summaryrefslogtreecommitdiff
path: root/pkg/seccomp
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@pm.me>2020-07-02 12:59:10 -0400
committerMatthew Heon <matthew.heon@pm.me>2020-07-06 13:10:13 -0400
commit06b5a8c2f72c4f54f0d7ea9855344e294f22a73c (patch)
tree161203dc0047848fdb3d280e31ff358f892ae8ef /pkg/seccomp
parentd59ef411949564518e3b5d0b5bbc1625ede45486 (diff)
downloadpodman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.tar.gz
podman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.tar.bz2
podman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.zip
Print errors from individual containers in pods
The infra/abi code for pods was written in a flawed way, assuming that the map[string]error containing individual container errors was only set when the global error for the pod function was nil; that is not accurate, and we are actually *guaranteed* to set the global error when any individual container errors. Thus, we'd never actually include individual container errors, because the infra code assumed that err being set meant everything failed and no container operations were attempted. We were originally setting the cause of the error to something nonsensical ("container already exists"), so I made a new error indicating that some containers in the pod failed. We can then ignore that error when building the report on the pod operation and actually return errors from individual containers. Unfortunately, this exposed another weakness of the infra code, which was discarding the container IDs. Errors from individual containers are not guaranteed to identify which container they came from, hence the use of map[string]error in the Pod API functions. Rather than restructuring the structs we return from pkg/infra, I just wrapped the returned errors with a message including the ID of the container. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg/seccomp')
0 files changed, 0 insertions, 0 deletions