Deleting a non-empty namespace fails with
> namespace must be empty: failed precondition
This change improves the error message by listing the types of
the objects in the namespace that prevent deletion.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
While Walk() has been taking filter strings, it was not using the parameter.
This change actually makes the filtering work.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
Dependencies may be switching to use the new `%w` formatting
option to wrap errors; switching to use `errors.Is()` makes
sure that we are still able to unwrap the error and detect the
underlying cause.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Cleanup is an optional method a snapshotter may implement.
Cleanup can be used to cleanup resources after a snapshot
has been removed. This function allows a snapshotter to defer
longer resource cleanup until after snapshot removals are
completed. Adding this to the API allows proxy snapshotters
to leverage this enhancement.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Allows backend snapshots to bring existing snapshots into
a namespace without requiring clients to fully snapshots
when the target reference is known. Backend snapshots must
explicitly implement this functionality, it is equivalent
to sharing across namespaces and is up to the backend to
use the label when it is given or ignore it.
This enables remote snapshot functionality for a backend to
query for a target snapshot before a client has performed
any work to create that snapshot.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Regular expressions in the namespaces package are redundant with the
pre-existing validator in the "identifiers" package; replace this custom
usage with the validator in "identifiers"
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Provide a flag which configures a lease to only hold
reference to its given references and ignore label references
during garbage collection rooted from the lease.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Enables showing debug logs in testing output.
For integration tests the client log output will show
in addition to daemon output, with timestamps for better
correlation.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Closes#3305
This adds an opt and a `--cgroup,-c` flag to `ctr namespaces rm` to
remove the cgroup that is commonly created with runtimes.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Add three methods for lease service so that the client can use it to
manage the resource by lease, not just gc.root label. With the following
methods, it is easy for client to maintain their own cache system.
```
- AddResource(context.Context, Lease, Resource) error
- RemoveResource(context.Context, Lease, Resource) error
- ListResources(context.Context, Lease) ([]Resource, error)
```
And the resource is to be
```golang
type Resource {
ID string
Type string
}
```
For the snapshots, the Type field will be formatted by
snapshots/%{type}, like snapshots/overlayfs.
fix: #3295
Signed-off-by: Wei Fu <fuweid89@gmail.com>
The namespaced writer Commit method must always have a
namespace in the context as checked by the removeIngestLease
function, resulting in a panic when not provided.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Extend the adaptImage function with a case for handling the annotations
so they can be used in the filter adaptors for fieldpaths.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Currently the objects which can retain content from labels
are limited. This limitation has required clients to work
around this and and in some cases add outside reference
counting (e.g. buildkit keeping content for snapshots).
Updated the logic to treat content and snapshot labels equally
and simplified the code in the process.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Adds comment showing the structure of the buckets
as stored in boltdb. Includes all bucket names, key names
and descriptions of the stored values.
Moves the metadata comment to package level to be exposed
in the godoc overview.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
The noop-loop does nothing.
The containerd doesn't have any snapshotter buckets at the beginning.
If user uses specific dir as rootfs to create container, and sets
`snapshotter` key to the container, like `overlayfs` by mistake,
the gc scheduler will try to scan the snapshotter and panic.
In order to avoid this case, remove the noop-loop here.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
megacheck, gosimple and unused has been deprecated and subsumed by
staticcheck. And staticcheck also has been upgraded. we need to update
code for the linter issue.
close: #2945
Signed-off-by: Wei Fu <fuweid89@gmail.com>
This changeset modifies the metadata store to allow one to set a
"content sharing policy" that defines how blobs are shared between
namespaces in the content store.
The default mode "shared" will make blobs available in all namespaces
once it is pulled into any namespace. The blob will be pulled into
the namespace if a writer is opened with the "Expected" digest that
is already present in the backend.
The alternative mode, "isolated" requires that clients prove they have
access to the content by providing all of the content to the ingest
before the blob is added to the namespace.
Both modes share backing data, while "shared" will reduce total
bandwidth across namespaces, at the cost of allowing access to any
blob just by knowing its digest.
Note: Most functional codes and changelog of this commit originate from
Stephen J Day <stephen.day@docker.com>, see
40455aade8Fixes#1713Fixes#2865
Signed-off-by: Eric Lin <linxiulei@gmail.com>
In many cases code is calling errors.Wrapf with an arbitrary string
instead of a format string. This causes confusing errors when the
wrapped error message contains '%' characters.
This change replaces such calls with calls to errors.Wrap.
Signed-off-by: John Starks <jostarks@microsoft.com>
The local store could end up in a state where the writer is
closed but the reference is locked after a commit on an
existing object.
Cleans up Commit logic to always close the writer even after
an error occurs, guaranteeing the reference is unlocked after commit.
Adds a test to the content test suite to verify this behavior.
Updates the content store interface definitions to clarify the behavior.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Allow content ingests to be cleaned up during gc.
Use a default expiration on content ingests or make
use of the lease expiration when provided.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
