From 779754dcf6dc320bef4003d7bff6c938162b828b Mon Sep 17 00:00:00 2001
From: stevenhorsman <steven@uk.ibm.com>
Date: Wed, 19 Jun 2024 14:09:47 +0100
Subject: [PATCH] runtime: Support policy in remote hypervisor

Move the `sandbox.agent.setPolicy` call out of the remoteHypervisor
if, block, so we can use the policy implementation on peer pods

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
---
 src/runtime/virtcontainers/kata_agent.go | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/runtime/virtcontainers/kata_agent.go b/src/runtime/virtcontainers/kata_agent.go
index 245366f12b..9d4c59cf7a 100644
--- a/src/runtime/virtcontainers/kata_agent.go
+++ b/src/runtime/virtcontainers/kata_agent.go
@@ -766,19 +766,21 @@ func (k *kataAgent) startSandbox(ctx context.Context, sandbox *Sandbox) error {
 
 	if sandbox.config.HypervisorType == RemoteHypervisor {
 		ctx = context.WithValue(ctx, customRequestTimeoutKey, remoteRequestTimeout)
-	} else {
-		// Check grpc server is serving
-		if err = k.check(ctx); err != nil {
+	}
+
+	// Check grpc server is serving
+	if err = k.check(ctx); err != nil {
+		return err
+	}
+
+	// If a Policy has been specified, send it to the agent.
+	if len(sandbox.config.AgentConfig.Policy) > 0 {
+		if err := sandbox.agent.setPolicy(ctx, sandbox.config.AgentConfig.Policy); err != nil {
 			return err
 		}
+	}
 
-		// If a Policy has been specified, send it to the agent.
-		if len(sandbox.config.AgentConfig.Policy) > 0 {
-			if err := sandbox.agent.setPolicy(ctx, sandbox.config.AgentConfig.Policy); err != nil {
-				return err
-			}
-		}
-
+	if sandbox.config.HypervisorType != RemoteHypervisor {
 		// Setup network interfaces and routes
 		interfaces, routes, neighs, err := generateVCNetworkStructures(ctx, sandbox.network)
 		if err != nil {