diff options
author | Daniil Baturin <daniil@vyos.io> | 2023-12-28 21:28:29 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-12-28 21:28:29 +0000 |
commit | f8fc5b40b952b4772cce12a604bffb3290c9be89 (patch) | |
tree | 7125a7cd1ef22c66d69ce195f24f4c77ed64c90f | |
parent | 0e8799091f7e49c4810320a47dd19c554955d007 (diff) | |
parent | 02bb7e09e1bbf3c5e2184c1332bda4652a9f4a93 (diff) | |
download | vyos-1x-f8fc5b40b952b4772cce12a604bffb3290c9be89.tar.gz vyos-1x-f8fc5b40b952b4772cce12a604bffb3290c9be89.zip |
Merge pull request #2697 from c-po/sagitta-T5829
container: T5829: verify container network used supports the given AFI (backport)
-rwxr-xr-x | src/conf_mode/container.py | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index 9f50c0790..59d11c5a3 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -142,11 +142,17 @@ def verify(container): for address in container_config['network'][network_name]['address']: network = None if is_ipv4(address): - network = [x for x in container['network'][network_name]['prefix'] if is_ipv4(x)][0] - cnt_ipv4 += 1 + try: + network = [x for x in container['network'][network_name]['prefix'] if is_ipv4(x)][0] + cnt_ipv4 += 1 + except: + raise ConfigError(f'Network "{network_name}" does not contain an IPv4 prefix!') elif is_ipv6(address): - network = [x for x in container['network'][network_name]['prefix'] if is_ipv6(x)][0] - cnt_ipv6 += 1 + try: + network = [x for x in container['network'][network_name]['prefix'] if is_ipv6(x)][0] + cnt_ipv6 += 1 + except: + raise ConfigError(f'Network "{network_name}" does not contain an IPv6 prefix!') # Specified container IP address must belong to network prefix if ip_address(address) not in ip_network(network): @@ -232,9 +238,9 @@ def verify(container): # A network attached to a container can not be deleted if {'network_remove', 'name'} <= set(container): for network in container['network_remove']: - for container, container_config in container['name'].items(): - if 'network' in container_config and network in container_config['network']: - raise ConfigError(f'Can not remove network "{network}", used by container "{container}"!') + for c, c_config in container['name'].items(): + if 'network' in c_config and network in c_config['network']: + raise ConfigError(f'Can not remove network "{network}", used by container "{c}"!') if 'registry' in container: for registry, registry_config in container['registry'].items(): |