github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #8897 from kinvolk/rata/userns-use-platform

Browse Source 
cri/sbserver: Use platform instead of GOOS for userns detection
This commit is contained in:
Phil Estes 2023-08-02 16:12:02 -04:00 committed by GitHub
commit 40c85d6c09
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/cri/sbserver/sandbox_run.go
View File

@ -23,7 +23,6 @@ import (
"fmt" "fmt"
"math" "math"
"path/filepath" "path/filepath"
goruntime "runtime"
"strings" "strings"
"time" "time"
@ -144,8 +143,17 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
} }
}() }()
controller, err := c.getSandboxController(sandbox.Config, sandbox.RuntimeHandler)
if err != nil {
return nil, fmt.Errorf("failed to get sandbox controller: %w", err)
}
platform, err := controller.Platform(ctx, sandbox.ID)
if err != nil {
return nil, fmt.Errorf("failed to query sandbox platform: %w", err)
}
userNsEnabled := false userNsEnabled := false
if goruntime.GOOS != "windows" { if platform.OS == "linux" {
usernsOpts := config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetUsernsOptions() usernsOpts := config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetUsernsOptions()
if usernsOpts != nil && usernsOpts.GetMode() == runtime.NamespaceMode_POD { if usernsOpts != nil && usernsOpts.GetMode() == runtime.NamespaceMode_POD {
userNsEnabled = true userNsEnabled = true
@ -233,11 +241,6 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
return nil, fmt.Errorf("unable to save sandbox %q to store: %w", id, err) return nil, fmt.Errorf("unable to save sandbox %q to store: %w", id, err)
} }
controller, err := c.getSandboxController(config, r.GetRuntimeHandler())
if err != nil {
return nil, fmt.Errorf("failed to get sandbox controller: %w", err)
}
// Save sandbox metadata to store // Save sandbox metadata to store
if sandboxInfo, err = c.client.SandboxStore().Update(ctx, sandboxInfo, "extensions"); err != nil { if sandboxInfo, err = c.client.SandboxStore().Update(ctx, sandboxInfo, "extensions"); err != nil {
return nil, fmt.Errorf("unable to update extensions for sandbox %q: %w", id, err) return nil, fmt.Errorf("unable to update extensions for sandbox %q: %w", id, err)