From fc32ec768df8a59a9c438f38cf2fd2c08a77f94b Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Tue, 23 Feb 2021 13:55:47 -0500 Subject: Sort CapDrop in inspect to guarantee order The order of CapAdd when inspecting containers is deterministic. However, the order of CapDrop is not (for unclear reasons). Add a quick sort on the final array to guarantee a consistent order. Fixes #9490 Signed-off-by: Matthew Heon --- test/e2e/inspect_test.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'test/e2e/inspect_test.go') diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index d417fc49d..772ebed05 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -490,4 +490,22 @@ var _ = Describe("Podman inspect", func() { } Expect(found).To(BeTrue()) }) + + It("Dropped capabilities are sorted", func() { + ctrName := "testCtr" + session := podmanTest.Podman([]string{"run", "-d", "--cap-drop", "CAP_AUDIT_WRITE", "--cap-drop", "CAP_MKNOD", "--cap-drop", "CAP_NET_RAW", "--name", ctrName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + + inspect := podmanTest.Podman([]string{"inspect", ctrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(BeZero()) + + data := inspect.InspectContainerToJSON() + Expect(len(data)).To(Equal(1)) + Expect(len(data[0].HostConfig.CapDrop)).To(Equal(3)) + Expect(data[0].HostConfig.CapDrop[0]).To(Equal("CAP_AUDIT_WRITE")) + Expect(data[0].HostConfig.CapDrop[1]).To(Equal("CAP_MKNOD")) + Expect(data[0].HostConfig.CapDrop[2]).To(Equal("CAP_NET_RAW")) + }) }) -- cgit v1.2.3-54-g00ecf