Skip to content

fix: validate prevResult from preceding CNI plugin#185

Merged
privateip merged 1 commit into
mainfrom
fix/issue-157
Jul 1, 2026
Merged

fix: validate prevResult from preceding CNI plugin#185
privateip merged 1 commit into
mainfrom
fix/issue-157

Conversation

@privateip

Copy link
Copy Markdown
Contributor

The galactic-cni plugin silently ignored prevResult from a preceding plugin in the CNI chain, leaving it blind to prior chain state.

  • Validate prevResult is parseable as a valid CNI result during config parsing, failing fast rather than operating on garbage state
  • Validate prevResult contains at least one interface or IP assignment during ADD, rejecting empty or structurally broken chain results
  • Wire validation into parseConf and cmdAdd so invalid prevResult causes immediate failure before any kernel resources are created
  • Add unit tests for parseConf, validatePrevResult, validatePrevResultAdd, and cmdAdd prevResult handling across valid, empty, and invalid cases

fixes #157

@privateip privateip requested a review from a team as a code owner July 1, 2026 00:10
@privateip privateip requested a review from yahyafakhroji July 1, 2026 00:10
scotwells
scotwells previously approved these changes Jul 1, 2026

@scotwells scotwells left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got merge conflicts. Changes look good

The galactic-cni plugin silently ignored prevResult from a preceding
plugin in the CNI chain, leaving it blind to prior chain state.

- Validate prevResult is parseable as a valid CNI result during config
  parsing, failing fast rather than operating on garbage state
- Validate prevResult contains at least one interface or IP assignment
  during ADD, rejecting empty or structurally broken chain results
- Wire validation into parseConf and cmdAdd so invalid prevResult
  causes immediate failure before any kernel resources are created
- Add unit tests for parseConf, validatePrevResult, validatePrevResultAdd,
  and cmdAdd prevResult handling across valid, empty, and invalid cases

fixes #157
@privateip privateip merged commit 3ed3985 into main Jul 1, 2026
5 checks passed
@privateip privateip deleted the fix/issue-157 branch July 1, 2026 01:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

No prevResult handling from previous plugin in chain

2 participants