From 1c1bfa67595909720b8409294c8eabb40e1269ff Mon Sep 17 00:00:00 2001 From: "Alex Ellis (OpenFaaS Ltd)" Date: Tue, 17 Sep 2024 11:09:53 +0100 Subject: [PATCH] Upgrades to containerd, fix deprecations upstream * Fixes upstream deprecations for containerd * Fixes deprecations in ioutil package usage * Break out separate files for function handlers * Upgrades containerd to 1.7.22 * Fixes default namespace functionality * Pre-deploy checks as per license agreement * Removes extra log messages for payload in HTTP handlers, you can enable FAAS_DEBUG=1 in the CLI instead to see this from the client's perspective * Add additional Google DNS server 8.8.4.4 for functions Signed-off-by: Alex Ellis (OpenFaaS Ltd) --- .github/workflows/build.yaml | 2 +- .github/workflows/publish.yaml | 2 +- .github/workflows/verify-images.yaml | 2 +- LICENSE | 6 +- Makefile | 4 +- cmd/install.go | 27 +- cmd/provider.go | 56 ++- cmd/root.go | 24 +- cmd/up.go | 18 +- docker-compose.yaml | 2 +- docs/DEV.md | 6 +- go.mod | 31 +- go.sum | 28 ++ hack/build-containerd-arm64.sh | 2 +- hack/build-containerd.sh | 2 +- hack/install.sh | 2 +- main.go | 10 +- pkg/cninetwork/cni_network.go | 5 +- pkg/cninetwork/cni_network_test.go | 8 +- pkg/connectivity.go | 36 ++ pkg/local_resolver.go | 3 +- pkg/provider/handlers/delete.go | 12 +- pkg/provider/handlers/deploy.go | 60 ++- .../{functions.go => function_get.go} | 92 ---- pkg/provider/handlers/function_list.go | 61 +++ .../{functions_test.go => function_test.go} | 0 pkg/provider/handlers/info.go | 9 +- pkg/provider/handlers/namespaces.go | 44 ++ pkg/provider/handlers/scale.go | 7 +- pkg/provider/handlers/secret.go | 6 +- pkg/provider/handlers/secret_test.go | 4 +- pkg/provider/handlers/update.go | 14 +- pkg/proxy_test.go | 4 +- pkg/supervisor.go | 11 +- pkg/version.go | 16 + .../hcsshim/internal/hns/hnsendpoint.go | 23 + .../hcsshim/internal/hns/hnspolicy.go | 7 +- .../containerd/containerd/.cirrus.yml | 82 ---- .../containerd/containerd/.golangci.yml | 11 + .../containerd/containerd/BUILDING.md | 2 +- .../github.com/containerd/containerd/Makefile | 12 +- .../containerd/containerd/Vagrantfile | 31 +- .../containerd/containerd/api/LICENSE | 191 ++++++++ .../containerd/api/runtime/sandbox/v1/doc.go | 6 + .../api/services/events/v1/events.pb.go | 112 ++--- .../api/services/events/v1/events.proto | 4 +- .../api/services/introspection/v1/doc.go | 6 + .../containerd/api/types/fieldpath.pb.go | 144 ++++++ .../plugin => api/types}/fieldpath.proto | 6 +- .../containerd/containerd/archive/tar.go | 3 +- .../containerd/containerd/archive/tar_unix.go | 5 +- .../containerd/containerd/cio/io.go | 20 - .../containerd/containerd/cio/io_unix.go | 35 ++ .../containerd/containerd/cio/io_windows.go | 40 ++ .../containerd/containerd/client.go | 2 +- .../containerd/containerd/client_opts.go | 4 +- .../containerd/container_checkpoint_opts.go | 2 +- .../containerd/errdefs/errdefs_deprecated.go | 2 + .../containerd/containerd/events.go | 5 +- .../github.com/containerd/containerd/image.go | 2 +- .../containerd/images/archive/exporter.go | 2 +- .../containerd/images/archive/importer.go | 2 +- .../containerd/images/archive/reference.go | 2 +- .../containerd/containerd/images/handlers.go | 2 +- .../containerd/containerd/images/image.go | 2 +- .../containerd/containerd/import.go | 2 +- .../containerd/mount/mount_linux.go | 2 +- .../containerd/containerd/mount/temp.go | 46 +- .../containerd/containerd/oci/spec.go | 4 +- .../containerd/containerd/oci/spec_opts.go | 20 +- .../containerd/containerd/oci/utils_unix.go | 2 +- .../containerd/pkg/deprecation/deprecation.go | 6 +- .../containerd/pkg/unpack/unpacker.go | 2 +- .../containerd/pkg/userns/userns_linux.go | 62 --- .../containerd/protobuf/plugin/doc.go | 17 - .../protobuf/plugin/fieldpath.pb.go | 144 ------ .../github.com/containerd/containerd/pull.go | 2 +- .../containerd/reference/docker/helpers.go | 58 --- .../containerd/reference/docker/normalize.go | 196 -------- .../containerd/reference/docker/reference.go | 453 ------------------ .../containerd/reference/docker/regexp.go | 191 -------- .../containerd/reference/docker/sort.go | 73 --- .../containerd/reference/reference.go | 39 +- .../containerd/remotes/docker/fetcher_fuzz.go | 7 - .../containerd/containerd/remotes/handlers.go | 2 +- .../containerd/containerd/sandbox/bridge.go | 5 + .../services/introspection/local.go | 10 +- .../services/introspection/service.go | 10 +- .../containerd/containerd/task_opts.go | 6 + .../containerd/containerd/version/version.go | 2 +- .../containerd/platforms/.gitattributes | 1 + .../containerd/platforms/.golangci.yml | 30 ++ .../github.com/containerd/platforms/LICENSE | 191 ++++++++ .../github.com/containerd/platforms/README.md | 32 ++ .../{containerd => }/platforms/compare.go | 0 .../{containerd => }/platforms/cpuinfo.go | 0 .../platforms/cpuinfo_linux.go | 13 +- .../platforms/cpuinfo_other.go | 6 +- .../{containerd => }/platforms/database.go | 0 .../{containerd => }/platforms/defaults.go | 6 +- .../platforms/defaults_darwin.go | 0 .../platforms/defaults_freebsd.go | 0 .../platforms/defaults_unix.go | 0 .../platforms/defaults_windows.go | 15 +- .../errors.go} | 21 +- .../platforms/platform_compat_windows.go | 78 +++ .../{containerd => }/platforms/platforms.go | 96 ++-- .../platforms/platforms_other.go | 4 - .../platforms/platforms_windows.go | 8 - vendor/github.com/containerd/ttrpc/README.md | 2 +- vendor/github.com/containerd/ttrpc/client.go | 6 +- vendor/github.com/containerd/ttrpc/server.go | 16 +- .../distribution/reference/README.md | 2 +- .../distribution/reference/normalize.go | 53 +- .../distribution/reference/reference.go | 44 +- .../reference/helpers_deprecated.go | 34 -- .../reference/normalize_deprecated.go | 92 ---- .../reference/reference_deprecated.go | 172 ------- .../reference/regexp_deprecated.go | 50 -- .../distribution/reference/sort_deprecated.go | 10 - vendor/github.com/google/uuid/CHANGELOG.md | 11 + vendor/github.com/google/uuid/CONTRIBUTING.md | 2 +- vendor/github.com/google/uuid/uuid.go | 26 +- vendor/github.com/moby/sys/user/user.go | 1 - .../distribution => moby/sys/userns}/LICENSE | 8 +- vendor/github.com/moby/sys/userns/userns.go | 16 + .../moby/sys/userns/userns_linux.go | 53 ++ .../moby/sys/userns/userns_linux_fuzzer.go | 8 + .../moby/sys/userns/userns_unsupported.go | 6 + .../opencontainers/go-digest/digestset/set.go | 262 ---------- vendor/go.opentelemetry.io/otel/.gitignore | 5 +- vendor/go.opentelemetry.io/otel/.golangci.yml | 17 +- vendor/go.opentelemetry.io/otel/CHANGELOG.md | 85 +++- .../go.opentelemetry.io/otel/CONTRIBUTING.md | 4 + vendor/go.opentelemetry.io/otel/Makefile | 29 +- vendor/go.opentelemetry.io/otel/README.md | 15 +- .../otel/baggage/baggage.go | 4 +- .../otel/internal/global/instruments.go | 60 ++- .../otel/internal/global/trace.go | 7 + vendor/go.opentelemetry.io/otel/metric/doc.go | 2 +- .../otel/metric/instrument.go | 23 + .../otel/metric/syncfloat64.go | 10 +- .../otel/metric/syncint64.go | 10 +- .../otel/propagation/trace_context.go | 6 +- .../go.opentelemetry.io/otel/requirements.txt | 2 +- .../go.opentelemetry.io/otel/trace/config.go | 1 + vendor/go.opentelemetry.io/otel/trace/doc.go | 64 +++ .../otel/trace/embedded/embedded.go | 56 +++ vendor/go.opentelemetry.io/otel/trace/noop.go | 10 +- .../go.opentelemetry.io/otel/trace/trace.go | 40 +- .../otel/trace/tracestate.go | 38 +- vendor/go.opentelemetry.io/otel/version.go | 2 +- vendor/go.opentelemetry.io/otel/versions.yaml | 7 +- vendor/modules.txt | 73 +-- 154 files changed, 2127 insertions(+), 2562 deletions(-) create mode 100644 pkg/connectivity.go rename pkg/provider/handlers/{functions.go => function_get.go} (62%) create mode 100644 pkg/provider/handlers/function_list.go rename pkg/provider/handlers/{functions_test.go => function_test.go} (100%) delete mode 100644 vendor/github.com/containerd/containerd/.cirrus.yml create mode 100644 vendor/github.com/containerd/containerd/api/LICENSE create mode 100644 vendor/github.com/containerd/containerd/api/types/fieldpath.pb.go rename vendor/github.com/containerd/containerd/{protobuf/plugin => api/types}/fieldpath.proto (93%) delete mode 100644 vendor/github.com/containerd/containerd/pkg/userns/userns_linux.go delete mode 100644 vendor/github.com/containerd/containerd/protobuf/plugin/doc.go delete mode 100644 vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.pb.go delete mode 100644 vendor/github.com/containerd/containerd/reference/docker/helpers.go delete mode 100644 vendor/github.com/containerd/containerd/reference/docker/normalize.go delete mode 100644 vendor/github.com/containerd/containerd/reference/docker/reference.go delete mode 100644 vendor/github.com/containerd/containerd/reference/docker/regexp.go delete mode 100644 vendor/github.com/containerd/containerd/reference/docker/sort.go create mode 100644 vendor/github.com/containerd/platforms/.gitattributes create mode 100644 vendor/github.com/containerd/platforms/.golangci.yml create mode 100644 vendor/github.com/containerd/platforms/LICENSE create mode 100644 vendor/github.com/containerd/platforms/README.md rename vendor/github.com/containerd/{containerd => }/platforms/compare.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/cpuinfo.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/cpuinfo_linux.go (94%) rename vendor/github.com/containerd/{containerd => }/platforms/cpuinfo_other.go (95%) rename vendor/github.com/containerd/{containerd => }/platforms/database.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/defaults.go (81%) rename vendor/github.com/containerd/{containerd => }/platforms/defaults_darwin.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/defaults_freebsd.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/defaults_unix.go (100%) rename vendor/github.com/containerd/{containerd => }/platforms/defaults_windows.go (88%) rename vendor/github.com/containerd/{containerd/pkg/userns/userns_unsupported.go => platforms/errors.go} (56%) create mode 100644 vendor/github.com/containerd/platforms/platform_compat_windows.go rename vendor/github.com/containerd/{containerd => }/platforms/platforms.go (74%) rename vendor/github.com/containerd/{containerd => }/platforms/platforms_other.go (94%) rename vendor/github.com/containerd/{containerd => }/platforms/platforms_windows.go (85%) delete mode 100644 vendor/github.com/docker/distribution/reference/helpers_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/normalize_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/reference_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/regexp_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/sort_deprecated.go rename vendor/github.com/{docker/distribution => moby/sys/userns}/LICENSE (99%) create mode 100644 vendor/github.com/moby/sys/userns/userns.go create mode 100644 vendor/github.com/moby/sys/userns/userns_linux.go create mode 100644 vendor/github.com/moby/sys/userns/userns_linux_fuzzer.go create mode 100644 vendor/github.com/moby/sys/userns/userns_unsupported.go delete mode 100644 vendor/github.com/opencontainers/go-digest/digestset/set.go create mode 100644 vendor/go.opentelemetry.io/otel/trace/embedded/embedded.go diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 8adbedb..ec1cd37 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 1 - name: Install Go - uses: actions/setup-go@v5.0.0 + uses: actions/setup-go@v5 with: go-version: 1.22.x diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 9405acb..a3e3622 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -13,7 +13,7 @@ jobs: with: fetch-depth: 1 - name: Install Go - uses: actions/setup-go@v5.0.0 + uses: actions/setup-go@v5 with: go-version: 1.22.x - name: Make publish diff --git a/.github/workflows/verify-images.yaml b/.github/workflows/verify-images.yaml index dd5e327..6e2a2fd 100644 --- a/.github/workflows/verify-images.yaml +++ b/.github/workflows/verify-images.yaml @@ -15,4 +15,4 @@ jobs: - name: Verify chart images id: verify_images run: | - VERBOSE=true make verify-compose \ No newline at end of file + VERBOSE=true make verify-compose diff --git a/LICENSE b/LICENSE index 4dd8aa6..d83adef 100644 --- a/LICENSE +++ b/LICENSE @@ -1,8 +1,10 @@ +For usage of faasd, see: EULA.md + +See below for source code contributions + MIT License -Copyright (c) 2020 Alex Ellis Copyright (c) 2020 OpenFaaS Ltd -Copyright (c) 2020 OpenFaas Author(s) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/Makefile b/Makefile index 6e13167..39a3f45 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ Version := $(shell git describe --tags --dirty) GitCommit := $(shell git rev-parse HEAD) -LDFLAGS := "-s -w -X main.Version=$(Version) -X main.GitCommit=$(GitCommit)" -CONTAINERD_VER := 1.7.18 +LDFLAGS := "-s -w -X github.com/openfaas/faasd/pkg.Version=$(Version) -X github.com/openfaas/faasd/pkg.GitCommit=$(GitCommit)" +CONTAINERD_VER := 1.7.22 CNI_VERSION := v0.9.1 ARCH := amd64 diff --git a/cmd/install.go b/cmd/install.go index bfab43e..ea5c245 100644 --- a/cmd/install.go +++ b/cmd/install.go @@ -50,46 +50,37 @@ func runInstall(_ *cobra.Command, _ []string) error { return err } - err := binExists("/usr/local/bin/", "faasd") - if err != nil { + if err := binExists("/usr/local/bin/", "faasd"); err != nil { return err } - err = systemd.InstallUnit("faasd-provider", map[string]string{ + if err := systemd.InstallUnit("faasd-provider", map[string]string{ "Cwd": faasdProviderWd, - "SecretMountPath": path.Join(faasdwd, "secrets")}) - - if err != nil { + "SecretMountPath": path.Join(faasdwd, "secrets")}); err != nil { return err } - err = systemd.InstallUnit("faasd", map[string]string{"Cwd": faasdwd}) - if err != nil { + if err := systemd.InstallUnit("faasd", map[string]string{"Cwd": faasdwd}); err != nil { return err } - err = systemd.DaemonReload() - if err != nil { + if err := systemd.DaemonReload(); err != nil { return err } - err = systemd.Enable("faasd-provider") - if err != nil { + if err := systemd.Enable("faasd-provider"); err != nil { return err } - err = systemd.Enable("faasd") - if err != nil { + if err := systemd.Enable("faasd"); err != nil { return err } - err = systemd.Start("faasd-provider") - if err != nil { + if err := systemd.Start("faasd-provider"); err != nil { return err } - err = systemd.Start("faasd") - if err != nil { + if err := systemd.Start("faasd"); err != nil { return err } diff --git a/cmd/provider.go b/cmd/provider.go index cd70631..981111e 100644 --- a/cmd/provider.go +++ b/cmd/provider.go @@ -3,7 +3,6 @@ package cmd import ( "fmt" "io" - "io/ioutil" "log" "net/http" "os" @@ -14,6 +13,7 @@ import ( "github.com/openfaas/faas-provider/logs" "github.com/openfaas/faas-provider/proxy" "github.com/openfaas/faas-provider/types" + "github.com/openfaas/faasd/pkg" faasd "github.com/openfaas/faasd/pkg" "github.com/openfaas/faasd/pkg/cninetwork" faasdlogs "github.com/openfaas/faasd/pkg/logs" @@ -33,6 +33,7 @@ func makeProviderCmd() *cobra.Command { command.Flags().String("pull-policy", "Always", `Set to "Always" to force a pull of images upon deployment, or "IfNotPresent" to try to use a cached image.`) command.RunE = runProviderE + command.PreRunE = preRunE return command } @@ -62,18 +63,15 @@ func runProviderE(cmd *cobra.Command, _ []string) error { return err } - writeHostsErr := ioutil.WriteFile(path.Join(wd, "hosts"), - []byte(`127.0.0.1 localhost`), workingDirectoryPermission) - - if writeHostsErr != nil { - return fmt.Errorf("cannot write hosts file: %s", writeHostsErr) + if err := os.WriteFile(path.Join(wd, "hosts"), + []byte(`127.0.0.1 localhost`), workingDirectoryPermission); err != nil { + return fmt.Errorf("cannot write hosts file: %s", err) } - writeResolvErr := ioutil.WriteFile(path.Join(wd, "resolv.conf"), - []byte(`nameserver 8.8.8.8`), workingDirectoryPermission) - - if writeResolvErr != nil { - return fmt.Errorf("cannot write resolv.conf file: %s", writeResolvErr) + if err := os.WriteFile(path.Join(wd, "resolv.conf"), + []byte(`nameserver 8.8.8.8 +nameserver 8.8.4.4`), workingDirectoryPermission); err != nil { + return fmt.Errorf("cannot write resolv.conf file: %s", err) } cni, err := cninetwork.InitNetwork() @@ -98,25 +96,24 @@ func runProviderE(cmd *cobra.Command, _ []string) error { } bootstrapHandlers := types.FaaSHandlers{ - FunctionProxy: proxy.NewHandlerFunc(*config, invokeResolver, false), - DeleteFunction: handlers.MakeDeleteHandler(client, cni), - DeployFunction: handlers.MakeDeployHandler(client, cni, baseUserSecretsPath, alwaysPull), - FunctionLister: handlers.MakeReadHandler(client), - FunctionStatus: handlers.MakeReplicaReaderHandler(client), - ScaleFunction: handlers.MakeReplicaUpdateHandler(client, cni), - UpdateFunction: handlers.MakeUpdateHandler(client, cni, baseUserSecretsPath, alwaysPull), - Health: func(w http.ResponseWriter, r *http.Request) {}, - Info: handlers.MakeInfoHandler(Version, GitCommit), - ListNamespaces: handlers.MakeNamespacesLister(client), - Secrets: handlers.MakeSecretHandler(client.NamespaceService(), baseUserSecretsPath), - Logs: logs.NewLogHandlerFunc(faasdlogs.New(), config.ReadTimeout), - MutateNamespace: handlers.MakeMutateNamespace(client), + FunctionProxy: httpHeaderMiddleware(proxy.NewHandlerFunc(*config, invokeResolver, false)), + DeleteFunction: httpHeaderMiddleware(handlers.MakeDeleteHandler(client, cni)), + DeployFunction: httpHeaderMiddleware(handlers.MakeDeployHandler(client, cni, baseUserSecretsPath, alwaysPull)), + FunctionLister: httpHeaderMiddleware(handlers.MakeReadHandler(client)), + FunctionStatus: httpHeaderMiddleware(handlers.MakeReplicaReaderHandler(client)), + ScaleFunction: httpHeaderMiddleware(handlers.MakeReplicaUpdateHandler(client, cni)), + UpdateFunction: httpHeaderMiddleware(handlers.MakeUpdateHandler(client, cni, baseUserSecretsPath, alwaysPull)), + Health: httpHeaderMiddleware(func(w http.ResponseWriter, r *http.Request) {}), + Info: httpHeaderMiddleware(handlers.MakeInfoHandler(pkg.Version, pkg.GitCommit)), + ListNamespaces: httpHeaderMiddleware(handlers.MakeNamespacesLister(client)), + Secrets: httpHeaderMiddleware(handlers.MakeSecretHandler(client.NamespaceService(), baseUserSecretsPath)), + Logs: httpHeaderMiddleware(logs.NewLogHandlerFunc(faasdlogs.New(), config.ReadTimeout)), + MutateNamespace: httpHeaderMiddleware(handlers.MakeMutateNamespace(client)), } log.Printf("Listening on: 0.0.0.0:%d\n", *config.TCPPort) bootstrap.Serve(cmd.Context(), &bootstrapHandlers, config) return nil - } /* @@ -131,7 +128,7 @@ func moveSecretsToDefaultNamespaceSecrets(baseSecretPath string, defaultNamespac return err } - files, err := ioutil.ReadDir(baseSecretPath) + files, err := os.ReadDir(baseSecretPath) if err != nil { return err } @@ -178,3 +175,10 @@ func copyFile(src, dst string) error { return nil } + +func httpHeaderMiddleware(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("X-OpenFaaS-EULA", "openfaas-ce") + next.ServeHTTP(w, r) + } +} diff --git a/cmd/root.go b/cmd/root.go index b5e4471..acb91f5 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/morikuni/aec" + "github.com/openfaas/faasd/pkg" "github.com/spf13/cobra" ) @@ -22,19 +23,8 @@ func RootCommand() *cobra.Command { return rootCommand } -var ( - // GitCommit Git Commit SHA - GitCommit string - // Version version of the CLI - Version string -) - // Execute faasd -func Execute(version, gitCommit string) error { - - // Get Version and GitCommit values from main.go. - Version = version - GitCommit = gitCommit +func Execute() error { if err := rootCommand.Execute(); err != nil { return err @@ -78,7 +68,7 @@ func parseBaseCommand(_ *cobra.Command, _ []string) { } func printVersion() { - fmt.Printf("faasd version: %s\tcommit: %s\n", GetVersion(), GitCommit) + fmt.Printf("faasd version: %s\tcommit: %s\n", pkg.GetVersion(), pkg.GitCommit) } func printLogo() { @@ -86,14 +76,6 @@ func printLogo() { fmt.Println(logoText) } -// GetVersion get latest version -func GetVersion() string { - if len(Version) == 0 { - return "dev" - } - return Version -} - // Logo for version and root command const Logo = ` __ _ / _| __ _ __ _ ___ __| | diff --git a/cmd/up.go b/cmd/up.go index 87a6268..4f0d849 100644 --- a/cmd/up.go +++ b/cmd/up.go @@ -2,7 +2,6 @@ package cmd import ( "fmt" - "io/ioutil" "log" "os" "os/signal" @@ -39,9 +38,10 @@ func init() { } var upCmd = &cobra.Command{ - Use: "up", - Short: "Start faasd", - RunE: runUp, + Use: "up", + Short: "Start faasd", + RunE: runUp, + PreRunE: preRunE, } func runUp(cmd *cobra.Command, _ []string) error { @@ -166,7 +166,7 @@ func makeFile(filePath, fileContents string) error { return nil } else if os.IsNotExist(err) { log.Printf("Writing to: %q\n", filePath) - return ioutil.WriteFile(filePath, []byte(fileContents), workingDirectoryPermission) + return os.WriteFile(filePath, []byte(fileContents), workingDirectoryPermission) } else { return err } @@ -204,3 +204,11 @@ func parseUpFlags(cmd *cobra.Command) (upConfig, error) { parsed.workingDir = faasdwd return parsed, err } + +func preRunE(cmd *cobra.Command, _ []string) error { + if err := pkg.ConnectivityCheck(); err != nil { + return fmt.Errorf("the OpenFaaS CE EULA requires Internet access, upgrade to faasd Pro to continue") + } + + return nil +} diff --git a/docker-compose.yaml b/docker-compose.yaml index 986c2c9..df330ab 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -39,7 +39,7 @@ services: - "127.0.0.1:9090:9090" gateway: - image: ghcr.io/openfaas/gateway:0.27.5 + image: ghcr.io/openfaas/gateway:0.27.9 environment: - basic_auth=true - functions_provider_url=http://faasd-provider:8081/ diff --git a/docs/DEV.md b/docs/DEV.md index 715707a..5149a44 100644 --- a/docs/DEV.md +++ b/docs/DEV.md @@ -86,7 +86,7 @@ EOF' * Install containerd `x86_64` only ```bash -export VER=1.7.18 +export VER=1.7.22 curl -sSL https://github.com/containerd/containerd/releases/download/v$VER/containerd-$VER-linux-amd64.tar.gz -o /tmp/containerd.tar.gz \ && sudo tar -xvf /tmp/containerd.tar.gz -C /usr/local/bin/ --strip-components=1 @@ -102,7 +102,7 @@ containerd -version git clone https://github.com/containerd/containerd cd containerd git fetch origin --tags - git checkout v1.7.18 + git checkout v1.7.22 make sudo make install @@ -113,7 +113,7 @@ containerd -version #### Ensure containerd is running ```bash -curl -sLS https://raw.githubusercontent.com/containerd/containerd/v1.7.18/containerd.service > /tmp/containerd.service +curl -sLS https://raw.githubusercontent.com/containerd/containerd/v1.7.22/containerd.service > /tmp/containerd.service # Extend the timeouts for low-performance VMs echo "[Manager]" | tee -a /tmp/containerd.service diff --git a/go.mod b/go.mod index 502c328..be1b3df 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,11 @@ module github.com/openfaas/faasd -go 1.21 +go 1.22 require ( github.com/alexellis/arkade v0.0.0-20240320084407-6cf4a641c415 github.com/compose-spec/compose-go v0.0.0-20200528042322-36d8ce368e05 - github.com/containerd/containerd v1.7.18 + github.com/containerd/containerd v1.7.22 github.com/containerd/go-cni v1.1.9 github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf github.com/docker/cli v24.0.7+incompatible @@ -26,24 +26,28 @@ require ( k8s.io/apimachinery v0.29.3 ) -require github.com/alexellis/go-execute/v2 v2.2.1 +require ( + github.com/alexellis/go-execute/v2 v2.2.1 + github.com/distribution/reference v0.6.0 +) require ( github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/Microsoft/hcsshim v0.11.5 // indirect + github.com/Microsoft/hcsshim v0.11.7 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/containerd/cgroups v1.1.0 // indirect + github.com/containerd/containerd/api v1.7.19 // indirect github.com/containerd/continuity v0.4.2 // indirect github.com/containerd/errdefs v0.1.0 // indirect github.com/containerd/fifo v1.1.0 // indirect github.com/containerd/log v0.1.0 // indirect - github.com/containerd/ttrpc v1.2.4 // indirect + github.com/containerd/platforms v0.2.1 // indirect + github.com/containerd/ttrpc v1.2.5 // indirect github.com/containerd/typeurl/v2 v2.1.1 // indirect github.com/containernetworking/cni v1.1.2 // indirect - github.com/distribution/reference v0.5.0 // indirect github.com/docker/docker-credential-helpers v0.8.0 // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect @@ -54,7 +58,7 @@ require ( github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-cmp v0.6.0 // indirect - github.com/google/uuid v1.3.1 // indirect + github.com/google/uuid v1.4.0 // indirect github.com/imdario/mergo v0.3.14 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/klauspost/compress v1.17.4 // indirect @@ -65,7 +69,8 @@ require ( github.com/moby/sys/mountinfo v0.6.2 // indirect github.com/moby/sys/sequential v0.5.0 // indirect github.com/moby/sys/signal v0.7.0 // indirect - github.com/moby/sys/user v0.1.0 // indirect + github.com/moby/sys/user v0.3.0 // indirect + github.com/moby/sys/userns v0.1.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect github.com/opencontainers/selinux v1.11.0 // indirect @@ -79,15 +84,15 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect - go.opentelemetry.io/otel v1.19.0 // indirect - go.opentelemetry.io/otel/metric v1.19.0 // indirect - go.opentelemetry.io/otel/trace v1.19.0 // indirect + go.opentelemetry.io/otel v1.21.0 // indirect + go.opentelemetry.io/otel/metric v1.21.0 // indirect + go.opentelemetry.io/otel/trace v1.21.0 // indirect golang.org/x/net v0.24.0 // indirect golang.org/x/sync v0.6.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/tools v0.19.0 // indirect - google.golang.org/genproto v0.0.0-20230920204549-e6e6cdab5c13 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect + google.golang.org/genproto v0.0.0-20231211222908-989df2bf70f3 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 // indirect google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect diff --git a/go.sum b/go.sum index cddb7cc..ba2366b 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERo github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= github.com/Microsoft/hcsshim v0.11.5 h1:haEcLNpj9Ka1gd3B3tAEs9CpE0c+1IhoL59w/exYU38= github.com/Microsoft/hcsshim v0.11.5/go.mod h1:MV8xMfmECjl5HdO7U/3/hFVnkmSBjAjmA09d4bExKcU= +github.com/Microsoft/hcsshim v0.11.7 h1:vl/nj3Bar/CvJSYo7gIQPyRWc9f3c6IeSNavBTSZNZQ= +github.com/Microsoft/hcsshim v0.11.7/go.mod h1:MV8xMfmECjl5HdO7U/3/hFVnkmSBjAjmA09d4bExKcU= github.com/alexellis/arkade v0.0.0-20240320084407-6cf4a641c415 h1:mLD1eSfXbmXcwKMP1AsFl01G2U16aC9E22Tcjehyyrw= github.com/alexellis/arkade v0.0.0-20240320084407-6cf4a641c415/go.mod h1:3sT9Gq9WUFG9Wwz9dFbRRc/2L3yepsA4p272aG2DR6w= github.com/alexellis/go-execute/v2 v2.2.1 h1:4Ye3jiCKQarstODOEmqDSRCqxMHLkC92Bhse743RdOI= @@ -28,6 +30,10 @@ github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaD github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw= github.com/containerd/containerd v1.7.18 h1:jqjZTQNfXGoEaZdW1WwPU0RqSn1Bm2Ay/KJPUuO8nao= github.com/containerd/containerd v1.7.18/go.mod h1:IYEk9/IO6wAPUz2bCMVUbsfXjzw5UNP5fLz4PsUygQ4= +github.com/containerd/containerd v1.7.22 h1:nZuNnNRA6T6jB975rx2RRNqqH2k6ELYKDZfqTHqwyy0= +github.com/containerd/containerd v1.7.22/go.mod h1:e3Jz1rYRUZ2Lt51YrH9Rz0zPyJBOlSvB3ghr2jbVD8g= +github.com/containerd/containerd/api v1.7.19 h1:VWbJL+8Ap4Ju2mx9c9qS1uFSB1OVYr5JJrW2yT5vFoA= +github.com/containerd/containerd/api v1.7.19/go.mod h1:fwGavl3LNwAV5ilJ0sbrABL44AQxmNjDRcwheXDb6Ig= github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM= @@ -38,8 +44,12 @@ github.com/containerd/go-cni v1.1.9 h1:ORi7P1dYzCwVM6XPN4n3CbkuOx/NZ2DOqy+SHRdo9 github.com/containerd/go-cni v1.1.9/go.mod h1:XYrZJ1d5W6E2VOvjffL3IZq0Dz6bsVlERHbekNK90PM= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A= +github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw= github.com/containerd/ttrpc v1.2.4 h1:eQCQK4h9dxDmpOb9QOOMh2NHTfzroH1IkmHiKZi05Oo= github.com/containerd/ttrpc v1.2.4/go.mod h1:ojvb8SJBSch0XkqNO0L0YX/5NxR3UnVk2LzFKBK0upc= +github.com/containerd/ttrpc v1.2.5 h1:IFckT1EFQoFBMG4c3sMdT8EP3/aKfumK1msY+Ze4oLU= +github.com/containerd/ttrpc v1.2.5/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= github.com/containerd/typeurl/v2 v2.1.1 h1:3Q4Pt7i8nYwy2KmQWIw2+1hTvwTE/6w9FqcttATPO/4= github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl31EQbXALQ= @@ -53,6 +63,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= +github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= +github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= @@ -123,6 +135,8 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= @@ -157,6 +171,10 @@ github.com/moby/sys/signal v0.7.0 h1:25RW3d5TnQEoKvRbEKUGay6DCQ46IxAVTT9CUMgmsSI github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= github.com/moby/sys/user v0.1.0 h1:WmZ93f5Ux6het5iituh9x2zAG7NFY9Aqi49jjE1PaQg= github.com/moby/sys/user v0.1.0/go.mod h1:fKJhFOnsCN6xZ5gSfbM6zaHGgDJMrqt9/reuj4T7MmU= +github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo= +github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= +github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g= +github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= @@ -243,10 +261,16 @@ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 h1:x8Z78aZ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0/go.mod h1:62CPTSry9QZtOaSsE3tOzhx6LzDhHnXJ6xHeMNNiM6Q= go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= +go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= +go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= +go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= +go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -330,8 +354,12 @@ google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20230920204549-e6e6cdab5c13 h1:vlzZttNJGVqTsRFU9AmdnrcO1Znh8Ew9kCD//yjigk0= google.golang.org/genproto v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:CCviP9RmpZ1mxVr8MUjCnSiY09IbAXZxhLE6EhHIdPU= +google.golang.org/genproto v0.0.0-20231211222908-989df2bf70f3 h1:1hfbdAfFbkmpg41000wDVqr7jUpK/Yo+LPnIxxGzmkg= +google.golang.org/genproto v0.0.0-20231211222908-989df2bf70f3/go.mod h1:5RBcpGRxr25RbDzY5w+dmaqpSEvl8Gwl1x2CICf60ic= google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 h1:6GQBEOdGkX6MMTLT9V+TjtIRZCw9VPD5Z+yHY9wMgS0= google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 h1:/jFB8jK5R3Sq3i/lmeZO0cATSzFfZaJq1J2Euan3XKU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0/go.mod h1:FUoWkonphQm3RhTS+kOEhF8h0iDpm4tdXolVCeZ9KKA= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= diff --git a/hack/build-containerd-arm64.sh b/hack/build-containerd-arm64.sh index 5b6f70e..0279f41 100644 --- a/hack/build-containerd-arm64.sh +++ b/hack/build-containerd-arm64.sh @@ -25,7 +25,7 @@ git clone https://github.com/containerd/containerd cd containerd git fetch origin --tags -git checkout v1.7.18 +git checkout v1.7.22 make sudo make install diff --git a/hack/build-containerd.sh b/hack/build-containerd.sh index b9780c2..415117f 100644 --- a/hack/build-containerd.sh +++ b/hack/build-containerd.sh @@ -26,7 +26,7 @@ git clone https://github.com/containerd/containerd cd containerd git fetch origin --tags -git checkout v1.7.18 +git checkout v1.7.22 make sudo make install diff --git a/hack/install.sh b/hack/install.sh index d7c475b..28baa0d 100755 --- a/hack/install.sh +++ b/hack/install.sh @@ -90,7 +90,7 @@ install_cni_plugins() { } install_containerd() { - CONTAINERD_VER=1.7.18 + CONTAINERD_VER=1.7.22 $SUDO systemctl unmask containerd || : arch=$(uname -m) diff --git a/main.go b/main.go index f189b3c..55078c8 100644 --- a/main.go +++ b/main.go @@ -7,14 +7,6 @@ import ( "github.com/openfaas/faasd/cmd" ) -// These values will be injected into these variables at the build time. -var ( - // GitCommit Git Commit SHA - GitCommit string - // Version version of the CLI - Version string -) - func main() { if _, ok := os.LookupEnv("CONTAINER_ID"); ok { @@ -31,7 +23,7 @@ func main() { os.Exit(0) } - if err := cmd.Execute(Version, GitCommit); err != nil { + if err := cmd.Execute(); err != nil { os.Exit(1) } return diff --git a/pkg/cninetwork/cni_network.go b/pkg/cninetwork/cni_network.go index e8e5686..ec529b4 100644 --- a/pkg/cninetwork/cni_network.go +++ b/pkg/cninetwork/cni_network.go @@ -5,7 +5,6 @@ import ( "context" "fmt" "io" - "io/ioutil" "log" "net" "os" @@ -86,7 +85,7 @@ func InitNetwork() (gocni.CNI, error) { } netConfig := path.Join(CNIConfDir, defaultCNIConfFilename) - if err := ioutil.WriteFile(netConfig, []byte(defaultCNIConf), 644); err != nil { + if err := os.WriteFile(netConfig, []byte(defaultCNIConf), 644); err != nil { return nil, fmt.Errorf("cannot write network config: %s", defaultCNIConfFilename) } @@ -151,7 +150,7 @@ func DeleteCNINetwork(ctx context.Context, cni gocni.CNI, client *containerd.Cli func GetIPAddress(container string, PID uint32) (string, error) { CNIDir := path.Join(CNIDataDir, defaultNetworkName) - files, err := ioutil.ReadDir(CNIDir) + files, err := os.ReadDir(CNIDir) if err != nil { return "", fmt.Errorf("failed to read CNI dir for container %s: %v", container, err) } diff --git a/pkg/cninetwork/cni_network_test.go b/pkg/cninetwork/cni_network_test.go index ef19d41..2efdc17 100644 --- a/pkg/cninetwork/cni_network_test.go +++ b/pkg/cninetwork/cni_network_test.go @@ -1,7 +1,6 @@ package cninetwork import ( - "io/ioutil" "os" "path/filepath" "testing" @@ -15,7 +14,7 @@ eth1` PID := uint32(621) fullPath := filepath.Join(os.TempDir(), fileName) - err := ioutil.WriteFile(fullPath, []byte(body), 0700) + err := os.WriteFile(fullPath, []byte(body), 0700) if err != nil { t.Fatalf(err.Error()) } @@ -24,7 +23,6 @@ eth1` }() got, err := isCNIResultForPID(fullPath, container, PID) - if err != nil { t.Fatalf(err.Error()) } @@ -43,7 +41,7 @@ eth1` PID := uint32(621) fullPath := filepath.Join(os.TempDir(), fileName) - err := ioutil.WriteFile(fullPath, []byte(body), 0700) + err := os.WriteFile(fullPath, []byte(body), 0700) if err != nil { t.Fatalf(err.Error()) } @@ -52,10 +50,10 @@ eth1` }() got, err := isCNIResultForPID(fullPath, container, PID) - if err != nil { t.Fatalf(err.Error()) } + want := false if got != want { t.Fatalf("want %v, but got %v", want, got) diff --git a/pkg/connectivity.go b/pkg/connectivity.go new file mode 100644 index 0000000..6547ac9 --- /dev/null +++ b/pkg/connectivity.go @@ -0,0 +1,36 @@ +package pkg + +import ( + "fmt" + "io" + "net/http" + "strings" +) + +// ConnectivityCheck checks if the controller can reach the +// public Internet via HTTPS. +// A license is required to use OpenFaaS for Commercial Use. +func ConnectivityCheck() error { + req, err := http.NewRequest(http.MethodGet, "https://checkip.amazonaws.com", nil) + if err != nil { + return err + } + + req.Header.Set("User-Agent", fmt.Sprintf("openfaas-ce/%s faas-netes", Version)) + + res, err := http.DefaultClient.Do(req) + if err != nil { + return err + } + if req.Body != nil { + defer req.Body.Close() + } + + if res.StatusCode != http.StatusOK { + body, _ := io.ReadAll(res.Body) + + return fmt.Errorf("unexpected status code checking connectivity: %d, body: %s", res.StatusCode, strings.TrimSpace(string(body))) + } + + return nil +} diff --git a/pkg/local_resolver.go b/pkg/local_resolver.go index e1a2b59..f166b16 100644 --- a/pkg/local_resolver.go +++ b/pkg/local_resolver.go @@ -1,7 +1,6 @@ package pkg import ( - "io/ioutil" "log" "os" "strings" @@ -54,7 +53,7 @@ func (l *LocalResolver) rebuild() { l.Mutex.Lock() defer l.Mutex.Unlock() - fileData, fileErr := ioutil.ReadFile(l.Path) + fileData, fileErr := os.ReadFile(l.Path) if fileErr != nil { log.Printf("resolver rebuild error: %s", fileErr.Error()) return diff --git a/pkg/provider/handlers/delete.go b/pkg/provider/handlers/delete.go index 5481e35..73e968f 100644 --- a/pkg/provider/handlers/delete.go +++ b/pkg/provider/handlers/delete.go @@ -4,7 +4,7 @@ import ( "context" "encoding/json" "fmt" - "io/ioutil" + "io" "log" "net/http" @@ -29,12 +29,10 @@ func MakeDeleteHandler(client *containerd.Client, cni gocni.CNI) func(w http.Res defer r.Body.Close() - body, _ := ioutil.ReadAll(r.Body) - log.Printf("[Delete] request: %s\n", string(body)) + body, _ := io.ReadAll(r.Body) req := types.DeleteFunctionRequest{} - err := json.Unmarshal(body, &req) - if err != nil { + if err := json.Unmarshal(body, &req); err != nil { log.Printf("[Delete] error parsing input: %s\n", err) http.Error(w, err.Error(), http.StatusBadRequest) @@ -63,7 +61,7 @@ func MakeDeleteHandler(client *containerd.Client, cni gocni.CNI) func(w http.Res function, err := GetFunction(client, name, namespace) if err != nil { - msg := fmt.Sprintf("service %s not found", name) + msg := fmt.Sprintf("function %s.%s not found", name, namespace) log.Printf("[Delete] %s\n", msg) http.Error(w, msg, http.StatusNotFound) return @@ -85,6 +83,6 @@ func MakeDeleteHandler(client *containerd.Client, cni gocni.CNI) func(w http.Res return } - log.Printf("[Delete] deleted %s\n", name) + log.Printf("[Delete] Removed: %s.%s\n", name, namespace) } } diff --git a/pkg/provider/handlers/deploy.go b/pkg/provider/handlers/deploy.go index 8a1ec3a..94497b0 100644 --- a/pkg/provider/handlers/deploy.go +++ b/pkg/provider/handlers/deploy.go @@ -4,7 +4,7 @@ import ( "context" "encoding/json" "fmt" - "io/ioutil" + "io" "log" "net/http" "os" @@ -17,7 +17,7 @@ import ( "github.com/containerd/containerd/namespaces" "github.com/containerd/containerd/oci" gocni "github.com/containerd/go-cni" - "github.com/docker/distribution/reference" + "github.com/distribution/reference" "github.com/opencontainers/runtime-spec/specs-go" "github.com/openfaas/faas-provider/types" cninetwork "github.com/openfaas/faasd/pkg/cninetwork" @@ -39,8 +39,7 @@ func MakeDeployHandler(client *containerd.Client, cni gocni.CNI, secretMountPath defer r.Body.Close() - body, _ := ioutil.ReadAll(r.Body) - log.Printf("[Deploy] request: %s\n", string(body)) + body, _ := io.ReadAll(r.Body) req := types.FunctionDeployment{} err := json.Unmarshal(body, &req) @@ -76,10 +75,15 @@ func MakeDeployHandler(client *containerd.Client, cni gocni.CNI, secretMountPath name := req.Service ctx := namespaces.WithNamespace(context.Background(), namespace) - deployErr := deploy(ctx, req, client, cni, namespaceSecretMountPath, alwaysPull) - if deployErr != nil { - log.Printf("[Deploy] error deploying %s, error: %s\n", name, deployErr) - http.Error(w, deployErr.Error(), http.StatusBadRequest) + if err := preDeploy(client, 1); err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + log.Printf("[Deploy] error deploying %s, error: %s\n", name, err) + return + } + + if err := deploy(ctx, req, client, cni, namespaceSecretMountPath, alwaysPull); err != nil { + log.Printf("[Deploy] error deploying %s, error: %s\n", name, err) + http.Error(w, err.Error(), http.StatusBadRequest) return } } @@ -179,8 +183,27 @@ func deploy(ctx context.Context, req types.FunctionDeployment, client *container } +// countFunctions returns the number of functions deployed along with a map with a count +// in each namespace +func countFunctions(client *containerd.Client) (int64, int64, error) { + count := int64(0) + namespaceCount := int64(0) + + namespaces := ListNamespaces(client) + + for _, namespace := range namespaces { + fns, err := ListFunctions(client, namespace) + if err != nil { + return 0, 0, err + } + namespaceCount++ + count += int64(len(fns)) + } + + return count, namespaceCount, nil +} + func buildLabels(request *types.FunctionDeployment) (map[string]string, error) { - // Adapted from faas-swarm/handlers/deploy.go:buildLabels labels := map[string]string{} if request.Labels != nil { @@ -229,9 +252,8 @@ func createTask(ctx context.Context, container containerd.Container, cni gocni.C log.Printf("%s has IP: %s.\n", name, ip) - _, waitErr := task.Wait(ctx) - if waitErr != nil { - return errors.Wrapf(waitErr, "Unable to wait for task to start: %s", name) + if _, err := task.Wait(ctx); err != nil { + return errors.Wrapf(err, "Unable to wait for task to start: %s", name) } if startErr := task.Start(ctx); startErr != nil { @@ -315,3 +337,17 @@ func withMemory(mem *specs.LinuxMemory) oci.SpecOpts { return nil } } + +func preDeploy(client *containerd.Client, additional int64) error { + count, countNs, err := countFunctions(client) + log.Printf("Function count: %d, Namespace count: %d\n", count, countNs) + + if err != nil { + return err + } else if count+additional > faasdMaxFunctions { + return fmt.Errorf("the OpenFaaS CE EULA allows %d/%d function(s), upgrade to faasd Pro to continue", faasdMaxFunctions, count+additional) + } else if countNs > faasdMaxNs { + return fmt.Errorf("the OpenFaaS CE EULA allows %d/%d namespace(s), upgrade to faasd Pro to continue", faasdMaxNs, countNs) + } + return nil +} diff --git a/pkg/provider/handlers/functions.go b/pkg/provider/handlers/function_get.go similarity index 62% rename from pkg/provider/handlers/functions.go rename to pkg/provider/handlers/function_get.go index 9eb8006..bf3cf6f 100644 --- a/pkg/provider/handlers/functions.go +++ b/pkg/provider/handlers/function_get.go @@ -2,71 +2,17 @@ package handlers import ( "context" - "errors" "fmt" "log" "strings" - "time" "github.com/opencontainers/runtime-spec/specs-go" "github.com/containerd/containerd" "github.com/containerd/containerd/namespaces" - "github.com/openfaas/faasd/pkg" - faasd "github.com/openfaas/faasd/pkg" "github.com/openfaas/faasd/pkg/cninetwork" ) -type Function struct { - name string - namespace string - image string - pid uint32 - replicas int - IP string - labels map[string]string - annotations map[string]string - secrets []string - envVars map[string]string - envProcess string - memoryLimit int64 - createdAt time.Time -} - -// ListFunctions returns a map of all functions with running tasks on namespace -func ListFunctions(client *containerd.Client, namespace string) (map[string]*Function, error) { - - // Check if namespace exists, and it has the openfaas label - valid, err := validNamespace(client.NamespaceService(), namespace) - if err != nil { - return nil, err - } - - if !valid { - return nil, errors.New("namespace not valid") - } - - ctx := namespaces.WithNamespace(context.Background(), namespace) - functions := make(map[string]*Function) - - containers, err := client.Containers(ctx) - if err != nil { - return functions, err - } - - for _, c := range containers { - name := c.ID() - f, err := GetFunction(client, name, namespace) - if err != nil { - log.Printf("skipping %s, error: %s", name, err) - } else { - functions[name] = &f - } - } - - return functions, nil -} - // GetFunction returns a function that matches name func GetFunction(client *containerd.Client, name string, namespace string) (Function, error) { ctx := namespaces.WithNamespace(context.Background(), namespace) @@ -196,44 +142,6 @@ func buildLabelsAndAnnotations(ctrLabels map[string]string) (map[string]string, return labels, annotations } -func ListNamespaces(client *containerd.Client) []string { - set := []string{} - store := client.NamespaceService() - namespaces, err := store.List(context.Background()) - if err != nil { - log.Printf("Error listing namespaces: %s", err.Error()) - set = append(set, faasd.DefaultFunctionNamespace) - return set - } - - for _, namespace := range namespaces { - labels, err := store.Labels(context.Background(), namespace) - if err != nil { - log.Printf("Error listing label for namespace %s: %s", namespace, err.Error()) - continue - } - - if _, found := labels[pkg.NamespaceLabel]; found { - set = append(set, namespace) - } - - if !findNamespace(faasd.DefaultFunctionNamespace, set) { - set = append(set, faasd.DefaultFunctionNamespace) - } - } - - return set -} - -func findNamespace(target string, items []string) bool { - for _, n := range items { - if n == target { - return true - } - } - return false -} - func readMemoryLimitFromSpec(spec *specs.Spec) int64 { if spec.Linux == nil || spec.Linux.Resources == nil || spec.Linux.Resources.Memory == nil || spec.Linux.Resources.Memory.Limit == nil { return 0 diff --git a/pkg/provider/handlers/function_list.go b/pkg/provider/handlers/function_list.go new file mode 100644 index 0000000..2ffe26f --- /dev/null +++ b/pkg/provider/handlers/function_list.go @@ -0,0 +1,61 @@ +package handlers + +import ( + "context" + "errors" + "log" + "time" + + "github.com/containerd/containerd" + "github.com/containerd/containerd/namespaces" +) + +type Function struct { + name string + namespace string + image string + pid uint32 + replicas int + IP string + labels map[string]string + annotations map[string]string + secrets []string + envVars map[string]string + envProcess string + memoryLimit int64 + createdAt time.Time +} + +// ListFunctions returns a map of all functions with running tasks on namespace +func ListFunctions(client *containerd.Client, namespace string) (map[string]*Function, error) { + + // Check if namespace exists, and it has the openfaas label + valid, err := validNamespace(client.NamespaceService(), namespace) + if err != nil { + return nil, err + } + + if !valid { + return nil, errors.New("namespace not valid") + } + + ctx := namespaces.WithNamespace(context.Background(), namespace) + functions := make(map[string]*Function) + + containers, err := client.Containers(ctx) + if err != nil { + return functions, err + } + + for _, c := range containers { + name := c.ID() + f, err := GetFunction(client, name, namespace) + if err != nil { + log.Printf("skipping %s, error: %s", name, err) + } else { + functions[name] = &f + } + } + + return functions, nil +} diff --git a/pkg/provider/handlers/functions_test.go b/pkg/provider/handlers/function_test.go similarity index 100% rename from pkg/provider/handlers/functions_test.go rename to pkg/provider/handlers/function_test.go diff --git a/pkg/provider/handlers/info.go b/pkg/provider/handlers/info.go index 19a8488..e351c42 100644 --- a/pkg/provider/handlers/info.go +++ b/pkg/provider/handlers/info.go @@ -15,7 +15,7 @@ const ( ProviderName = "faasd" ) -//MakeInfoHandler creates handler for /system/info endpoint +// MakeInfoHandler creates handler for /system/info endpoint func MakeInfoHandler(version, sha string) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { if r.Body != nil { @@ -31,8 +31,8 @@ func MakeInfoHandler(version, sha string) http.HandlerFunc { }, } - jsonOut, marshalErr := json.Marshal(infoResponse) - if marshalErr != nil { + jsonOut, err := json.Marshal(infoResponse) + if err != nil { w.WriteHeader(http.StatusInternalServerError) return } @@ -42,3 +42,6 @@ func MakeInfoHandler(version, sha string) http.HandlerFunc { w.Write(jsonOut) } } + +const faasdMaxFunctions = 15 +const faasdMaxNs = 1 diff --git a/pkg/provider/handlers/namespaces.go b/pkg/provider/handlers/namespaces.go index 77b73e3..9d517bd 100644 --- a/pkg/provider/handlers/namespaces.go +++ b/pkg/provider/handlers/namespaces.go @@ -1,10 +1,14 @@ package handlers import ( + "context" "encoding/json" + "log" "net/http" "github.com/containerd/containerd" + "github.com/openfaas/faasd/pkg" + faasd "github.com/openfaas/faasd/pkg" ) func MakeNamespacesLister(client *containerd.Client) func(w http.ResponseWriter, r *http.Request) { @@ -16,3 +20,43 @@ func MakeNamespacesLister(client *containerd.Client) func(w http.ResponseWriter, w.Write(body) } } + +func ListNamespaces(client *containerd.Client) []string { + set := []string{faasd.DefaultFunctionNamespace} + + store := client.NamespaceService() + + namespaces, err := store.List(context.Background()) + if err != nil { + log.Printf("Error listing namespaces: %s", err.Error()) + return set + } + + for _, namespace := range namespaces { + labels, err := store.Labels(context.Background(), namespace) + if err != nil { + log.Printf("Error listing label for namespace %s: %s", namespace, err.Error()) + continue + } + + if _, found := labels[pkg.NamespaceLabel]; found { + set = append(set, namespace) + } + + } + + if len(set) == 0 { + set = append(set, faasd.DefaultFunctionNamespace) + } + + return set +} + +func findNamespace(target string, items []string) bool { + for _, n := range items { + if n == target { + return true + } + } + return false +} diff --git a/pkg/provider/handlers/scale.go b/pkg/provider/handlers/scale.go index 20c3cf1..d137f88 100644 --- a/pkg/provider/handlers/scale.go +++ b/pkg/provider/handlers/scale.go @@ -4,7 +4,7 @@ import ( "context" "encoding/json" "fmt" - "io/ioutil" + "io" "log" "net/http" @@ -27,8 +27,7 @@ func MakeReplicaUpdateHandler(client *containerd.Client, cni gocni.CNI) func(w h defer r.Body.Close() - body, _ := ioutil.ReadAll(r.Body) - log.Printf("[Scale] request: %s\n", string(body)) + body, _ := io.ReadAll(r.Body) req := types.ScaleServiceRequest{} if err := json.Unmarshal(body, &req); err != nil { @@ -58,7 +57,7 @@ func MakeReplicaUpdateHandler(client *containerd.Client, cni gocni.CNI) func(w h name := req.ServiceName if _, err := GetFunction(client, name, namespace); err != nil { - msg := fmt.Sprintf("service %s not found", name) + msg := fmt.Sprintf("function: %s.%s not found", name, namespace) log.Printf("[Scale] %s\n", msg) http.Error(w, msg, http.StatusNotFound) return diff --git a/pkg/provider/handlers/secret.go b/pkg/provider/handlers/secret.go index 956668f..6c249ce 100644 --- a/pkg/provider/handlers/secret.go +++ b/pkg/provider/handlers/secret.go @@ -3,7 +3,7 @@ package handlers import ( "encoding/json" "fmt" - "io/ioutil" + "io" "log" "net/http" "os" @@ -116,7 +116,7 @@ func createSecret(w http.ResponseWriter, r *http.Request, mountPath string) { data = []byte(secret.Value) } - err = ioutil.WriteFile(path.Join(mountPath, secret.Name), data, secretFilePermission) + err = os.WriteFile(path.Join(mountPath, secret.Name), data, secretFilePermission) if err != nil { log.Printf("[secret] error %s", err.Error()) @@ -147,7 +147,7 @@ func deleteSecret(w http.ResponseWriter, r *http.Request, mountPath string) { func parseSecret(r *http.Request) (types.Secret, error) { secret := types.Secret{} - bytesOut, err := ioutil.ReadAll(r.Body) + bytesOut, err := io.ReadAll(r.Body) if err != nil { return secret, err } diff --git a/pkg/provider/handlers/secret_test.go b/pkg/provider/handlers/secret_test.go index c490c15..0d7ee2c 100644 --- a/pkg/provider/handlers/secret_test.go +++ b/pkg/provider/handlers/secret_test.go @@ -3,7 +3,7 @@ package handlers import ( "encoding/json" "fmt" - "io/ioutil" + "io" "net/http" "net/http/httptest" "os" @@ -232,7 +232,7 @@ func TestListSecrets(t *testing.T) { t.Fatalf("want error message: %q, but got %q", tc.err, w.Body.String()) } - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { t.Fatalf("can't read response of list %v", err) } diff --git a/pkg/provider/handlers/update.go b/pkg/provider/handlers/update.go index 3461507..50d2253 100644 --- a/pkg/provider/handlers/update.go +++ b/pkg/provider/handlers/update.go @@ -4,7 +4,7 @@ import ( "context" "encoding/json" "fmt" - "io/ioutil" + "io" "log" "net/http" @@ -28,8 +28,7 @@ func MakeUpdateHandler(client *containerd.Client, cni gocni.CNI, secretMountPath defer r.Body.Close() - body, _ := ioutil.ReadAll(r.Body) - log.Printf("[Update] request: %s\n", string(body)) + body, _ := io.ReadAll(r.Body) req := types.FunctionDeployment{} err := json.Unmarshal(body, &req) @@ -39,6 +38,7 @@ func MakeUpdateHandler(client *containerd.Client, cni gocni.CNI, secretMountPath return } + name := req.Service namespace := getRequestNamespace(req.Namespace) @@ -54,11 +54,17 @@ func MakeUpdateHandler(client *containerd.Client, cni gocni.CNI, secretMountPath return } + if err := preDeploy(client, int64(0)); err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + log.Printf("[Deploy] error deploying %s, error: %s\n", name, err) + return + } + namespaceSecretMountPath := getNamespaceSecretMountPath(secretMountPath, namespace) function, err := GetFunction(client, name, namespace) if err != nil { - msg := fmt.Sprintf("service %s not found", name) + msg := fmt.Sprintf("function: %s.%s not found", name, namespace) log.Printf("[Update] %s\n", msg) http.Error(w, msg, http.StatusNotFound) return diff --git a/pkg/proxy_test.go b/pkg/proxy_test.go index 09b24a3..2b90511 100644 --- a/pkg/proxy_test.go +++ b/pkg/proxy_test.go @@ -2,7 +2,7 @@ package pkg import ( "fmt" - "io/ioutil" + "io" "log" "net/http" "net/http/httptest" @@ -61,7 +61,7 @@ func Test_Proxy_ToPrivateServer(t *testing.T) { time.Sleep(time.Millisecond * 100) } else { - resBody, _ := ioutil.ReadAll(res.Body) + resBody, _ := io.ReadAll(res.Body) if string(resBody) != string(wantBody) { t.Errorf("want %s, but got %s in body", string(wantBody), string(resBody)) } diff --git a/pkg/supervisor.go b/pkg/supervisor.go index e0265b0..c95051e 100644 --- a/pkg/supervisor.go +++ b/pkg/supervisor.go @@ -3,7 +3,6 @@ package pkg import ( "context" "fmt" - "io/ioutil" "log" "os" "path" @@ -19,7 +18,7 @@ import ( "github.com/containerd/containerd/containers" "github.com/containerd/containerd/oci" gocni "github.com/containerd/go-cni" - "github.com/docker/distribution/reference" + "github.com/distribution/reference" "github.com/openfaas/faasd/pkg/cninetwork" "github.com/openfaas/faasd/pkg/service" "github.com/pkg/errors" @@ -102,7 +101,7 @@ func (s *Supervisor) Start(svcs []Service) error { 127.0.0.1 localhost %s faasd-provider`, gw) - writeHostsErr := ioutil.WriteFile(path.Join(wd, "hosts"), + writeHostsErr := os.WriteFile(path.Join(wd, "hosts"), []byte(hosts), workingDirectoryPermission) if writeHostsErr != nil { @@ -255,7 +254,7 @@ func (s *Supervisor) Start(svcs []Service) error { log.Printf("%s has IP: %s\n", newContainer.ID(), ip) - hosts, err := ioutil.ReadFile("hosts") + hosts, err := os.ReadFile("hosts") if err != nil { log.Printf("Unable to read hosts file: %s\n", err.Error()) } @@ -264,7 +263,7 @@ func (s *Supervisor) Start(svcs []Service) error { %s %s `, ip, svc.Name)) - if err := ioutil.WriteFile("hosts", hosts, workingDirectoryPermission); err != nil { + if err := os.WriteFile("hosts", hosts, workingDirectoryPermission); err != nil { log.Printf("Error writing file: %s %s\n", "hosts", err) } @@ -400,7 +399,7 @@ func LoadComposeFile(wd string, file string) (*compose.Config, error) { func LoadComposeFileWithArch(wd string, file string, archGetter ArchGetter) (*compose.Config, error) { file = path.Join(wd, file) - b, err := ioutil.ReadFile(file) + b, err := os.ReadFile(file) if err != nil { return nil, err } diff --git a/pkg/version.go b/pkg/version.go index c1caffe..e9334f8 100644 --- a/pkg/version.go +++ b/pkg/version.go @@ -1 +1,17 @@ package pkg + +// These values will be injected into these variables at the build time. +var ( + // GitCommit Git Commit SHA + GitCommit string + // Version version of the CLI + Version string +) + +// GetVersion get latest version +func GetVersion() string { + if len(Version) == 0 { + return "dev" + } + return Version +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go index 5936644..6238e10 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go @@ -10,6 +10,28 @@ import ( "github.com/sirupsen/logrus" ) +// EndpointState represents the states of an HNS Endpoint lifecycle. +type EndpointState uint16 + +// EndpointState const +// The lifecycle of an Endpoint goes through created, attached, AttachedSharing - endpoint is being shared with other containers, +// detached, after being attached, degraded and finally destroyed. +// Note: This attribute is used by calico to define stale containers and is dependent on HNS v1 api, if we move to HNS v2 api we will need +// to update the current calico code and cordinate the change with calico. Reach out to Microsoft to facilate the change via HNS. +const ( + Uninitialized EndpointState = iota + Created EndpointState = 1 + Attached EndpointState = 2 + AttachedSharing EndpointState = 3 + Detached EndpointState = 4 + Degraded EndpointState = 5 + Destroyed EndpointState = 6 +) + +func (es EndpointState) String() string { + return [...]string{"Uninitialized", "Attached", "AttachedSharing", "Detached", "Degraded", "Destroyed"}[es] +} + // HNSEndpoint represents a network endpoint in HNS type HNSEndpoint struct { Id string `json:"ID,omitempty"` @@ -34,6 +56,7 @@ type HNSEndpoint struct { Namespace *Namespace `json:",omitempty"` EncapOverhead uint16 `json:",omitempty"` SharedContainers []string `json:",omitempty"` + State EndpointState `json:",omitempty"` } // SystemType represents the type of the system on which actions are done diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go index 082c018..e97e4f6 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go @@ -57,9 +57,10 @@ type PaPolicy struct { type OutboundNatPolicy struct { Policy - VIP string `json:"VIP,omitempty"` - Exceptions []string `json:"ExceptionList,omitempty"` - Destinations []string `json:",omitempty"` + VIP string `json:"VIP,omitempty"` + Exceptions []string `json:"ExceptionList,omitempty"` + Destinations []string `json:",omitempty"` + MaxPortPoolUsage uint16 `json:",omitempty"` } type ProxyPolicy struct { diff --git a/vendor/github.com/containerd/containerd/.cirrus.yml b/vendor/github.com/containerd/containerd/.cirrus.yml deleted file mode 100644 index db7d2dd..0000000 --- a/vendor/github.com/containerd/containerd/.cirrus.yml +++ /dev/null @@ -1,82 +0,0 @@ -# Cirrus CI gives open-source projects free 16.0 CPUs, -# we use 4 CPUs x 3 tasks = 12 CPUs. -# https://cirrus-ci.org/faq/#are-there-any-limits -# -# Undocumented constraints; -# - The maximum memory limit is 4G times the number of CPUs. -# - The number of CPUs should be multiple of 2. - -task: - name: Vagrant - - compute_engine_instance: - image_project: cirrus-images - image: family/docker-kvm - platform: linux - nested_virtualization: true - cpu: 4 - memory: 16G - - env: - GOTEST: gotestsum -- - # By default, Cirrus CI doesn't have HOME defined - HOME: /root - matrix: - BOX: fedora/37-cloud-base - # v7.0.0 does not boot. v6.0.0 was not released. - BOX: rockylinux/8@5.0.0 - install_libvirt_vagrant_script: | - # if another process is keeping a lock, wait for 60 seconds for it to release the lock. - apt-get -o DPkg::Lock::Timeout=60 update - apt-get -o DPkg::Lock::Timeout=60 install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt - systemctl enable --now libvirtd - - vagrant_cache: - folder: /root/.vagrant.d - fingerprint_script: uname --kernel-release --kernel-version && cat Vagrantfile - - vagrant_up_script: | - vagrant up --no-tty - - integration_script: | - vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration - - cri_integration_script: | - vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri-integration - - cri_test_script: | - vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri - -task: - name: CGroupsV2 - rootless CRI test - - env: - HOME: /root - - compute_engine_instance: - image_project: cirrus-images - image: family/docker-kvm - platform: linux - nested_virtualization: true - cpu: 4 - memory: 16G - - install_libvirt_vagrant_script: | - # if another process is keeping a lock, wait for 60 seconds for it to release the lock. - apt-get -o DPkg::Lock::Timeout=60 update - apt-get -o DPkg::Lock::Timeout=60 install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt - systemctl enable --now libvirtd - - vagrant_cache: - folder: /root/.vagrant.d - fingerprint_script: uname -a; cat Vagrantfile - - vagrant_up_script: | - vagrant up --provision-with=install-rootless-podman --no-tty - - podman_build_script: | - # Execute rootless podman to create the UserNS env - vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant - - test_script: | - vagrant ssh -- podman run --rm --privileged cri-in-userns diff --git a/vendor/github.com/containerd/containerd/.golangci.yml b/vendor/github.com/containerd/containerd/.golangci.yml index 4848dc9..fb8b972 100644 --- a/vendor/github.com/containerd/containerd/.golangci.yml +++ b/vendor/github.com/containerd/containerd/.golangci.yml @@ -1,5 +1,6 @@ linters: enable: + - depguard # Checks for imports that shouldn't be used. - exportloopref # Checks for pointers to enclosing loop variables - gofmt - goimports @@ -61,6 +62,16 @@ issues: linters-settings: + depguard: + rules: + main: + deny: + - pkg: "github.com/containerd/containerd/errdefs" + desc: The containerd errdefs package was migrated to a separate module. Use github.com/containerd/errdefs instead. + - pkg: "github.com/containerd/containerd/log" + desc: The containerd log package was migrated to a separate module. Use github.com/containerd/log instead. + - pkg: "github.com/containerd/containerd/platforms" + desc: The containerd platforms package was migrated to a separate module. Use github.com/containerd/platforms instead. gosec: # The following issues surfaced when `gosec` linter # was enabled. They are temporarily excluded to unblock diff --git a/vendor/github.com/containerd/containerd/BUILDING.md b/vendor/github.com/containerd/containerd/BUILDING.md index 1a68816..911e487 100644 --- a/vendor/github.com/containerd/containerd/BUILDING.md +++ b/vendor/github.com/containerd/containerd/BUILDING.md @@ -15,7 +15,7 @@ This doc includes: To build the `containerd` daemon, and the `ctr` simple test client, the following build system dependencies are required: -* Go 1.21.x or above +* Go 1.22.x or above * Protoc 3.x compiler and headers (download at the [Google protobuf releases page](https://github.com/protocolbuffers/protobuf/releases)) * Btrfs headers and libraries for your distribution. Note that building the btrfs driver can be disabled via the build tag `no_btrfs`, removing this dependency. diff --git a/vendor/github.com/containerd/containerd/Makefile b/vendor/github.com/containerd/containerd/Makefile index 905dfed..624c375 100644 --- a/vendor/github.com/containerd/containerd/Makefile +++ b/vendor/github.com/containerd/containerd/Makefile @@ -149,7 +149,7 @@ GOTEST ?= $(GO) test OUTPUTDIR = $(join $(ROOTDIR), _output) CRIDIR=$(OUTPUTDIR)/cri -.PHONY: clean all AUTHORS build binaries test integration generate protos check-protos coverage ci check help install uninstall vendor release static-release mandir install-man genman install-cri-deps cri-release cri-cni-release cri-integration install-deps bin/cri-integration.test +.PHONY: clean all AUTHORS build binaries test integration generate protos check-protos coverage ci check help install uninstall vendor release static-release mandir install-man genman install-cri-deps cri-release cri-cni-release cri-integration install-deps bin/cri-integration.test remove-replace clean-vendor .DEFAULT: default # Forcibly set the default goal to all, in case an include above brought in a rule definition. @@ -180,6 +180,8 @@ protos: bin/protoc-gen-go-fieldpath @mv ${TMPDIR}/vendor ${ROOTDIR} @rm -rf ${TMPDIR} go-fix-acronym -w -a '(Id|Io|Uuid|Os)$$' $(shell find api/ runtime/ -name '*.pb.go') + @test -z "$$(git status --short | grep "api/next.pb.txt" | tee /dev/stderr)" || \ + $(GO) mod edit -replace=github.com/containerd/containerd/api=./api check-protos: protos ## check if protobufs needs to be generated again @echo "$(WHALE) $@" @@ -470,23 +472,31 @@ root-coverage: ## generate coverage profiles for unit tests that require root fi; \ done ) +remove-replace: + @echo "$(WHALE) $@" + @$(GO) mod edit -dropreplace=github.com/containerd/containerd/api + vendor: ## ensure all the go.mod/go.sum files are up-to-date including vendor/ directory @echo "$(WHALE) $@" @$(GO) mod tidy @$(GO) mod vendor @$(GO) mod verify @(cd ${ROOTDIR}/integration/client && ${GO} mod tidy) + @(cd ${ROOTDIR}/api && ${GO} mod tidy) verify-vendor: ## verify if all the go.mod/go.sum files are up-to-date @echo "$(WHALE) $@" $(eval TMPDIR := $(shell mktemp -d)) @cp -R ${ROOTDIR} ${TMPDIR} @(cd ${TMPDIR}/containerd && ${GO} mod tidy) + @(cd ${TMPDIR}/containerd/api && ${GO} mod tidy) @(cd ${TMPDIR}/containerd/integration/client && ${GO} mod tidy) @diff -r -u -q ${ROOTDIR} ${TMPDIR}/containerd @rm -rf ${TMPDIR} @${ROOTDIR}/script/verify-go-modules.sh integration/client +clean-vendor: remove-replace vendor + help: ## this help @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) | sort diff --git a/vendor/github.com/containerd/containerd/Vagrantfile b/vendor/github.com/containerd/containerd/Vagrantfile index 705153f..a428145 100644 --- a/vendor/github.com/containerd/containerd/Vagrantfile +++ b/vendor/github.com/containerd/containerd/Vagrantfile @@ -17,7 +17,7 @@ # Vagrantfile for Fedora and EL Vagrant.configure("2") do |config| - config.vm.box = ENV["BOX"] ? ENV["BOX"].split("@")[0] : "fedora/37-cloud-base" + config.vm.box = ENV["BOX"] ? ENV["BOX"].split("@")[0] : "fedora/39-cloud-base" # BOX_VERSION is deprecated. Use "BOX=@". config.vm.box_version = ENV["BOX_VERSION"] || (ENV["BOX"].split("@")[1] if ENV["BOX"]) @@ -29,11 +29,13 @@ Vagrant.configure("2") do |config| v.cpus = cpus # Needs env var VAGRANT_EXPERIMENTAL="disks" o.vm.disk :disk, size: "#{disk_size}GB", primary: true + v.customize ["modifyvm", :id, "--firmware", "efi"] end config.vm.provider :libvirt do |v| v.memory = memory v.cpus = cpus v.machine_virtual_size = disk_size + v.loader = "/usr/share/OVMF/OVMF_CODE.fd" end config.vm.synced_folder ".", "/vagrant", type: "rsync" @@ -102,7 +104,7 @@ EOF config.vm.provision "install-golang", type: "shell", run: "once" do |sh| sh.upload_path = "/tmp/vagrant-install-golang" sh.env = { - 'GO_VERSION': ENV['GO_VERSION'] || "1.21.11", + 'GO_VERSION': ENV['GO_VERSION'] || "1.22.7", } sh.inline = <<~SHELL #!/usr/bin/env bash @@ -326,29 +328,4 @@ EOF SHELL end - # Rootless Podman is used for testing CRI-in-UserNS - # (We could use rootless nerdctl, but we are using Podman here because it is available in dnf) - config.vm.provision "install-rootless-podman", type: "shell", run: "never" do |sh| - sh.upload_path = "/tmp/vagrant-install-rootless-podman" - sh.inline = <<~SHELL - #!/usr/bin/env bash - set -eux -o pipefail - # Delegate cgroup v2 controllers to rootless - mkdir -p /etc/systemd/system/user@.service.d - cat > /etc/systemd/system/user@.service.d/delegate.conf << EOF -[Service] -Delegate=yes -EOF - systemctl daemon-reload - # Install Podman - dnf install -y podman - # Configure Podman to resolve `golang` to `docker.io/library/golang` - mkdir -p /etc/containers - cat > /etc/containers/registries.conf < google.protobuf.FileOptions + 1, // 1: containerd.types.fieldpath:extendee -> google.protobuf.MessageOptions + 2, // [2:2] is the sub-list for method output_type + 2, // [2:2] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 0, // [0:2] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_github_com_containerd_containerd_api_types_fieldpath_proto_init() } +func file_github_com_containerd_containerd_api_types_fieldpath_proto_init() { + if File_github_com_containerd_containerd_api_types_fieldpath_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_github_com_containerd_containerd_api_types_fieldpath_proto_rawDesc, + NumEnums: 0, + NumMessages: 0, + NumExtensions: 2, + NumServices: 0, + }, + GoTypes: file_github_com_containerd_containerd_api_types_fieldpath_proto_goTypes, + DependencyIndexes: file_github_com_containerd_containerd_api_types_fieldpath_proto_depIdxs, + ExtensionInfos: file_github_com_containerd_containerd_api_types_fieldpath_proto_extTypes, + }.Build() + File_github_com_containerd_containerd_api_types_fieldpath_proto = out.File + file_github_com_containerd_containerd_api_types_fieldpath_proto_rawDesc = nil + file_github_com_containerd_containerd_api_types_fieldpath_proto_goTypes = nil + file_github_com_containerd_containerd_api_types_fieldpath_proto_depIdxs = nil +} diff --git a/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.proto b/vendor/github.com/containerd/containerd/api/types/fieldpath.proto similarity index 93% rename from vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.proto rename to vendor/github.com/containerd/containerd/api/types/fieldpath.proto index de98dd8..8b29084 100644 --- a/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.proto +++ b/vendor/github.com/containerd/containerd/api/types/fieldpath.proto @@ -26,12 +26,12 @@ // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -syntax = "proto2"; -package containerd.plugin; +syntax = "proto3"; +package containerd.types; import "google/protobuf/descriptor.proto"; -option go_package = "github.com/containerd/containerd/protobuf/plugin"; +option go_package = "github.com/containerd/containerd/api/types;types"; extend google.protobuf.FileOptions { optional bool fieldpath_all = 63300; diff --git a/vendor/github.com/containerd/containerd/archive/tar.go b/vendor/github.com/containerd/containerd/archive/tar.go index cdc7e14..c61f89e 100644 --- a/vendor/github.com/containerd/containerd/archive/tar.go +++ b/vendor/github.com/containerd/containerd/archive/tar.go @@ -29,9 +29,10 @@ import ( "syscall" "time" + "github.com/moby/sys/userns" + "github.com/containerd/containerd/archive/tarheader" "github.com/containerd/containerd/pkg/epoch" - "github.com/containerd/containerd/pkg/userns" "github.com/containerd/continuity/fs" "github.com/containerd/log" ) diff --git a/vendor/github.com/containerd/containerd/archive/tar_unix.go b/vendor/github.com/containerd/containerd/archive/tar_unix.go index 8e883ee..fa61100 100644 --- a/vendor/github.com/containerd/containerd/archive/tar_unix.go +++ b/vendor/github.com/containerd/containerd/archive/tar_unix.go @@ -27,10 +27,11 @@ import ( "strings" "syscall" - "github.com/containerd/containerd/pkg/userns" + "github.com/moby/sys/userns" + "golang.org/x/sys/unix" + "github.com/containerd/continuity/fs" "github.com/containerd/continuity/sysx" - "golang.org/x/sys/unix" ) func chmodTarEntry(perm os.FileMode) os.FileMode { diff --git a/vendor/github.com/containerd/containerd/cio/io.go b/vendor/github.com/containerd/containerd/cio/io.go index 11724f8..8bd14c8 100644 --- a/vendor/github.com/containerd/containerd/cio/io.go +++ b/vendor/github.com/containerd/containerd/cio/io.go @@ -268,26 +268,6 @@ func BinaryIO(binary string, args map[string]string) Creator { } } -// TerminalBinaryIO forwards container STDOUT|STDERR directly to a logging binary -// It also sets the terminal option to true -func TerminalBinaryIO(binary string, args map[string]string) Creator { - return func(_ string) (IO, error) { - uri, err := LogURIGenerator("binary", binary, args) - if err != nil { - return nil, err - } - - res := uri.String() - return &logURI{ - config: Config{ - Stdout: res, - Stderr: res, - Terminal: true, - }, - }, nil - } -} - // LogFile creates a file on disk that logs the task's STDOUT,STDERR. // If the log file already exists, the logs will be appended to the file. func LogFile(path string) Creator { diff --git a/vendor/github.com/containerd/containerd/cio/io_unix.go b/vendor/github.com/containerd/containerd/cio/io_unix.go index 9dc21dc..7038883 100644 --- a/vendor/github.com/containerd/containerd/cio/io_unix.go +++ b/vendor/github.com/containerd/containerd/cio/io_unix.go @@ -22,6 +22,7 @@ import ( "context" "fmt" "io" + "net/url" "os" "path/filepath" "sync" @@ -158,3 +159,37 @@ func NewDirectIO(ctx context.Context, fifos *FIFOSet) (*DirectIO, error) { }, }, err } + +// TerminalLogURI provides the raw logging URI +// as well as sets the terminal option to true. +func TerminalLogURI(uri *url.URL) Creator { + return func(_ string) (IO, error) { + return &logURI{ + config: Config{ + Stdout: uri.String(), + Stderr: uri.String(), + Terminal: true, + }, + }, nil + } +} + +// TerminalBinaryIO forwards container STDOUT|STDERR directly to a logging binary +// It also sets the terminal option to true +func TerminalBinaryIO(binary string, args map[string]string) Creator { + return func(_ string) (IO, error) { + uri, err := LogURIGenerator("binary", binary, args) + if err != nil { + return nil, err + } + + res := uri.String() + return &logURI{ + config: Config{ + Stdout: res, + Stderr: res, + Terminal: true, + }, + }, nil + } +} diff --git a/vendor/github.com/containerd/containerd/cio/io_windows.go b/vendor/github.com/containerd/containerd/cio/io_windows.go index 59b14c4..d67c4b3 100644 --- a/vendor/github.com/containerd/containerd/cio/io_windows.go +++ b/vendor/github.com/containerd/containerd/cio/io_windows.go @@ -20,6 +20,7 @@ import ( "context" "fmt" "io" + "net/url" winio "github.com/Microsoft/go-winio" "github.com/containerd/log" @@ -155,3 +156,42 @@ func NewDirectIOFromFIFOSet(ctx context.Context, stdin io.WriteCloser, stdout, s }, } } + +// TerminalLogURI provides the raw logging URI +// as well as sets the terminal option to true. +func TerminalLogURI(uri *url.URL) Creator { + return func(_ string) (IO, error) { + return &logURI{ + config: Config{ + Terminal: true, + Stdout: uri.String(), + + // Windows HCSShim requires that stderr is an empty string when using terminal. + // https://github.com/microsoft/hcsshim/blob/200feabd854da69f615a598ed6a1263ce9531676/cmd/containerd-shim-runhcs-v1/service_internal.go#L127 + Stderr: "", + }, + }, nil + } +} + +// TerminalBinaryIO forwards container STDOUT|STDERR directly to a logging binary +// It also sets the terminal option to true +func TerminalBinaryIO(binary string, args map[string]string) Creator { + return func(_ string) (IO, error) { + uri, err := LogURIGenerator("binary", binary, args) + if err != nil { + return nil, err + } + + return &logURI{ + config: Config{ + Terminal: true, + Stdout: uri.String(), + + // Windows HCSShim requires that stderr is an empty string when using terminal. + // https://github.com/microsoft/hcsshim/blob/200feabd854da69f615a598ed6a1263ce9531676/cmd/containerd-shim-runhcs-v1/service_internal.go#L127 + Stderr: "", + }, + }, nil + } +} diff --git a/vendor/github.com/containerd/containerd/client.go b/vendor/github.com/containerd/containerd/client.go index 9419304..13dc4da 100644 --- a/vendor/github.com/containerd/containerd/client.go +++ b/vendor/github.com/containerd/containerd/client.go @@ -50,7 +50,6 @@ import ( leasesproxy "github.com/containerd/containerd/leases/proxy" "github.com/containerd/containerd/namespaces" "github.com/containerd/containerd/pkg/dialer" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/plugin" ptypes "github.com/containerd/containerd/protobuf/types" "github.com/containerd/containerd/remotes" @@ -61,6 +60,7 @@ import ( "github.com/containerd/containerd/snapshots" snproxy "github.com/containerd/containerd/snapshots/proxy" "github.com/containerd/errdefs" + "github.com/containerd/platforms" "github.com/containerd/typeurl/v2" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/opencontainers/runtime-spec/specs-go" diff --git a/vendor/github.com/containerd/containerd/client_opts.go b/vendor/github.com/containerd/containerd/client_opts.go index 4e0a78a..7fa16a5 100644 --- a/vendor/github.com/containerd/containerd/client_opts.go +++ b/vendor/github.com/containerd/containerd/client_opts.go @@ -20,9 +20,9 @@ import ( "time" "github.com/containerd/containerd/images" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/remotes" "github.com/containerd/containerd/snapshots" + "github.com/containerd/platforms" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "google.golang.org/grpc" @@ -110,7 +110,7 @@ type RemoteOpt func(*Client, *RemoteContext) error // content for func WithPlatform(platform string) RemoteOpt { if platform == "" { - platform = platforms.DefaultString() + platform = platforms.Format(platforms.DefaultSpec()) // For 1.7 continue using the old format without os-version included. } return func(_ *Client, c *RemoteContext) error { for _, p := range c.Platforms { diff --git a/vendor/github.com/containerd/containerd/container_checkpoint_opts.go b/vendor/github.com/containerd/containerd/container_checkpoint_opts.go index 64f2382..5aa683a 100644 --- a/vendor/github.com/containerd/containerd/container_checkpoint_opts.go +++ b/vendor/github.com/containerd/containerd/container_checkpoint_opts.go @@ -27,11 +27,11 @@ import ( "github.com/containerd/containerd/containers" "github.com/containerd/containerd/diff" "github.com/containerd/containerd/images" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/protobuf" "github.com/containerd/containerd/protobuf/proto" "github.com/containerd/containerd/rootfs" "github.com/containerd/containerd/runtime/v2/runc/options" + "github.com/containerd/platforms" "github.com/opencontainers/go-digest" imagespec "github.com/opencontainers/image-spec/specs-go/v1" ) diff --git a/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go b/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go index c6a0d84..a88cb8b 100644 --- a/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go +++ b/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go @@ -24,6 +24,8 @@ // // The functions ToGRPC and FromGRPC can be used to map server-side and // client-side errors to the correct types. +// +// Deprecated: use [github.com/containerd/errdefs]. package errdefs import ( diff --git a/vendor/github.com/containerd/containerd/events.go b/vendor/github.com/containerd/containerd/events.go index f317967..a1dabb5 100644 --- a/vendor/github.com/containerd/containerd/events.go +++ b/vendor/github.com/containerd/containerd/events.go @@ -19,11 +19,12 @@ package containerd import ( "context" + "github.com/containerd/errdefs" + "github.com/containerd/typeurl/v2" + eventsapi "github.com/containerd/containerd/api/services/events/v1" "github.com/containerd/containerd/events" "github.com/containerd/containerd/protobuf" - "github.com/containerd/errdefs" - "github.com/containerd/typeurl/v2" ) // EventService handles the publish, forward and subscribe of events. diff --git a/vendor/github.com/containerd/containerd/image.go b/vendor/github.com/containerd/containerd/image.go index a8f99c2..914ab35 100644 --- a/vendor/github.com/containerd/containerd/image.go +++ b/vendor/github.com/containerd/containerd/image.go @@ -29,10 +29,10 @@ import ( "github.com/containerd/containerd/images" "github.com/containerd/containerd/labels" "github.com/containerd/containerd/pkg/kmutex" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/rootfs" "github.com/containerd/containerd/snapshots" "github.com/containerd/errdefs" + "github.com/containerd/platforms" "github.com/opencontainers/go-digest" "github.com/opencontainers/image-spec/identity" ocispec "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/vendor/github.com/containerd/containerd/images/archive/exporter.go b/vendor/github.com/containerd/containerd/images/archive/exporter.go index 5d4aba4..016c147 100644 --- a/vendor/github.com/containerd/containerd/images/archive/exporter.go +++ b/vendor/github.com/containerd/containerd/images/archive/exporter.go @@ -29,9 +29,9 @@ import ( "github.com/containerd/containerd/content" "github.com/containerd/containerd/images" "github.com/containerd/containerd/labels" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" "github.com/containerd/log" + "github.com/containerd/platforms" digest "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go" ocispec "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/vendor/github.com/containerd/containerd/images/archive/importer.go b/vendor/github.com/containerd/containerd/images/archive/importer.go index e0c5772..fe6d451 100644 --- a/vendor/github.com/containerd/containerd/images/archive/importer.go +++ b/vendor/github.com/containerd/containerd/images/archive/importer.go @@ -31,9 +31,9 @@ import ( "github.com/containerd/containerd/content" "github.com/containerd/containerd/images" "github.com/containerd/containerd/labels" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" "github.com/containerd/log" + "github.com/containerd/platforms" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go" ocispec "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/vendor/github.com/containerd/containerd/images/archive/reference.go b/vendor/github.com/containerd/containerd/images/archive/reference.go index 8a030fb..8dc2099 100644 --- a/vendor/github.com/containerd/containerd/images/archive/reference.go +++ b/vendor/github.com/containerd/containerd/images/archive/reference.go @@ -21,7 +21,7 @@ import ( "strings" "github.com/containerd/containerd/reference" - distref "github.com/containerd/containerd/reference/docker" + distref "github.com/distribution/reference" "github.com/opencontainers/go-digest" ) diff --git a/vendor/github.com/containerd/containerd/images/handlers.go b/vendor/github.com/containerd/containerd/images/handlers.go index 162e87a..7a34cc5 100644 --- a/vendor/github.com/containerd/containerd/images/handlers.go +++ b/vendor/github.com/containerd/containerd/images/handlers.go @@ -23,8 +23,8 @@ import ( "sort" "github.com/containerd/containerd/content" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" + "github.com/containerd/platforms" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/sync/errgroup" "golang.org/x/sync/semaphore" diff --git a/vendor/github.com/containerd/containerd/images/image.go b/vendor/github.com/containerd/containerd/images/image.go index 3e2abc7..a13710e 100644 --- a/vendor/github.com/containerd/containerd/images/image.go +++ b/vendor/github.com/containerd/containerd/images/image.go @@ -24,9 +24,9 @@ import ( "time" "github.com/containerd/containerd/content" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" "github.com/containerd/log" + "github.com/containerd/platforms" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) diff --git a/vendor/github.com/containerd/containerd/import.go b/vendor/github.com/containerd/containerd/import.go index a6b918b..1472f48 100644 --- a/vendor/github.com/containerd/containerd/import.go +++ b/vendor/github.com/containerd/containerd/import.go @@ -24,8 +24,8 @@ import ( "github.com/containerd/containerd/content" "github.com/containerd/containerd/images" "github.com/containerd/containerd/images/archive" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" + "github.com/containerd/platforms" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) diff --git a/vendor/github.com/containerd/containerd/mount/mount_linux.go b/vendor/github.com/containerd/containerd/mount/mount_linux.go index 34aa639..402def9 100644 --- a/vendor/github.com/containerd/containerd/mount/mount_linux.go +++ b/vendor/github.com/containerd/containerd/mount/mount_linux.go @@ -26,7 +26,7 @@ import ( "strings" "time" - "github.com/containerd/containerd/pkg/userns" + "github.com/moby/sys/userns" "golang.org/x/sys/unix" ) diff --git a/vendor/github.com/containerd/containerd/mount/temp.go b/vendor/github.com/containerd/containerd/mount/temp.go index 7849d06..ba37ba5 100644 --- a/vendor/github.com/containerd/containerd/mount/temp.go +++ b/vendor/github.com/containerd/containerd/mount/temp.go @@ -29,6 +29,10 @@ var tempMountLocation = getTempDir() // WithTempMount mounts the provided mounts to a temp dir, and pass the temp dir to f. // The mounts are valid during the call to the f. // Finally we will unmount and remove the temp dir regardless of the result of f. +// +// NOTE: The volatile option of overlayfs doesn't allow to mount again using the +// same upper / work dirs. Since it's a temp mount, avoid using that option here +// if found. func WithTempMount(ctx context.Context, mounts []Mount, f func(root string) error) (err error) { root, uerr := os.MkdirTemp(tempMountLocation, "containerd-mount") if uerr != nil { @@ -58,7 +62,8 @@ func WithTempMount(ctx context.Context, mounts []Mount, f func(root string) erro } } }() - if uerr = All(mounts, root); uerr != nil { + + if uerr = All(RemoveVolatileOption(mounts), root); uerr != nil { return fmt.Errorf("failed to mount %s: %w", root, uerr) } if err := f(root); err != nil { @@ -67,6 +72,45 @@ func WithTempMount(ctx context.Context, mounts []Mount, f func(root string) erro return nil } +// RemoveVolatileOption copies and remove the volatile option for overlay +// type, since overlayfs doesn't allow to mount again using the same upper/work +// dirs. +// +// REF: https://docs.kernel.org/filesystems/overlayfs.html#volatile-mount +// +// TODO: Make this logic conditional once the kernel supports reusing +// overlayfs volatile mounts. +func RemoveVolatileOption(mounts []Mount) []Mount { + var out []Mount + for i, m := range mounts { + if m.Type != "overlay" { + continue + } + for j, opt := range m.Options { + if opt == "volatile" { + if out == nil { + out = copyMounts(mounts) + } + out[i].Options = append(out[i].Options[:j], out[i].Options[j+1:]...) + break + } + } + } + + if out != nil { + return out + } + + return mounts +} + +// copyMounts creates a copy of the original slice to allow for modification and not altering the original +func copyMounts(in []Mount) []Mount { + out := make([]Mount, len(in)) + copy(out, in) + return out +} + // WithReadonlyTempMount mounts the provided mounts to a temp dir as readonly, // and pass the temp dir to f. The mounts are valid during the call to the f. // Finally we will unmount and remove the temp dir regardless of the result of f. diff --git a/vendor/github.com/containerd/containerd/oci/spec.go b/vendor/github.com/containerd/containerd/oci/spec.go index b33ec19..86fef42 100644 --- a/vendor/github.com/containerd/containerd/oci/spec.go +++ b/vendor/github.com/containerd/containerd/oci/spec.go @@ -27,7 +27,7 @@ import ( "github.com/containerd/containerd/containers" "github.com/containerd/containerd/namespaces" - "github.com/containerd/containerd/platforms" + "github.com/containerd/platforms" ) const ( @@ -64,7 +64,7 @@ func ReadSpec(path string) (*Spec, error) { // GenerateSpec will generate a default spec from the provided image // for use as a containerd container func GenerateSpec(ctx context.Context, client Client, c *containers.Container, opts ...SpecOpts) (*Spec, error) { - return GenerateSpecWithPlatform(ctx, client, platforms.DefaultString(), c, opts...) + return GenerateSpecWithPlatform(ctx, client, platforms.Format(platforms.DefaultSpec()), c, opts...) // For 1.7 continue using the old format without os-version included. } // GenerateSpecWithPlatform will generate a default spec from the provided image diff --git a/vendor/github.com/containerd/containerd/oci/spec_opts.go b/vendor/github.com/containerd/containerd/oci/spec_opts.go index cc8fab3..f1422d5 100644 --- a/vendor/github.com/containerd/containerd/oci/spec_opts.go +++ b/vendor/github.com/containerd/containerd/oci/spec_opts.go @@ -33,8 +33,8 @@ import ( "github.com/containerd/containerd/images" "github.com/containerd/containerd/mount" "github.com/containerd/containerd/namespaces" - "github.com/containerd/containerd/platforms" "github.com/containerd/continuity/fs" + "github.com/containerd/platforms" "github.com/moby/sys/user" v1 "github.com/opencontainers/image-spec/specs-go/v1" "github.com/opencontainers/runtime-spec/specs-go" @@ -138,7 +138,7 @@ func ensureAdditionalGids(s *Spec) { // Use as the first option to clear the spec, then apply options afterwards. func WithDefaultSpec() SpecOpts { return func(ctx context.Context, _ Client, c *containers.Container, s *Spec) error { - return generateDefaultSpecWithPlatform(ctx, platforms.DefaultString(), c.ID, s) + return generateDefaultSpecWithPlatform(ctx, platforms.Format(platforms.DefaultSpec()), c.ID, s) // For 1.7 continue using the old format without os-version included. } } @@ -955,6 +955,11 @@ func WithCapabilities(caps []string) SpecOpts { s.Process.Capabilities.Bounding = caps s.Process.Capabilities.Effective = caps s.Process.Capabilities.Permitted = caps + if len(caps) == 0 { + s.Process.Capabilities.Inheritable = nil + } else if len(s.Process.Capabilities.Inheritable) > 0 { + filterCaps(&s.Process.Capabilities.Inheritable, caps) + } return nil } @@ -980,6 +985,16 @@ func removeCap(caps *[]string, s string) { *caps = newcaps } +func filterCaps(caps *[]string, filters []string) { + var newcaps []string + for _, c := range *caps { + if capsContain(filters, c) { + newcaps = append(newcaps, c) + } + } + *caps = newcaps +} + // WithAddedCapabilities adds the provided capabilities func WithAddedCapabilities(caps []string) SpecOpts { return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error { @@ -1008,6 +1023,7 @@ func WithDroppedCapabilities(caps []string) SpecOpts { &s.Process.Capabilities.Bounding, &s.Process.Capabilities.Effective, &s.Process.Capabilities.Permitted, + &s.Process.Capabilities.Inheritable, } { removeCap(cl, c) } diff --git a/vendor/github.com/containerd/containerd/oci/utils_unix.go b/vendor/github.com/containerd/containerd/oci/utils_unix.go index b3cb8a6..602bbed 100644 --- a/vendor/github.com/containerd/containerd/oci/utils_unix.go +++ b/vendor/github.com/containerd/containerd/oci/utils_unix.go @@ -24,7 +24,7 @@ import ( "os" "path/filepath" - "github.com/containerd/containerd/pkg/userns" + "github.com/moby/sys/userns" specs "github.com/opencontainers/runtime-spec/specs-go" "golang.org/x/sys/unix" ) diff --git a/vendor/github.com/containerd/containerd/pkg/deprecation/deprecation.go b/vendor/github.com/containerd/containerd/pkg/deprecation/deprecation.go index 06fda06..813a0da 100644 --- a/vendor/github.com/containerd/containerd/pkg/deprecation/deprecation.go +++ b/vendor/github.com/containerd/containerd/pkg/deprecation/deprecation.go @@ -73,11 +73,11 @@ var messages = map[Warning]string{ "Use a v2 runtime and `options` instead.", CRIRuntimeRoot: "The `runtime_root` property of [plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.*] is deprecated since containerd v1.3 and will be removed in containerd v2.0. " + "Use a v2 runtime and `options.Root` instead.", - CRIRegistryMirrors: "The `mirrors` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.5 and will be removed in containerd v2.0. " + + CRIRegistryMirrors: "The `mirrors` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.5 and will be removed in containerd v2.1. " + "Use `config_path` instead.", - CRIRegistryAuths: "The `auths` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.3 and will be removed in containerd v2.0. " + + CRIRegistryAuths: "The `auths` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.3 and will be removed in containerd v2.1. " + "Use `ImagePullSecrets` instead.", - CRIRegistryConfigs: "The `configs` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.5 and will be removed in containerd v2.0. " + + CRIRegistryConfigs: "The `configs` property of `[plugins.\"io.containerd.grpc.v1.cri\".registry]` is deprecated since containerd v1.5 and will be removed in containerd v2.1. " + "Use `config_path` instead.", CRIAPIV1Alpha2: "CRI API v1alpha2 is deprecated since containerd v1.7 and removed in containerd v2.0. Use CRI API v1 instead.", AUFSSnapshotter: "The aufs snapshotter is deprecated since containerd v1.5 and removed in containerd v2.0. Use the overlay snapshotter instead.", diff --git a/vendor/github.com/containerd/containerd/pkg/unpack/unpacker.go b/vendor/github.com/containerd/containerd/pkg/unpack/unpacker.go index 22f6fac..76e24f7 100644 --- a/vendor/github.com/containerd/containerd/pkg/unpack/unpacker.go +++ b/vendor/github.com/containerd/containerd/pkg/unpack/unpacker.go @@ -35,11 +35,11 @@ import ( "github.com/containerd/containerd/mount" "github.com/containerd/containerd/pkg/cleanup" "github.com/containerd/containerd/pkg/kmutex" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/snapshots" "github.com/containerd/containerd/tracing" "github.com/containerd/errdefs" "github.com/containerd/log" + "github.com/containerd/platforms" "github.com/opencontainers/go-digest" "github.com/opencontainers/image-spec/identity" ocispec "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/vendor/github.com/containerd/containerd/pkg/userns/userns_linux.go b/vendor/github.com/containerd/containerd/pkg/userns/userns_linux.go deleted file mode 100644 index 6656465..0000000 --- a/vendor/github.com/containerd/containerd/pkg/userns/userns_linux.go +++ /dev/null @@ -1,62 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package userns - -import ( - "bufio" - "fmt" - "os" - "sync" -) - -var ( - inUserNS bool - nsOnce sync.Once -) - -// RunningInUserNS detects whether we are currently running in a user namespace. -// Originally copied from github.com/lxc/lxd/shared/util.go -func RunningInUserNS() bool { - nsOnce.Do(func() { - file, err := os.Open("/proc/self/uid_map") - if err != nil { - // This kernel-provided file only exists if user namespaces are supported - return - } - defer file.Close() - - buf := bufio.NewReader(file) - l, _, err := buf.ReadLine() - if err != nil { - return - } - - line := string(l) - var a, b, c int64 - fmt.Sscanf(line, "%d %d %d", &a, &b, &c) - - /* - * We assume we are in the initial user namespace if we have a full - * range - 4294967295 uids starting at uid 0. - */ - if a == 0 && b == 0 && c == 4294967295 { - return - } - inUserNS = true - }) - return inUserNS -} diff --git a/vendor/github.com/containerd/containerd/protobuf/plugin/doc.go b/vendor/github.com/containerd/containerd/protobuf/plugin/doc.go deleted file mode 100644 index 401a6d5..0000000 --- a/vendor/github.com/containerd/containerd/protobuf/plugin/doc.go +++ /dev/null @@ -1,17 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package plugin diff --git a/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.pb.go b/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.pb.go deleted file mode 100644 index 1bab0c7..0000000 --- a/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.pb.go +++ /dev/null @@ -1,144 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.1 -// protoc v3.20.1 -// source: github.com/containerd/containerd/protobuf/plugin/fieldpath.proto - -package plugin - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - descriptorpb "google.golang.org/protobuf/types/descriptorpb" - reflect "reflect" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -var file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_extTypes = []protoimpl.ExtensionInfo{ - { - ExtendedType: (*descriptorpb.FileOptions)(nil), - ExtensionType: (*bool)(nil), - Field: 63300, - Name: "containerd.plugin.fieldpath_all", - Tag: "varint,63300,opt,name=fieldpath_all", - Filename: "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto", - }, - { - ExtendedType: (*descriptorpb.MessageOptions)(nil), - ExtensionType: (*bool)(nil), - Field: 64400, - Name: "containerd.plugin.fieldpath", - Tag: "varint,64400,opt,name=fieldpath", - Filename: "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto", - }, -} - -// Extension fields to descriptorpb.FileOptions. -var ( - // optional bool fieldpath_all = 63300; - E_FieldpathAll = &file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_extTypes[0] -) - -// Extension fields to descriptorpb.MessageOptions. -var ( - // optional bool fieldpath = 64400; - E_Fieldpath = &file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_extTypes[1] -) - -var File_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto protoreflect.FileDescriptor - -var file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_rawDesc = []byte{ - 0x0a, 0x40, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, - 0x72, 0x64, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x70, 0x6c, 0x75, 0x67, - 0x69, 0x6e, 0x2f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x70, 0x61, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x12, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x2e, 0x70, - 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, - 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x3a, 0x43, 0x0a, 0x0d, 0x66, 0x69, 0x65, 0x6c, 0x64, - 0x70, 0x61, 0x74, 0x68, 0x5f, 0x61, 0x6c, 0x6c, 0x12, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, - 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xc4, 0xee, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, - 0x66, 0x69, 0x65, 0x6c, 0x64, 0x70, 0x61, 0x74, 0x68, 0x41, 0x6c, 0x6c, 0x3a, 0x3f, 0x0a, 0x09, - 0x66, 0x69, 0x65, 0x6c, 0x64, 0x70, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, - 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x90, 0xf7, 0x03, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x09, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x70, 0x61, 0x74, 0x68, 0x42, 0x32, 0x5a, - 0x30, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x74, - 0x61, 0x69, 0x6e, 0x65, 0x72, 0x64, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, - 0x64, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x70, 0x6c, 0x75, 0x67, 0x69, - 0x6e, -} - -var file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_goTypes = []interface{}{ - (*descriptorpb.FileOptions)(nil), // 0: google.protobuf.FileOptions - (*descriptorpb.MessageOptions)(nil), // 1: google.protobuf.MessageOptions -} -var file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_depIdxs = []int32{ - 0, // 0: containerd.plugin.fieldpath_all:extendee -> google.protobuf.FileOptions - 1, // 1: containerd.plugin.fieldpath:extendee -> google.protobuf.MessageOptions - 2, // [2:2] is the sub-list for method output_type - 2, // [2:2] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 0, // [0:2] is the sub-list for extension extendee - 0, // [0:0] is the sub-list for field type_name -} - -func init() { file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_init() } -func file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_init() { - if File_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto != nil { - return - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_rawDesc, - NumEnums: 0, - NumMessages: 0, - NumExtensions: 2, - NumServices: 0, - }, - GoTypes: file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_goTypes, - DependencyIndexes: file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_depIdxs, - ExtensionInfos: file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_extTypes, - }.Build() - File_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto = out.File - file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_rawDesc = nil - file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_goTypes = nil - file_github_com_containerd_containerd_protobuf_plugin_fieldpath_proto_depIdxs = nil -} diff --git a/vendor/github.com/containerd/containerd/pull.go b/vendor/github.com/containerd/containerd/pull.go index 0e2911d..75feb76 100644 --- a/vendor/github.com/containerd/containerd/pull.go +++ b/vendor/github.com/containerd/containerd/pull.go @@ -26,12 +26,12 @@ import ( "github.com/containerd/containerd/images" "github.com/containerd/containerd/pkg/unpack" - "github.com/containerd/containerd/platforms" "github.com/containerd/containerd/remotes" "github.com/containerd/containerd/remotes/docker" "github.com/containerd/containerd/remotes/docker/schema1" //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. "github.com/containerd/containerd/tracing" "github.com/containerd/errdefs" + "github.com/containerd/platforms" ) const ( diff --git a/vendor/github.com/containerd/containerd/reference/docker/helpers.go b/vendor/github.com/containerd/containerd/reference/docker/helpers.go deleted file mode 100644 index 3860251..0000000 --- a/vendor/github.com/containerd/containerd/reference/docker/helpers.go +++ /dev/null @@ -1,58 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package docker - -import "path" - -// IsNameOnly returns true if reference only contains a repo name. -func IsNameOnly(ref Named) bool { - if _, ok := ref.(NamedTagged); ok { - return false - } - if _, ok := ref.(Canonical); ok { - return false - } - return true -} - -// FamiliarName returns the familiar name string -// for the given named, familiarizing if needed. -func FamiliarName(ref Named) string { - if nn, ok := ref.(normalizedNamed); ok { - return nn.Familiar().Name() - } - return ref.Name() -} - -// FamiliarString returns the familiar string representation -// for the given reference, familiarizing if needed. -func FamiliarString(ref Reference) string { - if nn, ok := ref.(normalizedNamed); ok { - return nn.Familiar().String() - } - return ref.String() -} - -// FamiliarMatch reports whether ref matches the specified pattern. -// See https://godoc.org/path#Match for supported patterns. -func FamiliarMatch(pattern string, ref Reference) (bool, error) { - matched, err := path.Match(pattern, FamiliarString(ref)) - if namedRef, isNamed := ref.(Named); isNamed && !matched { - matched, _ = path.Match(pattern, FamiliarName(namedRef)) - } - return matched, err -} diff --git a/vendor/github.com/containerd/containerd/reference/docker/normalize.go b/vendor/github.com/containerd/containerd/reference/docker/normalize.go deleted file mode 100644 index b299bf6..0000000 --- a/vendor/github.com/containerd/containerd/reference/docker/normalize.go +++ /dev/null @@ -1,196 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package docker - -import ( - "fmt" - "strings" - - "github.com/opencontainers/go-digest" -) - -var ( - legacyDefaultDomain = "index.docker.io" - defaultDomain = "docker.io" - officialRepoName = "library" - defaultTag = "latest" -) - -// normalizedNamed represents a name which has been -// normalized and has a familiar form. A familiar name -// is what is used in Docker UI. An example normalized -// name is "docker.io/library/ubuntu" and corresponding -// familiar name of "ubuntu". -type normalizedNamed interface { - Named - Familiar() Named -} - -// ParseNormalizedNamed parses a string into a named reference -// transforming a familiar name from Docker UI to a fully -// qualified reference. If the value may be an identifier -// use ParseAnyReference. -func ParseNormalizedNamed(s string) (Named, error) { - if ok := anchoredIdentifierRegexp.MatchString(s); ok { - return nil, fmt.Errorf("invalid repository name (%s), cannot specify 64-byte hexadecimal strings", s) - } - domain, remainder := splitDockerDomain(s) - var remoteName string - if tagSep := strings.IndexRune(remainder, ':'); tagSep > -1 { - remoteName = remainder[:tagSep] - } else { - remoteName = remainder - } - if strings.ToLower(remoteName) != remoteName { - return nil, fmt.Errorf("invalid reference format: repository name (%s) must be lowercase", remoteName) - } - - ref, err := Parse(domain + "/" + remainder) - if err != nil { - return nil, err - } - named, isNamed := ref.(Named) - if !isNamed { - return nil, fmt.Errorf("reference %s has no name", ref.String()) - } - return named, nil -} - -// ParseDockerRef normalizes the image reference following the docker convention. This is added -// mainly for backward compatibility. -// The reference returned can only be either tagged or digested. For reference contains both tag -// and digest, the function returns digested reference, e.g. docker.io/library/busybox:latest@ -// sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa will be returned as -// docker.io/library/busybox@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa. -func ParseDockerRef(ref string) (Named, error) { - named, err := ParseNormalizedNamed(ref) - if err != nil { - return nil, err - } - if _, ok := named.(NamedTagged); ok { - if canonical, ok := named.(Canonical); ok { - // The reference is both tagged and digested, only - // return digested. - newNamed, err := WithName(canonical.Name()) - if err != nil { - return nil, err - } - newCanonical, err := WithDigest(newNamed, canonical.Digest()) - if err != nil { - return nil, err - } - return newCanonical, nil - } - } - return TagNameOnly(named), nil -} - -// splitDockerDomain splits a repository name to domain and remotename string. -// If no valid domain is found, the default domain is used. Repository name -// needs to be already validated before. -func splitDockerDomain(name string) (domain, remainder string) { - i := strings.IndexRune(name, '/') - if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != "localhost" && strings.ToLower(name[:i]) == name[:i]) { - domain, remainder = defaultDomain, name - } else { - domain, remainder = name[:i], name[i+1:] - } - if domain == legacyDefaultDomain { - domain = defaultDomain - } - if domain == defaultDomain && !strings.ContainsRune(remainder, '/') { - remainder = officialRepoName + "/" + remainder - } - return -} - -// familiarizeName returns a shortened version of the name familiar -// to the Docker UI. Familiar names have the default domain -// "docker.io" and "library/" repository prefix removed. -// For example, "docker.io/library/redis" will have the familiar -// name "redis" and "docker.io/dmcgowan/myapp" will be "dmcgowan/myapp". -// Returns a familiarized named only reference. -func familiarizeName(named namedRepository) repository { - repo := repository{ - domain: named.Domain(), - path: named.Path(), - } - - if repo.domain == defaultDomain { - repo.domain = "" - // Handle official repositories which have the pattern "library/" - if split := strings.Split(repo.path, "/"); len(split) == 2 && split[0] == officialRepoName { - repo.path = split[1] - } - } - return repo -} - -func (r reference) Familiar() Named { - return reference{ - namedRepository: familiarizeName(r.namedRepository), - tag: r.tag, - digest: r.digest, - } -} - -func (r repository) Familiar() Named { - return familiarizeName(r) -} - -func (t taggedReference) Familiar() Named { - return taggedReference{ - namedRepository: familiarizeName(t.namedRepository), - tag: t.tag, - } -} - -func (c canonicalReference) Familiar() Named { - return canonicalReference{ - namedRepository: familiarizeName(c.namedRepository), - digest: c.digest, - } -} - -// TagNameOnly adds the default tag "latest" to a reference if it only has -// a repo name. -func TagNameOnly(ref Named) Named { - if IsNameOnly(ref) { - namedTagged, err := WithTag(ref, defaultTag) - if err != nil { - // Default tag must be valid, to create a NamedTagged - // type with non-validated input the WithTag function - // should be used instead - panic(err) - } - return namedTagged - } - return ref -} - -// ParseAnyReference parses a reference string as a possible identifier, -// full digest, or familiar name. -func ParseAnyReference(ref string) (Reference, error) { - if ok := anchoredIdentifierRegexp.MatchString(ref); ok { - return digestReference("sha256:" + ref), nil - } - if dgst, err := digest.Parse(ref); err == nil { - return digestReference(dgst), nil - } - - return ParseNormalizedNamed(ref) -} diff --git a/vendor/github.com/containerd/containerd/reference/docker/reference.go b/vendor/github.com/containerd/containerd/reference/docker/reference.go deleted file mode 100644 index 4dc0047..0000000 --- a/vendor/github.com/containerd/containerd/reference/docker/reference.go +++ /dev/null @@ -1,453 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -// Package docker provides a general type to represent any way of referencing images within the registry. -// Its main purpose is to abstract tags and digests (content-addressable hash). -// -// Grammar -// -// reference := name [ ":" tag ] [ "@" digest ] -// name := [domain '/'] path-component ['/' path-component]* -// domain := host [':' port-number] -// host := domain-name | IPv4address | \[ IPv6address \] ; rfc3986 appendix-A -// domain-name := domain-component ['.' domain-component]* -// domain-component := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ -// port-number := /[0-9]+/ -// path-component := alpha-numeric [separator alpha-numeric]* -// alpha-numeric := /[a-z0-9]+/ -// separator := /[_.]|__|[-]*/ -// -// tag := /[\w][\w.-]{0,127}/ -// -// digest := digest-algorithm ":" digest-hex -// digest-algorithm := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ]* -// digest-algorithm-separator := /[+.-_]/ -// digest-algorithm-component := /[A-Za-z][A-Za-z0-9]*/ -// digest-hex := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value -// -// identifier := /[a-f0-9]{64}/ -// short-identifier := /[a-f0-9]{6,64}/ -package docker - -import ( - "errors" - "fmt" - "strings" - - "github.com/opencontainers/go-digest" -) - -const ( - // NameTotalLengthMax is the maximum total number of characters in a repository name. - NameTotalLengthMax = 255 -) - -var ( - // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. - ErrReferenceInvalidFormat = errors.New("invalid reference format") - - // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. - ErrTagInvalidFormat = errors.New("invalid tag format") - - // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. - ErrDigestInvalidFormat = errors.New("invalid digest format") - - // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. - ErrNameContainsUppercase = errors.New("repository name must be lowercase") - - // ErrNameEmpty is returned for empty, invalid repository names. - ErrNameEmpty = errors.New("repository name must have at least one component") - - // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. - ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", NameTotalLengthMax) - - // ErrNameNotCanonical is returned when a name is not canonical. - ErrNameNotCanonical = errors.New("repository name must be canonical") -) - -// Reference is an opaque object reference identifier that may include -// modifiers such as a hostname, name, tag, and digest. -type Reference interface { - // String returns the full reference - String() string -} - -// Field provides a wrapper type for resolving correct reference types when -// working with encoding. -type Field struct { - reference Reference -} - -// AsField wraps a reference in a Field for encoding. -func AsField(reference Reference) Field { - return Field{reference} -} - -// Reference unwraps the reference type from the field to -// return the Reference object. This object should be -// of the appropriate type to further check for different -// reference types. -func (f Field) Reference() Reference { - return f.reference -} - -// MarshalText serializes the field to byte text which -// is the string of the reference. -func (f Field) MarshalText() (p []byte, err error) { - return []byte(f.reference.String()), nil -} - -// UnmarshalText parses text bytes by invoking the -// reference parser to ensure the appropriately -// typed reference object is wrapped by field. -func (f *Field) UnmarshalText(p []byte) error { - r, err := Parse(string(p)) - if err != nil { - return err - } - - f.reference = r - return nil -} - -// Named is an object with a full name -type Named interface { - Reference - Name() string -} - -// Tagged is an object which has a tag -type Tagged interface { - Reference - Tag() string -} - -// NamedTagged is an object including a name and tag. -type NamedTagged interface { - Named - Tag() string -} - -// Digested is an object which has a digest -// in which it can be referenced by -type Digested interface { - Reference - Digest() digest.Digest -} - -// Canonical reference is an object with a fully unique -// name including a name with domain and digest -type Canonical interface { - Named - Digest() digest.Digest -} - -// namedRepository is a reference to a repository with a name. -// A namedRepository has both domain and path components. -type namedRepository interface { - Named - Domain() string - Path() string -} - -// Domain returns the domain part of the Named reference -func Domain(named Named) string { - if r, ok := named.(namedRepository); ok { - return r.Domain() - } - domain, _ := splitDomain(named.Name()) - return domain -} - -// Path returns the name without the domain part of the Named reference -func Path(named Named) (name string) { - if r, ok := named.(namedRepository); ok { - return r.Path() - } - _, path := splitDomain(named.Name()) - return path -} - -func splitDomain(name string) (string, string) { - match := anchoredNameRegexp.FindStringSubmatch(name) - if len(match) != 3 { - return "", name - } - return match[1], match[2] -} - -// SplitHostname splits a named reference into a -// hostname and name string. If no valid hostname is -// found, the hostname is empty and the full value -// is returned as name -// DEPRECATED: Use Domain or Path -func SplitHostname(named Named) (string, string) { - if r, ok := named.(namedRepository); ok { - return r.Domain(), r.Path() - } - return splitDomain(named.Name()) -} - -// Parse parses s and returns a syntactically valid Reference. -// If an error was encountered it is returned, along with a nil Reference. -// NOTE: Parse will not handle short digests. -func Parse(s string) (Reference, error) { - matches := ReferenceRegexp.FindStringSubmatch(s) - if matches == nil { - if s == "" { - return nil, ErrNameEmpty - } - if ReferenceRegexp.FindStringSubmatch(strings.ToLower(s)) != nil { - return nil, ErrNameContainsUppercase - } - return nil, ErrReferenceInvalidFormat - } - - if len(matches[1]) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - - var repo repository - - nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) - if len(nameMatch) == 3 { - repo.domain = nameMatch[1] - repo.path = nameMatch[2] - } else { - repo.domain = "" - repo.path = matches[1] - } - - ref := reference{ - namedRepository: repo, - tag: matches[2], - } - if matches[3] != "" { - var err error - ref.digest, err = digest.Parse(matches[3]) - if err != nil { - return nil, err - } - } - - r := getBestReferenceType(ref) - if r == nil { - return nil, ErrNameEmpty - } - - return r, nil -} - -// ParseNamed parses s and returns a syntactically valid reference implementing -// the Named interface. The reference must have a name and be in the canonical -// form, otherwise an error is returned. -// If an error was encountered it is returned, along with a nil Reference. -// NOTE: ParseNamed will not handle short digests. -func ParseNamed(s string) (Named, error) { - named, err := ParseNormalizedNamed(s) - if err != nil { - return nil, err - } - if named.String() != s { - return nil, ErrNameNotCanonical - } - return named, nil -} - -// WithName returns a named object representing the given string. If the input -// is invalid ErrReferenceInvalidFormat will be returned. -func WithName(name string) (Named, error) { - if len(name) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - - match := anchoredNameRegexp.FindStringSubmatch(name) - if match == nil || len(match) != 3 { - return nil, ErrReferenceInvalidFormat - } - return repository{ - domain: match[1], - path: match[2], - }, nil -} - -// WithTag combines the name from "name" and the tag from "tag" to form a -// reference incorporating both the name and the tag. -func WithTag(name Named, tag string) (NamedTagged, error) { - if !anchoredTagRegexp.MatchString(tag) { - return nil, ErrTagInvalidFormat - } - var repo repository - if r, ok := name.(namedRepository); ok { - repo.domain = r.Domain() - repo.path = r.Path() - } else { - repo.path = name.Name() - } - if canonical, ok := name.(Canonical); ok { - return reference{ - namedRepository: repo, - tag: tag, - digest: canonical.Digest(), - }, nil - } - return taggedReference{ - namedRepository: repo, - tag: tag, - }, nil -} - -// WithDigest combines the name from "name" and the digest from "digest" to form -// a reference incorporating both the name and the digest. -func WithDigest(name Named, digest digest.Digest) (Canonical, error) { - if !anchoredDigestRegexp.MatchString(digest.String()) { - return nil, ErrDigestInvalidFormat - } - var repo repository - if r, ok := name.(namedRepository); ok { - repo.domain = r.Domain() - repo.path = r.Path() - } else { - repo.path = name.Name() - } - if tagged, ok := name.(Tagged); ok { - return reference{ - namedRepository: repo, - tag: tagged.Tag(), - digest: digest, - }, nil - } - return canonicalReference{ - namedRepository: repo, - digest: digest, - }, nil -} - -// TrimNamed removes any tag or digest from the named reference. -func TrimNamed(ref Named) Named { - repo := repository{} - if r, ok := ref.(namedRepository); ok { - repo.domain, repo.path = r.Domain(), r.Path() - } else { - repo.domain, repo.path = splitDomain(ref.Name()) - } - return repo -} - -func getBestReferenceType(ref reference) Reference { - if ref.Name() == "" { - // Allow digest only references - if ref.digest != "" { - return digestReference(ref.digest) - } - return nil - } - if ref.tag == "" { - if ref.digest != "" { - return canonicalReference{ - namedRepository: ref.namedRepository, - digest: ref.digest, - } - } - return ref.namedRepository - } - if ref.digest == "" { - return taggedReference{ - namedRepository: ref.namedRepository, - tag: ref.tag, - } - } - - return ref -} - -type reference struct { - namedRepository - tag string - digest digest.Digest -} - -func (r reference) String() string { - return r.Name() + ":" + r.tag + "@" + r.digest.String() -} - -func (r reference) Tag() string { - return r.tag -} - -func (r reference) Digest() digest.Digest { - return r.digest -} - -type repository struct { - domain string - path string -} - -func (r repository) String() string { - return r.Name() -} - -func (r repository) Name() string { - if r.domain == "" { - return r.path - } - return r.domain + "/" + r.path -} - -func (r repository) Domain() string { - return r.domain -} - -func (r repository) Path() string { - return r.path -} - -type digestReference digest.Digest - -func (d digestReference) String() string { - return digest.Digest(d).String() -} - -func (d digestReference) Digest() digest.Digest { - return digest.Digest(d) -} - -type taggedReference struct { - namedRepository - tag string -} - -func (t taggedReference) String() string { - return t.Name() + ":" + t.tag -} - -func (t taggedReference) Tag() string { - return t.tag -} - -type canonicalReference struct { - namedRepository - digest digest.Digest -} - -func (c canonicalReference) String() string { - return c.Name() + "@" + c.digest.String() -} - -func (c canonicalReference) Digest() digest.Digest { - return c.digest -} diff --git a/vendor/github.com/containerd/containerd/reference/docker/regexp.go b/vendor/github.com/containerd/containerd/reference/docker/regexp.go deleted file mode 100644 index 4be3c57..0000000 --- a/vendor/github.com/containerd/containerd/reference/docker/regexp.go +++ /dev/null @@ -1,191 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package docker - -import "regexp" - -var ( - // alphaNumeric defines the alpha numeric atom, typically a - // component of names. This only allows lower case characters and digits. - alphaNumeric = `[a-z0-9]+` - - // separator defines the separators allowed to be embedded in name - // components. This allow one period, one or two underscore and multiple - // dashes. Repeated dashes and underscores are intentionally treated - // differently. In order to support valid hostnames as name components, - // supporting repeated dash was added. Additionally double underscore is - // now allowed as a separator to loosen the restriction for previously - // supported names. - separator = `(?:[._]|__|[-]*)` - - // nameComponent restricts registry path component names to start - // with at least one letter or number, with following parts able to be - // separated by one period, one or two underscore and multiple dashes. - nameComponent = expression( - alphaNumeric, - optional(repeated(separator, alphaNumeric))) - - // domainNameComponent restricts the registry domain component of a - // repository name to start with a component as defined by DomainRegexp. - domainNameComponent = `(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])` - - // ipv6address are enclosed between square brackets and may be represented - // in many ways, see rfc5952. Only IPv6 in compressed or uncompressed format - // are allowed, IPv6 zone identifiers (rfc6874) or Special addresses such as - // IPv4-Mapped are deliberately excluded. - ipv6address = expression( - literal(`[`), `(?:[a-fA-F0-9:]+)`, literal(`]`), - ) - - // domainName defines the structure of potential domain components - // that may be part of image names. This is purposely a subset of what is - // allowed by DNS to ensure backwards compatibility with Docker image - // names. This includes IPv4 addresses on decimal format. - domainName = expression( - domainNameComponent, - optional(repeated(literal(`.`), domainNameComponent)), - ) - - // host defines the structure of potential domains based on the URI - // Host subcomponent on rfc3986. It may be a subset of DNS domain name, - // or an IPv4 address in decimal format, or an IPv6 address between square - // brackets (excluding zone identifiers as defined by rfc6874 or special - // addresses such as IPv4-Mapped). - host = `(?:` + domainName + `|` + ipv6address + `)` - - // allowed by the URI Host subcomponent on rfc3986 to ensure backwards - // compatibility with Docker image names. - domain = expression( - host, - optional(literal(`:`), `[0-9]+`)) - - // DomainRegexp defines the structure of potential domain components - // that may be part of image names. This is purposely a subset of what is - // allowed by DNS to ensure backwards compatibility with Docker image - // names. - DomainRegexp = regexp.MustCompile(domain) - - tag = `[\w][\w.-]{0,127}` - // TagRegexp matches valid tag names. From docker/docker:graph/tags.go. - TagRegexp = regexp.MustCompile(tag) - - anchoredTag = anchored(tag) - // anchoredTagRegexp matches valid tag names, anchored at the start and - // end of the matched string. - anchoredTagRegexp = regexp.MustCompile(anchoredTag) - - digestPat = `[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}` - // DigestRegexp matches valid digests. - DigestRegexp = regexp.MustCompile(digestPat) - - anchoredDigest = anchored(digestPat) - // anchoredDigestRegexp matches valid digests, anchored at the start and - // end of the matched string. - anchoredDigestRegexp = regexp.MustCompile(anchoredDigest) - - namePat = expression( - optional(domain, literal(`/`)), - nameComponent, - optional(repeated(literal(`/`), nameComponent))) - // NameRegexp is the format for the name component of references. The - // regexp has capturing groups for the domain and name part omitting - // the separating forward slash from either. - NameRegexp = regexp.MustCompile(namePat) - - anchoredName = anchored( - optional(capture(domain), literal(`/`)), - capture(nameComponent, - optional(repeated(literal(`/`), nameComponent)))) - // anchoredNameRegexp is used to parse a name value, capturing the - // domain and trailing components. - anchoredNameRegexp = regexp.MustCompile(anchoredName) - - referencePat = anchored(capture(namePat), - optional(literal(":"), capture(tag)), - optional(literal("@"), capture(digestPat))) - // ReferenceRegexp is the full supported format of a reference. The regexp - // is anchored and has capturing groups for name, tag, and digest - // components. - ReferenceRegexp = regexp.MustCompile(referencePat) - - identifier = `([a-f0-9]{64})` - // IdentifierRegexp is the format for string identifier used as a - // content addressable identifier using sha256. These identifiers - // are like digests without the algorithm, since sha256 is used. - IdentifierRegexp = regexp.MustCompile(identifier) - - shortIdentifier = `([a-f0-9]{6,64})` - // ShortIdentifierRegexp is the format used to represent a prefix - // of an identifier. A prefix may be used to match a sha256 identifier - // within a list of trusted identifiers. - ShortIdentifierRegexp = regexp.MustCompile(shortIdentifier) - - anchoredIdentifier = anchored(identifier) - // anchoredIdentifierRegexp is used to check or match an - // identifier value, anchored at start and end of string. - anchoredIdentifierRegexp = regexp.MustCompile(anchoredIdentifier) -) - -// literal compiles s into a literal regular expression, escaping any regexp -// reserved characters. -func literal(s string) string { - re := regexp.MustCompile(regexp.QuoteMeta(s)) - - if _, complete := re.LiteralPrefix(); !complete { - panic("must be a literal") - } - - return re.String() -} - -// expression defines a full expression, where each regular expression must -// follow the previous. -func expression(res ...string) string { - var s string - for _, re := range res { - s += re - } - - return s -} - -// optional wraps the expression in a non-capturing group and makes the -// production optional. -func optional(res ...string) string { - return group(expression(res...)) + `?` -} - -// repeated wraps the regexp in a non-capturing group to get one or more -// matches. -func repeated(res ...string) string { - return group(expression(res...)) + `+` -} - -// group wraps the regexp in a non-capturing group. -func group(res ...string) string { - return `(?:` + expression(res...) + `)` -} - -// capture wraps the expression in a capturing group. -func capture(res ...string) string { - return `(` + expression(res...) + `)` -} - -// anchored anchors the regular expression by adding start and end delimiters. -func anchored(res ...string) string { - return `^` + expression(res...) + `$` -} diff --git a/vendor/github.com/containerd/containerd/reference/docker/sort.go b/vendor/github.com/containerd/containerd/reference/docker/sort.go deleted file mode 100644 index 984e375..0000000 --- a/vendor/github.com/containerd/containerd/reference/docker/sort.go +++ /dev/null @@ -1,73 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package docker - -import ( - "sort" -) - -// Sort sorts string references preferring higher information references -// The precedence is as follows: -// 1. Name + Tag + Digest -// 2. Name + Tag -// 3. Name + Digest -// 4. Name -// 5. Digest -// 6. Parse error -func Sort(references []string) []string { - var prefs []Reference - var bad []string - - for _, ref := range references { - pref, err := ParseAnyReference(ref) - if err != nil { - bad = append(bad, ref) - } else { - prefs = append(prefs, pref) - } - } - sort.Slice(prefs, func(a, b int) bool { - ar := refRank(prefs[a]) - br := refRank(prefs[b]) - if ar == br { - return prefs[a].String() < prefs[b].String() - } - return ar < br - }) - sort.Strings(bad) - var refs []string - for _, pref := range prefs { - refs = append(refs, pref.String()) - } - return append(refs, bad...) -} - -func refRank(ref Reference) uint8 { - if _, ok := ref.(Named); ok { - if _, ok = ref.(Tagged); ok { - if _, ok = ref.(Digested); ok { - return 1 - } - return 2 - } - if _, ok = ref.(Digested); ok { - return 3 - } - return 4 - } - return 5 -} diff --git a/vendor/github.com/containerd/containerd/reference/reference.go b/vendor/github.com/containerd/containerd/reference/reference.go index a4bf6da..9329a9a 100644 --- a/vendor/github.com/containerd/containerd/reference/reference.go +++ b/vendor/github.com/containerd/containerd/reference/reference.go @@ -18,7 +18,6 @@ package reference import ( "errors" - "fmt" "net/url" "path" "regexp" @@ -136,8 +135,12 @@ func (r Spec) Hostname() string { // Digest returns the digest portion of the reference spec. This may be a // partial or invalid digest, which may be used to lookup a complete digest. func (r Spec) Digest() digest.Digest { - _, dgst := SplitObject(r.Object) - return dgst + i := strings.Index(r.Object, "@") + + if i < 0 { + return "" + } + return digest.Digest(r.Object[i+1:]) } // String returns the normalized string for the ref. @@ -146,21 +149,31 @@ func (r Spec) String() string { return r.Locator } if r.Object[:1] == "@" { - return fmt.Sprintf("%v%v", r.Locator, r.Object) + return r.Locator + r.Object } - return fmt.Sprintf("%v:%v", r.Locator, r.Object) + return r.Locator + ":" + r.Object } -// SplitObject provides two parts of the object spec, delimited by an `@` -// symbol. +// SplitObject provides two parts of the object spec, delimited by an "@" +// symbol. It does not perform any validation on correctness of the values +// returned, and it's the callers' responsibility to validate the result. // -// Either may be empty and it is the callers job to validate them -// appropriately. +// If an "@" delimiter is found, it returns the part *including* the "@" +// delimiter as "tag", and the part after the "@" as digest. +// +// The example below produces "docker.io/library/ubuntu:latest@" and +// "sha256:deadbeef"; +// +// t, d := SplitObject("docker.io/library/ubuntu:latest@sha256:deadbeef") +// fmt.Println(t) // docker.io/library/ubuntu:latest@ +// fmt.Println(d) // sha256:deadbeef +// +// Deprecated: use [Parse] and [Spec.Digest] instead. func SplitObject(obj string) (tag string, dgst digest.Digest) { - parts := strings.SplitAfterN(obj, "@", 2) - if len(parts) < 2 { - return parts[0], "" + if i := strings.Index(obj, "@"); i >= 0 { + // Offset by one so preserve the "@" in the tag returned. + return obj[:i+1], digest.Digest(obj[i+1:]) } - return parts[0], digest.Digest(parts[1]) + return obj, "" } diff --git a/vendor/github.com/containerd/containerd/remotes/docker/fetcher_fuzz.go b/vendor/github.com/containerd/containerd/remotes/docker/fetcher_fuzz.go index b98886c..f396a74 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/fetcher_fuzz.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/fetcher_fuzz.go @@ -25,8 +25,6 @@ import ( "net/http" "net/http/httptest" "net/url" - - refDocker "github.com/containerd/containerd/reference/docker" ) func FuzzFetcher(data []byte) int { @@ -74,8 +72,3 @@ func FuzzFetcher(data []byte) int { } return 1 } - -func FuzzParseDockerRef(data []byte) int { - _, _ = refDocker.ParseDockerRef(string(data)) - return 1 -} diff --git a/vendor/github.com/containerd/containerd/remotes/handlers.go b/vendor/github.com/containerd/containerd/remotes/handlers.go index 912b85b..736a044 100644 --- a/vendor/github.com/containerd/containerd/remotes/handlers.go +++ b/vendor/github.com/containerd/containerd/remotes/handlers.go @@ -28,9 +28,9 @@ import ( "github.com/containerd/containerd/content" "github.com/containerd/containerd/images" "github.com/containerd/containerd/labels" - "github.com/containerd/containerd/platforms" "github.com/containerd/errdefs" "github.com/containerd/log" + "github.com/containerd/platforms" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/sync/semaphore" ) diff --git a/vendor/github.com/containerd/containerd/sandbox/bridge.go b/vendor/github.com/containerd/containerd/sandbox/bridge.go index bc7d999..5ff19b9 100644 --- a/vendor/github.com/containerd/containerd/sandbox/bridge.go +++ b/vendor/github.com/containerd/containerd/sandbox/bridge.go @@ -24,6 +24,7 @@ import ( "google.golang.org/grpc" api "github.com/containerd/containerd/api/runtime/sandbox/v1" + "github.com/containerd/errdefs" ) // NewClient returns a new sandbox client that handles both GRPC and TTRPC clients. @@ -75,3 +76,7 @@ func (g *grpcBridge) PingSandbox(ctx context.Context, request *api.PingRequest) func (g *grpcBridge) ShutdownSandbox(ctx context.Context, request *api.ShutdownSandboxRequest) (*api.ShutdownSandboxResponse, error) { return g.client.ShutdownSandbox(ctx, request) } + +func (g *grpcBridge) SandboxMetrics(ctx context.Context, request *api.SandboxMetricsRequest) (*api.SandboxMetricsResponse, error) { + return nil, errdefs.ToGRPC(errdefs.ErrNotImplemented) +} diff --git a/vendor/github.com/containerd/containerd/services/introspection/local.go b/vendor/github.com/containerd/containerd/services/introspection/local.go index fb534f7..8c99204 100644 --- a/vendor/github.com/containerd/containerd/services/introspection/local.go +++ b/vendor/github.com/containerd/containerd/services/introspection/local.go @@ -30,6 +30,8 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/status" + "github.com/containerd/errdefs" + api "github.com/containerd/containerd/api/services/introspection/v1" "github.com/containerd/containerd/api/types" "github.com/containerd/containerd/filters" @@ -38,7 +40,6 @@ import ( ptypes "github.com/containerd/containerd/protobuf/types" "github.com/containerd/containerd/services" "github.com/containerd/containerd/services/warning" - "github.com/containerd/errdefs" ) func init() { @@ -147,6 +148,10 @@ func (l *Local) Server(ctx context.Context, _ *ptypes.Empty, _ ...grpc.CallOptio }, nil } +func (l *Local) PluginInfo(ctx context.Context, in *api.PluginInfoRequest, opts ...grpc.CallOption) (*api.PluginInfoResponse, error) { + return nil, errdefs.ErrNotImplemented +} + func (l *Local) getUUID() (string, error) { l.mu.Lock() defer l.mu.Unlock() @@ -158,6 +163,9 @@ func (l *Local) getUUID() (string, error) { } return "", err } + if len(data) == 0 { + return l.generateUUID() + } u := string(data) if _, err := uuid.Parse(u); err != nil { return "", err diff --git a/vendor/github.com/containerd/containerd/services/introspection/service.go b/vendor/github.com/containerd/containerd/services/introspection/service.go index 60013b5..62d2f2d 100644 --- a/vendor/github.com/containerd/containerd/services/introspection/service.go +++ b/vendor/github.com/containerd/containerd/services/introspection/service.go @@ -17,14 +17,16 @@ package introspection import ( - context "context" + "context" "errors" + "google.golang.org/grpc" + api "github.com/containerd/containerd/api/services/introspection/v1" "github.com/containerd/containerd/plugin" ptypes "github.com/containerd/containerd/protobuf/types" "github.com/containerd/containerd/services" - "google.golang.org/grpc" + "github.com/containerd/errdefs" ) func init() { @@ -79,3 +81,7 @@ func (s *server) Plugins(ctx context.Context, req *api.PluginsRequest) (*api.Plu func (s *server) Server(ctx context.Context, empty *ptypes.Empty) (*api.ServerResponse, error) { return s.local.Server(ctx, empty) } + +func (s *server) PluginInfo(ctx context.Context, in *api.PluginInfoRequest) (*api.PluginInfoResponse, error) { + return nil, errdefs.ToGRPC(errdefs.ErrNotImplemented) +} diff --git a/vendor/github.com/containerd/containerd/task_opts.go b/vendor/github.com/containerd/containerd/task_opts.go index 7bcd8a4..3774d65 100644 --- a/vendor/github.com/containerd/containerd/task_opts.go +++ b/vendor/github.com/containerd/containerd/task_opts.go @@ -158,6 +158,12 @@ type ProcessDeleteOpts func(context.Context, Process) error // WithProcessKill will forcefully kill and delete a process func WithProcessKill(ctx context.Context, p Process) error { + // Skip killing tasks with PID 0 + // https://github.com/containerd/containerd/issues/10441 + if p.Pid() == 0 { + return nil + } + ctx, cancel := context.WithCancel(ctx) defer cancel() // ignore errors to wait and kill as we are forcefully killing diff --git a/vendor/github.com/containerd/containerd/version/version.go b/vendor/github.com/containerd/containerd/version/version.go index dfe46c9..4546b94 100644 --- a/vendor/github.com/containerd/containerd/version/version.go +++ b/vendor/github.com/containerd/containerd/version/version.go @@ -23,7 +23,7 @@ var ( Package = "github.com/containerd/containerd" // Version holds the complete version number. Filled in at linking time. - Version = "1.7.18+unknown" + Version = "1.7.22+unknown" // Revision is filled with the VCS (e.g. git) revision being used to build // the program at linking time. diff --git a/vendor/github.com/containerd/platforms/.gitattributes b/vendor/github.com/containerd/platforms/.gitattributes new file mode 100644 index 0000000..a0717e4 --- /dev/null +++ b/vendor/github.com/containerd/platforms/.gitattributes @@ -0,0 +1 @@ +*.go text eol=lf \ No newline at end of file diff --git a/vendor/github.com/containerd/platforms/.golangci.yml b/vendor/github.com/containerd/platforms/.golangci.yml new file mode 100644 index 0000000..a695775 --- /dev/null +++ b/vendor/github.com/containerd/platforms/.golangci.yml @@ -0,0 +1,30 @@ +linters: + enable: + - exportloopref # Checks for pointers to enclosing loop variables + - gofmt + - goimports + - gosec + - ineffassign + - misspell + - nolintlint + - revive + - staticcheck + - tenv # Detects using os.Setenv instead of t.Setenv since Go 1.17 + - unconvert + - unused + - vet + - dupword # Checks for duplicate words in the source code + disable: + - errcheck + +run: + timeout: 5m + skip-dirs: + - api + - cluster + - design + - docs + - docs/man + - releases + - reports + - test # e2e scripts diff --git a/vendor/github.com/containerd/platforms/LICENSE b/vendor/github.com/containerd/platforms/LICENSE new file mode 100644 index 0000000..584149b --- /dev/null +++ b/vendor/github.com/containerd/platforms/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright The containerd Authors + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/containerd/platforms/README.md b/vendor/github.com/containerd/platforms/README.md new file mode 100644 index 0000000..2059de7 --- /dev/null +++ b/vendor/github.com/containerd/platforms/README.md @@ -0,0 +1,32 @@ +# platforms + +A Go package for formatting, normalizing and matching container platforms. + +This package is based on the Open Containers Image Spec definition of a [platform](https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/descriptor.go#L52). + +## Platform Specifier + +While the OCI platform specifications provide a tool for components to +specify structured information, user input typically doesn't need the full +context and much can be inferred. To solve this problem, this package introduces +"specifiers". A specifier has the format +`||/[/]`. The user can provide either the +operating system or the architecture or both. + +An example of a common specifier is `linux/amd64`. If the host has a default +runtime that matches this, the user can simply provide the component that +matters. For example, if an image provides `amd64` and `arm64` support, the +operating system, `linux` can be inferred, so they only have to provide +`arm64` or `amd64`. Similar behavior is implemented for operating systems, +where the architecture may be known but a runtime may support images from +different operating systems. + +## Project details + +**platforms** is a containerd sub-project, licensed under the [Apache 2.0 license](./LICENSE). +As a containerd sub-project, you will find the: + * [Project governance](https://github.com/containerd/project/blob/main/GOVERNANCE.md), + * [Maintainers](https://github.com/containerd/project/blob/main/MAINTAINERS), + * and [Contributing guidelines](https://github.com/containerd/project/blob/main/CONTRIBUTING.md) + +information in our [`containerd/project`](https://github.com/containerd/project) repository. \ No newline at end of file diff --git a/vendor/github.com/containerd/containerd/platforms/compare.go b/vendor/github.com/containerd/platforms/compare.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/compare.go rename to vendor/github.com/containerd/platforms/compare.go diff --git a/vendor/github.com/containerd/containerd/platforms/cpuinfo.go b/vendor/github.com/containerd/platforms/cpuinfo.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/cpuinfo.go rename to vendor/github.com/containerd/platforms/cpuinfo.go diff --git a/vendor/github.com/containerd/containerd/platforms/cpuinfo_linux.go b/vendor/github.com/containerd/platforms/cpuinfo_linux.go similarity index 94% rename from vendor/github.com/containerd/containerd/platforms/cpuinfo_linux.go rename to vendor/github.com/containerd/platforms/cpuinfo_linux.go index e07aa99..98c7001 100644 --- a/vendor/github.com/containerd/containerd/platforms/cpuinfo_linux.go +++ b/vendor/github.com/containerd/platforms/cpuinfo_linux.go @@ -19,12 +19,12 @@ package platforms import ( "bufio" "bytes" + "errors" "fmt" "os" "runtime" "strings" - "github.com/containerd/errdefs" "golang.org/x/sys/unix" ) @@ -70,7 +70,7 @@ func getCPUInfo(pattern string) (info string, err error) { return "", err } - return "", fmt.Errorf("getCPUInfo for pattern %s: %w", pattern, errdefs.ErrNotFound) + return "", fmt.Errorf("getCPUInfo for pattern %s: %w", pattern, errNotFound) } // getCPUVariantFromArch get CPU variant from arch through a system call @@ -83,7 +83,7 @@ func getCPUVariantFromArch(arch string) (string, error) { if arch == "aarch64" { variant = "8" } else if arch[0:4] == "armv" && len(arch) >= 5 { - //Valid arch format is in form of armvXx + // Valid arch format is in form of armvXx switch arch[3:5] { case "v8": variant = "8" @@ -101,7 +101,7 @@ func getCPUVariantFromArch(arch string) (string, error) { variant = "unknown" } } else { - return "", fmt.Errorf("getCPUVariantFromArch invalid arch: %s, %w", arch, errdefs.ErrInvalidArgument) + return "", fmt.Errorf("getCPUVariantFromArch invalid arch: %s, %w", arch, errInvalidArgument) } return variant, nil } @@ -112,11 +112,10 @@ func getCPUVariantFromArch(arch string) (string, error) { // This is to cover running ARM in emulated environment on x86 host as this field in /proc/cpuinfo // was not present. func getCPUVariant() (string, error) { - variant, err := getCPUInfo("Cpu architecture") if err != nil { - if errdefs.IsNotFound(err) { - //Let's try getting CPU variant from machine architecture + if errors.Is(err, errNotFound) { + // Let's try getting CPU variant from machine architecture arch, err := getMachineArch() if err != nil { return "", fmt.Errorf("failure getting machine architecture: %v", err) diff --git a/vendor/github.com/containerd/containerd/platforms/cpuinfo_other.go b/vendor/github.com/containerd/platforms/cpuinfo_other.go similarity index 95% rename from vendor/github.com/containerd/containerd/platforms/cpuinfo_other.go rename to vendor/github.com/containerd/platforms/cpuinfo_other.go index 8cbcbb2..97a1fe8 100644 --- a/vendor/github.com/containerd/containerd/platforms/cpuinfo_other.go +++ b/vendor/github.com/containerd/platforms/cpuinfo_other.go @@ -21,8 +21,6 @@ package platforms import ( "fmt" "runtime" - - "github.com/containerd/errdefs" ) func getCPUVariant() (string, error) { @@ -49,10 +47,8 @@ func getCPUVariant() (string, error) { default: variant = "unknown" } - } else { - return "", fmt.Errorf("getCPUVariant for OS %s: %v", runtime.GOOS, errdefs.ErrNotImplemented) - + return "", fmt.Errorf("getCPUVariant for OS %s: %v", runtime.GOOS, errNotImplemented) } return variant, nil diff --git a/vendor/github.com/containerd/containerd/platforms/database.go b/vendor/github.com/containerd/platforms/database.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/database.go rename to vendor/github.com/containerd/platforms/database.go diff --git a/vendor/github.com/containerd/containerd/platforms/defaults.go b/vendor/github.com/containerd/platforms/defaults.go similarity index 81% rename from vendor/github.com/containerd/containerd/platforms/defaults.go rename to vendor/github.com/containerd/platforms/defaults.go index cfa3ff3..9d898d6 100644 --- a/vendor/github.com/containerd/containerd/platforms/defaults.go +++ b/vendor/github.com/containerd/platforms/defaults.go @@ -16,9 +16,11 @@ package platforms -// DefaultString returns the default string specifier for the platform. +// DefaultString returns the default string specifier for the platform, +// with [PR#6](https://github.com/containerd/platforms/pull/6) the result +// may now also include the OSVersion from the provided platform specification. func DefaultString() string { - return Format(DefaultSpec()) + return FormatAll(DefaultSpec()) } // DefaultStrict returns strict form of Default. diff --git a/vendor/github.com/containerd/containerd/platforms/defaults_darwin.go b/vendor/github.com/containerd/platforms/defaults_darwin.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/defaults_darwin.go rename to vendor/github.com/containerd/platforms/defaults_darwin.go diff --git a/vendor/github.com/containerd/containerd/platforms/defaults_freebsd.go b/vendor/github.com/containerd/platforms/defaults_freebsd.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/defaults_freebsd.go rename to vendor/github.com/containerd/platforms/defaults_freebsd.go diff --git a/vendor/github.com/containerd/containerd/platforms/defaults_unix.go b/vendor/github.com/containerd/platforms/defaults_unix.go similarity index 100% rename from vendor/github.com/containerd/containerd/platforms/defaults_unix.go rename to vendor/github.com/containerd/platforms/defaults_unix.go diff --git a/vendor/github.com/containerd/containerd/platforms/defaults_windows.go b/vendor/github.com/containerd/platforms/defaults_windows.go similarity index 88% rename from vendor/github.com/containerd/containerd/platforms/defaults_windows.go rename to vendor/github.com/containerd/platforms/defaults_windows.go index d10fa90..427ed72 100644 --- a/vendor/github.com/containerd/containerd/platforms/defaults_windows.go +++ b/vendor/github.com/containerd/platforms/defaults_windows.go @@ -22,7 +22,6 @@ import ( "strconv" "strings" - "github.com/Microsoft/hcsshim/osversion" specs "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/sys/windows" ) @@ -52,29 +51,29 @@ func (m windowsmatcher) Match(p specs.Platform) bool { if match && m.OS == "windows" { // HPC containers do not have OS version filled - if p.OSVersion == "" { + if m.OSVersion == "" || p.OSVersion == "" { return true } - hostOsVersion := GetOsVersion(m.osVersionPrefix) - ctrOsVersion := GetOsVersion(p.OSVersion) - return osversion.CheckHostAndContainerCompat(hostOsVersion, ctrOsVersion) + hostOsVersion := getOSVersion(m.osVersionPrefix) + ctrOsVersion := getOSVersion(p.OSVersion) + return checkHostAndContainerCompat(hostOsVersion, ctrOsVersion) } return match } -func GetOsVersion(osVersionPrefix string) osversion.OSVersion { +func getOSVersion(osVersionPrefix string) osVersion { parts := strings.Split(osVersionPrefix, ".") if len(parts) < 3 { - return osversion.OSVersion{} + return osVersion{} } majorVersion, _ := strconv.Atoi(parts[0]) minorVersion, _ := strconv.Atoi(parts[1]) buildNumber, _ := strconv.Atoi(parts[2]) - return osversion.OSVersion{ + return osVersion{ MajorVersion: uint8(majorVersion), MinorVersion: uint8(minorVersion), Build: uint16(buildNumber), diff --git a/vendor/github.com/containerd/containerd/pkg/userns/userns_unsupported.go b/vendor/github.com/containerd/platforms/errors.go similarity index 56% rename from vendor/github.com/containerd/containerd/pkg/userns/userns_unsupported.go rename to vendor/github.com/containerd/platforms/errors.go index c67f773..5ad721e 100644 --- a/vendor/github.com/containerd/containerd/pkg/userns/userns_unsupported.go +++ b/vendor/github.com/containerd/platforms/errors.go @@ -1,5 +1,3 @@ -//go:build !linux - /* Copyright The containerd Authors. @@ -16,10 +14,17 @@ limitations under the License. */ -package userns +package platforms -// RunningInUserNS is a stub for non-Linux systems -// Always returns false -func RunningInUserNS() bool { - return false -} +import "errors" + +// These errors mirror the errors defined in [github.com/containerd/containerd/errdefs], +// however, they are not exported as they are not expected to be used as sentinel +// errors by consumers of this package. +// +//nolint:unused // not all errors are used on all platforms. +var ( + errNotFound = errors.New("not found") + errInvalidArgument = errors.New("invalid argument") + errNotImplemented = errors.New("not implemented") +) diff --git a/vendor/github.com/containerd/platforms/platform_compat_windows.go b/vendor/github.com/containerd/platforms/platform_compat_windows.go new file mode 100644 index 0000000..89e66f0 --- /dev/null +++ b/vendor/github.com/containerd/platforms/platform_compat_windows.go @@ -0,0 +1,78 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package platforms + +// osVersion is a wrapper for Windows version information +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx +type osVersion struct { + Version uint32 + MajorVersion uint8 + MinorVersion uint8 + Build uint16 +} + +// Windows Client and Server build numbers. +// +// See: +// https://learn.microsoft.com/en-us/windows/release-health/release-information +// https://learn.microsoft.com/en-us/windows/release-health/windows-server-release-info +// https://learn.microsoft.com/en-us/windows/release-health/windows11-release-information +const ( + // rs5 (version 1809, codename "Redstone 5") corresponds to Windows Server + // 2019 (ltsc2019), and Windows 10 (October 2018 Update). + rs5 = 17763 + + // v21H2Server corresponds to Windows Server 2022 (ltsc2022). + v21H2Server = 20348 + + // v22H2Win11 corresponds to Windows 11 (2022 Update). + v22H2Win11 = 22621 +) + +// List of stable ABI compliant ltsc releases +// Note: List must be sorted in ascending order +var compatLTSCReleases = []uint16{ + v21H2Server, +} + +// CheckHostAndContainerCompat checks if given host and container +// OS versions are compatible. +// It includes support for stable ABI compliant versions as well. +// Every release after WS 2022 will support the previous ltsc +// container image. Stable ABI is in preview mode for windows 11 client. +// Refer: https://learn.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/version-compatibility?tabs=windows-server-2022%2Cwindows-10#windows-server-host-os-compatibility +func checkHostAndContainerCompat(host, ctr osVersion) bool { + // check major minor versions of host and guest + if host.MajorVersion != ctr.MajorVersion || + host.MinorVersion != ctr.MinorVersion { + return false + } + + // If host is < WS 2022, exact version match is required + if host.Build < v21H2Server { + return host.Build == ctr.Build + } + + var supportedLtscRelease uint16 + for i := len(compatLTSCReleases) - 1; i >= 0; i-- { + if host.Build >= compatLTSCReleases[i] { + supportedLtscRelease = compatLTSCReleases[i] + break + } + } + return ctr.Build >= supportedLtscRelease && ctr.Build <= host.Build +} diff --git a/vendor/github.com/containerd/containerd/platforms/platforms.go b/vendor/github.com/containerd/platforms/platforms.go similarity index 74% rename from vendor/github.com/containerd/containerd/platforms/platforms.go rename to vendor/github.com/containerd/platforms/platforms.go index 44bc24a..1bbbdb9 100644 --- a/vendor/github.com/containerd/containerd/platforms/platforms.go +++ b/vendor/github.com/containerd/platforms/platforms.go @@ -102,6 +102,9 @@ // unless it is explicitly provided. This is treated as equivalent to armhf. A // previous architecture, armel, will be normalized to arm/v6. // +// Similarly, the most common arm64 version v8, and most common amd64 version v1 +// are represented without the variant. +// // While these normalizations are provided, their support on arm platforms has // not yet been fully implemented and tested. package platforms @@ -115,14 +118,15 @@ import ( "strings" specs "github.com/opencontainers/image-spec/specs-go/v1" - - "github.com/containerd/errdefs" ) var ( - specifierRe = regexp.MustCompile(`^[A-Za-z0-9_-]+$`) + specifierRe = regexp.MustCompile(`^[A-Za-z0-9_-]+$`) + osAndVersionRe = regexp.MustCompile(`^([A-Za-z0-9_-]+)(?:\(([A-Za-z0-9_.-]*)\))?$`) ) +const osAndVersionFormat = "%s(%s)" + // Platform is a type alias for convenience, so there is no need to import image-spec package everywhere. type Platform = specs.Platform @@ -155,40 +159,68 @@ func (m *matcher) Match(platform specs.Platform) bool { } func (m *matcher) String() string { - return Format(m.Platform) + return FormatAll(m.Platform) +} + +// ParseAll parses a list of platform specifiers into a list of platform. +func ParseAll(specifiers []string) ([]specs.Platform, error) { + platforms := make([]specs.Platform, len(specifiers)) + for i, s := range specifiers { + p, err := Parse(s) + if err != nil { + return nil, fmt.Errorf("invalid platform %s: %w", s, err) + } + platforms[i] = p + } + return platforms, nil } // Parse parses the platform specifier syntax into a platform declaration. // -// Platform specifiers are in the format `||/[/]`. +// Platform specifiers are in the format `[()]||[()]/[/]`. // The minimum required information for a platform specifier is the operating -// system or architecture. If there is only a single string (no slashes), the +// system or architecture. The OSVersion can be part of the OS like `windows(10.0.17763)` +// When an OSVersion is specified, then specs.Platform.OSVersion is populated with that value, +// and an empty string otherwise. +// If there is only a single string (no slashes), the // value will be matched against the known set of operating systems, then fall // back to the known set of architectures. The missing component will be // inferred based on the local environment. func Parse(specifier string) (specs.Platform, error) { if strings.Contains(specifier, "*") { // TODO(stevvooe): need to work out exact wildcard handling - return specs.Platform{}, fmt.Errorf("%q: wildcards not yet supported: %w", specifier, errdefs.ErrInvalidArgument) + return specs.Platform{}, fmt.Errorf("%q: wildcards not yet supported: %w", specifier, errInvalidArgument) } - parts := strings.Split(specifier, "/") + // Limit to 4 elements to prevent unbounded split + parts := strings.SplitN(specifier, "/", 4) - for _, part := range parts { - if !specifierRe.MatchString(part) { - return specs.Platform{}, fmt.Errorf("%q is an invalid component of %q: platform specifier component must match %q: %w", part, specifier, specifierRe.String(), errdefs.ErrInvalidArgument) + var p specs.Platform + for i, part := range parts { + if i == 0 { + // First element is [()] + osVer := osAndVersionRe.FindStringSubmatch(part) + if osVer == nil { + return specs.Platform{}, fmt.Errorf("%q is an invalid OS component of %q: OSAndVersion specifier component must match %q: %w", part, specifier, osAndVersionRe.String(), errInvalidArgument) + } + + p.OS = normalizeOS(osVer[1]) + p.OSVersion = osVer[2] + } else { + if !specifierRe.MatchString(part) { + return specs.Platform{}, fmt.Errorf("%q is an invalid component of %q: platform specifier component must match %q: %w", part, specifier, specifierRe.String(), errInvalidArgument) + } } } - var p specs.Platform switch len(parts) { case 1: - // in this case, we will test that the value might be an OS, then look - // it up. If it is not known, we'll treat it as an architecture. Since + // in this case, we will test that the value might be an OS (with or + // without the optional OSVersion specified) and look it up. + // If it is not known, we'll treat it as an architecture. Since // we have very little information about the platform here, we are // going to be a little more strict if we don't know about the argument // value. - p.OS = normalizeOS(parts[0]) if isKnownOS(p.OS) { // picks a default architecture p.Architecture = runtime.GOARCH @@ -196,10 +228,6 @@ func Parse(specifier string) (specs.Platform, error) { p.Variant = cpuVariant() } - if p.OS == "windows" { - p.OSVersion = GetWindowsOsVersion() - } - return p, nil } @@ -212,37 +240,27 @@ func Parse(specifier string) (specs.Platform, error) { return p, nil } - return specs.Platform{}, fmt.Errorf("%q: unknown operating system or architecture: %w", specifier, errdefs.ErrInvalidArgument) + return specs.Platform{}, fmt.Errorf("%q: unknown operating system or architecture: %w", specifier, errInvalidArgument) case 2: - // In this case, we treat as a regular os/arch pair. We don't care + // In this case, we treat as a regular OS[(OSVersion)]/arch pair. We don't care // about whether or not we know of the platform. - p.OS = normalizeOS(parts[0]) p.Architecture, p.Variant = normalizeArch(parts[1], "") if p.Architecture == "arm" && p.Variant == "v7" { p.Variant = "" } - if p.OS == "windows" { - p.OSVersion = GetWindowsOsVersion() - } - return p, nil case 3: // we have a fully specified variant, this is rare - p.OS = normalizeOS(parts[0]) p.Architecture, p.Variant = normalizeArch(parts[1], parts[2]) if p.Architecture == "arm64" && p.Variant == "" { p.Variant = "v8" } - if p.OS == "windows" { - p.OSVersion = GetWindowsOsVersion() - } - return p, nil } - return specs.Platform{}, fmt.Errorf("%q: cannot parse platform specifier: %w", specifier, errdefs.ErrInvalidArgument) + return specs.Platform{}, fmt.Errorf("%q: cannot parse platform specifier: %w", specifier, errInvalidArgument) } // MustParse is like Parses but panics if the specifier cannot be parsed. @@ -264,6 +282,20 @@ func Format(platform specs.Platform) string { return path.Join(platform.OS, platform.Architecture, platform.Variant) } +// FormatAll returns a string specifier that also includes the OSVersion from the +// provided platform specification. +func FormatAll(platform specs.Platform) string { + if platform.OS == "" { + return "unknown" + } + + if platform.OSVersion != "" { + OSAndVersion := fmt.Sprintf(osAndVersionFormat, platform.OS, platform.OSVersion) + return path.Join(OSAndVersion, platform.Architecture, platform.Variant) + } + return path.Join(platform.OS, platform.Architecture, platform.Variant) +} + // Normalize validates and translate the platform to the canonical value. // // For example, if "Aarch64" is encountered, we change it to "arm64" or if diff --git a/vendor/github.com/containerd/containerd/platforms/platforms_other.go b/vendor/github.com/containerd/platforms/platforms_other.go similarity index 94% rename from vendor/github.com/containerd/containerd/platforms/platforms_other.go rename to vendor/github.com/containerd/platforms/platforms_other.go index 59beeb3..03f4dcd 100644 --- a/vendor/github.com/containerd/containerd/platforms/platforms_other.go +++ b/vendor/github.com/containerd/platforms/platforms_other.go @@ -28,7 +28,3 @@ func newDefaultMatcher(platform specs.Platform) Matcher { Platform: Normalize(platform), } } - -func GetWindowsOsVersion() string { - return "" -} diff --git a/vendor/github.com/containerd/containerd/platforms/platforms_windows.go b/vendor/github.com/containerd/platforms/platforms_windows.go similarity index 85% rename from vendor/github.com/containerd/containerd/platforms/platforms_windows.go rename to vendor/github.com/containerd/platforms/platforms_windows.go index 733d18d..950e2a2 100644 --- a/vendor/github.com/containerd/containerd/platforms/platforms_windows.go +++ b/vendor/github.com/containerd/platforms/platforms_windows.go @@ -17,10 +17,7 @@ package platforms import ( - "fmt" - specs "github.com/opencontainers/image-spec/specs-go/v1" - "golang.org/x/sys/windows" ) // NewMatcher returns a Windows matcher that will match on osVersionPrefix if @@ -35,8 +32,3 @@ func newDefaultMatcher(platform specs.Platform) Matcher { }, } } - -func GetWindowsOsVersion() string { - major, minor, build := windows.RtlGetNtVersionNumbers() - return fmt.Sprintf("%d.%d.%d", major, minor, build) -} diff --git a/vendor/github.com/containerd/ttrpc/README.md b/vendor/github.com/containerd/ttrpc/README.md index 675a517..ce95f63 100644 --- a/vendor/github.com/containerd/ttrpc/README.md +++ b/vendor/github.com/containerd/ttrpc/README.md @@ -1,6 +1,6 @@ # ttrpc -[![Build Status](https://github.com/containerd/ttrpc/workflows/CI/badge.svg)](https://github.com/containerd/ttrpc/actions?query=workflow%3ACI) +[![Build Status](https://github.com/containerd/ttrpc/actions/workflows/ci.yml/badge.svg)](https://github.com/containerd/ttrpc/actions/workflows/ci.yml) GRPC for low-memory environments. diff --git a/vendor/github.com/containerd/ttrpc/client.go b/vendor/github.com/containerd/ttrpc/client.go index 685a00a..b1bc7a3 100644 --- a/vendor/github.com/containerd/ttrpc/client.go +++ b/vendor/github.com/containerd/ttrpc/client.go @@ -27,7 +27,7 @@ import ( "syscall" "time" - "github.com/sirupsen/logrus" + "github.com/containerd/log" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/proto" @@ -368,7 +368,7 @@ func (c *Client) receiveLoop() error { sid := streamID(msg.header.StreamID) s := c.getStream(sid) if s == nil { - logrus.WithField("stream", sid).Errorf("ttrpc: received message on inactive stream") + log.G(c.ctx).WithField("stream", sid).Error("ttrpc: received message on inactive stream") continue } @@ -376,7 +376,7 @@ func (c *Client) receiveLoop() error { s.closeWithError(err) } else { if err := s.receive(c.ctx, msg); err != nil { - logrus.WithError(err).WithField("stream", sid).Errorf("ttrpc: failed to handle message") + log.G(c.ctx).WithFields(log.Fields{"error": err, "stream": sid}).Error("ttrpc: failed to handle message") } } } diff --git a/vendor/github.com/containerd/ttrpc/server.go b/vendor/github.com/containerd/ttrpc/server.go index 7af59f8..2641983 100644 --- a/vendor/github.com/containerd/ttrpc/server.go +++ b/vendor/github.com/containerd/ttrpc/server.go @@ -27,7 +27,7 @@ import ( "syscall" "time" - "github.com/sirupsen/logrus" + "github.com/containerd/log" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -109,7 +109,7 @@ func (s *Server) Serve(ctx context.Context, l net.Listener) error { } sleep := time.Duration(rand.Int63n(int64(backoff))) - logrus.WithError(err).Errorf("ttrpc: failed accept; backoff %v", sleep) + log.G(ctx).WithError(err).Errorf("ttrpc: failed accept; backoff %v", sleep) time.Sleep(sleep) continue } @@ -121,14 +121,14 @@ func (s *Server) Serve(ctx context.Context, l net.Listener) error { approved, handshake, err := handshaker.Handshake(ctx, conn) if err != nil { - logrus.WithError(err).Error("ttrpc: refusing connection after handshake") + log.G(ctx).WithError(err).Error("ttrpc: refusing connection after handshake") conn.Close() continue } sc, err := s.newConn(approved, handshake) if err != nil { - logrus.WithError(err).Error("ttrpc: create connection failed") + log.G(ctx).WithError(err).Error("ttrpc: create connection failed") conn.Close() continue } @@ -513,12 +513,12 @@ func (c *serverConn) run(sctx context.Context) { Payload: response.data, }) if err != nil { - logrus.WithError(err).Error("failed marshaling response") + log.G(ctx).WithError(err).Error("failed marshaling response") return } if err := ch.send(response.id, messageTypeResponse, 0, p); err != nil { - logrus.WithError(err).Error("failed sending message on channel") + log.G(ctx).WithError(err).Error("failed sending message on channel") return } } else { @@ -530,7 +530,7 @@ func (c *serverConn) run(sctx context.Context) { flags = flags | flagNoData } if err := ch.send(response.id, messageTypeData, flags, response.data); err != nil { - logrus.WithError(err).Error("failed sending message on channel") + log.G(ctx).WithError(err).Error("failed sending message on channel") return } } @@ -552,7 +552,7 @@ func (c *serverConn) run(sctx context.Context) { // requests, so that the client connection is closed return } - logrus.WithError(err).Error("error receiving message") + log.G(ctx).WithError(err).Error("error receiving message") // else, initiate shutdown case <-shutdown: return diff --git a/vendor/github.com/distribution/reference/README.md b/vendor/github.com/distribution/reference/README.md index e2531e4..172a02e 100644 --- a/vendor/github.com/distribution/reference/README.md +++ b/vendor/github.com/distribution/reference/README.md @@ -10,7 +10,7 @@ Go library to handle references to container images. [![codecov](https://codecov.io/gh/distribution/reference/branch/main/graph/badge.svg)](https://codecov.io/gh/distribution/reference) [![FOSSA Status](https://app.fossa.com/api/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Freference.svg?type=shield)](https://app.fossa.com/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Freference?ref=badge_shield) -This repository contains a library for handling refrences to container images held in container registries. Please see [godoc](https://pkg.go.dev/github.com/distribution/reference) for details. +This repository contains a library for handling references to container images held in container registries. Please see [godoc](https://pkg.go.dev/github.com/distribution/reference) for details. ## Contribution diff --git a/vendor/github.com/distribution/reference/normalize.go b/vendor/github.com/distribution/reference/normalize.go index a30229d..f412831 100644 --- a/vendor/github.com/distribution/reference/normalize.go +++ b/vendor/github.com/distribution/reference/normalize.go @@ -123,20 +123,51 @@ func ParseDockerRef(ref string) (Named, error) { // splitDockerDomain splits a repository name to domain and remote-name. // If no valid domain is found, the default domain is used. Repository name // needs to be already validated before. -func splitDockerDomain(name string) (domain, remainder string) { - i := strings.IndexRune(name, '/') - if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != localhost && strings.ToLower(name[:i]) == name[:i]) { - domain, remainder = defaultDomain, name - } else { - domain, remainder = name[:i], name[i+1:] +func splitDockerDomain(name string) (domain, remoteName string) { + maybeDomain, maybeRemoteName, ok := strings.Cut(name, "/") + if !ok { + // Fast-path for single element ("familiar" names), such as "ubuntu" + // or "ubuntu:latest". Familiar names must be handled separately, to + // prevent them from being handled as "hostname:port". + // + // Canonicalize them as "docker.io/library/name[:tag]" + + // FIXME(thaJeztah): account for bare "localhost" or "example.com" names, which SHOULD be considered a domain. + return defaultDomain, officialRepoPrefix + name } - if domain == legacyDefaultDomain { - domain = defaultDomain + + switch { + case maybeDomain == localhost: + // localhost is a reserved namespace and always considered a domain. + domain, remoteName = maybeDomain, maybeRemoteName + case maybeDomain == legacyDefaultDomain: + // canonicalize the Docker Hub and legacy "Docker Index" domains. + domain, remoteName = defaultDomain, maybeRemoteName + case strings.ContainsAny(maybeDomain, ".:"): + // Likely a domain or IP-address: + // + // - contains a "." (e.g., "example.com" or "127.0.0.1") + // - contains a ":" (e.g., "example:5000", "::1", or "[::1]:5000") + domain, remoteName = maybeDomain, maybeRemoteName + case strings.ToLower(maybeDomain) != maybeDomain: + // Uppercase namespaces are not allowed, so if the first element + // is not lowercase, we assume it to be a domain-name. + domain, remoteName = maybeDomain, maybeRemoteName + default: + // None of the above: it's not a domain, so use the default, and + // use the name input the remote-name. + domain, remoteName = defaultDomain, name } - if domain == defaultDomain && !strings.ContainsRune(remainder, '/') { - remainder = officialRepoPrefix + remainder + + if domain == defaultDomain && !strings.ContainsRune(remoteName, '/') { + // Canonicalize "familiar" names, but only on Docker Hub, not + // on other domains: + // + // "docker.io/ubuntu[:tag]" => "docker.io/library/ubuntu[:tag]" + remoteName = officialRepoPrefix + remoteName } - return + + return domain, remoteName } // familiarizeName returns a shortened version of the name familiar diff --git a/vendor/github.com/distribution/reference/reference.go b/vendor/github.com/distribution/reference/reference.go index e98c44d..900398b 100644 --- a/vendor/github.com/distribution/reference/reference.go +++ b/vendor/github.com/distribution/reference/reference.go @@ -35,8 +35,13 @@ import ( ) const ( + // RepositoryNameTotalLengthMax is the maximum total number of characters in a repository name. + RepositoryNameTotalLengthMax = 255 + // NameTotalLengthMax is the maximum total number of characters in a repository name. - NameTotalLengthMax = 255 + // + // Deprecated: use [RepositoryNameTotalLengthMax] instead. + NameTotalLengthMax = RepositoryNameTotalLengthMax ) var ( @@ -55,8 +60,8 @@ var ( // ErrNameEmpty is returned for empty, invalid repository names. ErrNameEmpty = errors.New("repository name must have at least one component") - // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. - ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", NameTotalLengthMax) + // ErrNameTooLong is returned when a repository name is longer than RepositoryNameTotalLengthMax. + ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", RepositoryNameTotalLengthMax) // ErrNameNotCanonical is returned when a name is not canonical. ErrNameNotCanonical = errors.New("repository name must be canonical") @@ -165,6 +170,9 @@ func Path(named Named) (name string) { return path } +// splitDomain splits a named reference into a hostname and path string. +// If no valid hostname is found, the hostname is empty and the full value +// is returned as name func splitDomain(name string) (string, string) { match := anchoredNameRegexp.FindStringSubmatch(name) if len(match) != 3 { @@ -173,19 +181,6 @@ func splitDomain(name string) (string, string) { return match[1], match[2] } -// SplitHostname splits a named reference into a -// hostname and name string. If no valid hostname is -// found, the hostname is empty and the full value -// is returned as name -// -// Deprecated: Use [Domain] or [Path]. -func SplitHostname(named Named) (string, string) { - if r, ok := named.(namedRepository); ok { - return r.Domain(), r.Path() - } - return splitDomain(named.Name()) -} - // Parse parses s and returns a syntactically valid Reference. // If an error was encountered it is returned, along with a nil Reference. func Parse(s string) (Reference, error) { @@ -200,10 +195,6 @@ func Parse(s string) (Reference, error) { return nil, ErrReferenceInvalidFormat } - if len(matches[1]) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - var repo repository nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) @@ -215,6 +206,10 @@ func Parse(s string) (Reference, error) { repo.path = matches[1] } + if len(repo.path) > RepositoryNameTotalLengthMax { + return nil, ErrNameTooLong + } + ref := reference{ namedRepository: repo, tag: matches[2], @@ -253,14 +248,15 @@ func ParseNamed(s string) (Named, error) { // WithName returns a named object representing the given string. If the input // is invalid ErrReferenceInvalidFormat will be returned. func WithName(name string) (Named, error) { - if len(name) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - match := anchoredNameRegexp.FindStringSubmatch(name) if match == nil || len(match) != 3 { return nil, ErrReferenceInvalidFormat } + + if len(match[2]) > RepositoryNameTotalLengthMax { + return nil, ErrNameTooLong + } + return repository{ domain: match[1], path: match[2], diff --git a/vendor/github.com/docker/distribution/reference/helpers_deprecated.go b/vendor/github.com/docker/distribution/reference/helpers_deprecated.go deleted file mode 100644 index cbd1192..0000000 --- a/vendor/github.com/docker/distribution/reference/helpers_deprecated.go +++ /dev/null @@ -1,34 +0,0 @@ -package reference - -import "github.com/distribution/reference" - -// IsNameOnly returns true if reference only contains a repo name. -// -// Deprecated: use [reference.IsNameOnly]. -func IsNameOnly(ref reference.Named) bool { - return reference.IsNameOnly(ref) -} - -// FamiliarName returns the familiar name string -// for the given named, familiarizing if needed. -// -// Deprecated: use [reference.FamiliarName]. -func FamiliarName(ref reference.Named) string { - return reference.FamiliarName(ref) -} - -// FamiliarString returns the familiar string representation -// for the given reference, familiarizing if needed. -// -// Deprecated: use [reference.FamiliarString]. -func FamiliarString(ref reference.Reference) string { - return reference.FamiliarString(ref) -} - -// FamiliarMatch reports whether ref matches the specified pattern. -// See [path.Match] for supported patterns. -// -// Deprecated: use [reference.FamiliarMatch]. -func FamiliarMatch(pattern string, ref reference.Reference) (bool, error) { - return reference.FamiliarMatch(pattern, ref) -} diff --git a/vendor/github.com/docker/distribution/reference/normalize_deprecated.go b/vendor/github.com/docker/distribution/reference/normalize_deprecated.go deleted file mode 100644 index 1b4a459..0000000 --- a/vendor/github.com/docker/distribution/reference/normalize_deprecated.go +++ /dev/null @@ -1,92 +0,0 @@ -package reference - -import ( - "regexp" - - "github.com/distribution/reference" - "github.com/opencontainers/go-digest" - "github.com/opencontainers/go-digest/digestset" -) - -// ParseNormalizedNamed parses a string into a named reference -// transforming a familiar name from Docker UI to a fully -// qualified reference. If the value may be an identifier -// use ParseAnyReference. -// -// Deprecated: use [reference.ParseNormalizedNamed]. -func ParseNormalizedNamed(s string) (reference.Named, error) { - return reference.ParseNormalizedNamed(s) -} - -// ParseDockerRef normalizes the image reference following the docker convention, -// which allows for references to contain both a tag and a digest. -// -// Deprecated: use [reference.ParseDockerRef]. -func ParseDockerRef(ref string) (reference.Named, error) { - return reference.ParseDockerRef(ref) -} - -// TagNameOnly adds the default tag "latest" to a reference if it only has -// a repo name. -// -// Deprecated: use [reference.TagNameOnly]. -func TagNameOnly(ref reference.Named) reference.Named { - return reference.TagNameOnly(ref) -} - -// ParseAnyReference parses a reference string as a possible identifier, -// full digest, or familiar name. -// -// Deprecated: use [reference.ParseAnyReference]. -func ParseAnyReference(ref string) (reference.Reference, error) { - return reference.ParseAnyReference(ref) -} - -// Functions and types below have been removed in distribution v3 and -// have not been ported to github.com/distribution/reference. See -// https://github.com/distribution/distribution/pull/3774 - -var ( - // ShortIdentifierRegexp is the format used to represent a prefix - // of an identifier. A prefix may be used to match a sha256 identifier - // within a list of trusted identifiers. - // - // Deprecated: support for short-identifiers is deprecated, and will be removed in v3. - ShortIdentifierRegexp = regexp.MustCompile(shortIdentifier) - - shortIdentifier = `([a-f0-9]{6,64})` - - // anchoredShortIdentifierRegexp is used to check if a value - // is a possible identifier prefix, anchored at start and end - // of string. - anchoredShortIdentifierRegexp = regexp.MustCompile(`^` + shortIdentifier + `$`) -) - -type digestReference digest.Digest - -func (d digestReference) String() string { - return digest.Digest(d).String() -} - -func (d digestReference) Digest() digest.Digest { - return digest.Digest(d) -} - -// ParseAnyReferenceWithSet parses a reference string as a possible short -// identifier to be matched in a digest set, a full digest, or familiar name. -// -// Deprecated: support for short-identifiers is deprecated, and will be removed in v3. -func ParseAnyReferenceWithSet(ref string, ds *digestset.Set) (Reference, error) { - if ok := anchoredShortIdentifierRegexp.MatchString(ref); ok { - dgst, err := ds.Lookup(ref) - if err == nil { - return digestReference(dgst), nil - } - } else { - if dgst, err := digest.Parse(ref); err == nil { - return digestReference(dgst), nil - } - } - - return reference.ParseNormalizedNamed(ref) -} diff --git a/vendor/github.com/docker/distribution/reference/reference_deprecated.go b/vendor/github.com/docker/distribution/reference/reference_deprecated.go deleted file mode 100644 index 5b73249..0000000 --- a/vendor/github.com/docker/distribution/reference/reference_deprecated.go +++ /dev/null @@ -1,172 +0,0 @@ -// Package reference is deprecated, and has moved to github.com/distribution/reference. -// -// Deprecated: use github.com/distribution/reference instead. -package reference - -import ( - "github.com/distribution/reference" - "github.com/opencontainers/go-digest" -) - -const ( - // NameTotalLengthMax is the maximum total number of characters in a repository name. - // - // Deprecated: use [reference.NameTotalLengthMax]. - NameTotalLengthMax = reference.NameTotalLengthMax -) - -var ( - // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. - // - // Deprecated: use [reference.ErrReferenceInvalidFormat]. - ErrReferenceInvalidFormat = reference.ErrReferenceInvalidFormat - - // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. - // - // Deprecated: use [reference.ErrTagInvalidFormat]. - ErrTagInvalidFormat = reference.ErrTagInvalidFormat - - // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. - // - // Deprecated: use [reference.ErrDigestInvalidFormat]. - ErrDigestInvalidFormat = reference.ErrDigestInvalidFormat - - // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. - // - // Deprecated: use [reference.ErrNameContainsUppercase]. - ErrNameContainsUppercase = reference.ErrNameContainsUppercase - - // ErrNameEmpty is returned for empty, invalid repository names. - // - // Deprecated: use [reference.ErrNameEmpty]. - ErrNameEmpty = reference.ErrNameEmpty - - // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. - // - // Deprecated: use [reference.ErrNameTooLong]. - ErrNameTooLong = reference.ErrNameTooLong - - // ErrNameNotCanonical is returned when a name is not canonical. - // - // Deprecated: use [reference.ErrNameNotCanonical]. - ErrNameNotCanonical = reference.ErrNameNotCanonical -) - -// Reference is an opaque object reference identifier that may include -// modifiers such as a hostname, name, tag, and digest. -// -// Deprecated: use [reference.Reference]. -type Reference = reference.Reference - -// Field provides a wrapper type for resolving correct reference types when -// working with encoding. -// -// Deprecated: use [reference.Field]. -type Field = reference.Field - -// AsField wraps a reference in a Field for encoding. -// -// Deprecated: use [reference.AsField]. -func AsField(ref reference.Reference) reference.Field { - return reference.AsField(ref) -} - -// Named is an object with a full name -// -// Deprecated: use [reference.Named]. -type Named = reference.Named - -// Tagged is an object which has a tag -// -// Deprecated: use [reference.Tagged]. -type Tagged = reference.Tagged - -// NamedTagged is an object including a name and tag. -// -// Deprecated: use [reference.NamedTagged]. -type NamedTagged reference.NamedTagged - -// Digested is an object which has a digest -// in which it can be referenced by -// -// Deprecated: use [reference.Digested]. -type Digested reference.Digested - -// Canonical reference is an object with a fully unique -// name including a name with domain and digest -// -// Deprecated: use [reference.Canonical]. -type Canonical reference.Canonical - -// Domain returns the domain part of the [Named] reference. -// -// Deprecated: use [reference.Domain]. -func Domain(named reference.Named) string { - return reference.Domain(named) -} - -// Path returns the name without the domain part of the [Named] reference. -// -// Deprecated: use [reference.Path]. -func Path(named reference.Named) (name string) { - return reference.Path(named) -} - -// SplitHostname splits a named reference into a -// hostname and name string. If no valid hostname is -// found, the hostname is empty and the full value -// is returned as name -// -// Deprecated: Use [reference.Domain] or [reference.Path]. -func SplitHostname(named reference.Named) (string, string) { - return reference.SplitHostname(named) -} - -// Parse parses s and returns a syntactically valid Reference. -// If an error was encountered it is returned, along with a nil Reference. -// -// Deprecated: use [reference.Parse]. -func Parse(s string) (reference.Reference, error) { - return reference.Parse(s) -} - -// ParseNamed parses s and returns a syntactically valid reference implementing -// the Named interface. The reference must have a name and be in the canonical -// form, otherwise an error is returned. -// If an error was encountered it is returned, along with a nil Reference. -// -// Deprecated: use [reference.ParseNamed]. -func ParseNamed(s string) (reference.Named, error) { - return reference.ParseNamed(s) -} - -// WithName returns a named object representing the given string. If the input -// is invalid ErrReferenceInvalidFormat will be returned. -// -// Deprecated: use [reference.WithName]. -func WithName(name string) (reference.Named, error) { - return reference.WithName(name) -} - -// WithTag combines the name from "name" and the tag from "tag" to form a -// reference incorporating both the name and the tag. -// -// Deprecated: use [reference.WithTag]. -func WithTag(name reference.Named, tag string) (reference.NamedTagged, error) { - return reference.WithTag(name, tag) -} - -// WithDigest combines the name from "name" and the digest from "digest" to form -// a reference incorporating both the name and the digest. -// -// Deprecated: use [reference.WithDigest]. -func WithDigest(name reference.Named, digest digest.Digest) (reference.Canonical, error) { - return reference.WithDigest(name, digest) -} - -// TrimNamed removes any tag or digest from the named reference. -// -// Deprecated: use [reference.TrimNamed]. -func TrimNamed(ref reference.Named) reference.Named { - return reference.TrimNamed(ref) -} diff --git a/vendor/github.com/docker/distribution/reference/regexp_deprecated.go b/vendor/github.com/docker/distribution/reference/regexp_deprecated.go deleted file mode 100644 index 4b9c1b5..0000000 --- a/vendor/github.com/docker/distribution/reference/regexp_deprecated.go +++ /dev/null @@ -1,50 +0,0 @@ -package reference - -import ( - "github.com/distribution/reference" -) - -// DigestRegexp matches well-formed digests, including algorithm (e.g. "sha256:"). -// -// Deprecated: use [reference.DigestRegexp]. -var DigestRegexp = reference.DigestRegexp - -// DomainRegexp matches hostname or IP-addresses, optionally including a port -// number. It defines the structure of potential domain components that may be -// part of image names. This is purposely a subset of what is allowed by DNS to -// ensure backwards compatibility with Docker image names. It may be a subset of -// DNS domain name, an IPv4 address in decimal format, or an IPv6 address between -// square brackets (excluding zone identifiers as defined by [RFC 6874] or special -// addresses such as IPv4-Mapped). -// -// Deprecated: use [reference.DomainRegexp]. -// -// [RFC 6874]: https://www.rfc-editor.org/rfc/rfc6874. -var DomainRegexp = reference.DigestRegexp - -// IdentifierRegexp is the format for string identifier used as a -// content addressable identifier using sha256. These identifiers -// are like digests without the algorithm, since sha256 is used. -// -// Deprecated: use [reference.IdentifierRegexp]. -var IdentifierRegexp = reference.IdentifierRegexp - -// NameRegexp is the format for the name component of references, including -// an optional domain and port, but without tag or digest suffix. -// -// Deprecated: use [reference.NameRegexp]. -var NameRegexp = reference.NameRegexp - -// ReferenceRegexp is the full supported format of a reference. The regexp -// is anchored and has capturing groups for name, tag, and digest -// components. -// -// Deprecated: use [reference.ReferenceRegexp]. -var ReferenceRegexp = reference.ReferenceRegexp - -// TagRegexp matches valid tag names. From [docker/docker:graph/tags.go]. -// -// Deprecated: use [reference.TagRegexp]. -// -// [docker/docker:graph/tags.go]: https://github.com/moby/moby/blob/v1.6.0/graph/tags.go#L26-L28 -var TagRegexp = reference.TagRegexp diff --git a/vendor/github.com/docker/distribution/reference/sort_deprecated.go b/vendor/github.com/docker/distribution/reference/sort_deprecated.go deleted file mode 100644 index a73251b..0000000 --- a/vendor/github.com/docker/distribution/reference/sort_deprecated.go +++ /dev/null @@ -1,10 +0,0 @@ -package reference - -import "github.com/distribution/reference" - -// Sort sorts string references preferring higher information references. -// -// Deprecated: use [reference.Sort]. -func Sort(references []string) []string { - return reference.Sort(references) -} diff --git a/vendor/github.com/google/uuid/CHANGELOG.md b/vendor/github.com/google/uuid/CHANGELOG.md index 2bd7866..7ed347d 100644 --- a/vendor/github.com/google/uuid/CHANGELOG.md +++ b/vendor/github.com/google/uuid/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## [1.4.0](https://github.com/google/uuid/compare/v1.3.1...v1.4.0) (2023-10-26) + + +### Features + +* UUIDs slice type with Strings() convenience method ([#133](https://github.com/google/uuid/issues/133)) ([cd5fbbd](https://github.com/google/uuid/commit/cd5fbbdd02f3e3467ac18940e07e062be1f864b4)) + +### Fixes + +* Clarify that Parse's job is to parse but not necessarily validate strings. (Documents current behavior) + ## [1.3.1](https://github.com/google/uuid/compare/v1.3.0...v1.3.1) (2023-08-18) diff --git a/vendor/github.com/google/uuid/CONTRIBUTING.md b/vendor/github.com/google/uuid/CONTRIBUTING.md index 5566888..a502fdc 100644 --- a/vendor/github.com/google/uuid/CONTRIBUTING.md +++ b/vendor/github.com/google/uuid/CONTRIBUTING.md @@ -11,7 +11,7 @@ please explain why in the pull request description. ### Releasing -Commits that would precipitate a SemVer change, as desrcibed in the Conventional +Commits that would precipitate a SemVer change, as described in the Conventional Commits Specification, will trigger [`release-please`](https://github.com/google-github-actions/release-please-action) to create a release candidate pull request. Once submitted, `release-please` will create a release. diff --git a/vendor/github.com/google/uuid/uuid.go b/vendor/github.com/google/uuid/uuid.go index a56138c..dc75f7d 100644 --- a/vendor/github.com/google/uuid/uuid.go +++ b/vendor/github.com/google/uuid/uuid.go @@ -56,11 +56,15 @@ func IsInvalidLengthError(err error) bool { return ok } -// Parse decodes s into a UUID or returns an error. Both the standard UUID -// forms of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and -// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx are decoded as well as the -// Microsoft encoding {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} and the raw hex -// encoding: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. +// Parse decodes s into a UUID or returns an error if it cannot be parsed. Both +// the standard UUID forms defined in RFC 4122 +// (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and +// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx) are decoded. In addition, +// Parse accepts non-standard strings such as the raw hex encoding +// xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx and 38 byte "Microsoft style" encodings, +// e.g. {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}. Only the middle 36 bytes are +// examined in the latter case. Parse should not be used to validate strings as +// it parses non-standard encodings as indicated above. func Parse(s string) (UUID, error) { var uuid UUID switch len(s) { @@ -294,3 +298,15 @@ func DisableRandPool() { poolMu.Lock() poolPos = randPoolSize } + +// UUIDs is a slice of UUID types. +type UUIDs []UUID + +// Strings returns a string slice containing the string form of each UUID in uuids. +func (uuids UUIDs) Strings() []string { + var uuidStrs = make([]string, len(uuids)) + for i, uuid := range uuids { + uuidStrs[i] = uuid.String() + } + return uuidStrs +} diff --git a/vendor/github.com/moby/sys/user/user.go b/vendor/github.com/moby/sys/user/user.go index 984466d..198c493 100644 --- a/vendor/github.com/moby/sys/user/user.go +++ b/vendor/github.com/moby/sys/user/user.go @@ -197,7 +197,6 @@ func ParseGroupFilter(r io.Reader, filter func(Group) bool) ([]Group, error) { for { var line []byte line, isPrefix, err = rd.ReadLine() - if err != nil { // We should return no error if EOF is reached // without a match. diff --git a/vendor/github.com/docker/distribution/LICENSE b/vendor/github.com/moby/sys/userns/LICENSE similarity index 99% rename from vendor/github.com/docker/distribution/LICENSE rename to vendor/github.com/moby/sys/userns/LICENSE index e06d208..d645695 100644 --- a/vendor/github.com/docker/distribution/LICENSE +++ b/vendor/github.com/moby/sys/userns/LICENSE @@ -1,4 +1,5 @@ -Apache License + + Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ @@ -178,7 +179,7 @@ Apache License APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" + boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a @@ -186,7 +187,7 @@ Apache License same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright {yyyy} {name of copyright owner} + Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -199,4 +200,3 @@ Apache License WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - diff --git a/vendor/github.com/moby/sys/userns/userns.go b/vendor/github.com/moby/sys/userns/userns.go new file mode 100644 index 0000000..56b24c4 --- /dev/null +++ b/vendor/github.com/moby/sys/userns/userns.go @@ -0,0 +1,16 @@ +// Package userns provides utilities to detect whether we are currently running +// in a Linux user namespace. +// +// This code was migrated from [libcontainer/runc], which based its implementation +// on code from [lcx/incus]. +// +// [libcontainer/runc]: https://github.com/opencontainers/runc/blob/3778ae603c706494fd1e2c2faf83b406e38d687d/libcontainer/userns/userns_linux.go#L12-L49 +// [lcx/incus]: https://github.com/lxc/incus/blob/e45085dd42f826b3c8c3228e9733c0b6f998eafe/shared/util.go#L678-L700 +package userns + +// RunningInUserNS detects whether we are currently running in a Linux +// user namespace and memoizes the result. It returns false on non-Linux +// platforms. +func RunningInUserNS() bool { + return inUserNS() +} diff --git a/vendor/github.com/moby/sys/userns/userns_linux.go b/vendor/github.com/moby/sys/userns/userns_linux.go new file mode 100644 index 0000000..87c1c38 --- /dev/null +++ b/vendor/github.com/moby/sys/userns/userns_linux.go @@ -0,0 +1,53 @@ +package userns + +import ( + "bufio" + "fmt" + "os" + "sync" +) + +var inUserNS = sync.OnceValue(runningInUserNS) + +// runningInUserNS detects whether we are currently running in a user namespace. +// +// This code was migrated from [libcontainer/runc] and based on an implementation +// from [lcx/incus]. +// +// [libcontainer/runc]: https://github.com/opencontainers/runc/blob/3778ae603c706494fd1e2c2faf83b406e38d687d/libcontainer/userns/userns_linux.go#L12-L49 +// [lcx/incus]: https://github.com/lxc/incus/blob/e45085dd42f826b3c8c3228e9733c0b6f998eafe/shared/util.go#L678-L700 +func runningInUserNS() bool { + file, err := os.Open("/proc/self/uid_map") + if err != nil { + // This kernel-provided file only exists if user namespaces are supported. + return false + } + defer file.Close() + + buf := bufio.NewReader(file) + l, _, err := buf.ReadLine() + if err != nil { + return false + } + + return uidMapInUserNS(string(l)) +} + +func uidMapInUserNS(uidMap string) bool { + if uidMap == "" { + // File exist but empty (the initial state when userns is created, + // see user_namespaces(7)). + return true + } + + var a, b, c int64 + if _, err := fmt.Sscanf(uidMap, "%d %d %d", &a, &b, &c); err != nil { + // Assume we are in a regular, non user namespace. + return false + } + + // As per user_namespaces(7), /proc/self/uid_map of + // the initial user namespace shows 0 0 4294967295. + initNS := a == 0 && b == 0 && c == 4294967295 + return !initNS +} diff --git a/vendor/github.com/moby/sys/userns/userns_linux_fuzzer.go b/vendor/github.com/moby/sys/userns/userns_linux_fuzzer.go new file mode 100644 index 0000000..26ba2e1 --- /dev/null +++ b/vendor/github.com/moby/sys/userns/userns_linux_fuzzer.go @@ -0,0 +1,8 @@ +//go:build linux && gofuzz + +package userns + +func FuzzUIDMap(uidmap []byte) int { + _ = uidMapInUserNS(string(uidmap)) + return 1 +} diff --git a/vendor/github.com/moby/sys/userns/userns_unsupported.go b/vendor/github.com/moby/sys/userns/userns_unsupported.go new file mode 100644 index 0000000..8ed8307 --- /dev/null +++ b/vendor/github.com/moby/sys/userns/userns_unsupported.go @@ -0,0 +1,6 @@ +//go:build !linux + +package userns + +// inUserNS is a stub for non-Linux systems. Always returns false. +func inUserNS() bool { return false } diff --git a/vendor/github.com/opencontainers/go-digest/digestset/set.go b/vendor/github.com/opencontainers/go-digest/digestset/set.go deleted file mode 100644 index 71f2418..0000000 --- a/vendor/github.com/opencontainers/go-digest/digestset/set.go +++ /dev/null @@ -1,262 +0,0 @@ -// Copyright 2020, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digestset - -import ( - "errors" - "sort" - "strings" - "sync" - - digest "github.com/opencontainers/go-digest" -) - -var ( - // ErrDigestNotFound is used when a matching digest - // could not be found in a set. - ErrDigestNotFound = errors.New("digest not found") - - // ErrDigestAmbiguous is used when multiple digests - // are found in a set. None of the matching digests - // should be considered valid matches. - ErrDigestAmbiguous = errors.New("ambiguous digest string") -) - -// Set is used to hold a unique set of digests which -// may be easily referenced by easily referenced by a string -// representation of the digest as well as short representation. -// The uniqueness of the short representation is based on other -// digests in the set. If digests are omitted from this set, -// collisions in a larger set may not be detected, therefore it -// is important to always do short representation lookups on -// the complete set of digests. To mitigate collisions, an -// appropriately long short code should be used. -type Set struct { - mutex sync.RWMutex - entries digestEntries -} - -// NewSet creates an empty set of digests -// which may have digests added. -func NewSet() *Set { - return &Set{ - entries: digestEntries{}, - } -} - -// checkShortMatch checks whether two digests match as either whole -// values or short values. This function does not test equality, -// rather whether the second value could match against the first -// value. -func checkShortMatch(alg digest.Algorithm, hex, shortAlg, shortHex string) bool { - if len(hex) == len(shortHex) { - if hex != shortHex { - return false - } - if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - } else if !strings.HasPrefix(hex, shortHex) { - return false - } else if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - return true -} - -// Lookup looks for a digest matching the given string representation. -// If no digests could be found ErrDigestNotFound will be returned -// with an empty digest value. If multiple matches are found -// ErrDigestAmbiguous will be returned with an empty digest value. -func (dst *Set) Lookup(d string) (digest.Digest, error) { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - if len(dst.entries) == 0 { - return "", ErrDigestNotFound - } - var ( - searchFunc func(int) bool - alg digest.Algorithm - hex string - ) - dgst, err := digest.Parse(d) - if err == digest.ErrDigestInvalidFormat { - hex = d - searchFunc = func(i int) bool { - return dst.entries[i].val >= d - } - } else { - hex = dgst.Hex() - alg = dgst.Algorithm() - searchFunc = func(i int) bool { - if dst.entries[i].val == hex { - return dst.entries[i].alg >= alg - } - return dst.entries[i].val >= hex - } - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) || !checkShortMatch(dst.entries[idx].alg, dst.entries[idx].val, string(alg), hex) { - return "", ErrDigestNotFound - } - if dst.entries[idx].alg == alg && dst.entries[idx].val == hex { - return dst.entries[idx].digest, nil - } - if idx+1 < len(dst.entries) && checkShortMatch(dst.entries[idx+1].alg, dst.entries[idx+1].val, string(alg), hex) { - return "", ErrDigestAmbiguous - } - - return dst.entries[idx].digest, nil -} - -// Add adds the given digest to the set. An error will be returned -// if the given digest is invalid. If the digest already exists in the -// set, this operation will be a no-op. -func (dst *Set) Add(d digest.Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) { - dst.entries = append(dst.entries, entry) - return nil - } else if dst.entries[idx].digest == d { - return nil - } - - entries := append(dst.entries, nil) - copy(entries[idx+1:], entries[idx:len(entries)-1]) - entries[idx] = entry - dst.entries = entries - return nil -} - -// Remove removes the given digest from the set. An err will be -// returned if the given digest is invalid. If the digest does -// not exist in the set, this operation will be a no-op. -func (dst *Set) Remove(d digest.Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - // Not found if idx is after or value at idx is not digest - if idx == len(dst.entries) || dst.entries[idx].digest != d { - return nil - } - - entries := dst.entries - copy(entries[idx:], entries[idx+1:]) - entries = entries[:len(entries)-1] - dst.entries = entries - - return nil -} - -// All returns all the digests in the set -func (dst *Set) All() []digest.Digest { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - retValues := make([]digest.Digest, len(dst.entries)) - for i := range dst.entries { - retValues[i] = dst.entries[i].digest - } - - return retValues -} - -// ShortCodeTable returns a map of Digest to unique short codes. The -// length represents the minimum value, the maximum length may be the -// entire value of digest if uniqueness cannot be achieved without the -// full value. This function will attempt to make short codes as short -// as possible to be unique. -func ShortCodeTable(dst *Set, length int) map[digest.Digest]string { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - m := make(map[digest.Digest]string, len(dst.entries)) - l := length - resetIdx := 0 - for i := 0; i < len(dst.entries); i++ { - var short string - extended := true - for extended { - extended = false - if len(dst.entries[i].val) <= l { - short = dst.entries[i].digest.String() - } else { - short = dst.entries[i].val[:l] - for j := i + 1; j < len(dst.entries); j++ { - if checkShortMatch(dst.entries[j].alg, dst.entries[j].val, "", short) { - if j > resetIdx { - resetIdx = j - } - extended = true - } else { - break - } - } - if extended { - l++ - } - } - } - m[dst.entries[i].digest] = short - if i >= resetIdx { - l = length - } - } - return m -} - -type digestEntry struct { - alg digest.Algorithm - val string - digest digest.Digest -} - -type digestEntries []*digestEntry - -func (d digestEntries) Len() int { - return len(d) -} - -func (d digestEntries) Less(i, j int) bool { - if d[i].val != d[j].val { - return d[i].val < d[j].val - } - return d[i].alg < d[j].alg -} - -func (d digestEntries) Swap(i, j int) { - d[i], d[j] = d[j], d[i] -} diff --git a/vendor/go.opentelemetry.io/otel/.gitignore b/vendor/go.opentelemetry.io/otel/.gitignore index f3355c8..895c766 100644 --- a/vendor/go.opentelemetry.io/otel/.gitignore +++ b/vendor/go.opentelemetry.io/otel/.gitignore @@ -14,12 +14,9 @@ go.work.sum gen/ /example/dice/dice -/example/fib/fib -/example/fib/traces.txt -/example/jaeger/jaeger /example/namedtracer/namedtracer +/example/otel-collector/otel-collector /example/opencensus/opencensus /example/passthrough/passthrough /example/prometheus/prometheus /example/zipkin/zipkin -/example/otel-collector/otel-collector diff --git a/vendor/go.opentelemetry.io/otel/.golangci.yml b/vendor/go.opentelemetry.io/otel/.golangci.yml index 6e8eeec..a62511f 100644 --- a/vendor/go.opentelemetry.io/otel/.golangci.yml +++ b/vendor/go.opentelemetry.io/otel/.golangci.yml @@ -12,8 +12,9 @@ linters: - depguard - errcheck - godot - - gofmt + - gofumpt - goimports + - gosec - gosimple - govet - ineffassign @@ -53,6 +54,20 @@ issues: text: "calls to (.+) only in main[(][)] or init[(][)] functions" linters: - revive + # It's okay to not run gosec in a test. + - path: _test\.go + linters: + - gosec + # Igonoring gosec G404: Use of weak random number generator (math/rand instead of crypto/rand) + # as we commonly use it in tests and examples. + - text: "G404:" + linters: + - gosec + # Igonoring gosec G402: TLS MinVersion too low + # as the https://pkg.go.dev/crypto/tls#Config handles MinVersion default well. + - text: "G402: TLS MinVersion too low." + linters: + - gosec include: # revive exported should have comment or be unexported. - EXC0012 diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md index 3e5c35b..24874f8 100644 --- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md +++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md @@ -8,6 +8,85 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm ## [Unreleased] +## [1.21.0/0.44.0] 2023-11-16 + +### Removed + +- Remove the deprecated `go.opentelemetry.io/otel/bridge/opencensus.NewTracer`. (#4706) +- Remove the deprecated `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` module. (#4707) +- Remove the deprecated `go.opentelemetry.io/otel/example/view` module. (#4708) +- Remove the deprecated `go.opentelemetry.io/otel/example/fib` module. (#4723) + +### Fixed + +- Do not parse non-protobuf responses in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4719) +- Do not parse non-protobuf responses in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4719) + +## [1.20.0/0.43.0] 2023-11-10 + +This release brings a breaking change for custom trace API implementations. Some interfaces (`TracerProvider`, `Tracer`, `Span`) now embed the `go.opentelemetry.io/otel/trace/embedded` types. Implementors need to update their implementations based on what they want the default behavior to be. See the "API Implementations" section of the [trace API] package documentation for more information about how to accomplish this. + +### Added + +- Add `go.opentelemetry.io/otel/bridge/opencensus.InstallTraceBridge`, which installs the OpenCensus trace bridge, and replaces `opencensus.NewTracer`. (#4567) +- Add scope version to trace and metric bridges in `go.opentelemetry.io/otel/bridge/opencensus`. (#4584) +- Add the `go.opentelemetry.io/otel/trace/embedded` package to be embedded in the exported trace API interfaces. (#4620) +- Add the `go.opentelemetry.io/otel/trace/noop` package as a default no-op implementation of the trace API. (#4620) +- Add context propagation in `go.opentelemetry.io/otel/example/dice`. (#4644) +- Add view configuration to `go.opentelemetry.io/otel/example/prometheus`. (#4649) +- Add `go.opentelemetry.io/otel/metric.WithExplicitBucketBoundaries`, which allows defining default explicit bucket boundaries when creating histogram instruments. (#4603) +- Add `Version` function in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4660) +- Add `Version` function in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4660) +- Add Summary, SummaryDataPoint, and QuantileValue to `go.opentelemetry.io/sdk/metric/metricdata`. (#4622) +- `go.opentelemetry.io/otel/bridge/opencensus.NewMetricProducer` now supports exemplars from OpenCensus. (#4585) +- Add support for `WithExplicitBucketBoundaries` in `go.opentelemetry.io/otel/sdk/metric`. (#4605) +- Add support for Summary metrics in `go.opentelemetry.io/otel/bridge/opencensus`. (#4668) + +### Deprecated + +- Deprecate `go.opentelemetry.io/otel/bridge/opencensus.NewTracer` in favor of `opencensus.InstallTraceBridge`. (#4567) +- Deprecate `go.opentelemetry.io/otel/example/fib` package is in favor of `go.opentelemetry.io/otel/example/dice`. (#4618) +- Deprecate `go.opentelemetry.io/otel/trace.NewNoopTracerProvider`. + Use the added `NewTracerProvider` function in `go.opentelemetry.io/otel/trace/noop` instead. (#4620) +- Deprecate `go.opentelemetry.io/otel/example/view` package in favor of `go.opentelemetry.io/otel/example/prometheus`. (#4649) +- Deprecate `go.opentelemetry.io/otel/exporters/otlp/otlpmetric`. (#4693) + +### Changed + +- `go.opentelemetry.io/otel/bridge/opencensus.NewMetricProducer` returns a `*MetricProducer` struct instead of the metric.Producer interface. (#4583) +- The `TracerProvider` in `go.opentelemetry.io/otel/trace` now embeds the `go.opentelemetry.io/otel/trace/embedded.TracerProvider` type. + This extends the `TracerProvider` interface and is is a breaking change for any existing implementation. + Implementors need to update their implementations based on what they want the default behavior of the interface to be. + See the "API Implementations" section of the `go.opentelemetry.io/otel/trace` package documentation for more information about how to accomplish this. (#4620) +- The `Tracer` in `go.opentelemetry.io/otel/trace` now embeds the `go.opentelemetry.io/otel/trace/embedded.Tracer` type. + This extends the `Tracer` interface and is is a breaking change for any existing implementation. + Implementors need to update their implementations based on what they want the default behavior of the interface to be. + See the "API Implementations" section of the `go.opentelemetry.io/otel/trace` package documentation for more information about how to accomplish this. (#4620) +- The `Span` in `go.opentelemetry.io/otel/trace` now embeds the `go.opentelemetry.io/otel/trace/embedded.Span` type. + This extends the `Span` interface and is is a breaking change for any existing implementation. + Implementors need to update their implementations based on what they want the default behavior of the interface to be. + See the "API Implementations" section of the `go.opentelemetry.io/otel/trace` package documentation for more information about how to accomplish this. (#4620) +- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` does no longer depend on `go.opentelemetry.io/otel/exporters/otlp/otlpmetric`. (#4660) +- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` does no longer depend on `go.opentelemetry.io/otel/exporters/otlp/otlpmetric`. (#4660) +- Retry for `502 Bad Gateway` and `504 Gateway Timeout` HTTP statuses in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4670) +- Retry for `502 Bad Gateway` and `504 Gateway Timeout` HTTP statuses in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4670) +- Retry for `RESOURCE_EXHAUSTED` only if RetryInfo is returned in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4669) +- Retry for `RESOURCE_EXHAUSTED` only if RetryInfo is returned in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc`. (#4669) +- Retry temporary HTTP request failures in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4679) +- Retry temporary HTTP request failures in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4679) + +### Fixed + +- Fix improper parsing of characters such us `+`, `/` by `Parse` in `go.opentelemetry.io/otel/baggage` as they were rendered as a whitespace. (#4667) +- Fix improper parsing of characters such us `+`, `/` passed via `OTEL_RESOURCE_ATTRIBUTES` in `go.opentelemetry.io/otel/sdk/resource` as they were rendered as a whitespace. (#4699) +- Fix improper parsing of characters such us `+`, `/` passed via `OTEL_EXPORTER_OTLP_HEADERS` and `OTEL_EXPORTER_OTLP_METRICS_HEADERS` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` as they were rendered as a whitespace. (#4699) +- Fix improper parsing of characters such us `+`, `/` passed via `OTEL_EXPORTER_OTLP_HEADERS` and `OTEL_EXPORTER_OTLP_METRICS_HEADERS` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` as they were rendered as a whitespace. (#4699) +- Fix improper parsing of characters such us `+`, `/` passed via `OTEL_EXPORTER_OTLP_HEADERS` and `OTEL_EXPORTER_OTLP_TRACES_HEADERS` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlptracegrpc` as they were rendered as a whitespace. (#4699) +- Fix improper parsing of characters such us `+`, `/` passed via `OTEL_EXPORTER_OTLP_HEADERS` and `OTEL_EXPORTER_OTLP_TRACES_HEADERS` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlptracehttp` as they were rendered as a whitespace. (#4699) +- In `go.opentelemetry.op/otel/exporters/prometheus`, the exporter no longer `Collect`s metrics after `Shutdown` is invoked. (#4648) +- Fix documentation for `WithCompressor` in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc`. (#4695) +- Fix documentation for `WithCompressor` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4695) + ## [1.19.0/0.42.0/0.0.7] 2023-09-28 This release contains the first stable release of the OpenTelemetry Go [metric SDK]. @@ -2656,7 +2735,9 @@ It contains api and sdk for trace and meter. - CircleCI build CI manifest files. - CODEOWNERS file to track owners of this project. -[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.19.0...HEAD +[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...HEAD +[1.21.0/0.44.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.21.0 +[1.20.0/0.43.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.20.0 [1.19.0/0.42.0/0.0.7]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0 [1.19.0-rc.1/0.42.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0-rc.1 [1.18.0/0.41.0/0.0.6]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.18.0 @@ -2731,7 +2812,7 @@ It contains api and sdk for trace and meter. [Go 1.20]: https://go.dev/doc/go1.20 [Go 1.19]: https://go.dev/doc/go1.19 [Go 1.18]: https://go.dev/doc/go1.18 -[Go 1.19]: https://go.dev/doc/go1.19 [metric API]:https://pkg.go.dev/go.opentelemetry.io/otel/metric [metric SDK]:https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric +[trace API]:https://pkg.go.dev/go.opentelemetry.io/otel/trace diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md index a00dbca..850606a 100644 --- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md +++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md @@ -90,6 +90,10 @@ git push Open a pull request against the main `opentelemetry-go` repo. Be sure to add the pull request ID to the entry you added to `CHANGELOG.md`. +Avoid rebasing and force-pushing to your branch to facilitate reviewing the pull request. +Rewriting Git history makes it difficult to keep track of iterations during code review. +All pull requests are squashed to a single commit upon merge to `main`. + ### How to Receive Comments * If the PR is not ready for review, please put `[WIP]` in the title, diff --git a/vendor/go.opentelemetry.io/otel/Makefile b/vendor/go.opentelemetry.io/otel/Makefile index 5c31170..35fc189 100644 --- a/vendor/go.opentelemetry.io/otel/Makefile +++ b/vendor/go.opentelemetry.io/otel/Makefile @@ -77,6 +77,9 @@ $(GOTMPL): PACKAGE=go.opentelemetry.io/build-tools/gotmpl GORELEASE = $(TOOLS)/gorelease $(GORELEASE): PACKAGE=golang.org/x/exp/cmd/gorelease +GOVULNCHECK = $(TOOLS)/govulncheck +$(TOOLS)/govulncheck: PACKAGE=golang.org/x/vuln/cmd/govulncheck + .PHONY: tools tools: $(CROSSLINK) $(DBOTCONF) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(GOJQ) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE) @@ -189,6 +192,18 @@ test-coverage: | $(GOCOVMERGE) done; \ $(GOCOVMERGE) $$(find . -name coverage.out) > coverage.txt +# Adding a directory will include all benchmarks in that direcotry if a filter is not specified. +BENCHMARK_TARGETS := sdk/trace +.PHONY: benchmark +benchmark: $(BENCHMARK_TARGETS:%=benchmark/%) +BENCHMARK_FILTER = . +# You can override the filter for a particular directory by adding a rule here. +benchmark/sdk/trace: BENCHMARK_FILTER = SpanWithAttributes_8/AlwaysSample +benchmark/%: + @echo "$(GO) test -timeout $(TIMEOUT)s -run=xxxxxMatchNothingxxxxx -bench=$(BENCHMARK_FILTER) $*..." \ + && cd $* \ + $(foreach filter, $(BENCHMARK_FILTER), && $(GO) test -timeout $(TIMEOUT)s -run=xxxxxMatchNothingxxxxx -bench=$(filter)) + .PHONY: golangci-lint golangci-lint-fix golangci-lint-fix: ARGS=--fix golangci-lint-fix: golangci-lint @@ -216,7 +231,7 @@ go-mod-tidy/%: | crosslink lint-modules: go-mod-tidy .PHONY: lint -lint: misspell lint-modules golangci-lint +lint: misspell lint-modules golangci-lint govulncheck .PHONY: vanity-import-check vanity-import-check: | $(PORTO) @@ -226,6 +241,14 @@ vanity-import-check: | $(PORTO) misspell: | $(MISSPELL) @$(MISSPELL) -w $(ALL_DOCS) +.PHONY: govulncheck +govulncheck: $(OTEL_GO_MOD_DIRS:%=govulncheck/%) +govulncheck/%: DIR=$* +govulncheck/%: | $(GOVULNCHECK) + @echo "govulncheck ./... in $(DIR)" \ + && cd $(DIR) \ + && $(GOVULNCHECK) ./... + .PHONY: codespell codespell: | $(CODESPELL) @$(DOCKERPY) $(CODESPELL) @@ -289,3 +312,7 @@ COMMIT ?= "HEAD" add-tags: | $(MULTIMOD) @[ "${MODSET}" ] || ( echo ">> env var MODSET is not set"; exit 1 ) $(MULTIMOD) verify && $(MULTIMOD) tag -m ${MODSET} -c ${COMMIT} + +.PHONY: lint-markdown +lint-markdown: + docker run -v "$(CURDIR):$(WORKDIR)" docker://avtodev/markdown-lint:v1 -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md diff --git a/vendor/go.opentelemetry.io/otel/README.md b/vendor/go.opentelemetry.io/otel/README.md index 634326e..2c5b0cc 100644 --- a/vendor/go.opentelemetry.io/otel/README.md +++ b/vendor/go.opentelemetry.io/otel/README.md @@ -11,16 +11,13 @@ It provides a set of APIs to directly measure performance and behavior of your s ## Project Status -| Signal | Status | Project | -|---------|------------|-----------------------| -| Traces | Stable | N/A | -| Metrics | Mixed [1] | [Go: Metric SDK (GA)] | -| Logs | Frozen [2] | N/A | +| Signal | Status | +|---------|------------| +| Traces | Stable | +| Metrics | Stable | +| Logs | Design [1] | -[Go: Metric SDK (GA)]: https://github.com/orgs/open-telemetry/projects/34 - -- [1]: [Metrics API](https://pkg.go.dev/go.opentelemetry.io/otel/metric) is Stable. [Metrics SDK](https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric) is Beta. -- [2]: The Logs signal development is halted for this project while we stabilize the Metrics SDK. +- [1]: Currently the logs signal development is in a design phase ([#4696](https://github.com/open-telemetry/opentelemetry-go/issues/4696)). No Logs Pull Requests are currently being accepted. Progress and status specific to this repository is tracked in our diff --git a/vendor/go.opentelemetry.io/otel/baggage/baggage.go b/vendor/go.opentelemetry.io/otel/baggage/baggage.go index 9e6b3b7..84532cb 100644 --- a/vendor/go.opentelemetry.io/otel/baggage/baggage.go +++ b/vendor/go.opentelemetry.io/otel/baggage/baggage.go @@ -254,7 +254,7 @@ func NewMember(key, value string, props ...Property) (Member, error) { if err := m.validate(); err != nil { return newInvalidMember(), err } - decodedValue, err := url.QueryUnescape(value) + decodedValue, err := url.PathUnescape(value) if err != nil { return newInvalidMember(), fmt.Errorf("%w: %q", errInvalidValue, value) } @@ -301,7 +301,7 @@ func parseMember(member string) (Member, error) { // when converting the header into a data structure." key = strings.TrimSpace(k) var err error - value, err = url.QueryUnescape(strings.TrimSpace(v)) + value, err = url.PathUnescape(strings.TrimSpace(v)) if err != nil { return newInvalidMember(), fmt.Errorf("%w: %q", err, value) } diff --git a/vendor/go.opentelemetry.io/otel/internal/global/instruments.go b/vendor/go.opentelemetry.io/otel/internal/global/instruments.go index a33eded..ebb13c2 100644 --- a/vendor/go.opentelemetry.io/otel/internal/global/instruments.go +++ b/vendor/go.opentelemetry.io/otel/internal/global/instruments.go @@ -34,11 +34,13 @@ type afCounter struct { name string opts []metric.Float64ObservableCounterOption - delegate atomic.Value //metric.Float64ObservableCounter + delegate atomic.Value // metric.Float64ObservableCounter } -var _ unwrapper = (*afCounter)(nil) -var _ metric.Float64ObservableCounter = (*afCounter)(nil) +var ( + _ unwrapper = (*afCounter)(nil) + _ metric.Float64ObservableCounter = (*afCounter)(nil) +) func (i *afCounter) setDelegate(m metric.Meter) { ctr, err := m.Float64ObservableCounter(i.name, i.opts...) @@ -63,11 +65,13 @@ type afUpDownCounter struct { name string opts []metric.Float64ObservableUpDownCounterOption - delegate atomic.Value //metric.Float64ObservableUpDownCounter + delegate atomic.Value // metric.Float64ObservableUpDownCounter } -var _ unwrapper = (*afUpDownCounter)(nil) -var _ metric.Float64ObservableUpDownCounter = (*afUpDownCounter)(nil) +var ( + _ unwrapper = (*afUpDownCounter)(nil) + _ metric.Float64ObservableUpDownCounter = (*afUpDownCounter)(nil) +) func (i *afUpDownCounter) setDelegate(m metric.Meter) { ctr, err := m.Float64ObservableUpDownCounter(i.name, i.opts...) @@ -92,11 +96,13 @@ type afGauge struct { name string opts []metric.Float64ObservableGaugeOption - delegate atomic.Value //metric.Float64ObservableGauge + delegate atomic.Value // metric.Float64ObservableGauge } -var _ unwrapper = (*afGauge)(nil) -var _ metric.Float64ObservableGauge = (*afGauge)(nil) +var ( + _ unwrapper = (*afGauge)(nil) + _ metric.Float64ObservableGauge = (*afGauge)(nil) +) func (i *afGauge) setDelegate(m metric.Meter) { ctr, err := m.Float64ObservableGauge(i.name, i.opts...) @@ -121,11 +127,13 @@ type aiCounter struct { name string opts []metric.Int64ObservableCounterOption - delegate atomic.Value //metric.Int64ObservableCounter + delegate atomic.Value // metric.Int64ObservableCounter } -var _ unwrapper = (*aiCounter)(nil) -var _ metric.Int64ObservableCounter = (*aiCounter)(nil) +var ( + _ unwrapper = (*aiCounter)(nil) + _ metric.Int64ObservableCounter = (*aiCounter)(nil) +) func (i *aiCounter) setDelegate(m metric.Meter) { ctr, err := m.Int64ObservableCounter(i.name, i.opts...) @@ -150,11 +158,13 @@ type aiUpDownCounter struct { name string opts []metric.Int64ObservableUpDownCounterOption - delegate atomic.Value //metric.Int64ObservableUpDownCounter + delegate atomic.Value // metric.Int64ObservableUpDownCounter } -var _ unwrapper = (*aiUpDownCounter)(nil) -var _ metric.Int64ObservableUpDownCounter = (*aiUpDownCounter)(nil) +var ( + _ unwrapper = (*aiUpDownCounter)(nil) + _ metric.Int64ObservableUpDownCounter = (*aiUpDownCounter)(nil) +) func (i *aiUpDownCounter) setDelegate(m metric.Meter) { ctr, err := m.Int64ObservableUpDownCounter(i.name, i.opts...) @@ -179,11 +189,13 @@ type aiGauge struct { name string opts []metric.Int64ObservableGaugeOption - delegate atomic.Value //metric.Int64ObservableGauge + delegate atomic.Value // metric.Int64ObservableGauge } -var _ unwrapper = (*aiGauge)(nil) -var _ metric.Int64ObservableGauge = (*aiGauge)(nil) +var ( + _ unwrapper = (*aiGauge)(nil) + _ metric.Int64ObservableGauge = (*aiGauge)(nil) +) func (i *aiGauge) setDelegate(m metric.Meter) { ctr, err := m.Int64ObservableGauge(i.name, i.opts...) @@ -208,7 +220,7 @@ type sfCounter struct { name string opts []metric.Float64CounterOption - delegate atomic.Value //metric.Float64Counter + delegate atomic.Value // metric.Float64Counter } var _ metric.Float64Counter = (*sfCounter)(nil) @@ -234,7 +246,7 @@ type sfUpDownCounter struct { name string opts []metric.Float64UpDownCounterOption - delegate atomic.Value //metric.Float64UpDownCounter + delegate atomic.Value // metric.Float64UpDownCounter } var _ metric.Float64UpDownCounter = (*sfUpDownCounter)(nil) @@ -260,7 +272,7 @@ type sfHistogram struct { name string opts []metric.Float64HistogramOption - delegate atomic.Value //metric.Float64Histogram + delegate atomic.Value // metric.Float64Histogram } var _ metric.Float64Histogram = (*sfHistogram)(nil) @@ -286,7 +298,7 @@ type siCounter struct { name string opts []metric.Int64CounterOption - delegate atomic.Value //metric.Int64Counter + delegate atomic.Value // metric.Int64Counter } var _ metric.Int64Counter = (*siCounter)(nil) @@ -312,7 +324,7 @@ type siUpDownCounter struct { name string opts []metric.Int64UpDownCounterOption - delegate atomic.Value //metric.Int64UpDownCounter + delegate atomic.Value // metric.Int64UpDownCounter } var _ metric.Int64UpDownCounter = (*siUpDownCounter)(nil) @@ -338,7 +350,7 @@ type siHistogram struct { name string opts []metric.Int64HistogramOption - delegate atomic.Value //metric.Int64Histogram + delegate atomic.Value // metric.Int64Histogram } var _ metric.Int64Histogram = (*siHistogram)(nil) diff --git a/vendor/go.opentelemetry.io/otel/internal/global/trace.go b/vendor/go.opentelemetry.io/otel/internal/global/trace.go index 5f008d0..3f61ec1 100644 --- a/vendor/go.opentelemetry.io/otel/internal/global/trace.go +++ b/vendor/go.opentelemetry.io/otel/internal/global/trace.go @@ -39,6 +39,7 @@ import ( "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/codes" "go.opentelemetry.io/otel/trace" + "go.opentelemetry.io/otel/trace/embedded" ) // tracerProvider is a placeholder for a configured SDK TracerProvider. @@ -46,6 +47,8 @@ import ( // All TracerProvider functionality is forwarded to a delegate once // configured. type tracerProvider struct { + embedded.TracerProvider + mtx sync.Mutex tracers map[il]*tracer delegate trace.TracerProvider @@ -119,6 +122,8 @@ type il struct { // All Tracer functionality is forwarded to a delegate once configured. // Otherwise, all functionality is forwarded to a NoopTracer. type tracer struct { + embedded.Tracer + name string opts []trace.TracerOption provider *tracerProvider @@ -156,6 +161,8 @@ func (t *tracer) Start(ctx context.Context, name string, opts ...trace.SpanStart // SpanContext. It performs no operations other than to return the wrapped // SpanContext. type nonRecordingSpan struct { + embedded.Span + sc trace.SpanContext tracer *tracer } diff --git a/vendor/go.opentelemetry.io/otel/metric/doc.go b/vendor/go.opentelemetry.io/otel/metric/doc.go index ae24e44..54716e1 100644 --- a/vendor/go.opentelemetry.io/otel/metric/doc.go +++ b/vendor/go.opentelemetry.io/otel/metric/doc.go @@ -149,7 +149,7 @@ of [go.opentelemetry.io/otel/metric]. Finally, an author can embed another implementation in theirs. The embedded implementation will be used for methods not defined by the author. For example, -an author who want to default to silently dropping the call can use +an author who wants to default to silently dropping the call can use [go.opentelemetry.io/otel/metric/noop]: import "go.opentelemetry.io/otel/metric/noop" diff --git a/vendor/go.opentelemetry.io/otel/metric/instrument.go b/vendor/go.opentelemetry.io/otel/metric/instrument.go index cdca000..be89cd5 100644 --- a/vendor/go.opentelemetry.io/otel/metric/instrument.go +++ b/vendor/go.opentelemetry.io/otel/metric/instrument.go @@ -39,6 +39,12 @@ type InstrumentOption interface { Float64ObservableGaugeOption } +// HistogramOption applies options to histogram instruments. +type HistogramOption interface { + Int64HistogramOption + Float64HistogramOption +} + type descOpt string func (o descOpt) applyFloat64Counter(c Float64CounterConfig) Float64CounterConfig { @@ -171,6 +177,23 @@ func (o unitOpt) applyInt64ObservableGauge(c Int64ObservableGaugeConfig) Int64Ob // The unit u should be defined using the appropriate [UCUM](https://ucum.org) case-sensitive code. func WithUnit(u string) InstrumentOption { return unitOpt(u) } +// WithExplicitBucketBoundaries sets the instrument explicit bucket boundaries. +// +// This option is considered "advisory", and may be ignored by API implementations. +func WithExplicitBucketBoundaries(bounds ...float64) HistogramOption { return bucketOpt(bounds) } + +type bucketOpt []float64 + +func (o bucketOpt) applyFloat64Histogram(c Float64HistogramConfig) Float64HistogramConfig { + c.explicitBucketBoundaries = o + return c +} + +func (o bucketOpt) applyInt64Histogram(c Int64HistogramConfig) Int64HistogramConfig { + c.explicitBucketBoundaries = o + return c +} + // AddOption applies options to an addition measurement. See // [MeasurementOption] for other options that can be used as an AddOption. type AddOption interface { diff --git a/vendor/go.opentelemetry.io/otel/metric/syncfloat64.go b/vendor/go.opentelemetry.io/otel/metric/syncfloat64.go index f0b0637..0a4825a 100644 --- a/vendor/go.opentelemetry.io/otel/metric/syncfloat64.go +++ b/vendor/go.opentelemetry.io/otel/metric/syncfloat64.go @@ -147,8 +147,9 @@ type Float64Histogram interface { // Float64HistogramConfig contains options for synchronous counter instruments // that record int64 values. type Float64HistogramConfig struct { - description string - unit string + description string + unit string + explicitBucketBoundaries []float64 } // NewFloat64HistogramConfig returns a new [Float64HistogramConfig] with all @@ -171,6 +172,11 @@ func (c Float64HistogramConfig) Unit() string { return c.unit } +// ExplicitBucketBoundaries returns the configured explicit bucket boundaries. +func (c Float64HistogramConfig) ExplicitBucketBoundaries() []float64 { + return c.explicitBucketBoundaries +} + // Float64HistogramOption applies options to a [Float64HistogramConfig]. See // [InstrumentOption] for other options that can be used as a // Float64HistogramOption. diff --git a/vendor/go.opentelemetry.io/otel/metric/syncint64.go b/vendor/go.opentelemetry.io/otel/metric/syncint64.go index 6f508eb..56667d3 100644 --- a/vendor/go.opentelemetry.io/otel/metric/syncint64.go +++ b/vendor/go.opentelemetry.io/otel/metric/syncint64.go @@ -147,8 +147,9 @@ type Int64Histogram interface { // Int64HistogramConfig contains options for synchronous counter instruments // that record int64 values. type Int64HistogramConfig struct { - description string - unit string + description string + unit string + explicitBucketBoundaries []float64 } // NewInt64HistogramConfig returns a new [Int64HistogramConfig] with all opts @@ -171,6 +172,11 @@ func (c Int64HistogramConfig) Unit() string { return c.unit } +// ExplicitBucketBoundaries returns the configured explicit bucket boundaries. +func (c Int64HistogramConfig) ExplicitBucketBoundaries() []float64 { + return c.explicitBucketBoundaries +} + // Int64HistogramOption applies options to a [Int64HistogramConfig]. See // [InstrumentOption] for other options that can be used as an // Int64HistogramOption. diff --git a/vendor/go.opentelemetry.io/otel/propagation/trace_context.go b/vendor/go.opentelemetry.io/otel/propagation/trace_context.go index 902692d..75a8f34 100644 --- a/vendor/go.opentelemetry.io/otel/propagation/trace_context.go +++ b/vendor/go.opentelemetry.io/otel/propagation/trace_context.go @@ -40,8 +40,10 @@ const ( // their proprietary information. type TraceContext struct{} -var _ TextMapPropagator = TraceContext{} -var traceCtxRegExp = regexp.MustCompile("^(?P[0-9a-f]{2})-(?P[a-f0-9]{32})-(?P[a-f0-9]{16})-(?P[a-f0-9]{2})(?:-.*)?$") +var ( + _ TextMapPropagator = TraceContext{} + traceCtxRegExp = regexp.MustCompile("^(?P[0-9a-f]{2})-(?P[a-f0-9]{32})-(?P[a-f0-9]{16})-(?P[a-f0-9]{2})(?:-.*)?$") +) // Inject set tracecontext from the Context into the carrier. func (tc TraceContext) Inject(ctx context.Context, carrier TextMapCarrier) { diff --git a/vendor/go.opentelemetry.io/otel/requirements.txt b/vendor/go.opentelemetry.io/otel/requirements.txt index ddff454..e0a43e1 100644 --- a/vendor/go.opentelemetry.io/otel/requirements.txt +++ b/vendor/go.opentelemetry.io/otel/requirements.txt @@ -1 +1 @@ -codespell==2.2.5 +codespell==2.2.6 diff --git a/vendor/go.opentelemetry.io/otel/trace/config.go b/vendor/go.opentelemetry.io/otel/trace/config.go index cb3efbb..3aadc66 100644 --- a/vendor/go.opentelemetry.io/otel/trace/config.go +++ b/vendor/go.opentelemetry.io/otel/trace/config.go @@ -268,6 +268,7 @@ func (o stackTraceOption) applyEvent(c EventConfig) EventConfig { c.stackTrace = bool(o) return c } + func (o stackTraceOption) applySpan(c SpanConfig) SpanConfig { c.stackTrace = bool(o) return c diff --git a/vendor/go.opentelemetry.io/otel/trace/doc.go b/vendor/go.opentelemetry.io/otel/trace/doc.go index ab0346f..440f3d7 100644 --- a/vendor/go.opentelemetry.io/otel/trace/doc.go +++ b/vendor/go.opentelemetry.io/otel/trace/doc.go @@ -62,5 +62,69 @@ a default. defer span.End() // ... } + +# API Implementations + +This package does not conform to the standard Go versioning policy; all of its +interfaces may have methods added to them without a package major version bump. +This non-standard API evolution could surprise an uninformed implementation +author. They could unknowingly build their implementation in a way that would +result in a runtime panic for their users that update to the new API. + +The API is designed to help inform an instrumentation author about this +non-standard API evolution. It requires them to choose a default behavior for +unimplemented interface methods. There are three behavior choices they can +make: + + - Compilation failure + - Panic + - Default to another implementation + +All interfaces in this API embed a corresponding interface from +[go.opentelemetry.io/otel/trace/embedded]. If an author wants the default +behavior of their implementations to be a compilation failure, signaling to +their users they need to update to the latest version of that implementation, +they need to embed the corresponding interface from +[go.opentelemetry.io/otel/trace/embedded] in their implementation. For +example, + + import "go.opentelemetry.io/otel/trace/embedded" + + type TracerProvider struct { + embedded.TracerProvider + // ... + } + +If an author wants the default behavior of their implementations to panic, they +can embed the API interface directly. + + import "go.opentelemetry.io/otel/trace" + + type TracerProvider struct { + trace.TracerProvider + // ... + } + +This option is not recommended. It will lead to publishing packages that +contain runtime panics when users update to newer versions of +[go.opentelemetry.io/otel/trace], which may be done with a trasitive +dependency. + +Finally, an author can embed another implementation in theirs. The embedded +implementation will be used for methods not defined by the author. For example, +an author who wants to default to silently dropping the call can use +[go.opentelemetry.io/otel/trace/noop]: + + import "go.opentelemetry.io/otel/trace/noop" + + type TracerProvider struct { + noop.TracerProvider + // ... + } + +It is strongly recommended that authors only embed +[go.opentelemetry.io/otel/trace/noop] if they choose this default behavior. +That implementation is the only one OpenTelemetry authors can guarantee will +fully implement all the API interfaces when a user updates their API. */ package trace // import "go.opentelemetry.io/otel/trace" diff --git a/vendor/go.opentelemetry.io/otel/trace/embedded/embedded.go b/vendor/go.opentelemetry.io/otel/trace/embedded/embedded.go new file mode 100644 index 0000000..898db5a --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/trace/embedded/embedded.go @@ -0,0 +1,56 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package embedded provides interfaces embedded within the [OpenTelemetry +// trace API]. +// +// Implementers of the [OpenTelemetry trace API] can embed the relevant type +// from this package into their implementation directly. Doing so will result +// in a compilation error for users when the [OpenTelemetry trace API] is +// extended (which is something that can happen without a major version bump of +// the API package). +// +// [OpenTelemetry trace API]: https://pkg.go.dev/go.opentelemetry.io/otel/trace +package embedded // import "go.opentelemetry.io/otel/trace/embedded" + +// TracerProvider is embedded in +// [go.opentelemetry.io/otel/trace.TracerProvider]. +// +// Embed this interface in your implementation of the +// [go.opentelemetry.io/otel/trace.TracerProvider] if you want users to +// experience a compilation error, signaling they need to update to your latest +// implementation, when the [go.opentelemetry.io/otel/trace.TracerProvider] +// interface is extended (which is something that can happen without a major +// version bump of the API package). +type TracerProvider interface{ tracerProvider() } + +// Tracer is embedded in [go.opentelemetry.io/otel/trace.Tracer]. +// +// Embed this interface in your implementation of the +// [go.opentelemetry.io/otel/trace.Tracer] if you want users to experience a +// compilation error, signaling they need to update to your latest +// implementation, when the [go.opentelemetry.io/otel/trace.Tracer] interface +// is extended (which is something that can happen without a major version bump +// of the API package). +type Tracer interface{ tracer() } + +// Span is embedded in [go.opentelemetry.io/otel/trace.Span]. +// +// Embed this interface in your implementation of the +// [go.opentelemetry.io/otel/trace.Span] if you want users to experience a +// compilation error, signaling they need to update to your latest +// implementation, when the [go.opentelemetry.io/otel/trace.Span] interface is +// extended (which is something that can happen without a major version bump of +// the API package). +type Span interface{ span() } diff --git a/vendor/go.opentelemetry.io/otel/trace/noop.go b/vendor/go.opentelemetry.io/otel/trace/noop.go index 7cf6c7f..c125491 100644 --- a/vendor/go.opentelemetry.io/otel/trace/noop.go +++ b/vendor/go.opentelemetry.io/otel/trace/noop.go @@ -19,16 +19,20 @@ import ( "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/codes" + "go.opentelemetry.io/otel/trace/embedded" ) // NewNoopTracerProvider returns an implementation of TracerProvider that // performs no operations. The Tracer and Spans created from the returned // TracerProvider also perform no operations. +// +// Deprecated: Use [go.opentelemetry.io/otel/trace/noop.NewTracerProvider] +// instead. func NewNoopTracerProvider() TracerProvider { return noopTracerProvider{} } -type noopTracerProvider struct{} +type noopTracerProvider struct{ embedded.TracerProvider } var _ TracerProvider = noopTracerProvider{} @@ -38,7 +42,7 @@ func (p noopTracerProvider) Tracer(string, ...TracerOption) Tracer { } // noopTracer is an implementation of Tracer that performs no operations. -type noopTracer struct{} +type noopTracer struct{ embedded.Tracer } var _ Tracer = noopTracer{} @@ -54,7 +58,7 @@ func (t noopTracer) Start(ctx context.Context, name string, _ ...SpanStartOption } // noopSpan is an implementation of Span that performs no operations. -type noopSpan struct{} +type noopSpan struct{ embedded.Span } var _ Span = noopSpan{} diff --git a/vendor/go.opentelemetry.io/otel/trace/trace.go b/vendor/go.opentelemetry.io/otel/trace/trace.go index 4aa94f7..26a4b22 100644 --- a/vendor/go.opentelemetry.io/otel/trace/trace.go +++ b/vendor/go.opentelemetry.io/otel/trace/trace.go @@ -22,6 +22,7 @@ import ( "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/codes" + "go.opentelemetry.io/otel/trace/embedded" ) const ( @@ -48,8 +49,10 @@ func (e errorConst) Error() string { // nolint:revive // revive complains about stutter of `trace.TraceID`. type TraceID [16]byte -var nilTraceID TraceID -var _ json.Marshaler = nilTraceID +var ( + nilTraceID TraceID + _ json.Marshaler = nilTraceID +) // IsValid checks whether the trace TraceID is valid. A valid trace ID does // not consist of zeros only. @@ -71,8 +74,10 @@ func (t TraceID) String() string { // SpanID is a unique identity of a span in a trace. type SpanID [8]byte -var nilSpanID SpanID -var _ json.Marshaler = nilSpanID +var ( + nilSpanID SpanID + _ json.Marshaler = nilSpanID +) // IsValid checks whether the SpanID is valid. A valid SpanID does not consist // of zeros only. @@ -338,8 +343,15 @@ func (sc SpanContext) MarshalJSON() ([]byte, error) { // create a Span and it is then up to the operation the Span represents to // properly end the Span when the operation itself ends. // -// Warning: methods may be added to this interface in minor releases. +// Warning: Methods may be added to this interface in minor releases. See +// package documentation on API implementation for information on how to set +// default behavior for unimplemented methods. type Span interface { + // Users of the interface can ignore this. This embedded type is only used + // by implementations of this interface. See the "API Implementations" + // section of the package documentation for more information. + embedded.Span + // End completes the Span. The Span is considered complete and ready to be // delivered through the rest of the telemetry pipeline after this method // is called. Therefore, updates to the Span are not allowed after this @@ -486,8 +498,15 @@ func (sk SpanKind) String() string { // Tracer is the creator of Spans. // -// Warning: methods may be added to this interface in minor releases. +// Warning: Methods may be added to this interface in minor releases. See +// package documentation on API implementation for information on how to set +// default behavior for unimplemented methods. type Tracer interface { + // Users of the interface can ignore this. This embedded type is only used + // by implementations of this interface. See the "API Implementations" + // section of the package documentation for more information. + embedded.Tracer + // Start creates a span and a context.Context containing the newly-created span. // // If the context.Context provided in `ctx` contains a Span then the newly-created @@ -518,8 +537,15 @@ type Tracer interface { // at runtime from its users or it can simply use the globally registered one // (see https://pkg.go.dev/go.opentelemetry.io/otel#GetTracerProvider). // -// Warning: methods may be added to this interface in minor releases. +// Warning: Methods may be added to this interface in minor releases. See +// package documentation on API implementation for information on how to set +// default behavior for unimplemented methods. type TracerProvider interface { + // Users of the interface can ignore this. This embedded type is only used + // by implementations of this interface. See the "API Implementations" + // section of the package documentation for more information. + embedded.TracerProvider + // Tracer returns a unique Tracer scoped to be used by instrumentation code // to trace computational workflows. The scope and identity of that // instrumentation code is uniquely defined by the name and options passed. diff --git a/vendor/go.opentelemetry.io/otel/trace/tracestate.go b/vendor/go.opentelemetry.io/otel/trace/tracestate.go index ca68a82..d1e47ca 100644 --- a/vendor/go.opentelemetry.io/otel/trace/tracestate.go +++ b/vendor/go.opentelemetry.io/otel/trace/tracestate.go @@ -28,9 +28,9 @@ const ( // based on the W3C Trace Context specification, see // https://www.w3.org/TR/trace-context-1/#tracestate-header - noTenantKeyFormat = `[a-z][_0-9a-z\-\*\/]{0,255}` - withTenantKeyFormat = `[a-z0-9][_0-9a-z\-\*\/]{0,240}@[a-z][_0-9a-z\-\*\/]{0,13}` - valueFormat = `[\x20-\x2b\x2d-\x3c\x3e-\x7e]{0,255}[\x21-\x2b\x2d-\x3c\x3e-\x7e]` + noTenantKeyFormat = `[a-z][_0-9a-z\-\*\/]*` + withTenantKeyFormat = `[a-z0-9][_0-9a-z\-\*\/]*@[a-z][_0-9a-z\-\*\/]*` + valueFormat = `[\x20-\x2b\x2d-\x3c\x3e-\x7e]*[\x21-\x2b\x2d-\x3c\x3e-\x7e]` errInvalidKey errorConst = "invalid tracestate key" errInvalidValue errorConst = "invalid tracestate value" @@ -40,9 +40,10 @@ const ( ) var ( - keyRe = regexp.MustCompile(`^((` + noTenantKeyFormat + `)|(` + withTenantKeyFormat + `))$`) - valueRe = regexp.MustCompile(`^(` + valueFormat + `)$`) - memberRe = regexp.MustCompile(`^\s*((` + noTenantKeyFormat + `)|(` + withTenantKeyFormat + `))=(` + valueFormat + `)\s*$`) + noTenantKeyRe = regexp.MustCompile(`^` + noTenantKeyFormat + `$`) + withTenantKeyRe = regexp.MustCompile(`^` + withTenantKeyFormat + `$`) + valueRe = regexp.MustCompile(`^` + valueFormat + `$`) + memberRe = regexp.MustCompile(`^\s*((?:` + noTenantKeyFormat + `)|(?:` + withTenantKeyFormat + `))=(` + valueFormat + `)\s*$`) ) type member struct { @@ -51,10 +52,19 @@ type member struct { } func newMember(key, value string) (member, error) { - if !keyRe.MatchString(key) { + if len(key) > 256 { return member{}, fmt.Errorf("%w: %s", errInvalidKey, key) } - if !valueRe.MatchString(value) { + if !noTenantKeyRe.MatchString(key) { + if !withTenantKeyRe.MatchString(key) { + return member{}, fmt.Errorf("%w: %s", errInvalidKey, key) + } + atIndex := strings.LastIndex(key, "@") + if atIndex > 241 || len(key)-1-atIndex > 14 { + return member{}, fmt.Errorf("%w: %s", errInvalidKey, key) + } + } + if len(value) > 256 || !valueRe.MatchString(value) { return member{}, fmt.Errorf("%w: %s", errInvalidValue, value) } return member{Key: key, Value: value}, nil @@ -62,14 +72,14 @@ func newMember(key, value string) (member, error) { func parseMember(m string) (member, error) { matches := memberRe.FindStringSubmatch(m) - if len(matches) != 5 { + if len(matches) != 3 { return member{}, fmt.Errorf("%w: %s", errInvalidMember, m) } - - return member{ - Key: matches[1], - Value: matches[4], - }, nil + result, e := newMember(matches[1], matches[2]) + if e != nil { + return member{}, fmt.Errorf("%w: %s", errInvalidMember, m) + } + return result, nil } // String encodes member into a string compliant with the W3C Trace Context diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go index ad64e19..e2f7435 100644 --- a/vendor/go.opentelemetry.io/otel/version.go +++ b/vendor/go.opentelemetry.io/otel/version.go @@ -16,5 +16,5 @@ package otel // import "go.opentelemetry.io/otel" // Version is the current release version of OpenTelemetry in use. func Version() string { - return "1.19.0" + return "1.21.0" } diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml index 7d21276..3c153c9 100644 --- a/vendor/go.opentelemetry.io/otel/versions.yaml +++ b/vendor/go.opentelemetry.io/otel/versions.yaml @@ -14,13 +14,12 @@ module-sets: stable-v1: - version: v1.19.0 + version: v1.21.0 modules: - go.opentelemetry.io/otel - go.opentelemetry.io/otel/bridge/opentracing - go.opentelemetry.io/otel/bridge/opentracing/test - go.opentelemetry.io/otel/example/dice - - go.opentelemetry.io/otel/example/fib - go.opentelemetry.io/otel/example/namedtracer - go.opentelemetry.io/otel/example/otel-collector - go.opentelemetry.io/otel/example/passthrough @@ -35,14 +34,12 @@ module-sets: - go.opentelemetry.io/otel/sdk/metric - go.opentelemetry.io/otel/trace experimental-metrics: - version: v0.42.0 + version: v0.44.0 modules: - go.opentelemetry.io/otel/bridge/opencensus - go.opentelemetry.io/otel/bridge/opencensus/test - go.opentelemetry.io/otel/example/opencensus - go.opentelemetry.io/otel/example/prometheus - - go.opentelemetry.io/otel/example/view - - go.opentelemetry.io/otel/exporters/otlp/otlpmetric - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp - go.opentelemetry.io/otel/exporters/prometheus diff --git a/vendor/modules.txt b/vendor/modules.txt index 341a89f..30d9c86 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -14,7 +14,7 @@ github.com/Microsoft/go-winio/internal/stringbuffer github.com/Microsoft/go-winio/pkg/bindfilter github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/vhd -# github.com/Microsoft/hcsshim v0.11.5 +# github.com/Microsoft/hcsshim v0.11.7 ## explicit; go 1.21 github.com/Microsoft/hcsshim github.com/Microsoft/hcsshim/computestorage @@ -65,27 +65,9 @@ github.com/compose-spec/compose-go/types # github.com/containerd/cgroups v1.1.0 ## explicit; go 1.17 github.com/containerd/cgroups/stats/v1 -# github.com/containerd/containerd v1.7.18 +# github.com/containerd/containerd v1.7.22 ## explicit; go 1.21 github.com/containerd/containerd -github.com/containerd/containerd/api/runtime/sandbox/v1 -github.com/containerd/containerd/api/services/containers/v1 -github.com/containerd/containerd/api/services/content/v1 -github.com/containerd/containerd/api/services/diff/v1 -github.com/containerd/containerd/api/services/events/v1 -github.com/containerd/containerd/api/services/images/v1 -github.com/containerd/containerd/api/services/introspection/v1 -github.com/containerd/containerd/api/services/leases/v1 -github.com/containerd/containerd/api/services/namespaces/v1 -github.com/containerd/containerd/api/services/sandbox/v1 -github.com/containerd/containerd/api/services/snapshots/v1 -github.com/containerd/containerd/api/services/streaming/v1 -github.com/containerd/containerd/api/services/tasks/v1 -github.com/containerd/containerd/api/services/transfer/v1 -github.com/containerd/containerd/api/services/version/v1 -github.com/containerd/containerd/api/types -github.com/containerd/containerd/api/types/task -github.com/containerd/containerd/api/types/transfer github.com/containerd/containerd/archive github.com/containerd/containerd/archive/compression github.com/containerd/containerd/archive/tarheader @@ -123,15 +105,11 @@ github.com/containerd/containerd/pkg/transfer github.com/containerd/containerd/pkg/transfer/proxy github.com/containerd/containerd/pkg/transfer/streaming github.com/containerd/containerd/pkg/unpack -github.com/containerd/containerd/pkg/userns -github.com/containerd/containerd/platforms github.com/containerd/containerd/plugin github.com/containerd/containerd/protobuf -github.com/containerd/containerd/protobuf/plugin github.com/containerd/containerd/protobuf/proto github.com/containerd/containerd/protobuf/types github.com/containerd/containerd/reference -github.com/containerd/containerd/reference/docker github.com/containerd/containerd/remotes github.com/containerd/containerd/remotes/docker github.com/containerd/containerd/remotes/docker/auth @@ -150,6 +128,26 @@ github.com/containerd/containerd/snapshots github.com/containerd/containerd/snapshots/proxy github.com/containerd/containerd/tracing github.com/containerd/containerd/version +# github.com/containerd/containerd/api v1.7.19 +## explicit; go 1.21 +github.com/containerd/containerd/api/runtime/sandbox/v1 +github.com/containerd/containerd/api/services/containers/v1 +github.com/containerd/containerd/api/services/content/v1 +github.com/containerd/containerd/api/services/diff/v1 +github.com/containerd/containerd/api/services/events/v1 +github.com/containerd/containerd/api/services/images/v1 +github.com/containerd/containerd/api/services/introspection/v1 +github.com/containerd/containerd/api/services/leases/v1 +github.com/containerd/containerd/api/services/namespaces/v1 +github.com/containerd/containerd/api/services/sandbox/v1 +github.com/containerd/containerd/api/services/snapshots/v1 +github.com/containerd/containerd/api/services/streaming/v1 +github.com/containerd/containerd/api/services/tasks/v1 +github.com/containerd/containerd/api/services/transfer/v1 +github.com/containerd/containerd/api/services/version/v1 +github.com/containerd/containerd/api/types +github.com/containerd/containerd/api/types/task +github.com/containerd/containerd/api/types/transfer # github.com/containerd/continuity v0.4.2 ## explicit; go 1.19 github.com/containerd/continuity/fs @@ -166,7 +164,10 @@ github.com/containerd/go-cni # github.com/containerd/log v0.1.0 ## explicit; go 1.20 github.com/containerd/log -# github.com/containerd/ttrpc v1.2.4 +# github.com/containerd/platforms v0.2.1 +## explicit; go 1.20 +github.com/containerd/platforms +# github.com/containerd/ttrpc v1.2.5 ## explicit; go 1.19 github.com/containerd/ttrpc # github.com/containerd/typeurl/v2 v2.1.1 @@ -187,7 +188,7 @@ github.com/containernetworking/cni/pkg/version # github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf ## explicit github.com/coreos/go-systemd/journal -# github.com/distribution/reference v0.5.0 +# github.com/distribution/reference v0.6.0 ## explicit; go 1.20 github.com/distribution/reference # github.com/docker/cli v24.0.7+incompatible @@ -198,7 +199,6 @@ github.com/docker/cli/cli/config/credentials github.com/docker/cli/cli/config/types # github.com/docker/distribution v2.8.3+incompatible ## explicit -github.com/docker/distribution/reference # github.com/docker/docker v24.0.7+incompatible ## explicit github.com/docker/docker/pkg/homedir @@ -248,7 +248,7 @@ github.com/google/go-cmp/cmp/internal/diff github.com/google/go-cmp/cmp/internal/flags github.com/google/go-cmp/cmp/internal/function github.com/google/go-cmp/cmp/internal/value -# github.com/google/uuid v1.3.1 +# github.com/google/uuid v1.4.0 ## explicit github.com/google/uuid # github.com/gorilla/mux v1.8.1 @@ -289,16 +289,18 @@ github.com/moby/sys/sequential # github.com/moby/sys/signal v0.7.0 ## explicit; go 1.16 github.com/moby/sys/signal -# github.com/moby/sys/user v0.1.0 +# github.com/moby/sys/user v0.3.0 ## explicit; go 1.17 github.com/moby/sys/user +# github.com/moby/sys/userns v0.1.0 +## explicit; go 1.21 +github.com/moby/sys/userns # github.com/morikuni/aec v1.0.0 ## explicit github.com/morikuni/aec # github.com/opencontainers/go-digest v1.0.0 ## explicit; go 1.13 github.com/opencontainers/go-digest -github.com/opencontainers/go-digest/digestset # github.com/opencontainers/image-spec v1.1.0 ## explicit; go 1.18 github.com/opencontainers/image-spec/identity @@ -381,7 +383,7 @@ go.opencensus.io/trace/tracestate ## explicit; go 1.19 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil -# go.opentelemetry.io/otel v1.19.0 +# go.opentelemetry.io/otel v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel go.opentelemetry.io/otel/attribute @@ -394,13 +396,14 @@ go.opentelemetry.io/otel/internal/global go.opentelemetry.io/otel/propagation go.opentelemetry.io/otel/semconv/v1.17.0 go.opentelemetry.io/otel/semconv/v1.21.0 -# go.opentelemetry.io/otel/metric v1.19.0 +# go.opentelemetry.io/otel/metric v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel/metric go.opentelemetry.io/otel/metric/embedded -# go.opentelemetry.io/otel/trace v1.19.0 +# go.opentelemetry.io/otel/trace v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel/trace +go.opentelemetry.io/otel/trace/embedded # golang.org/x/net v0.24.0 ## explicit; go 1.18 golang.org/x/net/http/httpguts @@ -426,10 +429,10 @@ golang.org/x/text/unicode/bidi golang.org/x/text/unicode/norm # golang.org/x/tools v0.19.0 ## explicit; go 1.19 -# google.golang.org/genproto v0.0.0-20230920204549-e6e6cdab5c13 +# google.golang.org/genproto v0.0.0-20231211222908-989df2bf70f3 ## explicit; go 1.19 google.golang.org/genproto/protobuf/field_mask -# google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 +# google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 ## explicit; go 1.19 google.golang.org/genproto/googleapis/rpc/code google.golang.org/genproto/googleapis/rpc/status