' "$TAG" + done + echo + echo "Pushing $IMAGE image to $DOCKERHUB_IMAGE_REPO and $GITHUB_IMAGE_REPO" + make "$IMAGE" PODMAN_BUILD_OPTS="$TAG_OPTS" PODMAN_MINIMAL_BUILD_OPTS="$TAG_OPTS" PODMAN_REMOTE_BUILD_OPTS="$TAG_OPTS" + done + env: + BUILDX_OUTPUT: type=registry + PLATFORM: linux/arm64/v8,linux/amd64 + GITHUB_REF: ${{ github.ref }} - name: Create release if: github.ref != 'refs/heads/master' @@ -100,17 +100,17 @@ jobs: draft: false prerelease: true - # - name: Upload arm64 archive signature - # if: github.ref != 'refs/heads/master' - # id: upload-arm64-archive-signature - # uses: actions/upload-release-asset@v1 - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # with: - # upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps - # asset_path: ./build/asset/podman-linux-arm64.tar.gz.asc - # asset_name: podman-linux-arm64.tar.gz.asc - # asset_content_type: application/octet-stream + - name: Upload arm64 archive signature + if: github.ref != 'refs/heads/master' + id: upload-arm64-archive-signature + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps + asset_path: ./build/asset/podman-linux-arm64.tar.gz.asc + asset_name: podman-linux-arm64.tar.gz.asc + asset_content_type: application/octet-stream - name: Upload arm64 archive if: github.ref != 'refs/heads/master' @@ -124,17 +124,17 @@ jobs: asset_name: podman-linux-arm64.tar.gz asset_content_type: application/octet-stream - # - name: Upload amd64 archive signature - # if: github.ref != 'refs/heads/master' - # id: upload-amd64-archive-signature - # uses: actions/upload-release-asset@v1 - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # with: - # upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps - # asset_path: ./build/asset/podman-linux-amd64.tar.gz.asc - # asset_name: podman-linux-amd64.tar.gz.asc - # asset_content_type: application/octet-stream + - name: Upload amd64 archive signature + if: github.ref != 'refs/heads/master' + id: upload-amd64-archive-signature + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps + asset_path: ./build/asset/podman-linux-amd64.tar.gz.asc + asset_name: podman-linux-amd64.tar.gz.asc + asset_content_type: application/octet-stream - name: Upload amd64 archive if: github.ref != 'refs/heads/master' From de1715df04a862f6ccd1981c125f0f5acc85799e Mon Sep 17 00:00:00 2001 From: v Date: Mon, 10 Mar 2025 23:27:34 +0100 Subject: [PATCH 03/14] quadlet in podmanall only --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index da329dd..5899bb5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -162,7 +162,6 @@ LABEL maintainer="Max Goltzsche " RUN apk add --no-cache tzdata ca-certificates COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon COPY --from=podman /usr/local/lib/podman/rootlessport /usr/local/lib/podman/rootlessport -COPY --from=podman /usr/local/libexec/podman/quadlet /usr/local/libexec/podman/quadlet COPY --from=podman /usr/local/bin/podman /usr/local/bin/podman COPY --from=passt /passt/bin/ /usr/local/bin/ COPY --from=netavark /netavark/target/release/netavark /usr/local/lib/podman/netavark @@ -196,6 +195,7 @@ COPY conf/crun-containers.conf /etc/containers/containers.conf FROM rootlesspodmanbase AS podmanall RUN apk add --no-cache iptables ip6tables COPY --from=catatonit /catatonit/catatonit /usr/local/lib/podman/catatonit +COPY --from=podman /usr/local/libexec/podman/quadlet /usr/local/libexec/podman/quadlet COPY --from=runc /usr/local/bin/runc /usr/local/bin/runc COPY --from=aardvark-dns /aardvark-dns/target/release/aardvark-dns /usr/local/lib/podman/aardvark-dns COPY --from=podman /etc/containers/seccomp.json /etc/containers/seccomp.json From 9f86e36ccec86c36fbf1cc3e330baf8b74f2914c Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 20:34:52 +0100 Subject: [PATCH 04/14] tests --- test/quadlet/hello_world.container | 19 +++++++++++++++++++ test/rootful.bats | 22 ++++++++++++++++++++++ test/rootless.bats | 22 ++++++++++++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 test/quadlet/hello_world.container diff --git a/test/quadlet/hello_world.container b/test/quadlet/hello_world.container new file mode 100644 index 0000000..893bc6e --- /dev/null +++ b/test/quadlet/hello_world.container @@ -0,0 +1,19 @@ +[Unit] +Description=hello_world +After=local-fs.target + +[Container] +Image=docker.io/hello-world +ContainerName=hello_world + +# Network +PublishPort=8080:8080 + +# Environment +Environment=HELLO=WORLD + +[Service] +Restart=on-failure + +[Install] +WantedBy=multi-user.target default.target diff --git a/test/rootful.bats b/test/rootful.bats index 8552c58..29ce7fc 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -38,3 +38,25 @@ skipIfDockerUnavailableAndNotRunAsRoot() { skipIfDockerUnavailableAndNotRunAsRoot testPortForwarding -u root:root -v "$PODMAN_ROOT_DATA_DIR:/var/lib/containers/storage" "${PODMAN_IMAGE}" } + +@test "$TEST_PREFIX quedlet - generate service" { + if [ "${TEST_SKIP_QUADLET:-}" = true ]; then + skip "TEST_SKIP_QUADLET=true" + fi + $DOCKER run --rm -u podman:podman \ + -v "./quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ + --pull=never "${PODMAN_IMAGE}" \ + quadlet -dryrun > $PODMAN_ROOT_DATA_DIR/test.service + + expected_values=( + "--name hello_world" + "--publish 8080:8080" + "--env HELLO=WORLD" + "docker.io/hello-world" + ) + + for value in "${expected_values[@]}"; do + run grep -q "$value" "$PODMAN_ROOT_DATA_DIR/test.service" + [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" + done +} \ No newline at end of file diff --git a/test/rootless.bats b/test/rootless.bats index 4aa7c41..855cf7c 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -66,3 +66,25 @@ teardown_file() { --pull=never "${PODMAN_IMAGE}" \ podman play kube /pod.yaml } + +@test "$TEST_PREFIX quedlet - generate service" { + if [ "${TEST_SKIP_QUADLET:-}" = true ]; then + skip "TEST_SKIP_QUADLET=true" + fi + $DOCKER run --rm -u podman:podman \ + -v "./quadlet/hello_world.container:/podman/.config/containers/systemd/hello_world.container" \ + --pull=never "${PODMAN_IMAGE}" \ + quadlet -dryrun -user > $PODMAN_ROOT_DATA_DIR/test.service + + expected_values=( + "--name hello_world" + "--publish 8080:8080" + "--env HELLO=WORLD" + "docker.io/hello-world" + ) + + for value in "${expected_values[@]}"; do + run grep -q "$value" "$PODMAN_ROOT_DATA_DIR/test.service" + [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" + done +} \ No newline at end of file From b05759c940385d0594aa319b0334c7aee7d1a178 Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 21:24:45 +0100 Subject: [PATCH 05/14] updated readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 0739055..44276a8 100644 --- a/README.md +++ b/README.md @@ -148,4 +148,5 @@ sudo rm -rf /usr/lib/systemd/system/podman* sudo rm -rf /usr/lib/systemd/user/podman* sudo rm -rf /usr/local/bin/{crun,fuse-overlayfs,fusermount3,pasta,pasta.avx2,podman,runc} sudo rm -rf /usr/local/lib/podman +sudo rm -rf /usr/local/libexec/podman ``` From 5eeba4d719af22ca721b4e0eb27d764a67a0737b Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 21:37:32 +0100 Subject: [PATCH 06/14] quadlet tests need full path --- test/rootful.bats | 2 +- test/rootless.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/rootful.bats b/test/rootful.bats index 29ce7fc..5583e63 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -46,7 +46,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { $DOCKER run --rm -u podman:podman \ -v "./quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ --pull=never "${PODMAN_IMAGE}" \ - quadlet -dryrun > $PODMAN_ROOT_DATA_DIR/test.service + /usr/local/libexec/podman/quadlet -dryrun > $PODMAN_ROOT_DATA_DIR/test.service expected_values=( "--name hello_world" diff --git a/test/rootless.bats b/test/rootless.bats index 855cf7c..5201f76 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -74,7 +74,7 @@ teardown_file() { $DOCKER run --rm -u podman:podman \ -v "./quadlet/hello_world.container:/podman/.config/containers/systemd/hello_world.container" \ --pull=never "${PODMAN_IMAGE}" \ - quadlet -dryrun -user > $PODMAN_ROOT_DATA_DIR/test.service + /usr/local/libexec/podman/quadlet -dryrun -user > $PODMAN_ROOT_DATA_DIR/test.service expected_values=( "--name hello_world" From a9f08854509a9a3e6f346a65d2c7bfc3f857abec Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 21:52:40 +0100 Subject: [PATCH 07/14] fixed path to quadled container file --- test/rootful.bats | 2 +- test/rootless.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/rootful.bats b/test/rootful.bats index 5583e63..4c900f4 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -44,7 +44,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { skip "TEST_SKIP_QUADLET=true" fi $DOCKER run --rm -u podman:podman \ - -v "./quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ + -v "$BATS_TEST_DIRNAME/quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ --pull=never "${PODMAN_IMAGE}" \ /usr/local/libexec/podman/quadlet -dryrun > $PODMAN_ROOT_DATA_DIR/test.service diff --git a/test/rootless.bats b/test/rootless.bats index 5201f76..f12408d 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -72,7 +72,7 @@ teardown_file() { skip "TEST_SKIP_QUADLET=true" fi $DOCKER run --rm -u podman:podman \ - -v "./quadlet/hello_world.container:/podman/.config/containers/systemd/hello_world.container" \ + -v "$BATS_TEST_DIRNAME/quadlet/hello_world.container:/podman/.config/containers/systemd/hello_world.container" \ --pull=never "${PODMAN_IMAGE}" \ /usr/local/libexec/podman/quadlet -dryrun -user > $PODMAN_ROOT_DATA_DIR/test.service From 5f7c06db712543632acd0715972252d3e555bdd2 Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 22:15:29 +0100 Subject: [PATCH 08/14] fix grep test --- test/rootful.bats | 2 +- test/rootless.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/rootful.bats b/test/rootful.bats index 4c900f4..99f74cf 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -56,7 +56,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { ) for value in "${expected_values[@]}"; do - run grep -q "$value" "$PODMAN_ROOT_DATA_DIR/test.service" + run grep -q -- "$value" "$PODMAN_ROOT_DATA_DIR/test.service" [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" done } \ No newline at end of file diff --git a/test/rootless.bats b/test/rootless.bats index f12408d..91e581b 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -84,7 +84,7 @@ teardown_file() { ) for value in "${expected_values[@]}"; do - run grep -q "$value" "$PODMAN_ROOT_DATA_DIR/test.service" + run grep -q -- "$value" "$PODMAN_ROOT_DATA_DIR/test.service" [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" done } \ No newline at end of file From 875e6d6e39f32875a0ac166ff21cc58baf2bf1bf Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 22:31:17 +0100 Subject: [PATCH 09/14] change test.service path for rootful --- test/rootful.bats | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/rootful.bats b/test/rootful.bats index 99f74cf..94c0c7d 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -46,7 +46,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { $DOCKER run --rm -u podman:podman \ -v "$BATS_TEST_DIRNAME/quadlet/hello_world.container:/etc/containers/systemd/hello_world.container" \ --pull=never "${PODMAN_IMAGE}" \ - /usr/local/libexec/podman/quadlet -dryrun > $PODMAN_ROOT_DATA_DIR/test.service + /usr/local/libexec/podman/quadlet -dryrun > /tmp/test.service # this goes to tmp because we are not root below expected_values=( "--name hello_world" From 765bcc7e4940c85e1e4e56c65c091ab5f0c42b4c Mon Sep 17 00:00:00 2001 From: v Date: Tue, 11 Mar 2025 22:44:56 +0100 Subject: [PATCH 10/14] change test.service path for rootful --- test/rootful.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/rootful.bats b/test/rootful.bats index 94c0c7d..9e18c54 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -56,7 +56,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { ) for value in "${expected_values[@]}"; do - run grep -q -- "$value" "$PODMAN_ROOT_DATA_DIR/test.service" - [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" + run grep -q -- "$value" "/tmp/test.service" + [ "$status" -eq 0 ] || fail "Expected '$value' not found in /tmp/test.service" done } \ No newline at end of file From 85922ad0a886068113bf4f1c79a5c8192cc024ba Mon Sep 17 00:00:00 2001 From: v Date: Wed, 12 Mar 2025 00:16:08 +0100 Subject: [PATCH 11/14] fix type --- test/rootful.bats | 2 +- test/rootless.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/rootful.bats b/test/rootful.bats index 9e18c54..2fa6544 100644 --- a/test/rootful.bats +++ b/test/rootful.bats @@ -39,7 +39,7 @@ skipIfDockerUnavailableAndNotRunAsRoot() { testPortForwarding -u root:root -v "$PODMAN_ROOT_DATA_DIR:/var/lib/containers/storage" "${PODMAN_IMAGE}" } -@test "$TEST_PREFIX quedlet - generate service" { +@test "$TEST_PREFIX quadlet - generate service" { if [ "${TEST_SKIP_QUADLET:-}" = true ]; then skip "TEST_SKIP_QUADLET=true" fi diff --git a/test/rootless.bats b/test/rootless.bats index 91e581b..5fdcaa5 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -67,7 +67,7 @@ teardown_file() { podman play kube /pod.yaml } -@test "$TEST_PREFIX quedlet - generate service" { +@test "$TEST_PREFIX quadlet - generate service" { if [ "${TEST_SKIP_QUADLET:-}" = true ]; then skip "TEST_SKIP_QUADLET=true" fi From c1d2cfb54ce5a1b2a70b3021ccf631715c8fe6c8 Mon Sep 17 00:00:00 2001 From: v Date: Wed, 12 Mar 2025 00:23:14 +0100 Subject: [PATCH 12/14] removed rootless quadlet test --- test/rootless.bats | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/test/rootless.bats b/test/rootless.bats index 5fdcaa5..4aa7c41 100644 --- a/test/rootless.bats +++ b/test/rootless.bats @@ -66,25 +66,3 @@ teardown_file() { --pull=never "${PODMAN_IMAGE}" \ podman play kube /pod.yaml } - -@test "$TEST_PREFIX quadlet - generate service" { - if [ "${TEST_SKIP_QUADLET:-}" = true ]; then - skip "TEST_SKIP_QUADLET=true" - fi - $DOCKER run --rm -u podman:podman \ - -v "$BATS_TEST_DIRNAME/quadlet/hello_world.container:/podman/.config/containers/systemd/hello_world.container" \ - --pull=never "${PODMAN_IMAGE}" \ - /usr/local/libexec/podman/quadlet -dryrun -user > $PODMAN_ROOT_DATA_DIR/test.service - - expected_values=( - "--name hello_world" - "--publish 8080:8080" - "--env HELLO=WORLD" - "docker.io/hello-world" - ) - - for value in "${expected_values[@]}"; do - run grep -q -- "$value" "$PODMAN_ROOT_DATA_DIR/test.service" - [ "$status" -eq 0 ] || fail "Expected '$value' not found in $PODMAN_ROOT_DATA_DIR/test.service" - done -} \ No newline at end of file From 17e897586c9596533032674233a9610df3cb89bd Mon Sep 17 00:00:00 2001 From: v Date: Wed, 12 Mar 2025 05:28:41 +0100 Subject: [PATCH 13/14] remove conf/generators/.gitkeep --- conf/generators/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 conf/generators/.gitkeep diff --git a/conf/generators/.gitkeep b/conf/generators/.gitkeep deleted file mode 100644 index e69de29..0000000 From 8cc26024f67389520af8a8778cecc4be98099d10 Mon Sep 17 00:00:00 2001 From: v Date: Wed, 12 Mar 2025 05:58:03 +0100 Subject: [PATCH 14/14] remove symlinks --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 44276a8..a0d743a 100644 --- a/README.md +++ b/README.md @@ -149,4 +149,5 @@ sudo rm -rf /usr/lib/systemd/user/podman* sudo rm -rf /usr/local/bin/{crun,fuse-overlayfs,fusermount3,pasta,pasta.avx2,podman,runc} sudo rm -rf /usr/local/lib/podman sudo rm -rf /usr/local/libexec/podman +sudo rm /usr/lib/systemd/{user,system}-generators/podman-user-generator ```