builder: ensure libnetwork state file do not leak

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
This commit is contained in:
Tonis Tiigi 2021-01-06 22:46:53 -08:00
parent 4f7faa29e8
commit 7c7e168902

View file

@ -3,6 +3,7 @@
package buildkit
import (
"io/ioutil"
"os"
"path/filepath"
"strconv"
@ -25,11 +26,24 @@ import (
const networkName = "bridge"
func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, dnsConfig *oci.DNSConfig, rootless bool, idmap *idtools.IdentityMapping) (executor.Executor, error) {
netRoot := filepath.Join(root, "net")
networkProviders := map[pb.NetMode]network.Provider{
pb.NetMode_UNSET: &bridgeProvider{NetworkController: net, Root: filepath.Join(root, "net")},
pb.NetMode_UNSET: &bridgeProvider{NetworkController: net, Root: netRoot},
pb.NetMode_HOST: network.NewHostProvider(),
pb.NetMode_NONE: network.NewNoneProvider(),
}
// make sure net state directory is cleared from previous state
fis, err := ioutil.ReadDir(netRoot)
if err == nil {
for _, fi := range fis {
fp := filepath.Join(netRoot, fi.Name())
if err := os.RemoveAll(fp); err != nil {
logrus.WithError(err).Errorf("failed to delete old network state: %v", fp)
}
}
}
return runcexecutor.New(runcexecutor.Opt{
Root: filepath.Join(root, "executor"),
CommandCandidates: []string{"runc"},
@ -117,7 +131,10 @@ func (iface *lnInterface) Close() error {
if iface.sbx != nil {
go func() {
if err := iface.sbx.Delete(); err != nil {
logrus.Errorf("failed to delete builder network sandbox: %v", err)
logrus.WithError(err).Errorf("failed to delete builder network sandbox")
}
if err := os.RemoveAll(filepath.Join(iface.provider.Root, iface.sbx.ContainerID())); err != nil {
logrus.WithError(err).Errorf("failed to delete builder sandbox directory")
}
}()
}