Merge pull request containers#677 from flouthoc/update-no-containers

aardvark,network-update: no error when aardvark config is not there
baude · Apr 21, 2023 · cb905e1 · cb905e1
2 parents 0449a84 + 2362e82
commit cb905e1
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/src/dns/aardvark.rs b/src/dns/aardvark.rs
@@ -329,14 +329,31 @@ impl Aardvark {
 
     // Modifies network dns_servers for a specific network and notifies aardvark-dns server
     // with the change.
+    // Note: If no aardvark dns config exists for a network function will return success without
+    // doing anything, because `podman network update` is applicable for networks even when no
+    // container is attached to it.
     pub fn modify_network_dns_servers(
         &self,
         network_name: &str,
         network_dns_servers: &Vec<String>,
     ) -> Result<()> {
         let mut dns_servers_modified = false;
         let path = Path::new(&self.config).join(network_name);
-        let file_content = fs::read_to_string(&path)?;
+        let file_content = match fs::read_to_string(&path) {
+            Ok(content) => content,
+            Err(error) => {
+                if error.kind() == std::io::ErrorKind::NotFound {
+                    // Most likely `podman network update` was called
+                    // but no container on the network is running hence
+                    // no aardvark file is there in such case return success
+                    // since podman database still got updated and it will be
+                    // populated correctly for the next container.
+                    return Ok(());
+                } else {
+                    return Err(error);
+                }
+            }
+        };
 
         let mut file = File::create(&path)?;
 

diff --git a/test/100-bridge-iptables.bats b/test/100-bridge-iptables.bats
@@ -164,6 +164,22 @@ fw_driver=iptables
 
 }
 
+# netavark must do no-op on upates when no aardvark config is there
+@test "run netavark update - no-op" {
+    # get a random port directly to avoid low ports e.g. 53 would not create iptables
+    dns_port=$((RANDOM+10000))
+
+    rootless=false
+    if [[ ! -e "/run/dbus/system_bus_socket" ]]; then
+        rootless=true
+    fi
+
+    mkdir -p "$NETAVARK_TMPDIR/config"
+    NETAVARK_DNS_PORT="$dns_port" run_netavark --file ${TESTSDIR}/testfiles/dualstack-bridge-network-container-dns-server.json \
+        --rootless "$rootless" --config "$NETAVARK_TMPDIR/config" \
+        update podman1 --network-dns-servers 8.8.8.8
+}
+
 @test "$fw_driver - ipv6 bridge" {
     run_netavark --file ${TESTSDIR}/testfiles/ipv6-bridge.json setup $(get_container_netns_path)
     result="$output"