Deduplicate capabilities in generate kube

capabilities that were added and dropped were several times duplicated. Fix this Signed-off-by: Peter Hunt <[email protected]>
containers · Aug 1, 2019 · 3acfcb3 · 3acfcb3
1 parent afb493a
commit 3acfcb3
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/libpod/kube.go b/libpod/kube.go
@@ -406,18 +406,26 @@ func determineCapAddDropFromCapabilities(defaultCaps, containerCaps []string) *v
 		drop []v1.Capability
 		add  []v1.Capability
 	)
+	dedupDrop := make(map[string]bool)
+	dedupAdd := make(map[string]bool)
 	// Find caps in the defaultCaps but not in the container's
 	// those indicate a dropped cap
 	for _, capability := range defaultCaps {
 		if !util.StringInSlice(capability, containerCaps) {
-			drop = append(drop, v1.Capability(capability))
+			if _, ok := dedupDrop[capability]; !ok {
+				drop = append(drop, v1.Capability(capability))
+				dedupDrop[capability] = true
+			}
 		}
 	}
 	// Find caps in the container but not in the defaults; those indicate
 	// an added cap
 	for _, capability := range containerCaps {
 		if !util.StringInSlice(capability, defaultCaps) {
-			add = append(add, v1.Capability(capability))
+			if _, ok := dedupAdd[string(capability)]; !ok {
+				add = append(add, v1.Capability(capability))
+				dedupAdd[capability] = true
+			}
 		}
 	}