Merge pull request #8287 from kinvolk/rata/userns-stateless-idmap
Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27)
This commit is contained in:
Fu Wei
24
vendor/github.com/opencontainers/runtime-spec/specs-go/features/features.go
generated
vendored
24
vendor/github.com/opencontainers/runtime-spec/specs-go/features/features.go
generated
vendored
@@ -36,11 +36,12 @@ type Linux struct {
|
||||
// Nil value means "unknown", not "no support for any capability".
|
||||
Capabilities []string `json:"capabilities,omitempty"`
|
||||
|
||||
Cgroup *Cgroup `json:"cgroup,omitempty"`
|
||||
Seccomp *Seccomp `json:"seccomp,omitempty"`
|
||||
Apparmor *Apparmor `json:"apparmor,omitempty"`
|
||||
Selinux *Selinux `json:"selinux,omitempty"`
|
||||
IntelRdt *IntelRdt `json:"intelRdt,omitempty"`
|
||||
Cgroup *Cgroup `json:"cgroup,omitempty"`
|
||||
Seccomp *Seccomp `json:"seccomp,omitempty"`
|
||||
Apparmor *Apparmor `json:"apparmor,omitempty"`
|
||||
Selinux *Selinux `json:"selinux,omitempty"`
|
||||
IntelRdt *IntelRdt `json:"intelRdt,omitempty"`
|
||||
MountExtensions *MountExtensions `json:"mountExtensions,omitempty"`
|
||||
}
|
||||
|
||||
// Cgroup represents the "cgroup" field.
|
||||
@@ -123,3 +124,16 @@ type IntelRdt struct {
|
||||
// Nil value means "unknown", not "false".
|
||||
Enabled *bool `json:"enabled,omitempty"`
|
||||
}
|
||||
|
||||
// MountExtensions represents the "mountExtensions" field.
|
||||
type MountExtensions struct {
|
||||
// IDMap represents the status of idmap mounts support.
|
||||
IDMap *IDMap `json:"idmap,omitempty"`
|
||||
}
|
||||
|
||||
type IDMap struct {
|
||||
// Enabled represents whether idmap mounts supports is compiled in.
|
||||
// Unrelated to whether the host supports it or not.
|
||||
// Nil value means "unknown", not "false".
|
||||
Enabled *bool `json:"enabled,omitempty"`
|
||||
}
|
||||
|
||||
2
vendor/github.com/opencontainers/runtime-spec/specs-go/version.go
generated
vendored
2
vendor/github.com/opencontainers/runtime-spec/specs-go/version.go
generated
vendored
@@ -11,7 +11,7 @@ const (
|
||||
VersionPatch = 0
|
||||
|
||||
// VersionDev indicates development branch. Releases will be empty string.
|
||||
VersionDev = ""
|
||||
VersionDev = "+dev"
|
||||
)
|
||||
|
||||
// Version is the specification version that the package types support.
|
||||
|
||||
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@@ -343,7 +343,7 @@ github.com/opencontainers/image-spec/specs-go/v1
|
||||
# github.com/opencontainers/runc v1.1.9
|
||||
## explicit; go 1.17
|
||||
github.com/opencontainers/runc/libcontainer/user
|
||||
# github.com/opencontainers/runtime-spec v1.1.0
|
||||
# github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4
|
||||
## explicit
|
||||
github.com/opencontainers/runtime-spec/specs-go
|
||||
github.com/opencontainers/runtime-spec/specs-go/features
|
||||
|
||||
Reference in New Issue
Block a user