Respect XDG_CONFIG_HOME for policy.json and cni

[davidscherer]

Use the XDG_CONFIG_HOME environment variable, if it is defined, to locate policy.json and the cni plugins directory in rootless mode. This is the standard way to locate user-specific configuration files.

XDG_CONFIG_HOME is already respected in rootless mode for configuration files such as containers.conf, storage.conf, and registry.conf but here ~/.config was hardcoded.

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: davidscherer
To complete the pull request process, please assign
You can assign the PR to them by writing /assign in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mheon]

Signature policy path changes LGTM, but CNI is unusable without root, so there's no sense in making it vary per-user.

[davidscherer]

@mheon it seems like your disagreement is with (previously merged) #221 which claims that it is "preparing" common for rootless CNI.

[davidscherer]

Unfortunately, I have discovered that while this patch appears to make podman behave as I expect, buildah is apparently relying instead on the very similar logic in https://github.com/containers/image/blob/3e7b89e181cc724370de44856fe06092c20cbd15/signature/policy_config.go#L60

[mheon]

Ah, exciting - I thought that was a lot further off.

[rhatdan]

Please use "github.com/containers/storage/pkg/homedir" config.GetConfigHome()
rather then reimplementing it.

[davidscherer]

It has nothing to do with this PR, but probably rootlessConfigPath() next door in config.go should also use homedir.GetConfigHome()

[rhatdan]

@davidscherer Yes could you open a PR to fix this.

[rhatdan]

LGTM