From: Daniel-Pivonka <dpivonka@redhat.com>
Date: Tue, 17 Nov 2020 19:05:05 +0000 (-0500)
Subject: cephadm: fix podman failure to pull authenticated registry image from systemd unit
X-Git-Tag: v16.1.0~86^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F38141%2Fhead;p=ceph.git

cephadm: fix podman failure to pull authenticated registry image from systemd unit

have podman keep auth file in /var/lic/ceph/<fsid> becasue podman commands run from systemd do not have access to the default location and the default location is not consistant depending on the user logged in as, where your using sudo or not.

Signed-off-by: Daniel-Pivonka <dpivonka@redhat.com>
---

diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm
index 2b18283dfefe..55fa04da7044 100755
--- a/src/cephadm/cephadm
+++ b/src/cephadm/cephadm
@@ -2597,6 +2597,10 @@ class CephContainer:
             '--rm',
             '--ipc=host',
         ]
+
+        if 'podman' in container_path and os.path.exists('/etc/ceph/podman-auth.json'):
+            cmd_args.append('--authfile=/etc/ceph/podman-auth.json')
+
         envs: List[str] = [
             '-e', 'CONTAINER_IMAGE=%s' % self.image,
             '-e', 'NODE_NAME=%s' % get_hostname(),
@@ -2739,6 +2743,8 @@ def _pull_image(image):
     ]
 
     cmd = [container_path, 'pull', image]
+    if 'podman' in container_path and os.path.exists('/etc/ceph/podman-auth.json'):
+            cmd.append('--authfile=/etc/ceph/podman-auth.json')
     cmd_str = ' '.join(cmd)
 
     for sleep_secs in [1, 4, 25]:
@@ -3392,10 +3398,14 @@ def command_registry_login():
 def registry_login(url, username, password):
     logger.info("Logging into custom registry.")
     try:
-        out, _, _ = call_throws([container_path, 'login',
-                                   '-u', username,
-                                   '-p', password,
-                                   url])
+        cmd = [container_path, 'login',
+               '-u', username, '-p', password,
+               url]
+        if 'podman' in container_path:
+            cmd.append('--authfile=/etc/ceph/podman-auth.json')
+        out, _, _ = call_throws(cmd)
+        if 'podman' in container_path:
+            os.chmod('/etc/ceph/podman-auth.json', 0o600)
     except:
         raise Error("Failed to login to custom registry @ %s as %s with given password" % (args.registry_url, args.registry_username))
 
@@ -3870,7 +3880,7 @@ def list_daemons(detail=True, legacy_dir=None):
             elif is_fsid(i):
                 fsid = str(i)  # convince mypy that fsid is a str here
                 for j in os.listdir(os.path.join(data_dir, i)):
-                    if '.' in j:
+                    if '.' in j and os.path.isdir(os.path.join(data_dir, fsid, j)):
                         name = j
                         (daemon_type, daemon_id) = j.split('.', 1)
                         unit_name = get_unit_name(fsid,