summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@gmail.com>2018-07-19 12:04:44 -0400
committerMatthew Heon <matthew.heon@gmail.com>2018-07-24 16:12:31 -0400
commit84afa32493335e74d6094c3723c53cf38ac9e6bb (patch)
tree22701e919d6b2ef5437a2dcc29990870fb22f92f /libpod
parent7b30659629deaddafc7fc925d869324ae754c216 (diff)
downloadpodman-84afa32493335e74d6094c3723c53cf38ac9e6bb.tar.gz
podman-84afa32493335e74d6094c3723c53cf38ac9e6bb.tar.bz2
podman-84afa32493335e74d6094c3723c53cf38ac9e6bb.zip
Ensure pods are part of the set namespace when added
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/in_memory_state.go4
-rw-r--r--libpod/state_test.go41
2 files changed, 45 insertions, 0 deletions
diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go
index 55be89d4c..e323b069c 100644
--- a/libpod/in_memory_state.go
+++ b/libpod/in_memory_state.go
@@ -542,6 +542,10 @@ func (s *InMemoryState) AddPod(pod *Pod) error {
return errors.Wrapf(ErrPodRemoved, "pod %s is not valid and cannot be added", pod.ID())
}
+ if err := s.checkNSMatch(pod.ID(), pod.Namespace()); err != nil {
+ return err
+ }
+
if _, ok := s.pods[pod.ID()]; ok {
return errors.Wrapf(ErrPodExists, "pod with ID %s already exists in state", pod.ID())
}
diff --git a/libpod/state_test.go b/libpod/state_test.go
index 4e9ba8850..30638024c 100644
--- a/libpod/state_test.go
+++ b/libpod/state_test.go
@@ -1790,6 +1790,47 @@ func TestAddPodCtrNameConflictFails(t *testing.T) {
})
}
+func TestAddPodSameNamespaceSucceeds(t *testing.T) {
+ runForAllStates(t, func(t *testing.T, state State, lockPath string) {
+ testPod, err := getTestPod1(lockPath)
+ assert.NoError(t, err)
+
+ testPod.config.Namespace = "test1"
+
+ state.SetNamespace("test1")
+
+ err = state.AddPod(testPod)
+ assert.NoError(t, err)
+
+ allPods, err := state.AllPods()
+ assert.NoError(t, err)
+ assert.Equal(t, 1, len(allPods))
+
+ testPodsEqual(t, testPod, allPods[0])
+ assert.Equal(t, testPod.valid, allPods[0].valid)
+ })
+}
+
+func TestAddPodDifferentNamespaceFails(t *testing.T) {
+ runForAllStates(t, func(t *testing.T, state State, lockPath string) {
+ testPod, err := getTestPod1(lockPath)
+ assert.NoError(t, err)
+
+ testPod.config.Namespace = "test1"
+
+ state.SetNamespace("test2")
+
+ err = state.AddPod(testPod)
+ assert.Error(t, err)
+
+ state.SetNamespace("")
+
+ allPods, err := state.AllPods()
+ assert.NoError(t, err)
+ assert.Equal(t, 0, len(allPods))
+ })
+}
+
func TestRemovePodInvalidPodErrors(t *testing.T) {
runForAllStates(t, func(t *testing.T, state State, lockPath string) {
err := state.RemovePod(&Pod{config: &PodConfig{}})