Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v4.9] fix "concurrent map writes" in network ls compat endpoint #22835

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion pkg/api/handlers/compat/networks.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
"github.com/containers/podman/v4/pkg/domain/infra/abi"
"github.com/containers/podman/v4/pkg/util"
"github.com/docker/docker/api/types"
"golang.org/x/exp/maps"

dockerNetwork "github.com/docker/docker/api/types/network"
"github.com/sirupsen/logrus"
Expand Down Expand Up @@ -147,7 +148,9 @@ func convertLibpodNetworktoDockerNetwork(runtime *libpod.Runtime, statuses []con
if changeDefaultName && name == runtime.Network().DefaultNetworkName() {
name = nettypes.BridgeNetworkDriver
}
options := network.Options
// Make sure to clone the map as we have access to the map stored in
// the network backend and will overwrite it which is not good.
options := maps.Clone(network.Options)
// bridge always has isolate set in the compat API but we should not return it to not confuse callers
// https://github.com/containers/podman/issues/15580
delete(options, nettypes.IsolateOption)
Expand Down
16 changes: 16 additions & 0 deletions test/apiv2/35-networks.at
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,22 @@ t DELETE libpod/networks/macvlan1 200 \
.[0].Name~macvlan1 \
.[0].Err=null


# create network with isolate option and make sure it is not shown in docker compat endpoint
podman network create --opt isolate=true isolate-test
# Note the order of both list calls is important to test for https://github.com/containers/podman/issues/22330
# First call the compat endpoint, then the libpod one. Previously this would have removed
# the internal option for the libpod endpoint as well.
t GET networks?filters='{"name":["isolate-test"]}' 200 \
.[0].Name=isolate-test \
.[0].Options="{}"

t GET libpod/networks/json?filters='{"name":["isolate-test"]}' 200 \
.[0].name=isolate-test \
.[0].options.isolate="true"

t DELETE libpod/networks/isolate-test 200

#
# test networks with containers
#
Expand Down
Loading