Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

template://podman-rootful: provision scripts should not depend on LIMA_CIDATA_* #2055

Closed
AkihiroSuda opened this issue Dec 5, 2023 · 7 comments · Fixed by #2121
Closed

template://podman-rootful: provision scripts should not depend on LIMA_CIDATA_* #2055

AkihiroSuda opened this issue Dec 5, 2023 · 7 comments · Fixed by #2121
Labels
area/project kind/refactoring Refactoring

Comments

@AkihiroSuda
Copy link
Member

lima/examples/podman-rootful.yaml

Line 44 in b453ded

echo "d /run/podman 0700 ${LIMA_CIDATA_USER} -" > /etc/tmpfiles.d/podman.conf

The provision scripts should probably use template like {{.User}}
#2052 (comment)
@afbjorklund
Copy link
Member

Also used in docker-rootful, I think

@jandubois
Copy link
Member

@AkihiroSuda Can you explain why template variables are preferable to the env variables?

It makes no big difference, but env variables are slightly more flexible if you want to work on the scripts in a running instance because the variables are not yet filled in (you can make changes to the script and copy it back into lima.yaml).

Another thing is that lima.env can be used to look up what information is available. But I guess we can document all the template variables in default.yaml as well.

Anyways, no strong feelings either way.

@AkihiroSuda
Copy link
Member Author

Can you explain why template variables are preferable to the env variables?

Because these variables are implementation details of the init scripts, and can be removed even in a patch release.

@jandubois
Copy link
Member

Because these variables are implementation details of the init scripts, and can be removed even in a patch release.

Oh, so the template would only make a subset of the information available? I thought you wanted to apply the cidata templating function to the scripts, which is functionally equivalent to exposing the shell variables; lima.env is essentially the mapping function.

So what are the template variables that should be exposed via the template?

@AkihiroSuda
Copy link
Member Author

So what are the template variables that should be exposed via the template?

Just same as the template for the sockets?

lima/examples/default.yaml

Line 364 in b453ded

# # "hostSocket" can include {{.Home}}, {{.Dir}}, {{.Name}}, {{.UID}}, and {{.User}}.

@jandubois
Copy link
Member

Just same as the template for the sockets?

Ok, that works for me.

Would the LIMA_* variables still remain available for the system provisioning scripts (for backwards compatibility), or would you want to block them?

I guess we could do a string match for LIMA_CIDATA on the expanded script template and generate a warning?

@jandubois jandubois mentioned this issue Dec 6, 2023
Closed
@AkihiroSuda
Copy link
Member Author

I guess we could do a string match for LIMA_CIDATA on the expanded script template and generate a warning?

👍

This was referenced Jan 8, 2024
Closed
Merged
@jandubois jandubois mentioned this issue Jan 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/project kind/refactoring Refactoring
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Do guest template expansion for provisioning scripts rancher-sandbox/lima
3 participants
@jandubois @AkihiroSuda @afbjorklund