Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables

Also Switch to using CONTAINERS_REGISTRIES_CONF for registries.conf overrides. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2024-10-19 00:34:18 +00:00 · 2021-03-08 16:04:20 -05:00 · 2021-03-08 16:04:20 -05:00 · c9ef260710
parent 5331096b38
commit c9ef260710
9 changed files with 29 additions and 20 deletions
--- a/docs/source/markdown/podman.1.md
+++ b/docs/source/markdown/podman.1.md
@ -279,6 +279,8 @@ Distributions ship the `/usr/share/containers/containers.conf` file with their d

 Podman uses builtin defaults if no containers.conf file is found.

+If the **CONTAINERS_CONF** environment variable is set, then its value is used for the containers.conf file rather than the default.
+
 **mounts.conf** (`/usr/share/containers/mounts.conf`)

    The mounts.conf file specifies volume mount directories that are automatically mounted inside containers when executing the `podman run` or `podman start` commands. Administrators can override the defaults file by creating `/etc/containers/mounts.conf`.
@ -295,6 +297,8 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.con

    Non root users of Podman can create the `$HOME/.config/containers/registries.conf` file to be used instead of the system defaults.

+    If the **CONTAINERS_REGISTRIES_CONF** environment variable is set, then its value is used for the registries.conf file rather than the default.
+
 **storage.conf** (`/etc/containers/storage.conf`, `$HOME/.config/containers/storage.conf`)

    storage.conf is the storage configuration file for all tools using containers/storage
@ -303,8 +307,10 @@ When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.con

    When Podman runs in rootless mode, the file `$HOME/.config/containers/storage.conf` is used instead of the system defaults.

+    If the **CONTAINERS_STORAGE_CONF** environment variable is set, the its value is used for the storage.conf file rather than the default.
+
 ## Rootless mode
-Podman can also be used as non-root user.  When podman runs in rootless mode, a user namespace is automatically created for the user, defined in /etc/subuid and /etc/subgid.
+Podman can also be used as non-root user. When podman runs in rootless mode, a user namespace is automatically created for the user, defined in /etc/subuid and /etc/subgid.

 Containers created by a non-root user are not visible to other users and are not seen or managed by Podman running as root.

--- a/hack/podman-socat
+++ b/hack/podman-socat
@ -54,8 +54,8 @@ trap "cleanup $TMPDIR" EXIT
 # Need locations to store stuff
 mkdir -p "${TMPDIR}"/{podman,crio,crio-run,cni/net.d,ctnr,tunnel}

-export REGISTRIES_CONFIG_PATH=${TMPDIR}/registry.conf
-cat >"$REGISTRIES_CONFIG_PATH" <<-EOT
+export CONTAINERS_REGISTRIES_CONF=${TMPDIR}/registry.conf
+cat >"$CONTAINERS_REGISTRIES_CONF" <<-EOT
  [registries.search]
    registries = ['docker.io']
  [registries.insecure]
--- a/libpod/runtime_img_test.go
+++ b/libpod/runtime_img_test.go
@ -37,7 +37,7 @@ func TestGetRegistries(t *testing.T) {
 	registryPath, err := createTmpFile([]byte(registry))
 	assert.NoError(t, err)
 	defer os.Remove(registryPath)
-	os.Setenv("REGISTRIES_CONFIG_PATH", registryPath)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", registryPath)
 	registries, err := sysreg.GetRegistries()
 	assert.NoError(t, err)
 	assert.True(t, reflect.DeepEqual(registries, []string{"one"}))
@ -46,7 +46,7 @@ func TestGetRegistries(t *testing.T) {
 func TestGetInsecureRegistries(t *testing.T) {
 	registryPath, err := createTmpFile([]byte(registry))
 	assert.NoError(t, err)
-	os.Setenv("REGISTRIES_CONFIG_PATH", registryPath)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", registryPath)
 	defer os.Remove(registryPath)
 	registries, err := sysreg.GetInsecureRegistries()
 	assert.NoError(t, err)
--- a/pkg/registries/registries.go
+++ b/pkg/registries/registries.go
@ -24,7 +24,10 @@ var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/re
 // FIXME: This should be centralized in a global SystemContext initializer inherited throughout the code,
 // not haphazardly called throughout the way it is being called now.
 func SystemRegistriesConfPath() string {
-	if envOverride := os.Getenv("REGISTRIES_CONFIG_PATH"); len(envOverride) > 0 {
+	if envOverride, ok := os.LookupEnv("CONTAINERS_REGISTRIES_CONF"); ok {
+		return envOverride
+	}
+	if envOverride, ok := os.LookupEnv("REGISTRIES_CONFIG_PATH"); ok {
 		return envOverride
 	}

--- a/test/apiv2/rest_api/init.py
+++ b/test/apiv2/rest_api/init.py
@ -27,7 +27,7 @@ class Podman(object):
        self.cmd.append("--root=" + os.path.join(self.anchor_directory, "crio"))
        self.cmd.append("--runroot=" + os.path.join(self.anchor_directory, "crio-run"))

-        os.environ["REGISTRIES_CONFIG_PATH"] = os.path.join(self.anchor_directory, "registry.conf")
+        os.environ["CONTAINERS_REGISTRIES_CONF"] = os.path.join(self.anchor_directory, "registry.conf")
        p = configparser.ConfigParser()
        p.read_dict(
            {
@ -36,7 +36,7 @@ class Podman(object):
                "registries.block": {"registries": "[]"},
            }
        )
-        with open(os.environ["REGISTRIES_CONFIG_PATH"], "w") as w:
+        with open(os.environ["CONTAINERS_REGISTRIES_CONF"], "w") as w:
            p.write(w)

        os.environ["CNI_CONFIG_PATH"] = os.path.join(self.anchor_directory, "cni", "net.d")
--- a/test/e2e/libpod_suite_remote_test.go
+++ b/test/e2e/libpod_suite_remote_test.go
@ -48,17 +48,17 @@ func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os

 func (p *PodmanTestIntegration) setDefaultRegistriesConfigEnv() {
 	defaultFile := filepath.Join(INTEGRATION_ROOT, "test/registries.conf")
-	os.Setenv("REGISTRIES_CONFIG_PATH", defaultFile)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", defaultFile)
 }

 func (p *PodmanTestIntegration) setRegistriesConfigEnv(b []byte) {
 	outfile := filepath.Join(p.TempDir, "registries.conf")
-	os.Setenv("REGISTRIES_CONFIG_PATH", outfile)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", outfile)
 	ioutil.WriteFile(outfile, b, 0644)
 }

 func resetRegistriesConfigEnv() {
-	os.Setenv("REGISTRIES_CONFIG_PATH", "")
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", "")
 }
 func PodmanTestCreate(tempDir string) *PodmanTestIntegration {
 	pti := PodmanTestCreateUtil(tempDir, true)
--- a/test/e2e/libpod_suite_test.go
+++ b/test/e2e/libpod_suite_test.go
@ -31,17 +31,17 @@ func (p *PodmanTestIntegration) PodmanExtraFiles(args []string, extraFiles []*os

 func (p *PodmanTestIntegration) setDefaultRegistriesConfigEnv() {
 	defaultFile := filepath.Join(INTEGRATION_ROOT, "test/registries.conf")
-	os.Setenv("REGISTRIES_CONFIG_PATH", defaultFile)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", defaultFile)
 }

 func (p *PodmanTestIntegration) setRegistriesConfigEnv(b []byte) {
 	outfile := filepath.Join(p.TempDir, "registries.conf")
-	os.Setenv("REGISTRIES_CONFIG_PATH", outfile)
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", outfile)
 	ioutil.WriteFile(outfile, b, 0644)
 }

 func resetRegistriesConfigEnv() {
-	os.Setenv("REGISTRIES_CONFIG_PATH", "")
+	os.Setenv("CONTAINERS_REGISTRIES_CONF", "")
 }

 func PodmanTestCreate(tempDir string) *PodmanTestIntegration {
--- a/test/e2e/login_logout_test.go
+++ b/test/e2e/login_logout_test.go
@ -125,15 +125,15 @@ var _ = Describe("Podman login and logout", func() {

 		// Environment is per-process, so this looks very unsafe; actually it seems fine because tests are not
 		// run in parallel unless they opt in by calling t.Parallel().  So don’t do that.
-		oldRCP, hasRCP := os.LookupEnv("REGISTRIES_CONFIG_PATH")
+		oldRCP, hasRCP := os.LookupEnv("CONTAINERS_REGISTRIES_CONF")
 		defer func() {
 			if hasRCP {
-				os.Setenv("REGISTRIES_CONFIG_PATH", oldRCP)
+				os.Setenv("CONTAINERS_REGISTRIES_CONF", oldRCP)
 			} else {
-				os.Unsetenv("REGISTRIES_CONFIG_PATH")
+				os.Unsetenv("CONTAINERS_REGISTRIES_CONF")
 			}
 		}()
-		os.Setenv("REGISTRIES_CONFIG_PATH", registriesConf.Name())
+		os.Setenv("CONTAINERS_REGISTRIES_CONF", registriesConf.Name())

 		session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test"})
 		session.WaitWithDefaultTimeout()
--- a/test/python/docker/init.py
+++ b/test/python/docker/init.py
@ -39,7 +39,7 @@ class Podman(object):
        self.cmd.append("--root=" + os.path.join(self.anchor_directory, "crio"))
        self.cmd.append("--runroot=" + os.path.join(self.anchor_directory, "crio-run"))

-        os.environ["REGISTRIES_CONFIG_PATH"] = os.path.join(
+        os.environ["CONTAINERS_REGISTRIES_CONF"] = os.path.join(
            self.anchor_directory, "registry.conf"
        )
        p = configparser.ConfigParser()
@ -50,7 +50,7 @@ class Podman(object):
                "registries.block": {"registries": "[]"},
            }
        )
-        with open(os.environ["REGISTRIES_CONFIG_PATH"], "w") as w:
+        with open(os.environ["CONTAINERS_REGISTRIES_CONF"], "w") as w:
            p.write(w)

        os.environ["CNI_CONFIG_PATH"] = os.path.join(