Merge pull request #1993 from grisu48/podmansh_sh

Allow configuration of podmansh
containers · May 22, 2024 · 1a97fd1 · 1a97fd1 · packit-as-a-service · May 22, 2024
2 parents a1de641 + e41e56f
commit 1a97fd1
Show file tree

Hide file tree

Showing 6 changed files with 117 additions and 14 deletions.
diff --git a/docs/containers.conf.5.md b/docs/containers.conf.5.md
@@ -864,10 +864,6 @@ depend on the compression format used. For gzip, valid options are
 1-9, with a default of 5. For zstd, valid options are 1-20, with a
 default of 3.
 
-**podmansh_timeout**=30
-
-Number of seconds to wait for podmansh logins.
-
 ## SERVICE DESTINATION TABLE
 The `engine.service_destinations` table contains configuration options used to set up remote connections to the podman service for the podman API.
 
@@ -974,6 +970,25 @@ The default farm to use when farming out builds.
 
 Map of farms created where the key is the farm name and the value is the list of system connections.
 
+## PODMANSH TABLE
+The `podmansh` table contains configuration options used by podmansh.
+
+**shell**="/bin/sh"
+
+The shell to spawn in the container.
+The default value is `/bin/sh`.
+
+**container**="podmansh"
+
+Name of the container that podmansh joins.
+The default value is `podmansh`.
+
+**timeout**=0
+
+Number of seconds to wait for podmansh logins. This value if favoured over the deprecated field `engine.podmansh_timeout` if set.
+The default value is 30.
+
+
 # FILES
 
 **containers.conf**

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -57,6 +57,8 @@ type Config struct {
 	ConfigMaps ConfigMapConfig `toml:"configmaps"`
 	// Farms defines configurations for the buildfarm farms
 	Farms FarmConfig `toml:"farms"`
+	// Podmansh defined configurations for the podman shell
+	Podmansh PodmanshConfig `toml:"podmansh"`
 
 	loadedModules []string // only used at runtime to store which modules were loaded
 }
@@ -543,6 +545,7 @@ type EngineConfig struct {
 	// PodmanshTimeout is the number of seconds to wait for podmansh logins.
 	// In other words, the timeout for the `podmansh` container to be in running
 	// state.
+	// Deprecated: Use podmansh.Timeout instead. podmansh.Timeout has precedence.
 	PodmanshTimeout uint `toml:"podmansh_timeout,omitempty,omitzero"`
 }
 
@@ -695,6 +698,19 @@ type Destination struct {
 	IsMachine bool `json:",omitempty" toml:"is_machine,omitempty"`
 }
 
+// PodmanshConfig represents configuration for the podman shell
+type PodmanshConfig struct {
+	// Shell to start in container, default: "/bin/sh"
+	Shell string `toml:"shell,omitempty"`
+	// Name of the container the podmansh user should join
+	Container string `toml:"container,omitempty"`
+
+	// Timeout is the number of seconds to wait for podmansh logins.
+	// In other words, the timeout for the `podmansh` container to be in running
+	// state.
+	Timeout uint `toml:"timeout,omitempty,omitzero"`
+}
+
 // Consumes container image's os and arch and returns if any dedicated runtime was
 // configured otherwise returns default runtime.
 func (c *EngineConfig) ImagePlatformToRuntime(os string, arch string) string {
@@ -1207,3 +1223,13 @@ func (c *Config) FindInitBinary() (string, error) {
 	}
 	return c.FindHelperBinary(defaultInitName, true)
 }
+
+// PodmanshTimeout returns the timeout in seconds for podmansh to connect to the container.
+// Returns podmansh.Timeout if set, otherwise engine.PodmanshTimeout for backwards compatibility.
+func (c *Config) PodmanshTimeout() uint {
+	// podmansh.Timeout has precedence, if set
+	if c.Podmansh.Timeout > 0 {
+		return c.Podmansh.Timeout
+	}
+	return c.Engine.PodmanshTimeout
+}
diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -43,6 +43,9 @@ var _ = Describe("Config", func() {
 			gomega.Expect(defaultConfig.Engine.DBBackend).To(gomega.Equal(""))
 			gomega.Expect(defaultConfig.Engine.PodmanshTimeout).To(gomega.BeEquivalentTo(30))
 			gomega.Expect(defaultConfig.Engine.AddCompression.Get()).To(gomega.BeEmpty())
+			gomega.Expect(defaultConfig.Podmansh.Container).To(gomega.Equal("podmansh"))
+			gomega.Expect(defaultConfig.Podmansh.Shell).To(gomega.Equal("/bin/sh"))
+			gomega.Expect(defaultConfig.Podmansh.Timeout).To(gomega.BeEquivalentTo(0))
 
 			path, err := defaultConfig.ImageCopyTmpDir()
 			gomega.Expect(err).ToNot(gomega.HaveOccurred())
@@ -131,6 +134,33 @@ var _ = Describe("Config", func() {
 			gomega.Expect(defaultConfig.Containers.EnableLabeling).To(gomega.Equal(selinux.GetEnabled()))
 			gomega.Expect(defaultConfig.Containers.EnableLabeledUsers).To(gomega.BeFalse())
 		})
+
+		It("Check podmansh timeout settings", func() {
+			// Note: Podmansh.Timeout must be preferred over Engine.PodmanshTimeout
+
+			// Given
+			defaultConfig, _ := NewConfig("")
+			// When
+			defaultConfig.Engine.PodmanshTimeout = 30
+			defaultConfig.Podmansh.Timeout = 0
+
+			// Then
+			gomega.Expect(defaultConfig.PodmanshTimeout()).To(gomega.Equal(uint(30)))
+
+			// When
+			defaultConfig.Engine.PodmanshTimeout = 0
+			defaultConfig.Podmansh.Timeout = 42
+
+			// Then
+			gomega.Expect(defaultConfig.PodmanshTimeout()).To(gomega.Equal(uint(42)))
+
+			// When
+			defaultConfig.Engine.PodmanshTimeout = 300
+			defaultConfig.Podmansh.Timeout = 42
+
+			// Then
+			gomega.Expect(defaultConfig.PodmanshTimeout()).To(gomega.Equal(uint(42)))
+		})
 	})
 
 	Describe("ValidateNetworkConfig", func() {
@@ -305,8 +335,11 @@ image_copy_tmp_dir="storage"`
 			gomega.Expect(defaultConfig.Engine.HelperBinariesDir.Get()).To(gomega.Equal(helperDirs))
 			gomega.Expect(defaultConfig.Engine.ServiceTimeout).To(gomega.BeEquivalentTo(300))
 			gomega.Expect(defaultConfig.Engine.InfraImage).To(gomega.BeEquivalentTo("k8s.gcr.io/pause:3.4.1"))
-			gomega.Expect(defaultConfig.Machine.Volumes.Get()).To(gomega.BeEquivalentTo(volumes))
 			gomega.Expect(defaultConfig.Engine.PodmanshTimeout).To(gomega.BeEquivalentTo(300))
+			gomega.Expect(defaultConfig.Machine.Volumes.Get()).To(gomega.BeEquivalentTo(volumes))
+			gomega.Expect(defaultConfig.Podmansh.Timeout).To(gomega.BeEquivalentTo(42))
+			gomega.Expect(defaultConfig.Podmansh.Shell).To(gomega.Equal("/bin/zsh"))
+			gomega.Expect(defaultConfig.Podmansh.Container).To(gomega.BeEquivalentTo("podmansh-1"))
 			gomega.Expect(defaultConfig.Engine.HealthcheckEvents).To(gomega.BeFalse())
 			newV, err := defaultConfig.MachineVolumes()
 			if newVolumes[0] == ":" {

diff --git a/pkg/config/containers.conf b/pkg/config/containers.conf
@@ -759,9 +759,6 @@ default_sysctls = [
 # A value of 0 is treated as no timeout.
 #volume_plugin_timeout = 5
 
-# Default timeout in seconds for podmansh logins.
-#podmansh_timeout = 30
-
 # Paths to look for a valid OCI runtime (crun, runc, kata, runsc, krun, etc)
 [engine.runtimes]
 #crun = [
@@ -889,3 +886,14 @@ default_sysctls = [
 #
 # map of existing farms
 #[farms.list]
+
+[podmansh]
+# Shell to spawn in container. Default: /bin/sh.
+#shell = "/bin/sh"
+# 
+# Name of the container the podmansh user should join.
+#container = "podmansh"
+# 
+# Default timeout in seconds for podmansh logins.
+# Favored over the deprecated "podmansh_timeout" field.
+#timeout = 30
diff --git a/pkg/config/default.go b/pkg/config/default.go
@@ -265,10 +265,11 @@ func defaultConfig() (*Config, error) {
 			CNIPluginDirs:             attributedstring.NewSlice(DefaultCNIPluginDirs),
 			NetavarkPluginDirs:        attributedstring.NewSlice(DefaultNetavarkPluginDirs),
 		},
-		Engine:  *defaultEngineConfig,
-		Secrets: defaultSecretConfig(),
-		Machine: defaultMachineConfig(),
-		Farms:   defaultFarmConfig(),
+		Engine:   *defaultEngineConfig,
+		Secrets:  defaultSecretConfig(),
+		Machine:  defaultMachineConfig(),
+		Farms:    defaultFarmConfig(),
+		Podmansh: defaultPodmanshConfig(),
 	}, nil
 }
 
@@ -307,6 +308,18 @@ func defaultFarmConfig() FarmConfig {
 	}
 }
 
+// defaultPodmanshConfig returns the default podmansh configuration.
+func defaultPodmanshConfig() PodmanshConfig {
+	return PodmanshConfig{
+		Shell:     "/bin/sh",
+		Container: "podmansh",
+
+		// A value of 0 means "not set", needed to distinguish if engine.podmansh_timeout or podmansh.timeout should be used
+		// This is needed to keep backwards compatibility to engine.PodmanshTimeout.
+		Timeout: uint(0),
+	}
+}
+
 // defaultEngineConfig returns a default engine configuration. Note that the
 // config is different for root and rootless. It also parses the storage.conf.
 func defaultEngineConfig() (*EngineConfig, error) {
@@ -360,7 +373,7 @@ func defaultEngineConfig() (*EngineConfig, error) {
 	c.CgroupManager = defaultCgroupManager()
 	c.ServiceTimeout = uint(5)
 	c.StopTimeout = uint(10)
-	c.PodmanshTimeout = uint(30)
+	c.PodmanshTimeout = uint(30) // deprecated: use podmansh.timeout instead, kept for backwards-compatibility
 	c.ExitCommandDelay = uint(5 * 60)
 	c.Remote = isRemote()
 	c.Retry = 3

diff --git a/pkg/config/testdata/containers_default.conf b/pkg/config/testdata/containers_default.conf
@@ -287,7 +287,7 @@ runtime_supports_json = ["runc"]
 # SSH config file path
 ssh_config = "/foo/bar/.ssh/config"
 
-# Number of seconds to wait for podmansh logins.
+# Deprecated in favor of podmansh.Timeout, should not be used anymore.
 podmansh_timeout = 300
 
 # Paths to look for a valid OCI runtime (runc, runv, etc)
@@ -307,6 +307,14 @@ crun = [
 	    "/usr/local/bin/crun",
 ]
 
+[podmansh]
+# Shell to start in container. Default: /bin/sh.
+shell = "/bin/zsh"
+# Name of the container the podmansh user should join.
+container = "podmansh-1"
+# Number of seconds to wait for podmansh logins.
+timeout = 42
+
 [machine]
 # Number of CPU's a machine is created with.
 cpus=1