From 2362e827d443465869f6582800c0301eb5545f61 Mon Sep 17 00:00:00 2001
From: Aditya R <arajan@redhat.com>
Date: Thu, 20 Apr 2023 16:42:02 +0530
Subject: [PATCH] aardvark: no error when aardvark config is not there

`network update` maybe called by podman when no container is running in
such case no aardvark config is present so netavark must return as-in
without throwing error since podman database is still updated.

Signed-off-by: Aditya R <arajan@redhat.com>
---
 src/dns/aardvark.rs           | 19 ++++++++++++++++++-
 test/100-bridge-iptables.bats | 16 ++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/src/dns/aardvark.rs b/src/dns/aardvark.rs
index bdea7824b..b242e17b4 100644
--- a/src/dns/aardvark.rs
+++ b/src/dns/aardvark.rs
@@ -329,6 +329,9 @@ impl Aardvark {
 
     // Modifies network dns_servers for a specific network and notifies aardvark-dns server
     // with the change.
+    // Note: If no aardvark dns config exists for a network function will return success without
+    // doing anything, because `podman network update` is applicable for networks even when no
+    // container is attached to it.
     pub fn modify_network_dns_servers(
         &self,
         network_name: &str,
@@ -336,7 +339,21 @@ impl Aardvark {
     ) -> Result<()> {
         let mut dns_servers_modified = false;
         let path = Path::new(&self.config).join(network_name);
-        let file_content = fs::read_to_string(&path)?;
+        let file_content = match fs::read_to_string(&path) {
+            Ok(content) => content,
+            Err(error) => {
+                if error.kind() == std::io::ErrorKind::NotFound {
+                    // Most likely `podman network update` was called
+                    // but no container on the network is running hence
+                    // no aardvark file is there in such case return success
+                    // since podman database still got updated and it will be
+                    // populated correctly for the next container.
+                    return Ok(());
+                } else {
+                    return Err(error);
+                }
+            }
+        };
 
         let mut file = File::create(&path)?;
 
diff --git a/test/100-bridge-iptables.bats b/test/100-bridge-iptables.bats
index 61dd21a7d..7cc688b5d 100644
--- a/test/100-bridge-iptables.bats
+++ b/test/100-bridge-iptables.bats
@@ -164,6 +164,22 @@ fw_driver=iptables
 
 }
 
+# netavark must do no-op on upates when no aardvark config is there
+@test "run netavark update - no-op" {
+    # get a random port directly to avoid low ports e.g. 53 would not create iptables
+    dns_port=$((RANDOM+10000))
+
+    rootless=false
+    if [[ ! -e "/run/dbus/system_bus_socket" ]]; then
+        rootless=true
+    fi
+
+    mkdir -p "$NETAVARK_TMPDIR/config"
+    NETAVARK_DNS_PORT="$dns_port" run_netavark --file ${TESTSDIR}/testfiles/dualstack-bridge-network-container-dns-server.json \
+        --rootless "$rootless" --config "$NETAVARK_TMPDIR/config" \
+        update podman1 --network-dns-servers 8.8.8.8
+}
+
 @test "$fw_driver - ipv6 bridge" {
     run_netavark --file ${TESTSDIR}/testfiles/ipv6-bridge.json setup $(get_container_netns_path)
     result="$output"