Use sha256 hash to shorten the unix socket path to satisfy the
length limitation of abstract socket path
This commit also backports the feature storing address path to
a file from v2 to keep compatibility
Fixes#3032
Signed-off-by: Eric Lin <linxiulei@gmail.com>
megacheck, gosimple and unused has been deprecated and subsumed by
staticcheck. And staticcheck also has been upgraded. we need to update
code for the linter issue.
close: #2945
Signed-off-by: Wei Fu <fuweid89@gmail.com>
These tests would have failed if any image had a USER declaration in it,
but because the test image never has, these were never caught. Adding
supplemental GIDs on any image revealed the issue.
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
This allows many different commands to be used as OCI hooks. It allows
these commands to template out different args and env vars so that
normal commands can accept the OCI spec State payload over stdin.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This prevents `task.Wait()` to return an error if it is called before the task
is started.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
This makes sure the client is always in sync with the server before
performing any type of operations on the container metadata.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This is needed for users on kernel older than 3.18 so they can avoid EBUSY
errors when trying to unlink, rename or remove a mountpoint that is present in
a shim namespace.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
To allow for updating extensions without collisions, we have moved to
using a map type that can be explicitly selected via the field path for
updates. This ensures that multiple parties can operate on their
extensions without stepping on each other's toes or incurring an
inordinate number of round trips.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
This field allows a client to store specialized information in the
container metadata rather than having to store this itself and keep
the data in sync with containerd.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
In order to do more advanced spec generation with images, snapshots,
etc, we need to inject the context and client into the spec generation
code.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This allows clients an easier way to interact with the fifos for a
container without having to use the built in copyIO functions when
opening fifos.
It's nothing that clients could not have already coded but since we use
this type of functionality in the tests it makes sense to add an
implementation here.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Instead of requiring callers to read the struct fields to check for an
error, provide the exit results via a function instead which is more
natural.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
In all of the examples, its recommended to call `Wait()` before starting
a process/task.
Since `Wait()` is a blocking call, this means it must be called from a
goroutine like so:
```go
statusC := make(chan uint32)
go func() {
status, err := task.Wait(ctx)
if err != nil {
// handle async err
}
statusC <- status
}()
task.Start(ctx)
<-statusC
```
This means there is a race here where there is no guarentee when the
goroutine is going to be scheduled, and even a bit more since this
requires an RPC call to be made.
In addition, this code is very messy and a common pattern for any caller
using Wait+Start.
Instead, this changes `Wait()` to use an async model having `Wait()`
return a channel instead of the code itself.
This ensures that when `Wait()` returns that the client has a handle on
the event stream (already made the RPC request) before returning and
reduces any sort of race to how the stream is handled by grpc since we
can't guarentee that we have a goroutine running and blocked on
`Recv()`.
Making `Wait()` async also cleans up the code in the caller drastically:
```go
statusC, err := task.Wait(ctx)
if err != nil {
return err
}
task.Start(ctx)
status := <-statusC
if status.Err != nil {
return err
}
```
No more spinning up goroutines and more natural error
handling for the caller.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
We were not checking the error value of `Kill` leading to deadlock if the
process didn't exist.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
This adds null IO option for efficient handling of IO.
It provides a container directly with `/dev/null` and does not require
any io.Copy within the shim whenever a user does not want the IO of the
container.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Add an option that allows users for force kill and delete a process/task
when calling `Delete`
Fixes#1274
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
