github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

go.mod: cut circular dependency on github.com/containerd/containerd

Browse Source 
This forces vendoring to only take dependencies of this repository to
be taken into account, effectively cutting the circular dependency (for
the vendored code), and to prevent depending on transitive dependencies
coming from older versions of containerd.

go mod does not allow using the main module as a local "replace" rule using
a path; see golang/go#45492 and golang/go#34417, so instead, an empty module
is used.

One change observed is that older versions containerd depended on an older
version of imgcrypt that had an "indirect" dependency on more current versions
of gopkg.in/yaml.v2 and prometheus/procfs.

For those, a temporary "indirect" dependency was added, until prometheus/client_golang
and kubernetes are updated.

from go mod graph (before):

    github.com/containerd/imgcrypt@v1.0.4-0.20210301171431-0ae5c75f59ba gopkg.in/yaml.v2@v2.4.0
    github.com/containerd/imgcrypt@v1.0.4-0.20210301171431-0ae5c75f59ba github.com/prometheus/procfs@v0.6.0

For some reason, some older versions of containerd are still taken into account,
causing satori/go.uuid to be added as "indirect" dependency, likely because some
modules have this dependency in their go.sum. This should likely disappear once
those plugins are updated to contain a current version of containerd.

    git grep 'github.com/satori/go.uuid'
    vendor/github.com/Microsoft/hcsshim/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/aufs/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/imgcrypt/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/nri/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/zfs/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
2021-04-09 02:08:17 +02:00
parent 15e0bd513e
commit e26fc84729
5 changed files with 24 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
go.mod
View File

@@ -46,6 +46,8 @@ require (
github.com/pelletier/go-toml v1.8.1
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.7.1
github.com/prometheus/procfs v0.6.0 // indirect; temporarily force v0.6.0, which was previously defined in imgcrypt as explicit version
github.com/satori/go.uuid v1.2.0 // indirect
github.com/sirupsen/logrus v1.7.0
github.com/stretchr/testify v1.6.1
github.com/tchap/go-patricia v2.2.6+incompatible
@@ -68,6 +70,9 @@ require (
// When updating replace rules, make sure to also update the rules in integration/client/go.mod
replace (
// prevent transitional dependencies due to containerd having a circular
// dependency on itself through plugins. see .empty-mod/go.mod for details
github.com/containerd/containerd => ./.empty-mod/
github.com/gogo/googleapis => github.com/gogo/googleapis v1.3.2
github.com/golang/protobuf => github.com/golang/protobuf v1.3.5
// urfave/cli must be <= v1.22.1 due to a regression: https://github.com/urfave/cli/issues/1092