search

containers / image

Work with containers' images
Apache License 2.0
866 stars 379 forks source link

Building with -X github.com/containers/image/v5/sysregistries.systemRegistriesConfPath=/abc/etc/containers/registries.conf override is not honoured #2568

Open heitbaum opened 1 month ago

heitbaum commented 1 month ago

When building podman 5.2.2 with custom registries.conf - the options are not honoured.

CGO_ENABLED=1 GOOS=linux GOARCH=amd64 /var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-13.0-devel/toolchain/lib/golang/bin/go build \
         \
        -ldflags '-X github.com/containers/podman/v5/libpod/define.gitCommit=fcee48106a12dd531702d729d17f40f6e152027f -X github.com/containers/podman/v5/libpod/define.buildInfo=1726299896 -X github.com/containers/podman/v5/libpod/config._installPrefix=/storage/.kodi/addons/service.system.podman -X github.com/containers/podman/v5/libpod/config._etcDir=/etc -X github.com/containers/podman/v5/pkg/systemd/quadlet._binDir=/storage/.kodi/addons/service.system.podman/bin -X github.com/containers/common/pkg/config.additionalHelperBinariesDir=/storage/.kodi/addons/service.system.podman/bin -X github.com/containers/image/v5/sysregistries.systemRegistriesConfPath=/storage/.kodi/userdata/addon_data/service.system.podman/podman/etc/containers/registries.conf -X github.com/containers/image/v5/sysregistries.systemRegistriesConfDirectoryPath=/storage/.kodi/userdata/addon_data/service.system.podman/podman/etc/containers/registries.conf.d -X github.com/containers/image/v5/signature.systemDefaultPolicyPath=/storage/.kodi/addons/service.system.podman/etc/containers/policy.json -extldflags=-L/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-13.0-devel/install_pkg/gpgme-1.23.2/usr/lib' \
        -tags "remote exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper containers_image_openpgp" \
        -o bin/podman-remote ./cmd/podman

https://github.com/containers/image/blob/31d4ad14fe4da8ef3969ff67297831ab291c76f1/pkg/sysregistriesv2/system_registries_v2.go#L26

mtrmac commented 1 month ago

Thanks for reaching out. Using exactly that -ldflags option when building Skopeo does affect the path for me:

% …/skopeo copy docker://a docker://b            
FATA[0000] Error loading trust policy: open /storage/.kodi/addons/service.system.podman/etc/containers/policy.json: no such file or directory

What are the steps to reproduce / actual results / expected results?

Note that in a Podman remote scenario, the policy that mostly (exclusively?) applies is the one on the server side (typically inside the VM).