From a659ac99b652b41ab37db65613c8c58364222c2e Mon Sep 17 00:00:00 2001
From: Jitendra Bhurat <jbhurat@apprenda.com>
Date: Thu, 13 Oct 2016 12:01:15 -0400
Subject: [PATCH] Moved getSecurityOpts() function to OS specific manager
 variant

---
 pkg/kubelet/dockertools/docker_manager.go     | 17 --------------
 .../dockertools/docker_manager_linux.go       | 23 ++++++++++++++++++-
 .../dockertools/docker_manager_windows.go     |  7 ++++++
 3 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/pkg/kubelet/dockertools/docker_manager.go b/pkg/kubelet/dockertools/docker_manager.go
index a3e52bff3a..b7210b939b 100644
--- a/pkg/kubelet/dockertools/docker_manager.go
+++ b/pkg/kubelet/dockertools/docker_manager.go
@@ -1113,23 +1113,6 @@ func (dm *DockerManager) fmtDockerOpts(opts []dockerOpt) ([]string, error) {
 	return fmtOpts, nil
 }
 
-func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
-	var securityOpts []dockerOpt
-	if seccompOpts, err := dm.getSeccompOpts(pod, ctrName); err != nil {
-		return nil, err
-	} else {
-		securityOpts = append(securityOpts, seccompOpts...)
-	}
-
-	if appArmorOpts, err := dm.getAppArmorOpts(pod, ctrName); err != nil {
-		return nil, err
-	} else {
-		securityOpts = append(securityOpts, appArmorOpts...)
-	}
-
-	return securityOpts, nil
-}
-
 type dockerOpt struct {
 	// The key-value pair passed to docker.
 	key, value string
diff --git a/pkg/kubelet/dockertools/docker_manager_linux.go b/pkg/kubelet/dockertools/docker_manager_linux.go
index 2404cc7bbc..3d19e94d35 100644
--- a/pkg/kubelet/dockertools/docker_manager_linux.go
+++ b/pkg/kubelet/dockertools/docker_manager_linux.go
@@ -1,6 +1,9 @@
 package dockertools
 
-import dockertypes "github.com/docker/engine-api/types"
+import (
+	dockertypes "github.com/docker/engine-api/types"
+	"k8s.io/kubernetes/pkg/api"
+)
 
 func getContainerIP(container *dockertypes.ContainerJSON) string {
 	result := ""
@@ -22,3 +25,21 @@ func getNetworkingMode() string { return "" }
 func containerProvidesPodIP(name *KubeletContainerName) bool {
 	return name.ContainerName == PodInfraContainerName
 }
+
+// Returns Seccomp and AppArmor Security options
+func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
+	var securityOpts []dockerOpt
+	if seccompOpts, err := dm.getSeccompOpts(pod, ctrName); err != nil {
+		return nil, err
+	} else {
+		securityOpts = append(securityOpts, seccompOpts...)
+	}
+
+	if appArmorOpts, err := dm.getAppArmorOpts(pod, ctrName); err != nil {
+		return nil, err
+	} else {
+		securityOpts = append(securityOpts, appArmorOpts...)
+	}
+
+	return securityOpts, nil
+}
diff --git a/pkg/kubelet/dockertools/docker_manager_windows.go b/pkg/kubelet/dockertools/docker_manager_windows.go
index 89d2d460cf..da8b829381 100644
--- a/pkg/kubelet/dockertools/docker_manager_windows.go
+++ b/pkg/kubelet/dockertools/docker_manager_windows.go
@@ -3,6 +3,8 @@ package dockertools
 import (
 	"os"
 
+	"k8s.io/kubernetes/pkg/api"
+
 	dockertypes "github.com/docker/engine-api/types"
 )
 
@@ -31,3 +33,8 @@ func getNetworkingMode() string {
 func containerProvidesPodIP(name *KubeletContainerName) bool {
 	return name.ContainerName != PodInfraContainerName
 }
+
+// Returns nil as both Seccomp and AppArmor security options are not valid on Windows
+func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
+	return nil, nil
+}