podman 1.0.3

data/lib/vagrant/podman/driver.rb

@@ -0,0 +1,417 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+require "json"
+require "log4r"
+
+require_relative "./driver/compose"
+
+module VagrantPlugins
+  module PodmanProvider
+    class Driver
+      # The executor is responsible for actually executing Podman commands.
+      # This is set by the provider, but defaults to local execution.
+      attr_accessor :executor
+
+      def initialize
+        @logger   = Log4r::Logger.new("vagrant::podman::driver")
+        @executor = Executor::Local.new
+      end
+
+      # Returns the id for a new container built from `podman build`. Raises
+      # an exception if the id was unable to be captured from the output
+      #
+      # @return [String] id - ID matched from the podman build output.
+      def build(dir, **opts, &block)
+        args = Array(opts[:extra_args])
+        args << dir
+        opts = {with_stderr: true}
+        result = execute('podman', 'build', *args, **opts, &block)
+        # Check for the new output format 'writing image sha256...'
+        # In this case, podman buildkit is enabled. Its format is different
+        # from standard podman
+        matches = result.scan(/writing image .+:([^\s]+)/i).last
+        if !matches
+          if podman?
+            # Check for podman format when it is emulating podman CLI.
+            # Podman outputs the full hash of the container on
+            # the last line after a successful build.
+            match = result.split.select { |str| str.match?(/[0-9a-z]{64}/) }.last
+            return match[0..7] unless match.nil?
+          else
+            matches = result.scan(/Successfully built (.+)$/i).last
+          end
+
+          if !matches
+            # This will cause a stack trace in Vagrant, but it is a bug
+            # if this happens anyways.
+            raise Errors::BuildError, result: result
+          end
+        end
+
+        # Return the matched group `id`
+        matches[0].strip
+      end
+
+      # Check if podman emulating podman CLI is enabled.
+      #
+      # @return [Bool]
+      def podman?
+        execute('podman', '--version').include?("podman")
+      end
+
+      def create(params, **opts, &block)
+        image   = params.fetch(:image)
+        network = params.fetch(:network)
+        user    = params.fetch(:user)
+        userns  = params.fetch(:userns)
+        links   = params.fetch(:links)
+        ports   = Array(params[:ports])
+        volumes = Array(params[:volumes])
+        name    = params.fetch(:name)
+        cmd     = Array(params.fetch(:cmd))
+        env     = params.fetch(:env)
+        expose  = Array(params[:expose])
+
+        run_cmd = %W(podman run --name #{name})
+        run_cmd << "-d" if params[:detach]
+        run_cmd += env.map { |k,v| ['-e', "#{k}=#{v}"] }
+        run_cmd += expose.map { |p| ['--expose', "#{p}"] }
+        run_cmd += links.map { |k, v| ['--link', "#{k}:#{v}"] }
+        run_cmd += ports.map { |p| ['-p', p.to_s] }
+        run_cmd += volumes.map { |v|
+          v = v.to_s
+          if v.include?(":") && @executor.windows?
+            if v.index(":") != v.rindex(":")
+              # If we have 2 colons, the host path is an absolute Windows URL
+              # and we need to remove the colon from it
+              host, _, guest = v.rpartition(":")
+              host = "//" + host[0].downcase + host[2..-1]
+              v = [host, guest].join(":")
+            else
+              host, guest = v.split(":", 2)
+              host = Vagrant::Util::Platform.windows_path(host)
+              # NOTE: Podman does not support UNC style paths (which also
+              # means that there's no long path support). Hopefully this
+              # will be fixed someday and the gsub below can be removed.
+              host.gsub!(/^[^A-Za-z]+/, "")
+              v = [host, guest].join(":")
+            end
+          end
+
+          ['-v', v.to_s]
+        }
+        run_cmd += %W(--privileged) if params[:privileged]
+        run_cmd += %W(-h #{params[:hostname]}) if params[:hostname]
+        run_cmd += %W(--network #{params[:network]}) if params[:network]
+        run_cmd += %W(--user #{params[:user]}) if params[:user]
+        run_cmd += %W(--userns #{params[:userns]}) if params[:userns]
+        run_cmd << "-t" if params[:pty]
+        run_cmd << "--rm=true" if params[:rm]
+        run_cmd += params[:extra_args] if params[:extra_args]
+        run_cmd += [image, cmd]
+
+        execute(*run_cmd.flatten, **opts, &block).chomp.lines.last
+      end
+
+      def state(cid)
+        case
+        when running?(cid)
+          :running
+        when created?(cid)
+          :stopped
+        else
+          :not_created
+        end
+      end
+
+      def created?(cid)
+        result = execute('podman', 'ps', '-a', '-q', '--no-trunc').to_s
+        result =~ /^#{Regexp.escape cid}$/
+      end
+
+      def image?(id)
+        result = execute('podman', 'images', '-q').to_s
+        result =~ /^#{Regexp.escape(id)}$/
+      end
+
+      # Reads all current podman containers and determines what ports
+      # are currently registered to be forwarded
+      # {2222=>#<Set: {"127.0.0.1"}>, 8080=>#<Set: {"*"}>, 9090=>#<Set: {"*"}>}
+      #
+      # Note: This is this format because of what the builtin action for resolving colliding
+      # port forwards expects.
+      #
+      # @return [Hash[Set]] used_ports - {forward_port: #<Set: {"host ip address"}>}
+      def read_used_ports
+        used_ports = Hash.new{|hash,key| hash[key] = Set.new}
+
+        all_containers.each do |c|
+          container_info = inspect_container(c)
+
+          active = container_info["State"]["Running"]
+          next unless active # Ignore used ports on inactive containers
+
+          if container_info["HostConfig"]["PortBindings"]
+            port_bindings = container_info["HostConfig"]["PortBindings"]
+            next if port_bindings.empty? # Nothing defined, but not nil either
+
+            port_bindings.each do |guest_port,host_mapping|
+              host_mapping.each do |h|
+                if h["HostIp"] == ""
+                  hostip = "*"
+                else
+                  hostip = h["HostIp"]
+                end
+                hostport = h["HostPort"]
+                used_ports[hostport].add(hostip)
+              end
+            end
+          end
+        end
+
+        used_ports
+      end
+
+      def running?(cid)
+        result = execute('podman', 'ps', '-q', '--no-trunc')
+        result =~ /^#{Regexp.escape cid}$/m
+      end
+
+      def privileged?(cid)
+        inspect_container(cid)['HostConfig']['Privileged']
+      end
+
+      def login(email, username, password, server)
+        cmd = %W(podman login)
+        cmd += ["-e", email] if email != ""
+        cmd += ["-u", username] if username != ""
+        cmd += ["-p", password] if password != ""
+        cmd << server if server && server != ""
+
+        execute(*cmd.flatten)
+      end
+
+      def logout(server)
+        cmd = %W(podman logout)
+        cmd << server if server && server != ""
+        execute(*cmd.flatten)
+      end
+
+      def pull(image)
+        execute('podman', 'pull', image)
+      end
+
+      def start(cid)
+        if !running?(cid)
+          execute('podman', 'start', cid)
+          # This resets the cached information we have around, allowing `vagrant reload`s
+          # to work properly
+          @data = nil
+        end
+      end
+
+      def stop(cid, timeout)
+        if running?(cid)
+          execute('podman', 'stop', '-t', timeout.to_s, cid)
+        end
+      end
+
+      def rm(cid)
+        if created?(cid)
+          execute('podman', 'rm', '-f', '-v', cid)
+        end
+      end
+
+      def rmi(id)
+        execute('podman', 'rmi', id)
+        return true
+      rescue => e
+        return false if e.to_s.include?("is using it")
+        return false if e.to_s.include?("is being used")
+        raise if !e.to_s.include?("No such image")
+      end
+
+      # Inspect the provided container
+      #
+      # @param [String] cid ID or name of container
+      # @return [Hash]
+      def inspect_container(cid)
+        JSON.parse(execute('podman', 'inspect', cid)).first
+      end
+
+      # @return [Array<String>] list of all container IDs
+      def all_containers
+        execute('podman', 'ps', '-a', '-q', '--no-trunc').to_s.split
+      end
+
+      # Attempts to first use the podman-cli tool to inspect the default bridge subnet
+      # Falls back to using /sbin/ip if that fails
+      #
+      # @return [String] IP address of the podman bridge
+      def podman_bridge_ip
+        bridge = inspect_network("bridge")&.first
+        if bridge 
+          bridge_ip = bridge.dig("subnets", 0, "gateway")
+        end
+        return bridge_ip if bridge_ip
+        @logger.debug("Failed to get bridge ip from podman, falling back to `ip`")
+        podman_bridge_ip_fallback
+      end
+
+      def podman_bridge_ip_fallback
+        output = execute('ip', '-4', 'addr', 'show', 'scope', 'global', 'podman0')
+        if output =~ /^\s+inet ([0-9.]+)\/[0-9]+\s+/
+          return $1.to_s
+        else
+          # TODO: Raise an user friendly message
+          raise 'Unable to fetch podman bridge IP!'
+        end
+      end
+
+      # @param [String] network - name of network to connect conatiner to
+      # @param [String] cid - container id
+      # @param [Array]  opts - An array of flags used for listing networks
+      def connect_network(network, cid, opts=nil)
+        command = ['podman', 'network', 'connect', network, cid].push(*opts)
+        output = execute(*command)
+        output
+      end
+
+      # @param [String] network - name of network to create
+      # @param [Array]  opts - An array of flags used for listing networks
+      def create_network(network, opts=nil)
+        command = ['podman', 'network', 'create', network].push(*opts)
+        output = execute(*command)
+        output
+      end
+
+      # @param [String] network - name of network to disconnect container from
+      # @param [String] cid - container id
+      def disconnect_network(network, cid)
+        command = ['podman', 'network', 'disconnect', network, cid, "--force"]
+        output = execute(*command)
+        output
+      end
+
+      # @param [Array]  networks - list of networks to inspect
+      # @param [Array]  opts - An array of flags used for listing networks
+      def inspect_network(network, opts=nil)
+        command = ['podman', 'network', 'inspect'] + Array(network)
+        command = command.push(*opts)
+        output = execute(*command)
+        begin
+          JSON.load(output)
+        rescue JSON::ParserError
+          @logger.warn("Failed to parse network inspection of network: #{network}")
+          @logger.debug("Failed network output content: `#{output.inspect}`")
+          nil
+        end
+      end
+
+      # @param [String] opts - Flags used for listing networks
+      def list_network(*opts)
+        command = ['podman', 'network', 'ls', *opts]
+        output = execute(*command)
+        output
+      end
+
+      # Will delete _all_ defined but unused networks in the podman engine. Even
+      # networks not created by Vagrant.
+      #
+      # @param [Array] opts - An array of flags used for listing networks
+      def prune_network(opts=nil)
+        command = ['podman', 'network', 'prune', '--force'].push(*opts)
+        output = execute(*command)
+        output
+      end
+
+      # Delete network(s)
+      #
+      # @param [String] network - name of network to remove
+      def rm_network(*network)
+        command = ['podman', 'network', 'rm', *network]
+        output = execute(*command)
+        output
+      end
+
+      # @param [Array] opts - An array of flags used for listing networks
+      def execute(*cmd, **opts, &block)
+        @executor.execute(*cmd, **opts, &block)
+      end
+
+      # ######################
+      # Podman network helpers
+      # ######################
+
+      # Determines if a given network has been defined through vagrant with a given
+      # subnet string
+      #
+      # @param [String] subnet_string - Subnet to look for
+      # @return [String] network name - Name of network with requested subnet.`nil` if not found
+      def network_defined?(subnet_string)
+        all_networks = list_network_names
+
+        network_info = inspect_network(all_networks)
+        network_info.each do |network|
+          config = Array(network["subnets"])
+          if (config.size > 0 &&
+            config.first["subnet"] == subnet_string)
+            @logger.debug("Found existing network #{network["name"]} already configured with #{subnet_string}")
+            return network["name"]
+          end
+        end
+        return nil
+      end
+
+      # Locate network which contains given address
+      #
+      # @param [String] address IP address
+      # @return [String] network name
+      def network_containing_address(address)
+        names = list_network_names
+        networks = inspect_network(names)
+        return if !networks
+        networks.each do |net|
+          next if !net["subnets"]
+          config = net["subnets"]
+          next if !config || config.size < 1
+          config.each do |opts|
+            subnet = IPAddr.new(opts["subnet"])
+            if subnet.include?(address)
+              return net["name"]
+            end
+          end
+        end
+        nil
+      end
+
+      # Looks to see if a podman network has already been defined
+      # with the given name
+      #
+      # @param [String] network_name - name of network to look for
+      # @return [Bool]
+      def existing_named_network?(network_name)
+        result = list_network_names
+        result.any?{|net_name| net_name == network_name}
+      end
+
+      # @return [Array<String>] list of all podman networks
+      def list_network_names
+        list_network("--format={{.Name}}").split("\n").map(&:strip)
+      end
+
+      # Returns true or false if network is in use or not.
+      # Nil if Vagrant fails to receive proper JSON from `podman network inspect`
+      #
+      # @param [String] network - name of network to look for
+      # @return [Bool,nil]
+      def network_used?(network)
+        result = inspect_network(network)
+        return nil if !result
+        return result.first["Containers"].size > 0
+      end
+
+    end
+  end
+end

data/lib/vagrant/podman/errors.rb

@@ -0,0 +1,108 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+module VagrantPlugins
+  module PodmanProvider
+    module Errors
+      class PodmanError < Vagrant::Errors::VagrantError
+        error_namespace("podman_provider.errors")
+      end
+
+      class BuildError < PodmanError
+        error_key(:build_error)
+      end
+
+      class CommunicatorNonPodman < PodmanError
+        error_key(:communicator_non_podman)
+      end
+
+      class ComposeLockTimeoutError < PodmanError
+        error_key(:compose_lock_timeout)
+      end
+
+      class ContainerNotRunningError < PodmanError
+        error_key(:not_running)
+      end
+
+      class ContainerNotCreatedError < PodmanError
+        error_key(:not_created)
+      end
+
+      class PodmanComposeNotInstalledError < PodmanError
+        error_key(:podman_compose_not_installed)
+      end
+
+      class ExecuteError < PodmanError
+        error_key(:execute_error)
+      end
+
+      class ExecCommandRequired < PodmanError
+        error_key(:exec_command_required)
+      end
+
+      class HostVMCommunicatorNotReady < PodmanError
+        error_key(:host_vm_communicator_not_ready)
+      end
+
+      class ImageNotConfiguredError < PodmanError
+        error_key(:podman_provider_image_not_configured)
+      end
+
+      class NfsWithoutPrivilegedError < PodmanError
+        error_key(:podman_provider_nfs_without_privileged)
+      end
+
+      class NetworkAddressInvalid < PodmanError
+        error_key(:network_address_invalid)
+      end
+
+      class NetworkIPAddressRequired < PodmanError
+        error_key(:network_address_required)
+      end
+
+      class NetworkSubnetInvalid < PodmanError
+        error_key(:network_subnet_invalid)
+      end
+
+      class NetworkInvalidOption < PodmanError
+        error_key(:network_invalid_option)
+      end
+
+      class NetworkNameMissing < PodmanError
+        error_key(:network_name_missing)
+      end
+
+      class NetworkNameUndefined < PodmanError
+        error_key(:network_name_undefined)
+      end
+
+      class NetworkNoInterfaces < PodmanError
+        error_key(:network_no_interfaces)
+      end
+
+      class PackageNotSupported < PodmanError
+        error_key(:package_not_supported)
+      end
+
+      class StateNotRunning < PodmanError
+        error_key(:state_not_running)
+      end
+
+      class StateStopped < PodmanError
+        error_key(:state_stopped)
+      end
+
+      class SuspendNotSupported < PodmanError
+        error_key(:suspend_not_supported)
+      end
+
+      class SyncedFolderNonPodman < PodmanError
+        error_key(:synced_folder_non_podman)
+      end
+
+      class VagrantfileNotFound < PodmanError
+        error_key(:vagrantfile_not_found)
+      end
+    end
+  end
+end

data/lib/vagrant/podman/executor/local.rb

@@ -0,0 +1,48 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+require "vagrant/util/busy"
+require "vagrant/util/subprocess"
+
+module VagrantPlugins
+  module PodmanProvider
+    module Executor
+      # The Local executor executes a Podman client that is running
+      # locally.
+      class Local
+        def execute(*cmd, **opts, &block)
+          # Append in the options for subprocess
+          cmd << { notify: [:stdout, :stderr] }
+
+          interrupted  = false
+          int_callback = ->{ interrupted = true }
+          result = ::Vagrant::Util::Busy.busy(int_callback) do
+            ::Vagrant::Util::Subprocess.execute(*cmd, &block)
+          end
+
+          result.stderr.gsub!("\r\n", "\n")
+          result.stdout.gsub!("\r\n", "\n")
+
+          if result.exit_code != 0 && !interrupted
+            raise Errors::ExecuteError,
+              command: cmd.inspect,
+              stderr: result.stderr,
+              stdout: result.stdout
+          end
+
+          if opts
+            if opts[:with_stderr]
+              return result.stdout + " " + result.stderr
+            else
+              return result.stdout
+            end
+          end
+        end
+
+        def windows?
+          ::Vagrant::Util::Platform.windows? || ::Vagrant::Util::Platform.wsl?
+        end
+      end
+    end
+  end
+end

data/lib/vagrant/podman/executor/vagrant.rb

@@ -0,0 +1,88 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+require "vagrant/util/shell_quote"
+
+module VagrantPlugins
+  module PodmanProvider
+    module Executor
+      # The Vagrant executor runs Podman over SSH against the given
+      # Vagrant-managed machine.
+      class Vagrant
+        def initialize(host_machine)
+          @host_machine = host_machine
+        end
+
+        def execute(*cmd, **opts, &block)
+          quote = '"'
+          cmd   = cmd.map do |a|
+            "#{quote}#{::Vagrant::Util::ShellQuote.escape(a, quote)}#{quote}"
+          end.join(" ")
+
+          # If we want stdin, we just run in a full subprocess
+          return ssh_run(cmd) if opts[:stdin]
+
+          # Add a start fence so we know when to start reading output.
+          # We have to do this because boot2podman outputs a login shell
+          # boot2podman version that we get otherwise and messes up output.
+          start_fence = "========== VAGRANT PODMAN BEGIN =========="
+          ssh_cmd     = "echo -n \"#{start_fence}\"; #{cmd}"
+
+          stderr = ""
+          stdout = ""
+          fenced = false
+          comm   = @host_machine.communicate
+          code   = comm.execute(ssh_cmd, error_check: false) do |type, data|
+            next if ![:stdout, :stderr].include?(type)
+            stderr << data if type == :stderr
+            stdout << data if type == :stdout
+
+            if !fenced
+              index = stdout.index(start_fence)
+              if index
+                fenced = true
+
+                index += start_fence.length
+                stdout = stdout[index..-1]
+                stdout.chomp!
+
+                # We're now fenced, send all the data through
+                if block
+                  block.call(:stdout, stdout) if stdout != ""
+                  block.call(:stderr, stderr) if stderr != ""
+                end
+              end
+            else
+              # If we're already fenced, just send the data through.
+              block.call(type, data) if block && fenced
+            end
+          end
+
+          if code != 0
+            raise Errors::ExecuteError,
+              command: cmd,
+              stderr: stderr.chomp,
+              stdout: stdout.chomp
+          end
+
+          stdout.chomp
+        end
+
+        def windows?
+          false
+        end
+
+        protected
+
+        def ssh_run(cmd)
+          @host_machine.action(
+            :ssh_run,
+            ssh_run_command: cmd,
+          )
+
+          ""
+        end
+      end
+    end
+  end
+end

data/lib/vagrant/podman/hostmachine/Vagrantfile

@@ -0,0 +1,3 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = "hashicorp/boot2podman"
+end