Vendor in new opencontainers/selinux

Also update vendor of containers/common,buildah,storage,image Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2069586 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-11-02 14:55:28 +08:00 · 2022-03-29 07:31:23 -04:00
parent f838333b7e
commit dc17195bd9
62 changed files with 1229 additions and 616 deletions
--- a/vendor/github.com/containers/common/libnetwork/netavark/config.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go
@ -67,6 +67,11 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
 		return nil, err
 	}

+	err = validateIPAMDriver(newNetwork)
+	if err != nil {
+		return nil, err
+	}
+
 	// Only get the used networks for validation if we do not create the default network.
 	// The default network should not be validated against used subnets, we have to ensure
 	// that this network can always be created even when a subnet is already used on the host.
@ -116,7 +121,10 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
 		return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver)
 	}

-	// add gatway when not internal or dns enabled
+	// when we do not have ipam we must disable dns
+	internalutil.IpamNoneDisableDns(newNetwork)
+
+	// add gateway when not internal or dns enabled
 	addGateway := !newNetwork.Internal || newNetwork.DNSEnabled
 	err = internalutil.ValidateSubnets(newNetwork, addGateway, usedNetworks)
 	if err != nil {
@ -153,10 +161,19 @@ func createMacvlan(network *types.Network) error {
 			return errors.Errorf("parent interface %s does not exist", network.NetworkInterface)
 		}
 	}
-	if len(network.Subnets) == 0 {
-		return errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not supported with netavark")
+
+	// we already validated the drivers before so we just have to set the default here
+	switch network.IPAMOptions[types.Driver] {
+	case "":
+		if len(network.Subnets) == 0 {
+			return errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not yet supported with netavark")
+		}
+		network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
+	case types.HostLocalIPAMDriver:
+		if len(network.Subnets) == 0 {
+			return errors.Errorf("macvlan driver needs at least one subnet specified, when the host-local ipam driver is set")
+		}
 	}
-	network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver

 	// validate the given options, we do not need them but just check to make sure they are valid
 	for key, value := range network.Options {
@ -246,3 +263,19 @@ func (n *netavarkNetwork) NetworkInspect(nameOrID string) (types.Network, error)
 	}
 	return *network, nil
 }
+
+func validateIPAMDriver(n *types.Network) error {
+	ipamDriver := n.IPAMOptions[types.Driver]
+	switch ipamDriver {
+	case "", types.HostLocalIPAMDriver:
+	case types.NoneIPAMDriver:
+		if len(n.Subnets) > 0 {
+			return errors.New("none ipam driver is set but subnets are given")
+		}
+	case types.DHCPIPAMDriver:
+		return errors.New("dhcp ipam driver is not yet supported with netavark")
+	default:
+		return errors.Errorf("unsupported ipam driver %q", ipamDriver)
+	}
+	return nil
+}