Merge pull request #9177 from lengrongfu/fix/toml-version-upgrade-bug

pkg/imageverifier/bindir/bindir.go

@@ -30,6 +30,7 @@ import (
 	"time"
 
 	"github.com/containerd/containerd/pkg/imageverifier"
+	"github.com/containerd/containerd/pkg/tomlext"
 	"github.com/containerd/log"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 )
@@ -39,7 +40,7 @@ const outputLimitBytes = 1 << 15 // 32 KiB
 type Config struct {
 	BinDir             string           `toml:"bin_dir"`
 	MaxVerifiers       int              `toml:"max_verifiers"`
-	PerVerifierTimeout time.Duration `toml:"per_verifier_timeout"`
+	PerVerifierTimeout tomlext.Duration `toml:"per_verifier_timeout"`
 }
 
 type ImageVerifier struct {
@@ -110,7 +111,7 @@ func (v *ImageVerifier) VerifyImage(ctx context.Context, name string, desc ocisp
 }
 
 func (v *ImageVerifier) runVerifier(ctx context.Context, bin string, imageName string, desc ocispec.Descriptor) (exitCode int, reason string, err error) {
-	ctx, cancel := context.WithTimeout(ctx, v.config.PerVerifierTimeout)
+	ctx, cancel := context.WithTimeout(ctx, tomlext.ToStdTime(v.config.PerVerifierTimeout))
 	defer cancel()
 
 	binPath := filepath.Join(v.config.BinDir, bin)

pkg/imageverifier/bindir/bindir_test.go

@@ -29,6 +29,7 @@ import (
 	"text/template"
 	"time"
 
+	"github.com/containerd/containerd/pkg/tomlext"
 	"github.com/containerd/log"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/stretchr/testify/assert"
@@ -136,7 +137,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{
@@ -170,7 +171,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 30 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(30 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -183,7 +184,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             filepath.Join(t.TempDir(), "missing_directory"),
 			MaxVerifiers:       10,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -196,7 +197,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             t.TempDir(),
 			MaxVerifiers:       10,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -213,7 +214,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       0,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -231,7 +232,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -250,7 +251,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       2,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -268,7 +269,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       3,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -287,7 +288,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       3,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -306,7 +307,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -325,7 +326,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -344,7 +345,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -379,7 +380,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       -1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{})
@@ -395,7 +396,7 @@ func TestBinDirVerifyImage(t *testing.T) {
 		v := NewImageVerifier(&Config{
 			BinDir:             binDir,
 			MaxVerifiers:       1,
-			PerVerifierTimeout: 5 * time.Second,
+			PerVerifierTimeout: tomlext.FromStdTime(5 * time.Second),
 		})
 
 		j, err := v.VerifyImage(ctx, "registry.example.com/image:abc", ocispec.Descriptor{

pkg/nri/config.go

@@ -17,8 +17,7 @@
 package nri
 
 import (
-	"time"
+	"github.com/containerd/containerd/pkg/tomlext"
-
 	nri "github.com/containerd/nri/pkg/adaptation"
 )
 
@@ -33,9 +32,9 @@ type Config struct {
 	// PluginConfigPath is the path to search for plugin-specific configuration.
 	PluginConfigPath string `toml:"plugin_config_path" json:"pluginConfigPath"`
 	// PluginRegistrationTimeout is the timeout for plugin registration.
-	PluginRegistrationTimeout time.Duration `toml:"plugin_registration_timeout" json:"pluginRegistrationTimeout"`
+	PluginRegistrationTimeout tomlext.Duration `toml:"plugin_registration_timeout" json:"pluginRegistrationTimeout"`
 	// PluginRequestTimeout is the timeout for a plugin to handle a request.
-	PluginRequestTimeout time.Duration `toml:"plugin_request_timeout" json:"pluginRequestTimeout"`
+	PluginRequestTimeout tomlext.Duration `toml:"plugin_request_timeout" json:"pluginRequestTimeout"`
 	// DisableConnections disables connections from externally launched plugins.
 	DisableConnections bool `toml:"disable_connections" json:"disableConnections"`
 }
@@ -48,8 +47,8 @@ func DefaultConfig() *Config {
 		PluginPath:       nri.DefaultPluginPath,
 		PluginConfigPath: nri.DefaultPluginConfigPath,
 
-		PluginRegistrationTimeout: nri.DefaultPluginRegistrationTimeout,
+		PluginRegistrationTimeout: tomlext.FromStdTime(nri.DefaultPluginRegistrationTimeout),
-		PluginRequestTimeout:      nri.DefaultPluginRequestTimeout,
+		PluginRequestTimeout:      tomlext.FromStdTime(nri.DefaultPluginRequestTimeout),
 	}
 }
 
@@ -74,9 +73,9 @@ func (c *Config) toOptions() []nri.Option {
 // ConfigureTimeouts sets timeout options for NRI.
 func (c *Config) ConfigureTimeouts() {
 	if c.PluginRegistrationTimeout != 0 {
-		nri.SetPluginRegistrationTimeout(c.PluginRegistrationTimeout)
+		nri.SetPluginRegistrationTimeout(tomlext.ToStdTime(c.PluginRegistrationTimeout))
 	}
 	if c.PluginRequestTimeout != 0 {
-		nri.SetPluginRequestTimeout(c.PluginRequestTimeout)
+		nri.SetPluginRequestTimeout(tomlext.ToStdTime(c.PluginRequestTimeout))
 	}
 }

pkg/tomlext/toml_v2_util.go

@@ -0,0 +1,38 @@
+/*
+   Copyright The containerd Authors.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package tomlext
+
+import "time"
+
+type Duration time.Duration
+
+func (d *Duration) UnmarshalText(b []byte) error {
+	x, err := time.ParseDuration(string(b))
+	if err != nil {
+		return err
+	}
+	*d = Duration(x)
+	return nil
+}
+
+func ToStdTime(d Duration) time.Duration {
+	return time.Duration(d)
+}
+
+func FromStdTime(duration time.Duration) Duration {
+	return Duration(duration)
+}

plugins/imageverifier/plugin.go

@@ -20,6 +20,7 @@ import (
 	"time"
 
 	"github.com/containerd/containerd/pkg/imageverifier/bindir"
+	"github.com/containerd/containerd/pkg/tomlext"
 	"github.com/containerd/containerd/plugin"
 )
 
@@ -40,6 +41,6 @@ func defaultConfig() *bindir.Config {
 	return &bindir.Config{
 		BinDir:             defaultPath,
 		MaxVerifiers:       10,
-		PerVerifierTimeout: 10 * time.Second,
+		PerVerifierTimeout: tomlext.FromStdTime(10 * time.Second),
 	}
 }