ForceRemoveAll has special logic on Windows for cleaning up a Windows
snapshotter directory. The logic was missing proper handling for an
error case that can be returned in some cases.
This fixes the CI failure seen in #5326.
Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
Looks like we had our own copy of the "getDevices" code already, so use
that code (which also matches the code that's used to _generate_ the spec,
so a better match).
Moving the code to a separate file, I also noticed that the _unix and _linux
code was _exactly_ the same (baring some `//nolint:` comments), so also
removing the duplicated code.
With this patch applied, we removed the dependency on the libcontainer/devices
package (leaving only libcontainer/user).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(this was introduced in 44240116aa)
Setting the oom-score-adj to -1000 is only possible if the parent process
either has no score set, or if the score is set to -1000.
However, the current implementation of GetOOMScoreAdj conflates situations
where either _no_ oom-score is set, _or_ oom-score is set, but set to 0.
In the latter case, the test would fail:
--- FAIL: TestSetOOMScoreBoundaries (0.01s)
oom_linux_test.go:79: assertion failed: 0 (adjustment int) != -1000 (OOMScoreAdjMin int)
FAIL
To prevent failures in this situation, skip that part of the test in the
above situation.
Also update the description of GetOOMScoreAdj to clarify its behavior.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```bash
curl -s https://mirror.gcr.io//v2/library/busybox/tags/list | jq '[.tags ]'
[
[
"1.26.2",
"1.27.2",
"1.28",
"1.29",
"1.29.2",
"1.30",
"1.30.1",
"1.31",
"1.31.0",
"1.31.1",
"1.32.0"
]
]
```
The latest is gone. I think we should setup image in github container
registry for CI if possible.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
The shim.SetScore() utility was no longer used since 7dfc605fc6.
Checking for uses outside of this repository, I found only one external use of
this in gVisor; a9441aea27/pkg/shim/service.go (L262-L264)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
SetOOMScore requires both privileged (root) and non-user namespace,
for negative values, so adjust the pre-conditions accordingly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These are currently only used inside this package, so we might
as well un-export them until we need them elsewhere.
Also updated SetOOMScore() to first check for privileged; check for privileged
looks to be the "faster" path, and checking it first could (in case of non-
privileged) save having to read and parse /proc/self/uid_map.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Move `pkg/cri/opts.WithoutRunMount` function to `oci.WithoutRunMount`
so that it can be used without dependency on CRI.
Also add `oci.WithoutMounts(dests ...string)` for generality.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The `(dockerPusher).Push` method uses a `StatusTracker` to check if an
upload already happened, before repeating the upload. However, there is
no provision for failure handling. If a PUT request returns an error,
the `StatusTracker` will still see the upload as if it happened
successfully. Add a status boolean so that only successful uploads
short-circuit `Push`.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
cri-tools is hardcoded to use images which are broken
within their registry. Disable the tests to unblock
CI until fixed.
Signed-off-by: Derek McGowan <derek@mcg.dev>
This allows a pusher to be used for more than one tag without creating a
new resolver/pusher. The current implementation checks the ref key
tracker status based on type and hash and will skip the push even if the
repository reference is unique.
Signed-off-by: Phil Estes <estesp@amazon.com>
Currently, `image.GetDiffID` cannot calculate DiffID of zstd layers because it
directly uses `compress/gzip` decompressor.
This commit fixes this issue by using the generic decompressor.
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
