Bump CNI to v1.0.1

Update CNI so we can match wrapped errors. This should silence ENOENT
warnings when trying to read the cni conflist files.

Fixes #10926

Because CNI v1.0.0 contains breaking changes we have to change some
import paths. Also we cannot update the CNI version used for the
conflist files created by `podman network create` because this would
require at least containernetwork-plugins v1.0.1 and a updated dnsname
plugin. Because this will take a while until it lands in most distros
we should not use this version. So keep using v0.4.0 for now.

The update from checkpoint-restore/checkpointctl is also required to
make sure it no longer uses CNI to read the network status.

[NO TESTS NEEDED]

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

4 files changed, 15 insertions, 14 deletions

diff --git a/libpod/container.go b/libpod/container.go
index 7d602326e..5c56ff036 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -8,7 +8,7 @@ import (
 	"os"
 	"time"
 
-	cnitypes "github.com/containernetworking/cni/pkg/types/current"
+	types040 "github.com/containernetworking/cni/pkg/types/040"
 	"github.com/containers/common/pkg/secrets"
 	"github.com/containers/image/v5/manifest"
 	"github.com/containers/podman/v3/libpod/define"
@@ -176,7 +176,7 @@ type ContainerState struct {
 	// active.
 	// These are DEPRECATED and will be removed in a future release.
 	// This field is only used for backwarts compatibility.
-	NetworkStatusOld []*cnitypes.Result `json:"networkResults,omitempty"`
+	NetworkStatusOld []*types040.Result `json:"networkResults,omitempty"`
 	// NetworkStatus contains the network Status for all networks
 	// the container is attached to. Only populated if we created a network
 	// namespace for the container, and the network namespace is currently
diff --git a/libpod/network/cni/cni_conversion.go b/libpod/network/cni/cni_conversion.go
index d69dd7eb3..7a73b874a 100644
--- a/libpod/network/cni/cni_conversion.go
+++ b/libpod/network/cni/cni_conversion.go
@@ -14,7 +14,6 @@ import (
 	"time"
 
 	"github.com/containernetworking/cni/libcni"
-	"github.com/containernetworking/cni/pkg/version"
 	"github.com/containers/podman/v3/libpod/network/types"
 	"github.com/containers/podman/v3/libpod/network/util"
 	pkgutil "github.com/containers/podman/v3/pkg/util"
@@ -283,7 +282,10 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ
 		ipMasq = false
 	}
 	// create CNI plugin configuration
-	ncList := newNcList(network.Name, version.Current(), network.Labels, network.Options)
+	// explicitly use CNI version 0.4.0 here, to use v1.0.0 at least containernetwork-plugins-1.0.1 has to be installed
+	// the dnsname plugin also needs to be updated for 1.0.0
+	// TODO change to 1.0.0 when most distros support it
+	ncList := newNcList(network.Name, "0.4.0", network.Labels, network.Options)
 	var plugins []interface{}
 
 	switch network.Driver {
diff --git a/libpod/network/cni/network.go b/libpod/network/cni/network.go
index d77e63a5d..02801641e 100644
--- a/libpod/network/cni/network.go
+++ b/libpod/network/cni/network.go
@@ -127,7 +127,7 @@ func (n *cniNetwork) loadNetworks() error {
 		conf, err := libcni.ConfListFromFile(file)
 		if err != nil {
 			// do not log ENOENT errors
-			if !os.IsNotExist(err) {
+			if !errors.Is(err, os.ErrNotExist) {
 				logrus.Warnf("Error loading CNI config file %s: %v", file, err)
 			}
 			continue
diff --git a/libpod/network/cni/run.go b/libpod/network/cni/run.go
index b69953c4b..834e7c867 100644
--- a/libpod/network/cni/run.go
+++ b/libpod/network/cni/run.go
@@ -10,7 +10,7 @@ import (
 
 	"github.com/containernetworking/cni/libcni"
 	cnitypes "github.com/containernetworking/cni/pkg/types"
-	"github.com/containernetworking/cni/pkg/types/current"
+	types040 "github.com/containernetworking/cni/pkg/types/040"
 	"github.com/containernetworking/plugins/pkg/ns"
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/libpod/network/types"
@@ -107,14 +107,9 @@ func (n *cniNetwork) Setup(namespacePath string, options types.SetupOptions) (ma
 			return nil, retErr
 		}
 
-		var cnires *current.Result
-		cnires, retErr = current.GetResult(res)
-		if retErr != nil {
-			return nil, retErr
-		}
-		logrus.Debugf("cni result for container %s network %s: %v", options.ContainerID, name, cnires)
+		logrus.Debugf("cni result for container %s network %s: %v", options.ContainerID, name, res)
 		var status types.StatusBlock
-		status, retErr = CNIResultToStatus(cnires)
+		status, retErr = CNIResultToStatus(res)
 		if retErr != nil {
 			return nil, retErr
 		}
@@ -125,8 +120,12 @@ func (n *cniNetwork) Setup(namespacePath string, options types.SetupOptions) (ma
 
 // CNIResultToStatus convert the cni result to status block
 // nolint:golint
-func CNIResultToStatus(cniResult *current.Result) (types.StatusBlock, error) {
+func CNIResultToStatus(res cnitypes.Result) (types.StatusBlock, error) {
 	result := types.StatusBlock{}
+	cniResult, err := types040.GetResult(res)
+	if err != nil {
+		return result, err
+	}
 	nameservers := make([]net.IP, 0, len(cniResult.DNS.Nameservers))
 	for _, nameserver := range cniResult.DNS.Nameservers {
 		ip := net.ParseIP(nameserver)