FIXUP: return type for mypy

Ensure that only podman and docker container runtimes can be used
Add a set-container-runtime option to dangerzone-cli
2025-05-05 13:11:49 +02:00 · 2025-03-28 14:24:30 +01:00 · 2025-03-28 14:19:54 +01:00 · 2025-03-28 13:31:23 +01:00 · 2025-03-28 13:30:32 +01:00
4 changed files with 44 additions and 6 deletions
--- a/dangerzone/cli.py
+++ b/dangerzone/cli.py
@ -11,6 +11,7 @@ from .isolation_provider.container import Container
 from .isolation_provider.dummy import Dummy
 from .isolation_provider.qubes import Qubes, is_qubes_native_conversion
 from .logic import DangerzoneCore
+from .settings import Settings
 from .util import get_version, replace_control_chars


@ -48,6 +49,11 @@ def print_header(s: str) -> None:
    flag_value=True,
    help="Run Dangerzone in debug mode, to get logs from gVisor.",
 )
+@click.option(
+    "--set-container-runtime",
+    required=False,
+    help="The path to the container runtime you want to set in the settings",
+)
@click.version_option(version=get_version(), message="%(version)s")
@errors.handle_document_errors
 def cli_main(
@ -57,8 +63,14 @@ def cli_main(
    archive: bool,
    dummy_conversion: bool,
    debug: bool,
+    set_container_runtime: Optional[str] = None,
 ) -> None:
    setup_logging()
+    display_banner()
+    if set_container_runtime:
+        settings = Settings()
+        settings.set("container_runtime", set_container_runtime, autosave=True)
+        click.echo(f"Set the settings container_runtime to {set_container_runtime}")

    if getattr(sys, "dangerzone_dev", False) and dummy_conversion:
        dangerzone = DangerzoneCore(Dummy())
@ -67,7 +79,6 @@ def cli_main(
    else:
        dangerzone = DangerzoneCore(Container(debug=debug))

-    display_banner()
    if len(filenames) == 1 and output_filename:
        dangerzone.add_document_from_filename(filenames[0], output_filename, archive)
    elif len(filenames) > 1 and output_filename:
@ -320,4 +331,10 @@ def display_banner() -> None:
        + Style.DIM
        + "│"
    )
-    print(Back.BLACK + Fore.YELLOW + Style.DIM + "╰──────────────────────────╯")
+    print(
+        Back.BLACK
+        + Fore.YELLOW
+        + Style.DIM
+        + "╰──────────────────────────╯"
+        + Style.RESET_ALL
+    )
--- a/dangerzone/container_utils.py
+++ b/dangerzone/container_utils.py
@ -21,6 +21,8 @@ class Runtime(object):

        if settings.custom_runtime_specified():
            self.path = Path(settings.get("container_runtime"))
+            if not self.path.exists():
+                raise errors.UnsupportedContainerRuntime(self.path)
            self.name = self.path.stem
        else:
            self.name = self.get_default_runtime_name()
@ -29,6 +31,9 @@ class Runtime(object):
                raise errors.NoContainerTechException(self.name)
            self.path = Path(binary_path)

+        if self.name not in ("podman", "docker"):
+            raise errors.UnsupportedContainerRuntime(self.name)
+
    @staticmethod
    def get_default_runtime_name() -> str:
        return "podman" if platform.system() == "Linux" else "docker"
--- a/dangerzone/errors.py
+++ b/dangerzone/errors.py
@ -140,3 +140,7 @@ class NotAvailableContainerTechException(Exception):
        self.error = error
        self.container_tech = container_tech
        super().__init__(f"{container_tech} is not available")
+
+
+class UnsupportedContainerRuntime(Exception):
+    pass
--- a/tests/test_container_utils.py
+++ b/tests/test_container_utils.py
@ -1,20 +1,21 @@
 from pathlib import Path

+import pytest
 from pytest_mock import MockerFixture

+from dangerzone import errors
 from dangerzone.container_utils import Runtime
 from dangerzone.settings import Settings


 def test_get_runtime_name_from_settings(mocker: MockerFixture, tmp_path: Path) -> None:
    mocker.patch("dangerzone.settings.get_config_dir", return_value=tmp_path)
+    mocker.patch("dangerzone.container_utils.Path.exists", return_value=True)

    settings = Settings()
-    settings.set(
-        "container_runtime", "/opt/somewhere/new-kid-on-the-block", autosave=True
-    )
+    settings.set("container_runtime", "/opt/somewhere/docker", autosave=True)

-    assert Runtime().name == "new-kid-on-the-block"
+    assert Runtime().name == "docker"


 def test_get_runtime_name_linux(mocker: MockerFixture, tmp_path: Path) -> None:
@ -46,3 +47,14 @@ def test_get_runtime_name_non_linux(mocker: MockerFixture, tmp_path: Path) -> No
    assert runtime.name == "docker"
    assert runtime.path == Path("/usr/bin/docker")
    assert Runtime().name == "docker"
+
+
+def test_get_unsupported_runtime_name(mocker: MockerFixture, tmp_path: Path) -> None:
+    mocker.patch("dangerzone.settings.get_config_dir", return_value=tmp_path)
+    settings = Settings()
+    settings.set(
+        "container_runtime", "/opt/somewhere/new-kid-on-the-block", autosave=True
+    )
+
+    with pytest.raises(errors.UnsupportedContainerRuntime):
+        assert Runtime().name == "new-kid-on-the-block"
Author	SHA1	Message	Date
Alexis Métaireau	6c8a75732e	FIXUP: return type for mypy	2025-03-28 14:24:30 +01:00
Alexis Métaireau	2a29cf7c27	Ensure that only podman and docker container runtimes can be used	2025-03-28 14:19:54 +01:00
Alexis Métaireau	73d7a46690	Add a `set-container-runtime` option to `dangerzone-cli` This sets the container runtime in the settings, and provides an easy way to do so for users, without having to mess with the json settings.	2025-03-28 13:31:23 +01:00
Alexis Métaireau	2e254ee0fa	Reset terminal colors after printing the banner	2025-03-28 13:30:32 +01:00