Remove ACLOnlyHost from RuntimeConfig

See lf-edge#827 Signed-off-by: Pavel Abramov <uncle.decart@gmail.com>
uncleDecart · Dec 15, 2022 · 8b23e40 · 8b23e40
1 parent 06f1748
commit 8b23e40
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 6 deletions.
diff --git a/cmd/edenPod.go b/cmd/edenPod.go
@@ -86,6 +86,7 @@ func newPodDeployCmd(cfg *openevec.EdenSetupArgs) *cobra.Command {
 	var imageFormat string
 	var sftpLoad, directLoad, openStackMetadata bool
 	var datastoreOverride string
+	var aclOnlyHost bool
 
 	var podDeployCmd = &cobra.Command{
 		Use:   "deploy (docker|http(s)|file|directory)://(<TAG|PATH>[:<VERSION>] | <URL for qcow2 image> | <path to qcow2 image>)",
@@ -94,7 +95,7 @@ func newPodDeployCmd(cfg *openevec.EdenSetupArgs) *cobra.Command {
 		Args:  cobra.ExactArgs(1),
 		Run: func(cmd *cobra.Command, args []string) {
 			appLink := args[0]
-			if err := openevec.PodDeploy(appLink, podName, podMetadata, registry, podNetworks, portPublish, acl, vlans, mount, disks, profiles, appAdapters, noHyper, vncDisplay, vncPassword, diskSize, volumeSize, appMemory, volumeType, appCpus, pinCpus, imageFormat, sftpLoad, directLoad, openStackMetadata, datastoreOverride, cfg); err != nil {
+			if err := openevec.PodDeploy(appLink, podName, podMetadata, registry, podNetworks, portPublish, acl, vlans, mount, disks, profiles, appAdapters, noHyper, vncDisplay, vncPassword, diskSize, volumeSize, appMemory, volumeType, appCpus, pinCpus, imageFormat, sftpLoad, directLoad, openStackMetadata, datastoreOverride, aclOnlyHost, cfg); err != nil {
 				log.Fatal(err)
 			}
 		},
@@ -112,7 +113,7 @@ func newPodDeployCmd(cfg *openevec.EdenSetupArgs) *cobra.Command {
 	podDeployCmd.Flags().StringSliceVar(&appAdapters, "adapters", nil, "adapters to assign to the application instance")
 	podDeployCmd.Flags().StringSliceVar(&podNetworks, "networks", nil, "Networks to connect to app (ports will be mapped to first network). May have <name:[MAC address]> notation.")
 	podDeployCmd.Flags().StringVar(&imageFormat, "format", "", "format for image, one of 'container','qcow2','raw','qcow','vmdk','vhdx'; if not provided, defaults to container image for docker and oci transports, qcow2 for file and http/s transports")
-	podDeployCmd.Flags().BoolVar(&cfg.Runtime.ACLOnlyHost, "only-host", false, "Allow access only to host and external networks")
+	podDeployCmd.Flags().BoolVar(&aclOnlyHost, "only-host", false, "Allow access only to host and external networks")
 	podDeployCmd.Flags().BoolVar(&noHyper, "no-hyper", false, "Run pod without hypervisor")
 	podDeployCmd.Flags().StringVar(&registry, "registry", "remote", "Select registry to use for containers (remote/local)")
 	podDeployCmd.Flags().BoolVar(&directLoad, "direct", true, "Use direct download for image instead of eserver")
@@ -284,7 +285,6 @@ func newPodModifyCmd(cfg *openevec.EdenSetupArgs) *cobra.Command {
 	}
 
 	podModifyCmd.Flags().StringSliceVarP(&portPublish, "publish", "p", nil, "Ports to publish in format EXTERNAL_PORT:INTERNAL_PORT")
-	podModifyCmd.Flags().BoolVar(&cfg.Runtime.ACLOnlyHost, "only-host", false, "Allow access only to host and external networks")
 	podModifyCmd.Flags().StringSliceVar(&podNetworks, "networks", nil, "Networks to connect to app (ports will be mapped to first network). May have <name:[MAC address]> notation.")
 	podModifyCmd.Flags().StringSliceVar(&acl, "acl", nil, `Allow access only to defined hosts/ips/subnets.
 Without explicitly configured ACLs, all traffic is allowed.

diff --git a/pkg/openevec/config.go b/pkg/openevec/config.go
@@ -147,7 +147,6 @@ type RegistryConfig struct {
 }
 
 type RuntimeConfig struct {
-	ACLOnlyHost  bool   `cobraflag:"only-host"`
 	StartDelay   uint32 `cobraflag:"start-delay"`
 	Host         string `cobraflag:"eve-host"`
 	SshPort      int    `cobraflag:"eve-ssh-port"`

diff --git a/pkg/openevec/pod.go b/pkg/openevec/pod.go
@@ -66,7 +66,7 @@ func processVLANs(vlans []string) (map[string]int, error) {
 	return m, nil
 }
 
-func PodDeploy(appLink, podName, podMetadata, registry string, podNetworks, portPublish, acl, vlans, mount, disks, profiles, appAdapters []string, noHyper bool, vncDisplay uint32, vncPassword, diskSize, volumeSize, appMemory, volumeType string, appCpus uint32, pinCpus bool, imageFormat string, sftpLoad, directLoad, openStackMetadata bool, datastoreOverride string, cfg *EdenSetupArgs) error {
+func PodDeploy(appLink, podName, podMetadata, registry string, podNetworks, portPublish, acl, vlans, mount, disks, profiles, appAdapters []string, noHyper bool, vncDisplay uint32, vncPassword, diskSize, volumeSize, appMemory, volumeType string, appCpus uint32, pinCpus bool, imageFormat string, sftpLoad, directLoad, openStackMetadata bool, datastoreOverride string, aclOnlyHost bool, cfg *EdenSetupArgs) error {
 	changer := &adamChanger{}
 	ctrl, dev, err := changer.getControllerAndDev()
 	if err != nil {
@@ -106,7 +106,7 @@ func PodDeploy(appLink, podName, podMetadata, registry string, podNetworks, port
 	opts = append(opts, expect.WithVolumeType(expect.VolumeTypeByName(volumeType)))
 	opts = append(opts, expect.WithResources(appCpus, uint32(appMemoryParsed/1000)))
 	opts = append(opts, expect.WithImageFormat(imageFormat))
-	if cfg.Runtime.ACLOnlyHost {
+	if aclOnlyHost {
 		opts = append(opts, expect.WithACL(map[string][]expect.ACE{
 			"": {{Endpoint: defaults.DefaultHostOnlyNotation}},
 		}))