Use podman instead of docker.

tools/build_and_up_all_containers.sh

@@ -18,9 +18,9 @@ while IFS="" read -u 3 -r SERVICE_PATH
 do
     pushd "${SERVICE_PATH%/*}"
     pwd
-    docker-compose pull || { fail_one "pull" ; continue ; }
+    podman-compose pull || { fail_one "pull" ; continue ; }
-    docker-compose build --no-cache || { fail_one "build" ; continue ; }
+    podman-compose build --no-cache || { fail_one "build" ; continue ; }
-    docker-compose up -d || { fail_one "switch to newly built container" ; continue ; }
+    podman-compose up -d || { fail_one "switch to newly built container" ; continue ; }
 
     popd
 done 3< <( find . -iname "compose.yaml" )

tools/containers_check_update_rebuild_switch.sh

@@ -24,7 +24,7 @@ CONTAINER_IDS=( "$@" )
 if [[ "${#CONTAINER_IDS[@]}" == 0 ]]
 then
     echo "No container ID supplied on command line, doing them all."
-    mapfile -t CONTAINER_IDS < <( docker ps --format "{{.ID}}" )
+    mapfile -t CONTAINER_IDS < <( podman ps --format "{{.ID}}" )
 fi
 
 RC=0
@@ -36,7 +36,7 @@ for CONTAINER_ID in "${CONTAINER_IDS[@]}"
 do
     echo "Processing $CONTAINER_ID"
     TMPFILE=$(mktemp)
-    docker exec -u root $CONTAINER_ID bash -c "export LC_ALL=C ; apt-get update ; apt-get upgrade -y --dry-run" | tee $TMPFILE
+    podman exec -u root $CONTAINER_ID bash -c "export LC_ALL=C ; apt-get update ; apt-get upgrade -y --dry-run" | tee $TMPFILE
     trap "rm $TMPFILE" EXIT
     if grep "0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded." $TMPFILE
     then
@@ -44,13 +44,13 @@ do
 	continue
     fi
 
-    PATH_OF_CONTAINER="$( docker inspect --format='{{ index .Config.Labels "com.docker.compose.project.working_dir" }}' $CONTAINER_ID )"
+    PATH_OF_CONTAINER="$( podman inspect --format='{{ index .Config.Labels "com.docker.compose.project.working_dir" }}' $CONTAINER_ID )"
-    NAME_OF_CONTAINER="$( docker inspect --format='{{ .Name }}' $CONTAINER_ID )"
+    NAME_OF_CONTAINER="$( podman inspect --format='{{ .Name }}' $CONTAINER_ID )"
 
     echo "IMPORTANT: building a new, up-to-date, container $NAME_OF_CONTAINER from $PATH_OF_CONTAINER"
 
     cd $PATH_OF_CONTAINER
-    docker-compose --no-ansi pull || { fail_one "pull" ; continue ; }
+    podman-compose --no-ansi pull || { fail_one "pull" ; continue ; }
-    docker-compose --no-ansi build --no-cache || { fail_one "build" ; continue ; }
+    podman-compose --no-ansi build --no-cache || { fail_one "build" ; continue ; }
-    docker-compose --no-ansi up -d || { fail_one "switch to newly built container" ; continue ; }
+    podman-compose --no-ansi up -d || { fail_one "switch to newly built container" ; continue ; }
 done

tools/ensure_infra_user_exists.sh

@@ -22,7 +22,7 @@ function is_user_conforming()
 
     find $THD -not -user $TUN | grep . && { echo >&2 "Files not owned by user $TUN in $THD" ; return 6 ; }
 
-    id -nGz $TUN | grep -qzxF "docker" || { echo >&2 "User not in docker group" ; return 7 ; }
+    # id -nGz $TUN | grep -qzxF "docker" || { echo >&2 "User not in docker group" ; return 7 ; } # not needed with podman
 
     echo "All correct"
     return 0
@@ -38,7 +38,7 @@ then
     fi
     adduser --$ADDUSER_OPT "Dedicated user for gourichon infrastructure" --disabled-password --home $THD --gecos "" $TUN
 
-    adduser $TUN docker
+    # adduser $TUN docker # not needed with podman
 
     mkdir -p $THD/.ssh
     chmod 700 $THD/.ssh