Fetching blobs without foreknown descriptors is useful for using a registry as a general-purpose CAS.
Related: `oras blob fetch` (ORAS v0.15.0)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This change spins up a new goroutine, locks it to a thread, then
unshares CLONE_FS which allows us to `Chdir` from inside the thread
without affecting the rest of the program.
The thread is no longer usable after unshare so it leaves the thread
locked to prevent go from returning the thread to the thread pool.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This change modifies WithLinuxDevice to take an option `followSymlink`
and be unexported as `withLinuxDevice`. An option
`WithLinuxDeviceFollowSymlinks` will call this unexported option to
follow a symlink, which will resolve a symlink before calling
`DeviceFromPath`. `WithLinuxDevice` has been changed to call
`withLinuxDevice` without following symlinks.
Signed-off-by: Gavin Inglis <giinglis@amazon.com>
Signed-off-by: Swagat Bora <sbora@amazon.com>
Add spans around image unpack operations
Use image.ref to denote image name and image.id for the image config digest
Add top-level spand and record errors in the CRI instrumentation service
Cleaning up TODO's. If we're on >= 5.11 we need userxattr so check
the kernel version to skip the manual check via mounting. It feels
odd to use contrib/seccomp here but the alternative is pulling that
kernel parsing code out into the main pkgs. Another is using the moby
parser but that's in moby/moby which is also a dep we don't want here..
Signed-off-by: Danny Canter <danny@dcantah.dev>
Following how some of the other stores/services are returned in the
client package, it makes sense to me to move the remoteFooBars in
the sandbox API to a proxy sub-package under /sandbox. Given this
has only been in a 1.7 beta, I hope this is fine to move around still.
Signed-off-by: Danny Canter <danny@dcantah.dev>
This change adds two new environment variables to cri-integration tests
on Windows that enable Hyper-V isolation.
Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
Old TODO stating that pkg/cri/opts's `WithWindowsNetworkNamespace`
should be moved to the main containerd pkg was out of date as thats
already been done (well, to the /oci package). This just removes it
and swaps all uses of `WithWindowsNetworkNamespace` to the oci
packages impl.
Signed-off-by: Danny Canter <danny@dcantah.dev>
