Disallow "network generic data" with type options.Generic#48906
Merged
thaJeztah merged 1 commit intomoby:masterfrom Nov 25, 2024
Merged
Disallow "network generic data" with type options.Generic#48906thaJeztah merged 1 commit intomoby:masterfrom
thaJeztah merged 1 commit intomoby:masterfrom
Conversation
Field 'generic' in 'libnetwork.Network' is used to store driver options, it has type 'options.Generic', which is 'map[string]any'. In that map, there may be a key 'netlabel.GenericData' holding options known as "network generic options", used for options like: -o com.docker.network.bridge.name=br-foo The value type for key 'netlabel.GenericData' is always 'map[string]string' when created via an API request. But, some unit tests use type 'options.Generic'. That works because the bridge, ipvlan and macvlan drivers look for type 'options.Generic' as well as 'map[string]string'. If they find 'options.Generic', Go reflection is used to map keys to fields of the config struct with the expectation that the value has the same type as that field. But, that's only used in unit tests (so the tests aren't testing the same code path as the API would use). The 'options.Generic' form of the bridge name option is: "BridgeName": "br-foo" (Because "BridgeName" is the name of the field in the bridge driver's network config struct.) The libnetwork code expects "network generic options" to have type 'map[string]string', and makes no provision for 'options.Generic'. So, for example, function Network.DriverOptions will panic if called when 'Network.generic[netlabel.GenericData]' has type 'options.Generic'. The type of 'Network.generic[netlabel.GenericData]' can't be statically checked, because it's just a field in a 'map[string]any'. So - remove the driver code that converts "network generic options" from type 'options.Generic', as it's only used in tests and just makes things more confusing. This should reduce the chances of things appearing to work when the type is wrong, and converting unit tests to use 'map[string]string' means they're testing the right thing. Signed-off-by: Rob Murray <[email protected]>
robmry
force-pushed
the
network_generic_opts
branch
from
b80b9fc to
b656cff
Compare
robmry
added
area/networking
akerouanton
approved these changes
Nov 20, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
- What I did
Field
genericinlibnetwork.Networkis used to store driver options, it has typeoptions.Generic, which ismap[string]any.In that map, there may be a key
netlabel.GenericDataholding options known as "network generic options", used for options like:The value type for key
netlabel.GenericDatais alwaysmap[string]stringwhen created via an API request. But, some unit tests use typeoptions.GenericThat works because the bridge, ipvlan and macvlan drivers look for type
options.Genericas well asmap[string]stringIf they findoptions.GenericGo reflection is used to map keys to fields of the config struct with the expectation that the value has the same type as that field. But, that's only used in unit tests (so the tests aren't testing the same code path as the API would use).The
options.Genericform of the bridge name option is this, because "BridgeName" is the name of the field in the bridge driver's network config struct:The libnetwork code expects "network generic options" to have type
map[string]stringand makes no provision foroptions.Generic. So, for example, functionNetwork.DriverOptionswill panic if called whenNetwork.generic[netlabel.GenericData]has typeoptions.GenericThe type of
Network.generic[netlabel.GenericData]can't be statically checked, because it's just a field in amap[string]any.- How I did it
Removed the driver code that converts "network generic options" from type
options.Generic, as it's only used in tests and just makes things more confusing.This should reduce the chances of things appearing to work when the type is wrong, and converting unit tests to use
map[string]stringmeans they're testing the right thing.- How to verify it
Existing tests.
- Description for the changelog