From 137e0948aed96c3fe6412512e0d138eedf71d499 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Sun, 2 Dec 2018 13:36:55 -0500 Subject: Make DB config validation an explicit step Previously, we implicitly validated runtime configuration against what was stored in the database as part of database init. Make this an explicit step, so we can call it after the database has been initialized. This will allow us to retrieve paths from the database and use them to overwrite our defaults if they differ. Signed-off-by: Matthew Heon --- libpod/boltdb_state.go | 29 ++++++++++++++++++++++++----- libpod/in_memory_state.go | 6 ++++++ libpod/runtime.go | 5 +++++ libpod/state.go | 9 +++++++++ 4 files changed, 44 insertions(+), 5 deletions(-) (limited to 'libpod') diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go index 7191b184a..37b309c0d 100644 --- a/libpod/boltdb_state.go +++ b/libpod/boltdb_state.go @@ -115,11 +115,6 @@ func NewBoltState(path, lockDir string, runtime *Runtime) (State, error) { return nil, errors.Wrapf(err, "error creating initial database layout") } - // Check runtime configuration - if err := checkRuntimeConfig(db, runtime); err != nil { - return nil, err - } - state.valid = true return state, nil @@ -243,6 +238,10 @@ func (s *BoltState) Refresh() error { // GetDBConfig retrieves runtime configuration fields that were created when // the database was first initialized func (s *BoltState) GetDBConfig() (*DBConfig, error) { + if !s.valid { + return nil, ErrDBClosed + } + cfg := new(DBConfig) db, err := s.getDBCon() @@ -282,6 +281,26 @@ func (s *BoltState) GetDBConfig() (*DBConfig, error) { return cfg, nil } +// ValidateDBConfig validates paths in the given runtime against the database +func (s *BoltState) ValidateDBConfig(runtime *Runtime) error { + if !s.valid { + return ErrDBClosed + } + + db, err := s.getDBCon() + if err != nil { + return err + } + defer s.closeDBCon(db) + + // Check runtime configuration + if err := checkRuntimeConfig(db, runtime); err != nil { + return err + } + + return nil +} + // SetNamespace sets the namespace that will be used for container and pod // retrieval func (s *BoltState) SetNamespace(ns string) error { diff --git a/libpod/in_memory_state.go b/libpod/in_memory_state.go index 3a775eb43..8cd2f47b9 100644 --- a/libpod/in_memory_state.go +++ b/libpod/in_memory_state.go @@ -78,6 +78,12 @@ func (s *InMemoryState) GetDBConfig() (*DBConfig, error) { return nil, ErrNotImplemented } +// ValidateDBConfig is not implemented for the in-memory state. +// Since we do nothing just return no error. +func (s *InMemoryState) ValidateDBConfig(runtime *Runtime) error { + return nil +} + // SetNamespace sets the namespace for container and pod retrieval. func (s *InMemoryState) SetNamespace(ns string) error { s.namespace = ns diff --git a/libpod/runtime.go b/libpod/runtime.go index 8615e5e12..2e76f159b 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -448,6 +448,11 @@ func makeRuntime(runtime *Runtime) (err error) { return errors.Wrapf(ErrInvalidArg, "unrecognized state type passed") } + // Validate our config against the database + if err := runtime.state.ValidateDBConfig(runtime); err != nil { + return err + } + if err := runtime.state.SetNamespace(runtime.config.Namespace); err != nil { return errors.Wrapf(err, "error setting libpod namespace in state") } diff --git a/libpod/state.go b/libpod/state.go index 7f4efa21b..99e2435a2 100644 --- a/libpod/state.go +++ b/libpod/state.go @@ -38,6 +38,15 @@ type State interface { // validate runtime configuration. GetDBConfig() (*DBConfig, error) + // ValidateDBConfig ralidates the config in the given Runtime struct + // against paths stored in the configured database. + // Libpod root and tmp dirs and c/storage root and tmp dirs and graph + // driver are validated. + // This is not implemented by the in-memory state, as it has no need to + // validate runtime configuration that may change over multiple runs of + // the program. + ValidateDBConfig(runtime *Runtime) error + // SetNamespace() sets the namespace for the store, and will determine // what containers are retrieved with container and pod retrieval calls. // A namespace of "", the empty string, acts as no namespace, and -- cgit v1.2.3-54-g00ecf