github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #7254 from mxpv/go

Browse Source 
Switch to Go 1.19
This commit is contained in:
Maksym Pavlenko 2022-08-10 12:12:49 -07:00 committed by GitHub
commit 23f66ece59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
59 changed files with 256 additions and 229 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/build-test-images.yml vendored
View File

@ -39,7 +39,7 @@ jobs:
steps: steps:
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: '1.18.5' go-version: '1.19'
- uses: actions/checkout@v2 - uses: actions/checkout@v2
with: with:

24
.github/workflows/ci.yml vendored
View File

@ -12,7 +12,7 @@ on:
env: env:
# Go version we currently use to build containerd across all CI. # Go version we currently use to build containerd across all CI.
# Note: don't forget to update `Binaries` step, as it contains the matrix of all supported Go versions. # Note: don't forget to update `Binaries` step, as it contains the matrix of all supported Go versions.
GO_VERSION: '1.18.5' GO_VERSION: '1.19'
jobs: jobs:
# #
@ -35,7 +35,7 @@ jobs:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: golangci/golangci-lint-action@v3 - uses: golangci/golangci-lint-action@v3
with: with:
version: v1.46.2 version: v1.48.0
skip-cache: true skip-cache: true
args: --timeout=5m args: --timeout=5m
@ -219,7 +219,7 @@ jobs:
strategy: strategy:
matrix: matrix:
os: [ubuntu-18.04, macos-12, windows-2019, windows-2022] os: [ubuntu-18.04, macos-12, windows-2019, windows-2022]
go-version: ['1.17.13', '1.18.5'] go-version: ['1.19', '1.18.5']
steps: steps:
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
@ -415,13 +415,13 @@ jobs:
- name: Install containerd dependencies - name: Install containerd dependencies
env: env:
RUNC_FLAVOR: ${{ matrix.runc }} RUNC_FLAVOR: ${{ matrix.runc }}
GOFLAGS: -modcacherw
run: | run: |
sudo apt-get install -y gperf sudo apt-get install -y gperf
sudo -E PATH=$PATH script/setup/install-seccomp script/setup/install-seccomp
sudo -E PATH=$PATH script/setup/install-runc script/setup/install-runc
sudo -E PATH=$PATH script/setup/install-cni $(grep containernetworking/plugins go.mod | awk '{print $2}') script/setup/install-cni $(grep containernetworking/plugins go.mod | awk '{print $2}')
sudo -E PATH=$PATH script/setup/install-critools script/setup/install-critools
script/setup/install-failpoint-binaries
- name: Install criu - name: Install criu
run: | run: |
@ -429,10 +429,6 @@ jobs:
sudo apt-get update sudo apt-get update
sudo apt-get install -y criu sudo apt-get install -y criu
- name: Install failpoint binaries
run: |
script/setup/install-failpoint-binaries
- name: Install containerd - name: Install containerd
env: env:
CGO_ENABLED: 1 CGO_ENABLED: 1
@ -440,7 +436,7 @@ jobs:
make binaries GO_BUILD_FLAGS="-mod=vendor" make binaries GO_BUILD_FLAGS="-mod=vendor"
sudo -E PATH=$PATH make install sudo -E PATH=$PATH make install
- run: sudo -E PATH=$PATH script/setup/install-gotestsum - run: script/setup/install-gotestsum
- name: Tests - name: Tests
env: env:
GOPROXY: direct GOPROXY: direct
@ -540,7 +536,7 @@ jobs:
with: with:
go-version: ${{ env.GO_VERSION }} go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- run: sudo -E PATH=$PATH script/setup/install-gotestsum - run: script/setup/install-gotestsum
- name: Tests - name: Tests
env: env:
GOPROXY: direct GOPROXY: direct

2
.github/workflows/codeql.yml vendored
View File

@ -26,7 +26,7 @@ jobs:
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: 1.18.5 go-version: 1.19
# Initializes the CodeQL tools for scanning. # Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL - name: Initialize CodeQL

2
.github/workflows/images.yml vendored
View File

@ -24,7 +24,7 @@ jobs:
steps: steps:
- uses: actions/setup-go@v2 - uses: actions/setup-go@v2
with: with:
go-version: '1.18.5' go-version: '1.19'
- uses: actions/checkout@v2 - uses: actions/checkout@v2
with: with:

2
.github/workflows/nightly.yml vendored
View File

@ -7,7 +7,7 @@ on:
- '.github/workflows/nightly.yml' - '.github/workflows/nightly.yml'
env: env:
GO_VERSION: '1.18.5' GO_VERSION: '1.19'
jobs: jobs:
linux: linux:

2
.github/workflows/release.yml vendored
View File

@ -6,7 +6,7 @@ on:
name: Containerd Release name: Containerd Release
env: env:
GO_VERSION: '1.18.5' GO_VERSION: '1.19'
jobs: jobs:
check: check:

2
.zuul/playbooks/containerd-build/integration-test.yaml
View File

@ -2,7 +2,7 @@
become: yes become: yes
roles: roles:
- role: config-golang - role: config-golang
go_version: '1.18.5' go_version: '1.19'
arch: arm64 arch: arm64
tasks: tasks:
- name: Install pre-requisites - name: Install pre-requisites

2
.zuul/playbooks/containerd-build/run.yaml
View File

@ -2,7 +2,7 @@
become: yes become: yes
roles: roles:
- role: config-golang - role: config-golang
go_version: '1.18.5' go_version: '1.19'
arch: arm64 arch: arm64
tasks: tasks:
- name: Build containerd - name: Build containerd

2
.zuul/playbooks/containerd-build/unit-test.yaml
View File

@ -2,7 +2,7 @@
become: yes become: yes
roles: roles:
- role: config-golang - role: config-golang
go_version: '1.18.5' go_version: '1.19'
arch: arm64 arch: arm64
tasks: tasks:
- name: Build and test containerd - name: Build and test containerd

2
Vagrantfile vendored
View File

@ -97,7 +97,7 @@ EOF
config.vm.provision "install-golang", type: "shell", run: "once" do |sh| config.vm.provision "install-golang", type: "shell", run: "once" do |sh|
sh.upload_path = "/tmp/vagrant-install-golang" sh.upload_path = "/tmp/vagrant-install-golang"
sh.env = { sh.env = {
'GO_VERSION': ENV['GO_VERSION'] || "1.18.5", 'GO_VERSION': ENV['GO_VERSION'] || "1.19",
} }
sh.inline = <<~SHELL sh.inline = <<~SHELL
#!/usr/bin/env bash #!/usr/bin/env bash

3
content/local/store.go
View File

@ -34,7 +34,7 @@ import (
"github.com/containerd/containerd/log" "github.com/containerd/containerd/log"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
digest "github.com/opencontainers/go-digest" "github.com/opencontainers/go-digest"
ocispec "github.com/opencontainers/image-spec/specs-go/v1" ocispec "github.com/opencontainers/image-spec/specs-go/v1"
) )
@ -643,7 +643,6 @@ func (s *store) ingestRoot(ref string) string {
// - root: entire ingest directory // - root: entire ingest directory
// - ref: name of the starting ref, must be unique // - ref: name of the starting ref, must be unique
// - data: file where data is written // - data: file where data is written
//
func (s *store) ingestPaths(ref string) (string, string, string) { func (s *store) ingestPaths(ref string) (string, string, string) {
var ( var (
fp = s.ingestRoot(ref) fp = s.ingestRoot(ref)

2
contrib/Dockerfile.test
View File

@ -10,7 +10,7 @@
# #
# docker build -t containerd-test --build-arg RUNC_VERSION=v1.0.0-rc94 -f Dockerfile.test ../ # docker build -t containerd-test --build-arg RUNC_VERSION=v1.0.0-rc94 -f Dockerfile.test ../
ARG GOLANG_VERSION=1.18.5 ARG GOLANG_VERSION=1.19
ARG GOLANG_IMAGE=golang ARG GOLANG_IMAGE=golang
FROM ${GOLANG_IMAGE}:${GOLANG_VERSION} AS golang FROM ${GOLANG_IMAGE}:${GOLANG_VERSION} AS golang

1
contrib/fuzz/daemon.go
View File

@ -13,6 +13,7 @@
See the License for the specific language governing permissions and See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/ */
package fuzz package fuzz
import ( import (

4
contrib/fuzz/oss_fuzz_build.sh
View File

@ -40,11 +40,11 @@ compile_fuzzers() {
apt-get update && apt-get install -y wget apt-get update && apt-get install -y wget
cd $SRC cd $SRC
wget --quiet https://go.dev/dl/go1.18.5.linux-amd64.tar.gz wget --quiet https://go.dev/dl/go1.19.linux-amd64.tar.gz
mkdir temp-go mkdir temp-go
rm -rf /root/.go/* rm -rf /root/.go/*
tar -C temp-go/ -xzf go1.18.5.linux-amd64.tar.gz tar -C temp-go/ -xzf go1.19.linux-amd64.tar.gz
mv temp-go/go/* /root/.go/ mv temp-go/go/* /root/.go/
cd $SRC/containerd cd $SRC/containerd

1
filters/filter.go
View File

@ -65,7 +65,6 @@
// ``` // ```
// name==foo,labels.bar // name==foo,labels.bar
// ``` // ```
//
package filters package filters
import ( import (

1
filters/parser.go
View File

@ -45,7 +45,6 @@ field := quoted | [A-Za-z] [A-Za-z0-9_]+
operator := "==" | "!=" | "~=" operator := "==" | "!=" | "~="
value := quoted | [^\s,]+ value := quoted | [^\s,]+
quoted := <go string syntax> quoted := <go string syntax>
*/ */
func Parse(s string) (Filter, error) { func Parse(s string) (Filter, error) {
// special case empty to match all // special case empty to match all

8
filters/quote.go
View File

@ -31,10 +31,10 @@ var errQuoteSyntax = errors.New("quote syntax error")
// or character literal represented by the string s. // or character literal represented by the string s.
// It returns four values: // It returns four values:
// //
// 1) value, the decoded Unicode code point or byte value; // 1. value, the decoded Unicode code point or byte value;
// 2) multibyte, a boolean indicating whether the decoded character requires a multibyte UTF-8 representation; // 2. multibyte, a boolean indicating whether the decoded character requires a multibyte UTF-8 representation;
// 3) tail, the remainder of the string after the character; and // 3. tail, the remainder of the string after the character; and
// 4) an error that will be nil if the character is syntactically valid. // 4. an error that will be nil if the character is syntactically valid.
// //
// The second argument, quote, specifies the type of literal being parsed // The second argument, quote, specifies the type of literal being parsed
// and therefore which escaped quote character is permitted. // and therefore which escaped quote character is permitted.

4
integration/failpoint/cmd/cni-bridge-fp/main_linux.go
View File

@ -20,7 +20,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"io/ioutil" "io"
"os" "os"
"path/filepath" "path/filepath"
"syscall" "syscall"
@ -168,7 +168,7 @@ func (c *failpointControl) updateTx(updateFn func(conf *failpointConf) error) er
} }
defer unflock(f.Fd()) defer unflock(f.Fd())
data, err := ioutil.ReadAll(f) data, err := io.ReadAll(f)
if err != nil { if err != nil {
return fmt.Errorf("failed to read failpoint setting %s: %w", c.confPath, err) return fmt.Errorf("failed to read failpoint setting %s: %w", c.confPath, err)
} }

17
metadata/buckets.go
View File

@ -46,10 +46,13 @@
// the structure is changed in addition to adding a migration and incrementing // the structure is changed in addition to adding a migration and incrementing
// the database version. // the database version.
// Notes: // Notes:
// * `╘══*...*` refers to maps with arbitrary keys //
// * `version` is a key to a numeric value identifying the minor revisions // - `╘══*...*` refers to maps with arbitrary keys
//
// - `version` is a key to a numeric value identifying the minor revisions
// of schema version // of schema version
// * a namespace in a schema bucket cannot be named "version" //
// - a namespace in a schema bucket cannot be named "version"
// //
// └──v1 - Schema version bucket // └──v1 - Schema version bucket
// ├──version : <varint> - Latest version, see migrations // ├──version : <varint> - Latest version, see migrations
@ -107,16 +110,16 @@
// │   └──expected : <digest> - Expected commit digest // │   └──expected : <digest> - Expected commit digest
// └──leases // └──leases
// ╘══*lease id* // ╘══*lease id*
//   ├──createdat : <binary time> - Created at // ├──createdat : <binary time> - Created at
// ├──labels // ├──labels
// │ ╘══*key* : <string> - Label value // │ ╘══*key* : <string> - Label value
//   ├──snapshots // ├──snapshots
// │  ╘══*snapshotter* // │  ╘══*snapshotter*
// │   ╘══*snapshot key* : <nil> - Snapshot reference // │   ╘══*snapshot key* : <nil> - Snapshot reference
//   ├──content // ├──content
// │  ╘══*blob digest* : <nil> - Content blob reference // │  ╘══*blob digest* : <nil> - Content blob reference
// └──ingests // └──ingests
//   ╘══*ingest reference* : <nil> - Content ingest reference // ╘══*ingest reference* : <nil> - Content ingest reference
package metadata package metadata
import ( import (

2
namespaces/store.go
View File

@ -24,8 +24,6 @@ import "context"
// oriented. A namespace is really just a name and a set of labels. Objects // oriented. A namespace is really just a name and a set of labels. Objects
// that belong to a namespace are returned when the namespace is assigned to a // that belong to a namespace are returned when the namespace is assigned to a
// given context. // given context.
//
//
type Store interface { type Store interface {
Create(ctx context.Context, namespace string, labels map[string]string) error Create(ctx context.Context, namespace string, labels map[string]string) error
Labels(ctx context.Context, namespace string) (map[string]string, error) Labels(ctx context.Context, namespace string) (map[string]string, error)

1
oci/spec_opts.go
View File

@ -591,6 +591,7 @@ func WithNamespacedCgroup() SpecOpts {
// WithUser sets the user to be used within the container. // WithUser sets the user to be used within the container.
// It accepts a valid user string in OCI Image Spec v1.0.0: // It accepts a valid user string in OCI Image Spec v1.0.0:
//
// user, uid, user:group, uid:gid, uid:group, user:gid // user, uid, user:group, uid:gid, uid:group, user:gid
func WithUser(userstr string) SpecOpts { func WithUser(userstr string) SpecOpts {
return func(ctx context.Context, client Client, c *containers.Container, s *Spec) error { return func(ctx context.Context, client Client, c *containers.Container, s *Spec) error {

1
pkg/apparmor/apparmor.go
View File

@ -18,6 +18,7 @@ package apparmor
// HostSupports returns true if apparmor is enabled for the host, // On non-Linux returns false // HostSupports returns true if apparmor is enabled for the host, // On non-Linux returns false
// On Linux returns true if apparmor_parser is enabled, and if we // On Linux returns true if apparmor_parser is enabled, and if we
//
// are not running docker-in-docker. // are not running docker-in-docker.
// //
// It is a modified version of libcontainer/apparmor.IsEnabled(), which does not // It is a modified version of libcontainer/apparmor.IsEnabled(), which does not

1
pkg/cri/opts/spec.go
View File

@ -77,6 +77,7 @@ func WithProcessArgs(config *runtime.ContainerConfig, image *imagespec.ImageConf
// mounts defines how to sort runtime.Mount. // mounts defines how to sort runtime.Mount.
// This is the same with the Docker implementation: // This is the same with the Docker implementation:
//
// https://github.com/moby/moby/blob/17.05.x/daemon/volumes.go#L26 // https://github.com/moby/moby/blob/17.05.x/daemon/volumes.go#L26
type orderedMounts []*runtime.Mount type orderedMounts []*runtime.Mount

3
pkg/cri/streaming/server.go
View File

@ -45,7 +45,7 @@ import (
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/status" "google.golang.org/grpc/status"
restful "github.com/emicklei/go-restful/v3" "github.com/emicklei/go-restful/v3"
"k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/types"
remotecommandconsts "k8s.io/apimachinery/pkg/util/remotecommand" remotecommandconsts "k8s.io/apimachinery/pkg/util/remotecommand"
@ -165,6 +165,7 @@ func NewServer(config Config, runtime Runtime) (Server, error) {
Addr: s.config.Addr, Addr: s.config.Addr,
Handler: s.handler, Handler: s.handler,
TLSConfig: s.config.TLSConfig, TLSConfig: s.config.TLSConfig,
ReadHeaderTimeout: 3 * time.Second, // Fix linter G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server
} }
return s, nil return s, nil

4
pkg/ioutil/write_closer.go
View File

@ -73,9 +73,9 @@ func (n *nopWriteCloser) Close() error {
// serialWriteCloser wraps a write closer and makes sure all writes // serialWriteCloser wraps a write closer and makes sure all writes
// are done in serial. // are done in serial.
// Parallel write won't intersect with each other. Use case: // Parallel write won't intersect with each other. Use case:
// 1) Pipe: Write content longer than PIPE_BUF. // 1. Pipe: Write content longer than PIPE_BUF.
// See http://man7.org/linux/man-pages/man7/pipe.7.html // See http://man7.org/linux/man-pages/man7/pipe.7.html
// 2) <3.14 Linux Kernel: write is not atomic // 2. <3.14 Linux Kernel: write is not atomic
// See http://man7.org/linux/man-pages/man2/write.2.html // See http://man7.org/linux/man-pages/man2/write.2.html
type serialWriteCloser struct { type serialWriteCloser struct {
mu sync.Mutex mu sync.Mutex

2
pkg/os/os_windows.go
View File

@ -32,6 +32,7 @@ import (
// - os.Open on a directory returns a os.File where Fd() is a search handle from FindFirstFile. // - os.Open on a directory returns a os.File where Fd() is a search handle from FindFirstFile.
// - syscall.Open does not provide a way to specify FILE_FLAG_BACKUP_SEMANTICS, which is needed to // - syscall.Open does not provide a way to specify FILE_FLAG_BACKUP_SEMANTICS, which is needed to
// open a directory. // open a directory.
//
// We could use os.Open if the path is a file, but it's easier to just use the same code for both. // We could use os.Open if the path is a file, but it's easier to just use the same code for both.
// Therefore, we call windows.CreateFile directly. // Therefore, we call windows.CreateFile directly.
func openPath(path string) (windows.Handle, error) { func openPath(path string) (windows.Handle, error) {
@ -58,6 +59,7 @@ func openPath(path string) (windows.Handle, error) {
} }
// GetFinalPathNameByHandle flags. // GetFinalPathNameByHandle flags.
//
//nolint:revive // SNAKE_CASE is not idiomatic in Go, but aligned with Win32 API. //nolint:revive // SNAKE_CASE is not idiomatic in Go, but aligned with Win32 API.
const ( const (
cFILE_NAME_OPENED = 0x8 cFILE_NAME_OPENED = 0x8

8
platforms/platforms.go
View File

@ -42,7 +42,7 @@
// //
// More details of the specifier syntax and platform spec follow. // More details of the specifier syntax and platform spec follow.
// //
// Declaring Platform Support // # Declaring Platform Support
// //
// Components that have strict platform requirements should use the OCI // Components that have strict platform requirements should use the OCI
// platform specification to declare their support. Typically, this will be // platform specification to declare their support. Typically, this will be
@ -60,7 +60,7 @@
// specification when in doubt). ARM should set variant under certain // specification when in doubt). ARM should set variant under certain
// discussions, which are outlined below. // discussions, which are outlined below.
// //
// Platform Specifiers // # Platform Specifiers
// //
// While the OCI platform specifications provide a tool for components to // While the OCI platform specifications provide a tool for components to
// specify structured information, user input typically doesn't need the full // specify structured information, user input typically doesn't need the full
@ -77,7 +77,7 @@
// where the architecture may be known but a runtime may support images from // where the architecture may be known but a runtime may support images from
// different operating systems. // different operating systems.
// //
// Normalization // # Normalization
// //
// Because not all users are familiar with the way the Go runtime represents // Because not all users are familiar with the way the Go runtime represents
// platforms, several normalizations have been provided to make this package // platforms, several normalizations have been provided to make this package
@ -95,7 +95,7 @@
// //
// We also normalize the operating system `macos` to `darwin`. // We also normalize the operating system `macos` to `darwin`.
// //
// ARM Support // # ARM Support
// //
// To qualify ARM architecture, the Variant field is used to qualify the arm // To qualify ARM architecture, the Variant field is used to qualify the arm
// version. The most common arm version, v7, is represented without the variant // version. The most common arm version, v7, is represented without the variant

2
process.go
View File

@ -72,8 +72,10 @@ type ExitStatus struct {
// Result returns the exit code and time of the exit status. // Result returns the exit code and time of the exit status.
// An error may be returned here to which indicates there was an error // An error may be returned here to which indicates there was an error
//
// at some point while waiting for the exit status. It does not signify // at some point while waiting for the exit status. It does not signify
// an error with the process itself. // an error with the process itself.
//
// If an error is returned, the process may still be running. // If an error is returned, the process may still be running.
func (s ExitStatus) Result() (uint32, time.Time, error) { func (s ExitStatus) Result() (uint32, time.Time, error) {
return s.code, s.exitedAt, s.err return s.code, s.exitedAt, s.err

10
script/setup/install-cni
View File

@ -25,6 +25,12 @@ CNI_COMMIT=${1:-$(grep containernetworking/plugins "$GOPATH"/src/github.com/cont
CNI_DIR=${DESTDIR:=''}/opt/cni CNI_DIR=${DESTDIR:=''}/opt/cni
CNI_CONFIG_DIR=${DESTDIR}/etc/cni/net.d CNI_CONFIG_DIR=${DESTDIR}/etc/cni/net.d
# e2e and Cirrus will fail with "sudo: command not found"
SUDO=''
if (( $EUID != 0 )); then
SUDO='sudo'
fi
TMPROOT=$(mktemp -d) TMPROOT=$(mktemp -d)
git clone https://github.com/containernetworking/plugins.git "${TMPROOT}"/plugins git clone https://github.com/containernetworking/plugins.git "${TMPROOT}"/plugins
pushd "${TMPROOT}"/plugins pushd "${TMPROOT}"/plugins
@ -32,8 +38,8 @@ git checkout "$CNI_COMMIT"
./build_linux.sh ./build_linux.sh
mkdir -p $CNI_DIR mkdir -p $CNI_DIR
cp -r ./bin $CNI_DIR cp -r ./bin $CNI_DIR
mkdir -p $CNI_CONFIG_DIR $SUDO mkdir -p $CNI_CONFIG_DIR
cat << EOF | tee $CNI_CONFIG_DIR/10-containerd-net.conflist $SUDO cat << EOF | $SUDO tee $CNI_CONFIG_DIR/10-containerd-net.conflist
{ {
"cniVersion": "1.0.0", "cniVersion": "1.0.0",
"name": "containerd-net", "name": "containerd-net",

10
script/setup/install-critools
View File

@ -22,6 +22,12 @@ set -eu -o pipefail
script_dir="$(cd -- "$(dirname -- "$0")" > /dev/null 2>&1; pwd -P)" script_dir="$(cd -- "$(dirname -- "$0")" > /dev/null 2>&1; pwd -P)"
# e2e will fail with "sudo: command not found"
SUDO=''
if (( $EUID != 0 )); then
SUDO='sudo'
fi
cd "$(go env GOPATH)" cd "$(go env GOPATH)"
go install github.com/onsi/ginkgo/v2/ginkgo@v2.1.4 go install github.com/onsi/ginkgo/v2/ginkgo@v2.1.4
@ -33,10 +39,10 @@ git clone https://github.com/kubernetes-sigs/cri-tools.git "${TMPROOT}/cri-tools
pushd "${TMPROOT}"/cri-tools pushd "${TMPROOT}"/cri-tools
git checkout "$CRITEST_COMMIT" git checkout "$CRITEST_COMMIT"
make make
make install -e DESTDIR="${DESTDIR}" BINDIR=/usr/local/bin $SUDO make install -e DESTDIR="${DESTDIR}" BINDIR=/usr/local/bin
mkdir -p "${DESTDIR}/etc/" mkdir -p "${DESTDIR}/etc/"
cat << EOF | tee "${DESTDIR}/etc/crictl.yaml" $SUDO cat << EOF | $SUDO tee "${DESTDIR}/etc/crictl.yaml"
runtime-endpoint: unix:///run/containerd/containerd.sock runtime-endpoint: unix:///run/containerd/containerd.sock
EOF EOF

2
script/setup/install-dev-tools
View File

@ -24,7 +24,7 @@ set -eu -o pipefail
go install github.com/containerd/protobuild@v0.2.0 go install github.com/containerd/protobuild@v0.2.0
go install github.com/containerd/protobuild/cmd/go-fix-acronym@v0.2.0 go install github.com/containerd/protobuild/cmd/go-fix-acronym@v0.2.0
go install github.com/cpuguy83/go-md2man/v2@v2.0.1 go install github.com/cpuguy83/go-md2man/v2@v2.0.1
go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.2 go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.48.0
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28 go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2 go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2
go install github.com/containerd/ttrpc/cmd/protoc-gen-go-ttrpc@944ef4a40df3446714a823207972b7d9858ffac5 go install github.com/containerd/ttrpc/cmd/protoc-gen-go-ttrpc@944ef4a40df3446714a823207972b7d9858ffac5

12
script/setup/install-runc
View File

@ -22,6 +22,12 @@ set -eu -o pipefail
script_dir="$(cd -- "$(dirname -- "$0")" > /dev/null 2>&1; pwd -P)" script_dir="$(cd -- "$(dirname -- "$0")" > /dev/null 2>&1; pwd -P)"
# e2e and Cirrus will fail with "sudo: command not found"
SUDO=''
if (( $EUID != 0 )); then
SUDO='sudo'
fi
function install_runc() { function install_runc() {
# When updating runc-version, consider updating the runc module in go.mod as well # When updating runc-version, consider updating the runc module in go.mod as well
: "${RUNC_VERSION:=$(cat "${script_dir}/runc-version")}" : "${RUNC_VERSION:=$(cat "${script_dir}/runc-version")}"
@ -31,15 +37,15 @@ function install_runc() {
pushd "${TMPROOT}"/runc pushd "${TMPROOT}"/runc
git checkout "${RUNC_VERSION}" git checkout "${RUNC_VERSION}"
make BUILDTAGS='seccomp' runc make BUILDTAGS='seccomp' runc
make install $SUDO make install
popd popd
rm -fR "${TMPROOT}" rm -fR "${TMPROOT}"
} }
function install_crun() { function install_crun() {
: "${CRUN_VERSION:=$(cat "${script_dir}/crun-version")}" : "${CRUN_VERSION:=$(cat "${script_dir}/crun-version")}"
curl -S -o /usr/local/sbin/runc -L https://github.com/containers/crun/releases/download/"${CRUN_VERSION}"/crun-"${CRUN_VERSION}"-linux-"$(go env GOARCH)" $SUDO curl -S -o /usr/local/sbin/runc -L https://github.com/containers/crun/releases/download/"${CRUN_VERSION}"/crun-"${CRUN_VERSION}"-linux-"$(go env GOARCH)"
chmod +x /usr/local/sbin/runc $SUDO chmod +x /usr/local/sbin/runc
} }
: "${RUNC_FLAVOR:=runc}" : "${RUNC_FLAVOR:=runc}"

4
script/setup/install-seccomp
View File

@ -30,8 +30,8 @@ curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_V
cd "$SECCOMP_PATH" cd "$SECCOMP_PATH"
./configure --prefix=/usr/local ./configure --prefix=/usr/local
make make
make install sudo make install
ldconfig sudo ldconfig
) )
rm -rf "$SECCOMP_PATH" rm -rf "$SECCOMP_PATH"

2
script/setup/prepare_env_windows.ps1
View File

@ -5,7 +5,7 @@
# lived test environment. # lived test environment.
Set-MpPreference -DisableRealtimeMonitoring:$true Set-MpPreference -DisableRealtimeMonitoring:$true
$PACKAGES= @{ mingw = "10.2.0"; git = ""; golang = "1.18.5"; make = ""; nssm = "" } $PACKAGES= @{ mingw = "10.2.0"; git = ""; golang = "1.19"; make = ""; nssm = "" }
Write-Host "Downloading chocolatey package" Write-Host "Downloading chocolatey package"
curl.exe -L "https://packages.chocolatey.org/chocolatey.0.10.15.nupkg" -o 'c:\choco.zip' curl.exe -L "https://packages.chocolatey.org/chocolatey.0.10.15.nupkg" -o 'c:\choco.zip'

3
snapshots/devmapper/dmsetup/dmsetup.go
View File

@ -353,6 +353,7 @@ func BlockDeviceSize(path string) (int64, error) {
} }
// DiscardBlocks discards all blocks for the given thin device // DiscardBlocks discards all blocks for the given thin device
//
// ported from https://github.com/moby/moby/blob/7b9275c0da707b030e62c96b679a976f31f929d3/pkg/devicemapper/devmapper.go#L416 // ported from https://github.com/moby/moby/blob/7b9275c0da707b030e62c96b679a976f31f929d3/pkg/devicemapper/devmapper.go#L416
func DiscardBlocks(deviceName string) error { func DiscardBlocks(deviceName string) error {
inUse, err := isInUse(deviceName) inUse, err := isInUse(deviceName)
@ -402,8 +403,10 @@ func tryGetUnixError(output string) (unix.Errno, bool) {
} }
// dmsetup returns error messages in format: // dmsetup returns error messages in format:
//
// device-mapper: message ioctl on <name> failed: File exists\n // device-mapper: message ioctl on <name> failed: File exists\n
// Command failed\n // Command failed\n
//
// parseDmsetupError extracts text between "failed: " and "\n" // parseDmsetupError extracts text between "failed: " and "\n"
func parseDmsetupError(output string) string { func parseDmsetupError(output string) string {
lines := strings.SplitN(output, "\n", 2) lines := strings.SplitN(output, "\n", 2)

2
snapshots/devmapper/pool_device.go
View File

@ -484,7 +484,9 @@ func (p *PoolDevice) IsLoaded(deviceName string) bool {
// GetUsage reports total size in bytes consumed by a thin-device. // GetUsage reports total size in bytes consumed by a thin-device.
// It relies on the number of used blocks reported by 'dmsetup status'. // It relies on the number of used blocks reported by 'dmsetup status'.
// The output looks like: // The output looks like:
//
// device2: 0 204800 thin 17280 204799 // device2: 0 204800 thin 17280 204799
//
// Where 17280 is the number of used sectors // Where 17280 is the number of used sectors
func (p *PoolDevice) GetUsage(deviceName string) (int64, error) { func (p *PoolDevice) GetUsage(deviceName string) (int64, error) {
status, err := dmsetup.Status(deviceName) status, err := dmsetup.Status(deviceName)

6
snapshots/snapshotter.go
View File

@ -167,7 +167,7 @@ type WalkFunc func(context.Context, Info) error
// //
// We cover several examples below to demonstrate the utility of the snapshotter. // We cover several examples below to demonstrate the utility of the snapshotter.
// //
// Importing a Layer // # Importing a Layer
// //
// To import a layer, we simply have the snapshotter provide a list of // To import a layer, we simply have the snapshotter provide a list of
// mounts to be applied such that our dst will capture a changeset. We start // mounts to be applied such that our dst will capture a changeset. We start
@ -220,7 +220,7 @@ type WalkFunc func(context.Context, Info) error
// Now, we have a layer in the snapshotter that can be accessed with the digest // Now, we have a layer in the snapshotter that can be accessed with the digest
// provided during commit. // provided during commit.
// //
// Importing the Next Layer // # Importing the Next Layer
// //
// Making a layer depend on the above is identical to the process described // Making a layer depend on the above is identical to the process described
// above except that the parent is provided as parent when calling // above except that the parent is provided as parent when calling
@ -231,7 +231,7 @@ type WalkFunc func(context.Context, Info) error
// We then mount, apply and commit, as we did above. The new snapshot will be // We then mount, apply and commit, as we did above. The new snapshot will be
// based on the content of the previous one. // based on the content of the previous one.
// //
// Running a Container // # Running a Container
// //
// To run a container, we simply provide snapshotter.Prepare() the committed image // To run a container, we simply provide snapshotter.Prepare() the committed image
// snapshot as the parent. After mounting, the prepared path can // snapshot as the parent. After mounting, the prepared path can

1
snapshots/testsuite/testsuite.go
View File

@ -559,6 +559,7 @@ func checkRemoveIntermediateSnapshot(ctx context.Context, t *testing.T, snapshot
// baseTestSnapshots creates a base set of snapshots for tests, each snapshot is empty // baseTestSnapshots creates a base set of snapshots for tests, each snapshot is empty
// Tests snapshots: // Tests snapshots:
//
// c1 - committed snapshot, no parent // c1 - committed snapshot, no parent
// c2 - committed snapshot, c1 is parent // c2 - committed snapshot, c1 is parent
// a1 - active snapshot, c2 is parent // a1 - active snapshot, c2 is parent