fix: do not trust builder when using podman (#420)

Signed-off-by: Matej Vasek <mvasek@redhat.com>
knative · Jul 14, 2021 · 894f4fe · 894f4fe
1 parent c2c1b99
commit 894f4fe
Showing 1 changed file with 25 additions and 12 deletions.
diff --git a/buildpacks/builder.go b/buildpacks/builder.go
@@ -80,18 +80,6 @@ func (builder *Builder) Build(ctx context.Context, f fn.Function) (err error) {
 		network = "host"
 	}
 
-	packOpts := pack.BuildOptions{
-		AppPath:      f.Root,
-		Image:        f.Image,
-		Builder:      packBuilder,
-		TrustBuilder: strings.HasPrefix(packBuilder, "quay.io/boson"),
-		DockerHost:   os.Getenv("DOCKER_HOST"),
-		ContainerConfig: struct {
-			Network string
-			Volumes []string
-		}{Network: network, Volumes: nil},
-	}
-
 	// log output is either STDOUt or kept in a buffer to be printed on error.
 	var logWriter io.Writer
 	if builder.Verbose {
@@ -111,6 +99,31 @@ func (builder *Builder) Build(ctx context.Context, f fn.Function) (err error) {
 		return err
 	}
 
+	version, err := dockerClient.ServerVersion(ctx)
+	if err != nil {
+		return err
+	}
+
+	var deamonIsPodman bool
+	for _, component := range version.Components {
+		if component.Name == "Podman Engine" {
+			deamonIsPodman = true
+			break
+		}
+	}
+
+	packOpts := pack.BuildOptions{
+		AppPath:      f.Root,
+		Image:        f.Image,
+		Builder:      packBuilder,
+		TrustBuilder: !deamonIsPodman && strings.HasPrefix(packBuilder, "quay.io/boson"),
+		DockerHost:   os.Getenv("DOCKER_HOST"),
+		ContainerConfig: struct {
+			Network string
+			Volumes []string
+		}{Network: network, Volumes: nil},
+	}
+
 	dockerClientWrapper := &clientWrapper{dockerClient}
 	packClient, err := pack.NewClient(pack.WithLogger(logging.New(logWriter)), pack.WithDockerClient(dockerClientWrapper))
 	if err != nil {