refactor(driver-utils): centralize container mount path constants#1841
Merged
Conversation
Move duplicate in-container path constants from the Docker, Podman, Kubernetes, and VM driver crates into openshell-core::driver_utils: - TLS_CA_MOUNT_PATH, TLS_CERT_MOUNT_PATH, TLS_KEY_MOUNT_PATH, SANDBOX_TOKEN_MOUNT_PATH — identical string literals that were copy-pasted between openshell-driver-docker and openshell-driver-podman. - SUPERVISOR_CONTAINER_DIR (/opt/openshell/bin) and SUPERVISOR_CONTAINER_BINARY (/opt/openshell/bin/openshell-sandbox) — replaces three diverging local constants across docker, kubernetes, podman, and vm-rootfs that referred to the same paths under different names with different string values (the k8s constant was the directory; the docker/vm constant was the full binary path). Each driver crate now assigns its local constant from the canonical core value, keeping existing names visible to tests without any call-site churn. The openshell-core constants carry doc comments explaining when to use the dir vs. the full binary path. Signed-off-by: Eric Curtin <eric.curtin@docker.com>
ericcurtin
requested review from
a team,
derekwaynecarr and
mrunalp
as code owners
Collaborator
|
/ok to test a372702 |
TaylorMutch
approved these changes
Jun 9, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Move duplicate in-container path string literals from four driver crates into a single canonical location in `openshell-core::driver_utils`. Eliminates the risk of the drivers silently diverging on paths that the supervisor binary depends on at runtime.
Related Issue
No issue — opportunistic deduplication found during codebase review.
Changes
openshell-core: Add six new `pub const` values to `driver_utils`:
openshell-driver-docker: Replace five hardcoded `const` literals with references to core (TLS paths + `SUPERVISOR_CONTAINER_BINARY`).
openshell-driver-podman: Replace four hardcoded TLS `const` literals + two inline supervisor path strings with core constants.
openshell-driver-kubernetes: Replace local `SUPERVISOR_MOUNT_PATH = "/opt/openshell/bin"` with `SUPERVISOR_CONTAINER_DIR` from core.
openshell-driver-vm (`rootfs.rs`): Replace local `SANDBOX_SUPERVISOR_PATH = "/opt/openshell/bin/openshell-sandbox"` with `SUPERVISOR_CONTAINER_BINARY` from core.
No call-site changes required in any driver — local constant names are preserved by assigning them from the core values.
Testing
Checklist