From 3e1b9146f7961e73e394cefd5ccf29949d1afaee Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 17:47:49 +0100 Subject: [PATCH 1/9] cli: podman pull --decryption-key use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/images/pull.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/images/pull.go b/cmd/podman/images/pull.go index 4604565e2d..2bcfd2055c 100644 --- a/cmd/podman/images/pull.go +++ b/cmd/podman/images/pull.go @@ -110,7 +110,7 @@ func pullFlags(cmd *cobra.Command) { _ = cmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault) decryptionKeysFlagName := "decryption-key" - flags.StringSliceVar(&pullOptions.DecryptionKeys, decryptionKeysFlagName, nil, "Key needed to decrypt the image (e.g. /path/to/key.pem)") + flags.StringArrayVar(&pullOptions.DecryptionKeys, decryptionKeysFlagName, nil, "Key needed to decrypt the image (e.g. /path/to/key.pem)") _ = cmd.RegisterFlagCompletionFunc(decryptionKeysFlagName, completion.AutocompleteDefault) if registry.IsRemote() { From cdb178e954f9c6457952820508360658c57dc648 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 17:48:42 +0100 Subject: [PATCH 2/9] cli: podman push --encryption-key use StringArray() This option accepts a file path so we should allow commas in it. Also add tests for --decryption-key Signed-off-by: Paul Holzinger --- cmd/podman/images/push.go | 2 +- test/e2e/pull_test.go | 2 +- test/e2e/run_test.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go index 6d22a61032..168411328f 100644 --- a/cmd/podman/images/push.go +++ b/cmd/podman/images/push.go @@ -138,7 +138,7 @@ func pushFlags(cmd *cobra.Command) { _ = cmd.RegisterFlagCompletionFunc(compLevel, completion.AutocompleteNone) encryptionKeysFlagName := "encryption-key" - flags.StringSliceVar(&pushOptions.EncryptionKeys, encryptionKeysFlagName, nil, "Key with the encryption protocol to use to encrypt the image (e.g. jwe:/path/to/key.pem)") + flags.StringArrayVar(&pushOptions.EncryptionKeys, encryptionKeysFlagName, nil, "Key with the encryption protocol to use to encrypt the image (e.g. jwe:/path/to/key.pem)") _ = cmd.RegisterFlagCompletionFunc(encryptionKeysFlagName, completion.AutocompleteDefault) encryptLayersFlagName := "encrypt-layer" diff --git a/test/e2e/pull_test.go b/test/e2e/pull_test.go index 9a3b5f049f..465786917f 100644 --- a/test/e2e/pull_test.go +++ b/test/e2e/pull_test.go @@ -612,7 +612,7 @@ var _ = Describe("Podman pull", func() { decryptionTestHelper := func(imgPath string) *PodmanSessionIntegration { bitSize := 1024 - keyFileName := filepath.Join(podmanTest.TempDir, "key") + keyFileName := filepath.Join(podmanTest.TempDir, "key,withcomma") publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize) Expect(err).ToNot(HaveOccurred()) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index f07ece51cf..b42b2b661c 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -2152,7 +2152,7 @@ WORKDIR /madethis`, BB) } bitSize := 1024 - keyFileName := filepath.Join(podmanTest.TempDir, "key") + keyFileName := filepath.Join(podmanTest.TempDir, "key,withcomma") publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize) Expect(err).ToNot(HaveOccurred()) From 47b65086eef71d0c303c8c5814e1f5c2854f2051 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 17:54:05 +0100 Subject: [PATCH 3/9] cli: podman image trust set --pubkeysfile use StringArray() This option accepts a file path so we should allow commas in it. There ar eno tests for this option, I have no idea what this option does nor how to use it so I cannot write one. Signed-off-by: Paul Holzinger --- cmd/podman/images/trust_set.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/images/trust_set.go b/cmd/podman/images/trust_set.go index e7339f0b18..2ed91d9c46 100644 --- a/cmd/podman/images/trust_set.go +++ b/cmd/podman/images/trust_set.go @@ -41,7 +41,7 @@ func init() { _ = setFlags.MarkHidden("policypath") pubkeysfileFlagName := "pubkeysfile" - setFlags.StringSliceVarP(&setOptions.PubKeysFile, pubkeysfileFlagName, "f", []string{}, `Path of installed public key(s) to trust for TARGET. + setFlags.StringArrayVarP(&setOptions.PubKeysFile, pubkeysfileFlagName, "f", []string{}, `Path of installed public key(s) to trust for TARGET. Absolute path to keys is added to policy.json. May used multiple times to define multiple public keys. File(s) must exist before using this command`) From e916f49f0bf303ecd4b4ab59317b83d7a0424f06 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:01:29 +0100 Subject: [PATCH 4/9] cli: podman kube play --annotation use StringArray() This option accepts arbitrary input so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/kube/play.go | 2 +- test/system/700-play.bats | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/cmd/podman/kube/play.go b/cmd/podman/kube/play.go index 8ca7354dc6..3de89ab31d 100644 --- a/cmd/podman/kube/play.go +++ b/cmd/podman/kube/play.go @@ -98,7 +98,7 @@ func playFlags(cmd *cobra.Command) { flags.SetNormalizeFunc(utils.AliasFlags) annotationFlagName := "annotation" - flags.StringSliceVar( + flags.StringArrayVar( &playOptions.annotations, annotationFlagName, []string{}, "Add annotations to pods (key=value)", diff --git a/test/system/700-play.bats b/test/system/700-play.bats index bb8d85ff4b..d3bf0eddef 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -435,11 +435,14 @@ _EOF @test "podman kube --annotation" { TESTDIR=$PODMAN_TMPDIR/testdir RANDOMSTRING=$(random_string 15) + ANNOTATION_WITH_COMMA="comma,$(random_string 5)" mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman kube play --annotation "name=$RANDOMSTRING" $PODMAN_TMPDIR/test.yaml + run_podman kube play --annotation "name=$RANDOMSTRING" \ + --annotation "anno=$ANNOTATION_WITH_COMMA" $PODMAN_TMPDIR/test.yaml run_podman inspect --format "{{ .Config.Annotations }}" test_pod-test is "$output" ".*name:$RANDOMSTRING" "Annotation should be added to pod" + is "$output" ".*anno:$ANNOTATION_WITH_COMMA" "Annotation with comma should be added to pod" run_podman stop -a -t 0 run_podman pod rm -t 0 -f test_pod From 48ab4aec31e6e9db162e6d9bfd32f61a6f367a38 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:05:45 +0100 Subject: [PATCH 5/9] podman kube play: fix broken annotation parsing If a user did not set an equal sign in the annotation that old code would panic when accessing the second element in the slice. Signed-off-by: Paul Holzinger --- cmd/podman/kube/play.go | 2 +- test/system/700-play.bats | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cmd/podman/kube/play.go b/cmd/podman/kube/play.go index 3de89ab31d..59643fc635 100644 --- a/cmd/podman/kube/play.go +++ b/cmd/podman/kube/play.go @@ -239,7 +239,7 @@ func play(cmd *cobra.Command, args []string) error { for _, annotation := range playOptions.annotations { splitN := strings.SplitN(annotation, "=", 2) - if len(splitN) > 2 { + if len(splitN) != 2 { return fmt.Errorf("annotation %q must include an '=' sign", annotation) } if playOptions.Annotations == nil { diff --git a/test/system/700-play.bats b/test/system/700-play.bats index d3bf0eddef..ee507cf176 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -444,6 +444,10 @@ _EOF is "$output" ".*name:$RANDOMSTRING" "Annotation should be added to pod" is "$output" ".*anno:$ANNOTATION_WITH_COMMA" "Annotation with comma should be added to pod" + # invalid annotation + run_podman 125 kube play --annotation "val" $PODMAN_TMPDIR/test.yaml + assert "$output" == "Error: annotation \"val\" must include an '=' sign" "invalid annotation error" + run_podman stop -a -t 0 run_podman pod rm -t 0 -f test_pod } From 2be4b007b08283fc8a1a98a4d56ec88dcc52a181 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:11:52 +0100 Subject: [PATCH 6/9] cli: podman kube play --log-opt use StringArray() This option accepts arbitrary input so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/kube/play.go | 2 +- test/e2e/play_kube_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/kube/play.go b/cmd/podman/kube/play.go index 59643fc635..3a8358063f 100644 --- a/cmd/podman/kube/play.go +++ b/cmd/podman/kube/play.go @@ -124,7 +124,7 @@ func playFlags(cmd *cobra.Command) { _ = cmd.RegisterFlagCompletionFunc(logDriverFlagName, common.AutocompleteLogDriver) logOptFlagName := "log-opt" - flags.StringSliceVar( + flags.StringArrayVar( &playOptions.LogOptions, logOptFlagName, []string{}, "Logging driver options", diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index 77aed75e86..8581af4384 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -4886,7 +4886,7 @@ ENV OPENJ9_JAVA_OPTIONS=%q err := generateKubeYaml("pod", pod, kubeYaml) Expect(err).ToNot(HaveOccurred()) - kube := podmanTest.Podman([]string{"kube", "play", kubeYaml, "--log-driver", "journald", "--log-opt", "tag={{.ImageName}}"}) + kube := podmanTest.Podman([]string{"kube", "play", kubeYaml, "--log-driver", "journald", "--log-opt", "tag={{.ImageName}},withcomma"}) kube.WaitWithDefaultTimeout() Expect(kube).Should(ExitCleanly()) @@ -4897,7 +4897,7 @@ ENV OPENJ9_JAVA_OPTIONS=%q inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod)}) inspect.WaitWithDefaultTimeout() Expect(start).Should(ExitCleanly()) - Expect((inspect.InspectContainerToJSON()[0]).HostConfig.LogConfig.Tag).To(Equal("{{.ImageName}}")) + Expect((inspect.InspectContainerToJSON()[0]).HostConfig.LogConfig.Tag).To(Equal("{{.ImageName}},withcomma")) }) It("using a user namespace", func() { From 3e10a6832829471eed0686bfc63f9e5dc8dc3c0c Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:14:34 +0100 Subject: [PATCH 7/9] cli: podman kube play --configmap use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/kube/play.go | 2 +- test/system/700-play.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/podman/kube/play.go b/cmd/podman/kube/play.go index 3a8358063f..f2d2565c88 100644 --- a/cmd/podman/kube/play.go +++ b/cmd/podman/kube/play.go @@ -165,7 +165,7 @@ func playFlags(cmd *cobra.Command) { flags.BoolVarP(&playOptions.Wait, waitFlagName, "w", false, "Clean up all objects created when a SIGTERM is received or pods exit") configmapFlagName := "configmap" - flags.StringSliceVar(&playOptions.ConfigMaps, configmapFlagName, []string{}, "`Pathname` of a YAML file containing a kubernetes configmap") + flags.StringArrayVar(&playOptions.ConfigMaps, configmapFlagName, []string{}, "`Pathname` of a YAML file containing a kubernetes configmap") _ = cmd.RegisterFlagCompletionFunc(configmapFlagName, completion.AutocompleteDefault) noTruncFlagName := "no-trunc" diff --git a/test/system/700-play.bats b/test/system/700-play.bats index ee507cf176..f5c8631ad5 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -699,7 +699,7 @@ spec: } @test "podman kube play with configmaps" { - configmap_file=${PODMAN_TMPDIR}/play_kube_configmap_configmaps$(random_string 6).yaml + configmap_file=${PODMAN_TMPDIR}/play_kube_configmap_configmaps$(random_string 6),withcomma.yaml echo " --- apiVersion: v1 From d8c3e5b3c1ce38c20b6bf9b28d8a8ad4174e1d1c Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:18:24 +0100 Subject: [PATCH 8/9] cli: podman manifest add --annotation use StringArray() This option accepts arbitrary input so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/manifest/add.go | 2 +- test/e2e/manifest_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/manifest/add.go b/cmd/podman/manifest/add.go index 490be688b9..f957ee4632 100644 --- a/cmd/podman/manifest/add.go +++ b/cmd/podman/manifest/add.go @@ -48,7 +48,7 @@ func init() { flags.BoolVar(&manifestAddOpts.All, "all", false, "add all of the list's images if the image is a list") annotationFlagName := "annotation" - flags.StringSliceVar(&manifestAddOpts.Annotation, annotationFlagName, nil, "set an `annotation` for the specified image") + flags.StringArrayVar(&manifestAddOpts.Annotation, annotationFlagName, nil, "set an `annotation` for the specified image") _ = addCmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone) archFlagName := "arch" diff --git a/test/e2e/manifest_test.go b/test/e2e/manifest_test.go index 744108dcff..7c60e67978 100644 --- a/test/e2e/manifest_test.go +++ b/test/e2e/manifest_test.go @@ -314,7 +314,7 @@ add_compression = ["zstd"]`), 0o644) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(125)) Expect(session.ErrorToString()).To(ContainSubstring("no value given for annotation")) - session = podmanTest.Podman([]string{"manifest", "add", "--annotation", "hoge=fuga", "foo", imageList}) + session = podmanTest.Podman([]string{"manifest", "add", "--annotation", "hoge=fuga", "--annotation", "key=val,withcomma", "foo", imageList}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) session = podmanTest.Podman([]string{"manifest", "inspect", "foo"}) @@ -324,7 +324,7 @@ add_compression = ["zstd"]`), 0o644) var inspect define.ManifestListData err := json.Unmarshal(session.Out.Contents(), &inspect) Expect(err).ToNot(HaveOccurred()) - Expect(inspect.Manifests[0].Annotations).To(Equal(map[string]string{"hoge": "fuga"})) + Expect(inspect.Manifests[0].Annotations).To(Equal(map[string]string{"hoge": "fuga", "key": "val,withcomma"})) }) It("add --os", func() { From 0f02e43cee0a502a664c90b1786cd293a7dfed11 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 8 Dec 2023 18:25:00 +0100 Subject: [PATCH 9/9] cli: podman manifest annotate --annotation use StringArray() This option accepts arbitrary input so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/manifest/annotate.go | 2 +- test/e2e/manifest_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/manifest/annotate.go b/cmd/podman/manifest/annotate.go index 73f1b18cbd..c628e3e0fe 100644 --- a/cmd/podman/manifest/annotate.go +++ b/cmd/podman/manifest/annotate.go @@ -31,7 +31,7 @@ func init() { flags := annotateCmd.Flags() annotationFlagName := "annotation" - flags.StringSliceVar(&manifestAnnotateOpts.Annotation, annotationFlagName, nil, "set an `annotation` for the specified image") + flags.StringArrayVar(&manifestAnnotateOpts.Annotation, annotationFlagName, nil, "set an `annotation` for the specified image") _ = annotateCmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone) archFlagName := "arch" diff --git a/test/e2e/manifest_test.go b/test/e2e/manifest_test.go index 7c60e67978..071239f4fb 100644 --- a/test/e2e/manifest_test.go +++ b/test/e2e/manifest_test.go @@ -347,7 +347,7 @@ add_compression = ["zstd"]`), 0o644) session = podmanTest.Podman([]string{"manifest", "add", "foo", imageListInstance}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) - session = podmanTest.Podman([]string{"manifest", "annotate", "--annotation", "hello=world", "--arch", "bar", "foo", imageListARM64InstanceDigest}) + session = podmanTest.Podman([]string{"manifest", "annotate", "--annotation", "hello=world,withcomma", "--arch", "bar", "foo", imageListARM64InstanceDigest}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) session = podmanTest.Podman([]string{"manifest", "inspect", "foo"}) @@ -355,7 +355,7 @@ add_compression = ["zstd"]`), 0o644) Expect(session).Should(ExitCleanly()) Expect(session.OutputToString()).To(ContainSubstring(`"architecture": "bar"`)) // Check added annotation - Expect(session.OutputToString()).To(ContainSubstring(`"hello": "world"`)) + Expect(session.OutputToString()).To(ContainSubstring(`"hello": "world,withcomma"`)) }) It("remove digest", func() {