1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
|
package connection
import (
"errors"
"fmt"
"net/url"
"os"
"regexp"
"strings"
"github.com/containers/common/pkg/completion"
"github.com/containers/common/pkg/config"
"github.com/containers/common/pkg/ssh"
"github.com/containers/podman/v4/cmd/podman/registry"
"github.com/containers/podman/v4/cmd/podman/system"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
var (
addCmd = &cobra.Command{
Use: "add [options] NAME DESTINATION",
Args: cobra.ExactArgs(2),
Short: "Record destination for the Podman service",
Long: `Add destination to podman configuration.
"destination" is one of the form:
[user@]hostname (will default to ssh)
ssh://[user@]hostname[:port][/path] (will obtain socket path from service, if not given.)
tcp://hostname:port (not secured)
unix://path (absolute path required)
`,
RunE: add,
ValidArgsFunction: completion.AutocompleteNone,
Example: `podman system connection add laptop server.fubar.com
podman system connection add --identity ~/.ssh/dev_rsa testing ssh://root@server.fubar.com:2222
podman system connection add --identity ~/.ssh/dev_rsa --port 22 production root@server.fubar.com
podman system connection add debug tcp://localhost:8080
`,
}
createCmd = &cobra.Command{
Use: "create [options] NAME DESTINATION",
Args: cobra.ExactArgs(1),
Short: addCmd.Short,
Long: addCmd.Long,
RunE: create,
ValidArgsFunction: completion.AutocompleteNone,
}
dockerPath string
cOpts = struct {
Identity string
Port int
UDSPath string
Default bool
}{}
)
func init() {
registry.Commands = append(registry.Commands, registry.CliCommand{
Command: addCmd,
Parent: system.ConnectionCmd,
})
flags := addCmd.Flags()
portFlagName := "port"
flags.IntVarP(&cOpts.Port, portFlagName, "p", 22, "SSH port number for destination")
_ = addCmd.RegisterFlagCompletionFunc(portFlagName, completion.AutocompleteNone)
identityFlagName := "identity"
flags.StringVar(&cOpts.Identity, identityFlagName, "", "path to SSH identity file")
_ = addCmd.RegisterFlagCompletionFunc(identityFlagName, completion.AutocompleteDefault)
socketPathFlagName := "socket-path"
flags.StringVar(&cOpts.UDSPath, socketPathFlagName, "", "path to podman socket on remote host. (default '/run/podman/podman.sock' or '/run/user/{uid}/podman/podman.sock)")
_ = addCmd.RegisterFlagCompletionFunc(socketPathFlagName, completion.AutocompleteDefault)
flags.BoolVarP(&cOpts.Default, "default", "d", false, "Set connection to be default")
registry.Commands = append(registry.Commands, registry.CliCommand{
Command: createCmd,
Parent: system.ContextCmd,
})
flags = createCmd.Flags()
dockerFlagName := "docker"
flags.StringVar(&dockerPath, dockerFlagName, "", "Description of the context")
_ = createCmd.RegisterFlagCompletionFunc(dockerFlagName, completion.AutocompleteNone)
flags.String("description", "", "Ignored. Just for script compatibility")
flags.String("from", "", "Ignored. Just for script compatibility")
flags.String("kubernetes", "", "Ignored. Just for script compatibility")
flags.String("default-stack-orchestrator", "", "Ignored. Just for script compatibility")
}
func add(cmd *cobra.Command, args []string) error {
// Default to ssh schema if none given
entities := &ssh.ConnectionCreateOptions{
Port: cOpts.Port,
Path: args[1],
Identity: cOpts.Identity,
Name: args[0],
Socket: cOpts.UDSPath,
Default: cOpts.Default,
}
dest := args[1]
if match, err := regexp.Match("^[A-Za-z][A-Za-z0-9+.-]*://", []byte(dest)); err != nil {
return fmt.Errorf("invalid destination: %w", err)
} else if !match {
dest = "ssh://" + dest
}
uri, err := url.Parse(dest)
if err != nil {
return err
}
if cmd.Flags().Changed("socket-path") {
uri.Path = cmd.Flag("socket-path").Value.String()
}
var sshMode ssh.EngineMode
containerConfig := registry.PodmanConfig()
flag := containerConfig.SSHMode
sshMode = ssh.DefineMode(flag)
if sshMode == ssh.InvalidMode {
return fmt.Errorf("invalid ssh mode")
}
switch uri.Scheme {
case "ssh":
return ssh.Create(entities, sshMode)
case "unix":
if cmd.Flags().Changed("identity") {
return errors.New("--identity option not supported for unix scheme")
}
if cmd.Flags().Changed("socket-path") {
uri.Path = cmd.Flag("socket-path").Value.String()
}
info, err := os.Stat(uri.Path)
switch {
case errors.Is(err, os.ErrNotExist):
logrus.Warnf("%q does not exists", uri.Path)
case errors.Is(err, os.ErrPermission):
logrus.Warnf("You do not have permission to read %q", uri.Path)
case err != nil:
return err
case info.Mode()&os.ModeSocket == 0:
return fmt.Errorf("%q exists and is not a unix domain socket", uri.Path)
}
case "tcp":
if cmd.Flags().Changed("socket-path") {
return errors.New("--socket-path option not supported for tcp scheme")
}
if cmd.Flags().Changed("identity") {
return errors.New("--identity option not supported for tcp scheme")
}
if uri.Port() == "" {
return errors.New("tcp scheme requires a port either via --port or in destination URL")
}
default:
logrus.Warnf("%q unknown scheme, no validation provided", uri.Scheme)
}
cfg, err := config.ReadCustomConfig()
if err != nil {
return err
}
if cmd.Flags().Changed("default") {
if cOpts.Default {
cfg.Engine.ActiveService = args[0]
}
}
dst := config.Destination{
URI: uri.String(),
}
if cmd.Flags().Changed("identity") {
dst.Identity = cOpts.Identity
}
if cfg.Engine.ServiceDestinations == nil {
cfg.Engine.ServiceDestinations = map[string]config.Destination{
args[0]: dst,
}
cfg.Engine.ActiveService = args[0]
} else {
cfg.Engine.ServiceDestinations[args[0]] = dst
}
return cfg.Write()
}
func create(cmd *cobra.Command, args []string) error {
dest, err := translateDest(dockerPath)
if err != nil {
return err
}
if match, err := regexp.Match("^[A-Za-z][A-Za-z0-9+.-]*://", []byte(dest)); err != nil {
return fmt.Errorf("invalid destination: %w", err)
} else if !match {
dest = "ssh://" + dest
}
uri, err := url.Parse(dest)
if err != nil {
return err
}
cfg, err := config.ReadCustomConfig()
if err != nil {
return err
}
dst := config.Destination{
URI: uri.String(),
}
if cfg.Engine.ServiceDestinations == nil {
cfg.Engine.ServiceDestinations = map[string]config.Destination{
args[0]: dst,
}
cfg.Engine.ActiveService = args[0]
} else {
cfg.Engine.ServiceDestinations[args[0]] = dst
}
return cfg.Write()
}
func translateDest(path string) (string, error) {
if path == "" {
return "", nil
}
split := strings.SplitN(path, "=", 2)
if len(split) == 1 {
return split[0], nil
}
if split[0] != "host" {
return "", fmt.Errorf("\"host\" is requited for --docker option")
}
// "host=tcp://myserver:2376,ca=~/ca-file,cert=~/cert-file,key=~/key-file"
vals := strings.Split(split[1], ",")
if len(vals) > 1 {
return "", fmt.Errorf("--docker additional options %q not supported", strings.Join(vals[1:], ","))
}
// for now we ignore other fields specified on command line
return vals[0], nil
}
|