Commit Graph

129 Commits (b6b07d167b8d96ff756355a21a319621dd293a84)

Author SHA1 Message Date
Cory Bennett b464f1e315 update go-runc to use runc.ExitError for container exec status
Signed-off-by: Cory Bennett <cbennett@netflix.com>
2020-10-20 06:44:29 +00:00
Tõnis Tiigi 4177e7ca28
Merge pull request #1660 from tonistiigi/token-fetch
auth: fetch tokens from client side
2020-10-12 16:13:19 -07:00
Sebastiaan van Stijn 3cbd99ce86
vendor: sirupsen/logrus v1.7.0
full diff: https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0

removes dependency on github.com/konsorten/go-windows-terminal-sequences

Features:
   * a new buffer pool management API has been added
   * a set of `<LogLevel>Fn()` functions have been added

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-30 13:53:45 +02:00
Sebastiaan van Stijn a9d16cea41
go.mod: github.com/containerd/console v1.0.1
full diff: https://github.com/containerd/console/compare/v1.0.0...v1.0.1

Fixes compatibility with current versions of golang.org/x/sys

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-24 23:09:21 +02:00
Akihiro Suda 6361c6bad2
Merge pull request #1666 from ktock/sgz-oci
Enable to use stargz snapshotter without spawning plugin process
2020-09-17 16:00:19 +09:00
Tonis Tiigi 1f94445456 auth: fetch tokens from client side
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-09-15 13:40:30 -07:00
Ilya Dmitrichenko 6e8fde8431
vendor: update containerd to d4e7820
Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
2020-09-07 10:40:09 +01:00
ktock fb7fe99311 Enable to use stargz snapshotter without spawning plugin process
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
2020-09-03 14:13:26 +09:00
Tonis Tiigi d33756e17b vendor: update containerd to efa0e809
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-08-30 23:04:25 -07:00
Sebastiaan van Stijn 546704520f
vendor: github.com/pkg/profile v1.5.0
full diff: https://github.com/pkg/profile/compare/v1.2.1...v1.5.0

v1.5.0
-------------------------

- Add MemProfileType to allow overriding type of memory profile
- Make Go 1.13 the minimum supported Go version.

v1.4.0
-------------------------

- Added goroutine profiling

v1.3.0
-------------------------

- Add ThreadcreationProfile
- Bump Go versions

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-08-24 10:56:12 +02:00
Sebastiaan van Stijn 4d4287c05f
vendor: github.com/gofrs/flock v0.7.3
full diff: https://github.com/gofrs/flock/compare/v0.7.0...v0.7.3

v0.7.3
-------------------------

- Fix issues in the license file, update year.

v0.7.2
-------------------------

- Ensure we release file handle if we failed to take an exclusive lock

v0.7.1
-------------------------

- Fix linting issues and add goreportcard badge

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-08-24 10:55:23 +02:00
Akihiro Suda 4da183e083
update containerd to v1.4.0, runc to v1.0.0-rc92
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-08-18 22:19:53 +09:00
Tonis Tiigi ec756078f3 vendor: update containerd to fa1220fce
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-08-10 20:12:46 -07:00
Sebastiaan van Stijn 844c40a4de
vendor: update opentracing-go v1.2.0, go-stdlib v1.0.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-30 11:16:27 +02:00
Tonis Tiigi 53b2f321e8 vendor: update containerd to eb6354a11
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-28 17:48:03 -07:00
Tonis Tiigi dc95525191 vendor: update fsutil to c3ed55f3b4
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-26 23:25:00 -07:00
Sebastiaan van Stijn 3890bbe6f7
vendor: update tonistiigi/fsutil v0.0.0-20200720184806-8f851f9d2045
full diff: ae3a8d7530...8f851f9d20

notable changes:

- walker: fix notadir error
- improving error returns
    - more typed errors
    - remove extra verbosity (eg. PathError already contains action and path)
    - ensure stack traces are added to errors

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-23 17:05:59 +02:00
Paul "TBBle" Hampson dc2574ceae Implement separate handling for Windows Network namespaces
The Windows API is completely different, so the common code cannot
create the unique identifier, but must accept what the OS-specific code
does.

For Linux, it's a pathname. In Windows, it's a GUID string.

This pulls in direct usage of Microsoft/hcsshim, which previously was
only an indirect usage via containerd calls from, e.g., localMounter on
Windows.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-07-21 16:31:31 +10:00
Sebastiaan van Stijn 17e495e01a
vendor: update containerd and dependencies to current master
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-14 21:01:44 +02:00
Sebastiaan van Stijn 33b547d29e
vendor: uber/jaeger-client-go v2.11.2
full diff: https://github.com/jaegertracing/jaeger-client-go/compare/e02c85f9069e...v2.11.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-11 20:07:06 +02:00
Sebastiaan van Stijn e0e61e9bc6
vendor: mitchellh/hashstructure v1.0.0
adds a go.mod

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-11 19:54:15 +02:00
Tonis Tiigi 725f5e1207 grpc interceptors for errors
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-04-22 18:31:32 -07:00
Tonis Tiigi 4103a7478b vendor: remove unused packages
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-04-14 22:05:41 -07:00
Sam Whited c62983bbde all: run integration tests against dockerd
Signed-off-by: Sam Whited <sam@samwhited.com>
2020-04-08 23:27:17 -07:00
Xiaofan Zhang 0947ed31ea vendor: update fsutil to c2c7d7b0e144 and symlink test
Signed-off-by: Xiaofan Zhang <xiaofan.zhang@clinc.com>
2020-03-31 02:59:34 +00:00
Akihiro Suda 9f90f5a985 rootless: support fuse-overlayfs
While real overlayfs is available only in Ubuntu and Debian kernels,
fuse-overlayfs is universally available for kernel >= 4.18.

For dockerized deployment, `--device /dev/fuse` needs to be added to
`docker run` flags.

Kubernetes deployment needs a custom device plugin that enables
`/dev/fuse`, e.g. https://github.com/honkiko/k8s-hostdev-plugin

Instead of a device plugin, the device can be also enabled by setting
`securityContext.privileged` to `true`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-03-03 11:30:29 +09:00
Akihiro Suda 7b579cdb98 vendor: update containerd (and various packages)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-02-28 10:24:10 +09:00
Tonis Tiigi a60ecfa4ae vendor: restore dependency versions
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-02-24 17:31:01 -08:00
Zach Badgett 1efe7b145d Fix docker dependencies
Signed-off-by: Zach Badgett <zach.badgett@gmail.com>
2020-02-24 15:47:32 -08:00
Zach Badgett 820200aa1d Fix go.mod to be compatible with go1.13
Signed-off-by: Zach Badgett <zach.badgett@gmail.com>
2020-02-24 15:44:11 -08:00
Sebastiaan van Stijn b1b5f2e626
vendor: golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6
full diff: c2843e01d9...1d94cc7ab1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-19 13:01:06 +01:00
Tonis Tiigi 469e7552d0 fileop: keep correct user for parent dir on userns
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-01-28 11:36:42 -08:00
Sebastiaan van Stijn e0ac63481a
vendor: update containerd/continuity to 26c1120b8d4107d2471b93ad78ef7ce1fc84c4c4
full diff: 75bee3e2cc...26c1120b8d

- containerd/continuity#109 Add OpenBSD support for fs subpackage
- containerd/continuity#144 Support Go Modules
- containerd/continuity#147 xattr lost when copying directory
- containerd/continuity#148 fs: don't convert syscall.Timespec to unix.Timespec directly (doesn't work with gccgo)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-13 13:46:10 +01:00
Sebastiaan van Stijn 6a06e8b2f3
vendor: update fsutil 0f039a052ca1
full diff: 3d2716dd0a...0f039a052c

- tonistiigi/fsutil#68 fix gocrypto commit
- tonistiigi/fsutil#69 receive: use filter on receive diff
    - prevents incremental transfers with userns because the metadata
      on disk is always different than the one being transferred.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-08 16:50:25 +01:00
Sam Whited 00bfbab039 all: bump the systemd dep to use Go Modules
Signed-off-by: Sam Whited <sam@samwhited.com>
2019-11-11 10:45:43 -05:00
Tonis Tiigi 31a9aeea88 cache: add migration flow to new lease based format
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-10-16 10:35:49 -07:00
Tonis Tiigi 08194783e0 cache: update unit tests to new cache manager constructor
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-10-16 10:34:50 -07:00
Akihiro Suda c6641fb6d0 vendor containerd
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-10-16 18:28:19 +09:00
Derek McGowan d5108d038d Update to containerd 1.3.0
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2019-09-30 14:45:18 -07:00
Tonis Tiigi 211e20a587 vendor: update containerd to v1.3.0-rc.2
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-09-20 14:59:57 -07:00
Tonis Tiigi 5756b62927 vendor: update containerd to v1.3.0-rc.1
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-09-19 15:52:26 -07:00
Tonis Tiigi e3e13ad204 vendor: update go-runc to e029b79d
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-09-11 10:57:14 -07:00
Tonis Tiigi eba10d51b9 vendor: update containerd to v1.3.0-rc.0
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-09-05 17:13:39 -07:00
Tibor Vass aa3ad5f985 vendor fsutil to 3d2716dd0a4d to fix sockets handling
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-08-27 20:53:37 +00:00
Tibor Vass bd8f49ed58 dockerfile: add TestCopySocket test + vendor needed continuity fix
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-08-27 20:53:37 +00:00
Tonis Tiigi fdce39046a vendor: update containerd to v1.3.0-beta.2
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-08-21 20:22:55 -07:00
Tonis Tiigi 5d617c557d vendor: update containerd to f0821348
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-08-20 17:03:04 -07:00
Tonis Tiigi 615347271d vendor: update containerd to 1.3.0-beta.0
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-08-20 17:00:47 -07:00
Tonis Tiigi fb3f2aeb63 client: add test for output target exists
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-07-31 10:21:26 -07:00
Akihiro Suda d750cb188a
Merge pull request #1073 from tonistiigi/cni-net
add cni networking support
2019-07-19 10:47:27 +09:00
Tibor Vass 7901ac88e0 vendor: update containerd to 7c1e88399
To update containerd with go mod, it is NOT possible to simply do:

```
go get github.com/containerd/containerd@7c1e88399ec0
```

because it would result in:

```
v1.2.1-0.20190507210959-7c1e88399ec0
```

which is an incorrect version prefix as we want the commit 7c1e88399
from master to have higher priority than a tagged version such as v1.2.*

We want to use a `v1.3.0-0.` prefix even though v1.3.* tags do not exist,
so that when they do, those do have higher priority compared to 7c1e88399.
In other words, containerd's master branch corresponds to a v1.3 dev branch.

The following was thus used to update containerd:

```
go get -d github.com/containerd/containerd@v1.3.0-0.20190507210959-7c1e88399ec0
go get -d github.com/opencontainers/runc@v1.0.0-rc8
make vendor
```

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-07-16 18:31:47 +00:00
Tonis Tiigi 0d22b5056f exporter: keep lease when exporting images
As manifests may be temporary if the same image is built in parallel one build can delete the manifest+config before the export for another finishes.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-07-12 13:12:45 -07:00
Tonis Tiigi bc7a6f2556 add cni networking support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-07-10 14:42:30 -07:00
Tibor Vass 8e692507ee executor: allow setting DNSConfig to be used by resolvconf
This patch allows downstream code to pass a DNSConfig that is
then used by executor/oci.GetResolvConf.

This would allow the BuildKit-based builder in Docker to honor
the docker daemon's DNS configuration, thus fixing a feature gap
with the legacy builder.

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-06-17 20:43:33 +00:00
Tibor Vass 749294397b executor: use systemd resolvconf if enabled
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-06-04 15:22:47 +00:00
Tonis Tiigi 8e25187cc7 pull: fix content blobs deletion on pull race
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-05-28 14:39:05 -07:00
Akihiro Suda eebb08f4f6 bump google.golang.org/grpc v1.20.1
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-05-12 15:20:02 +09:00
Akihiro Suda 0dee033264 buildkitd: support sd_notify
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-05-09 03:06:29 +09:00
Tõnis Tiigi 3c78a9c736
Merge pull request #909 from fuweid/me-allow-unpack-action
exporter: support unpack opt for image exporter
2019-04-26 14:04:48 -07:00
Tonis Tiigi ac18391f2b vendor: update containerd and continuity
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-25 23:33:52 -07:00
Tonis Tiigi 9c70c31a51 vendor: patch differ deadlock
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-25 22:50:38 -07:00
Wei Fu ffad8ada79 exporter: support unpack opt for image exporter
It is enhancement which allows to unpack image into containerd
snapshotter storage by `--output type=image,<.>=<.>,unpack=true`.

In order to support this feature, we needs to extend the Snapshotter
witwh `Name() string` function. Because we needs to set gc label for
snapshotter which need snapshotter name.

fix: #908

Signed-off-by: Wei Fu <fuweid89@gmail.com>
2019-04-24 21:24:06 +08:00
Akihiro Suda aa9c666e16 add example/kube-consistent-hash
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-04-23 19:35:29 +09:00
Tonis Tiigi 894da35fed fix unit tests for idmapping support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-02 20:35:18 -07:00
Tonis Tiigi ad81e72aa3 vendor: add vt100
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-01 19:49:04 -07:00
Akihiro Suda 4f4bcade64
Merge pull request #907 from tonistiigi/tarball-exporter
exporter: add tarball exporter
2019-03-29 12:29:00 +09:00
Tõnis Tiigi 758c61e873
Merge pull request #570 from kunalkushwaha/entirlement-revised
security entitlement support
2019-03-28 16:14:06 -07:00
Tonis Tiigi c1a1d7033d exporter: add tar exporter
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-27 09:40:24 -07:00
Tonis Tiigi 01a8de7d74 integration: secmode switch support and security testcase
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
2019-03-27 13:57:03 +09:00
Akihiro Suda 2f007a47a9 client: add docker:// connhelper
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-26 21:25:01 +09:00
Akihiro Suda fbf04740d6 update containerd
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-22 15:28:33 +09:00
Tonis Tiigi d8cd5f49cd vendor: update docker to e7b5f7dbe98c
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-19 17:54:39 -07:00
Tonis Tiigi e8432d677b vendor: update fsutil to 1bdbf123ad
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-18 19:11:39 -07:00
Tonis Tiigi 33955c9b9e vendor: revendor new packages
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-15 17:49:58 -07:00
Tonis Tiigi 171feaafeb vendor: add fsutil copy package
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-15 17:49:44 -07:00
Tonis Tiigi 4ac089a7b6 vendor: update fsutil to 1ec198358
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-14 15:18:50 -07:00
Tonis Tiigi 632797cef0 vendor: udpate fsutil to b4281fa
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-05 17:34:01 -08:00
Derek McGowan edd603e4cd Update containerd vendor
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2019-02-13 11:03:48 -08:00
Tibor Vass ad8b35e3d4 Migrate from vndr to go mod
go get -u github.com/tiborvass/gomod
  GO111MODULE=on gomod init
  GO111MODULE=on go mod tidy
  GO111MODULE=on go mod vendor

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-01-31 22:44:47 +00:00