full diff: https://github.com/google/uuid/compare/v1.1.2...v1.2.0
I did not switch to us the `uuid.NewString()` function; we are not currently using
`uuid.New()`, probably because it can `panic` in case an invalid UUID is produced;
in stead we are using `uuid.NewRandom()`, which is equivalent, but returns an
error instead.
Changes:
- v1.2.0: Add NewString()
This release introduces the NewString() function which is the equivalent of
uuid.New().String().
- v1.1.5: Syntactic cleanup
There are no code changes. A missing period was add to a godoc comment and the
linter was told to not complain that the results of hash.Write() are ignored
(the function cannot fail)
- v1.1.4: Further error optimizations
Do not allocate memory for errors (it is only one word)
- v1.1.3: Optimize error reporting
Optimize length of time it takes to discover an input is bad by no longer using
fmt.Errorf, which is quite slow. It now uses a custom error type that formats
the string when the Error method is called rather than when generating the error.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It does not make sense to check if seccomp is supported by the kernel
more than once per runtime, so let's use sync.Once to speed it up.
A quick benchmark (old implementation, before this commit, after):
BenchmarkIsEnabledOld-4 37183 27971 ns/op
BenchmarkIsEnabled-4 1252161 947 ns/op
BenchmarkIsEnabledOnce-4 666274008 2.14 ns/op
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Current implementation of seccomp.IsEnabled (rooted in runc) is not
too good.
First, it parses the whole /proc/self/status, adding each key: value
pair into the map (lots of allocations and future work for garbage
collector), when using a single key from that map.
Second, the presence of "Seccomp" key in /proc/self/status merely means
that kernel option CONFIG_SECCOMP is set, but there is a need to _also_
check for CONFIG_SECCOMP_FILTER (the code for which exists but never
executed in case /proc/self/status has Seccomp key).
Replace all this with a single call to prctl; see the long comment in
the code for details.
While at it, improve the IsEnabled documentation.
NOTE historically, parsing /proc/self/status was added after a concern
was raised in https://github.com/opencontainers/runc/pull/471 that
prctl(PR_GET_SECCOMP, ...) can result in the calling process being
killed with SIGKILL. This is a valid concern, so the new code here
does not use PR_GET_SECCOMP at all.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
fork/exec can fail and log a warning like this in containerd's log:
failed to clean up after shim disconnected error=": fork/exec /usr/local/bin/containerd-shim-[my-shim]: no such file or directory" id=test namespace=default
Passing the bundle path on the command line allows the shim delete
command to run successfully.
Signed-off-by: Samuel Karp <me@samuelkarp.com>
Deleting a non-empty namespace fails with
> namespace must be empty: failed precondition
This change improves the error message by listing the types of
the objects in the namespace that prevent deletion.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
When several goroutines call uncompress converter in parallel, the ref name
conflicts each other. This leads to Writer method failing with Unavaliable error
without retry.
For solving this issue, OpenWriter helper should be used. This allows them to
retry in such situations.
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
According to the doc about `config.toml` of containerd:
```
If no version number is specified inside the config file then it is assumed to
be a version 1 config and parsed as such.
```
However, it's not true recently.
This will break the backward-compatibility in some environment.
This commit fixes this issue.
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
A Scratch layer only contains a sandbox.vhdx, but to be used as a parent
layer, it must also contain the files on-disk.
Hence, we Export the layer from the sandbox.vhdx and Import it back into
itself, so that both data formats are present.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
