Add `Command` type #258

jakecorrenti · 2023-08-10T19:40:39Z

Adds the Command type which allows projects to generate a properly formatted gvproxy command in the form of a string slice without hard-coding it. Adds the functionality to convert Command to a format in which os/exec can directly execute it.

cfergeau

Minor Pidfile -> PidFile needed, otherwise looks good to me!

pkg/types/command.go

Adds the `Command` type which allows projects to generate a properly formatted gvproxy command in the form of a string slice without hard-coding it. Adds the functionality to convert `Command` to a format in which os/exec can directly execute it. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

cfergeau

/lgtm
/approve

openshift-ci · 2023-08-16T14:22:19Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cfergeau, jakecorrenti

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [cfergeau]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

cfergeau · 2023-08-16T14:29:32Z

make lint reports 2 issues:

golangci-lint run
pkg/types/command.go:192:9: G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)
	return exec.Command(gvproxyPath, c.ToCmdline()...)
	       ^
pkg/types/command.go:88:2: S1036: unnecessary guard around map access (gosimple)
	if _, ok := c.forwardInfo[flag]; ok {
	^
make: *** [Makefile:45: lint] Error 1

jakecorrenti · 2023-08-16T14:49:04Z

Ok, I'll make a new PR for the changes

Fixes golangci-lint errors introduced by containers#258 Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

Fixes golangci-lint errors introduced by containers#258 If `gosec` linting is enabled for the return statement in `Cmd`, an error will be returned: `G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)`. This error tries to make sure a user cannot provide a binary that could cause harm to the system. However, since the binary path is sanitized and the arguments are generated by gvproxy, this should be safe to ignore. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

Fixes golangci-lint errors introduced by containers#258 If `gosec` linting is enabled for the return statement in `Cmd`, an error will be returned: `G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)`. This error tries to make sure a user cannot provide a binary that could cause harm to the system. We can't do much about this since the binary is externally provided. It is up to the caller to make sure they don't provide a "dangerous" binary. Therefore, it's ok that we ignore this linting error. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

Fixes golangci-lint errors introduced by #258 If `gosec` linting is enabled for the return statement in `Cmd`, an error will be returned: `G204: Subprocess launched with a potential tainted input or cmd arguments (gosec)`. This error tries to make sure a user cannot provide a binary that could cause harm to the system. We can't do much about this since the binary is externally provided. It is up to the caller to make sure they don't provide a "dangerous" binary. Therefore, it's ok that we ignore this linting error. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

Converts the host networking code in `podman machine` to use the `Command` type introduced in containers/gvisor-tap-vsock#258 [NO NEW TESTS NEEDED] Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

Converts the host networking code in `podman machine` to use the `GvproxyCommand` type introduced in containers/gvisor-tap-vsock#258 [NO NEW TESTS NEEDED] Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

jakecorrenti force-pushed the config-to-cmdline branch 2 times, most recently from 6d88b0d to 69b0d7d Compare August 11, 2023 15:39

cfergeau reviewed Aug 16, 2023

View reviewed changes

pkg/types/command.go Outdated Show resolved Hide resolved

pkg/types/command.go Outdated Show resolved Hide resolved

jakecorrenti force-pushed the config-to-cmdline branch from 69b0d7d to 4818381 Compare August 16, 2023 13:30

cfergeau approved these changes Aug 16, 2023

View reviewed changes

openshift-ci bot assigned cfergeau Aug 16, 2023

openshift-ci bot added the lgtm label Aug 16, 2023

openshift-ci bot added the approved label Aug 16, 2023

openshift-merge-robot merged commit 26b7109 into containers:main Aug 16, 2023
13 of 15 checks passed

cfergeau mentioned this pull request Aug 17, 2023

Misc build changes #260

Merged

jakecorrenti added a commit to jakecorrenti/gvisor-tap-vsock that referenced this pull request Aug 17, 2023

Fix golangci-lint errors

e0d0584

Fixes golangci-lint errors introduced by containers#258 Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>

jakecorrenti mentioned this pull request Aug 17, 2023

Fix golangci-lint errors #261

Merged

jakecorrenti mentioned this pull request Aug 23, 2023

Implement gvproxy networking using cmdline wrapper containers/podman#19723

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add `Command` type #258

Add `Command` type #258

jakecorrenti commented Aug 10, 2023

cfergeau left a comment

cfergeau left a comment

openshift-ci bot commented Aug 16, 2023

cfergeau commented Aug 16, 2023

jakecorrenti commented Aug 16, 2023

Add Command type #258

Add Command type #258

Conversation

jakecorrenti commented Aug 10, 2023

cfergeau left a comment

Choose a reason for hiding this comment

cfergeau left a comment

Choose a reason for hiding this comment

openshift-ci bot commented Aug 16, 2023

cfergeau commented Aug 16, 2023

jakecorrenti commented Aug 16, 2023

Add `Command` type #258

Add `Command` type #258