diff options
author | Matthew Heon <matthew.heon@pm.me> | 2020-07-02 12:59:10 -0400 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2020-07-06 13:10:13 -0400 |
commit | 06b5a8c2f72c4f54f0d7ea9855344e294f22a73c (patch) | |
tree | 161203dc0047848fdb3d280e31ff358f892ae8ef /pkg/seccomp | |
parent | d59ef411949564518e3b5d0b5bbc1625ede45486 (diff) | |
download | podman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.tar.gz podman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.tar.bz2 podman-06b5a8c2f72c4f54f0d7ea9855344e294f22a73c.zip |
Print errors from individual containers in pods
The infra/abi code for pods was written in a flawed way, assuming
that the map[string]error containing individual container errors
was only set when the global error for the pod function was nil;
that is not accurate, and we are actually *guaranteed* to set the
global error when any individual container errors. Thus, we'd
never actually include individual container errors, because the
infra code assumed that err being set meant everything failed and
no container operations were attempted.
We were originally setting the cause of the error to something
nonsensical ("container already exists"), so I made a new error
indicating that some containers in the pod failed. We can then
ignore that error when building the report on the pod operation
and actually return errors from individual containers.
Unfortunately, this exposed another weakness of the infra code,
which was discarding the container IDs. Errors from individual
containers are not guaranteed to identify which container they
came from, hence the use of map[string]error in the Pod API
functions. Rather than restructuring the structs we return from
pkg/infra, I just wrapped the returned errors with a message
including the ID of the container.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg/seccomp')
0 files changed, 0 insertions, 0 deletions