cri/sbserver: Use platform instead of GOOS for userns detection

In the sbserver we should not use the GOOS, as windows hosts can run linux containers. On the sbserver we should use the platform param. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2023-07-31 17:45:59 +02:00 · 2023-07-31 17:45:59 +02:00 · c80a3ecafd
commit c80a3ecafd
parent 40f26543bd
1 changed files with 10 additions and 7 deletions
--- a/pkg/cri/sbserver/sandbox_run.go
+++ b/pkg/cri/sbserver/sandbox_run.go
@ -23,7 +23,6 @@ import (
 	"fmt"
 	"math"
 	"path/filepath"
-	goruntime "runtime"
 	"strings"
 	"time"

@ -144,8 +143,17 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
 		}
 	}()

+	controller, err := c.getSandboxController(sandbox.Config, sandbox.RuntimeHandler)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get sandbox controller: %w", err)
+	}
+	platform, err := controller.Platform(ctx, sandbox.ID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to query sandbox platform: %w", err)
+	}
+
 	userNsEnabled := false
-	if goruntime.GOOS != "windows" {
+	if platform.OS == "linux" {
 		usernsOpts := config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetUsernsOptions()
 		if usernsOpts != nil && usernsOpts.GetMode() == runtime.NamespaceMode_POD {
 			userNsEnabled = true
@ -233,11 +241,6 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
 		return nil, fmt.Errorf("unable to save sandbox %q to store: %w", id, err)
 	}

-	controller, err := c.getSandboxController(config, r.GetRuntimeHandler())
-	if err != nil {
-		return nil, fmt.Errorf("failed to get sandbox controller: %w", err)
-	}
-
 	// Save sandbox metadata to store
 	if sandboxInfo, err = c.client.SandboxStore().Update(ctx, sandboxInfo, "extensions"); err != nil {
 		return nil, fmt.Errorf("unable to update extensions for sandbox %q: %w", id, err)