Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Building a container from Dockerfile with WORKDIR
+ using --mount=type=secret
with relative destination path leads to inconsistent behavior.
Steps to reproduce the issue:
- Create Dockerfile and Makefile:
Dockerfile:
FROM docker.io/ubuntu:22.04
WORKDIR /somedir
RUN --mount=type=secret,id=secret-foo,dst=secret1.txt --mount=type=secret,id=secret-bar,dst=secret2.txt \
printf "PWD=%s\n" "$(pwd)" && ls -la && ls -la / && stat secret1.txt && stat secret2.txt && \
cp secret1.txt /root/secret-foo.txt && \
cp secret2.txt /root/secret-bar.txt
Makefile:
DOCKER ?= docker
.PHONY: build-container
build-container:
rm -rf build
mkdir build
echo "secret:foo" >build/secret1.txt
echo "secret:bar" >build/secret2.txt
DOCKER_BUILDKIT=1 BUILDKIT_PROGRESS=plain $(DOCKER) build --no-cache --secret id=secret-foo,src=build/secret1.txt --secret id=secret-bar,src=build/secret2.txt -t defanator/example:tag1 .
$(DOCKER) run --rm -t -i defanator/example:tag1 cat /root/secret-foo.txt
$(DOCKER) run --rm -t -i defanator/example:tag1 cat /root/secret-bar.txt
$(DOCKER) rmi defanator/example:tag1
- Run
DOCKER=podman make
.
Describe the results you received:
Secrets are being created in /
, while commands are being executed under /somedir
:
$ DOCKER=podman make
rm -rf build
mkdir build
echo "secret:foo" >build/secret1.txt
echo "secret:bar" >build/secret2.txt
DOCKER_BUILDKIT=1 BUILDKIT_PROGRESS=plain podman build --no-cache --secret id=secret-foo,src=build/secret1.txt --secret id=secret-bar,src=build/secret2.txt -t defanator/example:tag1 .
STEP 1/3: FROM docker.io/ubuntu:22.04
STEP 2/3: WORKDIR /somedir
--> 6c8838cf3a4
STEP 3/3: RUN --mount=type=secret,id=secret-foo,dst=secret1.txt --mount=type=secret,id=secret-bar,dst=secret2.txt printf "PWD=%s\n" "$(pwd)" && ls -la && ls -la / && stat secret1.txt && stat secret2.txt && cp secret1.txt /root/secret-foo.txt && cp secret2.txt /root/secret-bar.txt
PWD=/somedir
total 0
drwxr-xr-x. 2 root root 80 Jan 2 10:55 .
dr-xr-xr-x. 18 root root 100 Jan 2 10:55 ..
total 8
dr-xr-xr-x. 18 root root 100 Jan 2 10:55 .
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 bin -> usr/bin
drwxr-xr-x. 2 root root 40 Apr 18 2022 boot
drwxr-xr-x. 5 root root 340 Jan 2 10:55 dev
drwxr-xr-x. 31 root root 1440 Nov 30 02:07 etc
drwxr-xr-x. 2 root root 40 Apr 18 2022 home
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib32 -> usr/lib32
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib64 -> usr/lib64
lrwxrwxrwx. 1 root root 10 Nov 30 02:04 libx32 -> usr/libx32
drwxr-xr-x. 2 root root 40 Nov 30 02:04 media
drwxr-xr-x. 2 root root 40 Nov 30 02:04 mnt
drwxr-xr-x. 2 root root 40 Nov 30 02:04 opt
dr-xr-xr-x. 307 nobody nogroup 0 Jan 2 10:55 proc
drwx------. 2 root root 80 Nov 30 02:07 root
drwxr-xr-x. 6 root root 80 Jan 2 10:55 run
lrwxrwxrwx. 1 root root 8 Nov 30 02:04 sbin -> usr/sbin
-r--------. 1 root root 11 Jan 2 10:55 secret1.txt
-r--------. 1 root root 11 Jan 2 10:55 secret2.txt
drwxr-xr-x. 2 root root 80 Jan 2 10:55 somedir
drwxr-xr-x. 2 root root 40 Nov 30 02:04 srv
dr-xr-xr-x. 13 nobody nogroup 0 Jan 2 05:48 sys
drwxrwxrwt. 2 root root 40 Nov 30 02:07 tmp
drwxr-xr-x. 14 root root 280 Nov 30 02:04 usr
drwxr-xr-x. 11 root root 260 Nov 30 02:07 var
stat: cannot statx 'secret1.txt': No such file or directory
Error: building at STEP "RUN --mount=type=secret,id=secret-foo,dst=secret1.txt --mount=type=secret,id=secret-bar,dst=secret2.txt printf "PWD=%s\n" "$(pwd)" && ls -la && ls -la / && stat secret1.txt && stat secret2.txt && cp secret1.txt /root/secret-foo.txt && cp secret2.txt /root/secret-bar.txt": while running runtime: exit status 1
make: *** [Makefile:9: build-container] Error 1
Describe the results you expected:
Successful build + run with secrets created in /somedir
:
% DOCKER=docker make
rm -rf build
mkdir build
echo "secret:foo" >build/secret1.txt
echo "secret:bar" >build/secret2.txt
DOCKER_BUILDKIT=1 BUILDKIT_PROGRESS=plain docker build --no-cache --secret id=secret-foo,src=build/secret1.txt --secret id=secret-bar,src=build/secret2.txt -t defanator/example:tag1 .
containers/podman#1 [internal] load build definition from Dockerfile
containers/podman#1 sha256:956e81e187c4ea4dc450871b18ae84ab976c49582e3bea65caf50ea0a79a9705
containers/podman#1 transferring dockerfile: 37B done
containers/podman#1 DONE 0.0s
containers/podman#2 [internal] load .dockerignore
containers/podman#2 sha256:7c24936d078707145f864038bef4b8e7b4e5a03304c2868a047c035c62162948
containers/podman#2 transferring context: 2B done
containers/podman#2 DONE 0.0s
containers/podman#3 [internal] load metadata for docker.io/library/ubuntu:22.04
containers/podman#3 sha256:bb6615d6728e62d4ed2a35dd58ee60e0f7b38bf575e6e24f49f6804d1f20ad90
containers/podman#3 DONE 0.0s
containers/podman#4 [1/3] FROM docker.io/library/ubuntu:22.04
containers/podman#4 sha256:cdc6c23330729686ac5f85a03a4f1099b9aac0474f5235d6e7014170e77af427
containers/podman#4 DONE 0.0s
containers/podman#5 [2/3] WORKDIR /somedir
containers/podman#5 sha256:de48d2aee164955e5a46b60b23669598af66b88de3d5de6d7376cf5b8f7c2a06
containers/podman#5 CACHED
containers/podman#6 [3/3] RUN --mount=type=secret,id=secret-foo,dst=secret1.txt --mount=type=secret,id=secret-bar,dst=secret2.txt printf "PWD=%s\n" "$(pwd)" && ls -la && ls -la / && stat secret1.txt && stat secret2.txt && cp secret1.txt /root/secret-foo.txt && cp secret2.txt /root/secret-bar.txt
containers/podman#6 sha256:311ee95bba27f37488c9149037523cdf14690b288661537cc5bafca7e2ac4274
containers/podman#6 0.243 PWD=/somedir
containers/podman#6 0.246 total 16
containers/podman#6 0.246 drwxr-xr-x 1 root root 4096 Jan 2 10:55 .
containers/podman#6 0.246 drwxr-xr-x 1 root root 4096 Jan 2 10:55 ..
containers/podman#6 0.246 -r-------- 1 root root 11 Jan 2 10:55 secret1.txt
containers/podman#6 0.246 -r-------- 1 root root 11 Jan 2 10:55 secret2.txt
containers/podman#6 0.248 total 60
containers/podman#6 0.248 drwxr-xr-x 1 root root 4096 Jan 2 10:55 .
containers/podman#6 0.248 drwxr-xr-x 1 root root 4096 Jan 2 10:55 ..
containers/podman#6 0.248 lrwxrwxrwx 1 root root 7 Aug 15 11:54 bin -> usr/bin
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Apr 18 2022 boot
containers/podman#6 0.248 drwxr-xr-x 5 root root 340 Jan 2 10:55 dev
containers/podman#6 0.248 drwxr-xr-x 31 root root 4096 Aug 15 12:13 etc
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Apr 18 2022 home
containers/podman#6 0.248 lrwxrwxrwx 1 root root 7 Aug 15 11:54 lib -> usr/lib
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Aug 15 11:54 media
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Aug 15 11:54 mnt
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Aug 15 11:54 opt
containers/podman#6 0.248 dr-xr-xr-x 208 root root 0 Jan 2 10:55 proc
containers/podman#6 0.248 drwx------ 2 root root 4096 Aug 15 12:13 root
containers/podman#6 0.248 drwxr-xr-x 5 root root 4096 Aug 15 12:13 run
containers/podman#6 0.248 lrwxrwxrwx 1 root root 8 Aug 15 11:54 sbin -> usr/sbin
containers/podman#6 0.248 drwxr-xr-x 1 root root 4096 Jan 2 10:55 somedir
containers/podman#6 0.248 drwxr-xr-x 2 root root 4096 Aug 15 11:54 srv
containers/podman#6 0.248 dr-xr-xr-x 13 root root 0 Jan 2 10:55 sys
containers/podman#6 0.248 drwxrwxrwt 2 root root 4096 Aug 15 12:13 tmp
containers/podman#6 0.248 drwxr-xr-x 11 root root 4096 Aug 15 11:54 usr
containers/podman#6 0.248 drwxr-xr-x 11 root root 4096 Aug 15 12:13 var
containers/podman#6 0.249 File: secret1.txt
containers/podman#6 0.249 Size: 11 Blocks: 8 IO Block: 4096 regular file
containers/podman#6 0.249 Device: 94h/148d Inode: 2 Links: 1
containers/podman#6 0.249 Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
containers/podman#6 0.249 Access: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.249 Modify: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.249 Change: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.249 Birth: -
containers/podman#6 0.250 File: secret2.txt
containers/podman#6 0.250 Size: 11 Blocks: 8 IO Block: 4096 regular file
containers/podman#6 0.250 Device: 95h/149d Inode: 2 Links: 1
containers/podman#6 0.250 Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
containers/podman#6 0.250 Access: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.250 Modify: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.250 Change: 2023-01-02 10:55:56.046869011 +0000
containers/podman#6 0.250 Birth: -
containers/podman#6 DONE 0.3s
containers/podman#7 exporting to image
containers/podman#7 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00
containers/podman#7 exporting layers done
containers/podman#7 writing image sha256:f767695a2ecb38dc27477fa3c1f0b534233a6ce938eccbf234635921abd610c9 done
containers/podman#7 naming to docker.io/defanator/example:tag1 done
containers/podman#7 DONE 0.0s
Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them
docker run --rm -t -i defanator/example:tag1 cat /root/secret-foo.txt
secret:foo
docker run --rm -t -i defanator/example:tag1 cat /root/secret-bar.txt
secret:bar
docker rmi defanator/example:tag1
Untagged: defanator/example:tag1
Deleted: sha256:f767695a2ecb38dc27477fa3c1f0b534233a6ce938eccbf234635921abd610c9
Running podman
with WORKDIR
commented in Dockerfile works:
$ DOCKER=podman make
rm -rf build
mkdir build
echo "secret:foo" >build/secret1.txt
echo "secret:bar" >build/secret2.txt
DOCKER_BUILDKIT=1 BUILDKIT_PROGRESS=plain podman build --no-cache --secret id=secret-foo,src=build/secret1.txt --secret id=secret-bar,src=build/secret2.txt -t defanator/example:tag1 .
STEP 1/2: FROM docker.io/ubuntu:22.04
STEP 2/2: RUN --mount=type=secret,id=secret-foo,dst=secret1.txt --mount=type=secret,id=secret-bar,dst=secret2.txt printf "PWD=%s\n" "$(pwd)" && ls -la && ls -la / && stat secret1.txt && stat secret2.txt && cp secret1.txt /root/secret-foo.txt && cp secret2.txt /root/secret-bar.txt
PWD=/
total 8
dr-xr-xr-x. 17 root root 80 Jan 2 10:57 .
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 bin -> usr/bin
drwxr-xr-x. 2 root root 40 Apr 18 2022 boot
drwxr-xr-x. 5 root root 340 Jan 2 10:57 dev
drwxr-xr-x. 31 root root 1440 Nov 30 02:07 etc
drwxr-xr-x. 2 root root 40 Apr 18 2022 home
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib32 -> usr/lib32
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib64 -> usr/lib64
lrwxrwxrwx. 1 root root 10 Nov 30 02:04 libx32 -> usr/libx32
drwxr-xr-x. 2 root root 40 Nov 30 02:04 media
drwxr-xr-x. 2 root root 40 Nov 30 02:04 mnt
drwxr-xr-x. 2 root root 40 Nov 30 02:04 opt
dr-xr-xr-x. 313 nobody nogroup 0 Jan 2 10:57 proc
drwx------. 2 root root 80 Nov 30 02:07 root
drwxr-xr-x. 6 root root 80 Jan 2 10:57 run
lrwxrwxrwx. 1 root root 8 Nov 30 02:04 sbin -> usr/sbin
-r--------. 1 root root 11 Jan 2 10:57 secret1.txt
-r--------. 1 root root 11 Jan 2 10:57 secret2.txt
drwxr-xr-x. 2 root root 40 Nov 30 02:04 srv
dr-xr-xr-x. 13 nobody nogroup 0 Jan 2 05:48 sys
drwxrwxrwt. 2 root root 40 Nov 30 02:07 tmp
drwxr-xr-x. 14 root root 280 Nov 30 02:04 usr
drwxr-xr-x. 11 root root 260 Nov 30 02:07 var
total 8
dr-xr-xr-x. 17 root root 100 Jan 2 10:57 .
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 bin -> usr/bin
drwxr-xr-x. 2 root root 40 Apr 18 2022 boot
drwxr-xr-x. 5 root root 340 Jan 2 10:57 dev
drwxr-xr-x. 31 root root 1440 Nov 30 02:07 etc
drwxr-xr-x. 2 root root 40 Apr 18 2022 home
lrwxrwxrwx. 1 root root 7 Nov 30 02:04 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib32 -> usr/lib32
lrwxrwxrwx. 1 root root 9 Nov 30 02:04 lib64 -> usr/lib64
lrwxrwxrwx. 1 root root 10 Nov 30 02:04 libx32 -> usr/libx32
drwxr-xr-x. 2 root root 40 Nov 30 02:04 media
drwxr-xr-x. 2 root root 40 Nov 30 02:04 mnt
drwxr-xr-x. 2 root root 40 Nov 30 02:04 opt
dr-xr-xr-x. 313 nobody nogroup 0 Jan 2 10:57 proc
drwx------. 2 root root 80 Nov 30 02:07 root
drwxr-xr-x. 6 root root 80 Jan 2 10:57 run
lrwxrwxrwx. 1 root root 8 Nov 30 02:04 sbin -> usr/sbin
-r--------. 1 root root 11 Jan 2 10:57 secret1.txt
-r--------. 1 root root 11 Jan 2 10:57 secret2.txt
drwxr-xr-x. 2 root root 40 Nov 30 02:04 srv
dr-xr-xr-x. 13 nobody nogroup 0 Jan 2 05:48 sys
drwxrwxrwt. 2 root root 40 Nov 30 02:07 tmp
drwxr-xr-x. 14 root root 280 Nov 30 02:04 usr
drwxr-xr-x. 11 root root 260 Nov 30 02:07 var
File: secret1.txt
Size: 11 Blocks: 8 IO Block: 4096 regular file
Device: 32h/50d Inode: 511286 Links: 1
Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2023-01-02 10:57:02.245219286 +0000
Modify: 2023-01-02 10:57:02.245219286 +0000
Change: 2023-01-02 10:57:02.245219286 +0000
Birth: 2023-01-02 10:57:02.245219286 +0000
File: secret2.txt
Size: 11 Blocks: 8 IO Block: 4096 regular file
Device: 32h/50d Inode: 511287 Links: 1
Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2023-01-02 10:57:02.246219299 +0000
Modify: 2023-01-02 10:57:02.246219299 +0000
Change: 2023-01-02 10:57:02.246219299 +0000
Birth: 2023-01-02 10:57:02.246219299 +0000
COMMIT defanator/example:tag1
--> 5422152c019
Successfully tagged localhost/defanator/example:tag1
5422152c019436fb30262db43c1c58653a88b6077db9293ab30ef10a48cb2ce8
podman run --rm -t -i defanator/example:tag1 cat /root/secret-foo.txt
secret:foo
podman run --rm -t -i defanator/example:tag1 cat /root/secret-bar.txt
secret:bar
podman rmi defanator/example:tag1
Untagged: localhost/defanator/example:tag1
Deleted: 5422152c019436fb30262db43c1c58653a88b6077db9293ab30ef10a48cb2ce8
Obviously, using absolute paths both in mount dst=
option and after in commands also works.
Additional information you deem important (e.g. issue happens only occasionally):
100% reproducible, tested in root-less mode only.
Output of podman version
:
$ podman version
Client: Podman Engine
Version: 4.3.1
API Version: 4.3.1
Go Version: go1.18.7
Built: Fri Nov 11 15:24:13 2022
OS/Arch: linux/amd64
Output of podman info
:
$ podman info
host:
arch: amd64
buildahVersion: 1.28.0
cgroupControllers:
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.5-1.fc36.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.5, commit: '
cpuUtilization:
idlePercent: 99.4
systemPercent: 0.21
userPercent: 0.4
cpus: 16
distribution:
distribution: fedora
variant: cloud
version: "36"
eventLogger: journald
hostname: builder-testrunner-amd64.amp.nginx.com
idMappings:
gidmap:
- container_id: 0
host_id: 9999
size: 1
- container_id: 1
host_id: 755360
size: 65536
uidmap:
- container_id: 0
host_id: 9999
size: 1
- container_id: 1
host_id: 755360
size: 65536
kernel: 6.0.15-200.fc36.x86_64
linkmode: dynamic
logDriver: journald
memFree: 21277806592
memTotal: 32932081664
networkBackend: netavark
ociRuntime:
name: crun
package: crun-1.7.2-2.fc36.x86_64
path: /usr/bin/crun
version: |-
crun version 1.7.2
commit: 0356bf4aff9a133d655dc13b1d9ac9424706cac4
rundir: /run/user/9999/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +WASM:wasmedge +YAJL
os: linux
remoteSocket:
path: /run/user/9999/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
version: |-
slirp4netns version 1.2.0-beta.0
commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
libslirp: 4.6.1
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.3
swapFree: 8589930496
swapTotal: 8589930496
uptime: 5h 5m 27.00s (Approximately 0.21 days)
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
volume:
- local
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- docker.io
- quay.io
store:
configFile: /home/builder/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 0
stopped: 1
graphDriverName: overlay
graphOptions:
overlay.mount_program:
Executable: /usr/bin/fuse-overlayfs
Package: fuse-overlayfs-1.9-6.fc36.x86_64
Version: |-
fusermount3 version: 3.10.5
fuse-overlayfs: version 1.9
FUSE library version 3.10.5
using FUSE kernel interface version 7.31
overlay.mountopt: nodev,metacopy=on
graphRoot: /run/user/9999/containers/storage
graphRootAllocated: 16466038784
graphRootUsed: 7435571200
graphStatus:
Backing Filesystem: tmpfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 240
runRoot: /run/user/9999/containers
volumePath: /run/user/9999/containers/storage/volumes
version:
APIVersion: 4.3.1
Built: 1668180253
BuiltTime: Fri Nov 11 15:24:13 2022
GitCommit: ""
GoVersion: go1.18.7
Os: linux
OsArch: linux/amd64
Version: 4.3.1
Package info (e.g. output of rpm -q podman
or apt list podman
or brew info podman
):
$ rpm -qi podman
Name : podman
Epoch : 4
Version : 4.3.1
Release : 1.fc36
Architecture: x86_64
Install Date: Mon 02 Jan 2023 05:47:13 AM UTC
Group : Unspecified
Size : 42535481
License : ASL 2.0 and BSD and ISC and MIT and MPLv2.0
Signature : RSA/SHA256, Fri 11 Nov 2022 04:37:04 PM UTC, Key ID 999f7cbf38ab71f4
Source RPM : podman-4.3.1-1.fc36.src.rpm
Build Date : Fri 11 Nov 2022 03:24:09 PM UTC
Build Host : buildvm-x86-04.iad2.fedoraproject.org
Packager : Fedora Project
Vendor : Fedora Project
URL : https://podman.io/
Bug URL : https://bugz.fedoraproject.org/podman
Summary : Manage Pods, Containers and Container Images
Description :
podman (Pod Manager) is a fully featured container engine that is a simple
daemonless tool. podman provides a Docker-CLI comparable command line that
eases the transition from other container engines and allows the management of
pods, containers and images. Simply put: alias docker=podman.
Most podman commands can be run as a regular user, without requiring
additional privileges.
podman uses Buildah(1) internally to create container images.
Both tools share image (not container) storage, hence each can use or
manipulate images (but not containers) created by the other.
Manage Pods, Containers and Container Images
podman Simple management tool for pods, containers and images
Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?
No
Additional environment details (AWS, VirtualBox, physical, etc.):
OS details:
$ cat /etc/os-release
NAME="Fedora Linux"
VERSION="36 (Cloud Edition)"
ID=fedora
VERSION_ID=36
VERSION_CODENAME=""
PLATFORM_ID="platform:f36"
PRETTY_NAME="Fedora Linux 36 (Cloud Edition)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:36"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f36/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=36
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=36
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
SUPPORT_END=2023-05-16
VARIANT="Cloud Edition"
VARIANT_ID=cloud