summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2023-12-28 21:28:29 +0000
committerGitHub <noreply@github.com>2023-12-28 21:28:29 +0000
commitf8fc5b40b952b4772cce12a604bffb3290c9be89 (patch)
tree7125a7cd1ef22c66d69ce195f24f4c77ed64c90f
parent0e8799091f7e49c4810320a47dd19c554955d007 (diff)
parent02bb7e09e1bbf3c5e2184c1332bda4652a9f4a93 (diff)
downloadvyos-1x-f8fc5b40b952b4772cce12a604bffb3290c9be89.tar.gz
vyos-1x-f8fc5b40b952b4772cce12a604bffb3290c9be89.zip
Merge pull request #2697 from c-po/sagitta-T5829
container: T5829: verify container network used supports the given AFI (backport)
-rwxr-xr-xsrc/conf_mode/container.py20
1 files changed, 13 insertions, 7 deletions
diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py
index 9f50c0790..59d11c5a3 100755
--- a/src/conf_mode/container.py
+++ b/src/conf_mode/container.py
@@ -142,11 +142,17 @@ def verify(container):
for address in container_config['network'][network_name]['address']:
network = None
if is_ipv4(address):
- network = [x for x in container['network'][network_name]['prefix'] if is_ipv4(x)][0]
- cnt_ipv4 += 1
+ try:
+ network = [x for x in container['network'][network_name]['prefix'] if is_ipv4(x)][0]
+ cnt_ipv4 += 1
+ except:
+ raise ConfigError(f'Network "{network_name}" does not contain an IPv4 prefix!')
elif is_ipv6(address):
- network = [x for x in container['network'][network_name]['prefix'] if is_ipv6(x)][0]
- cnt_ipv6 += 1
+ try:
+ network = [x for x in container['network'][network_name]['prefix'] if is_ipv6(x)][0]
+ cnt_ipv6 += 1
+ except:
+ raise ConfigError(f'Network "{network_name}" does not contain an IPv6 prefix!')
# Specified container IP address must belong to network prefix
if ip_address(address) not in ip_network(network):
@@ -232,9 +238,9 @@ def verify(container):
# A network attached to a container can not be deleted
if {'network_remove', 'name'} <= set(container):
for network in container['network_remove']:
- for container, container_config in container['name'].items():
- if 'network' in container_config and network in container_config['network']:
- raise ConfigError(f'Can not remove network "{network}", used by container "{container}"!')
+ for c, c_config in container['name'].items():
+ if 'network' in c_config and network in c_config['network']:
+ raise ConfigError(f'Can not remove network "{network}", used by container "{c}"!')
if 'registry' in container:
for registry, registry_config in container['registry'].items():