From 894f4febda1d7da5d3f47e1003b29b339b1f8cd4 Mon Sep 17 00:00:00 2001 From: Matej Vasek Date: Wed, 14 Jul 2021 21:47:28 +0200 Subject: [PATCH] fix: do not trust builder when using podman (#420) Signed-off-by: Matej Vasek --- buildpacks/builder.go | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/buildpacks/builder.go b/buildpacks/builder.go index 7c93df753b..e2869090b3 100644 --- a/buildpacks/builder.go +++ b/buildpacks/builder.go @@ -80,18 +80,6 @@ func (builder *Builder) Build(ctx context.Context, f fn.Function) (err error) { network = "host" } - packOpts := pack.BuildOptions{ - AppPath: f.Root, - Image: f.Image, - Builder: packBuilder, - TrustBuilder: strings.HasPrefix(packBuilder, "quay.io/boson"), - DockerHost: os.Getenv("DOCKER_HOST"), - ContainerConfig: struct { - Network string - Volumes []string - }{Network: network, Volumes: nil}, - } - // log output is either STDOUt or kept in a buffer to be printed on error. var logWriter io.Writer if builder.Verbose { @@ -111,6 +99,31 @@ func (builder *Builder) Build(ctx context.Context, f fn.Function) (err error) { return err } + version, err := dockerClient.ServerVersion(ctx) + if err != nil { + return err + } + + var deamonIsPodman bool + for _, component := range version.Components { + if component.Name == "Podman Engine" { + deamonIsPodman = true + break + } + } + + packOpts := pack.BuildOptions{ + AppPath: f.Root, + Image: f.Image, + Builder: packBuilder, + TrustBuilder: !deamonIsPodman && strings.HasPrefix(packBuilder, "quay.io/boson"), + DockerHost: os.Getenv("DOCKER_HOST"), + ContainerConfig: struct { + Network string + Volumes []string + }{Network: network, Volumes: nil}, + } + dockerClientWrapper := &clientWrapper{dockerClient} packClient, err := pack.NewClient(pack.WithLogger(logging.New(logWriter)), pack.WithDockerClient(dockerClientWrapper)) if err != nil {