├── .gitattributes
├── .github
    ├── actions
    │   └── retest-action
    │   │   ├── Dockerfile
    │   │   ├── action.yml
    │   │   └── entrypoint.sh
    ├── dependabot.yml
    └── workflows
    │   ├── commands.yml
    │   ├── scorecard.yml
    │   └── test.yaml
├── .gitignore
├── .golangci.yml
├── .yamllint.yaml
├── CODE-OF-CONDUCT.md
├── CONTRIBUTING.md
├── CONVENTIONS.md
├── DCO
├── Documentation
    ├── cnitool.md
    └── spec-upgrades.md
├── GOVERNANCE.md
├── LICENSE
├── MAINTAINERS
├── Makefile
├── README.md
├── RELEASING.md
├── ROADMAP.md
├── SPEC.md
├── cnitool
    ├── README.md
    └── cnitool.go
├── go.mod
├── go.sum
├── libcni
    ├── api.go
    ├── api_test.go
    ├── backwards_compatibility_test.go
    ├── conf.go
    ├── conf_test.go
    └── libcni_suite_test.go
├── logo.png
├── mk
    ├── dependencies
    │   └── golangci.sh
    └── lint.mk
├── pkg
    ├── invoke
    │   ├── args.go
    │   ├── args_test.go
    │   ├── delegate.go
    │   ├── delegate_test.go
    │   ├── exec.go
    │   ├── exec_test.go
    │   ├── fakes
    │   │   ├── cni_args.go
    │   │   ├── raw_exec.go
    │   │   └── version_decoder.go
    │   ├── find.go
    │   ├── find_test.go
    │   ├── get_version_integration_test.go
    │   ├── invoke_suite_test.go
    │   ├── os_unix.go
    │   ├── os_windows.go
    │   ├── raw_exec.go
    │   └── raw_exec_test.go
    ├── ns
    │   ├── ns_darwin.go
    │   ├── ns_linux.go
    │   └── ns_windows.go
    ├── skel
    │   ├── skel.go
    │   ├── skel_suite_test.go
    │   └── skel_test.go
    ├── types
    │   ├── 100
    │   │   ├── types.go
    │   │   ├── types_suite_test.go
    │   │   └── types_test.go
    │   ├── 020
    │   │   ├── types.go
    │   │   ├── types_suite_test.go
    │   │   └── types_test.go
    │   ├── 040
    │   │   ├── types.go
    │   │   ├── types_suite_test.go
    │   │   └── types_test.go
    │   ├── args.go
    │   ├── args_test.go
    │   ├── create
    │   │   └── create.go
    │   ├── internal
    │   │   ├── convert.go
    │   │   └── create.go
    │   ├── types.go
    │   ├── types_suite_test.go
    │   └── types_test.go
    ├── utils
    │   ├── utils.go
    │   └── utils_test.go
    └── version
    │   ├── conf.go
    │   ├── conf_test.go
    │   ├── legacy_examples
    │       ├── example_runtime.go
    │       ├── examples.go
    │       ├── legacy_examples_suite_test.go
    │       └── legacy_examples_test.go
    │   ├── plugin.go
    │   ├── plugin_test.go
    │   ├── reconcile.go
    │   ├── reconcile_test.go
    │   ├── testhelpers
    │       ├── testhelpers.go
    │       ├── testhelpers_suite_test.go
    │       └── testhelpers_test.go
    │   ├── version.go
    │   ├── version_suite_test.go
    │   └── version_test.go
├── plugins
    ├── debug
    │   ├── README.md
    │   ├── go.mod
    │   ├── go.sum
    │   └── main.go
    └── test
    │   ├── noop
    │       ├── debug
    │       │   └── debug.go
    │       ├── main.go
    │       ├── noop_suite_test.go
    │       └── noop_test.go
    │   └── sleep
    │       └── main.go
├── scripts
    ├── docker-run.sh
    ├── exec-plugins.sh
    └── priv-net-run.sh
└── test.sh


/.gitattributes:
--------------------------------------------------------------------------------
1 | # Don't rewrite line endings
2 | *.go -text
3 | 


--------------------------------------------------------------------------------
/.github/actions/retest-action/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.20
2 | 
3 | RUN apk add --no-cache curl jq
4 | 
5 | COPY entrypoint.sh /entrypoint.sh
6 | 
7 | ENTRYPOINT ["/entrypoint.sh"]
8 | 


--------------------------------------------------------------------------------
/.github/actions/retest-action/action.yml:
--------------------------------------------------------------------------------
 1 | name: 'Re-Test'
 2 | description: 'Re-Runs the last workflow for a PR'
 3 | inputs:
 4 |   token:
 5 |     description: 'GitHub API Token'
 6 |     required: true
 7 | runs:
 8 |   using: 'docker'
 9 |   image: 'Dockerfile'
10 |   env:
11 |     GITHUB_TOKEN: ${{ inputs.token }}
12 | 


--------------------------------------------------------------------------------
/.github/actions/retest-action/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | set -ex
 4 | 
 5 | if ! jq -e '.issue.pull_request' ${GITHUB_EVENT_PATH}; then
 6 |     echo "Not a PR... Exiting."
 7 |     exit 0
 8 | fi
 9 | 
10 | if [ "$(jq -r '.comment.body' ${GITHUB_EVENT_PATH})" != "/retest" ]; then
11 |     echo "Nothing to do... Exiting."
12 |     exit 0
13 | fi
14 | 
15 | PR_URL=$(jq -r '.issue.pull_request.url' ${GITHUB_EVENT_PATH})
16 | 
17 | curl --request GET \
18 |     --url "${PR_URL}" \
19 |     --header "authorization: Bearer ${GITHUB_TOKEN}" \
20 |     --header "content-type: application/json" > pr.json
21 | 
22 | ACTOR=$(jq -r '.user.login' pr.json)
23 | BRANCH=$(jq -r '.head.ref' pr.json)
24 | 
25 | curl --request GET \
26 |     --url "https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs?event=pull_request&actor=${ACTOR}&branch=${BRANCH}" \
27 |     --header "authorization: Bearer ${GITHUB_TOKEN}" \
28 |     --header "content-type: application/json" | jq '.workflow_runs | max_by(.run_number)' > run.json
29 | 
30 | RERUN_URL=$(jq -r '.rerun_url' run.json)
31 | 
32 | curl --request POST \
33 |     --url "${RERUN_URL}" \
34 |     --header "authorization: Bearer ${GITHUB_TOKEN}" \
35 |     --header "content-type: application/json"
36 | 
37 | 
38 | REACTION_URL="$(jq -r '.comment.url' ${GITHUB_EVENT_PATH})/reactions"
39 | 
40 | curl --request POST \
41 |     --url "${REACTION_URL}" \
42 |     --header "authorization: Bearer ${GITHUB_TOKEN}" \
43 |     --header "accept: application/vnd.github.squirrel-girl-preview+json" \
44 |     --header "content-type: application/json" \
45 |     --data '{ "content" : "rocket" }'


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | # To get started with Dependabot version updates, you'll need to specify which
 2 | # package ecosystems to update and where the package manifests are located.
 3 | # Please see the documentation for all configuration options:
 4 | # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 5 | 
 6 | version: 2
 7 | updates:
 8 |   - package-ecosystem: "docker"
 9 |     directory: "/.github/actions/retest-action"
10 |     schedule:
11 |       interval: "weekly"
12 |   - package-ecosystem: "github-actions"
13 |     directory: "/"
14 |     schedule:
15 |       interval: "weekly"
16 |   - package-ecosystem: "gomod"
17 |     directory: "/"
18 |     schedule:
19 |       interval: "weekly"
20 |     groups:
21 |       golang:
22 |         patterns:
23 |           - "*"
24 |   - package-ecosystem: "gomod"
25 |     directory: "/plugins/debug"
26 |     schedule:
27 |       interval: "weekly"
28 | 


--------------------------------------------------------------------------------
/.github/workflows/commands.yml:
--------------------------------------------------------------------------------
 1 | name: commands
 2 | on:
 3 |   issue_comment:
 4 |     types: [created]
 5 | 
 6 | jobs:
 7 |   retest:
 8 |     if: github.repository == 'containernetworking/cni'
 9 |     runs-on: ubuntu-latest
10 |     steps:
11 |       - name: Check out code
12 |         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
13 | 
14 |       - name: Re-Test Action
15 |         uses: ./.github/actions/retest-action
16 |         with:
17 |           token: ${{ secrets.REPO_ACCESS_TOKEN }}
18 | 


--------------------------------------------------------------------------------
/.github/workflows/scorecard.yml:
--------------------------------------------------------------------------------
 1 | name: Scorecard supply-chain security
 2 | on:
 3 |   branch_protection_rule:
 4 |   push:
 5 |     branches:
 6 |       - main
 7 |   schedule:
 8 |     - cron: 29 15 * * 0
 9 | permissions: read-all
10 | jobs:
11 |   analysis:
12 |     name: Scorecard analysis
13 |     permissions:
14 |       id-token: write
15 |       security-events: write
16 |     runs-on: ubuntu-latest
17 |     steps:
18 |       - name: Checkout code
19 |         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v4.1.1
20 |         with:
21 |           persist-credentials: false
22 | 
23 |       - name: Run analysis
24 |         uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736  # v2.3.1
25 |         with:
26 |           results_file: results.sarif
27 |           results_format: sarif
28 |           publish_results: true
29 | 
30 |       - name: Upload artifact
31 |         uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db  # v3.pre.node20
32 |         with:
33 |           name: SARIF file
34 |           path: results.sarif
35 |           retention-days: 5
36 | 
37 |       - name: Upload to code-scanning
38 |         uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d  # v3.26.7
39 |         with:
40 |           sarif_file: results.sarif
41 | 


--------------------------------------------------------------------------------
/.github/workflows/test.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: test
 3 | 
 4 | on: ["push", "pull_request"]
 5 | 
 6 | env:
 7 |   GO_VERSION: "1.22"
 8 |   LINUX_ARCHES: "amd64 386 arm arm64 s390x mips64le ppc64le"
 9 | 
10 | jobs:
11 |   lint:
12 |     name: Lint
13 |     permissions:
14 |       contents: read
15 |       pull-requests: read
16 |     runs-on: ubuntu-latest
17 |     steps:
18 |       - name: setup go
19 |         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
20 |         with:
21 |           go-version: ${{ env.GO_VERSION }}
22 | 
23 |       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
24 | 
25 |       - uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c  # v3.1.1
26 |         with:
27 |           format: auto
28 |           config_file: .yamllint.yaml
29 | 
30 |       - uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86  # v6.1.0
31 |         with:
32 |           args: --verbose
33 |           version: v1.57.1
34 | 
35 |   build:
36 |     name: Build all linux architectures
37 |     needs: lint
38 |     runs-on: ubuntu-latest
39 |     steps:
40 |       - name: setup go
41 |         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
42 |         with:
43 |           go-version: ${{ env.GO_VERSION }}
44 | 
45 |       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
46 | 
47 |       - name: Build on all supported architectures
48 |         run: |
49 |           set -e
50 |           for arch in ${LINUX_ARCHES}; do
51 |             echo "Building for arch $arch"
52 |             GOARCH=$arch go build ./...
53 |           done
54 | 
55 |   test-linux:
56 |     name: Run tests on Linux amd64
57 |     needs: build
58 |     runs-on: ubuntu-latest
59 |     steps:
60 |       - name: setup go
61 |         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
62 |         with:
63 |           go-version: ${{ env.GO_VERSION }}
64 | 
65 |       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
66 | 
67 |       - name: Install test binaries
68 |         run: |
69 |           go install github.com/mattn/goveralls@v0.0.12
70 |           go install github.com/modocache/gover@latest
71 | 
72 |       - name: test
73 |         run: COVERALLS=1 ./test.sh
74 | 
75 |       - env:
76 |           COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
77 |         name: Send coverage to coveralls
78 |         run: |
79 |           PATH=$PATH:$(go env GOPATH)/bin
80 |           gover
81 |           goveralls -coverprofile=gover.coverprofile -service=github
82 | 
83 |   test-win:
84 |     name: Build and run tests on Windows
85 |     needs: build
86 |     runs-on: windows-latest
87 |     steps:
88 |       - name: setup go
89 |         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
90 |         with:
91 |           go-version: ${{ env.GO_VERSION }}
92 | 
93 |       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332  # v4.1.7
94 | 
95 |       - name: test
96 |         run: bash ./test.sh
97 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/
2 | *.sw[ponm]
3 | .vagrant
4 | release-*
5 | cnitool/cnitool


--------------------------------------------------------------------------------
/.golangci.yml:
--------------------------------------------------------------------------------
 1 | linters:
 2 |   enable:
 3 |     - contextcheck
 4 |     - errcheck
 5 |     - errorlint
 6 |     - gci
 7 |     - ginkgolinter
 8 |     - gocritic
 9 |     - gofumpt
10 |     - govet
11 |     - ineffassign
12 |     - misspell
13 |     - nolintlint
14 |     - nonamedreturns
15 |     - predeclared
16 |     - staticcheck
17 |     - typecheck
18 |     - unconvert
19 |     - unused
20 |     - whitespace
21 | 
22 | linters-settings:
23 |   gci:
24 |     sections:
25 |       - standard
26 |       - default
27 |       - prefix(github.com/containernetworking)
28 | 
29 | run:
30 |   timeout: 5m
31 | 


--------------------------------------------------------------------------------
/.yamllint.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | extends: default
 3 | 
 4 | rules:
 5 |   document-start: disable
 6 |   line-length: disable
 7 |   truthy:
 8 |     ignore: |
 9 |       .github/workflows/*.yml
10 |       .github/workflows/*.yaml
11 | 


--------------------------------------------------------------------------------
/CODE-OF-CONDUCT.md:
--------------------------------------------------------------------------------
1 | # Community Code of Conduct
2 | 
3 | CNI follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
4 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
  1 | # How to Contribute
  2 | 
  3 | CNI is [Apache 2.0 licensed](LICENSE) and accepts contributions via GitHub
  4 | pull requests. This document outlines some of the conventions on development
  5 | workflow, commit message formatting, contact points and other resources to make
  6 | it easier to get your contribution accepted.
  7 | 
  8 | We gratefully welcome improvements to documentation as well as to code.
  9 | 
 10 | ## Certificate of Origin
 11 | 
 12 | By contributing to this project you agree to the Developer Certificate of
 13 | Origin (DCO). This document was created by the Linux Kernel community and is a
 14 | simple statement that you, as a contributor, have the legal right to make the
 15 | contribution. See the [DCO](DCO) file for details.
 16 | 
 17 | ## Email and Chat
 18 | 
 19 | The project uses the cni-dev email list, IRC chat, and Slack:
 20 | - Email: [cni-dev](https://groups.google.com/forum/#!forum/cni-dev)
 21 | - IRC: #[containernetworking](irc://irc.freenode.net:6667/#containernetworking) channel on [freenode.net](https://freenode.net/)
 22 | - Slack: #cni on the [CNCF slack](https://slack.cncf.io/).  NOTE: the previous CNI Slack (containernetworking.slack.com) has been sunsetted.
 23 | 
 24 | Please avoid emailing maintainers found in the MAINTAINERS file directly. They
 25 | are very busy and read the mailing lists.
 26 | 
 27 | ## Getting Started
 28 | 
 29 | - Fork the repository on GitHub
 30 | - Read the [README](README.md) for build and test instructions
 31 | - Play with the project, submit bugs, submit pull requests!
 32 | 
 33 | ## Contribution workflow
 34 | 
 35 | This is a rough outline of how to prepare a contribution:
 36 | 
 37 | - Create a topic branch from where you want to base your work (usually branched from main).
 38 | - Make commits of logical units.
 39 | - Make sure your commit messages are in the proper format (see below).
 40 | - Push your changes to a topic branch in your fork of the repository.
 41 | - If you changed code:
 42 |   - add automated tests to cover your changes, using the [Ginkgo](https://onsi.github.io/ginkgo/) & [Gomega](https://onsi.github.io/gomega/) style
 43 |   - if the package did not previously have any test coverage, add it to the list
 44 |    of `TESTABLE` packages in the `test.sh` script.
 45 |   - run the full test script and ensure it passes
 46 | - Make sure any new code files have a license header (this is now enforced by automated tests)
 47 | - Submit a pull request to the original repository.
 48 | 
 49 | ## How to run the test suite
 50 | 
 51 | We generally require test coverage of any new features or bug fixes.
 52 | 
 53 | Here's how you can run the test suite on any system (even Mac or Windows) using
 54 |  [Vagrant](https://www.vagrantup.com/) and a hypervisor of your choice:
 55 | 
 56 | ```bash
 57 | vagrant up
 58 | vagrant ssh
 59 | # you're now in a shell in a virtual machine
 60 | sudo su
 61 | cd /go/src/github.com/containernetworking/cni
 62 | 
 63 | # to run the full test suite
 64 | ./test.sh
 65 | 
 66 | # to focus on a particular test suite
 67 | cd libcni
 68 | go test
 69 | ```
 70 | 
 71 | ## Acceptance policy
 72 | 
 73 | These things will make a PR more likely to be accepted:
 74 | 
 75 | - a well-described requirement
 76 | - tests for new code
 77 | - tests for old code!
 78 | - new code and tests follow the conventions in old code and tests
 79 | - a good commit message (see below)
 80 | 
 81 | In general, we will merge a PR once two maintainers have endorsed it.
 82 | Trivial changes (e.g., corrections to spelling) may get waved through.
 83 | For substantial changes, more people may become involved, and you might get asked to resubmit the PR or divide the changes into more than one PR.
 84 | 
 85 | ### Format of the Commit Message
 86 | 
 87 | We follow a rough convention for commit messages that is designed to answer two
 88 | questions: what changed and why. The subject line should feature the what and
 89 | the body of the commit should describe the why.
 90 | 
 91 | ```md
 92 | scripts: add the test-cluster command
 93 | 
 94 | this uses tmux to setup a test cluster that you can easily kill and
 95 | start for debugging.
 96 | 
 97 | Fixes #38
 98 | ```
 99 | 
100 | The format can be described more formally as follows:
101 | 
102 | ```md
103 | <subsystem>: <what changed>
104 | <BLANK LINE>
105 | <why this change was made>
106 | <BLANK LINE>
107 | <footer>
108 | ```
109 | 
110 | The first line is the subject and should be no longer than 70 characters, the
111 | second line is always blank, and other lines should be wrapped at 80 characters.
112 | This allows the message to be easier to read on GitHub as well as in various
113 | git tools.
114 | 
115 | ## 3rd party plugins
116 | 
117 | So you've built a CNI plugin.  Where should it live?
118 | 
119 | Short answer: We'd be happy to link to it from our [list of 3rd party plugins](README.md#3rd-party-plugins).
120 | But we'd rather you kept the code in your own repo.
121 | 
122 | Long answer: An advantage of the CNI model is that independent plugins can be
123 | built, distributed and used without any code changes to this repository.  While
124 | some widely used plugins (and a few less-popular legacy ones) live in this repo,
125 | we're reluctant to add more.
126 | 
127 | If you have a good reason why the CNI maintainers should take custody of your
128 | plugin, please open an issue or PR.
129 | 


--------------------------------------------------------------------------------
/DCO:
--------------------------------------------------------------------------------
 1 | Developer Certificate of Origin
 2 | Version 1.1
 3 | 
 4 | Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
 5 | 660 York Street, Suite 102,
 6 | San Francisco, CA 94110 USA
 7 | 
 8 | Everyone is permitted to copy and distribute verbatim copies of this
 9 | license document, but changing it is not allowed.
10 | 
11 | 
12 | Developer's Certificate of Origin 1.1
13 | 
14 | By making a contribution to this project, I certify that:
15 | 
16 | (a) The contribution was created in whole or in part by me and I
17 |     have the right to submit it under the open source license
18 |     indicated in the file; or
19 | 
20 | (b) The contribution is based upon previous work that, to the best
21 |     of my knowledge, is covered under an appropriate open source
22 |     license and I have the right under that license to submit that
23 |     work with modifications, whether created in whole or in part
24 |     by me, under the same open source license (unless I am
25 |     permitted to submit under a different license), as indicated
26 |     in the file; or
27 | 
28 | (c) The contribution was provided directly to me by some other
29 |     person who certified (a), (b) or (c) and I have not modified
30 |     it.
31 | 
32 | (d) I understand and agree that this project and the contribution
33 |     are public and that a record of the contribution (including all
34 |     personal information I submit with it, including my sign-off) is
35 |     maintained indefinitely and may be redistributed consistent with
36 |     this project or the open source license(s) involved.
37 | 


--------------------------------------------------------------------------------
/Documentation/cnitool.md:
--------------------------------------------------------------------------------
 1 | # Overview
 2 | 
 3 | The `cnitool` is a utility that can be used to test a CNI plugin
 4 | without the need for a container runtime. The `cnitool` takes a
 5 | `network name` and a `network namespace` and a command to `ADD` or
 6 | `DEL`,.i.e, attach or detach containers from a network. The `cnitool`
 7 | relies on the following environment variables to operate properly:
 8 | 
 9 | * `NETCONFPATH`: This environment variable needs to be set to a
10 |   directory. It defaults to `/etc/cni/net.d`. The `cnitool` searches
11 |   for CNI configuration files in this directory with the extension
12 |   `*.conf` or `*.json`. It loads all the CNI configuration files in
13 |   this directory and if it finds a CNI configuration with the `network
14 |   name` given to the cnitool it returns the corresponding CNI
15 |   configuration, else it returns `nil`.
16 | * `CNI_PATH`: For a given CNI configuration `cnitool` will search for
17 |   the corresponding CNI plugin in this path.
18 | 
19 | For the full documentation of `cnitool` see the [cnitool docs](../cnitool/README.md)
20 | 


--------------------------------------------------------------------------------
/GOVERNANCE.md:
--------------------------------------------------------------------------------
 1 | # CNI Governance
 2 | 
 3 | This document defines project governance for the project.
 4 | 
 5 | ## Voting
 6 | 
 7 | The CNI project employs "organization voting" to ensure no single organization can dominate the project.
 8 | 
 9 | Individuals not associated with or employed by a company or organization are allowed one organization vote.
10 | Each company or organization (regardless of the number of maintainers associated with or employed by that company/organization) receives one organization vote.
11 | 
12 | In other words, if two maintainers are employed by Company X, two by Company Y, two by Company Z, and one maintainer is an un-affiliated individual, a total of four "organization votes" are possible; one for X, one for Y, one for Z, and one for the un-affiliated individual.
13 | 
14 | Any maintainer from an organization may cast the vote for that organization.
15 | 
16 | For formal votes, a specific statement of what is being voted on should be added to the relevant github issue or PR, and a link to that issue or PR added to the maintainers meeting agenda document.
17 | Maintainers should indicate their yes/no vote on that issue or PR, and after a suitable period of time, the votes will be tallied and the outcome noted.
18 | 
19 | ## Changes in Maintainership
20 | 
21 | New maintainers are proposed by an existing maintainer and are elected by a 2/3 majority organization vote.
22 | 
23 | Maintainers can be removed by a 2/3 majority organization vote.
24 | 
25 | ## Approving PRs
26 | 
27 | Non-specification-related PRs may be merged after receiving at least two organization votes.
28 | 
29 | Changes to the CNI Specification also follow the normal PR approval process (eg, 2 organization votes), but any maintainer can request that the approval require a 2/3 majority organization vote.
30 | 
31 | ## Github Project Administration
32 | 
33 | Maintainers will be added to the containernetworking GitHub organization and added to the GitHub cni-maintainers team, and made a GitHub maintainer of that team.
34 | 
35 | After 6 months a maintainer will be made an "owner" of the GitHub organization.
36 | 
37 | ## Changes in Governance
38 | 
39 | All changes in Governance require a 2/3 majority organization vote.
40 | 
41 | ## Other Changes
42 | 
43 | Unless specified above, all other changes to the project require a 2/3 majority organization vote.
44 | Additionally, any maintainer may request that any change require a 2/3 majority organization vote.
45 | 


--------------------------------------------------------------------------------
/MAINTAINERS:
--------------------------------------------------------------------------------
 1 | Bruce Ma <brucema19901024@gmail.com> (@mars1024)
 2 | Casey Callendrello <cdc@isovalent.com> (@squeed)
 3 | Michael Cambria <mcambria@redhat.com> (@mccv1r0)
 4 | Michael Zappa <Michael.Zappa@gmail.com> (@MikeZappa87)
 5 | Tomofumi Hayashi <s1061123@gmail.com> (@s1061123)
 6 | Lionel Jouin <lionel.jouin@est.tech> (@LionelJouin)
 7 | Ben Leggett <benjamin@edera.dev> (@bleggett)
 8 | Marcelo Guerrero <guerrero.viveros@gmail.com> (@mlguerrero12)
 9 | Doug Smith <douglas.kipp.smith@gmail.com> (@dougbtv)
10 | 
11 | Emeritus:
12 | Dan Williams <dcbw@redhat.com> (@dcbw)
13 | Matt Dupre <matt@tigera.io> (@matthewdupre)
14 | Piotr Skamruk <piotr.skamruk@gmail.com> (@jellonek)


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | include mk/lint.mk


--------------------------------------------------------------------------------
/RELEASING.md:
--------------------------------------------------------------------------------
 1 | # Release process
 2 | ## Preparing for a release
 3 | 
 4 | Releases are performed by maintainers and should usually be discussed and planned at a maintainer meeting.
 5 | 
 6 | - Choose the version number. It should be prefixed with `v`, e.g. `v1.2.3`
 7 | - Take a quick scan through the PRs and issues to make sure there isn't anything crucial that _must_ be in the next release.
 8 | - Create a draft of the release note
 9 | - Discuss the level of testing that's needed and create a test plan if sensible
10 | - Check what version of `go` is used in the build container, updating it if there's a new stable release.
11 | 
12 | ## Publishing the release
13 | 
14 | 1. Make sure you are on the master branch and don't have any local uncommitted changes.
15 | 1. Create a signed tag for the release `git tag -s $VERSION` (Ensure that GPG keys are created and added to GitHub)
16 | 1. Push the tag to git `git push origin <TAG>`
17 | 1. Create a release on Github, using the tag which was just pushed.
18 | 1. Add the release note to the release.
19 | 1. Announce the release on at least the CNI mailing, IRC and Slack.
20 | 


--------------------------------------------------------------------------------
/ROADMAP.md:
--------------------------------------------------------------------------------
 1 | # CNI Roadmap
 2 | 
 3 | This document defines a high level roadmap for CNI development.
 4 | The list below is not complete, and we advise to get the current project state from the [milestones defined in GitHub](https://github.com/containernetworking/cni/milestones).
 5 | 
 6 | ## CNI Milestones
 7 | 
 8 | ### [v1.0.0](https://github.com/containernetworking/cni/milestones/v1.0.0)
 9 | 
10 | - Targeted for April 2020
11 | - More precise specification language
12 | - Stable SPEC
13 | - Complete test coverage
14 | 
15 | ### Beyond v1.0.0
16 | 
17 | - Conformance test suite for CNI plugins (both reference and 3rd party)
18 | - Signed release binaries
19 | 


--------------------------------------------------------------------------------
/cnitool/README.md:
--------------------------------------------------------------------------------
 1 | # cnitool
 2 | 
 3 | `cnitool` is a simple program that executes a CNI configuration. It will
 4 | add or remove an interface in an already-created network namespace.
 5 | 
 6 | ## Environment Variables
 7 | 
 8 | * `NETCONFPATH`: This environment variable needs to be set to a
 9 |   directory. It defaults to `/etc/cni/net.d`. The `cnitool` searches
10 |   for CNI configuration files in this directory according to the following priorities:
11 |   1. Search files with the extension `*.conflist`, representing a list of plugin configurations.
12 |   2. If there are no `*.conflist` files in the directory, search files with the extension `*.conf` or `*.json`, 
13 |   representing a single plugin configuration.
14 |   
15 |   It loads all the CNI configuration files in
16 |   this directory and if it finds a CNI configuration with the `network
17 |   name` given to the cnitool it returns the corresponding CNI
18 |   configuration, else it returns `nil`.
19 | * `CNI_PATH`: For a given CNI configuration `cnitool` will search for
20 |   the corresponding CNI plugin in this path.
21 | 
22 | ## Example invocation
23 | 
24 | First, install cnitool:
25 | 
26 | ```bash
27 | go get github.com/containernetworking/cni
28 | go install github.com/containernetworking/cni/cnitool
29 | ```
30 | 
31 | Then, check out and build the plugins. All commands should be run from this directory.
32 | 
33 | ```bash
34 | git clone https://github.com/containernetworking/plugins.git
35 | cd plugins
36 | ./build_linux.sh
37 | # or
38 | ./build_windows.sh
39 | ```
40 | 
41 | Create a network configuration
42 | 
43 | ```bash
44 | echo '{"cniVersion":"0.4.0","name":"myptp","type":"ptp","ipMasq":true,"ipam":{"type":"host-local","subnet":"172.16.29.0/24","routes":[{"dst":"0.0.0.0/0"}]}}' | sudo tee /etc/cni/net.d/10-myptp.conf
45 | ```
46 | 
47 | Create a network namespace. This will be called `testing`:
48 | 
49 | ```bash
50 | sudo ip netns add testing
51 | ```
52 | 
53 | Add the container to the network:
54 | 
55 | ```bash
56 | sudo CNI_PATH=./bin cnitool add myptp /var/run/netns/testing
57 | ```
58 | 
59 | Check whether the container's networking is as expected (ONLY for spec v0.4.0+):
60 | 
61 | ```bash
62 | sudo CNI_PATH=./bin cnitool check myptp /var/run/netns/testing
63 | ```
64 | 
65 | Test that it works:
66 | 
67 | ```bash
68 | sudo ip -n testing addr
69 | sudo ip netns exec testing ping -c 1 4.2.2.2
70 | ```
71 | 
72 | And clean up:
73 | 
74 | ```bash
75 | sudo CNI_PATH=./bin cnitool del myptp /var/run/netns/testing
76 | sudo ip netns del testing
77 | ```
78 | 


--------------------------------------------------------------------------------
/cnitool/cnitool.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2015 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package main
 16 | 
 17 | import (
 18 | 	"context"
 19 | 	"crypto/sha512"
 20 | 	"encoding/json"
 21 | 	"fmt"
 22 | 	"os"
 23 | 	"path/filepath"
 24 | 	"strings"
 25 | 
 26 | 	"github.com/containernetworking/cni/libcni"
 27 | )
 28 | 
 29 | // Protocol parameters are passed to the plugins via OS environment variables.
 30 | const (
 31 | 	EnvCNIPath        = "CNI_PATH"
 32 | 	EnvNetDir         = "NETCONFPATH"
 33 | 	EnvCapabilityArgs = "CAP_ARGS"
 34 | 	EnvCNIArgs        = "CNI_ARGS"
 35 | 	EnvCNIIfname      = "CNI_IFNAME"
 36 | 
 37 | 	DefaultNetDir = "/etc/cni/net.d"
 38 | 
 39 | 	CmdAdd    = "add"
 40 | 	CmdCheck  = "check"
 41 | 	CmdDel    = "del"
 42 | 	CmdGC     = "gc"
 43 | 	CmdStatus = "status"
 44 | )
 45 | 
 46 | func parseArgs(args string) ([][2]string, error) {
 47 | 	var result [][2]string
 48 | 
 49 | 	pairs := strings.Split(args, ";")
 50 | 	for _, pair := range pairs {
 51 | 		kv := strings.Split(pair, "=")
 52 | 		if len(kv) != 2 || kv[0] == "" || kv[1] == "" {
 53 | 			return nil, fmt.Errorf("invalid CNI_ARGS pair %q", pair)
 54 | 		}
 55 | 
 56 | 		result = append(result, [2]string{kv[0], kv[1]})
 57 | 	}
 58 | 
 59 | 	return result, nil
 60 | }
 61 | 
 62 | func main() {
 63 | 	if len(os.Args) < 4 {
 64 | 		usage()
 65 | 	}
 66 | 
 67 | 	netdir := os.Getenv(EnvNetDir)
 68 | 	if netdir == "" {
 69 | 		netdir = DefaultNetDir
 70 | 	}
 71 | 	netconf, err := libcni.LoadNetworkConf(netdir, os.Args[2])
 72 | 	if err != nil {
 73 | 		exit(err)
 74 | 	}
 75 | 
 76 | 	var capabilityArgs map[string]interface{}
 77 | 	capabilityArgsValue := os.Getenv(EnvCapabilityArgs)
 78 | 	if len(capabilityArgsValue) > 0 {
 79 | 		if err = json.Unmarshal([]byte(capabilityArgsValue), &capabilityArgs); err != nil {
 80 | 			exit(err)
 81 | 		}
 82 | 	}
 83 | 
 84 | 	var cniArgs [][2]string
 85 | 	args := os.Getenv(EnvCNIArgs)
 86 | 	if len(args) > 0 {
 87 | 		cniArgs, err = parseArgs(args)
 88 | 		if err != nil {
 89 | 			exit(err)
 90 | 		}
 91 | 	}
 92 | 
 93 | 	ifName, ok := os.LookupEnv(EnvCNIIfname)
 94 | 	if !ok {
 95 | 		ifName = "eth0"
 96 | 	}
 97 | 
 98 | 	netns := os.Args[3]
 99 | 	netns, err = filepath.Abs(netns)
100 | 	if err != nil {
101 | 		exit(err)
102 | 	}
103 | 
104 | 	// Generate the containerid by hashing the netns path
105 | 	s := sha512.Sum512([]byte(netns))
106 | 	containerID := fmt.Sprintf("cnitool-%x", s[:10])
107 | 
108 | 	cninet := libcni.NewCNIConfig(filepath.SplitList(os.Getenv(EnvCNIPath)), nil)
109 | 
110 | 	rt := &libcni.RuntimeConf{
111 | 		ContainerID:    containerID,
112 | 		NetNS:          netns,
113 | 		IfName:         ifName,
114 | 		Args:           cniArgs,
115 | 		CapabilityArgs: capabilityArgs,
116 | 	}
117 | 
118 | 	switch os.Args[1] {
119 | 	case CmdAdd:
120 | 		result, err := cninet.AddNetworkList(context.TODO(), netconf, rt)
121 | 		if result != nil {
122 | 			_ = result.Print()
123 | 		}
124 | 		exit(err)
125 | 	case CmdCheck:
126 | 		err := cninet.CheckNetworkList(context.TODO(), netconf, rt)
127 | 		exit(err)
128 | 	case CmdDel:
129 | 		exit(cninet.DelNetworkList(context.TODO(), netconf, rt))
130 | 	case CmdGC:
131 | 		// Currently just invoke GC without args, hence all network interface should be GC'ed!
132 | 		exit(cninet.GCNetworkList(context.TODO(), netconf, nil))
133 | 	case CmdStatus:
134 | 		exit(cninet.GetStatusNetworkList(context.TODO(), netconf))
135 | 	}
136 | }
137 | 
138 | func usage() {
139 | 	exe := filepath.Base(os.Args[0])
140 | 
141 | 	fmt.Fprintf(os.Stderr, "%s: Add, check, remove, gc or status network interfaces from a network namespace\n", exe)
142 | 	fmt.Fprintf(os.Stderr, "  %s add    <net> <netns>\n", exe)
143 | 	fmt.Fprintf(os.Stderr, "  %s check  <net> <netns>\n", exe)
144 | 	fmt.Fprintf(os.Stderr, "  %s del    <net> <netns>\n", exe)
145 | 	fmt.Fprintf(os.Stderr, "  %s gc     <net> <netns>\n", exe)
146 | 	fmt.Fprintf(os.Stderr, "  %s status <net> <netns>\n", exe)
147 | 	os.Exit(1)
148 | }
149 | 
150 | func exit(err error) {
151 | 	if err != nil {
152 | 		fmt.Fprintf(os.Stderr, "%s\n", err)
153 | 		os.Exit(1)
154 | 	}
155 | 	os.Exit(0)
156 | }
157 | 


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
 1 | module github.com/containernetworking/cni
 2 | 
 3 | go 1.21
 4 | 
 5 | require (
 6 | 	github.com/onsi/ginkgo/v2 v2.20.1
 7 | 	github.com/onsi/gomega v1.34.1
 8 | 	github.com/vishvananda/netns v0.0.4
 9 | )
10 | 
11 | require (
12 | 	github.com/go-logr/logr v1.4.2 // indirect
13 | 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
14 | 	github.com/google/go-cmp v0.6.0 // indirect
15 | 	github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 // indirect
16 | 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
17 | 	golang.org/x/net v0.28.0 // indirect
18 | 	golang.org/x/sys v0.23.0 // indirect
19 | 	golang.org/x/text v0.17.0 // indirect
20 | 	golang.org/x/tools v0.24.0 // indirect
21 | 	gopkg.in/yaml.v3 v3.0.1 // indirect
22 | )
23 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
 1 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 2 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 3 | github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
 4 | github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 5 | github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 6 | github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
 7 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 8 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 9 | github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k=
10 | github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo=
11 | github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo=
12 | github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI=
13 | github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
14 | github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
15 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
16 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
17 | github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
18 | github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
19 | github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
20 | github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
21 | golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
22 | golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
23 | golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
24 | golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
25 | golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
26 | golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
27 | golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
28 | golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
29 | golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24=
30 | golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ=
31 | google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
32 | google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
33 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
34 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
35 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
36 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
37 | 


--------------------------------------------------------------------------------
/libcni/backwards_compatibility_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package libcni_test
 16 | 
 17 | import (
 18 | 	"context"
 19 | 	"fmt"
 20 | 	"os"
 21 | 	"os/exec"
 22 | 	"path/filepath"
 23 | 	"runtime"
 24 | 	"strings"
 25 | 
 26 | 	. "github.com/onsi/ginkgo/v2"
 27 | 	. "github.com/onsi/gomega"
 28 | 	"github.com/onsi/gomega/gexec"
 29 | 
 30 | 	"github.com/containernetworking/cni/libcni"
 31 | 	"github.com/containernetworking/cni/pkg/version/legacy_examples"
 32 | )
 33 | 
 34 | var _ = Describe("Backwards compatibility", func() {
 35 | 	var cacheDirPath string
 36 | 
 37 | 	BeforeEach(func() {
 38 | 		var err error
 39 | 		cacheDirPath, err = os.MkdirTemp("", "cni_cachedir")
 40 | 		Expect(err).NotTo(HaveOccurred())
 41 | 	})
 42 | 
 43 | 	AfterEach(func() {
 44 | 		Expect(os.RemoveAll(cacheDirPath)).To(Succeed())
 45 | 	})
 46 | 
 47 | 	It("correctly handles the response from a legacy plugin", func() {
 48 | 		example := legacy_examples.V010
 49 | 		pluginPath, err := example.Build()
 50 | 		Expect(err).NotTo(HaveOccurred())
 51 | 
 52 | 		netConf, err := libcni.ConfFromBytes([]byte(fmt.Sprintf(
 53 | 			`{ "name": "old-thing", "type": "%s" }`, example.Name)))
 54 | 		Expect(err).NotTo(HaveOccurred())
 55 | 
 56 | 		runtimeConf := &libcni.RuntimeConf{
 57 | 			ContainerID: "some-container-id",
 58 | 			NetNS:       "/some/netns/path",
 59 | 			IfName:      "eth0",
 60 | 		}
 61 | 
 62 | 		cniConfig := libcni.NewCNIConfigWithCacheDir([]string{filepath.Dir(pluginPath)}, cacheDirPath, nil)
 63 | 
 64 | 		result, err := cniConfig.AddNetwork(context.TODO(), netConf, runtimeConf)
 65 | 		Expect(err).NotTo(HaveOccurred())
 66 | 
 67 | 		Expect(result).To(Equal(legacy_examples.ExpectedResult))
 68 | 
 69 | 		err = cniConfig.DelNetwork(context.TODO(), netConf, runtimeConf)
 70 | 		Expect(err).NotTo(HaveOccurred())
 71 | 
 72 | 		Expect(os.RemoveAll(pluginPath)).To(Succeed())
 73 | 	})
 74 | 
 75 | 	It("correctly handles the request from a runtime with an older libcni", func() {
 76 | 		if runtime.GOOS == "windows" {
 77 | 			Skip("cannot build old runtime on windows")
 78 | 		}
 79 | 		example := legacy_examples.V010_Runtime
 80 | 
 81 | 		binPath, err := example.Build()
 82 | 		Expect(err).NotTo(HaveOccurred())
 83 | 
 84 | 		for _, configName := range example.NetConfs {
 85 | 			conf, err := example.GenerateNetConf(configName)
 86 | 			if err != nil {
 87 | 				Fail("Failed to generate config name " + configName + ": " + err.Error())
 88 | 			}
 89 | 			defer conf.Cleanup()
 90 | 
 91 | 			cmd := exec.Command(binPath, pluginDirs...)
 92 | 			cmd.Stdin = strings.NewReader(conf.Config)
 93 | 
 94 | 			session, err := gexec.Start(cmd, GinkgoWriter, GinkgoWriter)
 95 | 			Expect(err).NotTo(HaveOccurred())
 96 | 
 97 | 			Eventually(session).Should(gexec.Exit(0))
 98 | 		}
 99 | 	})
100 | })
101 | 


--------------------------------------------------------------------------------
/libcni/libcni_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package libcni_test
16 | 
17 | import (
18 | 	"encoding/json"
19 | 	"path/filepath"
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | 	"github.com/onsi/gomega/gexec"
25 | )
26 | 
27 | func TestLibcni(t *testing.T) {
28 | 	RegisterFailHandler(Fail)
29 | 	RunSpecs(t, "Libcni Suite")
30 | }
31 | 
32 | var pluginPackages = map[string]string{
33 | 	"noop":  "github.com/containernetworking/cni/plugins/test/noop",
34 | 	"sleep": "github.com/containernetworking/cni/plugins/test/sleep",
35 | }
36 | 
37 | var (
38 | 	pluginPaths map[string]string
39 | 	pluginDirs  []string // array of plugin dirs
40 | )
41 | 
42 | var _ = SynchronizedBeforeSuite(func() []byte {
43 | 	paths := map[string]string{}
44 | 	for name, packagePath := range pluginPackages {
45 | 		execPath, err := gexec.Build(packagePath)
46 | 		Expect(err).NotTo(HaveOccurred())
47 | 		paths[name] = execPath
48 | 	}
49 | 	crossNodeData, err := json.Marshal(paths)
50 | 	Expect(err).NotTo(HaveOccurred())
51 | 
52 | 	return crossNodeData
53 | }, func(crossNodeData []byte) {
54 | 	Expect(json.Unmarshal(crossNodeData, &pluginPaths)).To(Succeed())
55 | 	for _, pluginPath := range pluginPaths {
56 | 		pluginDirs = append(pluginDirs, filepath.Dir(pluginPath))
57 | 	}
58 | })
59 | 
60 | var _ = SynchronizedAfterSuite(func() {}, func() {
61 | 	gexec.CleanupBuildArtifacts()
62 | })
63 | 


--------------------------------------------------------------------------------
/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/containernetworking/cni/d0bdb01ee93a7272b9ca700f203e18a6fad700db/logo.png


--------------------------------------------------------------------------------
/mk/dependencies/golangci.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | set -e
3 | 
4 | GOLANGCI_LINT_VERSION="v1.57.1"
5 | 
6 | go install "github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}"
7 | 


--------------------------------------------------------------------------------
/mk/lint.mk:
--------------------------------------------------------------------------------
 1 | .PHONY: lint
 2 | lint: golangci/install golangci/lint
 3 | 
 4 | .PHONY: golangci/install
 5 | golangci/install:
 6 | 	./mk/dependencies/golangci.sh
 7 | 
 8 | .PHONY: golangci/lint
 9 | golangci/lint:
10 | 	golangci-lint run --verbose
11 | 
12 | .PHONY: golangci/fix
13 | golangci/fix:
14 | 	golangci-lint run --verbose --fix


--------------------------------------------------------------------------------
/pkg/invoke/args.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2015 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke
 16 | 
 17 | import (
 18 | 	"fmt"
 19 | 	"os"
 20 | 	"strings"
 21 | )
 22 | 
 23 | type CNIArgs interface {
 24 | 	// For use with os/exec; i.e., return nil to inherit the
 25 | 	// environment from this process
 26 | 	// For use in delegation; inherit the environment from this
 27 | 	// process and allow overrides
 28 | 	AsEnv() []string
 29 | }
 30 | 
 31 | type inherited struct{}
 32 | 
 33 | var inheritArgsFromEnv inherited
 34 | 
 35 | func (*inherited) AsEnv() []string {
 36 | 	return nil
 37 | }
 38 | 
 39 | func ArgsFromEnv() CNIArgs {
 40 | 	return &inheritArgsFromEnv
 41 | }
 42 | 
 43 | type Args struct {
 44 | 	Command       string
 45 | 	ContainerID   string
 46 | 	NetNS         string
 47 | 	PluginArgs    [][2]string
 48 | 	PluginArgsStr string
 49 | 	IfName        string
 50 | 	Path          string
 51 | }
 52 | 
 53 | // Args implements the CNIArgs interface
 54 | var _ CNIArgs = &Args{}
 55 | 
 56 | func (args *Args) AsEnv() []string {
 57 | 	env := os.Environ()
 58 | 	pluginArgsStr := args.PluginArgsStr
 59 | 	if pluginArgsStr == "" {
 60 | 		pluginArgsStr = stringify(args.PluginArgs)
 61 | 	}
 62 | 
 63 | 	// Duplicated values which come first will be overridden, so we must put the
 64 | 	// custom values in the end to avoid being overridden by the process environments.
 65 | 	env = append(env,
 66 | 		"CNI_COMMAND="+args.Command,
 67 | 		"CNI_CONTAINERID="+args.ContainerID,
 68 | 		"CNI_NETNS="+args.NetNS,
 69 | 		"CNI_ARGS="+pluginArgsStr,
 70 | 		"CNI_IFNAME="+args.IfName,
 71 | 		"CNI_PATH="+args.Path,
 72 | 	)
 73 | 	return dedupEnv(env)
 74 | }
 75 | 
 76 | // taken from rkt/networking/net_plugin.go
 77 | func stringify(pluginArgs [][2]string) string {
 78 | 	entries := make([]string, len(pluginArgs))
 79 | 
 80 | 	for i, kv := range pluginArgs {
 81 | 		entries[i] = strings.Join(kv[:], "=")
 82 | 	}
 83 | 
 84 | 	return strings.Join(entries, ";")
 85 | }
 86 | 
 87 | // DelegateArgs implements the CNIArgs interface
 88 | // used for delegation to inherit from environments
 89 | // and allow some overrides like CNI_COMMAND
 90 | var _ CNIArgs = &DelegateArgs{}
 91 | 
 92 | type DelegateArgs struct {
 93 | 	Command string
 94 | }
 95 | 
 96 | func (d *DelegateArgs) AsEnv() []string {
 97 | 	env := os.Environ()
 98 | 
 99 | 	// The custom values should come in the end to override the existing
100 | 	// process environment of the same key.
101 | 	env = append(env,
102 | 		"CNI_COMMAND="+d.Command,
103 | 	)
104 | 	return dedupEnv(env)
105 | }
106 | 
107 | // dedupEnv returns a copy of env with any duplicates removed, in favor of later values.
108 | // Items not of the normal environment "key=value" form are preserved unchanged.
109 | func dedupEnv(env []string) []string {
110 | 	out := make([]string, 0, len(env))
111 | 	envMap := map[string]string{}
112 | 
113 | 	for _, kv := range env {
114 | 		// find the first "=" in environment, if not, just keep it
115 | 		eq := strings.Index(kv, "=")
116 | 		if eq < 0 {
117 | 			out = append(out, kv)
118 | 			continue
119 | 		}
120 | 		envMap[kv[:eq]] = kv[eq+1:]
121 | 	}
122 | 
123 | 	for k, v := range envMap {
124 | 		out = append(out, fmt.Sprintf("%s=%s", k, v))
125 | 	}
126 | 
127 | 	return out
128 | }
129 | 


--------------------------------------------------------------------------------
/pkg/invoke/args_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2017 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke_test
 16 | 
 17 | import (
 18 | 	"os"
 19 | 
 20 | 	. "github.com/onsi/ginkgo/v2"
 21 | 	. "github.com/onsi/gomega"
 22 | 
 23 | 	"github.com/containernetworking/cni/pkg/invoke"
 24 | )
 25 | 
 26 | var _ = Describe("CNIArgs AsEnv", func() {
 27 | 	Describe("Args AsEnv", func() {
 28 | 		BeforeEach(func() {
 29 | 			os.Setenv("CNI_COMMAND", "DEL")
 30 | 			os.Setenv("CNI_IFNAME", "eth0")
 31 | 			os.Setenv("CNI_CONTAINERID", "id")
 32 | 			os.Setenv("CNI_ARGS", "args")
 33 | 			os.Setenv("CNI_NETNS", "testns")
 34 | 			os.Setenv("CNI_PATH", "testpath")
 35 | 		})
 36 | 
 37 | 		It("places the CNI environment variables in the end to be prepended", func() {
 38 | 			args := invoke.Args{
 39 | 				Command:     "ADD",
 40 | 				ContainerID: "some-container-id",
 41 | 				NetNS:       "/some/netns/path",
 42 | 				PluginArgs: [][2]string{
 43 | 					{"KEY1", "VALUE1"},
 44 | 					{"KEY2", "VALUE2"},
 45 | 				},
 46 | 				IfName: "eth7",
 47 | 				Path:   "/some/cni/path",
 48 | 			}
 49 | 
 50 | 			latentEnvs := os.Environ()
 51 | 			numLatentEnvs := len(latentEnvs)
 52 | 
 53 | 			cniEnvs := args.AsEnv()
 54 | 			Expect(cniEnvs).To(HaveLen(numLatentEnvs))
 55 | 
 56 | 			Expect(inStringSlice("CNI_COMMAND=ADD", cniEnvs)).To(BeTrue())
 57 | 			Expect(inStringSlice("CNI_IFNAME=eth7", cniEnvs)).To(BeTrue())
 58 | 			Expect(inStringSlice("CNI_CONTAINERID=some-container-id", cniEnvs)).To(BeTrue())
 59 | 			Expect(inStringSlice("CNI_NETNS=/some/netns/path", cniEnvs)).To(BeTrue())
 60 | 			Expect(inStringSlice("CNI_ARGS=KEY1=VALUE1;KEY2=VALUE2", cniEnvs)).To(BeTrue())
 61 | 			Expect(inStringSlice("CNI_PATH=/some/cni/path", cniEnvs)).To(BeTrue())
 62 | 
 63 | 			Expect(inStringSlice("CNI_COMMAND=DEL", cniEnvs)).To(BeFalse())
 64 | 			Expect(inStringSlice("CNI_IFNAME=eth0", cniEnvs)).To(BeFalse())
 65 | 			Expect(inStringSlice("CNI_CONTAINERID=id", cniEnvs)).To(BeFalse())
 66 | 			Expect(inStringSlice("CNI_NETNS=testns", cniEnvs)).To(BeFalse())
 67 | 			Expect(inStringSlice("CNI_ARGS=args", cniEnvs)).To(BeFalse())
 68 | 			Expect(inStringSlice("CNI_PATH=testpath", cniEnvs)).To(BeFalse())
 69 | 		})
 70 | 
 71 | 		AfterEach(func() {
 72 | 			os.Unsetenv("CNI_COMMAND")
 73 | 			os.Unsetenv("CNI_IFNAME")
 74 | 			os.Unsetenv("CNI_CONTAINERID")
 75 | 			os.Unsetenv("CNI_ARGS")
 76 | 			os.Unsetenv("CNI_NETNS")
 77 | 			os.Unsetenv("CNI_PATH")
 78 | 		})
 79 | 	})
 80 | 
 81 | 	Describe("DelegateArgs AsEnv", func() {
 82 | 		BeforeEach(func() {
 83 | 			os.Unsetenv("CNI_COMMAND")
 84 | 		})
 85 | 
 86 | 		It("override CNI_COMMAND if it already exists in environment variables", func() {
 87 | 			os.Setenv("CNI_COMMAND", "DEL")
 88 | 
 89 | 			delegateArgs := invoke.DelegateArgs{
 90 | 				Command: "ADD",
 91 | 			}
 92 | 
 93 | 			latentEnvs := os.Environ()
 94 | 			numLatentEnvs := len(latentEnvs)
 95 | 
 96 | 			cniEnvs := delegateArgs.AsEnv()
 97 | 			Expect(cniEnvs).To(HaveLen(numLatentEnvs))
 98 | 
 99 | 			Expect(inStringSlice("CNI_COMMAND=ADD", cniEnvs)).To(BeTrue())
100 | 			Expect(inStringSlice("CNI_COMMAND=DEL", cniEnvs)).To(BeFalse())
101 | 		})
102 | 
103 | 		It("append CNI_COMMAND if it does not exist in environment variables", func() {
104 | 			delegateArgs := invoke.DelegateArgs{
105 | 				Command: "ADD",
106 | 			}
107 | 
108 | 			latentEnvs := os.Environ()
109 | 			numLatentEnvs := len(latentEnvs)
110 | 
111 | 			cniEnvs := delegateArgs.AsEnv()
112 | 			Expect(cniEnvs).To(HaveLen(numLatentEnvs + 1))
113 | 
114 | 			Expect(inStringSlice("CNI_COMMAND=ADD", cniEnvs)).To(BeTrue())
115 | 		})
116 | 
117 | 		AfterEach(func() {
118 | 			os.Unsetenv("CNI_COMMAND")
119 | 		})
120 | 	})
121 | 
122 | 	Describe("inherited AsEnv", func() {
123 | 		It("return nil string slice if we call AsEnv of inherited", func() {
124 | 			inheritedArgs := invoke.ArgsFromEnv()
125 | 
126 | 			var nilSlice []string = nil
127 | 			Expect(inheritedArgs.AsEnv()).To(Equal(nilSlice))
128 | 		})
129 | 	})
130 | })
131 | 
132 | func inStringSlice(in string, slice []string) bool {
133 | 	for _, s := range slice {
134 | 		if in == s {
135 | 			return true
136 | 		}
137 | 	}
138 | 	return false
139 | }
140 | 


--------------------------------------------------------------------------------
/pkg/invoke/delegate.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package invoke
16 | 
17 | import (
18 | 	"context"
19 | 	"os"
20 | 	"path/filepath"
21 | 
22 | 	"github.com/containernetworking/cni/pkg/types"
23 | )
24 | 
25 | func delegateCommon(delegatePlugin string, exec Exec) (string, Exec, error) {
26 | 	if exec == nil {
27 | 		exec = defaultExec
28 | 	}
29 | 
30 | 	paths := filepath.SplitList(os.Getenv("CNI_PATH"))
31 | 	pluginPath, err := exec.FindInPath(delegatePlugin, paths)
32 | 	if err != nil {
33 | 		return "", nil, err
34 | 	}
35 | 
36 | 	return pluginPath, exec, nil
37 | }
38 | 
39 | // DelegateAdd calls the given delegate plugin with the CNI ADD action and
40 | // JSON configuration
41 | func DelegateAdd(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec) (types.Result, error) {
42 | 	pluginPath, realExec, err := delegateCommon(delegatePlugin, exec)
43 | 	if err != nil {
44 | 		return nil, err
45 | 	}
46 | 
47 | 	// DelegateAdd will override the original "CNI_COMMAND" env from process with ADD
48 | 	return ExecPluginWithResult(ctx, pluginPath, netconf, delegateArgs("ADD"), realExec)
49 | }
50 | 
51 | // DelegateCheck calls the given delegate plugin with the CNI CHECK action and
52 | // JSON configuration
53 | func DelegateCheck(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec) error {
54 | 	return delegateNoResult(ctx, delegatePlugin, netconf, exec, "CHECK")
55 | }
56 | 
57 | func delegateNoResult(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec, verb string) error {
58 | 	pluginPath, realExec, err := delegateCommon(delegatePlugin, exec)
59 | 	if err != nil {
60 | 		return err
61 | 	}
62 | 
63 | 	return ExecPluginWithoutResult(ctx, pluginPath, netconf, delegateArgs(verb), realExec)
64 | }
65 | 
66 | // DelegateDel calls the given delegate plugin with the CNI DEL action and
67 | // JSON configuration
68 | func DelegateDel(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec) error {
69 | 	return delegateNoResult(ctx, delegatePlugin, netconf, exec, "DEL")
70 | }
71 | 
72 | // DelegateStatus calls the given delegate plugin with the CNI STATUS action and
73 | // JSON configuration
74 | func DelegateStatus(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec) error {
75 | 	return delegateNoResult(ctx, delegatePlugin, netconf, exec, "STATUS")
76 | }
77 | 
78 | // DelegateGC calls the given delegate plugin with the CNI GC action and
79 | // JSON configuration
80 | func DelegateGC(ctx context.Context, delegatePlugin string, netconf []byte, exec Exec) error {
81 | 	return delegateNoResult(ctx, delegatePlugin, netconf, exec, "GC")
82 | }
83 | 
84 | // return CNIArgs used by delegation
85 | func delegateArgs(action string) *DelegateArgs {
86 | 	return &DelegateArgs{
87 | 		Command: action,
88 | 	}
89 | }
90 | 


--------------------------------------------------------------------------------
/pkg/invoke/exec.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2015 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke
 16 | 
 17 | import (
 18 | 	"context"
 19 | 	"encoding/json"
 20 | 	"fmt"
 21 | 	"os"
 22 | 
 23 | 	"github.com/containernetworking/cni/pkg/types"
 24 | 	"github.com/containernetworking/cni/pkg/types/create"
 25 | 	"github.com/containernetworking/cni/pkg/version"
 26 | )
 27 | 
 28 | // Exec is an interface encapsulates all operations that deal with finding
 29 | // and executing a CNI plugin. Tests may provide a fake implementation
 30 | // to avoid writing fake plugins to temporary directories during the test.
 31 | type Exec interface {
 32 | 	ExecPlugin(ctx context.Context, pluginPath string, stdinData []byte, environ []string) ([]byte, error)
 33 | 	FindInPath(plugin string, paths []string) (string, error)
 34 | 	Decode(jsonBytes []byte) (version.PluginInfo, error)
 35 | }
 36 | 
 37 | // Plugin must return result in same version as specified in netconf; but
 38 | // for backwards compatibility reasons if the result version is empty use
 39 | // config version (rather than technically correct 0.1.0).
 40 | // https://github.com/containernetworking/cni/issues/895
 41 | func fixupResultVersion(netconf, result []byte) (string, []byte, error) {
 42 | 	versionDecoder := &version.ConfigDecoder{}
 43 | 	confVersion, err := versionDecoder.Decode(netconf)
 44 | 	if err != nil {
 45 | 		return "", nil, err
 46 | 	}
 47 | 
 48 | 	var rawResult map[string]interface{}
 49 | 	if err := json.Unmarshal(result, &rawResult); err != nil {
 50 | 		return "", nil, fmt.Errorf("failed to unmarshal raw result: %w", err)
 51 | 	}
 52 | 
 53 | 	// plugin output of "null" is successfully unmarshalled, but results in a nil
 54 | 	// map which causes a panic when the confVersion is assigned below.
 55 | 	if rawResult == nil {
 56 | 		rawResult = make(map[string]interface{})
 57 | 	}
 58 | 
 59 | 	// Manually decode Result version; we need to know whether its cniVersion
 60 | 	// is empty, while built-in decoders (correctly) substitute 0.1.0 for an
 61 | 	// empty version per the CNI spec.
 62 | 	if resultVerRaw, ok := rawResult["cniVersion"]; ok {
 63 | 		resultVer, ok := resultVerRaw.(string)
 64 | 		if ok && resultVer != "" {
 65 | 			return resultVer, result, nil
 66 | 		}
 67 | 	}
 68 | 
 69 | 	// If the cniVersion is not present or empty, assume the result is
 70 | 	// the same CNI spec version as the config
 71 | 	rawResult["cniVersion"] = confVersion
 72 | 	newBytes, err := json.Marshal(rawResult)
 73 | 	if err != nil {
 74 | 		return "", nil, fmt.Errorf("failed to remarshal fixed result: %w", err)
 75 | 	}
 76 | 
 77 | 	return confVersion, newBytes, nil
 78 | }
 79 | 
 80 | // For example, a testcase could pass an instance of the following fakeExec
 81 | // object to ExecPluginWithResult() to verify the incoming stdin and environment
 82 | // and provide a tailored response:
 83 | //
 84 | // import (
 85 | //	"encoding/json"
 86 | //	"path"
 87 | //	"strings"
 88 | // )
 89 | //
 90 | // type fakeExec struct {
 91 | //	version.PluginDecoder
 92 | // }
 93 | //
 94 | // func (f *fakeExec) ExecPlugin(pluginPath string, stdinData []byte, environ []string) ([]byte, error) {
 95 | //	net := &types.NetConf{}
 96 | //	err := json.Unmarshal(stdinData, net)
 97 | //	if err != nil {
 98 | //		return nil, fmt.Errorf("failed to unmarshal configuration: %v", err)
 99 | //	}
100 | //	pluginName := path.Base(pluginPath)
101 | //	if pluginName != net.Type {
102 | //		return nil, fmt.Errorf("plugin name %q did not match config type %q", pluginName, net.Type)
103 | //	}
104 | //	for _, e := range environ {
105 | //		// Check environment for forced failure request
106 | //		parts := strings.Split(e, "=")
107 | //		if len(parts) > 0 && parts[0] == "FAIL" {
108 | //			return nil, fmt.Errorf("failed to execute plugin %s", pluginName)
109 | //		}
110 | //	}
111 | //	return []byte("{\"CNIVersion\":\"0.4.0\"}"), nil
112 | // }
113 | //
114 | // func (f *fakeExec) FindInPath(plugin string, paths []string) (string, error) {
115 | //	if len(paths) > 0 {
116 | //		return path.Join(paths[0], plugin), nil
117 | //	}
118 | //	return "", fmt.Errorf("failed to find plugin %s in paths %v", plugin, paths)
119 | // }
120 | 
121 | func ExecPluginWithResult(ctx context.Context, pluginPath string, netconf []byte, args CNIArgs, exec Exec) (types.Result, error) {
122 | 	if exec == nil {
123 | 		exec = defaultExec
124 | 	}
125 | 
126 | 	stdoutBytes, err := exec.ExecPlugin(ctx, pluginPath, netconf, args.AsEnv())
127 | 	if err != nil {
128 | 		return nil, err
129 | 	}
130 | 
131 | 	resultVersion, fixedBytes, err := fixupResultVersion(netconf, stdoutBytes)
132 | 	if err != nil {
133 | 		return nil, err
134 | 	}
135 | 
136 | 	return create.Create(resultVersion, fixedBytes)
137 | }
138 | 
139 | func ExecPluginWithoutResult(ctx context.Context, pluginPath string, netconf []byte, args CNIArgs, exec Exec) error {
140 | 	if exec == nil {
141 | 		exec = defaultExec
142 | 	}
143 | 	_, err := exec.ExecPlugin(ctx, pluginPath, netconf, args.AsEnv())
144 | 	return err
145 | }
146 | 
147 | // GetVersionInfo returns the version information available about the plugin.
148 | // For recent-enough plugins, it uses the information returned by the VERSION
149 | // command.  For older plugins which do not recognize that command, it reports
150 | // version 0.1.0
151 | func GetVersionInfo(ctx context.Context, pluginPath string, exec Exec) (version.PluginInfo, error) {
152 | 	if exec == nil {
153 | 		exec = defaultExec
154 | 	}
155 | 	args := &Args{
156 | 		Command: "VERSION",
157 | 
158 | 		// set fake values required by plugins built against an older version of skel
159 | 		NetNS:  "dummy",
160 | 		IfName: "dummy",
161 | 		Path:   "dummy",
162 | 	}
163 | 	stdin := []byte(fmt.Sprintf(`{"cniVersion":%q}`, version.Current()))
164 | 	stdoutBytes, err := exec.ExecPlugin(ctx, pluginPath, stdin, args.AsEnv())
165 | 	if err != nil {
166 | 		if err.Error() == "unknown CNI_COMMAND: VERSION" {
167 | 			return version.PluginSupports("0.1.0"), nil
168 | 		}
169 | 		return nil, err
170 | 	}
171 | 
172 | 	return exec.Decode(stdoutBytes)
173 | }
174 | 
175 | // DefaultExec is an object that implements the Exec interface which looks
176 | // for and executes plugins from disk.
177 | type DefaultExec struct {
178 | 	*RawExec
179 | 	version.PluginDecoder
180 | }
181 | 
182 | // DefaultExec implements the Exec interface
183 | var _ Exec = &DefaultExec{}
184 | 
185 | var defaultExec = &DefaultExec{
186 | 	RawExec: &RawExec{Stderr: os.Stderr},
187 | }
188 | 


--------------------------------------------------------------------------------
/pkg/invoke/exec_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke_test
 16 | 
 17 | import (
 18 | 	"context"
 19 | 	"encoding/json"
 20 | 	"errors"
 21 | 
 22 | 	. "github.com/onsi/ginkgo/v2"
 23 | 	. "github.com/onsi/gomega"
 24 | 
 25 | 	"github.com/containernetworking/cni/pkg/invoke"
 26 | 	"github.com/containernetworking/cni/pkg/invoke/fakes"
 27 | 	current "github.com/containernetworking/cni/pkg/types/100"
 28 | 	"github.com/containernetworking/cni/pkg/version"
 29 | )
 30 | 
 31 | var _ = Describe("Executing a plugin, unit tests", func() {
 32 | 	var (
 33 | 		pluginExec     invoke.Exec
 34 | 		rawExec        *fakes.RawExec
 35 | 		versionDecoder *fakes.VersionDecoder
 36 | 
 37 | 		pluginPath string
 38 | 		netconf    []byte
 39 | 		cniargs    *fakes.CNIArgs
 40 | 		ctx        context.Context
 41 | 	)
 42 | 
 43 | 	BeforeEach(func() {
 44 | 		rawExec = &fakes.RawExec{}
 45 | 		rawExec.ExecPluginCall.Returns.ResultBytes = []byte(`{ "cniVersion": "0.3.1", "ips": [ { "version": "4", "address": "1.2.3.4/24" } ] }`)
 46 | 
 47 | 		versionDecoder = &fakes.VersionDecoder{}
 48 | 		versionDecoder.DecodeCall.Returns.PluginInfo = version.PluginSupports("0.42.0")
 49 | 
 50 | 		pluginExec = &struct {
 51 | 			*fakes.RawExec
 52 | 			*fakes.VersionDecoder
 53 | 		}{
 54 | 			RawExec:        rawExec,
 55 | 			VersionDecoder: versionDecoder,
 56 | 		}
 57 | 		pluginPath = "/some/plugin/path"
 58 | 		netconf = []byte(`{ "some": "stdin", "cniVersion": "0.3.1" }`)
 59 | 		cniargs = &fakes.CNIArgs{}
 60 | 		cniargs.AsEnvCall.Returns.Env = []string{"SOME=ENV"}
 61 | 		ctx = context.TODO()
 62 | 	})
 63 | 
 64 | 	Describe("returning a result", func() {
 65 | 		It("unmarshals the result bytes into the Result type", func() {
 66 | 			r, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
 67 | 			Expect(err).NotTo(HaveOccurred())
 68 | 
 69 | 			result, err := current.GetResult(r)
 70 | 			Expect(err).NotTo(HaveOccurred())
 71 | 			Expect(result.IPs).To(HaveLen(1))
 72 | 			Expect(result.IPs[0].Address.IP.String()).To(Equal("1.2.3.4"))
 73 | 		})
 74 | 
 75 | 		It("passes its arguments through to the rawExec", func() {
 76 | 			_, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
 77 | 			Expect(err).NotTo(HaveOccurred())
 78 | 			Expect(rawExec.ExecPluginCall.Received.PluginPath).To(Equal(pluginPath))
 79 | 			Expect(rawExec.ExecPluginCall.Received.StdinData).To(Equal(netconf))
 80 | 			Expect(rawExec.ExecPluginCall.Received.Environ).To(Equal([]string{"SOME=ENV"}))
 81 | 		})
 82 | 
 83 | 		Context("when the rawExec fails", func() {
 84 | 			BeforeEach(func() {
 85 | 				rawExec.ExecPluginCall.Returns.Error = errors.New("banana")
 86 | 			})
 87 | 			It("returns the error", func() {
 88 | 				_, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
 89 | 				Expect(err).To(MatchError("banana"))
 90 | 			})
 91 | 		})
 92 | 
 93 | 		It("returns an error using the default exec interface", func() {
 94 | 			// pluginPath should not exist on-disk so we expect an error.
 95 | 			// This test simply tests that the default exec handler
 96 | 			// is run when the exec interface is nil.
 97 | 			_, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, nil)
 98 | 			Expect(err).To(HaveOccurred())
 99 | 		})
100 | 
101 | 		It("assumes config version if result version is missing", func() {
102 | 			rawExec.ExecPluginCall.Returns.ResultBytes = []byte(`{ "ips": [ { "version": "4", "address": "1.2.3.4/24" } ] }`)
103 | 			r, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
104 | 			Expect(err).NotTo(HaveOccurred())
105 | 			Expect(r.Version()).To(Equal("0.3.1"))
106 | 
107 | 			result, err := current.GetResult(r)
108 | 			Expect(err).NotTo(HaveOccurred())
109 | 			Expect(result.IPs).To(HaveLen(1))
110 | 			Expect(result.IPs[0].Address.IP.String()).To(Equal("1.2.3.4"))
111 | 		})
112 | 
113 | 		It("assumes config version if result version is empty", func() {
114 | 			rawExec.ExecPluginCall.Returns.ResultBytes = []byte(`{ "cniVersion": "", "ips": [ { "version": "4", "address": "1.2.3.4/24" } ] }`)
115 | 			r, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
116 | 			Expect(err).NotTo(HaveOccurred())
117 | 			Expect(r.Version()).To(Equal("0.3.1"))
118 | 
119 | 			result, err := current.GetResult(r)
120 | 			Expect(err).NotTo(HaveOccurred())
121 | 			Expect(result.IPs).To(HaveLen(1))
122 | 			Expect(result.IPs[0].Address.IP.String()).To(Equal("1.2.3.4"))
123 | 		})
124 | 
125 | 		It("assumes 0.1.0 if config and result version are empty", func() {
126 | 			netconf = []byte(`{ "some": "stdin" }`)
127 | 			rawExec.ExecPluginCall.Returns.ResultBytes = []byte(`{ "some": "version-info" }`)
128 | 			r, err := invoke.ExecPluginWithResult(ctx, pluginPath, netconf, cniargs, pluginExec)
129 | 			Expect(err).NotTo(HaveOccurred())
130 | 			Expect(r.Version()).To(Equal("0.1.0"))
131 | 		})
132 | 	})
133 | 
134 | 	Describe("without returning a result", func() {
135 | 		It("passes its arguments through to the rawExec", func() {
136 | 			err := invoke.ExecPluginWithoutResult(ctx, pluginPath, netconf, cniargs, pluginExec)
137 | 			Expect(err).NotTo(HaveOccurred())
138 | 			Expect(rawExec.ExecPluginCall.Received.PluginPath).To(Equal(pluginPath))
139 | 			Expect(rawExec.ExecPluginCall.Received.StdinData).To(Equal(netconf))
140 | 			Expect(rawExec.ExecPluginCall.Received.Environ).To(Equal([]string{"SOME=ENV"}))
141 | 		})
142 | 
143 | 		Context("when the rawExec fails", func() {
144 | 			BeforeEach(func() {
145 | 				rawExec.ExecPluginCall.Returns.Error = errors.New("banana")
146 | 			})
147 | 			It("returns the error", func() {
148 | 				err := invoke.ExecPluginWithoutResult(ctx, pluginPath, netconf, cniargs, pluginExec)
149 | 				Expect(err).To(MatchError("banana"))
150 | 			})
151 | 		})
152 | 
153 | 		It("returns an error using the default exec interface", func() {
154 | 			// pluginPath should not exist on-disk so we expect an error.
155 | 			// This test simply tests that the default exec handler
156 | 			// is run when the exec interface is nil.
157 | 			err := invoke.ExecPluginWithoutResult(ctx, pluginPath, netconf, cniargs, nil)
158 | 			Expect(err).To(HaveOccurred())
159 | 		})
160 | 	})
161 | 
162 | 	Describe("discovering the plugin version", func() {
163 | 		BeforeEach(func() {
164 | 			rawExec.ExecPluginCall.Returns.ResultBytes = []byte(`{ "some": "version-info" }`)
165 | 		})
166 | 
167 | 		It("execs the plugin with the command VERSION", func() {
168 | 			_, err := invoke.GetVersionInfo(ctx, pluginPath, pluginExec)
169 | 			Expect(err).NotTo(HaveOccurred())
170 | 			Expect(rawExec.ExecPluginCall.Received.PluginPath).To(Equal(pluginPath))
171 | 			Expect(rawExec.ExecPluginCall.Received.Environ).To(ContainElement("CNI_COMMAND=VERSION"))
172 | 			expectedStdin, _ := json.Marshal(map[string]string{"cniVersion": version.Current()})
173 | 			Expect(rawExec.ExecPluginCall.Received.StdinData).To(MatchJSON(expectedStdin))
174 | 		})
175 | 
176 | 		It("decodes and returns the version info", func() {
177 | 			versionInfo, err := invoke.GetVersionInfo(ctx, pluginPath, pluginExec)
178 | 			Expect(err).NotTo(HaveOccurred())
179 | 			Expect(versionInfo.SupportedVersions()).To(Equal([]string{"0.42.0"}))
180 | 			Expect(versionDecoder.DecodeCall.Received.JSONBytes).To(MatchJSON(`{ "some": "version-info" }`))
181 | 		})
182 | 
183 | 		Context("when the rawExec fails", func() {
184 | 			BeforeEach(func() {
185 | 				rawExec.ExecPluginCall.Returns.Error = errors.New("banana")
186 | 			})
187 | 			It("returns the error", func() {
188 | 				_, err := invoke.GetVersionInfo(ctx, pluginPath, pluginExec)
189 | 				Expect(err).To(MatchError("banana"))
190 | 			})
191 | 		})
192 | 
193 | 		Context("when the plugin is too old to recognize the VERSION command", func() {
194 | 			BeforeEach(func() {
195 | 				rawExec.ExecPluginCall.Returns.Error = errors.New("unknown CNI_COMMAND: VERSION")
196 | 			})
197 | 
198 | 			It("interprets the error as a 0.1.0 version", func() {
199 | 				versionInfo, err := invoke.GetVersionInfo(ctx, pluginPath, pluginExec)
200 | 				Expect(err).NotTo(HaveOccurred())
201 | 				Expect(versionInfo.SupportedVersions()).To(ConsistOf("0.1.0"))
202 | 			})
203 | 
204 | 			It("sets dummy values for env vars required by very old plugins", func() {
205 | 				_, err := invoke.GetVersionInfo(ctx, pluginPath, pluginExec)
206 | 				Expect(err).NotTo(HaveOccurred())
207 | 
208 | 				env := rawExec.ExecPluginCall.Received.Environ
209 | 				Expect(env).To(ContainElement("CNI_NETNS=dummy"))
210 | 				Expect(env).To(ContainElement("CNI_IFNAME=dummy"))
211 | 				Expect(env).To(ContainElement("CNI_PATH=dummy"))
212 | 			})
213 | 		})
214 | 	})
215 | })
216 | 


--------------------------------------------------------------------------------
/pkg/invoke/fakes/cni_args.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package fakes
16 | 
17 | type CNIArgs struct {
18 | 	AsEnvCall struct {
19 | 		Returns struct {
20 | 			Env []string
21 | 		}
22 | 	}
23 | }
24 | 
25 | func (a *CNIArgs) AsEnv() []string {
26 | 	return a.AsEnvCall.Returns.Env
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/invoke/fakes/raw_exec.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package fakes
16 | 
17 | import "context"
18 | 
19 | type RawExec struct {
20 | 	ExecPluginCall struct {
21 | 		Received struct {
22 | 			PluginPath string
23 | 			StdinData  []byte
24 | 			Environ    []string
25 | 		}
26 | 		Returns struct {
27 | 			ResultBytes []byte
28 | 			Error       error
29 | 		}
30 | 	}
31 | 	FindInPathCall struct {
32 | 		Received struct {
33 | 			Plugin string
34 | 			Paths  []string
35 | 		}
36 | 		Returns struct {
37 | 			Path  string
38 | 			Error error
39 | 		}
40 | 	}
41 | }
42 | 
43 | func (e *RawExec) ExecPlugin(ctx context.Context, pluginPath string, stdinData []byte, environ []string) ([]byte, error) {
44 | 	e.ExecPluginCall.Received.PluginPath = pluginPath
45 | 	e.ExecPluginCall.Received.StdinData = stdinData
46 | 	e.ExecPluginCall.Received.Environ = environ
47 | 	return e.ExecPluginCall.Returns.ResultBytes, e.ExecPluginCall.Returns.Error
48 | }
49 | 
50 | func (e *RawExec) FindInPath(plugin string, paths []string) (string, error) {
51 | 	e.FindInPathCall.Received.Plugin = plugin
52 | 	e.FindInPathCall.Received.Paths = paths
53 | 	return e.FindInPathCall.Returns.Path, e.FindInPathCall.Returns.Error
54 | }
55 | 


--------------------------------------------------------------------------------
/pkg/invoke/fakes/version_decoder.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package fakes
16 | 
17 | import "github.com/containernetworking/cni/pkg/version"
18 | 
19 | type VersionDecoder struct {
20 | 	DecodeCall struct {
21 | 		Received struct {
22 | 			JSONBytes []byte
23 | 		}
24 | 		Returns struct {
25 | 			PluginInfo version.PluginInfo
26 | 			Error      error
27 | 		}
28 | 	}
29 | }
30 | 
31 | func (e *VersionDecoder) Decode(jsonData []byte) (version.PluginInfo, error) {
32 | 	e.DecodeCall.Received.JSONBytes = jsonData
33 | 	return e.DecodeCall.Returns.PluginInfo, e.DecodeCall.Returns.Error
34 | }
35 | 


--------------------------------------------------------------------------------
/pkg/invoke/find.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2015 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package invoke
16 | 
17 | import (
18 | 	"fmt"
19 | 	"os"
20 | 	"path/filepath"
21 | 	"strings"
22 | )
23 | 
24 | // FindInPath returns the full path of the plugin by searching in the provided path
25 | func FindInPath(plugin string, paths []string) (string, error) {
26 | 	if plugin == "" {
27 | 		return "", fmt.Errorf("no plugin name provided")
28 | 	}
29 | 
30 | 	if strings.ContainsRune(plugin, os.PathSeparator) {
31 | 		return "", fmt.Errorf("invalid plugin name: %s", plugin)
32 | 	}
33 | 
34 | 	if len(paths) == 0 {
35 | 		return "", fmt.Errorf("no paths provided")
36 | 	}
37 | 
38 | 	for _, path := range paths {
39 | 		for _, fe := range ExecutableFileExtensions {
40 | 			fullpath := filepath.Join(path, plugin) + fe
41 | 			if fi, err := os.Stat(fullpath); err == nil && fi.Mode().IsRegular() {
42 | 				return fullpath, nil
43 | 			}
44 | 		}
45 | 	}
46 | 
47 | 	return "", fmt.Errorf("failed to find plugin %q in path %s", plugin, paths)
48 | }
49 | 


--------------------------------------------------------------------------------
/pkg/invoke/find_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke_test
 16 | 
 17 | import (
 18 | 	"fmt"
 19 | 	"os"
 20 | 	"path/filepath"
 21 | 	"strings"
 22 | 
 23 | 	. "github.com/onsi/ginkgo/v2"
 24 | 	. "github.com/onsi/gomega"
 25 | 
 26 | 	"github.com/containernetworking/cni/pkg/invoke"
 27 | )
 28 | 
 29 | var _ = Describe("FindInPath", func() {
 30 | 	var (
 31 | 		multiplePaths         []string
 32 | 		pluginName            string
 33 | 		plugin2NameWithExt    string
 34 | 		plugin2NameWithoutExt string
 35 | 		pluginDir             string
 36 | 		anotherTempDir        string
 37 | 	)
 38 | 
 39 | 	BeforeEach(func() {
 40 | 		tempDir, err := os.MkdirTemp("", "cni-find")
 41 | 		Expect(err).NotTo(HaveOccurred())
 42 | 
 43 | 		plugin, err := os.CreateTemp(tempDir, "a-cni-plugin")
 44 | 		Expect(err).NotTo(HaveOccurred())
 45 | 
 46 | 		plugin2Name := "a-plugin-with-extension" + invoke.ExecutableFileExtensions[0]
 47 | 		plugin2, err := os.Create(filepath.Join(tempDir, plugin2Name))
 48 | 		Expect(err).NotTo(HaveOccurred())
 49 | 
 50 | 		anotherTempDir, err = os.MkdirTemp("", "nothing-here")
 51 | 		Expect(err).NotTo(HaveOccurred())
 52 | 
 53 | 		multiplePaths = []string{anotherTempDir, tempDir}
 54 | 		pluginDir, pluginName = filepath.Split(plugin.Name())
 55 | 		_, plugin2NameWithExt = filepath.Split(plugin2.Name())
 56 | 		plugin2NameWithoutExt = strings.Split(plugin2NameWithExt, ".")[0]
 57 | 	})
 58 | 
 59 | 	AfterEach(func() {
 60 | 		os.RemoveAll(pluginDir)
 61 | 		os.RemoveAll(anotherTempDir)
 62 | 	})
 63 | 
 64 | 	Context("when multiple paths are provided", func() {
 65 | 		It("returns only the path to the plugin", func() {
 66 | 			pluginPath, err := invoke.FindInPath(pluginName, multiplePaths)
 67 | 			Expect(err).NotTo(HaveOccurred())
 68 | 			Expect(pluginPath).To(Equal(filepath.Join(pluginDir, pluginName)))
 69 | 		})
 70 | 	})
 71 | 
 72 | 	Context("when a plugin name without its file name extension is provided", func() {
 73 | 		It("returns the path to the plugin, including its extension", func() {
 74 | 			pluginPath, err := invoke.FindInPath(plugin2NameWithoutExt, multiplePaths)
 75 | 			Expect(err).NotTo(HaveOccurred())
 76 | 			Expect(pluginPath).To(Equal(filepath.Join(pluginDir, plugin2NameWithExt)))
 77 | 		})
 78 | 	})
 79 | 
 80 | 	Context("when an error occurs", func() {
 81 | 		Context("when no paths are provided", func() {
 82 | 			It("returns an error noting no paths were provided", func() {
 83 | 				_, err := invoke.FindInPath(pluginName, []string{})
 84 | 				Expect(err).To(MatchError("no paths provided"))
 85 | 			})
 86 | 		})
 87 | 
 88 | 		Context("when no plugin is provided", func() {
 89 | 			It("returns an error noting the plugin name wasn't found", func() {
 90 | 				_, err := invoke.FindInPath("", multiplePaths)
 91 | 				Expect(err).To(MatchError("no plugin name provided"))
 92 | 			})
 93 | 		})
 94 | 
 95 | 		Context("when the plugin cannot be found", func() {
 96 | 			It("returns an error noting the path", func() {
 97 | 				pathsWithNothing := []string{anotherTempDir}
 98 | 				_, err := invoke.FindInPath(pluginName, pathsWithNothing)
 99 | 				Expect(err).To(MatchError(fmt.Sprintf("failed to find plugin %q in path %s", pluginName, pathsWithNothing)))
100 | 			})
101 | 		})
102 | 
103 | 		Context("When the plugin contains a directory separator", func() {
104 | 			It("returns an error", func() {
105 | 				bogusPlugin := ".." + string(os.PathSeparator) + "pluginname"
106 | 				_, err := invoke.FindInPath(bogusPlugin, []string{anotherTempDir})
107 | 				Expect(err).To(MatchError("invalid plugin name: " + bogusPlugin))
108 | 			})
109 | 		})
110 | 	})
111 | })
112 | 


--------------------------------------------------------------------------------
/pkg/invoke/get_version_integration_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke_test
 16 | 
 17 | import (
 18 | 	"context"
 19 | 	"os"
 20 | 	"path/filepath"
 21 | 	"runtime"
 22 | 
 23 | 	. "github.com/onsi/ginkgo/v2"
 24 | 	. "github.com/onsi/gomega"
 25 | 
 26 | 	"github.com/containernetworking/cni/pkg/invoke"
 27 | 	"github.com/containernetworking/cni/pkg/version"
 28 | 	"github.com/containernetworking/cni/pkg/version/testhelpers"
 29 | )
 30 | 
 31 | var _ = Describe("GetVersion, integration tests", func() {
 32 | 	var (
 33 | 		pluginDir  string
 34 | 		pluginPath string
 35 | 	)
 36 | 
 37 | 	BeforeEach(func() {
 38 | 		pluginDir, err := os.MkdirTemp("", "plugins")
 39 | 		Expect(err).NotTo(HaveOccurred())
 40 | 		pluginPath = filepath.Join(pluginDir, "test-plugin")
 41 | 		if runtime.GOOS == "windows" {
 42 | 			pluginPath += ".exe"
 43 | 		}
 44 | 	})
 45 | 
 46 | 	AfterEach(func() {
 47 | 		Expect(os.RemoveAll(pluginDir)).To(Succeed())
 48 | 	})
 49 | 
 50 | 	DescribeTable("correctly reporting plugin versions",
 51 | 		func(gitRef string, pluginSource string, expectedVersions version.PluginInfo) {
 52 | 			Expect(testhelpers.BuildAt([]byte(pluginSource), gitRef, pluginPath)).To(Succeed())
 53 | 			versionInfo, err := invoke.GetVersionInfo(context.TODO(), pluginPath, nil)
 54 | 			Expect(err).NotTo(HaveOccurred())
 55 | 
 56 | 			Expect(versionInfo.SupportedVersions()).To(ConsistOf(expectedVersions.SupportedVersions()))
 57 | 		},
 58 | 
 59 | 		Entry("historical: before VERSION was introduced",
 60 | 			git_ref_v010, plugin_source_no_custom_versions,
 61 | 			version.PluginSupports("0.1.0"),
 62 | 		),
 63 | 
 64 | 		Entry("historical: when VERSION was introduced but plugins couldn't customize it",
 65 | 			git_ref_v020_no_custom_versions, plugin_source_no_custom_versions,
 66 | 			version.PluginSupports("0.1.0", "0.2.0"),
 67 | 		),
 68 | 
 69 | 		Entry("historical: when plugins started reporting their own version list",
 70 | 			git_ref_v020_custom_versions, plugin_source_v020_custom_versions,
 71 | 			version.PluginSupports("0.2.0", "0.999.0"),
 72 | 		),
 73 | 
 74 | 		Entry("historical: before CHECK was introduced",
 75 | 			git_ref_v031, plugin_source_v020_custom_versions,
 76 | 			version.PluginSupports("0.2.0", "0.999.0"),
 77 | 		),
 78 | 
 79 | 		// this entry tracks the current behavior.  Before you change it, ensure
 80 | 		// that its previous behavior is captured in the most recent "historical" entry
 81 | 		Entry("current",
 82 | 			"HEAD", plugin_source_v040_check,
 83 | 			version.PluginSupports("0.2.0", "0.4.0", "0.999.0"),
 84 | 		),
 85 | 	)
 86 | })
 87 | 
 88 | // A 0.4.0 plugin that supports CHECK
 89 | const plugin_source_v040_check = `package main
 90 | 
 91 | import (
 92 | 	"github.com/containernetworking/cni/pkg/skel"
 93 | 	"github.com/containernetworking/cni/pkg/version"
 94 | 	"fmt"
 95 | )
 96 | 
 97 | func c(_ *skel.CmdArgs) error { fmt.Println("{}"); return nil }
 98 | 
 99 | func main() { skel.PluginMain(c, c, c, version.PluginSupports("0.2.0", "0.4.0", "0.999.0"), "") }
100 | `
101 | 
102 | const git_ref_v031 = "909fe7d"
103 | 
104 | // a 0.2.0 plugin that can report its own versions
105 | const plugin_source_v020_custom_versions = `package main
106 | 
107 | import (
108 | 	"github.com/containernetworking/cni/pkg/skel"
109 | 	"github.com/containernetworking/cni/pkg/version"
110 | 	"fmt"
111 | )
112 | 
113 | func c(_ *skel.CmdArgs) error { fmt.Println("{}"); return nil }
114 | 
115 | func main() { skel.PluginMain(c, c, version.PluginSupports("0.2.0", "0.999.0")) }
116 | `
117 | const git_ref_v020_custom_versions = "bf31ed15"
118 | 
119 | // a minimal 0.1.0 / 0.2.0 plugin that cannot report it's own version support
120 | const plugin_source_no_custom_versions = `package main
121 | 
122 | import "github.com/containernetworking/cni/pkg/skel"
123 | import "fmt"
124 | 
125 | func c(_ *skel.CmdArgs) error { fmt.Println("{}"); return nil }
126 | 
127 | func main() { skel.PluginMain(c, c) }
128 | `
129 | 
130 | const (
131 | 	git_ref_v010                    = "2c482f4"
132 | 	git_ref_v020_no_custom_versions = "349d66d"
133 | )
134 | 


--------------------------------------------------------------------------------
/pkg/invoke/invoke_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package invoke_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | 	"github.com/onsi/gomega/gexec"
23 | )
24 | 
25 | func TestInvoke(t *testing.T) {
26 | 	RegisterFailHandler(Fail)
27 | 	RunSpecs(t, "Invoke Suite")
28 | }
29 | 
30 | const packagePath = "github.com/containernetworking/cni/plugins/test/noop"
31 | 
32 | var pathToPlugin string
33 | 
34 | var _ = SynchronizedBeforeSuite(func() []byte {
35 | 	var err error
36 | 	pathToPlugin, err = gexec.Build(packagePath)
37 | 	Expect(err).NotTo(HaveOccurred())
38 | 	return []byte(pathToPlugin)
39 | }, func(crossNodeData []byte) {
40 | 	pathToPlugin = string(crossNodeData)
41 | })
42 | 
43 | var _ = SynchronizedAfterSuite(func() {}, func() {
44 | 	gexec.CleanupBuildArtifacts()
45 | })
46 | 


--------------------------------------------------------------------------------
/pkg/invoke/os_unix.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | //go:build darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
16 | // +build darwin dragonfly freebsd linux netbsd openbsd solaris
17 | 
18 | package invoke
19 | 
20 | // Valid file extensions for plugin executables.
21 | var ExecutableFileExtensions = []string{""}
22 | 


--------------------------------------------------------------------------------
/pkg/invoke/os_windows.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package invoke
16 | 
17 | // Valid file extensions for plugin executables.
18 | var ExecutableFileExtensions = []string{".exe", ""}
19 | 


--------------------------------------------------------------------------------
/pkg/invoke/raw_exec.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package invoke
16 | 
17 | import (
18 | 	"bytes"
19 | 	"context"
20 | 	"encoding/json"
21 | 	"fmt"
22 | 	"io"
23 | 	"os/exec"
24 | 	"strings"
25 | 	"time"
26 | 
27 | 	"github.com/containernetworking/cni/pkg/types"
28 | )
29 | 
30 | type RawExec struct {
31 | 	Stderr io.Writer
32 | }
33 | 
34 | func (e *RawExec) ExecPlugin(ctx context.Context, pluginPath string, stdinData []byte, environ []string) ([]byte, error) {
35 | 	stdout := &bytes.Buffer{}
36 | 	stderr := &bytes.Buffer{}
37 | 	c := exec.CommandContext(ctx, pluginPath)
38 | 	c.Env = environ
39 | 	c.Stdin = bytes.NewBuffer(stdinData)
40 | 	c.Stdout = stdout
41 | 	c.Stderr = stderr
42 | 
43 | 	// Retry the command on "text file busy" errors
44 | 	for i := 0; i <= 5; i++ {
45 | 		err := c.Run()
46 | 
47 | 		// Command succeeded
48 | 		if err == nil {
49 | 			break
50 | 		}
51 | 
52 | 		// If the plugin is currently about to be written, then we wait a
53 | 		// second and try it again
54 | 		if strings.Contains(err.Error(), "text file busy") {
55 | 			time.Sleep(time.Second)
56 | 			continue
57 | 		}
58 | 
59 | 		// All other errors except than the busy text file
60 | 		return nil, e.pluginErr(err, stdout.Bytes(), stderr.Bytes())
61 | 	}
62 | 
63 | 	// Copy stderr to caller's buffer in case plugin printed to both
64 | 	// stdout and stderr for some reason. Ignore failures as stderr is
65 | 	// only informational.
66 | 	if e.Stderr != nil && stderr.Len() > 0 {
67 | 		_, _ = stderr.WriteTo(e.Stderr)
68 | 	}
69 | 	return stdout.Bytes(), nil
70 | }
71 | 
72 | func (e *RawExec) pluginErr(err error, stdout, stderr []byte) error {
73 | 	emsg := types.Error{}
74 | 	if len(stdout) == 0 {
75 | 		if len(stderr) == 0 {
76 | 			emsg.Msg = fmt.Sprintf("netplugin failed with no error message: %v", err)
77 | 		} else {
78 | 			emsg.Msg = fmt.Sprintf("netplugin failed: %q", string(stderr))
79 | 		}
80 | 	} else if perr := json.Unmarshal(stdout, &emsg); perr != nil {
81 | 		emsg.Msg = fmt.Sprintf("netplugin failed but error parsing its diagnostic message %q: %v", string(stdout), perr)
82 | 	}
83 | 	return &emsg
84 | }
85 | 
86 | func (e *RawExec) FindInPath(plugin string, paths []string) (string, error) {
87 | 	return FindInPath(plugin, paths)
88 | }
89 | 


--------------------------------------------------------------------------------
/pkg/invoke/raw_exec_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package invoke_test
 16 | 
 17 | import (
 18 | 	"bytes"
 19 | 	"context"
 20 | 	"os"
 21 | 
 22 | 	. "github.com/onsi/ginkgo/v2"
 23 | 	. "github.com/onsi/gomega"
 24 | 
 25 | 	"github.com/containernetworking/cni/pkg/invoke"
 26 | 	noop_debug "github.com/containernetworking/cni/plugins/test/noop/debug"
 27 | )
 28 | 
 29 | var _ = Describe("RawExec", func() {
 30 | 	var (
 31 | 		debugFileName string
 32 | 		debug         *noop_debug.Debug
 33 | 		environ       []string
 34 | 		stdin         []byte
 35 | 		execer        *invoke.RawExec
 36 | 		ctx           context.Context
 37 | 	)
 38 | 
 39 | 	const reportResult = `{ "some": "result" }`
 40 | 
 41 | 	BeforeEach(func() {
 42 | 		debugFile, err := os.CreateTemp("", "cni_debug")
 43 | 		Expect(err).NotTo(HaveOccurred())
 44 | 		Expect(debugFile.Close()).To(Succeed())
 45 | 		debugFileName = debugFile.Name()
 46 | 
 47 | 		debug = &noop_debug.Debug{
 48 | 			ReportResult: reportResult,
 49 | 			ReportStderr: "some stderr message",
 50 | 		}
 51 | 		Expect(debug.WriteDebug(debugFileName)).To(Succeed())
 52 | 
 53 | 		environ = []string{
 54 | 			"CNI_COMMAND=ADD",
 55 | 			"CNI_CONTAINERID=some-container-id",
 56 | 			"CNI_ARGS=DEBUG=" + debugFileName,
 57 | 			"CNI_NETNS=/some/netns/path",
 58 | 			"CNI_PATH=/some/bin/path",
 59 | 			"CNI_IFNAME=some-eth0",
 60 | 		}
 61 | 		stdin = []byte(`{"name": "raw-exec-test", "some":"stdin-json", "cniVersion": "0.3.1"}`)
 62 | 		execer = &invoke.RawExec{}
 63 | 		ctx = context.TODO()
 64 | 	})
 65 | 
 66 | 	AfterEach(func() {
 67 | 		Expect(os.Remove(debugFileName)).To(Succeed())
 68 | 	})
 69 | 
 70 | 	It("runs the plugin with the given stdin and environment", func() {
 71 | 		_, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
 72 | 		Expect(err).NotTo(HaveOccurred())
 73 | 
 74 | 		debug, err := noop_debug.ReadDebug(debugFileName)
 75 | 		Expect(err).NotTo(HaveOccurred())
 76 | 		Expect(debug.Command).To(Equal("ADD"))
 77 | 		Expect(debug.CmdArgs.StdinData).To(Equal(stdin))
 78 | 		Expect(debug.CmdArgs.Netns).To(Equal("/some/netns/path"))
 79 | 	})
 80 | 
 81 | 	It("returns the resulting stdout as bytes", func() {
 82 | 		resultBytes, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
 83 | 		Expect(err).NotTo(HaveOccurred())
 84 | 
 85 | 		Expect(resultBytes).To(BeEquivalentTo(reportResult))
 86 | 	})
 87 | 
 88 | 	Context("when the Stderr writer is set", func() {
 89 | 		var stderrBuffer *bytes.Buffer
 90 | 
 91 | 		BeforeEach(func() {
 92 | 			stderrBuffer = &bytes.Buffer{}
 93 | 			execer.Stderr = stderrBuffer
 94 | 		})
 95 | 
 96 | 		It("forwards any stderr bytes to the Stderr writer", func() {
 97 | 			_, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
 98 | 			Expect(err).NotTo(HaveOccurred())
 99 | 
100 | 			Expect(stderrBuffer.String()).To(Equal("some stderr message"))
101 | 		})
102 | 	})
103 | 
104 | 	Context("when the plugin errors", func() {
105 | 		BeforeEach(func() {
106 | 			debug.ReportResult = ""
107 | 		})
108 | 
109 | 		Context("and writes valid error JSON to stdout", func() {
110 | 			It("wraps and returns the error", func() {
111 | 				debug.ReportError = "banana"
112 | 				Expect(debug.WriteDebug(debugFileName)).To(Succeed())
113 | 				_, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
114 | 				Expect(err).To(HaveOccurred())
115 | 				Expect(err).To(MatchError("banana"))
116 | 			})
117 | 		})
118 | 
119 | 		Context("and writes to stderr", func() {
120 | 			It("returns an error message with stderr output", func() {
121 | 				debug.ExitWithCode = 1
122 | 				Expect(debug.WriteDebug(debugFileName)).To(Succeed())
123 | 				_, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
124 | 				Expect(err).To(HaveOccurred())
125 | 				Expect(err).To(MatchError(`netplugin failed: "some stderr message"`))
126 | 			})
127 | 		})
128 | 	})
129 | 
130 | 	Context("when the plugin errors with no output on stdout or stderr", func() {
131 | 		It("returns the exec error message", func() {
132 | 			debug.ExitWithCode = 1
133 | 			debug.ReportResult = ""
134 | 			debug.ReportStderr = ""
135 | 			Expect(debug.WriteDebug(debugFileName)).To(Succeed())
136 | 			_, err := execer.ExecPlugin(ctx, pathToPlugin, stdin, environ)
137 | 			Expect(err).To(HaveOccurred())
138 | 			Expect(err).To(MatchError("netplugin failed with no error message: exit status 1"))
139 | 		})
140 | 	})
141 | 
142 | 	Context("when the system is unable to execute the plugin", func() {
143 | 		It("returns the error", func() {
144 | 			_, err := execer.ExecPlugin(ctx, "/tmp/some/invalid/plugin/path", stdin, environ)
145 | 			Expect(err).To(HaveOccurred())
146 | 			Expect(err).To(MatchError(ContainSubstring("/tmp/some/invalid/plugin/path")))
147 | 		})
148 | 	})
149 | })
150 | 


--------------------------------------------------------------------------------
/pkg/ns/ns_darwin.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2022 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package ns
16 | 
17 | import "github.com/containernetworking/cni/pkg/types"
18 | 
19 | func CheckNetNS(nsPath string) (bool, *types.Error) {
20 | 	return false, nil
21 | }
22 | 


--------------------------------------------------------------------------------
/pkg/ns/ns_linux.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2022 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package ns
16 | 
17 | import (
18 | 	"runtime"
19 | 
20 | 	"github.com/vishvananda/netns"
21 | 
22 | 	"github.com/containernetworking/cni/pkg/types"
23 | )
24 | 
25 | // Returns an object representing the current OS thread's network namespace
26 | func getCurrentNS() (netns.NsHandle, error) {
27 | 	// Lock the thread in case other goroutine executes in it and changes its
28 | 	// network namespace after getCurrentThreadNetNSPath(), otherwise it might
29 | 	// return an unexpected network namespace.
30 | 	runtime.LockOSThread()
31 | 	defer runtime.UnlockOSThread()
32 | 	return netns.Get()
33 | }
34 | 
35 | func CheckNetNS(nsPath string) (bool, *types.Error) {
36 | 	ns, err := netns.GetFromPath(nsPath)
37 | 	// Let plugins check whether nsPath from args is valid. Also support CNI DEL for empty nsPath as already-deleted nsPath.
38 | 	if err != nil {
39 | 		return false, nil
40 | 	}
41 | 	defer ns.Close()
42 | 
43 | 	pluginNS, err := getCurrentNS()
44 | 	if err != nil {
45 | 		return false, types.NewError(types.ErrInvalidNetNS, "get plugin's netns failed", "")
46 | 	}
47 | 	defer pluginNS.Close()
48 | 
49 | 	return pluginNS.Equal(ns), nil
50 | }
51 | 


--------------------------------------------------------------------------------
/pkg/ns/ns_windows.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2022 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package ns
16 | 
17 | import "github.com/containernetworking/cni/pkg/types"
18 | 
19 | func CheckNetNS(nsPath string) (bool, *types.Error) {
20 | 	return false, nil
21 | }
22 | 


--------------------------------------------------------------------------------
/pkg/skel/skel_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package skel
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestSkel(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Skel Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/types/020/types.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package types020
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"fmt"
 20 | 	"io"
 21 | 	"net"
 22 | 	"os"
 23 | 
 24 | 	"github.com/containernetworking/cni/pkg/types"
 25 | 	convert "github.com/containernetworking/cni/pkg/types/internal"
 26 | )
 27 | 
 28 | const ImplementedSpecVersion string = "0.2.0"
 29 | 
 30 | var supportedVersions = []string{"", "0.1.0", ImplementedSpecVersion}
 31 | 
 32 | // Register converters for all versions less than the implemented spec version
 33 | func init() {
 34 | 	convert.RegisterConverter("0.1.0", []string{ImplementedSpecVersion}, convertFrom010)
 35 | 	convert.RegisterConverter(ImplementedSpecVersion, []string{"0.1.0"}, convertTo010)
 36 | 
 37 | 	// Creator
 38 | 	convert.RegisterCreator(supportedVersions, NewResult)
 39 | }
 40 | 
 41 | // Compatibility types for CNI version 0.1.0 and 0.2.0
 42 | 
 43 | // NewResult creates a new Result object from JSON data. The JSON data
 44 | // must be compatible with the CNI versions implemented by this type.
 45 | func NewResult(data []byte) (types.Result, error) {
 46 | 	result := &Result{}
 47 | 	if err := json.Unmarshal(data, result); err != nil {
 48 | 		return nil, err
 49 | 	}
 50 | 	for _, v := range supportedVersions {
 51 | 		if result.CNIVersion == v {
 52 | 			if result.CNIVersion == "" {
 53 | 				result.CNIVersion = "0.1.0"
 54 | 			}
 55 | 			return result, nil
 56 | 		}
 57 | 	}
 58 | 	return nil, fmt.Errorf("result type supports %v but unmarshalled CNIVersion is %q",
 59 | 		supportedVersions, result.CNIVersion)
 60 | }
 61 | 
 62 | // GetResult converts the given Result object to the ImplementedSpecVersion
 63 | // and returns the concrete type or an error
 64 | func GetResult(r types.Result) (*Result, error) {
 65 | 	result020, err := convert.Convert(r, ImplementedSpecVersion)
 66 | 	if err != nil {
 67 | 		return nil, err
 68 | 	}
 69 | 	result, ok := result020.(*Result)
 70 | 	if !ok {
 71 | 		return nil, fmt.Errorf("failed to convert result")
 72 | 	}
 73 | 	return result, nil
 74 | }
 75 | 
 76 | func convertFrom010(from types.Result, toVersion string) (types.Result, error) {
 77 | 	if toVersion != "0.2.0" {
 78 | 		panic("only converts to version 0.2.0")
 79 | 	}
 80 | 	fromResult := from.(*Result)
 81 | 	return &Result{
 82 | 		CNIVersion: ImplementedSpecVersion,
 83 | 		IP4:        fromResult.IP4.Copy(),
 84 | 		IP6:        fromResult.IP6.Copy(),
 85 | 		DNS:        *fromResult.DNS.Copy(),
 86 | 	}, nil
 87 | }
 88 | 
 89 | func convertTo010(from types.Result, toVersion string) (types.Result, error) {
 90 | 	if toVersion != "0.1.0" {
 91 | 		panic("only converts to version 0.1.0")
 92 | 	}
 93 | 	fromResult := from.(*Result)
 94 | 	return &Result{
 95 | 		CNIVersion: "0.1.0",
 96 | 		IP4:        fromResult.IP4.Copy(),
 97 | 		IP6:        fromResult.IP6.Copy(),
 98 | 		DNS:        *fromResult.DNS.Copy(),
 99 | 	}, nil
100 | }
101 | 
102 | // Result is what gets returned from the plugin (via stdout) to the caller
103 | type Result struct {
104 | 	CNIVersion string    `json:"cniVersion,omitempty"`
105 | 	IP4        *IPConfig `json:"ip4,omitempty"`
106 | 	IP6        *IPConfig `json:"ip6,omitempty"`
107 | 	DNS        types.DNS `json:"dns,omitempty"`
108 | }
109 | 
110 | func (r *Result) Version() string {
111 | 	return r.CNIVersion
112 | }
113 | 
114 | func (r *Result) GetAsVersion(version string) (types.Result, error) {
115 | 	// If the creator of the result did not set the CNIVersion, assume it
116 | 	// should be the highest spec version implemented by this Result
117 | 	if r.CNIVersion == "" {
118 | 		r.CNIVersion = ImplementedSpecVersion
119 | 	}
120 | 	return convert.Convert(r, version)
121 | }
122 | 
123 | func (r *Result) Print() error {
124 | 	return r.PrintTo(os.Stdout)
125 | }
126 | 
127 | func (r *Result) PrintTo(writer io.Writer) error {
128 | 	data, err := json.MarshalIndent(r, "", "    ")
129 | 	if err != nil {
130 | 		return err
131 | 	}
132 | 	_, err = writer.Write(data)
133 | 	return err
134 | }
135 | 
136 | // IPConfig contains values necessary to configure an interface
137 | type IPConfig struct {
138 | 	IP      net.IPNet
139 | 	Gateway net.IP
140 | 	Routes  []types.Route
141 | }
142 | 
143 | func (i *IPConfig) Copy() *IPConfig {
144 | 	if i == nil {
145 | 		return nil
146 | 	}
147 | 
148 | 	var routes []types.Route
149 | 	for _, fromRoute := range i.Routes {
150 | 		routes = append(routes, *fromRoute.Copy())
151 | 	}
152 | 	return &IPConfig{
153 | 		IP:      i.IP,
154 | 		Gateway: i.Gateway,
155 | 		Routes:  routes,
156 | 	}
157 | }
158 | 
159 | // net.IPNet is not JSON (un)marshallable so this duality is needed
160 | // for our custom IPNet type
161 | 
162 | // JSON (un)marshallable types
163 | type ipConfig struct {
164 | 	IP      types.IPNet   `json:"ip"`
165 | 	Gateway net.IP        `json:"gateway,omitempty"`
166 | 	Routes  []types.Route `json:"routes,omitempty"`
167 | }
168 | 
169 | func (c *IPConfig) MarshalJSON() ([]byte, error) {
170 | 	ipc := ipConfig{
171 | 		IP:      types.IPNet(c.IP),
172 | 		Gateway: c.Gateway,
173 | 		Routes:  c.Routes,
174 | 	}
175 | 
176 | 	return json.Marshal(ipc)
177 | }
178 | 
179 | func (c *IPConfig) UnmarshalJSON(data []byte) error {
180 | 	ipc := ipConfig{}
181 | 	if err := json.Unmarshal(data, &ipc); err != nil {
182 | 		return err
183 | 	}
184 | 
185 | 	c.IP = net.IPNet(ipc.IP)
186 | 	c.Gateway = ipc.Gateway
187 | 	c.Routes = ipc.Routes
188 | 	return nil
189 | }
190 | 


--------------------------------------------------------------------------------
/pkg/types/020/types_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package types020_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestTypes010(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "0.1.0/0.2.0 Types Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/types/020/types_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package types020_test
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"fmt"
 20 | 	"net"
 21 | 
 22 | 	. "github.com/onsi/ginkgo/v2"
 23 | 	. "github.com/onsi/gomega"
 24 | 
 25 | 	"github.com/containernetworking/cni/pkg/types"
 26 | 	"github.com/containernetworking/cni/pkg/types/020"
 27 | 	"github.com/containernetworking/cni/pkg/types/create"
 28 | )
 29 | 
 30 | func testResult(resultCNIVersion, jsonCNIVersion string) (*types020.Result, string) {
 31 | 	ipv4, err := types.ParseCIDR("1.2.3.30/24")
 32 | 	Expect(err).NotTo(HaveOccurred())
 33 | 	Expect(ipv4).NotTo(BeNil())
 34 | 
 35 | 	routegwv4, routev4, err := net.ParseCIDR("15.5.6.8/24")
 36 | 	Expect(err).NotTo(HaveOccurred())
 37 | 	Expect(routev4).NotTo(BeNil())
 38 | 	Expect(routegwv4).NotTo(BeNil())
 39 | 
 40 | 	ipv6, err := types.ParseCIDR("abcd:1234:ffff::cdde/64")
 41 | 	Expect(err).NotTo(HaveOccurred())
 42 | 	Expect(ipv6).NotTo(BeNil())
 43 | 
 44 | 	routegwv6, routev6, err := net.ParseCIDR("1111:dddd::aaaa/80")
 45 | 	Expect(err).NotTo(HaveOccurred())
 46 | 	Expect(routev6).NotTo(BeNil())
 47 | 	Expect(routegwv6).NotTo(BeNil())
 48 | 
 49 | 	// Set every field of the struct to ensure source compatibility
 50 | 	res := &types020.Result{
 51 | 		CNIVersion: resultCNIVersion,
 52 | 		IP4: &types020.IPConfig{
 53 | 			IP:      *ipv4,
 54 | 			Gateway: net.ParseIP("1.2.3.1"),
 55 | 			Routes: []types.Route{
 56 | 				{Dst: *routev4, GW: routegwv4},
 57 | 			},
 58 | 		},
 59 | 		IP6: &types020.IPConfig{
 60 | 			IP:      *ipv6,
 61 | 			Gateway: net.ParseIP("abcd:1234:ffff::1"),
 62 | 			Routes: []types.Route{
 63 | 				{Dst: *routev6, GW: routegwv6},
 64 | 			},
 65 | 		},
 66 | 		DNS: types.DNS{
 67 | 			Nameservers: []string{"1.2.3.4", "1::cafe"},
 68 | 			Domain:      "acompany.com",
 69 | 			Search:      []string{"somedomain.com", "otherdomain.net"},
 70 | 			Options:     []string{"foo", "bar"},
 71 | 		},
 72 | 	}
 73 | 
 74 | 	json := fmt.Sprintf(`{
 75 |     "cniVersion": "%s",
 76 |     "ip4": {
 77 |         "ip": "1.2.3.30/24",
 78 |         "gateway": "1.2.3.1",
 79 |         "routes": [
 80 |             {
 81 |                 "dst": "15.5.6.0/24",
 82 |                 "gw": "15.5.6.8"
 83 |             }
 84 |         ]
 85 |     },
 86 |     "ip6": {
 87 |         "ip": "abcd:1234:ffff::cdde/64",
 88 |         "gateway": "abcd:1234:ffff::1",
 89 |         "routes": [
 90 |             {
 91 |                 "dst": "1111:dddd::/80",
 92 |                 "gw": "1111:dddd::aaaa"
 93 |             }
 94 |         ]
 95 |     },
 96 |     "dns": {
 97 |         "nameservers": [
 98 |             "1.2.3.4",
 99 |             "1::cafe"
100 |         ],
101 |         "domain": "acompany.com",
102 |         "search": [
103 |             "somedomain.com",
104 |             "otherdomain.net"
105 |         ],
106 |         "options": [
107 |             "foo",
108 |             "bar"
109 |         ]
110 |     }
111 | }`, jsonCNIVersion)
112 | 
113 | 	return res, json
114 | }
115 | 
116 | var _ = Describe("Ensures compatibility with the 0.1.0/0.2.0 spec", func() {
117 | 	It("correctly encodes a 0.2.0 Result", func() {
118 | 		res, expectedJSON := testResult(types020.ImplementedSpecVersion, types020.ImplementedSpecVersion)
119 | 		out, err := json.Marshal(res)
120 | 		Expect(err).NotTo(HaveOccurred())
121 | 		Expect(out).To(MatchJSON(expectedJSON))
122 | 	})
123 | 
124 | 	It("correctly encodes a 0.1.0 Result", func() {
125 | 		res, expectedJSON := testResult("0.1.0", "0.1.0")
126 | 		out, err := json.Marshal(res)
127 | 		Expect(err).NotTo(HaveOccurred())
128 | 		Expect(out).To(MatchJSON(expectedJSON))
129 | 	})
130 | 
131 | 	It("converts a 0.2.0 result to 0.1.0", func() {
132 | 		res, expectedJSON := testResult(types020.ImplementedSpecVersion, "0.1.0")
133 | 		res010, err := res.GetAsVersion("0.1.0")
134 | 		Expect(err).NotTo(HaveOccurred())
135 | 		out, err := json.Marshal(res010)
136 | 		Expect(err).NotTo(HaveOccurred())
137 | 		Expect(out).To(MatchJSON(expectedJSON))
138 | 	})
139 | 
140 | 	It("converts a 0.1.0 result to 0.2.0", func() {
141 | 		res, expectedJSON := testResult("0.1.0", types020.ImplementedSpecVersion)
142 | 		res020, err := res.GetAsVersion(types020.ImplementedSpecVersion)
143 | 		Expect(err).NotTo(HaveOccurred())
144 | 		out, err := json.Marshal(res020)
145 | 		Expect(err).NotTo(HaveOccurred())
146 | 		Expect(out).To(MatchJSON(expectedJSON))
147 | 	})
148 | 
149 | 	It("creates a 0.1.0 result passing CNIVersion ''", func() {
150 | 		_, expectedJSON := testResult("", "")
151 | 		resT, err := create.Create("", []byte(expectedJSON))
152 | 		Expect(err).NotTo(HaveOccurred())
153 | 		res010, ok := resT.(*types020.Result)
154 | 		Expect(ok).To(BeTrue())
155 | 		Expect(res010.CNIVersion).To(Equal("0.1.0"))
156 | 	})
157 | })
158 | 


--------------------------------------------------------------------------------
/pkg/types/040/types_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package types040_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestTypesCurrent(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Current Types Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/types/100/types_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package types100_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestTypesCurrent(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Current Types Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/types/args.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2015 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package types
 16 | 
 17 | import (
 18 | 	"encoding"
 19 | 	"fmt"
 20 | 	"reflect"
 21 | 	"strings"
 22 | )
 23 | 
 24 | // UnmarshallableBool typedef for builtin bool
 25 | // because builtin type's methods can't be declared
 26 | type UnmarshallableBool bool
 27 | 
 28 | // UnmarshalText implements the encoding.TextUnmarshaler interface.
 29 | // Returns boolean true if the string is "1" or "true" or "True"
 30 | // Returns boolean false if the string is "0" or "false" or "False”
 31 | func (b *UnmarshallableBool) UnmarshalText(data []byte) error {
 32 | 	s := strings.ToLower(string(data))
 33 | 	switch s {
 34 | 	case "1", "true":
 35 | 		*b = true
 36 | 	case "0", "false":
 37 | 		*b = false
 38 | 	default:
 39 | 		return fmt.Errorf("boolean unmarshal error: invalid input %s", s)
 40 | 	}
 41 | 	return nil
 42 | }
 43 | 
 44 | // UnmarshallableString typedef for builtin string
 45 | type UnmarshallableString string
 46 | 
 47 | // UnmarshalText implements the encoding.TextUnmarshaler interface.
 48 | // Returns the string
 49 | func (s *UnmarshallableString) UnmarshalText(data []byte) error {
 50 | 	*s = UnmarshallableString(data)
 51 | 	return nil
 52 | }
 53 | 
 54 | // CommonArgs contains the IgnoreUnknown argument
 55 | // and must be embedded by all Arg structs
 56 | type CommonArgs struct {
 57 | 	IgnoreUnknown UnmarshallableBool `json:"ignoreunknown,omitempty"`
 58 | }
 59 | 
 60 | // GetKeyField is a helper function to receive Values
 61 | // Values that represent a pointer to a struct
 62 | func GetKeyField(keyString string, v reflect.Value) reflect.Value {
 63 | 	return v.Elem().FieldByName(keyString)
 64 | }
 65 | 
 66 | // UnmarshalableArgsError is used to indicate error unmarshalling args
 67 | // from the args-string in the form "K=V;K2=V2;..."
 68 | type UnmarshalableArgsError struct {
 69 | 	error
 70 | }
 71 | 
 72 | // LoadArgs parses args from a string in the form "K=V;K2=V2;..."
 73 | func LoadArgs(args string, container interface{}) error {
 74 | 	if args == "" {
 75 | 		return nil
 76 | 	}
 77 | 
 78 | 	containerValue := reflect.ValueOf(container)
 79 | 
 80 | 	pairs := strings.Split(args, ";")
 81 | 	unknownArgs := []string{}
 82 | 	for _, pair := range pairs {
 83 | 		kv := strings.Split(pair, "=")
 84 | 		if len(kv) != 2 {
 85 | 			return fmt.Errorf("ARGS: invalid pair %q", pair)
 86 | 		}
 87 | 		keyString := kv[0]
 88 | 		valueString := kv[1]
 89 | 		keyField := GetKeyField(keyString, containerValue)
 90 | 		if !keyField.IsValid() {
 91 | 			unknownArgs = append(unknownArgs, pair)
 92 | 			continue
 93 | 		}
 94 | 
 95 | 		var keyFieldInterface interface{}
 96 | 		switch {
 97 | 		case keyField.Kind() == reflect.Ptr:
 98 | 			keyField.Set(reflect.New(keyField.Type().Elem()))
 99 | 			keyFieldInterface = keyField.Interface()
100 | 		case keyField.CanAddr() && keyField.Addr().CanInterface():
101 | 			keyFieldInterface = keyField.Addr().Interface()
102 | 		default:
103 | 			return UnmarshalableArgsError{fmt.Errorf("field '%s' has no valid interface", keyString)}
104 | 		}
105 | 		u, ok := keyFieldInterface.(encoding.TextUnmarshaler)
106 | 		if !ok {
107 | 			return UnmarshalableArgsError{fmt.Errorf(
108 | 				"ARGS: cannot unmarshal into field '%s' - type '%s' does not implement encoding.TextUnmarshaler",
109 | 				keyString, reflect.TypeOf(keyFieldInterface))}
110 | 		}
111 | 		err := u.UnmarshalText([]byte(valueString))
112 | 		if err != nil {
113 | 			return fmt.Errorf("ARGS: error parsing value of pair %q: %w", pair, err)
114 | 		}
115 | 	}
116 | 
117 | 	isIgnoreUnknown := GetKeyField("IgnoreUnknown", containerValue).Bool()
118 | 	if len(unknownArgs) > 0 && !isIgnoreUnknown {
119 | 		return fmt.Errorf("ARGS: unknown args %q", unknownArgs)
120 | 	}
121 | 	return nil
122 | }
123 | 


--------------------------------------------------------------------------------
/pkg/types/args_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package types_test
 16 | 
 17 | import (
 18 | 	"net"
 19 | 	"reflect"
 20 | 
 21 | 	. "github.com/onsi/ginkgo/v2"
 22 | 	. "github.com/onsi/gomega"
 23 | 
 24 | 	. "github.com/containernetworking/cni/pkg/types"
 25 | )
 26 | 
 27 | var _ = Describe("UnmarshallableBool UnmarshalText", func() {
 28 | 	DescribeTable("string to bool detection should succeed in all cases",
 29 | 		func(inputs []string, expected bool) {
 30 | 			for _, s := range inputs {
 31 | 				var ub UnmarshallableBool
 32 | 				err := ub.UnmarshalText([]byte(s))
 33 | 				Expect(err).ToNot(HaveOccurred())
 34 | 				Expect(ub).To(Equal(UnmarshallableBool(expected)))
 35 | 			}
 36 | 		},
 37 | 		Entry("parse to true", []string{"True", "true", "1"}, true),
 38 | 		Entry("parse to false", []string{"False", "false", "0"}, false),
 39 | 	)
 40 | 
 41 | 	Context("When passed an invalid value", func() {
 42 | 		It("should result in an error", func() {
 43 | 			var ub UnmarshallableBool
 44 | 			err := ub.UnmarshalText([]byte("invalid"))
 45 | 			Expect(err).To(HaveOccurred())
 46 | 		})
 47 | 	})
 48 | })
 49 | 
 50 | var _ = Describe("UnmarshallableString UnmarshalText", func() {
 51 | 	DescribeTable("string to string detection should succeed in all cases",
 52 | 		func(inputs []string, expected string) {
 53 | 			for _, s := range inputs {
 54 | 				var us UnmarshallableString
 55 | 				err := us.UnmarshalText([]byte(s))
 56 | 				Expect(err).ToNot(HaveOccurred())
 57 | 				Expect(string(us)).To(Equal(expected))
 58 | 			}
 59 | 		},
 60 | 		Entry("parse empty string", []string{""}, ""),
 61 | 		Entry("parse non-empty string", []string{"notempty"}, "notempty"),
 62 | 	)
 63 | })
 64 | 
 65 | var _ = Describe("GetKeyField", func() {
 66 | 	type testcontainer struct {
 67 | 		Valid string `json:"valid,omitempty"`
 68 | 	}
 69 | 	var (
 70 | 		container          = testcontainer{Valid: "valid"}
 71 | 		containerInterface = func(i interface{}) interface{} { return i }(&container)
 72 | 		containerValue     = reflect.ValueOf(containerInterface)
 73 | 	)
 74 | 	Context("When a valid field is provided", func() {
 75 | 		It("should return the correct field", func() {
 76 | 			field := GetKeyField("Valid", containerValue)
 77 | 			Expect(field.String()).To(Equal("valid"))
 78 | 		})
 79 | 	})
 80 | })
 81 | 
 82 | var _ = Describe("LoadArgs", func() {
 83 | 	Context("When no arguments are passed", func() {
 84 | 		It("LoadArgs should succeed", func() {
 85 | 			err := LoadArgs("", struct{}{})
 86 | 			Expect(err).NotTo(HaveOccurred())
 87 | 		})
 88 | 	})
 89 | 
 90 | 	Context("When unknown arguments are passed and ignored", func() {
 91 | 		It("LoadArgs should succeed", func() {
 92 | 			ca := CommonArgs{}
 93 | 			err := LoadArgs("IgnoreUnknown=True;Unk=nown", &ca)
 94 | 			Expect(err).NotTo(HaveOccurred())
 95 | 		})
 96 | 	})
 97 | 
 98 | 	Context("When unknown arguments are passed and not ignored", func() {
 99 | 		It("LoadArgs should fail", func() {
100 | 			ca := CommonArgs{}
101 | 			err := LoadArgs("Unk=nown", &ca)
102 | 			Expect(err).To(HaveOccurred())
103 | 		})
104 | 	})
105 | 
106 | 	Context("When unknown arguments are passed and explicitly not ignored", func() {
107 | 		It("LoadArgs should fail", func() {
108 | 			ca := CommonArgs{}
109 | 			err := LoadArgs("IgnoreUnknown=0, Unk=nown", &ca)
110 | 			Expect(err).To(HaveOccurred())
111 | 		})
112 | 	})
113 | 
114 | 	Context("When known arguments are passed", func() {
115 | 		It("LoadArgs should succeed", func() {
116 | 			ca := CommonArgs{}
117 | 			err := LoadArgs("IgnoreUnknown=1", &ca)
118 | 			Expect(err).NotTo(HaveOccurred())
119 | 		})
120 | 	})
121 | 
122 | 	Context("When known arguments are passed and cannot be unmarshalled", func() {
123 | 		It("LoadArgs should fail", func() {
124 | 			conf := struct {
125 | 				IP IPNet
126 | 			}{}
127 | 			err := LoadArgs("IP=10.0.0.0/24", &conf)
128 | 			Expect(err).To(HaveOccurred())
129 | 		})
130 | 	})
131 | 
132 | 	Context("When loading known arguments", func() {
133 | 		It("should succeed if argument is marshallable value type", func() {
134 | 			conf := struct {
135 | 				IP net.IP
136 | 				CommonArgs
137 | 			}{}
138 | 			err := LoadArgs("IP=10.0.0.0", &conf)
139 | 			Expect(err).NotTo(HaveOccurred())
140 | 			Expect(conf.IP.String()).To(Equal("10.0.0.0"))
141 | 		})
142 | 
143 | 		It("should succeed if argument is marshallable pointer type", func() {
144 | 			conf := struct {
145 | 				IP *net.IP
146 | 				CommonArgs
147 | 			}{}
148 | 			err := LoadArgs("IP=10.0.0.0", &conf)
149 | 			Expect(err).NotTo(HaveOccurred())
150 | 			Expect(conf.IP.String()).To(Equal("10.0.0.0"))
151 | 		})
152 | 
153 | 		It("should fail if argument is pointer of marshallable pointer type", func() {
154 | 			conf := struct {
155 | 				IP **net.IP
156 | 				CommonArgs
157 | 			}{}
158 | 			err := LoadArgs("IP=10.0.0.0", &conf)
159 | 			Expect(err).To(HaveOccurred())
160 | 		})
161 | 	})
162 | })
163 | 


--------------------------------------------------------------------------------
/pkg/types/create/create.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package create
16 | 
17 | import (
18 | 	"encoding/json"
19 | 	"fmt"
20 | 
21 | 	"github.com/containernetworking/cni/pkg/types"
22 | 	_ "github.com/containernetworking/cni/pkg/types/020"
23 | 	_ "github.com/containernetworking/cni/pkg/types/040"
24 | 	_ "github.com/containernetworking/cni/pkg/types/100"
25 | 	convert "github.com/containernetworking/cni/pkg/types/internal"
26 | )
27 | 
28 | // DecodeVersion returns the CNI version from CNI configuration or result JSON,
29 | // or an error if the operation could not be performed.
30 | func DecodeVersion(jsonBytes []byte) (string, error) {
31 | 	var conf struct {
32 | 		CNIVersion string `json:"cniVersion"`
33 | 	}
34 | 	err := json.Unmarshal(jsonBytes, &conf)
35 | 	if err != nil {
36 | 		return "", fmt.Errorf("decoding version from network config: %w", err)
37 | 	}
38 | 	if conf.CNIVersion == "" {
39 | 		return "0.1.0", nil
40 | 	}
41 | 	return conf.CNIVersion, nil
42 | }
43 | 
44 | // Create creates a CNI Result using the given JSON with the expected
45 | // version, or an error if the creation could not be performed
46 | func Create(version string, bytes []byte) (types.Result, error) {
47 | 	return convert.Create(version, bytes)
48 | }
49 | 
50 | // CreateFromBytes creates a CNI Result from the given JSON, automatically
51 | // detecting the CNI spec version of the result. An error is returned if the
52 | // operation could not be performed.
53 | func CreateFromBytes(bytes []byte) (types.Result, error) {
54 | 	version, err := DecodeVersion(bytes)
55 | 	if err != nil {
56 | 		return nil, err
57 | 	}
58 | 	return convert.Create(version, bytes)
59 | }
60 | 


--------------------------------------------------------------------------------
/pkg/types/internal/convert.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package convert
16 | 
17 | import (
18 | 	"fmt"
19 | 
20 | 	"github.com/containernetworking/cni/pkg/types"
21 | )
22 | 
23 | // ConvertFn should convert from the given arbitrary Result type into a
24 | // Result implementing CNI specification version passed in toVersion.
25 | // The function is guaranteed to be passed a Result type matching the
26 | // fromVersion it was registered with, and is guaranteed to be
27 | // passed a toVersion matching one of the toVersions it was registered with.
28 | type ConvertFn func(from types.Result, toVersion string) (types.Result, error)
29 | 
30 | type converter struct {
31 | 	// fromVersion is the CNI Result spec version that convertFn accepts
32 | 	fromVersion string
33 | 	// toVersions is a list of versions that convertFn can convert to
34 | 	toVersions []string
35 | 	convertFn  ConvertFn
36 | }
37 | 
38 | var converters []*converter
39 | 
40 | func findConverter(fromVersion, toVersion string) *converter {
41 | 	for _, c := range converters {
42 | 		if c.fromVersion == fromVersion {
43 | 			for _, v := range c.toVersions {
44 | 				if v == toVersion {
45 | 					return c
46 | 				}
47 | 			}
48 | 		}
49 | 	}
50 | 	return nil
51 | }
52 | 
53 | // Convert converts a CNI Result to the requested CNI specification version,
54 | // or returns an error if the conversion could not be performed or failed
55 | func Convert(from types.Result, toVersion string) (types.Result, error) {
56 | 	if toVersion == "" {
57 | 		toVersion = "0.1.0"
58 | 	}
59 | 
60 | 	fromVersion := from.Version()
61 | 
62 | 	// Shortcut for same version
63 | 	if fromVersion == toVersion {
64 | 		return from, nil
65 | 	}
66 | 
67 | 	// Otherwise find the right converter
68 | 	c := findConverter(fromVersion, toVersion)
69 | 	if c == nil {
70 | 		return nil, fmt.Errorf("no converter for CNI result version %s to %s",
71 | 			fromVersion, toVersion)
72 | 	}
73 | 	return c.convertFn(from, toVersion)
74 | }
75 | 
76 | // RegisterConverter registers a CNI Result converter. SHOULD NOT BE CALLED
77 | // EXCEPT FROM CNI ITSELF.
78 | func RegisterConverter(fromVersion string, toVersions []string, convertFn ConvertFn) {
79 | 	// Make sure there is no converter already registered for these
80 | 	// from and to versions
81 | 	for _, v := range toVersions {
82 | 		if findConverter(fromVersion, v) != nil {
83 | 			panic(fmt.Sprintf("converter already registered for %s to %s",
84 | 				fromVersion, v))
85 | 		}
86 | 	}
87 | 	converters = append(converters, &converter{
88 | 		fromVersion: fromVersion,
89 | 		toVersions:  toVersions,
90 | 		convertFn:   convertFn,
91 | 	})
92 | }
93 | 


--------------------------------------------------------------------------------
/pkg/types/internal/create.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package convert
16 | 
17 | import (
18 | 	"fmt"
19 | 
20 | 	"github.com/containernetworking/cni/pkg/types"
21 | )
22 | 
23 | type ResultFactoryFunc func([]byte) (types.Result, error)
24 | 
25 | type creator struct {
26 | 	// CNI Result spec versions that createFn can create a Result for
27 | 	versions []string
28 | 	createFn ResultFactoryFunc
29 | }
30 | 
31 | var creators []*creator
32 | 
33 | func findCreator(version string) *creator {
34 | 	for _, c := range creators {
35 | 		for _, v := range c.versions {
36 | 			if v == version {
37 | 				return c
38 | 			}
39 | 		}
40 | 	}
41 | 	return nil
42 | }
43 | 
44 | // Create creates a CNI Result using the given JSON, or an error if the creation
45 | // could not be performed
46 | func Create(version string, bytes []byte) (types.Result, error) {
47 | 	if c := findCreator(version); c != nil {
48 | 		return c.createFn(bytes)
49 | 	}
50 | 	return nil, fmt.Errorf("unsupported CNI result version %q", version)
51 | }
52 | 
53 | // RegisterCreator registers a CNI Result creator. SHOULD NOT BE CALLED
54 | // EXCEPT FROM CNI ITSELF.
55 | func RegisterCreator(versions []string, createFn ResultFactoryFunc) {
56 | 	// Make sure there is no creator already registered for these versions
57 | 	for _, v := range versions {
58 | 		if findCreator(v) != nil {
59 | 			panic(fmt.Sprintf("creator already registered for %s", v))
60 | 		}
61 | 	}
62 | 	creators = append(creators, &creator{
63 | 		versions: versions,
64 | 		createFn: createFn,
65 | 	})
66 | }
67 | 


--------------------------------------------------------------------------------
/pkg/types/types_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package types_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestTypes(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Types Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/types/types_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2017 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package types_test
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"net"
 20 | 
 21 | 	. "github.com/onsi/ginkgo/v2"
 22 | 	. "github.com/onsi/gomega"
 23 | 
 24 | 	"github.com/containernetworking/cni/pkg/types"
 25 | 	types040 "github.com/containernetworking/cni/pkg/types/040"
 26 | 	current "github.com/containernetworking/cni/pkg/types/100"
 27 | )
 28 | 
 29 | var _ = Describe("Types", func() {
 30 | 	Describe("ParseCIDR", func() {
 31 | 		DescribeTable("Parse and stringify",
 32 | 			func(input, expectedIP string, expectedMask int) {
 33 | 				ipn, err := types.ParseCIDR(input)
 34 | 				Expect(err).NotTo(HaveOccurred())
 35 | 				Expect(ipn.String()).To(Equal(input))
 36 | 
 37 | 				Expect(ipn.IP.String()).To(Equal(expectedIP))
 38 | 				ones, _ := ipn.Mask.Size()
 39 | 				Expect(ones).To(Equal(expectedMask))
 40 | 			},
 41 | 			Entry("ipv4", "1.2.3.4/24", "1.2.3.4", 24),
 42 | 			Entry("ipv6", "2001:db8::/32", "2001:db8::", 32),
 43 | 		)
 44 | 		It("returns an error when given invalid inputs", func() {
 45 | 			ipn, err := types.ParseCIDR("1.2.3/45")
 46 | 			Expect(ipn).To(BeNil())
 47 | 			Expect(err).To(MatchError("invalid CIDR address: 1.2.3/45"))
 48 | 		})
 49 | 	})
 50 | 
 51 | 	Describe("custom IPNet type", func() {
 52 | 		It("marshals and unmarshals to JSON as a string", func() {
 53 | 			ipn := types.IPNet{
 54 | 				IP:   net.ParseIP("1.2.3.4"),
 55 | 				Mask: net.CIDRMask(24, 32),
 56 | 			}
 57 | 			jsonBytes, err := json.Marshal(ipn)
 58 | 			Expect(err).NotTo(HaveOccurred())
 59 | 			Expect(jsonBytes).To(MatchJSON(`"1.2.3.4/24"`))
 60 | 
 61 | 			var unmarshaled types.IPNet
 62 | 			Expect(json.Unmarshal(jsonBytes, &unmarshaled)).To(Succeed())
 63 | 			Expect(unmarshaled).To(Equal(ipn))
 64 | 		})
 65 | 
 66 | 		Context("when the json data is not syntactically valid", func() {
 67 | 			Specify("UnmarshalJSON returns an error", func() {
 68 | 				ipn := new(types.IPNet)
 69 | 				err := ipn.UnmarshalJSON([]byte("1"))
 70 | 				Expect(err).To(MatchError("json: cannot unmarshal number into Go value of type string"))
 71 | 			})
 72 | 		})
 73 | 
 74 | 		Context("when the json data is not semantically valid", func() {
 75 | 			Specify("UnmarshalJSON returns an error", func() {
 76 | 				ipn := new(types.IPNet)
 77 | 				err := ipn.UnmarshalJSON([]byte(`"1.2.3.4/99"`))
 78 | 				Expect(err).To(MatchError("invalid CIDR address: 1.2.3.4/99"))
 79 | 			})
 80 | 		})
 81 | 	})
 82 | 
 83 | 	Describe("custom Route type", func() {
 84 | 		var example types.Route
 85 | 		BeforeEach(func() {
 86 | 			example = types.Route{
 87 | 				Dst: net.IPNet{
 88 | 					IP:   net.ParseIP("1.2.3.0"),
 89 | 					Mask: net.CIDRMask(24, 32),
 90 | 				},
 91 | 				GW:       net.ParseIP("1.2.3.1"),
 92 | 				MTU:      1500,
 93 | 				AdvMSS:   1340,
 94 | 				Priority: 100,
 95 | 				Table:    types040.Int(50),
 96 | 				Scope:    types040.Int(253),
 97 | 			}
 98 | 		})
 99 | 
100 | 		It("marshals and unmarshals to JSON", func() {
101 | 			jsonBytes, err := json.Marshal(example)
102 | 			Expect(err).NotTo(HaveOccurred())
103 | 			Expect(jsonBytes).To(MatchJSON(`{ "dst": "1.2.3.0/24", "gw": "1.2.3.1", "mtu": 1500, "advmss": 1340, "priority": 100, "table": 50, "scope": 253 }`))
104 | 
105 | 			var unmarshaled types.Route
106 | 			Expect(json.Unmarshal(jsonBytes, &unmarshaled)).To(Succeed())
107 | 			Expect(unmarshaled).To(Equal(example))
108 | 		})
109 | 
110 | 		Context("when the json data is not valid", func() {
111 | 			Specify("UnmarshalJSON returns an error", func() {
112 | 				route := new(types.Route)
113 | 				err := route.UnmarshalJSON([]byte(`{ "dst": "1.2.3.0/24", "gw": "1.2.3.x" }`))
114 | 				Expect(err).To(MatchError("invalid IP address: 1.2.3.x"))
115 | 			})
116 | 		})
117 | 
118 | 		It("formats as a string with a hex mask", func() {
119 | 			Expect(example.String()).To(Equal(`{Dst:{IP:1.2.3.0 Mask:ffffff00} GW:1.2.3.1 MTU:1500 AdvMSS:1340 Priority:100 Table:50 Scope:253}`))
120 | 		})
121 | 	})
122 | 
123 | 	Describe("Error type", func() {
124 | 		var example *types.Error
125 | 		BeforeEach(func() {
126 | 			example = &types.Error{
127 | 				Code:    1234,
128 | 				Msg:     "some message",
129 | 				Details: "some details",
130 | 			}
131 | 		})
132 | 
133 | 		Describe("Error() method (basic string)", func() {
134 | 			It("returns a formatted string", func() {
135 | 				Expect(example.Error()).To(Equal("some message; some details"))
136 | 			})
137 | 			Context("when details are not present", func() {
138 | 				BeforeEach(func() {
139 | 					example.Details = ""
140 | 				})
141 | 				It("returns only the message", func() {
142 | 					Expect(example.Error()).To(Equal("some message"))
143 | 				})
144 | 			})
145 | 		})
146 | 
147 | 		It("NewError method", func() {
148 | 			err := types.NewError(1234, "some message", "some details")
149 | 			Expect(err).To(Equal(example))
150 | 		})
151 | 	})
152 | 
153 | 	Describe("Result conversion", func() {
154 | 		var result *current.Result
155 | 		BeforeEach(func() {
156 | 			ipv4, err := types.ParseCIDR("1.2.3.30/24")
157 | 			Expect(err).NotTo(HaveOccurred())
158 | 			Expect(ipv4).NotTo(BeNil())
159 | 
160 | 			ipv6, err := types.ParseCIDR("abcd:1234:ffff::cdde/64")
161 | 			Expect(err).NotTo(HaveOccurred())
162 | 			Expect(ipv6).NotTo(BeNil())
163 | 			result = &current.Result{
164 | 				CNIVersion: "1.0.0",
165 | 				Interfaces: []*current.Interface{
166 | 					{
167 | 						Name:       "eth0",
168 | 						Mac:        "00:11:22:33:44:55",
169 | 						Sandbox:    "/proc/3553/ns/net",
170 | 						PciID:      "8086:9a01",
171 | 						SocketPath: "/path/to/vhost/fd",
172 | 					},
173 | 				},
174 | 				IPs: []*current.IPConfig{
175 | 					{
176 | 						Interface: current.Int(0),
177 | 						Address:   *ipv4,
178 | 						Gateway:   net.ParseIP("1.2.3.1"),
179 | 					},
180 | 					{
181 | 						Interface: current.Int(0),
182 | 						Address:   *ipv6,
183 | 						Gateway:   net.ParseIP("abcd:1234:ffff::1"),
184 | 					},
185 | 				},
186 | 				DNS: types.DNS{
187 | 					Nameservers: []string{"1.2.3.4", "1::cafe"},
188 | 					Domain:      "acompany.com",
189 | 					Search:      []string{"somedomain.com", "otherdomain.net"},
190 | 					Options:     []string{"foo", "bar"},
191 | 				},
192 | 			}
193 | 		})
194 | 
195 | 		It("can create a CNIVersion '' (0.1.0) result", func() {
196 | 			newResult, err := result.GetAsVersion("")
197 | 			Expect(err).NotTo(HaveOccurred())
198 | 			Expect(newResult.Version()).To(Equal("0.1.0"))
199 | 		})
200 | 	})
201 | })
202 | 


--------------------------------------------------------------------------------
/pkg/utils/utils.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2019 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package utils
16 | 
17 | import (
18 | 	"bytes"
19 | 	"fmt"
20 | 	"regexp"
21 | 	"unicode"
22 | 
23 | 	"github.com/containernetworking/cni/pkg/types"
24 | )
25 | 
26 | const (
27 | 	// cniValidNameChars is the regexp used to validate valid characters in
28 | 	// containerID and networkName
29 | 	cniValidNameChars = `[a-zA-Z0-9][a-zA-Z0-9_.\-]`
30 | 
31 | 	// maxInterfaceNameLength is the length max of a valid interface name
32 | 	maxInterfaceNameLength = 15
33 | )
34 | 
35 | var cniReg = regexp.MustCompile(`^` + cniValidNameChars + `*$`)
36 | 
37 | // ValidateContainerID will validate that the supplied containerID is not empty does not contain invalid characters
38 | func ValidateContainerID(containerID string) *types.Error {
39 | 	if containerID == "" {
40 | 		return types.NewError(types.ErrUnknownContainer, "missing containerID", "")
41 | 	}
42 | 	if !cniReg.MatchString(containerID) {
43 | 		return types.NewError(types.ErrInvalidEnvironmentVariables, "invalid characters in containerID", containerID)
44 | 	}
45 | 	return nil
46 | }
47 | 
48 | // ValidateNetworkName will validate that the supplied networkName does not contain invalid characters
49 | func ValidateNetworkName(networkName string) *types.Error {
50 | 	if networkName == "" {
51 | 		return types.NewError(types.ErrInvalidNetworkConfig, "missing network name:", "")
52 | 	}
53 | 	if !cniReg.MatchString(networkName) {
54 | 		return types.NewError(types.ErrInvalidNetworkConfig, "invalid characters found in network name", networkName)
55 | 	}
56 | 	return nil
57 | }
58 | 
59 | // ValidateInterfaceName will validate the interface name based on the four rules below
60 | // 1. The name must not be empty
61 | // 2. The name must be less than 16 characters
62 | // 3. The name must not be "." or ".."
63 | // 4. The name must not contain / or : or any whitespace characters
64 | // ref to https://github.com/torvalds/linux/blob/master/net/core/dev.c#L1024
65 | func ValidateInterfaceName(ifName string) *types.Error {
66 | 	if len(ifName) == 0 {
67 | 		return types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is empty", "")
68 | 	}
69 | 	if len(ifName) > maxInterfaceNameLength {
70 | 		return types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is too long", fmt.Sprintf("interface name should be less than %d characters", maxInterfaceNameLength+1))
71 | 	}
72 | 	if ifName == "." || ifName == ".." {
73 | 		return types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is . or ..", "")
74 | 	}
75 | 	for _, r := range bytes.Runes([]byte(ifName)) {
76 | 		if r == '/' || r == ':' || unicode.IsSpace(r) {
77 | 			return types.NewError(types.ErrInvalidEnvironmentVariables, "interface name contains / or : or whitespace characters", "")
78 | 		}
79 | 	}
80 | 
81 | 	return nil
82 | }
83 | 


--------------------------------------------------------------------------------
/pkg/utils/utils_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2019 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package utils_test
 16 | 
 17 | import (
 18 | 	"reflect"
 19 | 	"testing"
 20 | 
 21 | 	"github.com/containernetworking/cni/pkg/types"
 22 | 	"github.com/containernetworking/cni/pkg/utils"
 23 | )
 24 | 
 25 | func TestValidateContainerID(t *testing.T) {
 26 | 	testData := []struct {
 27 | 		description string
 28 | 		containerID string
 29 | 		err         *types.Error
 30 | 	}{
 31 | 		{
 32 | 			description: "empty containerID",
 33 | 			containerID: "",
 34 | 			err:         types.NewError(types.ErrUnknownContainer, "missing containerID", ""),
 35 | 		},
 36 | 		{
 37 | 			description: "invalid characters in containerID",
 38 | 			containerID: "1234%%%",
 39 | 			err:         types.NewError(types.ErrInvalidEnvironmentVariables, "invalid characters in containerID", "1234%%%"),
 40 | 		},
 41 | 		{
 42 | 			description: "normal containerID",
 43 | 			containerID: "a51debf7e1eb",
 44 | 			err:         nil,
 45 | 		},
 46 | 	}
 47 | 
 48 | 	for _, tt := range testData {
 49 | 		err := utils.ValidateContainerID(tt.containerID)
 50 | 		if !reflect.DeepEqual(tt.err, err) {
 51 | 			t.Errorf("Expected '%v' but got '%v'", tt.err, err)
 52 | 		}
 53 | 	}
 54 | }
 55 | 
 56 | func TestValidateNetworkName(t *testing.T) {
 57 | 	testData := []struct {
 58 | 		description string
 59 | 		networkName string
 60 | 		err         *types.Error
 61 | 	}{
 62 | 		{
 63 | 			description: "empty networkName",
 64 | 			networkName: "",
 65 | 			err:         types.NewError(types.ErrInvalidNetworkConfig, "missing network name:", ""),
 66 | 		},
 67 | 		{
 68 | 			description: "invalid characters in networkName",
 69 | 			networkName: "1234%%%",
 70 | 			err:         types.NewError(types.ErrInvalidNetworkConfig, "invalid characters found in network name", "1234%%%"),
 71 | 		},
 72 | 		{
 73 | 			description: "normal networkName",
 74 | 			networkName: "eth0",
 75 | 			err:         nil,
 76 | 		},
 77 | 	}
 78 | 
 79 | 	for _, tt := range testData {
 80 | 		err := utils.ValidateNetworkName(tt.networkName)
 81 | 		if !reflect.DeepEqual(tt.err, err) {
 82 | 			t.Errorf("Expected '%v' but got '%v'", tt.err, err)
 83 | 		}
 84 | 	}
 85 | }
 86 | 
 87 | func TestValidateInterfaceName(t *testing.T) {
 88 | 	testData := []struct {
 89 | 		description   string
 90 | 		interfaceName string
 91 | 		err           *types.Error
 92 | 	}{
 93 | 		{
 94 | 			description:   "empty interfaceName",
 95 | 			interfaceName: "",
 96 | 			err:           types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is empty", ""),
 97 | 		},
 98 | 		{
 99 | 			description:   "more than 16 characters in interfaceName",
100 | 			interfaceName: "testnamemorethan16",
101 | 			err:           types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is too long", "interface name should be less than 16 characters"),
102 | 		},
103 | 		{
104 | 			description:   "interfaceName is .",
105 | 			interfaceName: ".",
106 | 			err:           types.NewError(types.ErrInvalidEnvironmentVariables, "interface name is . or ..", ""),
107 | 		},
108 | 		{
109 | 			description:   "interfaceName contains /",
110 | 			interfaceName: "/testname",
111 | 			err:           types.NewError(types.ErrInvalidEnvironmentVariables, "interface name contains / or : or whitespace characters", ""),
112 | 		},
113 | 		{
114 | 			description:   "interfaceName contains whitespace characters",
115 | 			interfaceName: "test name",
116 | 			err:           types.NewError(types.ErrInvalidEnvironmentVariables, "interface name contains / or : or whitespace characters", ""),
117 | 		},
118 | 		{
119 | 			description:   "normal interfaceName",
120 | 			interfaceName: "testname",
121 | 			err:           nil,
122 | 		},
123 | 	}
124 | 
125 | 	for _, tt := range testData {
126 | 		err := utils.ValidateInterfaceName(tt.interfaceName)
127 | 		if !reflect.DeepEqual(tt.err, err) {
128 | 			t.Errorf("Expected '%v' but got '%v'", tt.err, err)
129 | 		}
130 | 	}
131 | }
132 | 


--------------------------------------------------------------------------------
/pkg/version/conf.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version
16 | 
17 | import (
18 | 	"github.com/containernetworking/cni/pkg/types/create"
19 | )
20 | 
21 | // ConfigDecoder can decode the CNI version available in network config data
22 | type ConfigDecoder struct{}
23 | 
24 | func (*ConfigDecoder) Decode(jsonBytes []byte) (string, error) {
25 | 	return create.DecodeVersion(jsonBytes)
26 | }
27 | 


--------------------------------------------------------------------------------
/pkg/version/conf_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version_test
16 | 
17 | import (
18 | 	. "github.com/onsi/ginkgo/v2"
19 | 	. "github.com/onsi/gomega"
20 | 
21 | 	"github.com/containernetworking/cni/pkg/version"
22 | )
23 | 
24 | var _ = Describe("Decoding the version of network config", func() {
25 | 	var (
26 | 		decoder     *version.ConfigDecoder
27 | 		configBytes []byte
28 | 	)
29 | 
30 | 	BeforeEach(func() {
31 | 		decoder = &version.ConfigDecoder{}
32 | 		configBytes = []byte(`{ "cniVersion": "4.3.2" }`)
33 | 	})
34 | 
35 | 	Context("when the version is explicit", func() {
36 | 		It("returns the version", func() {
37 | 			version, err := decoder.Decode(configBytes)
38 | 			Expect(err).NotTo(HaveOccurred())
39 | 
40 | 			Expect(version).To(Equal("4.3.2"))
41 | 		})
42 | 	})
43 | 
44 | 	Context("when the version is not present in the config", func() {
45 | 		BeforeEach(func() {
46 | 			configBytes = []byte(`{ "not-a-version-field": "foo" }`)
47 | 		})
48 | 
49 | 		It("assumes the config is version 0.1.0", func() {
50 | 			version, err := decoder.Decode(configBytes)
51 | 			Expect(err).NotTo(HaveOccurred())
52 | 
53 | 			Expect(version).To(Equal("0.1.0"))
54 | 		})
55 | 	})
56 | 
57 | 	Context("when the config data is malformed", func() {
58 | 		BeforeEach(func() {
59 | 			configBytes = []byte(`{{{`)
60 | 		})
61 | 
62 | 		It("returns a useful error", func() {
63 | 			_, err := decoder.Decode(configBytes)
64 | 			Expect(err).To(MatchError(HavePrefix(
65 | 				"decoding version from network config: invalid character",
66 | 			)))
67 | 		})
68 | 	})
69 | })
70 | 


--------------------------------------------------------------------------------
/pkg/version/legacy_examples/example_runtime.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package legacy_examples
 16 | 
 17 | import (
 18 | 	"fmt"
 19 | 	"os"
 20 | 
 21 | 	noop_debug "github.com/containernetworking/cni/plugins/test/noop/debug"
 22 | )
 23 | 
 24 | // An ExampleRuntime is a small program that uses libcni to invoke a network plugin.
 25 | // It should call ADD and DELETE, verifying all intermediate steps
 26 | // and data structures.
 27 | type ExampleRuntime struct {
 28 | 	Example
 29 | 	NetConfs []string // The network configuration names to pass
 30 | }
 31 | 
 32 | type exampleNetConfTemplate struct {
 33 | 	conf   string
 34 | 	result string
 35 | }
 36 | 
 37 | // NetConfs are various versioned network configuration files. Examples should
 38 | // specify which version they expect
 39 | var netConfTemplates = map[string]exampleNetConfTemplate{
 40 | 	"unversioned": {
 41 | 		conf: `{
 42 | 	"name": "default",
 43 | 	"type": "noop",
 44 | 	"debugFile": "%s"
 45 | }`,
 46 | 		result: `{
 47 | 	"ip4": {
 48 | 		"ip": "1.2.3.30/24",
 49 | 		"gateway": "1.2.3.1",
 50 | 		"routes": [
 51 | 			{
 52 | 				"dst": "15.5.6.0/24",
 53 | 				"gw": "15.5.6.8"
 54 | 			}
 55 | 		]
 56 | 	},
 57 | 	"ip6": {
 58 | 		"ip": "abcd:1234:ffff::cdde/64",
 59 | 		"gateway": "abcd:1234:ffff::1",
 60 | 		"routes": [
 61 | 			{
 62 | 				"dst": "1111:dddd::/80",
 63 | 				"gw": "1111:dddd::aaaa"
 64 | 			}
 65 | 		]
 66 | 	},
 67 | 	"dns":{}
 68 | }`,
 69 | 	},
 70 | 	"0.1.0": {
 71 | 		conf: `{
 72 | 	"cniVersion": "0.1.0",
 73 | 	"name": "default",
 74 | 	"type": "noop",
 75 | 	"debugFile": "%s"
 76 | }`,
 77 | 		result: `{
 78 | 	"cniVersion": "0.1.0",
 79 | 	"ip4": {
 80 | 		"ip": "1.2.3.30/24",
 81 | 		"gateway": "1.2.3.1",
 82 | 		"routes": [
 83 | 			{
 84 | 				"dst": "15.5.6.0/24",
 85 | 				"gw": "15.5.6.8"
 86 | 			}
 87 | 		]
 88 | 	},
 89 | 	"ip6": {
 90 | 		"ip": "abcd:1234:ffff::cdde/64",
 91 | 		"gateway": "abcd:1234:ffff::1",
 92 | 		"routes": [
 93 | 			{
 94 | 				"dst": "1111:dddd::/80",
 95 | 				"gw": "1111:dddd::aaaa"
 96 | 			}
 97 | 		]
 98 | 	},
 99 | 	"dns":{}
100 | }`,
101 | 	},
102 | }
103 | 
104 | func (e *ExampleRuntime) GenerateNetConf(name string) (*ExampleNetConf, error) {
105 | 	template, ok := netConfTemplates[name]
106 | 	if !ok {
107 | 		return nil, fmt.Errorf("unknown example net config template %q", name)
108 | 	}
109 | 
110 | 	debugFile, err := os.CreateTemp("", "cni_debug")
111 | 	if err != nil {
112 | 		return nil, fmt.Errorf("failed to create noop plugin debug file: %w", err)
113 | 	}
114 | 	debugFilePath := debugFile.Name()
115 | 
116 | 	debug := &noop_debug.Debug{
117 | 		ReportResult: template.result,
118 | 	}
119 | 	if err := debug.WriteDebug(debugFilePath); err != nil {
120 | 		os.Remove(debugFilePath)
121 | 		return nil, fmt.Errorf("failed to write noop plugin debug file %q: %w", debugFilePath, err)
122 | 	}
123 | 	conf := &ExampleNetConf{
124 | 		Config:        fmt.Sprintf(template.conf, debugFilePath),
125 | 		debugFilePath: debugFilePath,
126 | 	}
127 | 
128 | 	return conf, nil
129 | }
130 | 
131 | type ExampleNetConf struct {
132 | 	Config        string
133 | 	debugFilePath string
134 | }
135 | 
136 | func (c *ExampleNetConf) Cleanup() {
137 | 	os.Remove(c.debugFilePath)
138 | }
139 | 
140 | // V010_Runtime creates a simple noop network configuration, then
141 | // executes libcni against the noop test plugin.
142 | var V010_Runtime = ExampleRuntime{
143 | 	NetConfs: []string{"unversioned", "0.1.0"},
144 | 	Example: Example{
145 | 		Name:          "example_invoker_v010",
146 | 		CNIRepoGitRef: "c0d34c69", // version with ns.Do
147 | 		PluginSource: `package main
148 | 
149 | import (
150 | 	"fmt"
151 | 	"io"
152 | 	"os"
153 | 
154 | 	"github.com/containernetworking/cni/libcni"
155 | )
156 | 
157 | func main(){
158 | 	code :=	exec()
159 | 	os.Exit(code)
160 | }
161 | 
162 | func exec() int {
163 | 	confBytes, err := io.ReadAll(os.Stdin)
164 | 	if err != nil {
165 | 		fmt.Printf("could not read netconfig from stdin: %+v", err)
166 | 		return 1
167 | 	}
168 | 
169 | 	netConf, err := libcni.ConfFromBytes(confBytes)
170 | 	if err != nil {
171 | 		fmt.Printf("could not parse netconfig: %+v", err)
172 | 		return 1
173 | 	}
174 | 	fmt.Printf("Parsed network configuration: %+v\n", netConf.Network)
175 | 
176 | 	if len(os.Args) == 1 {
177 | 		fmt.Printf("Expect CNI plugin paths in argv")
178 | 		return 1
179 | 	}
180 | 
181 | 	runtimeConf := &libcni.RuntimeConf{
182 | 		ContainerID: "some-container-id",
183 | 		NetNS:       "/some/netns/path",
184 | 		IfName:      "eth0",
185 | 	}
186 | 
187 | 	cniConfig := &libcni.CNIConfig{Path: os.Args[1:]}
188 | 
189 | 	result, err := cniConfig.AddNetwork(netConf, runtimeConf)
190 | 	if err != nil {
191 | 		fmt.Printf("AddNetwork failed: %+v", err)
192 | 		return 2
193 | 	}
194 | 	fmt.Printf("AddNetwork result: %+v", result)
195 | 
196 | 	// Validate expected results
197 | 	const expectedIP4 string = "1.2.3.30/24"
198 | 	if result.IP4.IP.String() != expectedIP4 {
199 | 		fmt.Printf("Expected IPv4 address %q, got %q", expectedIP4, result.IP4.IP.String())
200 | 		return 3
201 | 	}
202 | 	const expectedIP6 string = "abcd:1234:ffff::cdde/64"
203 | 	if result.IP6.IP.String() != expectedIP6 {
204 | 		fmt.Printf("Expected IPv6 address %q, got %q", expectedIP6, result.IP6.IP.String())
205 | 		return 4
206 | 	}
207 | 
208 | 	err = cniConfig.DelNetwork(netConf, runtimeConf)
209 | 	if err != nil {
210 | 		fmt.Printf("DelNetwork failed: %v", err)
211 | 		return 5
212 | 	}
213 | 
214 | 	return 0
215 | }
216 | `,
217 | 	},
218 | }
219 | 


--------------------------------------------------------------------------------
/pkg/version/legacy_examples/examples.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | // Package legacy_examples contains sample code from prior versions of
 16 | // the CNI library, for use in verifying backwards compatibility.
 17 | package legacy_examples
 18 | 
 19 | import (
 20 | 	"net"
 21 | 	"os"
 22 | 	"path/filepath"
 23 | 	"runtime"
 24 | 	"sync"
 25 | 
 26 | 	"github.com/containernetworking/cni/pkg/types"
 27 | 	"github.com/containernetworking/cni/pkg/types/020"
 28 | 	"github.com/containernetworking/cni/pkg/version/testhelpers"
 29 | )
 30 | 
 31 | // An Example is a Git reference to the CNI repo and a Golang CNI plugin that
 32 | // builds against that version of the repo.
 33 | //
 34 | // By convention, every Example plugin returns an ADD result that is
 35 | // semantically equivalent to the ExpectedResult.
 36 | type Example struct {
 37 | 	Name          string
 38 | 	CNIRepoGitRef string
 39 | 	PluginSource  string
 40 | }
 41 | 
 42 | var (
 43 | 	buildDir     = ""
 44 | 	buildDirLock sync.Mutex
 45 | )
 46 | 
 47 | func ensureBuildDirExists() error {
 48 | 	buildDirLock.Lock()
 49 | 	defer buildDirLock.Unlock()
 50 | 
 51 | 	if buildDir != "" {
 52 | 		return nil
 53 | 	}
 54 | 
 55 | 	var err error
 56 | 	buildDir, err = os.MkdirTemp("", "cni-example-plugins")
 57 | 	return err
 58 | }
 59 | 
 60 | // Build builds the example, returning the path to the binary
 61 | func (e Example) Build() (string, error) {
 62 | 	if err := ensureBuildDirExists(); err != nil {
 63 | 		return "", err
 64 | 	}
 65 | 
 66 | 	outBinPath := filepath.Join(buildDir, e.Name)
 67 | 	if runtime.GOOS == "windows" {
 68 | 		outBinPath += ".exe"
 69 | 	}
 70 | 
 71 | 	if err := testhelpers.BuildAt([]byte(e.PluginSource), e.CNIRepoGitRef, outBinPath); err != nil {
 72 | 		return "", err
 73 | 	}
 74 | 	return outBinPath, nil
 75 | }
 76 | 
 77 | // V010 acts like a CNI plugin from the v0.1.0 era
 78 | var V010 = Example{
 79 | 	Name:          "example_v010",
 80 | 	CNIRepoGitRef: "2c482f4",
 81 | 	PluginSource: `package main
 82 | 
 83 | import (
 84 | 	"net"
 85 | 
 86 | 	"github.com/containernetworking/cni/pkg/skel"
 87 | 	"github.com/containernetworking/cni/pkg/types"
 88 | )
 89 | 
 90 | var result = types.Result{
 91 | 	IP4: &types.IPConfig{
 92 | 		IP: net.IPNet{
 93 | 			IP:   net.ParseIP("10.1.2.3"),
 94 | 			Mask: net.CIDRMask(24, 32),
 95 | 		},
 96 | 		Gateway: net.ParseIP("10.1.2.1"),
 97 | 		Routes: []types.Route{
 98 | 			types.Route{
 99 | 				Dst: net.IPNet{
100 | 					IP:   net.ParseIP("0.0.0.0"),
101 | 					Mask: net.CIDRMask(0, 32),
102 | 				},
103 | 				GW: net.ParseIP("10.1.0.1"),
104 | 			},
105 | 		},
106 | 	},
107 | 	DNS: types.DNS{
108 | 		Nameservers: []string{"8.8.8.8"},
109 | 		Domain:      "example.com",
110 | 	},
111 | }
112 | 
113 | func c(_ *skel.CmdArgs) error { result.Print(); return nil }
114 | 
115 | func main() { skel.PluginMain(c, c) }
116 | `,
117 | }
118 | 
119 | // ExpectedResult is the current representation of the plugin result
120 | // that is expected from each of the examples.
121 | //
122 | // As we change the CNI spec, the Result type and this value may change.
123 | // The text of the example plugins should not.
124 | var ExpectedResult = &types020.Result{
125 | 	CNIVersion: "0.1.0",
126 | 	IP4: &types020.IPConfig{
127 | 		IP: net.IPNet{
128 | 			IP:   net.ParseIP("10.1.2.3"),
129 | 			Mask: net.CIDRMask(24, 32),
130 | 		},
131 | 		Gateway: net.ParseIP("10.1.2.1"),
132 | 		Routes: []types.Route{
133 | 			{
134 | 				Dst: net.IPNet{
135 | 					IP:   net.ParseIP("0.0.0.0"),
136 | 					Mask: net.CIDRMask(0, 32),
137 | 				},
138 | 				GW: net.ParseIP("10.1.0.1"),
139 | 			},
140 | 		},
141 | 	},
142 | 	DNS: types.DNS{
143 | 		Nameservers: []string{"8.8.8.8"},
144 | 		Domain:      "example.com",
145 | 	},
146 | }
147 | 


--------------------------------------------------------------------------------
/pkg/version/legacy_examples/legacy_examples_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package legacy_examples_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestLegacyExamples(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "LegacyExamples Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/version/legacy_examples/legacy_examples_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package legacy_examples_test
16 | 
17 | import (
18 | 	"os"
19 | 	"path/filepath"
20 | 	"runtime"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | 
25 | 	"github.com/containernetworking/cni/pkg/version/legacy_examples"
26 | )
27 | 
28 | var _ = Describe("The v0.1.0 Example", func() {
29 | 	It("builds ok", func() {
30 | 		example := legacy_examples.V010
31 | 		pluginPath, err := example.Build()
32 | 		Expect(err).NotTo(HaveOccurred())
33 | 
34 | 		expectedBaseName := example.Name
35 | 		if runtime.GOOS == "windows" {
36 | 			expectedBaseName += ".exe"
37 | 		}
38 | 		Expect(filepath.Base(pluginPath)).To(Equal(expectedBaseName))
39 | 
40 | 		Expect(os.RemoveAll(pluginPath)).To(Succeed())
41 | 	})
42 | })
43 | 


--------------------------------------------------------------------------------
/pkg/version/plugin.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package version
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"fmt"
 20 | 	"io"
 21 | 	"strconv"
 22 | 	"strings"
 23 | )
 24 | 
 25 | // PluginInfo reports information about CNI versioning
 26 | type PluginInfo interface {
 27 | 	// SupportedVersions returns one or more CNI spec versions that the plugin
 28 | 	// supports.  If input is provided in one of these versions, then the plugin
 29 | 	// promises to use the same CNI version in its response
 30 | 	SupportedVersions() []string
 31 | 
 32 | 	// Encode writes this CNI version information as JSON to the given Writer
 33 | 	Encode(io.Writer) error
 34 | }
 35 | 
 36 | type pluginInfo struct {
 37 | 	CNIVersion_        string   `json:"cniVersion"`
 38 | 	SupportedVersions_ []string `json:"supportedVersions,omitempty"`
 39 | }
 40 | 
 41 | // pluginInfo implements the PluginInfo interface
 42 | var _ PluginInfo = &pluginInfo{}
 43 | 
 44 | func (p *pluginInfo) Encode(w io.Writer) error {
 45 | 	return json.NewEncoder(w).Encode(p)
 46 | }
 47 | 
 48 | func (p *pluginInfo) SupportedVersions() []string {
 49 | 	return p.SupportedVersions_
 50 | }
 51 | 
 52 | // PluginSupports returns a new PluginInfo that will report the given versions
 53 | // as supported
 54 | func PluginSupports(supportedVersions ...string) PluginInfo {
 55 | 	if len(supportedVersions) < 1 {
 56 | 		panic("programmer error: you must support at least one version")
 57 | 	}
 58 | 	return &pluginInfo{
 59 | 		CNIVersion_:        Current(),
 60 | 		SupportedVersions_: supportedVersions,
 61 | 	}
 62 | }
 63 | 
 64 | // PluginDecoder can decode the response returned by a plugin's VERSION command
 65 | type PluginDecoder struct{}
 66 | 
 67 | func (*PluginDecoder) Decode(jsonBytes []byte) (PluginInfo, error) {
 68 | 	var info pluginInfo
 69 | 	err := json.Unmarshal(jsonBytes, &info)
 70 | 	if err != nil {
 71 | 		return nil, fmt.Errorf("decoding version info: %w", err)
 72 | 	}
 73 | 	if info.CNIVersion_ == "" {
 74 | 		return nil, fmt.Errorf("decoding version info: missing field cniVersion")
 75 | 	}
 76 | 	if len(info.SupportedVersions_) == 0 {
 77 | 		if info.CNIVersion_ == "0.2.0" {
 78 | 			return PluginSupports("0.1.0", "0.2.0"), nil
 79 | 		}
 80 | 		return nil, fmt.Errorf("decoding version info: missing field supportedVersions")
 81 | 	}
 82 | 	return &info, nil
 83 | }
 84 | 
 85 | // ParseVersion parses a version string like "3.0.1" or "0.4.5" into major,
 86 | // minor, and micro numbers or returns an error
 87 | func ParseVersion(version string) (int, int, int, error) {
 88 | 	var major, minor, micro int
 89 | 	if version == "" { // special case: no version declared == v0.1.0
 90 | 		return 0, 1, 0, nil
 91 | 	}
 92 | 
 93 | 	parts := strings.Split(version, ".")
 94 | 	if len(parts) >= 4 {
 95 | 		return -1, -1, -1, fmt.Errorf("invalid version %q: too many parts", version)
 96 | 	}
 97 | 
 98 | 	major, err := strconv.Atoi(parts[0])
 99 | 	if err != nil {
100 | 		return -1, -1, -1, fmt.Errorf("failed to convert major version part %q: %w", parts[0], err)
101 | 	}
102 | 
103 | 	if len(parts) >= 2 {
104 | 		minor, err = strconv.Atoi(parts[1])
105 | 		if err != nil {
106 | 			return -1, -1, -1, fmt.Errorf("failed to convert minor version part %q: %w", parts[1], err)
107 | 		}
108 | 	}
109 | 
110 | 	if len(parts) >= 3 {
111 | 		micro, err = strconv.Atoi(parts[2])
112 | 		if err != nil {
113 | 			return -1, -1, -1, fmt.Errorf("failed to convert micro version part %q: %w", parts[2], err)
114 | 		}
115 | 	}
116 | 
117 | 	return major, minor, micro, nil
118 | }
119 | 
120 | // GreaterThanOrEqualTo takes two string versions, parses them into major/minor/micro
121 | // numbers, and compares them to determine whether the first version is greater
122 | // than or equal to the second
123 | func GreaterThanOrEqualTo(version, otherVersion string) (bool, error) {
124 | 	firstMajor, firstMinor, firstMicro, err := ParseVersion(version)
125 | 	if err != nil {
126 | 		return false, err
127 | 	}
128 | 
129 | 	secondMajor, secondMinor, secondMicro, err := ParseVersion(otherVersion)
130 | 	if err != nil {
131 | 		return false, err
132 | 	}
133 | 
134 | 	if firstMajor > secondMajor {
135 | 		return true, nil
136 | 	} else if firstMajor == secondMajor {
137 | 		if firstMinor > secondMinor {
138 | 			return true, nil
139 | 		} else if firstMinor == secondMinor && firstMicro >= secondMicro {
140 | 			return true, nil
141 | 		}
142 | 	}
143 | 	return false, nil
144 | }
145 | 
146 | // GreaterThan returns true if the first version is greater than the second
147 | func GreaterThan(version, otherVersion string) (bool, error) {
148 | 	firstMajor, firstMinor, firstMicro, err := ParseVersion(version)
149 | 	if err != nil {
150 | 		return false, err
151 | 	}
152 | 
153 | 	secondMajor, secondMinor, secondMicro, err := ParseVersion(otherVersion)
154 | 	if err != nil {
155 | 		return false, err
156 | 	}
157 | 
158 | 	if firstMajor > secondMajor {
159 | 		return true, nil
160 | 	} else if firstMajor == secondMajor {
161 | 		if firstMinor > secondMinor {
162 | 			return true, nil
163 | 		} else if firstMinor == secondMinor && firstMicro > secondMicro {
164 | 			return true, nil
165 | 		}
166 | 	}
167 | 	return false, nil
168 | }
169 | 


--------------------------------------------------------------------------------
/pkg/version/plugin_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package version_test
 16 | 
 17 | import (
 18 | 	. "github.com/onsi/ginkgo/v2"
 19 | 	. "github.com/onsi/gomega"
 20 | 
 21 | 	"github.com/containernetworking/cni/pkg/version"
 22 | )
 23 | 
 24 | var _ = Describe("Decoding versions reported by a plugin", func() {
 25 | 	var (
 26 | 		decoder       *version.PluginDecoder
 27 | 		versionStdout []byte
 28 | 	)
 29 | 
 30 | 	BeforeEach(func() {
 31 | 		decoder = &version.PluginDecoder{}
 32 | 		versionStdout = []byte(`{
 33 | 			"cniVersion": "some-library-version",
 34 | 			"supportedVersions": [ "some-version", "some-other-version" ]
 35 | 		}`)
 36 | 	})
 37 | 
 38 | 	It("returns a PluginInfo that represents the given json bytes", func() {
 39 | 		pluginInfo, err := decoder.Decode(versionStdout)
 40 | 		Expect(err).NotTo(HaveOccurred())
 41 | 		Expect(pluginInfo).NotTo(BeNil())
 42 | 		Expect(pluginInfo.SupportedVersions()).To(Equal([]string{
 43 | 			"some-version",
 44 | 			"some-other-version",
 45 | 		}))
 46 | 	})
 47 | 
 48 | 	Context("when the bytes cannot be decoded as json", func() {
 49 | 		BeforeEach(func() {
 50 | 			versionStdout = []byte(`{{{`)
 51 | 		})
 52 | 
 53 | 		It("returns a meaningful error", func() {
 54 | 			_, err := decoder.Decode(versionStdout)
 55 | 			Expect(err).To(MatchError("decoding version info: invalid character '{' looking for beginning of object key string"))
 56 | 		})
 57 | 	})
 58 | 
 59 | 	Context("when the json bytes are missing the required CNIVersion field", func() {
 60 | 		BeforeEach(func() {
 61 | 			versionStdout = []byte(`{ "supportedVersions": [ "foo" ] }`)
 62 | 		})
 63 | 
 64 | 		It("returns a meaningful error", func() {
 65 | 			_, err := decoder.Decode(versionStdout)
 66 | 			Expect(err).To(MatchError("decoding version info: missing field cniVersion"))
 67 | 		})
 68 | 	})
 69 | 
 70 | 	Context("when there are no supported versions", func() {
 71 | 		BeforeEach(func() {
 72 | 			versionStdout = []byte(`{ "cniVersion": "0.2.0" }`)
 73 | 		})
 74 | 
 75 | 		It("assumes that the supported versions are 0.1.0 and 0.2.0", func() {
 76 | 			pluginInfo, err := decoder.Decode(versionStdout)
 77 | 			Expect(err).NotTo(HaveOccurred())
 78 | 			Expect(pluginInfo).NotTo(BeNil())
 79 | 			Expect(pluginInfo.SupportedVersions()).To(Equal([]string{
 80 | 				"0.1.0",
 81 | 				"0.2.0",
 82 | 			}))
 83 | 		})
 84 | 	})
 85 | 
 86 | 	Describe("ParseVersion", func() {
 87 | 		It("parses a valid version correctly", func() {
 88 | 			major, minor, micro, err := version.ParseVersion("1.2.3")
 89 | 			Expect(err).NotTo(HaveOccurred())
 90 | 			Expect(major).To(Equal(1))
 91 | 			Expect(minor).To(Equal(2))
 92 | 			Expect(micro).To(Equal(3))
 93 | 		})
 94 | 
 95 | 		It("parses an empty string as v0.1.0", func() {
 96 | 			major, minor, micro, err := version.ParseVersion("")
 97 | 			Expect(err).NotTo(HaveOccurred())
 98 | 			Expect(major).To(Equal(0))
 99 | 			Expect(minor).To(Equal(1))
100 | 			Expect(micro).To(Equal(0))
101 | 		})
102 | 
103 | 		It("returns an error for malformed versions", func() {
104 | 			badVersions := []string{"asdfasdf", "asdf.", ".asdfas", "asdf.adsf.", "0.", "..", "1.2.3.4.5"}
105 | 			for _, v := range badVersions {
106 | 				_, _, _, err := version.ParseVersion(v)
107 | 				Expect(err).To(HaveOccurred())
108 | 			}
109 | 		})
110 | 	})
111 | 
112 | 	Describe("GreaterThanOrEqualTo", func() {
113 | 		It("correctly compares versions", func() {
114 | 			versions := [][2]string{
115 | 				{"1.2.34", "1.2.14"},
116 | 				{"2.5.4", "2.4.4"},
117 | 				{"1.2.3", "0.2.3"},
118 | 				{"0.4.0", "0.3.1"},
119 | 			}
120 | 			for _, v := range versions {
121 | 				// Make sure the first is greater than the second
122 | 				gt, err := version.GreaterThanOrEqualTo(v[0], v[1])
123 | 				Expect(err).NotTo(HaveOccurred())
124 | 				Expect(gt).To(BeTrue())
125 | 
126 | 				// And the opposite
127 | 				gt, err = version.GreaterThanOrEqualTo(v[1], v[0])
128 | 				Expect(err).NotTo(HaveOccurred())
129 | 				Expect(gt).To(BeFalse())
130 | 			}
131 | 		})
132 | 
133 | 		It("returns true when versions are the same", func() {
134 | 			gt, err := version.GreaterThanOrEqualTo("1.2.3", "1.2.3")
135 | 			Expect(err).NotTo(HaveOccurred())
136 | 			Expect(gt).To(BeTrue())
137 | 		})
138 | 
139 | 		It("returns an error for malformed versions", func() {
140 | 			versions := [][2]string{
141 | 				{"1.2.34", "asdadf"},
142 | 				{"adsfad", "2.5.4"},
143 | 			}
144 | 			for _, v := range versions {
145 | 				_, err := version.GreaterThanOrEqualTo(v[0], v[1])
146 | 				Expect(err).To(HaveOccurred())
147 | 			}
148 | 		})
149 | 	})
150 | })
151 | 


--------------------------------------------------------------------------------
/pkg/version/reconcile.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version
16 | 
17 | import "fmt"
18 | 
19 | type ErrorIncompatible struct {
20 | 	Config    string
21 | 	Supported []string
22 | }
23 | 
24 | func (e *ErrorIncompatible) Details() string {
25 | 	return fmt.Sprintf("config is %q, plugin supports %q", e.Config, e.Supported)
26 | }
27 | 
28 | func (e *ErrorIncompatible) Error() string {
29 | 	return fmt.Sprintf("incompatible CNI versions: %s", e.Details())
30 | }
31 | 
32 | type Reconciler struct{}
33 | 
34 | func (r *Reconciler) Check(configVersion string, pluginInfo PluginInfo) *ErrorIncompatible {
35 | 	return r.CheckRaw(configVersion, pluginInfo.SupportedVersions())
36 | }
37 | 
38 | func (*Reconciler) CheckRaw(configVersion string, supportedVersions []string) *ErrorIncompatible {
39 | 	for _, supportedVersion := range supportedVersions {
40 | 		if configVersion == supportedVersion {
41 | 			return nil
42 | 		}
43 | 	}
44 | 
45 | 	return &ErrorIncompatible{
46 | 		Config:    configVersion,
47 | 		Supported: supportedVersions,
48 | 	}
49 | }
50 | 


--------------------------------------------------------------------------------
/pkg/version/reconcile_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version_test
16 | 
17 | import (
18 | 	. "github.com/onsi/ginkgo/v2"
19 | 	. "github.com/onsi/gomega"
20 | 
21 | 	"github.com/containernetworking/cni/pkg/version"
22 | )
23 | 
24 | var _ = Describe("Reconcile versions of net config with versions supported by plugins", func() {
25 | 	var (
26 | 		reconciler *version.Reconciler
27 | 		pluginInfo version.PluginInfo
28 | 	)
29 | 
30 | 	BeforeEach(func() {
31 | 		reconciler = &version.Reconciler{}
32 | 		pluginInfo = version.PluginSupports("1.2.3", "4.3.2")
33 | 	})
34 | 
35 | 	It("succeeds if the config version is supported by the plugin", func() {
36 | 		err := reconciler.Check("4.3.2", pluginInfo)
37 | 		Expect(err).NotTo(HaveOccurred())
38 | 	})
39 | 
40 | 	Context("when the config version is not supported by the plugin", func() {
41 | 		It("returns a helpful error", func() {
42 | 			err := reconciler.Check("0.1.0", pluginInfo)
43 | 
44 | 			Expect(err).To(Equal(&version.ErrorIncompatible{
45 | 				Config:    "0.1.0",
46 | 				Supported: []string{"1.2.3", "4.3.2"},
47 | 			}))
48 | 
49 | 			Expect(err.Error()).To(Equal(`incompatible CNI versions: config is "0.1.0", plugin supports ["1.2.3" "4.3.2"]`))
50 | 		})
51 | 	})
52 | })
53 | 


--------------------------------------------------------------------------------
/pkg/version/testhelpers/testhelpers.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | // Package testhelpers supports testing of CNI components of different versions
 16 | //
 17 | // For example, to build a plugin against an old version of the CNI library,
 18 | // we can pass the plugin's source and the old git commit reference to BuildAt.
 19 | // We could then test how the built binary responds when called by the latest
 20 | // version of this library.
 21 | package testhelpers
 22 | 
 23 | import (
 24 | 	"fmt"
 25 | 	"os"
 26 | 	"os/exec"
 27 | 	"path/filepath"
 28 | 	"strings"
 29 | )
 30 | 
 31 | func run(cmd *exec.Cmd) error {
 32 | 	out, err := cmd.CombinedOutput()
 33 | 	if err != nil {
 34 | 		command := strings.Join(cmd.Args, " ")
 35 | 		return fmt.Errorf("running %q: %s", command, out)
 36 | 	}
 37 | 	return nil
 38 | }
 39 | 
 40 | // unset GOPATH if it's set, so we use modules
 41 | func goBuildEnviron() []string {
 42 | 	out := []string{}
 43 | 	for _, kvp := range os.Environ() {
 44 | 		if !strings.HasPrefix(kvp, "GOPATH=") {
 45 | 			out = append(out, kvp)
 46 | 		}
 47 | 	}
 48 | 	return out
 49 | }
 50 | 
 51 | func buildGoProgram(modPath, outputFilePath string) error {
 52 | 	cmd := exec.Command("go", "build", "-o", outputFilePath, ".")
 53 | 	cmd.Dir = modPath
 54 | 	cmd.Env = goBuildEnviron()
 55 | 	return run(cmd)
 56 | }
 57 | 
 58 | func modInit(path, name string) error {
 59 | 	cmd := exec.Command("go", "mod", "init", name)
 60 | 	cmd.Dir = path
 61 | 	return run(cmd)
 62 | }
 63 | 
 64 | // addLibcni will execute `go mod edit -replace` to fix libcni at a specified version
 65 | func addLibcni(path, gitRef string) error {
 66 | 	cmd := exec.Command("go", "mod", "edit", "-replace=github.com/containernetworking/cni=github.com/containernetworking/cni@"+gitRef)
 67 | 	cmd.Dir = path
 68 | 	return run(cmd)
 69 | }
 70 | 
 71 | // modTidy will execute `go mod tidy` to ensure all necessary dependencies
 72 | func modTidy(path string) error {
 73 | 	cmd := exec.Command("go", "mod", "tidy")
 74 | 	cmd.Dir = path
 75 | 	return run(cmd)
 76 | }
 77 | 
 78 | // BuildAt builds the go programSource using the version of the CNI library
 79 | // at gitRef, and saves the resulting binary file at outputFilePath
 80 | func BuildAt(programSource []byte, gitRef string, outputFilePath string) error {
 81 | 	tempDir, err := os.MkdirTemp(os.Getenv("GOTMPDIR"), "cni-test-")
 82 | 	if err != nil {
 83 | 		return err
 84 | 	}
 85 | 	defer os.RemoveAll(tempDir)
 86 | 
 87 | 	modName := filepath.Base(tempDir)
 88 | 
 89 | 	if err := modInit(tempDir, modName); err != nil {
 90 | 		return err
 91 | 	}
 92 | 
 93 | 	if err := addLibcni(tempDir, gitRef); err != nil {
 94 | 		return err
 95 | 	}
 96 | 
 97 | 	if err := os.WriteFile(filepath.Join(tempDir, "main.go"), programSource, 0o600); err != nil {
 98 | 		return err
 99 | 	}
100 | 
101 | 	if err := modTidy(tempDir); err != nil {
102 | 		return err
103 | 	}
104 | 
105 | 	err = buildGoProgram(tempDir, outputFilePath)
106 | 	if err != nil {
107 | 		return fmt.Errorf("failed to build: %w", err)
108 | 	}
109 | 
110 | 	return nil
111 | }
112 | 


--------------------------------------------------------------------------------
/pkg/version/testhelpers/testhelpers_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package testhelpers_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestTesthelpers(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Testhelpers Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/version/testhelpers/testhelpers_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //	http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | package testhelpers
15 | 
16 | import (
17 | 	"os"
18 | 	"os/exec"
19 | 	"path/filepath"
20 | 	"runtime"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | var _ = Describe("BuildAt", func() {
27 | 	var (
28 | 		gitRef         string
29 | 		outputFilePath string
30 | 		outputDir      string
31 | 		programSource  []byte
32 | 	)
33 | 	BeforeEach(func() {
34 | 		programSource = []byte(`package main
35 | 
36 | import "github.com/containernetworking/cni/pkg/skel"
37 | 
38 | func c(_ *skel.CmdArgs) error { return nil }
39 | 
40 | func main() { skel.PluginMain(c, c) }
41 | `)
42 | 		gitRef = "f4364185253"
43 | 
44 | 		var err error
45 | 		outputDir, err = os.MkdirTemp("", "bin")
46 | 		Expect(err).NotTo(HaveOccurred())
47 | 		outputFilePath = filepath.Join(outputDir, "some-binary")
48 | 		if runtime.GOOS == "windows" {
49 | 			outputFilePath += ".exe"
50 | 		}
51 | 	})
52 | 
53 | 	AfterEach(func() {
54 | 		Expect(os.RemoveAll(outputDir)).To(Succeed())
55 | 	})
56 | 
57 | 	It("builds the provided source code using the CNI library at the given git ref", func() {
58 | 		Expect(outputFilePath).NotTo(BeAnExistingFile())
59 | 
60 | 		err := BuildAt(programSource, gitRef, outputFilePath)
61 | 		Expect(err).NotTo(HaveOccurred())
62 | 
63 | 		Expect(outputFilePath).To(BeAnExistingFile())
64 | 
65 | 		cmd := exec.Command(outputFilePath)
66 | 		cmd.Env = []string{"CNI_COMMAND=VERSION"}
67 | 		output, err := cmd.CombinedOutput()
68 | 		Expect(err).To(BeAssignableToTypeOf(&exec.ExitError{}))
69 | 		Expect(output).To(ContainSubstring("unknown CNI_COMMAND: VERSION"))
70 | 	})
71 | })
72 | 


--------------------------------------------------------------------------------
/pkg/version/version.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version
16 | 
17 | import (
18 | 	"encoding/json"
19 | 	"fmt"
20 | 
21 | 	"github.com/containernetworking/cni/pkg/types"
22 | 	"github.com/containernetworking/cni/pkg/types/create"
23 | )
24 | 
25 | // Current reports the version of the CNI spec implemented by this library
26 | func Current() string {
27 | 	return "1.1.0"
28 | }
29 | 
30 | // Legacy PluginInfo describes a plugin that is backwards compatible with the
31 | // CNI spec version 0.1.0.  In particular, a runtime compiled against the 0.1.0
32 | // library ought to work correctly with a plugin that reports support for
33 | // Legacy versions.
34 | //
35 | // Any future CNI spec versions which meet this definition should be added to
36 | // this list.
37 | var (
38 | 	Legacy = PluginSupports("0.1.0", "0.2.0")
39 | 	All    = PluginSupports("0.1.0", "0.2.0", "0.3.0", "0.3.1", "0.4.0", "1.0.0", "1.1.0")
40 | )
41 | 
42 | // VersionsFrom returns a list of versions starting from min, inclusive
43 | func VersionsStartingFrom(min string) PluginInfo {
44 | 	out := []string{}
45 | 	// cheat, just assume ordered
46 | 	ok := false
47 | 	for _, v := range All.SupportedVersions() {
48 | 		if !ok && v == min {
49 | 			ok = true
50 | 		}
51 | 		if ok {
52 | 			out = append(out, v)
53 | 		}
54 | 	}
55 | 	return PluginSupports(out...)
56 | }
57 | 
58 | // Finds a Result object matching the requested version (if any) and asks
59 | // that object to parse the plugin result, returning an error if parsing failed.
60 | func NewResult(version string, resultBytes []byte) (types.Result, error) {
61 | 	return create.Create(version, resultBytes)
62 | }
63 | 
64 | // ParsePrevResult parses a prevResult in a NetConf structure and sets
65 | // the NetConf's PrevResult member to the parsed Result object.
66 | func ParsePrevResult(conf *types.PluginConf) error {
67 | 	if conf.RawPrevResult == nil {
68 | 		return nil
69 | 	}
70 | 
71 | 	// Prior to 1.0.0, Result types may not marshal a CNIVersion. Since the
72 | 	// result version must match the config version, if the Result's version
73 | 	// is empty, inject the config version.
74 | 	if ver, ok := conf.RawPrevResult["CNIVersion"]; !ok || ver == "" {
75 | 		conf.RawPrevResult["CNIVersion"] = conf.CNIVersion
76 | 	}
77 | 
78 | 	resultBytes, err := json.Marshal(conf.RawPrevResult)
79 | 	if err != nil {
80 | 		return fmt.Errorf("could not serialize prevResult: %w", err)
81 | 	}
82 | 
83 | 	conf.RawPrevResult = nil
84 | 	conf.PrevResult, err = create.Create(conf.CNIVersion, resultBytes)
85 | 	if err != nil {
86 | 		return fmt.Errorf("could not parse prevResult: %w", err)
87 | 	}
88 | 
89 | 	return nil
90 | }
91 | 


--------------------------------------------------------------------------------
/pkg/version/version_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package version_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | )
23 | 
24 | func TestVersion(t *testing.T) {
25 | 	RegisterFailHandler(Fail)
26 | 	RunSpecs(t, "Version Suite")
27 | }
28 | 


--------------------------------------------------------------------------------
/pkg/version/version_test.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2018 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | // http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package version_test
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"net"
 20 | 	"reflect"
 21 | 
 22 | 	. "github.com/onsi/ginkgo/v2"
 23 | 	. "github.com/onsi/gomega"
 24 | 
 25 | 	"github.com/containernetworking/cni/pkg/types"
 26 | 	cniv1 "github.com/containernetworking/cni/pkg/types/100"
 27 | 	"github.com/containernetworking/cni/pkg/version"
 28 | )
 29 | 
 30 | var _ = Describe("Version operations", func() {
 31 | 	It("computes a list of versions correctly", func() {
 32 | 		actual := version.VersionsStartingFrom("0.3.1")
 33 | 		Expect(actual.SupportedVersions()).To(Equal([]string{"0.3.1", "0.4.0", "1.0.0", "1.1.0"}))
 34 | 	})
 35 | 
 36 | 	Context("when a prevResult is available", func() {
 37 | 		It("parses the prevResult", func() {
 38 | 			rawBytes := []byte(`{
 39 | 				"cniVersion": "1.0.0",
 40 | 				"interfaces": [
 41 | 					{
 42 | 						"name":        "eth0",
 43 | 						"mac":         "00:11:22:33:44:55",
 44 | 						"sandbox":     "/proc/3553/ns/net",
 45 | 						"pciID":       "8086:9a01",
 46 | 						"socketPath":  "/path/to/vhost/fd"
 47 | 					}
 48 | 				],
 49 | 				"ips": [
 50 | 					{
 51 | 						"version": "4",
 52 | 						"interface": 0,
 53 | 						"address": "1.2.3.30/24",
 54 | 						"gateway": "1.2.3.1"
 55 | 					}
 56 | 				]
 57 | 			}`)
 58 | 			var raw map[string]interface{}
 59 | 			err := json.Unmarshal(rawBytes, &raw)
 60 | 			Expect(err).NotTo(HaveOccurred())
 61 | 
 62 | 			conf := &types.PluginConf{
 63 | 				CNIVersion:    "1.0.0",
 64 | 				Name:          "foobar",
 65 | 				Type:          "baz",
 66 | 				RawPrevResult: raw,
 67 | 			}
 68 | 
 69 | 			err = version.ParsePrevResult(conf)
 70 | 			Expect(err).NotTo(HaveOccurred())
 71 | 			expectedResult := &cniv1.Result{
 72 | 				CNIVersion: "1.0.0",
 73 | 				Interfaces: []*cniv1.Interface{
 74 | 					{
 75 | 						Name:       "eth0",
 76 | 						Mac:        "00:11:22:33:44:55",
 77 | 						Sandbox:    "/proc/3553/ns/net",
 78 | 						PciID:      "8086:9a01",
 79 | 						SocketPath: "/path/to/vhost/fd",
 80 | 					},
 81 | 				},
 82 | 				IPs: []*cniv1.IPConfig{
 83 | 					{
 84 | 						Interface: cniv1.Int(0),
 85 | 						Address: net.IPNet{
 86 | 							IP:   net.ParseIP("1.2.3.30"),
 87 | 							Mask: net.IPv4Mask(255, 255, 255, 0),
 88 | 						},
 89 | 						Gateway: net.ParseIP("1.2.3.1"),
 90 | 					},
 91 | 				},
 92 | 			}
 93 | 			Expect(reflect.DeepEqual(conf.PrevResult, expectedResult)).To(BeTrue())
 94 | 		})
 95 | 
 96 | 		It("fails if the prevResult version is unknown", func() {
 97 | 			conf := &types.PluginConf{
 98 | 				CNIVersion: version.Current(),
 99 | 				Name:       "foobar",
100 | 				Type:       "baz",
101 | 				RawPrevResult: map[string]interface{}{
102 | 					"cniVersion": "5678.456",
103 | 				},
104 | 			}
105 | 
106 | 			err := version.ParsePrevResult(conf)
107 | 			Expect(err).To(MatchError(`could not parse prevResult: result type supports [1.0.0 1.1.0] but unmarshalled CNIVersion is "5678.456"`))
108 | 		})
109 | 
110 | 		It("fails if the prevResult version does not match the prevResult version", func() {
111 | 			conf := &types.PluginConf{
112 | 				CNIVersion: version.Current(),
113 | 				Name:       "foobar",
114 | 				Type:       "baz",
115 | 				RawPrevResult: map[string]interface{}{
116 | 					"cniVersion": "0.2.0",
117 | 					"ip4": map[string]interface{}{
118 | 						"ip":      "1.2.3.30/24",
119 | 						"gateway": "1.2.3.1",
120 | 					},
121 | 				},
122 | 			}
123 | 
124 | 			err := version.ParsePrevResult(conf)
125 | 			Expect(err).To(MatchError("could not parse prevResult: result type supports [1.0.0 1.1.0] but unmarshalled CNIVersion is \"0.2.0\""))
126 | 		})
127 | 	})
128 | 
129 | 	Context("when a prevResult is not available", func() {
130 | 		It("does not fail", func() {
131 | 			conf := &types.PluginConf{
132 | 				CNIVersion: version.Current(),
133 | 				Name:       "foobar",
134 | 				Type:       "baz",
135 | 			}
136 | 
137 | 			err := version.ParsePrevResult(conf)
138 | 			Expect(err).NotTo(HaveOccurred())
139 | 			Expect(conf.PrevResult).To(BeNil())
140 | 		})
141 | 	})
142 | 
143 | 	Context("version parsing", func() {
144 | 		It("parses versions correctly", func() {
145 | 			v1 := "1.1.0"
146 | 			v2 := "1.1.1"
147 | 
148 | 			check := func(a, b string, want bool) {
149 | 				GinkgoHelper()
150 | 				gt, err := version.GreaterThan(a, b)
151 | 				Expect(err).NotTo(HaveOccurred())
152 | 				Expect(gt).To(Equal(want))
153 | 			}
154 | 
155 | 			check(v1, v2, false)
156 | 			check(v2, v1, true)
157 | 			check(v2, v2, false)
158 | 		})
159 | 	})
160 | })
161 | 


--------------------------------------------------------------------------------
/plugins/debug/README.md:
--------------------------------------------------------------------------------
 1 | # debug plugin
 2 | 
 3 | ## Overview
 4 | 
 5 | This plugin aims to help debugging or troubleshooting in CNI plugin development.
 6 | 
 7 | ## Example Configuration
 8 | 
 9 | ```
10 | {
11 |         "cniVersion": "0.3.1",
12 |         "name": "mynet",
13 |         "plugins": [
14 |                 {
15 |                         "type": "ptp",
16 |                         "ipMasq": true,
17 |                         "ipam": {
18 |                                 "type": "host-local",
19 |                                 "subnet": "172.16.30.0/24",
20 |                                 "routes": [
21 |                                         {
22 |                                                 "dst": "0.0.0.0/0"
23 |                                         }
24 |                                 ]
25 |                         }
26 |                 },
27 |                 {
28 |                         "type": "debug",
29 |                         "cniOutput": "/tmp/cni_output.txt",
30 |                         "addHooks": [
31 |                                 [ "sh", "-c", "ip link set $CNI_IFNAME promisc on" ]
32 |                         ]
33 |                 },
34 |                 {
35 |                         "type": "portmap",
36 |                         "capabilities": {"portMappings": true},
37 |                         "externalSetMarkChain": "KUBE-MARK-MASQ"
38 |                 }
39 |         ]
40 | }
41 | ```
42 | 
43 | ## Config Reference
44 | 
45 | * `cniOutput` (string, optional): output CNI request into file.
46 | * `addHooks` (string array, optional): commands executed in container network namespace at interface add.
47 |    (note: but just execute it and does not catch command failure)
48 | * `delHooks` (string array, optional): commands executed in container network namespace at interface delete.
49 |    (note: but just execute it and does not catch command failure)
50 | * `checkHooks` (string array, optional): commands executed in container network namespace at interface check.
51 |    (note: but just execute it and does not catch command failure)
52 | 
53 | ### Sample CNI Ouput
54 | 
55 | ```
56 | CmdAdd
57 | ContainerID: cnitool-20c433bb2b1d6ede56d6
58 | Netns: /var/run/netns/cnitest
59 | IfName: eth0
60 | Args: 
61 | Path: /opt/cni/bin
62 | StdinData: {"cniOutput":"/tmp/cni_output.txt","cniVersion":"0.3.1","name":"test","prevResult":{"cniVersion":"0.3.1","interfaces":[{"name":"veth92e295cc","mac":"56:22:7f:b7:5b:75"},{"name":"eth0","mac":"46:b3:f3:77:bf:21","sandbox":"/var/run/netns/cnitest"}],"ips":[{"version":"4","interface":1,"address":"10.1.1.2/24","gateway":"10.1.1.1"}],"dns":{"nameservers":["10.64.255.25","8.8.8.8"]}},"type":"none"}
63 | ----------------------
64 | CmdDel
65 | ContainerID: cnitool-20c433bb2b1d6ede56d6
66 | Netns: /var/run/netns/cnitest
67 | IfName: eth0
68 | Args: 
69 | Path: /opt/cni/bin
70 | StdinData: {"cniOutput":"/tmp/cni_output.txt","cniVersion":"0.3.1","name":"test","type":"none"}
71 | ----------------------
72 | ```
73 | 


--------------------------------------------------------------------------------
/plugins/debug/go.mod:
--------------------------------------------------------------------------------
 1 | module github.com/containernetworking/cni/plugins/debug
 2 | 
 3 | go 1.21
 4 | 
 5 | require (
 6 | 	github.com/containernetworking/cni v1.1.2
 7 | 	github.com/containernetworking/plugins v1.4.0
 8 | )
 9 | 
10 | require (
11 | 	github.com/vishvananda/netns v0.0.4 // indirect
12 | 	golang.org/x/sys v0.15.0 // indirect
13 | )
14 | 
15 | replace github.com/containernetworking/cni => ../..
16 | 


--------------------------------------------------------------------------------
/plugins/debug/go.sum:
--------------------------------------------------------------------------------
 1 | github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7wwSv9iTbXzzic=
 2 | github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0=
 3 | github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY=
 4 | github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 5 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
 6 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
 7 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 8 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 9 | github.com/google/pprof v0.0.0-20230323073829-e72429f035bd h1:r8yyd+DJDmsUhGrRBxH5Pj7KeFK5l+Y3FsgT8keqKtk=
10 | github.com/google/pprof v0.0.0-20230323073829-e72429f035bd/go.mod h1:79YE0hCXdHag9sBkw2o+N/YnZtTkXi0UT9Nnixa5eYk=
11 | github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs=
12 | github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM=
13 | github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8=
14 | github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
15 | github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
16 | github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
17 | golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
18 | golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
19 | golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
20 | golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
21 | golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
22 | golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
23 | golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
24 | golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
25 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
26 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
27 | 


--------------------------------------------------------------------------------
/plugins/debug/main.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2021 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | package main
 16 | 
 17 | import (
 18 | 	"encoding/json"
 19 | 	"fmt"
 20 | 	"io"
 21 | 	"os"
 22 | 	"os/exec"
 23 | 
 24 | 	"github.com/containernetworking/plugins/pkg/ns"
 25 | 	bv "github.com/containernetworking/plugins/pkg/utils/buildversion"
 26 | 
 27 | 	"github.com/containernetworking/cni/pkg/skel"
 28 | 	"github.com/containernetworking/cni/pkg/types"
 29 | 	type100 "github.com/containernetworking/cni/pkg/types/100"
 30 | 	"github.com/containernetworking/cni/pkg/version"
 31 | )
 32 | 
 33 | type NetConf struct {
 34 | 	types.NetConf
 35 | 	CNIOutput  string     `json:"cniOutput,omitempty"`
 36 | 	AddHooks   [][]string `json:"addHooks,omitempty"`
 37 | 	DelHooks   [][]string `json:"delHooks,omitempty"`
 38 | 	CheckHooks [][]string `json:"checkHooks,omitempty"`
 39 | }
 40 | 
 41 | func main() {
 42 | 	skel.PluginMain(cmdAdd, cmdCheck, cmdDel, version.All, bv.BuildString("none"))
 43 | }
 44 | 
 45 | func outputCmdArgs(fp io.Writer, args *skel.CmdArgs) {
 46 | 	fmt.Fprintf(fp, `ContainerID: %s
 47 | Netns: %s
 48 | IfName: %s
 49 | Args: %s
 50 | Path: %s
 51 | StdinData: %s
 52 | ----------------------
 53 | `,
 54 | 		args.ContainerID,
 55 | 		args.Netns,
 56 | 		args.IfName,
 57 | 		args.Args,
 58 | 		args.Path,
 59 | 		string(args.StdinData))
 60 | }
 61 | 
 62 | func parseConf(data []byte) (*NetConf, error) {
 63 | 	conf := &NetConf{}
 64 | 	if err := json.Unmarshal(data, &conf); err != nil {
 65 | 		return nil, fmt.Errorf("failed to parse")
 66 | 	}
 67 | 
 68 | 	return conf, nil
 69 | }
 70 | 
 71 | func getResult(netConf *NetConf) *type100.Result {
 72 | 	if netConf.RawPrevResult == nil {
 73 | 		return &type100.Result{}
 74 | 	}
 75 | 
 76 | 	version.ParsePrevResult(&netConf.NetConf)
 77 | 	result, _ := type100.NewResultFromResult(netConf.PrevResult)
 78 | 	return result
 79 | }
 80 | 
 81 | func executeHooks(netnsName string, hooks [][]string) {
 82 | 	netns, err := ns.GetNS(netnsName)
 83 | 	if err != nil {
 84 | 		return
 85 | 	}
 86 | 	defer netns.Close()
 87 | 
 88 | 	netns.Do(func(_ ns.NetNS) error {
 89 | 		for _, hookStrs := range hooks {
 90 | 			hookCmd := hookStrs[0]
 91 | 			hookArgs := hookStrs[1:]
 92 | 			output, err := exec.Command(hookCmd, hookArgs...).Output()
 93 | 			if err != nil {
 94 | 				fmt.Fprintf(os.Stderr, "OUTPUT: %v", output)
 95 | 				fmt.Fprintf(os.Stderr, "ERR: %v", err)
 96 | 			}
 97 | 		}
 98 | 		return nil
 99 | 	})
100 | }
101 | 
102 | func cmdAdd(args *skel.CmdArgs) error {
103 | 	netConf, _ := parseConf(args.StdinData)
104 | 	// Output CNI
105 | 	if netConf.CNIOutput != "" {
106 | 		fp, _ := os.OpenFile(netConf.CNIOutput, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0o644)
107 | 		defer fp.Close()
108 | 		fmt.Fprintf(fp, "CmdAdd\n")
109 | 		outputCmdArgs(fp, args)
110 | 	}
111 | 	// call hooks
112 | 	if netConf.AddHooks != nil {
113 | 		executeHooks(args.Netns, netConf.AddHooks)
114 | 	}
115 | 	return types.PrintResult(getResult(netConf), netConf.CNIVersion)
116 | }
117 | 
118 | func cmdDel(args *skel.CmdArgs) error {
119 | 	netConf, _ := parseConf(args.StdinData)
120 | 	// Output CNI
121 | 	if netConf.CNIOutput != "" {
122 | 		fp, _ := os.OpenFile(netConf.CNIOutput, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0o644)
123 | 		defer fp.Close()
124 | 		fmt.Fprintf(fp, "CmdDel\n")
125 | 		outputCmdArgs(fp, args)
126 | 	}
127 | 	// call hooks
128 | 	if netConf.DelHooks != nil {
129 | 		executeHooks(args.Netns, netConf.DelHooks)
130 | 	}
131 | 	return types.PrintResult(&type100.Result{}, netConf.CNIVersion)
132 | }
133 | 
134 | func cmdCheck(args *skel.CmdArgs) error {
135 | 	netConf, _ := parseConf(args.StdinData)
136 | 	// Output CNI
137 | 	if netConf.CNIOutput != "" {
138 | 		fp, _ := os.OpenFile(netConf.CNIOutput, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0o644)
139 | 		defer fp.Close()
140 | 		fmt.Fprintf(fp, "CmdCheck\n")
141 | 		outputCmdArgs(fp, args)
142 | 	}
143 | 	// call hooks
144 | 	if netConf.CheckHooks != nil {
145 | 		executeHooks(args.Netns, netConf.CheckHooks)
146 | 	}
147 | 	return types.PrintResult(&type100.Result{}, netConf.CNIVersion)
148 | }
149 | 


--------------------------------------------------------------------------------
/plugins/test/noop/debug/debug.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | // debug supports tests that use the noop plugin
 16 | package debug
 17 | 
 18 | import (
 19 | 	"encoding/json"
 20 | 	"os"
 21 | 
 22 | 	"github.com/containernetworking/cni/pkg/skel"
 23 | )
 24 | 
 25 | const EmptyReportResultMessage = "set debug.ReportResult and call debug.WriteDebug() before calling this plugin"
 26 | 
 27 | // Debug is used to control and record the behavior of the noop plugin
 28 | type Debug struct {
 29 | 	// Report* fields allow the test to control the behavior of the no-op plugin
 30 | 	ReportResult         string
 31 | 	ReportError          string
 32 | 	ReportErrorCode      uint
 33 | 	ReportStderr         string
 34 | 	ReportVersionSupport []string
 35 | 	ExitWithCode         int
 36 | 
 37 | 	// Command stores the CNI command that the plugin received
 38 | 	Command string
 39 | 
 40 | 	// CmdArgs stores the CNI Args and Env Vars that the plugin received
 41 | 	CmdArgs skel.CmdArgs
 42 | }
 43 | 
 44 | // CmdLogEntry records a single CNI command as well as its args
 45 | type CmdLogEntry struct {
 46 | 	Command string
 47 | 	CmdArgs skel.CmdArgs
 48 | }
 49 | 
 50 | // CmdLog records a list of CmdLogEntry received by the noop plugin
 51 | type CmdLog []CmdLogEntry
 52 | 
 53 | // ReadDebug will return a debug file recorded by the noop plugin
 54 | func ReadDebug(debugFilePath string) (*Debug, error) {
 55 | 	debugBytes, err := os.ReadFile(debugFilePath)
 56 | 	if err != nil {
 57 | 		return nil, err
 58 | 	}
 59 | 
 60 | 	var debug Debug
 61 | 	err = json.Unmarshal(debugBytes, &debug)
 62 | 	if err != nil {
 63 | 		return nil, err
 64 | 	}
 65 | 
 66 | 	return &debug, nil
 67 | }
 68 | 
 69 | // WriteDebug will create a debug file to control the noop plugin
 70 | func (debug *Debug) WriteDebug(debugFilePath string) error {
 71 | 	debugBytes, err := json.Marshal(debug)
 72 | 	if err != nil {
 73 | 		return err
 74 | 	}
 75 | 
 76 | 	err = os.WriteFile(debugFilePath, debugBytes, 0o600)
 77 | 	if err != nil {
 78 | 		return err
 79 | 	}
 80 | 
 81 | 	return nil
 82 | }
 83 | 
 84 | // WriteCommandLog appends the executed cni command to the record file
 85 | func WriteCommandLog(path string, entry CmdLogEntry) error {
 86 | 	buf, err := os.ReadFile(path)
 87 | 	if err != nil {
 88 | 		return err
 89 | 	}
 90 | 	var cmds CmdLog
 91 | 	if len(buf) > 0 {
 92 | 		if err = json.Unmarshal(buf, &cmds); err != nil {
 93 | 			return err
 94 | 		}
 95 | 	}
 96 | 	cmds = append(cmds, entry)
 97 | 	if buf, err = json.Marshal(&cmds); err != nil {
 98 | 		return nil
 99 | 	}
100 | 	return os.WriteFile(path, buf, 0o644)
101 | }
102 | 
103 | func ReadCommandLog(path string) (CmdLog, error) {
104 | 	buf, err := os.ReadFile(path)
105 | 	if err != nil {
106 | 		return nil, err
107 | 	}
108 | 	var cmds CmdLog
109 | 	if err = json.Unmarshal(buf, &cmds); err != nil {
110 | 		return nil, err
111 | 	}
112 | 	return cmds, nil
113 | }
114 | 


--------------------------------------------------------------------------------
/plugins/test/noop/main.go:
--------------------------------------------------------------------------------
  1 | // Copyright 2016 CNI authors
  2 | //
  3 | // Licensed under the Apache License, Version 2.0 (the "License");
  4 | // you may not use this file except in compliance with the License.
  5 | // You may obtain a copy of the License at
  6 | //
  7 | //     http://www.apache.org/licenses/LICENSE-2.0
  8 | //
  9 | // Unless required by applicable law or agreed to in writing, software
 10 | // distributed under the License is distributed on an "AS IS" BASIS,
 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 | // See the License for the specific language governing permissions and
 13 | // limitations under the License.
 14 | 
 15 | /*
 16 | Noop plugin is a CNI plugin designed for use as a test-double.
 17 | 
 18 | When calling, set the CNI_ARGS env var equal to the path of a file containing
 19 | the JSON encoding of a Debug.
 20 | */
 21 | 
 22 | package main
 23 | 
 24 | import (
 25 | 	"encoding/json"
 26 | 	"fmt"
 27 | 	"io"
 28 | 	"os"
 29 | 	"strings"
 30 | 
 31 | 	"github.com/containernetworking/cni/pkg/skel"
 32 | 	"github.com/containernetworking/cni/pkg/types"
 33 | 	current "github.com/containernetworking/cni/pkg/types/100"
 34 | 	"github.com/containernetworking/cni/pkg/version"
 35 | 	noop_debug "github.com/containernetworking/cni/plugins/test/noop/debug"
 36 | )
 37 | 
 38 | type NetConf struct {
 39 | 	types.PluginConf
 40 | 	DebugFile  string `json:"debugFile"`
 41 | 	CommandLog string `json:"commandLog"`
 42 | }
 43 | 
 44 | func loadConf(bytes []byte) (*NetConf, error) {
 45 | 	n := &NetConf{}
 46 | 	if err := json.Unmarshal(bytes, n); err != nil {
 47 | 		return nil, fmt.Errorf("failed to load netconf: %w %q", err, string(bytes))
 48 | 	}
 49 | 	if err := version.ParsePrevResult(&n.PluginConf); err != nil {
 50 | 		return nil, err
 51 | 	}
 52 | 	return n, nil
 53 | }
 54 | 
 55 | // parse extra args i.e. FOO=BAR;ABC=123
 56 | func parseExtraArgs(args string) (map[string]string, error) {
 57 | 	m := make(map[string]string)
 58 | 	if len(args) == 0 {
 59 | 		return m, nil
 60 | 	}
 61 | 
 62 | 	items := strings.Split(args, ";")
 63 | 	for _, item := range items {
 64 | 		kv := strings.Split(item, "=")
 65 | 		if len(kv) != 2 {
 66 | 			return nil, fmt.Errorf("CNI_ARGS invalid key/value pair: %s", kv)
 67 | 		}
 68 | 		m[kv[0]] = kv[1]
 69 | 	}
 70 | 	return m, nil
 71 | }
 72 | 
 73 | func getConfig(stdinData []byte, args string) (string, *NetConf, error) {
 74 | 	netConf, err := loadConf(stdinData)
 75 | 	if err != nil {
 76 | 		return "", nil, err
 77 | 	}
 78 | 
 79 | 	extraArgs, err := parseExtraArgs(args)
 80 | 	if err != nil {
 81 | 		return "", nil, err
 82 | 	}
 83 | 
 84 | 	debugFilePath, ok := extraArgs["DEBUG"]
 85 | 	if !ok {
 86 | 		debugFilePath = netConf.DebugFile
 87 | 	}
 88 | 
 89 | 	return debugFilePath, netConf, nil
 90 | }
 91 | 
 92 | func debugBehavior(args *skel.CmdArgs, command string) error {
 93 | 	debugFilePath, netConf, err := getConfig(args.StdinData, args.Args)
 94 | 	if err != nil {
 95 | 		return err
 96 | 	}
 97 | 
 98 | 	if debugFilePath == "" {
 99 | 		fmt.Printf(`{}`)
100 | 		_, err = os.Stderr.WriteString("CNI_ARGS or config empty, no debug behavior\n")
101 | 		if err != nil {
102 | 			return err
103 | 		}
104 | 		return nil
105 | 	}
106 | 
107 | 	debug, err := noop_debug.ReadDebug(debugFilePath)
108 | 	if err != nil {
109 | 		return err
110 | 	}
111 | 
112 | 	debug.CmdArgs = *args
113 | 	debug.Command = command
114 | 
115 | 	err = debug.WriteDebug(debugFilePath)
116 | 	if err != nil {
117 | 		return err
118 | 	}
119 | 
120 | 	if netConf.CommandLog != "" {
121 | 		if err = noop_debug.WriteCommandLog(
122 | 			netConf.CommandLog,
123 | 			noop_debug.CmdLogEntry{
124 | 				Command: command,
125 | 				CmdArgs: *args,
126 | 			}); err != nil {
127 | 			return err
128 | 		}
129 | 	}
130 | 
131 | 	if debug.ReportStderr != "" {
132 | 		if _, err = os.Stderr.WriteString(debug.ReportStderr); err != nil {
133 | 			return err
134 | 		}
135 | 	}
136 | 	switch {
137 | 	case debug.ReportError != "":
138 | 		ec := debug.ReportErrorCode
139 | 		if ec == 0 {
140 | 			ec = types.ErrInternal
141 | 		}
142 | 		return &types.Error{
143 | 			Msg:  debug.ReportError,
144 | 			Code: ec,
145 | 		}
146 | 	case debug.ReportResult == "PASSTHROUGH" || debug.ReportResult == "INJECT-DNS":
147 | 		prevResult := netConf.PrevResult
148 | 		if debug.ReportResult == "INJECT-DNS" {
149 | 			newResult, err := current.NewResultFromResult(netConf.PrevResult)
150 | 			if err != nil {
151 | 				return err
152 | 			}
153 | 			newResult.DNS.Nameservers = []string{"1.2.3.4"}
154 | 			prevResult = newResult
155 | 		}
156 | 
157 | 		// Must print the prevResult as the CNIVersion of the config
158 | 		newResult, err := prevResult.GetAsVersion(netConf.CNIVersion)
159 | 		if err != nil {
160 | 			return fmt.Errorf("failed to convert result to config %q: %w", netConf.CNIVersion, err)
161 | 		}
162 | 		resultBytes, err := json.Marshal(newResult)
163 | 		if err != nil {
164 | 			return fmt.Errorf("failed to marshal new result: %w", err)
165 | 		}
166 | 		_, err = os.Stdout.WriteString(string(resultBytes))
167 | 		if err != nil {
168 | 			return err
169 | 		}
170 | 	case debug.ReportResult != "":
171 | 		_, err = os.Stdout.WriteString(debug.ReportResult)
172 | 		if err != nil {
173 | 			return err
174 | 		}
175 | 	}
176 | 
177 | 	if debug.ExitWithCode > 0 {
178 | 		os.Exit(debug.ExitWithCode)
179 | 	}
180 | 	return nil
181 | }
182 | 
183 | func debugGetSupportedVersions(stdinData []byte) []string {
184 | 	vers := []string{"0.-42.0", "0.1.0", "0.2.0", "0.3.0", "0.3.1", "0.4.0", "1.0.0", "1.1.0"}
185 | 	cniArgs := os.Getenv("CNI_ARGS")
186 | 	if cniArgs == "" {
187 | 		return vers
188 | 	}
189 | 
190 | 	debugFilePath, _, err := getConfig(stdinData, cniArgs)
191 | 	if err != nil {
192 | 		panic("test setup error: unable to get debug file path: " + err.Error())
193 | 	}
194 | 
195 | 	debug, err := noop_debug.ReadDebug(debugFilePath)
196 | 	if err != nil {
197 | 		panic("test setup error: unable to read debug file: " + err.Error())
198 | 	}
199 | 	if debug.ReportVersionSupport == nil {
200 | 		return vers
201 | 	}
202 | 	return debug.ReportVersionSupport
203 | }
204 | 
205 | func cmdAdd(args *skel.CmdArgs) error {
206 | 	return debugBehavior(args, "ADD")
207 | }
208 | 
209 | func cmdCheck(args *skel.CmdArgs) error {
210 | 	return debugBehavior(args, "CHECK")
211 | }
212 | 
213 | func cmdDel(args *skel.CmdArgs) error {
214 | 	return debugBehavior(args, "DEL")
215 | }
216 | 
217 | func cmdGC(args *skel.CmdArgs) error {
218 | 	return debugBehavior(args, "GC")
219 | }
220 | 
221 | func cmdStatus(args *skel.CmdArgs) error {
222 | 	return debugBehavior(args, "STATUS")
223 | }
224 | 
225 | func saveStdin() ([]byte, error) {
226 | 	// Read original stdin
227 | 	stdinData, err := io.ReadAll(os.Stdin)
228 | 	if err != nil {
229 | 		return nil, err
230 | 	}
231 | 
232 | 	// Make a new pipe for stdin, and write original stdin data to it
233 | 	r, w, err := os.Pipe()
234 | 	if err != nil {
235 | 		return nil, err
236 | 	}
237 | 	if _, err := w.Write(stdinData); err != nil {
238 | 		return nil, err
239 | 	}
240 | 	if err := w.Close(); err != nil {
241 | 		return nil, err
242 | 	}
243 | 
244 | 	os.Stdin = r
245 | 	return stdinData, nil
246 | }
247 | 
248 | func main() {
249 | 	// Grab and read stdin before pkg/skel gets it
250 | 	stdinData, err := saveStdin()
251 | 	if err != nil {
252 | 		panic("test setup error: unable to read stdin: " + err.Error())
253 | 	}
254 | 
255 | 	supportedVersions := debugGetSupportedVersions(stdinData)
256 | 	skel.PluginMainFuncs(skel.CNIFuncs{
257 | 		Add:    cmdAdd,
258 | 		Check:  cmdCheck,
259 | 		Del:    cmdDel,
260 | 		GC:     cmdGC,
261 | 		Status: cmdStatus,
262 | 	}, version.PluginSupports(supportedVersions...), "CNI noop plugin v0.7.0")
263 | }
264 | 


--------------------------------------------------------------------------------
/plugins/test/noop/noop_suite_test.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2016 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | package main_test
16 | 
17 | import (
18 | 	"testing"
19 | 
20 | 	. "github.com/onsi/ginkgo/v2"
21 | 	. "github.com/onsi/gomega"
22 | 	"github.com/onsi/gomega/gexec"
23 | )
24 | 
25 | func TestNoop(t *testing.T) {
26 | 	RegisterFailHandler(Fail)
27 | 	RunSpecs(t, "No-op plugin Suite")
28 | }
29 | 
30 | const packagePath = "github.com/containernetworking/cni/plugins/test/noop"
31 | 
32 | var pathToPlugin string
33 | 
34 | var _ = SynchronizedBeforeSuite(func() []byte {
35 | 	var err error
36 | 	pathToPlugin, err = gexec.Build(packagePath)
37 | 	Expect(err).NotTo(HaveOccurred())
38 | 	return []byte(pathToPlugin)
39 | }, func(crossNodeData []byte) {
40 | 	pathToPlugin = string(crossNodeData)
41 | })
42 | 
43 | var _ = SynchronizedAfterSuite(func() {}, func() {
44 | 	gexec.CleanupBuildArtifacts()
45 | })
46 | 


--------------------------------------------------------------------------------
/plugins/test/sleep/main.go:
--------------------------------------------------------------------------------
 1 | // Copyright 2018 CNI authors
 2 | //
 3 | // Licensed under the Apache License, Version 2.0 (the "License");
 4 | // you may not use this file except in compliance with the License.
 5 | // You may obtain a copy of the License at
 6 | //
 7 | //     http://www.apache.org/licenses/LICENSE-2.0
 8 | //
 9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 | 
15 | /*
16 | main plugin is a CNI plugin designed for test the plugin running timeout.
17 | */
18 | 
19 | package main
20 | 
21 | import (
22 | 	"time"
23 | )
24 | 
25 | func main() {
26 | 	time.Sleep(60 * time.Second)
27 | }
28 | 


--------------------------------------------------------------------------------
/scripts/docker-run.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Run a docker container with network namespace set up by the
 4 | # CNI plugins.
 5 | 
 6 | # Example usage: ./docker-run.sh --rm busybox /sbin/ifconfig
 7 | 
 8 | contid=$(docker run -d --net=none busybox:latest /bin/sleep 10000000)
 9 | pid=$(docker inspect -f '{{ .State.Pid }}' $contid)
10 | netnspath=/proc/$pid/ns/net
11 | 
12 | ./exec-plugins.sh add $contid $netnspath
13 | 
14 | function cleanup() {
15 | 	./exec-plugins.sh del $contid $netnspath
16 | 	docker rm -f $contid >/dev/null
17 | }
18 | trap cleanup EXIT
19 | 
20 | docker run --net=container:$contid $@
21 | 
22 | 


--------------------------------------------------------------------------------
/scripts/exec-plugins.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | if [[ ${DEBUG} -gt 0 ]]; then set -x; fi
 4 | 
 5 | NETCONFPATH="${NETCONFPATH-/etc/cni/net.d}"
 6 | 
 7 | function exec_list() {
 8 |   plist="$1"
 9 |   name="$2"
10 |   cniVersion="$3"
11 |   echo "$plist" | jq -c '.[]' | while read -r conf; do
12 |     plugin_bin="$(echo "$conf" | jq -r '.type')"
13 |     conf="$(echo "$conf" | jq -r ".name = \"$name\" | .cniVersion = \"$cniVersion\"")"
14 |     if [ -n "$res" ]; then
15 |       conf="$(echo "$conf" | jq -r ".prevResult=$res")"
16 |     fi
17 |     if ! res=$(echo "$conf" | $plugin_bin); then
18 |       error "$name" "$res"
19 |     elif [[ ${DEBUG} -gt 0 ]]; then
20 |       echo "${res}" | jq -r .
21 |     fi
22 |   done
23 | }
24 | 
25 | function error () {
26 |   name="$1"
27 |   res="$2"
28 |   err_msg=$(echo "$res" | jq -r '.msg')
29 |   if [ -z "$errmsg" ]; then
30 |     err_msg=$res
31 |   fi
32 |   echo "${name} : error executing $CNI_COMMAND: $err_msg"
33 |   exit 1
34 | }
35 | 
36 | function exec_plugins() {
37 | 	i=0
38 | 	contid=$2
39 | 	netns=$3
40 | 	export CNI_COMMAND=$(echo $1 | tr '[:lower:]' '[:upper:]')
41 | 	export PATH=$CNI_PATH:$PATH
42 | 	export CNI_CONTAINERID=$contid
43 | 	export CNI_NETNS=$netns
44 | 
45 | 	for netconf in $(echo "$NETCONFPATH"/*.conf | sort); do
46 | 	  export CNI_IFNAME=$(printf eth%d $i)
47 | 	  name=$(jq -r '.name' <"$netconf")
48 | 	  cniVersion=$(jq -r '.cniVersion' <"$netconf")
49 | 	  plist=$(jq '.plugins | select(.!=null)' <"$netconf")
50 | 	  if [ -n "$plist" ]; then
51 | 	    exec_list "$plist" "$name" "$cniVersion"
52 | 	  else
53 |       plugin=$(jq -r '.type' <"$netconf")
54 | 
55 |       if ! res=$($plugin <"$netconf"); then
56 |         error "$name" "$res"
57 |       elif [[ ${DEBUG} -gt 0 ]]; then
58 |         echo "${res}" | jq -r .
59 |       fi
60 |     fi
61 | 
62 | 		(( i++ )) || true
63 | 	done
64 | }
65 | 
66 | if [ $# -ne 3 ]; then
67 | 	echo "Usage: $0 add|del CONTAINER-ID NETNS-PATH"
68 | 	echo "  Adds or deletes the container specified by NETNS-PATH to the networks"
69 | 	echo "  specified in \$NETCONFPATH directory"
70 | 	exit 1
71 | fi
72 | 
73 | exec_plugins $1 $2 $3
74 | 


--------------------------------------------------------------------------------
/scripts/priv-net-run.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | set -e
 3 | if [[ ${DEBUG} -gt 0 ]]; then set -x; fi
 4 | 
 5 | # Run a command in a private network namespace
 6 | # set up by CNI plugins
 7 | contid=$(printf '%x%x%x%x' $RANDOM $RANDOM $RANDOM $RANDOM)
 8 | netnspath=/var/run/netns/$contid
 9 | 
10 | ip netns add $contid
11 | ./exec-plugins.sh add $contid $netnspath
12 | 
13 | 
14 | function cleanup() {
15 | 	./exec-plugins.sh del $contid $netnspath
16 | 	ip netns delete $contid
17 | }
18 | trap cleanup EXIT
19 | 
20 | ip netns exec $contid "$@"
21 | 


--------------------------------------------------------------------------------
/test.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | set -euo pipefail
 3 | 
 4 | # switch into the repo root directory
 5 | cd "$(dirname $0)"
 6 | 
 7 | PKGS=${PKGS:-$(go list ./... | xargs echo)}
 8 | 
 9 | echo -n "Running tests "
10 | if [ ! -z "${COVERALLS:-""}" ]; then
11 |     # coverage profile only works per-package
12 |     echo "with coverage profile generation..."
13 |     i=0
14 |     for t in ${PKGS}; do
15 |         go test -covermode set -coverprofile ${i}.coverprofile "${t}"
16 |         i=$((i+1))
17 |     done
18 | else
19 |     echo "without coverage profile generation..."
20 |     go test ${PKGS}
21 | fi
22 | 
23 | echo "Checking license header..."
24 | licRes=$(
25 |        for file in $(find . -type f -iname '*.go'); do
26 |                head -n1 "${file}" | grep -Eq "(Copyright|generated)" || echo -e "  ${file}"
27 |        done
28 | )
29 | if [ -n "${licRes}" ]; then
30 |        echo -e "license header checking failed:\n${licRes}"
31 |        exit 255
32 | fi
33 | 
34 | echo "Success"
35 | 


--------------------------------------------------------------------------------