pool/docker
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 612799 from home:cyphar:containers:docker_bsc1065609

Browse Source 
- Update secrets patch to not log incorrect warnings when attempting to inject
  non-existent host files. bsc#1065609
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch

OBS-URL: https://build.opensuse.org/request/show/612799
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=247
This commit is contained in:
Aleksa Sarai 2018-05-30 05:44:31 +00:00 committed by Git OBS Bridge
parent 832a61093a
commit 4bd579423a
3 changed files with 25 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docker.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue May 29 08:10:48 UTC 2018 - asarai@suse.com
- Update secrets patch to not log incorrect warnings when attempting to inject
non-existent host files. bsc#1065609
* secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
* secrets-0002-SUSE-implement-SUSE-container-secrets.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 10 09:25:43 UTC 2018 - mmeister@suse.com Tue Apr 10 09:25:43 UTC 2018 - mmeister@suse.com

4
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
View File

@ -10,7 +10,7 @@ useful for creating directories and subdirectories of secrets.
Signed-off-by: Antonio Murdaca <runcom@redhat.com> Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de> Signed-off-by: Aleksa Sarai <asarai@suse.de>
--- ---
.../engine/daemon/container_operations_unix.go | 24 +++++++++++++++++++--- .../daemon/container_operations_unix.go | 24 ++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-) 1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/components/engine/daemon/container_operations_unix.go b/components/engine/daemon/container_operations_unix.go diff --git a/components/engine/daemon/container_operations_unix.go b/components/engine/daemon/container_operations_unix.go
@ -70,5 +70,5 @@ index 954c194ea836..3ef1e0262edc 100644
return errors.Wrap(err, "error setting ownership for secret") return errors.Wrap(err, "error setting ownership for secret")
} }
-- --
2.16.1 2.17.0

22
secrets-0002-SUSE-implement-SUSE-container-secrets.patch
View File

@ -1,4 +1,4 @@
From 3a7cd305f75fabc49460066e5452458a524ead5c Mon Sep 17 00:00:00 2001 From a7533a3084e925eb478148ef30bec0d1f1b81ae3 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de> From: Aleksa Sarai <asarai@suse.de>
Date: Wed, 8 Mar 2017 11:43:29 +1100 Date: Wed, 8 Mar 2017 11:43:29 +1100
Subject: [PATCH 2/2] SUSE: implement SUSE container secrets Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
@ -10,12 +10,12 @@ THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
MAKES BUILDS NOT ENTIRELY REPRODUCIBLE. MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702 SUSE-Bugs: bsc#1065609 bsc#1057743 bsc#1055676 bsc#1030702
Signed-off-by: Aleksa Sarai <asarai@suse.de> Signed-off-by: Aleksa Sarai <asarai@suse.de>
--- ---
components/engine/daemon/start.go | 5 + components/engine/daemon/start.go | 5 +
components/engine/daemon/suse_secrets.go | 391 +++++++++++++++++++++++++++++++ components/engine/daemon/suse_secrets.go | 399 +++++++++++++++++++++++
2 files changed, 396 insertions(+) 2 files changed, 404 insertions(+)
create mode 100644 components/engine/daemon/suse_secrets.go create mode 100644 components/engine/daemon/suse_secrets.go
diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go
@ -36,10 +36,10 @@ index 55438cf2c45f..7dfa6cd1d055 100644
return systemError{err} return systemError{err}
diff --git a/components/engine/daemon/suse_secrets.go b/components/engine/daemon/suse_secrets.go diff --git a/components/engine/daemon/suse_secrets.go b/components/engine/daemon/suse_secrets.go
new file mode 100644 new file mode 100644
index 000000000000..9d0788f0410d index 000000000000..00e485368b47
--- /dev/null --- /dev/null
+++ b/components/engine/daemon/suse_secrets.go +++ b/components/engine/daemon/suse_secrets.go
@@ -0,0 +1,391 @@ @@ -0,0 +1,399 @@
+/* +/*
+ * suse-secrets: patch for Docker to implement SUSE secrets + * suse-secrets: patch for Docker to implement SUSE secrets
+ * Copyright (C) 2017 SUSE LLC. + * Copyright (C) 2017 SUSE LLC.
@ -143,6 +143,10 @@ index 000000000000..9d0788f0410d
+ var suseFiles []*SuseFakeFile + var suseFiles []*SuseFakeFile
+ +
+ path := filepath.Join(prefix, dir) + path := filepath.Join(prefix, dir)
+ if _, err := os.Lstat(path); err != nil && os.IsNotExist(err) {
+ // If the path doesn't exist at all we don't inject anything.
+ return nil, nil
+ }
+ fi, err := os.Stat(path) + fi, err := os.Stat(path)
+ if err != nil { + if err != nil {
+ // Ignore dangling symlinks. + // Ignore dangling symlinks.
@ -259,6 +263,10 @@ index 000000000000..9d0788f0410d
+// readFile returns a secret given a file under a given prefix. +// readFile returns a secret given a file under a given prefix.
+func readFile(prefix, file string) ([]*SuseFakeFile, error) { +func readFile(prefix, file string) ([]*SuseFakeFile, error) {
+ path := filepath.Join(prefix, file) + path := filepath.Join(prefix, file)
+ if _, err := os.Lstat(path); err != nil && os.IsNotExist(err) {
+ // If the path doesn't exist at all we don't inject anything.
+ return nil, nil
+ }
+ fi, err := os.Stat(path) + fi, err := os.Stat(path)
+ if err != nil { + if err != nil {
+ // Ignore dangling symlinks. + // Ignore dangling symlinks.
@ -432,5 +440,5 @@ index 000000000000..9d0788f0410d
+ return nil + return nil
+} +}
-- --
2.16.1 2.17.0