1. docker
  2. Commit f6002117a4a4646d54cfc9a64f8fc89abfea34e0
Browse code

Extract container-config and container-hostconfig validation

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Sebastiaan van Stijn authored on 2018/12/19 09:28:08
Showing 3 changed files
daemon/container.go
History View file @ f600211
... ... 
@@ -234,68 +234,71 @@ func (daemon *Daemon) setHostConfig(container *container.Container, hostConfig *
234 234 
 // structures.
235 235 
 func (daemon *Daemon) verifyContainerSettings(platform string, hostConfig *containertypes.HostConfig, config *containertypes.Config, update bool) (warnings []string, err error) {
236 236 
 	// First perform verification of settings common across all platforms.
237 
-	if config != nil {
238 
-		if err := translateWorkingDir(config, platform); err != nil {
239 
-			return nil, err
240 
-		}
237 
+	if err = validateContainerConfig(config, platform); err != nil {
238 
+		return warnings, err
239 
+	}
240 
+	if err := validateHostConfig(hostConfig, platform); err != nil {
241 
+		return warnings, err
242 
+	}
241 243
242 
-		if len(config.StopSignal) > 0 {
243 
-			_, err := signal.ParseSignal(config.StopSignal)
244 
-			if err != nil {
245 
-				return nil, err
246 
-			}
247 
-		}
244 
+	// Now do platform-specific verification
245 
+	warnings, err = verifyPlatformContainerSettings(daemon, hostConfig, update)
246 
+	for _, w := range warnings {
247 
+		logrus.Warn(w)
248 
+	}
249 
+	return warnings, err
250 
+}
248 251
249 
-		// Validate if Env contains empty variable or not (e.g., ``, `=foo`)
250 
-		for _, env := range config.Env {
251 
-			if _, err := opts.ValidateEnv(env); err != nil {
252 
-				return nil, err
253 
-			}
252 
+func validateContainerConfig(config *containertypes.Config, platform string) error {
253 
+	if config == nil {
254 
+		return nil
255 
+	}
256 
+	if err := translateWorkingDir(config, platform); err != nil {
257 
+		return err
258 
+	}
259 
+	if len(config.StopSignal) > 0 {
260 
+		if _, err := signal.ParseSignal(config.StopSignal); err != nil {
261 
+			return err
254 262 
 		}
255 
-
256 
-		if err := validateHealthCheck(config.Healthcheck); err != nil {
257 
-			return nil, err
263 
+	}
264 
+	// Validate if Env contains empty variable or not (e.g., ``, `=foo`)
265 
+	for _, env := range config.Env {
266 
+		if _, err := opts.ValidateEnv(env); err != nil {
267 
+			return err
258 268 
 		}
259 269 
 	}
270 
+	return validateHealthCheck(config.Healthcheck)
271 
+}
260 272
273 
+func validateHostConfig(hostConfig *containertypes.HostConfig, platform string) error {
261 274 
 	if hostConfig == nil {
262 
-		return nil, nil
275 
+		return nil
263 276 
 	}
264 
-
265 277 
 	if hostConfig.AutoRemove && !hostConfig.RestartPolicy.IsNone() {
266 
-		return nil, errors.Errorf("can't create 'AutoRemove' container with restart policy")
278 
+		return errors.Errorf("can't create 'AutoRemove' container with restart policy")
267 279 
 	}
268 
-
269 280 
 	// Validate mounts; check if host directories still exist
270 281 
 	parser := volumemounts.NewParser(platform)
271 282 
 	for _, cfg := range hostConfig.Mounts {
272 283 
 		if err := parser.ValidateMountConfig(&cfg); err != nil {
273 
-			return nil, err
284 
+			return err
274 285 
 		}
275 286 
 	}
276 
-
277 287 
 	for _, extraHost := range hostConfig.ExtraHosts {
278 288 
 		if _, err := opts.ValidateExtraHost(extraHost); err != nil {
279 
-			return nil, err
289 
+			return err
280 290 
 		}
281 291 
 	}
282 
-
283 292 
 	if err := validatePortBindings(hostConfig.PortBindings); err != nil {
284 
-		return nil, err
293 
+		return err
285 294 
 	}
286 295 
 	if err := validateRestartPolicy(hostConfig.RestartPolicy); err != nil {
287 
-		return nil, err
296 
+		return err
288 297 
 	}
289 298 
 	if !hostConfig.Isolation.IsValid() {
290 
-		return nil, errors.Errorf("invalid isolation '%s' on %s", hostConfig.Isolation, runtime.GOOS)
291 
-	}
292 
-
293 
-	// Now do platform-specific verification
294 
-	warnings, err = verifyPlatformContainerSettings(daemon, hostConfig, update)
295 
-	for _, w := range warnings {
296 
-		logrus.Warn(w)
299 
+		return errors.Errorf("invalid isolation '%s' on %s", hostConfig.Isolation, runtime.GOOS)
297 300 
 	}
298 
-	return warnings, err
301 
+	return nil
299 302 
 }
300 303
301 304 
 // validateHealthCheck validates the healthcheck params of Config
daemon/daemon_unix.go
History View file @ f600211
... ... 
@@ -562,6 +562,9 @@ func UsingSystemd(config *config.Config) bool {
562 562 
 // verifyPlatformContainerSettings performs platform-specific validation of the
563 563 
 // hostconfig and config structures.
564 564 
 func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.HostConfig, update bool) (warnings []string, err error) {
565 
+	if hostConfig == nil {
566 
+		return nil, nil
567 
+	}
565 568 
 	sysInfo := sysinfo.New(true)
566 569
567 570 
 	w, err := verifyPlatformContainerResources(&hostConfig.Resources, sysInfo, update)
daemon/daemon_windows.go
History View file @ f600211
... ... 
@@ -188,6 +188,9 @@ func verifyPlatformContainerResources(resources *containertypes.Resources, isHyp
188 188 
 // verifyPlatformContainerSettings performs platform-specific validation of the
189 189 
 // hostconfig and config structures.
190 190 
 func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.HostConfig, update bool) (warnings []string, err error) {
191 
+	if hostConfig == nil {
192 
+		return nil, nil
193 
+	}
191 194 
 	osv := system.GetOSVersion()
192 195 
 	hyperv := daemon.runAsHyperVContainer(hostConfig)
193 196