diff options
356 files changed, 9026 insertions, 12286 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 5087a00eb..7a9494b9c 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -144,24 +144,24 @@ build_task: image_name: "${VM_IMAGE_NAME}" # from stdenvars matrix: &platform_axis # Ref: https://cirrus-ci.org/guide/writing-tasks/#matrix-modification - - env: &stdenvars + - env: &stdenvars DISTRO_NV: ${FEDORA_NAME} # Not used here, is used in other tasks VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} CTR_FQIN: ${FEDORA_CONTAINER_FQIN} # ID for re-use of build output _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - - env: + - env: &priorfedora_envvars DISTRO_NV: ${PRIOR_FEDORA_NAME} VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} _BUILD_CACHE_HANDLE: ${PRIOR_FEDORA_NAME}-build-${CIRRUS_BUILD_ID} - - env: + - env: &ubuntu_envvars DISTRO_NV: ${UBUNTU_NAME} VM_IMAGE_NAME: ${UBUNTU_CACHE_IMAGE_NAME} CTR_FQIN: ${UBUNTU_CONTAINER_FQIN} _BUILD_CACHE_HANDLE: ${UBUNTU_NAME}-build-${CIRRUS_BUILD_ID} - - env: + - env: &priorubuntu_envvars DISTRO_NV: ${PRIOR_UBUNTU_NAME} VM_IMAGE_NAME: ${PRIOR_UBUNTU_CACHE_IMAGE_NAME} CTR_FQIN: ${PRIOR_UBUNTU_CONTAINER_FQIN} @@ -404,7 +404,16 @@ unit_test_task: only_if: *not_docs depends_on: - validate - matrix: *platform_axis + matrix: + - env: *stdenvars + - env: *priorfedora_envvars + - env: *ubuntu_envvars + - env: *priorubuntu_envvars + # Special-case: Rootless on latest Fedora (standard) VM + - name: "Rootless unit on $DISTRO_NV" + env: + <<: *stdenvars + PRIV_NAME: rootless gce_instance: *standardvm env: TEST_FLAVOR: unit @@ -258,7 +258,7 @@ test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go) .PHONY: codespell codespell: - codespell -S bin,vendor,.git,go.sum,changelog.txt,.cirrus.yml,"RELEASE_NOTES.md,*.xz,*.gz,*.ps1,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked,splitted,marge,ERRO,hist,ether -w + codespell -S bin,vendor,.git,go.sum,.cirrus.yml,"RELEASE_NOTES.md,*.xz,*.gz,*.ps1,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,copyimg,*.orig,apidoc.go" -L uint,iff,od,seeked,splitted,marge,ERRO,hist,ether -w .PHONY: validate validate: gofmt lint .gitvalidation validate.completions man-page-check swagger-check tests-included tests-expect-exit @@ -469,17 +469,6 @@ swagger: pkg/api/swagger.yaml docker-docs: docs (cd docs; ./dckrman.sh ./build/man/*.1) -.PHONY: changelog -changelog: ## Generate updated changelog.txt from git logs - @echo "Creating changelog from $(CHANGELOG_BASE) to $(CHANGELOG_TARGET)" - $(eval TMPFILE := $(shell mktemp podman_tmp_XXXX)) - $(shell cat changelog.txt > $(TMPFILE)) - $(shell echo "- Changelog for $(CHANGELOG_TARGET) ($(ISODATE)):" > changelog.txt) - $(shell git log --no-merges --format=" * %s" $(CHANGELOG_BASE)..$(CHANGELOG_TARGET) >> changelog.txt) - $(shell echo "" >> changelog.txt) - $(shell cat $(TMPFILE) >> changelog.txt) - $(shell rm $(TMPFILE)) - # Workaround vim syntax highlighting bug: " ### @@ -503,7 +492,6 @@ run-docker-py-tests: .PHONY: localunit localunit: test/goecho/goecho - hack/check_root.sh make localunit rm -rf ${COVERAGE_PATH} && mkdir -p ${COVERAGE_PATH} $(GOBIN)/ginkgo \ -r \ @@ -5,7 +5,7 @@ Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of containers. Podman is based on libpod, a library for container lifecycle management that is also contained in this repository. The libpod library provides APIs for managing containers, pods, container images, and volumes. -* [Latest Version: 3.3.0](https://github.com/containers/podman/releases/latest) +* [Latest Version: 3.3.1](https://github.com/containers/podman/releases/latest) * Latest Remote client for Windows * Latest Remote client for macOS * Latest Static Remote client for Linux diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 9649e7abb..b9b94dbb3 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,17 @@ # Release Notes +## 3.3.1 +### Bugfixes +- Fixed a bug where unit files created by `podman generate systemd` could not cleanup shut down containers when stopped by `systemctl stop` ([#11304](https://github.com/containers/podman/issues/11304)). +- Fixed a bug where `podman machine` commands would not properly locate the `gvproxy` binary in some circumstances. +- Fixed a bug where containers created as part of a pod using the `--pod-id-file` option would not join the pod's network namespace ([#11303](https://github.com/containers/podman/issues/11303)). +- Fixed a bug where Podman, when using the systemd cgroups driver, could sometimes leak dbus sessions. +- Fixed a bug where the `until` filter to `podman logs` and `podman events` was improperly handled, requiring input to be negated ([#11158](https://github.com/containers/podman/issues/11158)). +- Fixed a bug where rootless containers using CNI networking run on systems using `systemd-resolved` for DNS would fail to start if resolved symlinked `/etc/resolv.conf` to an absolute path ([#11358](https://github.com/containers/podman/issues/11358)). + +### API +- A large number of potential file descriptor leaks from improperly closing client connections have been fixed. + ## 3.3.0 ### Features - Containers inside VMs created by `podman machine` will now automatically handle port forwarding - containers in `podman machine` VMs that publish ports via `--publish` or `--publish-all` will have these ports not just forwarded on the VM, but also on the host system. diff --git a/RELEASE_PROCESS.md b/RELEASE_PROCESS.md index e063fa617..bdf8aca88 100644 --- a/RELEASE_PROCESS.md +++ b/RELEASE_PROCESS.md @@ -164,10 +164,6 @@ spelled with complete minutiae. `git checkout -b bump_vX.Y.Z`. 1. Lookup the *COMMIT ID* of the last release, `git log -1 $(git tag | sort -V | tail -1)`. - 1. Run `make changelog CHANGELOG_BASE=`*COMMIT ID*. This will modify the - `changelog.txt` file. Manually edit it to change the first line - (“Changelog for …”) to include the current (new) release version number. - For example, `- Changelog for v2.1.0 (2020-09-22):`. 1. Edit `version/version.go` and bump the `Version` value to the new release version. If there were API changes, also bump `APIVersion` value. 1. Commit this and sign the commit (`git commit -a -s -S`). The commit message diff --git a/changelog.txt b/changelog.txt deleted file mode 100644 index b1c4b4756..000000000 --- a/changelog.txt +++ /dev/null @@ -1,6837 +0,0 @@ -- Changelog for v3.2.0-rc1 (2021-05-05) - * migrate Podman to containers/common/libimage - * add --mac-address to podman play kube - * compat api: Networks must be empty instead of null - * System tests: honor $OCI_RUNTIME (for CI) - * is this a bug? - * system test image: add arm64v8 image - * Fix troubleshooting documentation on handling sublemental groups. - * Add --all to podman start - * Fix variable reference typo. in multi-arch image action - * cgroup: always honor --cgroup-parent with cgroupfs - * Bump github.com/uber/jaeger-client-go - * Don't require tests for github-actions & metadata - * Detect if in podman machine virtual vm - * Fix multi-arch image workflow typo - * [CI:DOCS] Add titles to remote docs (windows) - * Remove unused VolumeList* structs - * Cirrus: Update F34beta -> F34 - * Update container image docs + fix unstable execution - * Bump github.com/containers/storage from 1.30.0 to 1.30.1 - * TODO complete - * Docker returns 'die' status rather then 'died' status - * Check if another VM is running on machine start - * [CI:DOCS] Improve titles of command HTML pages - * system tests: networking: fix another race condition - * Use seccomp_profile as default profile if defined in containers.conf - * Bump github.com/json-iterator/go from 1.1.10 to 1.1.11 - * Vendored - * Autoupdate local label functional - * System tests: fix two race conditions - * Add more documentation on conmon - * Allow docker volume create API to pass without name - * Cirrus: Update Ubuntu images to 21.04 - * Skip blkio-weight test when no kernel BFQ support - * rootless: Tell the user what was led to the error, not just what it is - * Add troubleshooting advice about the --userns option. - * Fix images prune filter until - * Fix logic for pushing stable multi-arch images - * Fixes generate kube incorrect when bind-mounting "/" and "/root" - * libpod/image: unit tests: don't use system's registries.conf.d - * runtime: create userns when CAP_SYS_ADMIN is not present - * rootless: attempt to copy current mappings first - * [CI:DOCS] Restore missing content to manpages - * [CI:DOCS] Fix Markdown layout bugs - * Fix podman ps --filter ancestor to match exact ImageName/ImageID - * Add machine-enabled to containers.conf for machine - * Several multi-arch image build/push fixes - * Add podman run --timeout option - * Parse slirp4netns net options with compat api - * Fix rootlesskit port forwarder with custom slirp cidr - * Fix removal race condition in ListContainers - * Add github-action workflow to build/push multi-arch - * rootless: if root is not sub?id raise a debug message - * Bump github.com/containers/common from 0.36.0 to 0.37.0 - * Add go template shell completion for --format - * Add --group-add keep-groups: suplimentary groups into container - * Fixes from make codespell - * Typo fix to usage text of --compress option - * corrupt-image test: fix an oops - * Add --noheading flag to all list commands - * Bump github.com/containers/storage from 1.29.0 to 1.30.0 - * Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1 - * [CI:DOCS] Fix Markdown table layout bugs - * podman-remote should show podman.sock info - * rmi: don't break when the image is missing a manifest - * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md - * Add support for CDI device configuration - * [CI:DOCS] Add missing dash to verbose option - * Bump github.com/uber/jaeger-client-go - * Remove an advanced layer diff function - * Ensure mount destination is clean, no trailing slash - * add it for inspect pidfile - * [CI:DOCS] Fix introduction page typo - * support pidfile on container restore - * fix start it - * skip pidfile test on remote - * improve document - * set pidfile default value int containerconfig - * add pidfile in inspection - * add pidfile it for container start - * skip pidfile it on remote - * Modify according to comments - * WIP: drop test requirement - * runtime: bump required conmon version - * runtime: return findConmon to libpod - * oci: drop ExecContainerCleanup - * oci: use `--full-path` option for conmon - * use AttachSocketPath when removing conmon files - * hide conmon-pidfile flag on remote mode - * Fix possible panic in libpod/image/prune.go - * add --ip to podman play kube - * add flag autocomplete - * add ut - * add flag "--pidfile" for podman create/run - * Add network bindings tests: remove and list - * Fix build with GO111MODULE=off - * system tests: build --pull-never: deal with flakes - * compose test: diagnose flakes v3 - * podman play kube apply correct log driver - * Fixes podman-remote save to directories does not work - * Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2 - * Update documentation of podman-run to reflect volume "U" option - * Fix flake on failed podman-remote build : try 2 - * compose test: ongoing efforts to diagnose flakes - * Test that we don't error out on advertised --log-level values - * At trace log level, print error text using %+v instead of %v - * pkg/errorhandling.JoinErrors: don't throw away context for lone errors - * Recognize --log-level=trace - * Fix flake on failed podman-remote build - * System tests: fix racy podman-inspect - * Fixes invalid expression in save command - * Bump github.com/containers/common from 0.35.4 to 0.36.0 - * Update nix pin with `make nixpkgs` - * compose test: try to get useful data from flakes - * Remove in-memory state implementation - * Fix message about runtime to show only the actual runtime - * System tests: setup: better cleanup of stray images - * Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1 - * Reflect current state of prune implementation in docs - * Do not delete container twice - * [CI:DOCS] Correct status code for /pods/create - * vendor in containers/storage v1.29.0 - * cgroup: do not set cgroup parent when rootless and cgroupfs - * Overhaul Makefile binary and release worflows - * Reorganize Makefile with sections and guide - * Simplify Makefile help target - * Don't shell to obtain current directory - * Remove unnecessary/not-needed release.txt target - * Fix incorrect version number output - * Exclude .gitignore from test req. - * Fix handling of $NAME and $IMAGE in runlabel - * Update podman image Dockerfile to support Podman in container - * Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0 - * Fix slashes in socket URLs - * Add network prune filters support to bindings - * Add support for play/generate kube volumes - * Update manifest API endpoints - * Fix panic when not giving a machine name for ssh - * cgroups: force 64 bits to ParseUint - * Bump k8s.io/api from 0.20.5 to 0.21.0 - * [CI:DOCS] Fix formatting of podman-build man page - * buildah-bud tests: simplify - * Add missing return - * Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1 - * speed up CI handling of images - * Volumes prune endpoint should use only prune filters - * Cirrus: Use Fedora 34beta images - * Bump go.sum + Makefile for golang 1.16 - * Exempt Makefile changes from test requirements - * Adjust libpod API Container Wait documentation to the code - * [CI:DOCS] Update swagger definition of inspect manifest - * use updated ubuntu images - * podman unshare: add --rootless-cni to join the ns - * Update swagger-check - * swagger: remove name wildcards - * Update buildah-bud diffs - * Handle podman-remote --arch, --platform, --os - * buildah-bud tests: handle go pseudoversions, plus... - * Fix flaking rootless compose test - * rootless cni add /usr/sbin to PATH if not present - * System tests: special case for RHEL: require runc - * Add --requires flag to podman run/create - * [CI:DOCS] swagger-check: compare operations - * [CI:DOCS] Polish swagger OpertionIDs - * [NO TESTS NEEDED] Update nix pin with `make nixpkgs` - * Ensure that `--userns=keep-id` sets user in config - * [CI:DOCS] Set all operation id to be compatibile - * Move operationIds to swagger:operation line - * swagger: add operationIds that match with docker - * Cirrus: Make use of shared get_ci_vm container - * Don't relabel volumes if running in a privileged container - * Allow users to override default storage opts with --storage-opt - * Add support for podman --context default - * Verify existence of auth file if specified - * fix machine naming conventions - * Initial network bindings tests - * Update release notes to indicate CVE fix - * Move socket activation check into init() and set global condition. - * Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0 - * Http api tests for network prune with until filter - * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns - * Fix typos --uidmapping and --gidmapping - * Add transport and destination info to manifest doc - * Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1 - * Add default template functions - * Fix missing podman-remote build options - * Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1 - * Add ssh connection to root user - * Add rootless docker-compose test to the CI - * Use the slrip4netns dns in the rootless cni ns - * Cleanup the rootless cni namespace - * Add new docker-compose test for two networks - * Make the docker-compose test work rootless - * Remove unused rootless-cni-infra container files - * Only use rootless RLK when the container has ports - * Fix dnsname test - * Enable rootless network connect/disconnect - * Move slirp4netns functions into an extra file - * Fix pod infra container cni network setup - * Add rootless support for cni and --uidmap - * rootless cni without infra container - * Recreate until container prune tests for bindings - * Remove --execute from podman machine ssh - * Fixed podman-remote --network flag - * Makefile: introduce install.docker-full - * Makefile: ensure install.docker creates BINDIR - * Fix unmount doc reference in image.rst - * Should send the OCI runtime path not just the name to buildah - * podman machine shell completion - * Fix handling of remove --log-rusage param - * Fix bindings prune containers flaky test - * [CI:DOCS] Add local html build info to docs/README.md - * Add podman machine list - * Trim white space from /top endpoint results - * Remove semantic version suffices from API calls - * podman machine init --ignition-path - * Document --volume from podman-remote run/create client - * Update main branch to reflect the release of v3.1.0 - * Silence podman network reload errors with iptables-nft - * Containers prune endpoint should use only prune filters - * resolve proper aarch64 image names - * APIv2 basic test: relax APIVersion check - * Add machine support for qemu-system-aarch64 - * podman machine init user input - * manpage xref: helpful diagnostic for unescaped dash-dash - * Bump to v3.2.0-dev - * swagger: update system version response body - * buildah-bud tests: reenable pull-never test - * [NO TESTS NEEDED] Shrink the size of podman-remote - * Add powershell completions - * [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted - * Fix long option format on docs.podman.io - * system tests: friendier messages for 2-arg is() - * service: use LISTEN_FDS - * man pages: correct seccomp-policy label - * rootless: use is_fd_inherited - * podman generate systemd --new do not duplicate params - * play kube: add support for env vars defined from secrets - * play kube: support optional/mandatory env var from config map - * play kube: prepare supporting other env source than config maps - * Add machine support for more Linux distros - * [NO TESTS NEEDED] Use same function podman-remote rmi as podman - * Podman machine enhancements - * Add problematic volume name to kube play error messages - * Fix podman build --pull-never - * [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS - * [NO TESTS NEEDED] Turn on podman-remote build --isolation - * Fix list pods filter handling in libpod api - * Remove resize race condition - * [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0 - * Use TMPDIR when commiting images - * Add RequiresMountsFor= to systemd generate - * Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3 - * Fix swapped dimensions from terminal.GetSize - * Rename podman machine create to init and clean up - * Correct json field name - * system tests: new interactive tests - * Improvements for machine - * libpod/image: unit tests: use a `registries.conf` for aliases - * libpod/image: unit tests: defer cleanup - * libpod/image: unit tests: use `require.NoError` - * Add --execute flag to podman machine ssh - * introduce podman machine - * Podman machine CLI and interface stub - * Support multi doc yaml for generate/play kube - * Fix filters in image http compat/libpod api endpoints - * Bump github.com/containers/common from 0.35.3 to 0.35.4 - * Bump github.com/containers/storage from 1.28.0 to 1.28.1 - * Check if stdin is a term in --interactive --tty mode - * [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot - * [NO TESTS NEEDED] Fix rootless volume plugins - * Ensure manually-created volumes have correct ownership - * Bump github.com/rootless-containers/rootlesskit - * Unification of until filter across list/prune endpoints - * Unification of label filter across list/prune endpoints - * fixup - * fix: build endpoint for compat API - * [CI:DOCS] Add note to mappings for user/group userns in build - * Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.3.0 - * Bump k8s.io/api from 0.20.1 to 0.20.5 - * Validate passed in timezone from tz option - * Fix system prune cmd user message with options - * WIP: run buildah bud tests using podman - * Fix containers list/prune http api filter behaviour - * System tests: reenable a bunch of skipped tests - * Generate Kubernetes PersistentVolumeClaims from named volumes - * Cleanup /libpod/images/load handler - * vendor: drop replace for github.com/syndtr/gocapability - * security: use the bounding caps with --privileged - * Bump github.com/containers/common from 0.35.0 to 0.35.3 - * Bump k8s.io/apimachinery from 0.20.4 to 0.20.5 - * Fix volumes and networks list/prune filters in http api - * Bump github.com/containers/storage from 1.25.0 to 1.28.0 - * add a dependabot config to automate vendoring - * Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 - * network prune filters for http compat and libpod api - * test: check for io.stat existence on cgroup v2 - * test: fix test for last crun/runc - * test: simplify cgroup path - * Latest crun/runc should handle blkio-weight test - * fix user message image prune --all - * Docs: removing secrets is safe for in-use secrets - * Downgrade github.com/coreos/go-systemd/v22 - * pkg/bindings/images.Build(): fix a race condition in error reporting - * Switch all builds to pull-never - * System test cleanup - * Fix for volumes prune in http compat api - * Fix remote client timezone test - * Do not leak libpod package into the remote client - * Split libpod/network package - * fix use with localhost (testing) - * add /auth for docker compatibility - * create endpoint for querying libpod networks - * Bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 - * sdnotify tests: try real hard to kill socat processes - * Fix array instead of one elem network http api - * Delete all containers and pods between tests - * apiv2 tests: finally fix POST as originally intended - * Document CONTAINERS_CONF/CONTAINERS_STORAGE_CONF Env variables - * Removing a non existing container API should return 404 - * Docs: Add docs to access APIs inside container - * options: append CLI graph driver options - * podman load: fix error handling - * podman cp: evaluate symlink correctly when copying from container - * rm pkg/api/handlers/libpod/copy.go - * podman cp: fix copying to a non-existent dir - * podman cp: fix ownership - * podman cp: ignore EPERMs in rootless mode - * vendor buildah@v1.19.8 - * apiv2 tests: add helpers to start/stop a local registry - * Bump to v3.1.0-dev - * allow the removal of storage images - * podman-remote build does not support volumes - * Update nix pin with `make nixpkgs` - * Bump github.com/coreos/go-systemd/v22 from 22.1.0 to 22.2.0 - * [Compat API] Also print successfully tagging images in /build endpoint - -- Changelog for v3.1.0-rc1 (2021-03-08) - * Compat API: Avoid trying to create volumes if they already exist - * Bump github.com/onsi/gomega from 1.10.5 to 1.11.0 - * Allow users to generate a kubernetes yaml off non running containers - * Bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1 - * turn hidden --trace into a NOP - * pkg/terminal: use c/storage/pkg/homedir - * build-arg - * Handle podman build --dns-search - * podman build --build-arg should fall back to environment - * Add support for podman build --ignorefile - * replace local mount consts with libpod/define - * separate file with mount consts in libpod/define - * Correct compat images/{name}/push response - * [NO TESTS NEEDED] Bump pre-commit-hooks version - * [ci skip] Bad formatting fix in build documentation - * Bump github.com/containernetworking/plugins to v0.9.1 - * podman-remote stop -time 0 does not work - * Do not return from c.stop() before re-locking - * Fix for podman network rm (-f) workflow - * Bump github.com/containers/buildah from 1.19.6 to 1.19.7 - * Add tests for selinux kvm/init labels - * Respect NanoCpus in Compat Create - * podman cp: support copying on tmpfs mounts - * image removal: ignore unknown-layer errors - * Fix cni teardown errors - * Use version package to track all versions - * Check for supportsKVM based on basename of the runtime - * Compat API: create volume source dirs on the host - * Makefile: add install.docker-docs-nobuild for packaging use - * Add /sys/fs/cgroup as readonly path in docs - * Add network summary to compat ps - * Fix possible panic with podman build --iidfile - * Add version field to secret compat list/inspect api - * Tidy duplicate log tests - * Fix support for podman build --timestamp - * Rewrite Rename backend in a more atomic fashion - * Use functions and defines from checkpointctl - * Move checkpoint/restore code to pkg/checkpoint/crutils - * Vendor in checkpointctl - * Support label type dict on compat build - * Makefile: install systemd services conditionally - * podman-system-service.1.md: fix timeout example - * swagger: update the libpodPutArchive operation verb - * Makefile: split install.docker-docs from install.docker - * Bump RootlessKit v0.14.0-beta.0 - * Compat api containers/json Ports field is null - * Bump github.com/cri-o/ocicni to latest master - * Refactor python tests to run against python3.9 - * APIv2 tests: make more maintainable - * [CI:DOCS] Improve release process docs - * podman rmi: handle corrupted storage better - * Enable cgroupsv2 rw mount via security-opt unmask - * podman-image-sign.1.md: typo fix - * compat api network ls accept both format options - * Enable no_hosts from containers.conf - * Correct compat images/create?fromImage response - * Fix parsing of Tmpfs field in compat create - * prune remotecommand dependency - * system test image: build it multiarch - * Updated based on Jhonce comments - * updated common to 0.35.0 - * Refactored file - * swagger: removes the schema type for PodSpecGenerator $ref - * podman-system-connection.1.md: fix copy/paste error - * Add dns search domains from cni response to resolv.conf - * Network connect error if net mode is not bridge - * Sort CapDrop in inspect to guarantee order - * podman upgrade tests - * test: ignore named hierarchies for cgroups=split - * container removal: handle already removed containers - * Bump github.com/rootless-containers/rootlesskit from 0.13.1 to 0.13.2 - * Bump k8s.io/apimachinery from 0.20.3 to 0.20.4 - * Add U volume flag to chown source volumes - * Replace Labels and Options nulls with {} in NetworkResource - * Cirrus: Temp. disable prior-fedora (F32) testing - * podman cp: test /dev/stdin correctly - * podman cp: treat /dev/stdout correctly - * cgroup: change cgroup deletion logic on v1 - * Fix podman network IDs handling - * pr-should-include-tests: recognized "renamed" tests - * --no-header flag implementation for generate systemd - * [NO TESTS NEEDED] Make binding util internal - * Two variations of --new flag added to e2e - * swagger: add missing schema properties - * bump go module to v3 - * Fix 'storage.options' indent - * Bump github.com/sirupsen/logrus from 1.7.1 to 1.8.0 - * Bump github.com/containers/buildah from 1.19.4 to 1.19.6 - * Turn on journald and k8s file logging tests - * Allow podman play kube to read yaml file from stdin - * Log working dir when chdir fails - * Fix segfault in run with memory-swap - * leak fix in rootless_linux.c fcn can_use_shortcut - * Fix journald logs with more than 1 container - * Fix journald logs --follow - * Fix journald logs --since - * fix journald logs --tail 0 - * [CI:DOCS]basic networking guide - * cp: treat "." and "/." correctly - * [CI:DOCS] [NO TESTS NEEDED] Update swagger doc for libpod container wait - * Bump k8s.io/apimachinery from 0.20.2 to 0.20.3 - * Don't switch on a single case - * Quote URL - * bindings: support simple types that implement fmt.Stringer interface - * API: fix libpod's container wait endpoint condition conversion - * Change source path resolution for volume copy-up - * podman ps --format '{{ .Size }}' requires --size option - * infra: downgrade warning to debug - * Ignore entrypoint=[\"\"] - * Bump github.com/sirupsen/logrus from 1.7.0 to 1.7.1 - * Add missing early returns in compat API - * Do not reset storage when running inside of a container - * podman kill should report rawInput not container id - * Fix an issue where copyup could fail with ENOENT - * do not set empty $HOME - * images/create: always pull image - * Fix panic in pod creation - * Bump github.com/rootless-containers/rootlesskit from 0.13.0 to 0.13.1 - * podman build: pass runtime to buildah - * correct startup error message - * Add missing params for podman-remote build - * Fix typo podman run doc in flag -pid=mode "efault" - * When stopping a container, print rawInput - * fix create container: handle empty host port - * Don't chown workdir if it already exists - * Fix broken podman generate systemd --new with pods - * fix dns resolution on ubuntu - * e2e: fix network alias test - * fix failing image e2e test - * Update troubleshooting.md - * [NO TESTS NEEDED] Refactor generated code - * Fix superfluous response.WriteHeader call in WaitContainerLibpod() - * change ps Created to unix - * Enable more golangci-lint linters - * make layer-tree lookup errors non-fatal - * Enable whitespace linter - * Enable golint linter - * Enable stylecheck linter - * Update Master to reflect the 3.0 release - * utils: takes the longest path on cgroup v1 - * container ps json format miscue - * Bump github.com/spf13/cobra from 1.1.2 to 1.1.3 - * utils: create parent cgroups - * utils: ignore unified on cgroupv1 if not present - * utils: skip empty lines - * Correct compat network prune response - * Display correct value for unlimited ulimit - * apiv2: handle docker-java clients pulling - * Rewrite copy-up to use buildah Copier - * bump to v3.1.0-dev - * [NO TESTS NEEDED] Update linter - * Bump github.com/spf13/cobra from 1.1.1 to 1.1.2 - * Add shell completion tests for secrets - * Docker APIv2 push sends digest in response body - * Fix compat networks endpoint for a empty result - * hardening flags for fedora rpmbuilds - * [CI:DOCS]First pass at release process - * Restart service when CONTAINERS_CONF changes - * Support annotations from containers.conf - * vendor github.com/containers/image v5.10.2 - * APIv2 tests: lots of cleanup - * Fix Docker APIv2 push endpoint - * generate kube: support --privileged - * Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 - * Implement Secrets - * Bump containers/buildah to v1.19.4 - * Allow path completion for podman create/run --rootfs - * Cirrus: Send cirrus-cron report e-mail to list. - * make `podman rmi` more robust - * Implement missing arguments for podman build - * vendor latest containers/common - * add network prune - * fix logic when not creating a workdir - * Bump remote API version to 3.0.0 - * play kube selinux test case - * Fix podman network disconnect wrong NetworkStatus number - * Fix per review request - * generate kube: handle entrypoint - * play kube selinux test case - * Increase timeouts in some tests - * Add test for Docker APIv2 wait - * Implement Docker wait conditions - * Improve ContainerEngine.ContainerWait() - * Improve container libpod.Wait*() functions - * Cirrus: Collect ginkgo node logs artifacts - * Bump github.com/containers/storage from 1.24.5 to 1.25.0 - * Bump github.com/containernetworking/cni from 0.8.0 to 0.8.1 - * bindings: attach: warn correct error - * Fix invalid wait condition on kill - * Makefile: make bin/* real targets! - * typo - * Bump github.com/onsi/gomega from 1.10.4 to 1.10.5 - * Update nix pin with `make nixpkgs` - * System test for #9096 (truncated stdout) - * play kube selinux label test case - * Gating tests: diff test: workaround for RHEL8 failure - * [NO TESTS NEEDED] style: indendation - * [NO TESTS NEEDED] fixup: remove debug code - * Report StatusConflict on Pod opt partial failures - * Honor network options for macvlan networks - * Make slirp MTU configurable (network_cmd_options) - * [NO TESTS NEEDED] Generated files - * [NO TESTS NEEDED] Improve generator - * play kube selinux label issue - * Makefile: refactor ginkgo * ginkgo-remote - * Allow pods to use --net=none - * Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0 - * Update release notes for v3.0.0 - * New 'make completions' target - * add macvlan as a supported network driver - * Fix podman generate systemd --new special char handling - * Bump github.com/rootless-containers/rootlesskit from 0.12.0 to 0.13.0 - * Endpoint that lists containers does not return correct Status value - * Fix --network parsing for podman pod create - * list volumes before pruning - * Docker ignores mount flags that begin with constency - * podman generate kube ignores --network=host - * Switch podman stop/kill/wait handlers to use abi - * [CI:DOCS]build instructions for macOS - * Vendor in containers/buildah v1.19.3 - * Honor custom DNS in play|generate kube - * Podman-remote push can support --format - * Bump github.com/containers/image/v5 from 5.10.0 to 5.10.1 - * Cirrus: Build static podman-remote - * podman build --pull: refine help message and docs - * Revert "podman build --pull: use correct policy" - * Bump github.com/containers/image/v5 from 5.9.0 to 5.10.0 - * Cleanup bindings for image pull - * Don't fail if one of the cgroups is not setup - * Add support for rootless network-aliases - * Allow static ip and mac with rootless cni network - * podman build --pull: use correct policy - * Cirrus: Fix running Validate task on branches - * Fix static build cache by using cachix - * Switch podman image push handlers to use abi - * e2e tests: synchronize test results - * podman-remote ps --external --pod --sort do not work. - * Fix podman history --no-trunc for the CREATED BY field - * remote exec: write conmon error on hijacked connection - * Fix #9100 Change console mode message to debug - * Add default net info in container inspect - * Ensure the Volumes field in Compat Create is honored - * [CI:DOCS]update state of restful service - * workdir presence checks - * libpod: add (*Container).ResolvePath() - * Fixup search - * Pass DefaultMountsFile to podman build - * Ensure shutdown handler access is syncronized - * System tests: cover gaps from the last month - * Fix --arch and --os flags to work correctly - * Bump github.com/google/uuid from 1.1.5 to 1.2.0 - * Fix typo - * disable dnsname when --internal - * swagger.go: Fix compilation error - * Fix fish completion issue if the command is prefixed with a space - * Bump golang.org/x/crypto - * networking: lookup child IP in networks - * Small API test improvement for compatibility search endpoint - * podman manifest exists - * Accept and ignore 'null' as value for X-Registry-Auth - * Turn on some remote test - * Add a notice to remove pod before starting service - * libpod: move slirp magic IPs to consts - * rootlessport: set source IP to slirp4netns device - * vendor: update rootlesskit to v0.12.0 - * api: fix import image swagger definition - * podman volume exists - * Cirrus: Upload swagger YAML in every context - * [CI:DOCS] Cirrus: Skip smoke task on branch-push - * Move the cni lock file into the cni config dir - * Use random network names in the e2e tests - * [CI:DOCS] Update project name in Code of Conduct - * Set log driver for compatability containers - * Make generate systemd --new robust against double curly braces - * Fix man page for fuse-overlayfs config in rootless mode - * Cirrus: add bindings checks - * Fix handling of container remove - * make bindings generation explicit - * make bindings generation more robuts - * Revert "ginkgo: install on demand via `go get -u`" - * [CI:DOCS] fix go-md2man HTMLSpan warnings - * CI: smoke test: insist on adding tests on PRs - * podman network exists - * ginkgo: install on demand via `go get -u` - * runner.sh : deal with bash 'set -e' - * Add binding options for container|pod exists - * [CI:DOCS]Do not run compose tests with CI:DOCS - * simplify bindings generation - * make: generate bindings: use vendor - * hack/install_golangci.sh: smarter install - * golangci-lint: install to ./bin - * Create release notes for V3.0.0 - * Rename AutocompletePortCommand func - * Allow podman push to push manifest lists - * [CI:DOCS]Add README.md for golang bindings - * Turn on podman pod stats test for rootless cgroup v2 - * Fix missing podman-container-rename man page link - * Container rename bindings - * Bump to containers/buildah 1.9.2 - * Bump github.com/google/uuid from 1.1.4 to 1.1.5 - * specgen: improve heuristic for /sys bind mount - * Initial implementation of renaming containers - * Add tests for volume plugins - * Initial implementation of volume plugins - * [CI:DOCS] Add hook-script example to get_ci_vm.sh - * Makefile: add target to generate bindings - * container stop: release lock before calling the runtime - * Bump github.com/cri-o/ocicni to latest master - * Cirrus: Upd. ext. service check host list - * Bump k8s.io/apimachinery from 0.20.1 to 0.20.2 - * Bump github.com/stretchr/testify from 1.6.1 to 1.7.0 - * Cirrus: Utilize $GOPATH cache for alt_build task - * Add more information and examples on podman and pipes - * Vendor in common 0.33.1 - * CI: fix broken diagnostic message for -dev check - * test: use stringid.GenerateNonCryptoID() in more tests - * network: disallow CNI networks with user namespaces - * Reduce general binding binary size - * play kube: set entrypoint when interpreting Command - * Fxes /etc/hosts duplicated every time after container restarted in a pod - * Add 'MemUsageBytes' format option - * Remove the ability to use [name:tag] in podman load command - * More /var/run -> /run - * More /var/run -> /run - * Exorcise Driver code from libpod/define - * Fix problems reported by staticcheck - * Expose security attribute errors with their own messages - * oci: use /proc/self/fd/FD to open unix socket - * Use HTTPProxy settings from containers.conf - * Cirrus: Add cross-compile test for alternative arches - * image list: ignore bare manifest list - * Ensure that `podman play kube` actually reports errors - * Bump github.com/containers/storage from 1.24.4 to 1.24.5 - * oci: keep LC_ env variables to conmon - * Better test and idomatic code. - * add pre checkpoint - * podman build --force-rm defaults to true in code - * Adding json formatting to `--list-tags` option in `podman search` command. - * Use abi PodPs implementation for libpod/pods/json endpoint - * Add Networks format placeholder to podman ps and pod ps - * Add network filter for podman ps and pod ps - * Improve error message when the the podman service is not enabled - * Restore compatible API for prune endpoints - * Cirrus: Skip most tests on tag-push - * Add mips architecture to the cross build target - * Fix build for mips architecture follow-up - * Handle podman exec capabilities correctly - * Containers should not get inheritable caps by default - * Make podman generate systemd --new flag parsing more robust - * Switch references of /var/run -> /run - * rootless: automatically split userns ranges - * rootless: add function to retrieve uid mappings - * rootless: add function to retrieve gid mappings - * test: Add checkpoint/restore with volumes - * Include named volumes in container migration - * Use Options as CRImportCheckpoint() argument - * Use Options as exportCheckpoint() argument - * Fix podman logs read partial log lines - * Revert e6fbc15f26b2a609936dfc11732037c70ee14cba - * Cirrus: Update Fedora & Ubuntu images - * Ensure that user-specified HOSTNAME is honored - * generate systemd: do not set `KillMode` - * Bump github.com/google/uuid from 1.1.3 to 1.1.4 - * vendor containers/psgo@v1.5.2 - * Add default sysctls for pod infra containers - * Ensure we do not edit container config in Exec - * close journald when reading - * libpod API: pull: fix channel race - * Allow image errors to bubble up from lower level functions. - * test: fix variable name - * systemd: make rundir always accessible - * podman-remote fix sending tar content - * fix: disable seccomp by default when privileged. - * Compat api containers/json add support for filters - * Bump github.com/google/uuid from 1.1.2 to 1.1.3 - * Expose Height/Width fields to decoder - * Rework pruning to report reclaimed space - * Add support for Gentoo file to package query - * The slirp4netns sandbox requires pivot_root - * Update nix pin with `make nixpkgs` - * readme: Remove broken link - * Fix e2e test for `podman build --logfile` - * test: fix variables name - * exec: honor --privileged - * libpod: change function to accept ExecOptions - * Consolidate filter logic to pkg subdirectory - * sort api endpoints in documentation - * libpod: handle single user mapped as root - * Refactor kube.ToSpecGen parameters to struct - * re-open container log files - * Set NetNS mode instead of value - * add --cidfile to container kill - * Document uid/gidmap are based on subuid/gid mapping - * Bump github.com/containers/storage from 1.24.3 to 1.24.4 - * Fix podman build --logfile - * Fix missing options in volumes display while setting uid and gid - * Spelling - * play kube: fix args/command handling - * Pass down EnableKeyring from containers.conf to conmon - * Prefer read/write images over read/only images - * add pod filter for ps - * Add Security information to podman info - * Add volume filters to system prune - * podman v3 container bindings - * Fix build for mips architecture - * Bump k8s.io/apimachinery from 0.20.0 to 0.20.1 - * Update nix pin with `make nixpkgs` - * Document location of backend events file - * Fix support for rpmbuild < 4.12.0. - * system tests: set PODMAN_TIMEOUT to 120 - * remote copy - * Bump github.com/containers/common from 0.31.0 to 0.31.1 - * podman v3 pod bindings - * [CI:DOCS] Bump version on readme - * misc bindings to podman v3 - * Docker compat API - /images/search returns wrong structure (#7857) - * Close the stdin/tty when using podman as a restAPI. - * Add support for pacman package version query - * Don't accidently remove XDG_RUNTIME_DIR when reseting storage - * Always add the default gateway to the cni config file - * System tests: better diagnostics in completion test - * Bump github.com/opencontainers/selinux from 1.7.0 to 1.8.0 - * podman.service should be an exec service not a notify service - * Fix: unpause not supported for CGv1 rootless - * Disable incompatible rootless + CGroupsV1 tests - * Disable rootless pod stats tests w/ CgroupV1 - * Disable CGv1 pod stats on net=host post - * Disable pod stats tests in containerized Fedora w/ CGroupsV1 - * Disable blkio.weight test on Ubuntu - * Cirrus: Add support for Ubuntu 20.x - * Add LogSize to container inspect - * Podman image bindings for 3.0 - * contrib: drop mirror.chpc.utah.edu:443 - * libpod, conmon: change log level for rootless - * Clean up temporary file. - * Allow users to specify TMPDIR in containers.conf - * system tests: the catch-up game - * RHEL gating tests: more journald exceptions - * Add volume prune --filter support - * shell completion for the network flag - * podman events allow future time for --until - * Sign multi-arch images - * add compose test descriptions - * test-compose: rewrite to new subdir form - * add compose regression to ci - * WIP: test docker-compose - * podman: drop checking valid rootless UID - * Cleanup CNI Networks on reboot - * Fix some network compat api problems - * Fix Wrong image tag is used when creating a container from an image with multiple tags - * Handle --rm when starting a container - * Refine public key usage when remote - * podman logs honor stderr correctly - * Bindings refactor - * Ignore containers.conf sysctls when sharing namespaces - * Fix panic in libpod images exists endpoint - * Bump github.com/containernetworking/plugins from 0.8.7 to 0.9.0 - * Add --filter to podman system prune - * Fix storage.conf to define driver in the VM - * Bump github.com/containers/storage from 1.24.1 to 1.24.3 - * Properly handle --cap-add all when running with a --user flag - * security: honor systempaths=unconfined for ro paths - * Add system test for shell completion - * Bump github.com/onsi/gomega from 1.10.3 to 1.10.4 - * Honor the --layers flag - * pkg/copy: introduce a Copier - * Repeat system pruning until there is nothing removed - * Bump k8s.io/apimachinery from 0.19.4 to 0.20.0 - * Bump github.com/opencontainers/selinux from 1.6.0 to 1.7.0 - * auto updates: document systemd unit and timer - * archive: move stat-header handling into copy package - * Fix spelling mistakes - * pkg/copy: add parsing API - * make podman play use ENVs from image - * Correct port range logic for port generation - * Make `podman stats` slirp check more robust - * Add systempaths=unconfined option - * Bump github.com/containers/image/v5 from 5.8.1 to 5.9.0 - * Restore json format for fields as well as whole structs - * Do not pull if image domain is localhost - * pass full NetworkMode to ParseNetworkNamespace - * Fix network ls --filter invalid value flake - * Implement pod-network-reload - * generate kube on multiple containers - * Change name of imageVolumes in container config JSON - * Do not error on installing duplicate shutdown handler - * image sign using per user registries.d - * container cgroup path - * add comment to #8558 regression test - * Docker compat API - containers create ignores the name - * Add APIv2 test for containers-prune - * container create: do not clear image name - * Add saschagrunert and zhangguanzhang to OWNERS - * Bump github.com/containers/common from 0.30.0 to 0.31.0 - * update website link for install instructions - * Jira RUN-1106 System handlers updates - * enable short-name aliasing - * Jira RUN-1106 Volumes handlers updates - * Jira RUN-1106 Network handlers updates - * Do not mount sysfs as rootless in more cases - * Add ability to set system wide options for slirp4netns - * Vendor in containers/common v0.30.0 - * Clarify uid range requirements - * Close image rawSource when each loop ends - * Use PasswordCallback instead of Password for ssh - * More docker compat API fixes - * rewrite podman-cp - * e2e: bump pull timeout to 240 seconds - * add @Luap99 to OWNERS file - * Support Unix timestamps for `podman logs --since` - * Fix some nit - * Jira RUN-1106 Image handlers updates - * Jira RUN-1106 Container handlers updates - * Add containerenv information to /run/.containerenv - * Correct which network commands can be run as rootless - * Drop default log-level from error to warn - * podman, exec: move conmon to the correct cgroup - * Support --network=default as if it was private - * Change bindings to stop two API calls for ping - * hack/podman-socat captures the API stream - * BATS: add new load test - * Add mask and unmask option to --security-opt - * Use Libpod tmpdir for pause path - * Fix `podman images...` missing headers in table templates - * add commas between mount options - * Do not pass name argument to Load API - * target is not tag - * Fix shell completion for ps --filter ancestor - * Add support for network ids - * Validate that the bridge option is supported - * Add integration test for the bridge options - * Add podman network create option for bridge vlan - * Add podman network create option for bridge mtu - * Do not use "true" after "syslog" in exit commands - * Fix typo in tests - * Fix potential race condition in testing - * compat create should use bindings - * Add API for communicating with Docker volume plugins - * BATS: add ping test - * Document volume mounts of source directories do NOT get created - * Revert the custom cobra vendor - * Bump version in README to v2.2.0 - * network connect disconnect on non-running containers - * Bump master to v3.0.0-dev - * Update release notes for v2.2.0 - * Fix extra quotation mark in manpages. - * Fix option names --subuidname and --subgidname - * Do not ignore infra command from config files - * Revert "Allow multiple --network flags for podman run/create" - * Add APIv2 tests for kube generate - * Document docker transport is the only supported remote transport - * podman network label support - * runtime: set XDG_* env variables if missing - * Add support for persistent volume claims in kube files - * Prepare support in kube play for other volume types than hostPath - * Remove varlink support from Podman - * Fix problems with network remove - * Switch from pkg/secrets to pkg/subscriptions - * Do not validate the volume source path in specgen - * Add support for --platform - * REST API v2 - ping - fix typo in header - * REST API v2 - ping - remove newline from response to improve Docker compatibility - * squash - * Not use local image create/add manifest - * [CI:DOCS] fix misleading save/load usage - * [tutorials:mac-win-client] Fix command ensuring sshd is enabled - * Fix custom mac address with a custom cni network - * Bump to v2.2.0-dev - * Handle ps container created field as a time.Time - * test resource cleanup - * more tests - * not forcing unmount - * few more tests - * add test - * add comment - * fix: unmount container without force - * style: wsl - * fix lint - * Implement containers/{id or name}/archive - * Ensure that --net=host/pod/container/none warn with -p - -- Changelog for HEAD (2020-11-24): - * Set PATH env in systemd timer. - * Docker compat API fixes - * shell completions: remove usage of ShellCompDirectiveError - * more shell completion improvements - * Fix ip-range for classless subnet masks - * Bump github.com/containers/common from 0.27.0 to 0.29.0 - * Add podman container ps command - * clarify ps(1) fallback of `podman top` - * APIv2 - create container sets wrong entrypoint - * Enable remote shell completion without a running endpoint - * Specify what the replace flag replaces in help text - * APIv2 - strip CAP_ prefix from capabilities in json - * Make c.networks() list include the default network - * Allow containers to --restart on-failure with --rm - * REST API v2 - list of images - mandatory Created attribute - * Allow multiple --network flags for podman run/create - * fix container cgroup lookup - * Make podman service log events - * vendor in containers/storage v1.24.1 containers/image v5.8.1 - * Document containers.conf settings for remote connections - * Shell completion for podman ps and podman pod ps --filter - * Add alias for podman network rm -> remove - * add network connect|disconnect compat endpoints - * Fix sed regex to update version in version/version.go - * Github-Actions: Send e-mail on Cirrus cron failure - * Align the podman pod ps --filter behavior with podman ps - * podman-remote network rm --force is broken - * Remove build \!remote flags from test - -- Changelog for v2.2.0-rc1 (2020-11-18): - * Add release notes for v2.2.0-RC1 - * correct numbering typo - * Align the podman ps --filter behavior with docker - * Fix podman pod inspect show wrong MAC string - * Fix example for manifest push - * add network connect|disconnect compat endpoints - * Rename e2e test files to include _test.go suffix - * Client call to /play/kube incorrectly set tlsVerify - * Add an option to control if play kube should start the pod - * Swap out json-iterator for golang default - * Fix missing headers in `network ls` - * [CI:DOCS] fix an apostrophe nit in man page - * remove contrib/gate - * Remove some more excessive wrapping and stuttering - * Cleanup tutorials - * use container cgroups path - * Explain the relation between --pod and --network - * Make sure /etc/hosts populated correctly with networks - * logformatter: highlight timing results - * Bump Buildah to v1.18.0, c/storage to v1.24.0 - * Cirrus: Invalidate static cache on VM image update - * Improve the shell completion api - * use lookaside storage for remote tests - * Bump k8s.io/apimachinery from 0.19.3 to 0.19.4 - * Wrap missing container errors with container ID - * system tests: various - * Add support for volume ls --filter label=key=value - * Podman-remote build is getting ID twice - * [CI:DOCS] Touch up Podman description in man page menu - * Fix markdown tables on docs.podman.io - * short-name aliasing - * Set podman-auto-update.service Type=oneshot - * test for buildah version in container images. - * Add missing --now in systemctl start command - * Change podman build --pull=true to PullIfMissing - * Fix namespace flag parsing for podman build - * Add podman build --net alias for --network - * Refactor to use DockerClient vs APIClient - * Maintain consistent order of short and long flag names in docs - * Fix issues found with codespell - * Bump github.com/rootless-containers/rootlesskit from 0.11.0 to 0.11.1 - * Install the new shell completion logic - * Add shell completion with cobra - * Vendor in some cobra PRs to improve the completion experience. - * Add support for network connect / disconnect to DB - * Ensure we do not double-lock the same volume in create - * Cleanup error reporting - * Cirrus: update VMs - * [CI:DOCS] Restore man page cross-checker - * Cirrus: Run validation tests in CI:DOCS mode - * Add podman(1) to the list of man pages on docs.podman.io - * Set default network driver for APIv2 networks - * Add tests to make sure podman-remote logs works correctly. - * Add anchors for flag names on docs.podman.io - * migrate play kube to spec gen - * Add example of fuse-overlay to podman system reset - * Bump github.com/containers/common from 0.26.3 to 0.27.0 - * skip ipv6 e2e tests on rootless - * add e2e test for network with same subnet - * enable ipv6 network configuration options - * make network name uniq for dnsname tests - * network aliases for container creation - * system tests: skip journald tests on RHEL8 - * Update podman build man page to match buildah bud man page - * Cirrus: Detailed CPU/Memory/Time runner.sh stats - * podman-pull.1.md: add example for pulling an image by hash - * podman-import.1.md: fix paragraph formatting - * podman-import.1.md: fix shell syntax - * Update CI tests to run python docker library against API - * Stop binding layer from changing line endings - * Add support for podman search --format json - * Add --log-driver to play kube - * Show error on bad name filter in podman ps - * Use CPP, CC and flags in dep check scripts - * Fix link to point at correct content - * fix: allow volume creation when the _data directory already exists - * rootless container creation settings - * fix: podman-system-service doc time is seconds - * Bump github.com/rootless-containers/rootlesskit from 0.10.1 to 0.11.0 - * Update nix pin with `make nixpkgs` - * Use /tmp/podman-run-* for backup XDG_RUNTIME_DIR - * Only use container/storage/pkg/homedir.Get() - * Add support for mounting external containers - * Cirrus: Use F33beta VM image - * Cirrus: Simplify artifact collection - * Use ping from alpine - * Bump github.com/containers/storage from 1.23.8 to 1.23.9 - * add a PR template - * Use regex for "pod ps" name filter to match "ps" behavior - * Add tip re. typical root cause of "Exec format error" to troubleshooting.md - * Add tests for network aliases - * Make volume filters inclusive - * [CI:DOCS]Add Urvashi to podman OWNERS - * Improve error messages from failing tests - * fedora rootless cpu settings - * Test $HOME when it's parent is bind mounted with --userns=keep-id - * Update README.md - * docs: Mention mounts.conf location for non-root users - * Add test/apiv2/rest_api tests to make target - * specgen: keep capabilities with --userns=keep-id - * specgen: fix check for root user - * specgen: add support for ambient capabilities - * Add better support for unbindable volume mounts - * Bump github.com/containers/storage from 1.23.7 to 1.23.8 - * Use osusergo build tag for static build - * Change http ConnState actions between new and active - * Match build pull functionality with Docker's - * Centralize cores and period/quota conversion code - * specgen, cgroup2: check whether memory swap is enabled - * Fix dnsname when joining a different network namespace in a pod - * Bump Buildah to v1.17.0 - * manifest list inspect single image - * Remove search limit since pagination support - * spec: protect against segfault - * [CI:DOCS] Fix broken CI readme links - * Improve setupSystemd, grab mount options from the host - * specgen: split cgroup v1 and cgroup v2 code - * specgen: fix error message - * When container stops, drop sig-proxy errors to infos - * Cirrus: Workaround F32 BFQ Kernel bug - * Stop excessive wrapping of errors - * Pod's that share the IPC Namespace need to share /dev/shm - * Fix the `--pull` flag to `podman build` to match Docker - * Restore --format table header support - * Create the default root API address path - * new "image" mount type - * Cirrus: Simplify setting/passing env. vars. - * Podman often reports OCI Runtime does not exist, even if it does - * rootless: improve error message if cannot join namespaces - * NewFromLocal can return multiple images - * libpod: clean paths before check - * move from docker.io - * Cirrus: Use google mirror for docker.io - * Cirrus: Always record runc/crun versions - * Ensure that attach ready channel does not block - * Add a way to retrieve all network aliases for a ctr - * Add pod, volume, network to inspect package - * Add network aliases for containers to DB - * Add test cases to cover podman volume - * Document how to enable CPU limit delegation - * Add more details about how CPU limits work - * set resources only when specified - * Improve the journal event reading - * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.3 - * Support hashed hostnames in the known_hosts file - * image list: check for all errors - * Yet another iteration on PR title plugin - * System tests: cleanup, make more robust - * pr update action: fix errors on master branch - * The cidfile should be created when the container is created - * auto update: mark it as non-experimental - * Add support for host keys for non-22 ports - * fix: podman-cp respects "--extract" flag - * add GitHub action to add non-main branch to PR title - * filter events by labels - * Bump github.com/spf13/cobra from 1.1.0 to 1.1.1 - * Bump github.com/containers/buildah from 1.16.4 to 1.16.5 - * src: nil check - * Don't error if resolv.conf does not exists - * src: add nil checks - * replace net_raw with setuid - * fix: /image/{name}/json returns RootFS layers - * APIv2 compatibility network connect|disconnect - * Tests: Check different log driver can work with podman logs - * podman create doesn't support creating detached containers - * Fix pull method selection - * set compat network driver default - * Add hostname to /etc/hosts for --net=none - * Add a Degraded state to pods - * Refactor podman to use c/common/pkg/report - * container create: record correct image name - * Add EOL to compat container logs - * save image remove signatures - * Switch use of Flags to Options - * Bump k8s.io/apimachinery from 0.19.2 to 0.19.3 - * Fix handling and documentation of podman wait --interval - * Podman build should default to not usins stdin - * Tests: Fix common flakes, and improve apiv2 test log - * Retrieve network inspect info from dependency container - * refactor api compatibility container creation to specgen - * Fix ps port output - * Ensure that hostname is added to hosts with net=host - * Add a system test to verify --runtime is preserved - * Use runtime names instead of paths in E2E tests - * Re-create OCI runtimes by path when it is missing - * When given OCI runtime by path, use path as name - * fix: neutral value for MemorySwappiness - * Make invalid image name error more specific - * System tests: remove some misleading 'run's - * --tls-verify and --authfile should work for all remote commands - * Fix host to container port mapping for simple ranges - * Always add the dnsname plugin to the config for rootless - * Make man page headings more consistent - * Update podman-remote start --attach to handle detach keys - * Update podman-remote run to handle detach keys - * Bump github.com/containers/common from 0.24.0 to 0.26.0 - * Fix panic when runlabel is missing - * Fix podman image trust show --raw output - * Fix podman-run man page heading - * Fix sorting issues in completions - * Add support for external container - * fix podman container exists and diff for storage containers - * Fix possible panic in libpod container restore - * Bump github.com/spf13/cobra from 1.0.0 to 1.1.0 - * System test additions - * Setup HOME environment when using --userns=keep-id - * Setup HOME environment when using --userns=keep-id - * Fix indentation for `podman pod inspect` - * Cirrus: Execute docker-py tests on a VM - * Restore --format table support - * Convert Split() calls with an equal sign to SplitN() - * Bump github.com/onsi/gomega from 1.10.2 to 1.10.3 - * Restore indent on JSON from `podman inspect` - * Enforce LIFO ordering for shutdown handlers - * alter compat no such image message - * Cirrus: Restore APIv2 Testing - * Cirrus: Ability to skip most tests for docs updates - * Restore --format: stats & pod ps - * Enable masking stop signals within container creation - * APIv2 tests: try again to fix them - * Add a shutdown handler package - * System tests: run with local podman, not remote - * Remove a note that the HTTP API is not yet stable. - * APIv2 tests: get them passing again - * Add support for resource limits to play kube - * Resolve #7860 - add time.RFC3339Nano into ContainerJSONBase - * Add more APIv2 tests for images: push, tag, untag, rmi and image tree. - * Include CNI networks in inspect output when not running - * Monitor for client closing stream - * pkg/spec: fix a confusing error message - * Search repository tags using --list-tags - * Fix the "err: cause" order of OCI runtime errors - * tests/e2e: Add Toolbox-specific test cases - * This PR allows users to remove external containers directly - * Fix documentation link and typo - * Restore --format table... - * Add support for resource cpu limit to generate kube - * Port V1 --format table to V2 podman - * BlobInfoCacheDir is set incorrectly when copying images - * Store cgroup manager on a per-container basis - * --format updates for images/diff.go - * add compatibility endpoint for exporting multiple images - * Restore --format 'table...' to commands - * Ports given only by number should have random host port - * Update nix pin with `make nixpkgs` - * add prerequisite section before building binaries - * newlines on all container detaches - * Cirrus: Fix obtaining a CI VM - * APIv2 compatibility rootless network fix - * Port commands to V2 --format 'table...' - * system tests: cleanup, and add more tests - * prevent unpredictable results with network create|remove - * Enable k8s configmaps as flags for play kube - * Attempt to turn on some more remote tests - * Use WaitWithDefaultTimeout in cleanup - * Move pod jobs to parallel execution - * Populate /etc/hosts file when run in a user namespace - * Cirrus: Fix running shellcheck locally - * Cirrus CI runner: refactor - * fix apiv2 /containers/$name/json return wrong value in `.Config.StopSignal` - * pkg/cgroups/createCgroupv2Path: nits - * Lowercase some errors - * Remove excessive error wrapping - * Support max_size logoptions - * Fixes remote attach and exec to signal IdleTracker - * Cirrus: Skip deep testing on branches - * logformatter: run on system tests & bindings - * Fix handling of CheckRootlessUIDRange - * Cirrus: Fix branch-validation failure - * Add TODO for adding CPU limit support - * Add support for resource memory limit to generate kube - * Fix podman-remote ps --ns broken - * fix closed the remote connection on pull causes service panic - * Add SELinux support for pods - * Cirrus: Implement podman automation 2.0 - * compat: images/create: fix tag parsing - * Fix Podman logs reading journald - * Restore "table" --format from V1 - * --rm option shold conflicts with --restart - * Bump github.com/containers/common from 0.23.0 to 0.24.0 - * libpod: check the gid is present before adding it - * podman-remote does not support most of the global flags - * Correct to latest version - * Bump github.com/containers/buildah from 1.16.2 to 1.16.4 - * image prune: remove all candidates - * spec: open fuse with --device .*/fuse - * rootless: use sync.Once for GetAvailableGids() - * rootless: move GetAvailableGids to the rootless pkg - * logformatter: add Synopsis at top of each page - * Podman containers/pods prune should throw an error if user adds args - * fix compat api privileged and entrypoint code - * Migrate container images to automation_images - * system test: untag all test - * remote: fix name and ID collisions of containers and pods - * Add additionalGIDs from users in rootless mode - * Fix some flakes in the e2e network tests. - * Update rootless_tutorial.md - * Volume prune should not pass down the force flag - * Support --http-proxy for remote builds - * fix: The container created by APIV2 has an incorrect Env and WorkDir - * misc fixes for f33 integration tests - * fix allowing inspect manifest of non-local image - * Distinguish userns vs containerized tests - * Don't disable Go modules when generating varlink - * Use local image if input image is a manifest list - * image look up: consult registries.conf - * pkg/registries: add a retiring note - * Attempt to test all Broken SkipIfRootless FIXME - * Make the e2e test network cleanup more robust. - * Fix ubuntu exec_test - * capabilities: always set ambient and inheritable - * libpod: bump up rootless-cni-infra to v3 - * rootless-cni-infra v3: fix cleaning up DNS entries - * fix remote untag - * Make all Skips specify a reason - * Fix handling of remove of bogus volumes, networks and Pods - * We already set container=podman environment variable - * Refactor IdleTracker to handle StateIdle transitions - * System tests: add podman run --tz - * System tests: corner case for run --pull - * healthchecks: return systemd-run error - * Add X-Registry-Config support - * Gating-test fix: deal with new crun error msg - * Bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 - * Apply suggestions from code review - * Adds missing . to README.md file. - * Ignore containers.conf sysctl when namespaces set to host - * System tests: reenable some skipped tests - * Journald log driver test - * fix for compatibility volume creation - * Add section about current differences - * Fix network remove for the podman remote client - * Fix podman network rm --force when network is used by a pod - * Remove SkipIfRootless if possible, document other calls - * Properly handle podman run --pull command - * Updating on supported restart policy - * Add support for slirp network for pods - * rootless: fix hang when newidmap is not installed - * Remove some SkipIfRootess flags from tests - * Bump github.com/containers/common from 0.22.0 to 0.23.0 - * HTTP Attach: Wait until both STDIN and STDOUT finish - * build: honor --runtime setting - * remote load: check if input is directory - * stats: break out CLI options - * new endpoint: /libpod/containers/stats - * apiv2 container limit differ from docker-api - * system tests: helpers: safer parse_table - * system tests: new test for run --log-driver - * set interactive mode with compat create endpoint - * Allow filtering on pod label values - * Remove final v2remotefail failures - * Fix a bug where log-driver json-file was made no logs - * e2e tests: SkipIfRemote(): add a reason - * stats refactor - * Systemd should be able to run as rootless - * Bump github.com/containers/buildah from 1.16.1 to 1.16.2 - * Examine all SkipIfRemote functions - * fix build with varlink - * Bump version in README to v2.1.0 - * Include cgroup manager in `podman info` output - * Add Server header to API service responses - * Bump to v2.2.0-dev - * podman save: fix redirect of multi-images - * pkg/hooks: support all hooks - * Print nice error message when python is not installed - * add missing return for compat kill - * system tests: new tests - * Evict containers before removing via V2 API - * Cirrus: Add gpg2 to Ubuntu images - * Fix mismatch between log messages and behavior of libpod.LabelVolumePath. - -- Changelog for v2.1.0 (2020-09-22): - * Update release notes for v2.1.0 Final Release - * Fix up attach tests for podman remote - * update stale bot - * [CI:DOCS] Add 'In Progress' note to CONTRIBUTING.md - * Restore 'id' stanza in pull results - * Fix podman image unmount to only report images unmounted - * libpod: bumps up rootless-cni-infra to 2 - * stats: log errors instead of sending 500 - * Fix incorrect parsing of create/run --volumes-from - * rootless-cni-infra: fix flakiness during bringing up lo interface - * Fix handling of podman-remote stop --ignore - * Refactor version handling in cmd tree - * Preserve groups in exec sessions in ctrs with --user - * Install bats as root - * Makefile: Fix broken libpodimage targets - * stats: detect closed client connection - * stats endpoint: write OK header once - * handle the play kube and generate kube for with restartPolicy - * fix the .Path and .Args when use the infra-command - * Update nix pin with `make nixpkgs` - * fix a typo of login.1.md - * Bump github.com/rootless-containers/rootlesskit from 0.10.0 to 0.10.1 - * enable --iidfile for podman-remote build - * update github.com/docker/docker and relevant deps - * Make Go builds more consistent - * dependabot-dance: new tool for managing revendor PRs - * WIP: Fix remote logs - -- Changelog for v2.1.0-rc2 (2020-09-17) - * Update release notes for Podman v2.1.0-RC2 - * Fix play_kube_test deployment template - * fix missing completion in podman run - * Bump k8s.io/apimachinery from 0.19.1 to 0.19.2 - * image list: return all associated names - * Add labels to a pod created via play kube - * Refactor remote pull to provide progress - * --mount: support arbitrary mount-argument order - * Fix podman pod create --infra-command and --infra-image - * Fix "rootless-cni-infra + runc fails with ENODEV" - * podman version and --version: fix format, exit - * Supports import&run--signature-policy - * Fix CI breakage due to PR collision - * [CI:DOCS]update owners file - * Refactor API version values - * Fix --systemd=always regression - * Correct HTTP methods for /containers/{id}/archive - * events endpoint: header: do not wait for events - * run/create: record raw image - * rootless CNI: extract env and cmd from image - * libpod: rootless CNI image: use quay - * move `rootless-cni-infra` image to quay.io - * vendor github.com/containers/image/v5@v5.6.0 - * podman wait accept args > 1 - * Usability: prevent "-l" with arguments - * Document the connection path for podman --remote - * Refactor API build endpoint to be more compliant - * pull types allow initial caps - * Determine if resolv.conf points to systemd-resolved - * Bump to v2.1.0-dev - * Fix completions for namespaces - -- Changelog for v2.1.0-rc1 (2020-09-11) - * Add release notes for Podman v2.1.0-RC1 - * Vendor in containers/buildah 1.16.1 - * Vendor in containers/common v0.22.0 - * system df: fix image-size calculations - * add @edsantiago to OWNERS file - * sort OWNERS file - * remote run: fix error checks - * Fix up errors found by codespell - * Document --read-only --rootfs requirements - * Force Attach() to send a SIGWINCH and redraw - * run_networking e2e test: add cleanup to some tests - * play/generate: support shareProcessNamespace - * system tests: cleanup - * allowed underscores to remain in name for YAML - * Add read-only mount to play kube - * Add auth.json(5) link to login/logout docs - * libpod: read mappings when joining a container userns - * Make an entry in /etc/group when we modify /etc/passwd - * podman container runlabel should pull the image if it does not exist - * Bump k8s.io/apimachinery from 0.19.0 to 0.19.1 - * vendor containers/storage v1.23.5 - * remote run: consult events for exit code - * Cirrus: Obsolete CI:IMG process & related files - * Fix podman container runlabel --display - * Make oom-score-adj actually work - * compat kill: only wait for 0 signal and sigkill - * remote kill: don't wait for the container to stop - * Fix podman ps -l - * generate systemd: catch `--name=foo` - * Fix podman build --logfile - * fix APIv2 pods top of non-exist pod gets two response value - * Extend bash completion to cover new flags - * Update man page of `manifest add` - * manifest push: handle cert-dir flag - * Extend flags of `manifest add` - * Show c/storage (Buildah/CRI-O) containers in ps - * rootless: support `podman network create` (CNI-in-slirp4netns) - * add contrib/rootless-cni-infra - * [CI:DOCS] Update remote tutorials - * Don't setup the Image/ContainerEngine when calling a cmd with subcmds - * Makefile: add cross compile targets for more arches - * Migrate away from docker.io - * podman stop: do not cleanup for auto-removal - * Bump github.com/onsi/gomega from 1.10.1 to 1.10.2 - * support multi-image (docker) archives - * Fix typo in the remove network api doc - * APIv2 Add network list filtering - * Bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 - * make image parent check more robust - * Fix unconfined AppArmor profile usage for unsupported systems - * Bump github.com/containers/storage from 1.23.2 to 1.23.4 - * Add global options --runtime-flags - * [CI:DOCS] Add macos build to ci - * Fix system df inconsistent - * [CI:DOCS] Add note on run image fuse problem - try 2 - * WIP: update VM images - * APIv2 add generate systemd endpoint - * We should not be mounting /run as noexec when run with --systemd - * Bump github.com/gorilla/mux from 1.7.4 to 1.8.0 - * Don't create ~/.config after removing storage.conf - * Update master with release notes for v2.0.6 - * APIv2 test: add more tests for containers - * Ensure rootless containers without a passwd can start - * use crio runc on CICID ubuntu - * bindings: reenable flaky(?) pause/unpause test - * handle play kube with pod.spec.hostAliases - * Bump github.com/google/uuid from 1.1.1 to 1.1.2 - * Bump k8s.io/api from 0.18.8 to 0.19.0 - * play kube: handle Socket HostPath type - * Small tweaks to readme scope section - * Update Master to reflect v2.0.5 release - * fix panic when checking len on nil object - * Add support for variant when pulling images - * Document override-arch and override-os - * Delete prior /dev/shm/* - * Don't remove config files with podman system reset - * Just use `rm` for helper command to remove storage - * Bump github.com/containernetworking/plugins from 0.8.6 to 0.8.7 - * Fix log level case regression - * Use environment from containers.conf - * Bump github.com/containers/conmon - * Bump github.com/gorilla/schema from 1.1.0 to 1.2.0 - * Bump k8s.io/apimachinery from 0.18.8 to 0.19.0 - * abi: trim init command - * [CI:DOCS] Switch more references from libpod to podman - * Switch to containers/common for seccomp - * Fix up some error messages - * Ensure pod REST API endpoints include ctr errors - * Update c/storage to v1.23.2 - * BATS: fix corner case in --userns=keep-id test - * [CI:DOCS] Update podman-remote docs - * Send HTTP Hijack headers after successful attach - * fix podman generate kube with HostAliases - * [CI:DOCS] Making docs build on mac - * Remove test comment for now succeeding tests - * Update vendor of buildah to latest code - * fix apiv2 will create containers with incorrect commands - * [CI:DOCS] fix swagger api docs - * Add missing autocomplete - * Update nix pin with `make nixpkgs` - * podman: add option --cgroup-conf - * vendor: update opencontainers/runtime-spec - * In podman 1.* regression on --cap-add - * error when adding container to pod with network information - * fix /libpod/pods/json returns null when there are no pods - * fix pod creation with "new:" syntax followup + allow hostname - * [CI:DOCS] Include Go bindings tutorial - * Unmount c/storage containers before removing them - * Cirrus: special-case CI colon-IMG and colon-DOCS only in subject - * Add support for --connection - * system tests: enable more remote tests; cleanup - * Note port publishing needs in pods for create/run - * Cirrus: Increase integration-testing timeout - * Bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 - * generate systemd: quote arguments with whitespace - * Ensure DefaultEnvVariables is used in Specgen - * Support sighup reload configuration files - * fix podman version output to include git commit and builttime - * Don't limit the size on /run for systemd based containers - * abi: fix detection for systemd - * fix podman create/run UTS NS docs - * Remove help/usage from --remote pre-check - * flake fix: podman image trust - * e2e tests: use actual temp dirs, not "/tmp/dir" - * Re-disable sdnotify tests to try to fix CI - * Clean up pods before returning from Pod Stop API call - * Use `bash` binary from env instead of /bin/bash for scripts - * Wait for reexec to finish when fileOutput is nil - * Bump k8s.io/api from 0.18.6 to 0.18.8 - * Bump github.com/containers/storage from 1.21.2 to 1.23.0 - * podman support for IPv6 networks - * Add pointer to troubleshooting in issue template - * Bump k8s.io/apimachinery from 0.18.6 to 0.18.8 - * system tests: enable sdnotify tests - * Ensure pod infra containers have an exit command - * podman.service: use sdnotiy - * run, create: add new security-opt proc-opts - * Add support for setting the CIDR when using slirp4netns - * add event for image build - * podman-remote fixes for msi and client - * podman save use named pipe - * Change /sys/fs/cgroup/systemd mount to rprivate - * Add parameter verification for api creation network - * add xz as a recommended pkg - * Makefile: use full path for ginkgo - * Replace deepcopy on history results - * Fix hang when `path` doesn't exist - * Cross-reference *.rst files too - * Ensure correct propagation for cgroupsv1 systemd cgroup - * Man pages: assert that subcommands are in order - * Use set for systemd commands - * Enable systemd mode for /usr/local/sbin/init - * Allow specifying seccomp profiles for privileged containers - * Update nix pin with `make nixpkgs` - * Add the Status field in the ps --format=json - * Add missing pages for docs.podman.io - * Align images with Buildah - * Error pass through for more accurate error reporting - * remove --latest for all remote commands - * Remove TEST_REMOTE_CLIENT from RCLI - * Fix handling of working dir - * Default .Repository and .Tag values to <none> - * generate systemd: fix error handling - * Do not use image CMD if user gave ENTRYPOINT - * Unconditionally retrieve pod names via API - * system tests: podman-remote, image tree - * [CI:DOCS] BZ1860126 - Fix userns defaults in run man page - * changes to support outbound-addr - * image list: speed up - * fix podman logs --tail when log is bigger than pagesize - * [CI:DOCS] Update podmanimages README.md - * Ensure that exec errors write exit codes to the DB - * podman-remote send name and tag - * Refactor parsing to not require --remote to be first - * Handle podman-remote run --rm - * correct go-binding key for volumes - * HACK HACK try debugging build - * Retry pulling image - * fix bug podman sign storage path - * validate fds --preserve-fds - * Remove duplicated code - * Improve error message when creating a pod/ctr with the same name - * podman: support --mount type=devpts - * rootless: system service joins immediately the namespaces - * docker-compose uses application/tar - * Missing return after early exit - * Ensure WORKDIR from images is created - * Bump to Buildah 1.16.0-dev in upstream - * Do not set host IP on ports when 0.0.0.0 requested - * Reenable remote system tests - * implement the exitcode when start a container with attach - * Install auto-update services for users - * Fix test failure regarding unpackaged files. - * Install auto-update systemd service and timer. - * podman.service: drop install section - * Remove some unnecessary []byte to string conversions - * Speedup static build by utilizing CI cache on `/nix` folder - * API returns 500 in case network is not found instead of 404 - * Change recommended systemd unit path for root. - * Update master README and release notes for v2.0.4 - * Ensure libpod/define does not include libpod/image - * Fix podman service --valink timeout - * Add versioned _ping endpoint - * fix pod creation with "new:" syntax - * Cirrus: Utilize freshly built images - * Cirrus: Install golang 1.14 on Ubuntu - * Cirrus: Add python packages to images - * Make `search --no-trunc` work for podman remote - * API: Fix 'podman image search` missing description - * Add test case for description being present in search result - * Fix close fds of exec --preserve-fds - * volumes: do not recurse when chowning - * Handle single character images - * rootless: add a check for the host id included in the range - * fix swapped mem_usage/percent fields - * rootless: child exits immediately on userns errors - * rootless: do not ignore errors if mappings are specified - * add {{.RunningFor}} placeholder in ps --format - * fix close fds of run --preserve-fds - * fix podman system df format error - * Ensure that 'rmi --force' evicts Podman containers - * System tests: new system-df and passwd tests - * Binding the same container port to >1 host port is OK - * Return NamesHistory when returning remote images - * Don't crash when giving bogus format commands - * bindings: skip flaky pause/unpause test - * logformatter: more libpod-podman fallout - * [CI:DOCS] apiv2 fix volumes not inculded field - * Fix `podman image search` missing description - * Specifying --ipc=host --pid=host is broken - * Fix building from http or '-' options - * System tests: add environment, volume tests - * Add podman image mount - * Switch all references to github.com/containers/libpod -> podman - * compat/info.go: TrimPrefix(CGroupsVersion, "v") - * Bump github.com/rootless-containers/rootlesskit from 0.9.5 to 0.10.0 - * add newline to output in error message - * Cleanup handling of podman mount/unmount - * Corrects typo in the name of the Linux package shadow-utils. - * When chowning we should not follow symbolic link - * Update transfer doc - * test/apiv2: add a simple events test - * API events: fix parsing error - * CI - various fixes - * Remove 'experimental' from API doc - * replace the html/template package with text/template - * update configuration for rootless podman - * Fix exit code example in podman-run.1.md - * Make changes to /etc/passwd on disk for non-read only - * Update release notes and README on master for v2.0.3 - * Update system.rst - * The `podman start --attach` command should not print ID - * Refactor container config - * Fix typos on documentation 'What is Podman' page - * CI: fix rootless permission error - * Bump github.com/containers/common from 0.17.0 to 0.18.0 - * [WIP] Refactor podman system connection - * Publish IP from YAML (podman play kube) - * Turn on a bunch more remote tests - * logformatter: handle podman-remote - * Cirrus: Switch to freshly built image - * Cirrus: Add packages that provide htpasswd - * Cirrus: Ensure GOPATH is properly set during image-builds - * CI: attempt to fix flake in login test - * Support default profile for apparmor - * Bump github.com/containers/storage from 1.21.1 to 1.21.2 - * Bump github.com/containers/common from 0.16.0 to 0.17.0 - * Enable a bunch of remote tests - * Enable --remote flag - * Add --umask flag for create, run - * fix play kube doesn't override dockerfile ENTRYPOINT - * Do not print an error message on non-0 exec exit code - * Document proxy env var precedence - * BATS help-message test: improve diagnostics - * Add noop function disable-content-trust - * Fix Generate API title/description - * docs: Clarify how env var overriding works - * Update the README to reflect the libpod move - * make localunit: record coverage - * unit tests: root check - * docs: Fix formatting mistake - * logformatter: update MAGIC BLOB string - * Switch references from libpod.conf to containers.conf - * BATS tests: more resilient remove_same_dev_warning - * Add support for overlay volume mounts in podman. - * Re-enable a generate kube test that failed on Ubuntu - * events endpoint: backwards compat to old type - * podman.service: set type to simple - * podman.service: set doc to podman-system-service - * podman.service: use default registries.conf - * podman.service: use default killmode - * podman.service: remove stop timeout - * events endpoint: fix panic and race condition - * systemd: symlink user->system - * fix: system df error when an image has no name - * document CAP_SYS_ADMIN required for systemd PrivateNetwork - * Cleanup nix derivation for static builds - * Used reference package with errors for parsing tag - * abi: set default umask and rlimits - * docs: document the new slirp4netns options - * network, slirp4netns: add option to allow host loopback - * libpod: pass down network options - * The compat create endpoint should 404 on no such image - * Bump github.com/containers/common from 0.15.2 to 0.16.0 - * Bump k8s.io/api from 0.18.5 to 0.18.6 - * Bump k8s.io/apimachinery from 0.18.5 to 0.18.6 - * Bump github.com/containers/conmon - * vendor golang.org/x/text@v0.3.3 - * Fix `podman system connection` panic - * Preserve passwd on container restart - * Fix & add notes regarding problematic language in codebase - * Error on rootless mac and ip addresses - * allow switching of port-forward approaches in rootless/using slirp4netns - * Fix "Error: unrecognized protocol \"TCP\" in port mapping" - * APIv2 tests: fix race condition causing CI flake - * system tests: check for masked-device leaks - * system tests: new tests for run, exec - * Bump github.com/uber/jaeger-client-go - * Bump github.com/containers/storage from 1.21.0 to 1.21.1 - * Fix lint - * Add SystemdMode to inspect for containers - * play-kube: add suport for "IfNotPresent" pull type - * Mask out /sys/dev to prevent information leak from the host - * Fix handling of entrypoint - * docs: user namespace can't be shared in pods - * When determining systemd mode, use full command - * Populate remaining unused fields in `pod inspect` - * Include infra container information in `pod inspect` - * [CI:DOCS]Do not copy policy.json into gating image - * Fix systemd pid 1 test - * Remove outdated seccomp policy - * Correctly print STDOUT on non-terminal remote exec - * Pids-limit should only be set if the user set it - * Don't setup AppArmor provile for privileged pods - * Ensure sig-proxy default is propagated in start - * Fix container and pod create commands for remote create - * version/info: format: allow more json variants - * Bump github.com/containers/storage from 1.20.2 to 1.21.0 - * Fix: Correct connection counters for hijacked connections - * Fix: Hijacking v2 endpoints to follow rfc 7230 semantics - * Remove hijacked connections from active connections list - * Remove all instances of named return "err" from Libpod - * Vendor in new version of Buildah - * Remove dependency on github.com/opencontainers/libpod/configs - * logs: enable e2e tests - * log API: add context to allow for cancelling - * Fix saving in oci format - * APIv2:fix: Get volumes from `Binds` when creating - * fix API: Create container with an invalid configuration - * Update release notes on Master for v2.0.2 - * Minor: Remove two inaccurate comments - * Cirrus: Rotate keys post repo. rename - * fix race condition in `libpod.GetEvents(...)` - * Add username to /etc/passwd inside of container if --userns keep-id - * Add support for Filter query parameter to list images api - * Disable mount tests as rootless - * Change buildtag for remoteclient to remote for testing - * BATS system tests for new sdnotify - * Implement --sdnotify cmdline option to control sd-notify behavior - * Fix bug where `podman mount` didn't error as rootless - * move go module to v2 - * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 - * auto-update: clarify systemd-unit requirements - * podman ps truncate the command - * Set engine env from common config - * Fix issue #6803 Container inspect endpoint returns null for NetworkSettings/Ports - * Bump imagebuilder to v1.1.6 in upstream - * Add --tz flag to create, run - * Print errors from individual containers in pods - * stop podman service in e2e tests - * Fix `system service` panic from early hangup in events - * Bump github.com/opentracing/opentracing-go from 1.1.0 to 1.2.0 - * APIv2:fix: Handle docker volume force as expected - * APIv2: Add docker compatible volume endpoints - * Bump k8s.io/api from 0.18.4 to 0.18.5 - * test.apiv2: add testing for container initializing - * Bump github.com/containers/common from 0.14.3 to 0.15.1 - * Created timestamp returned by imagelist should be in unix format - * APIv2 tests: usability: better test logging - * docs: recommend alternatives to podman inspect - * utils: fix parsing of cgroup with : in the name - * Bump k8s.io/apimachinery from 0.18.4 to 0.18.5 - * Set TMPDIR to /var/tmp by default if not set - * fix: Don't override entrypoint if it's `nil` - * Add a note on the APIs supported by `system service` - * test: add tests for --user and volumes - * container: move volume chown after spec generation - * libpod: volume copyup honors namespace mappings - * Set console mode for windows - * systemd system test: run auto-update - * Allow empty host port in --publish flag - * Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil - * Fixes --remote flag issues - * Ensure umask is set appropriately for 'system service' - * system tests: add pod, inspect testing - * specgen: fix order for setting rlimits - * Revert sending --remote flag to containers - * vendor github.com/containers/common@v0.14.3 - * podman: add new cgroup mode split - * systemd generate: allow manual restart of container units in pods - * e2e inspect: HostConfig.SecurityOpt - * generate systemd: improve pod-flags filter - * Print port mappings in `ps` for ctrs sharing network - * Fix python dockerpy tests - * Add support for dangling filter to volumes - * Friendly amendment for pr 6751 - * Set syslog for exit commands on log-level=debug - * Add containers.conf default file for windows and MAC Installs - * Docs: consistency between man / --help - * utils: drop default mapping when running uid!=0 - * podman run/create: support all transports - * Fix inspect to display multiple label: changes - * podman untag: error if tag doesn't exist - * Set stop signal to 15 when not explicitly set - * libpod: specify mappings to the storage - * APIv2: Return `StatusCreated` from volume creation - * APIv2:fix: Remove `/json` from compat network EPs - * Fix ssh-agent support - * APIv2:doc: Fix swagger doc to refer to volumes - * BATS tests: new too-many-arguments test - * Reformat inspect network settings - * Add podman network to bash command completions - * Fix typo in manpage for `podman auto update`. - * Add tests for --privileged with other flags - * Add JSON output field for ps - * V2 podman system connection - * wip - * system tests: invoke with abs path to podman - * image load: no args required - * system tests: new rm, build tests - * Fix conflicts between privileged and other flags - * Re-add PODMAN_USERNS environment variable - * libpod/containers/json: alias last -> limit - * Bump required go version to 1.13 - * Makefile: allow customizable GO_BUILD - * Add explicit command to alpine container in test case. - * "pod" was being truncated to "po" in the names of the generated systemd unit files. - * Use POLL_DURATION for timer - * rootless_linux: improve error message - * Stop following logs using timers - * Add container name to the /etc/hosts within the container - * Update release notes for v2.0.0 - * Update README to reflect that v2.0.0 has been released - * Bump master to v2.1.0-dev following release of v2.0 - * Fixes #6670 - * Correct logic for demux'ing channels - * Account for non-default port number in image name - * correct the absolute path of `rm` executable - * Poll on events for file reading - * Add --preservefds to podman run - * podman images --format json: pretty print - * Fix podman build handling of --http-proxy flag - * search: allow wildcards - * CI: force registry:2.6 - * Fix remote docs - * Allow recursive dependency start with Init() - * Bump k8s.io/apimachinery from 0.18.3 to 0.18.4 - * unflake rmi tests - * Bump k8s.io/api from 0.18.3 to 0.18.4 - * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 - * Podman system service is no longer experimental - * Handle dropping capabilties correctly when running as non root user - * Don't ignore --user flag in rootless --userns keepid - * Bump to v2.0.0-dev - * Makefile: install.varlink needs to create dirs - * Do not share container log driver for exec - -- Changelog for v2.0.0-rc7 (2020-06-17) - * Bump Buildah to v1.15.0 - * Move logs functionality to separate file for APIv2 - * generate systemd: `ExecStopPost` for all units - * Revert #6591 to fix issue with failed tests - * vendor github.com/containers/image/v5@v5.5.1 - * Add support for the unless-stopped restart policy - * fix misc remote build issues - * "streaming output" logs test: fix flake - * Fix handling of old oci hooks - * [CI:DOCS] Fixes #6548 - * Re-add resource limit warnings to Specgen - * Add <return> to lines returen in podman-remote logs - * Vendor containers/common v0.14.0 - * Show Anon, GID, UID in v2 volumes - * Fix podman inspect on overlapping/missing objects - * Fix --init and --init-path - * Fix podman-remote images - * Revert "Change Varlink systemd unit to use `system service`" - * Bump github.com/containers/conmon - * handlers/compat: fix lint error - * auto-update: use image's arch - * APIv2 tests: Add some tests for podman pods - * Add deprecated message to varlink command - * Handle errors on attach properly - * fix podman cp can create an extra directory level - * Remove redundant break in for loop. - * Bump to v2.0.0-dev - * generate systemd: `--replace` on named containers/pods - * pod create --replace - * {create,run} --replace - * Bump github.com/uber/jaeger-client-go - * Bump github.com/onsi/ginkgo from 1.12.3 to 1.13.0 - * Adds more docker py test - * The string field of Built was missing from server - * Add some additional fields to imageinspect - * Do not print error message when container does not exist - * Changed from t.StopAtEOF() to t.Stop() and added error check - * Fix -f logs to stop when a container exits - * Add the missing return - * Fix -f logs follow with stopped container - -- Changelog for v2.0.0-rc6 (2020-06-15) - * Change Varlink systemd unit to use `system service` - * Turn on More linters - * Do not default WorkingDir to / on client side - * Reassemble filters on the server side - * Bump github.com/containers/common from 0.13.0 to 0.13.1 - * [CI:DOCS] Fix carriage returns in API v2 header - * Fix missing code during in_podman build - * update document login see config.json as valid - * [CI:DOCS] Add quick start directions to APIv2 Dock - * Fix builds for RDO - * podman: create scope only if --cgroup-manager=systemd - * libpod: fix check for slirp4netns netns - * e2e: sanity check --infra-conmon-pidfile - * generate systemd: wrap pod/ctr lookup errors - * docs: create/run fix --pod-id-file description - * generate systemd: create pod template - * generate systemd: refactor - * add (*Pod).CreateCommand() - * generate systemd: rename source files - * generate systemd: rephrase lookup error - * pod create: add `--infra-conmon-pidfile` - * generate systemd: rename "cid" to "ctr-id" - * container-{create,run}: add `--pod-id-file` - * podman-pod{rm,start,stop}: support --pod-id-file - * systemd/generate: remove unused infra container field - * pod config: add a `CreateCommand` field - * Fixed bug where 'podman log <container>' would truncate some lines. - * Enable IPv6 port binding - * Bump to v2.0.0-dev - * container: do not set hostname when joining uts - * container: make resolv.conf and hosts accessible in userns - * WIP: Enable (and disable) remote testing - * fix api fails with 'strconv.ParseUint: parsing "tcp": invalid syntax' - * Fix play kube report printing when no containers are created - * Fix missing doc for field in PlayKubePod - * Update comment related to seccomp profiles in play kube - * Consistent Yaml convention througout play kube tests - * Fix podman generate tests that relied on play kube - * Add tests for Deployment Kind and minor fix for play kube output - * Fix existing tests - * Modify PlayKubeReport to preserve pod->container mapping - * supporting k8s Deployment objects - -- Changelog for v2.0.0-rc5 (2020-06-10) - * Fix Id->ID where possible for lint - * Fixup issues found by golint - * podman-events: clarify streaming behaviour - * Cirrus: Include packages for containers/conmon CI - * Ensure signal validation happens first in pod kill - * Bump github.com/json-iterator/go from 1.1.9 to 1.1.10 - * Bump github.com/containers/common from 0.12.0 to 0.13.0 - * Improve swagger+CORS metadata docs - * Ensure Conmon is alive before waiting for exit file - * Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 - * e2e: disable checkpoint test on Ubuntu - * force bats version to v1.1.0 - * Enable Ubuntu tests in CI - * Modify py test to start stop system service for each test - * Add parallel operation to `podman stop` - * Fix handling of systemd. - * Add parallel execution code for container operations - * Fix handling of ThrottleWriteIOPSDevice - * Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0 - * Strip defaults from namespace flags - * Ensure that containers in pods properly set hostname - * Adds docker py regression test. - * Turn on the podman-commands script to verify man pages - * Attempt to turn on special_testing_in_podman tests - * Bump to v2.0.0-dev - -- Changelog for v2.0.0-rc4 (2020-06-04) - * /images/.../json: fix port parsing - * BATS and APIv2: more tests and tweaks - * Vendor in container/storage v1.20.2 - * add socket information to podman info - * Namespace fields were set with bogus values - * When stopping containers locally, ensure cleanup runs - * Remove use of ABISupport buildtag - * fix remote test --ignore & turn on more tests - * Ensure that image/container inspect are specialized - * turn on remote stop_test - * V2 Add support for ssh authentication methods - * Add a few CVE entries to changelog.txt - * Add more Remote tests - * RHEL8 and Centos8 don't have oci-runtime yet - * test.apiv2: add test cases for committing an image from a container - * Turn on remote rm_test --cidfile - * Properly follow linked namespace container for stats - * Fix a segfault in `podman inspect -l` w/ no containers - * Remove reference to "upcoming" RHEL 7.7 - * Bump Conmon in COPR spec - * Enable detached exec for remote - * check --user range for rootless containers - * images --no-trunc: fix ID formatting - * make env handling os dependent - * Bump github.com/containers/conmon - * Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3 - * Update vendor containers/psgo - * Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 - * Bump github.com/coreos/go-systemd/v22 from 22.0.0 to 22.1.0 - * Combine the code of dealing with 'readonly' and 'ro'. - * Add bindings for exec and enable attached remote - * Add information on detach-keys - * system tests : more tests - * Add support for format {{.Label}} - * turn on remote testing for images. podman-remote build now works. - * Add invalid value to error message - * Fix leak of empty tarball - * Update man pages for --ip with CNI networks - * [CI:DOCS] update httpd location in tutorial - * default build without `varlink` tag - * Bump to v2.0.0-dev - * compat handlers: add X-Registry-Auth header support - * Don't build code on remoteclient - * v2 copy endpoints - * Bump github.com/rootless-containers/rootlesskit from 0.9.4 to 0.9.5 - * system tests: enable skopeo REGISTRY_AUTH_FILE - -- Changelog for v2.0.0-rc3 (2020-05-29) - * Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 - * V2 verify JSON output is consistent and doesn't drift - * Vendor in containers/common v0.12.0 - * Ensure that signal names can be parsed on Windows - * fix `ps --last=N` - * test.apiv2: add testing for image and deal with API returning binary - * specgen: fix segfault - * Add streaming ability to endpoint - * Fix builds on 32 bit arches - * v2 libpod push: correct docs - * container stats: fix --no-stream race - * Add --format to pod inspect - * Add support for `readonly` option to --mount - * docs: fix typo - * V2 Fix interface nil checks - * [CI:DOCS] Tweak casing in rootless doc - * podman-registry: many unrelated fixes - * Fix Dockerfile - * Bump github.com/opencontainers/selinux from 1.5.1 to 1.5.2 - * podman-registry helper script: handle errors - * Makefile: customizable $REMOTETAGS - * add section on rootless volumes - * [CI:DOCS] Prepare image to turn on podman-commands test - * Vendor in latest containers/buildah - * Turn on Fedora testing - * [CI:DOCS] Fix readthedocs link - * [CI:DOCS]add crun to gating image - * network compatibility endpoints for API - * Add MethodNotAllowedHandler() to add in debugging - * Follow up PR to fix issues found in #6341 - * Bump to v2.0.0-dev - * [CI:DOCS]Add conmon to gating image - * Attempt to turn on build_without_cgo tests - * Attempt to turn on additional build tests - * Added new flags to 'podman generate systemd' to change the unit name prefix - * Enable rootless tests for podman remote - * V2 enable remote logs and testing - -- Changelog for v2.0.0-rc2 (2020-05-22) - * Attempt to turn on integration tests - * Removes remote system reset functionality. skip e2e test for remote. - * Attempt to turn on special_testing_endpoing tests - * Attempt to turn on varlink tests - * Attempt to turn on rpmbuild tests - * Bump github.com/containers/common from 0.11.2 to 0.11.4 - * Enables iidfile test as issue fixed now - * [CI:DOCS] Docs revamp. - * Fix podman-remote start tests - * podman version --format ... was not working - * Display human build date in podman info - * remote manifest test - * Turn on more remote tests - * v2 podman-remote build - * Fix podman-remote stop --all to handle not running containers - * Enable rmi test - * Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 - * Remove github.com/libpod/libpod from cmd/pkg/podman - * Start testing with cross compilation - * Fixes podman pod create --pod-id-file #6292 - * remote untag test - * Get proper exit code when running or starting a container. - * vendor: update seccomp/containers-golang to v0.4.1 - * Bump github.com/containers/storage from 1.19.2 to 1.20.1 - * Bump github.com/onsi/ginkgo from 1.12.0 to 1.12.2 - * Handle filters correctly for podman prune - * Fix remote handling of podman images calls - * Bump k8s.io/api from 0.18.2 to 0.18.3 - * Bump github.com/onsi/gomega from 1.10.0 to 1.10.1 - * Enable system prune test remote client - * Fix build on OS X - * Update Derivative API tutorial to reflect the HTTP API - * Turn off 'noexec' option by default for named volumes - * enable remote integration tests for init - * Add a test for detached exec - * Update manpage for `podman exec` to include detach flag - * Enable cleanup processes for detached exec - * Add ability to clean up exec sessions with cleanup - * Add CLI frontend for detached exec - * Add backend code for detached exec - * Add exit commands to exec sessions - * enable pod_create remote integration tests - * Fix remote integration for healthchecks - * Fix create_test for remote integration - * govern remote attach and start - * Test fixes for remote integration - * V2 API Version Support - * Print container state when erroring that it is improper - * system tests: more podman-pod tests - * don't skip log tests unless remote - * [CI:DOCS] Image tree endpoint should return 404 - * oci conmon: tell conmon to log container name - * add go-bindings for `hack/podman-registry` - * New tool: hack/podman-registry, manages local registry - * Testcase added for network commands - * format option added to network inspect command. - * filter option added to network ls command. - * Fix mountpont in SecretMountsWithUIDGID - * Update troubleshoot page - * v2 enable remote integration tests - * Get MAC, Windows and Linux podman-remote from latest version links. - * V2 Implement terminal handling in bindings attach - * Fix EOM for SendFile - * Bump to v2.0.0-dev - * Give `auto-update` ability to use per-container authfile specified by label. - * system tests: small fixes for rawhide+cgroups v1 - * Add HairpinMode to our CNI configs - -- Changelog for v2.0.0-rc1 (2020-05-18) - * v2endpoint remove image path correction - * Drop APIv2 resize endpoint - * Drop a debug line which could print very large messages - * v2 podman remote attach, start, and run - * Fix lint - * Remove duplicated exec handling code - * Fix lint - * Update API documentation for Inspect - * Parameters for ExecStart are body, not query - * Prune stale exec sessions on inspect - * Remove exec sessions on container restart - * Fix start order for APIv2 exec start endpoint - * Don't fail when saving exec status fails on removed ctr - * Add APIv2 handler for resizing exec sessions - * Ensure that Streams are set to defaults for HTTP attach - * Wire in endpoint for ExecStart - * Add an initial implementation of HTTP-forwarded exec - * Make convenience boxed true/false easier to use - * Use the libpod.conf cni_config_dir option for inspect and delete - * Cirrus: Refresh VM Images, Add Ubuntu 20 LTS - * Cirrus: Fix image-name hints - * Cirrus: Update Ubuntu 18 to 20 - * fix bug --format {{json.}} of events - * V2 Update attach bindings to use Readers/Writers vs chan - * Ensure that cleanup runs before we set Removing state - * Fix two coverity issues (unchecked null return) - * Fix REMOTETAGS - * Cleanup OCI runtime before storage - * Default podman.spec to use crun - * Fix checkpoint --leave-running - * Bump github.com/containers/storage from 1.19.1 to 1.19.2 - * Bump github.com/containernetworking/plugins from 0.8.5 to 0.8.6 - * Update release notes and version on master - * WIP V2 attach bindings and test - * [CI:DOCS]remove libpod.conf from spec - * enable remote image tree - * Bump github.com/containers/conmon - * Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 - * system tests: add volume tests - * cgroup: skip unified if we are using v1 - * enable podman v2 networking for remote client - * Remove libpod.conf from repo - * add podman remote system df - * vendor crio/ocicni@v0.2.0 - * test: enable networking test for rootless - * rootless: do not set pids limits with cgroupfs - * auto-update: support authfiles - * Add netgo build tag to static binary - * Adds tunnel routes for system reset. - * add port to podman remote command - * Bump github.com/containers/image/v5 from 5.4.3 to 5.4.4 - * Bump github.com/containers/common from 0.11.1 to 0.11.2 - * Some BATS cleanup: run and systemd tests - * v2podman image sign - * shm_lock_test: add nil check - * Add podman static build - * enable rootless mount tests - * spec: fix order for setting rlimits - * enable rootless integration testing - * [CI:DOCS] Add Security Policy - * V2 Impliment tunnelled podman version - * Ensure `podman inspect` output for NetworkMode is right - * Fix bug where pods would unintentionally share cgroupns - * bindings tests for container remove and inspect - * Add remaining annotations for `podman inspect` - * v2 podman unshare command - * Update the Podman readme - * v2 podman search rootless - * Fix `podman pod create --infra=false` - * default to tunnel without ABISupport tag - * abi: do not attempt to setup rootless if euid==0 - * fix pod stats flake - * set binding tests to required - * Fix handling of overridden paths from database - * Fix typo in path - * Makefile: fix a dependency issue - * Fixed typo on podman network create man - * fix and enable systemd system tests - * Bump github.com/onsi/gomega from 1.9.0 to 1.10.0 - * auto-update - * set --conmon-pidfile - * Fix parsing of --network for `podman pod create` - * Add podman-remote-static target - * podman: split env variables in env and overrides - * v2trust set and show - * container runlabel - * enable login/logut unspecified args - * [CI:DOCS] Add link to Tutorials to docs homepage - * Enables port test - * CI:DOCS: Document API docs + CORS maintenance - * Update manpages for image volumes and MAC address - * Updated heading from 5 to 6 in link. - * add {generate,play} kube - * Manifest remove, push - * Reenable systemd E2E tests - * Revert commit 016a91 already accepted. - * Updated heading from 5 to 6 in the link. - * Add small fixes for 'podman run' from diffing inspect - * manifest annotate - * Bump k8s.io/api from 0.17.4 to 0.18.2 - * Bump github.com/containers/storage from 1.19.0 to 1.19.1 - * Eliminate race condition on podman info - * v2 system subcommand - * v2 podman stats - * BATS help test: check usage string - * Rework port parsing to support --expose and -P - * [CI:DOC] Add linger to troubleshooting - * Fix errors found when comparing podman v1 --help versus V2 - * Updated the broken links for the docs. - * Updated the broken links for the docs. - * image removal: refactor part 2 - * build(deps): bump github.com/uber/jaeger-client-go - * Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 - * [CI:DOC]Use full repo name in podmanimage Dockerfiles - * Fix errors found in coverity scan - * Remove skip on containers.conf tests - * cgroupsns was not following containers.conf - * Properly handle default capabilities listed in containers.conf - * Properly handle containers.conf devices - * [CI:DOCS] Bring README.md up to date - * And system prune feature for v2. - * Fix errors found in coverity scan - * check --get-login when login - * search --limit compatible with docker - * add provided cni networks to spec gen - * fix commands without input - * System tests: help messages: check required-arg - * v2networking enable commands - * V2 Commands that require ParentNS (rootful) are report error - * Cirrus: Utilize new cache images - * Cirrus: Utilize new base images - * cirrus: Update to Fedora 32 proper - * Enable prune integration test. Fixes container prune. - * test: enable start tests - * podman, start: propagate back the raw input - * test: enable remaining run tests - * test: enable entrypoint tests - * test: enable create tests - * cmd, podman: do not override entrypoint if unset - * cmd, podman: use String instead of variable+StringVar - * cmd, podman: handle --pod new:POD - * create: propagate override-arch and override-os - * testv2: enable attach test - * V2 enable ps tests - * enable final system test - * V2 restore podman -v command - * V2 Restore images list tests - * enable search tests - * pull/search options: tls verify -> skip - * test: enable cp tests - * login system test: enable "push ok" - * enable the push e2e tests - * push: fix --tls-verify - * push: simplify cmd - * rootlessport: use two different channels - * specgen: honor slirp4netns - * rootless: move ns open before fork - * push: fix push with one argument - * enable inspect tests - * generate systemd - * Update release notes and README for 1.9.1 release - * Update podmanimage files to adjust perms on containers.conf for rootless - * User specified environment happen after other environments are set - * system tests must pass - * Fixes podman save fails when specifying an image using a digest #5234 - * Fix typos in rm messages - * check image media/manifest type for healthchecks - * test: enable exec tests - * pkg, specgen: do not hardcode user=0 in the config if not specified - * specgen: remove dead code - * cmd: set correct parent for container exec - * Set up ulimits for rootless containers. - * enable build tests - * enable volume integration tests - * separate healthcheck and container log paths - * install.md: Fix typo - * Improve Entrypoint and Command support - * Add support for volumes-from, image volumes, init - * Fix NewSpecGenerator args in pkg/bindings/test - * enable load integration tests - * test: enable all pod tests - * libpod: set hostname from joined container - * namespaces: accept pod namespace - * pkg, ps: add namespaces methods - * enable integration tests for restart - * Make podman container list == podman ps - * test: enable pod rm tests - * pkg, pods: report pod rm errors - * pkg, pods: pod rm honors --ignore - * test: enable pod restart tests - * pkg, pods: not lose pod start/restart errors - * test: enable pod stop tests - * pkg, pods: honor --ignore for pod stop - * test: enable pod create tests - * specgen: relax test to accept default network - * spec, pod: honor --dns - * spec: propagate --no-hosts to specgen - * sort .gitignore - * .gitignore: add pkg/api/swagger.yaml - * build(deps): bump github.com/rootless-containers/rootlesskit - * implement pod stats - * test: fix check for pause on cgroup v2 - * test: fix pause tests - * cmd, ps: add .Status as synonym for .State - * test: enable healthcheck tests - * podman: handle --no-healthcheck - * specgen: read healthchecks from the image - * podman: special case health-cmd none - * Enable pod inspect integration test - * Enable pod prune integration test - * enable run_restart integration tests - * enable run_ns integration tests - * enable run_signal integration tests - * Enable these tests - * Enable container inspect integration tests - * Enable pod ps integration tests - * Cleanup man pages for pull and push - * Adding system prune for podman v2 - * V2 tests: enables commit tests - * Add --os to manifest add - * containers, init: skip invalid state errors with --all - * podman: assume user namespace if there are mappings - * Do not join pod namespaces without an infra ctr - * podman: implement userns=keep-id - * Cirrus: Utilize new VM images - * Cirrus: Unify package installation - * test: enable cgroup parent tests - * podman: fix --log-opt=path=%s - * podman: fix --http-proxy - * podman: fix podman --group-add - * test: fix --host-env test - * podman: fix --cgroups=disabled - * test: enable some run_test.go tests that pass now - * podman: add support for --rootfs - * Bump github.com/containers/common from 0.9.4 to 0.9.5 - * specgen: fix error message - * create: move validate after setting default ns - * remove blank line - * set bigfilestemporarydir for pull - * Fix SELinux functions names to not be repetitive - * foo: delete spurious file - * Makefile: include -nobuild install targets - * podman: handle namespaces specified on the CLI - * specgen: do not always set shmsize - * pkg: fix shmsize error message - * Stop wrapping pull messages - * manifest create,add,inspect - * V2 Restore rmi tests - * V2 restore libpod.Shutdown() when exiting podman commands - * Turn on version.go except for -v check - * Fix podman push and podman pull to check for authfile - * Enable basic volumes support in Podmanv2 - * Move selinux labeling support from pkg/util to pkg/selinux - * Fix integration tests for untag - * Instrumentation to answer #5765 - * test rootless_storage_path from strorage.conf - * V2 Restore exists E2E tests - * Fix podman rm to have correct exit codes - * Fix v2 test podman info - * Fix handling of --cidfile on create/run - * vendor in containers/common v0.9.4 - * Handle hostname flag from client - * Add support for devices from command line - * Fix handling of CGroupsParent and CGroupsMode - * Throw error on IPv6 ip addresses - * Force integration tests to pass - * Modify namespace generation code for specgen - * Bump to github.com/containers/common to v0.9.2 - * my bad - * Provide a json variable pointing to a configured json API - * podmanv2 cp - * gate/README.md Fix link to .cirrus.yml and reword - * add entrypoint from image where needed - * Makefile: fix broken chcon for podman-remote - * podmanv2 container subcommands - * v2podman port - * v2: implement log{in,out} - * Move Fedora dependencies for building podman into separate file - * v2, podman: plug --userns=auto - * podman: do not set empty cgroup limit blocks - * Handle annotations passed in via the client - * Need to set the Entrypoint - * Fix podman inspect to return errors on failure - * pkg: implement rlimits - * podman rmi: refactor logic - * Add support for containers.conf to podmanimages - * Update podman to use containers.conf - * Fix podman inspect to accept -l and -s fields - * Handle Linux Capabilities correctly - * Add functions to return image informations - * V2 Rmove existing unix domain socket on startup - * Cirrus: Add support for Fedora 32 - * Cirrus: More Ubuntu 19 + Fedora 31 - * V2 podman image tree - * V2 Fix --latest for podman diff commands - * rootless: move join namespace inside child process - * rootless: skip looking up parent user ns - * common: setting cgroup resources correctly - * Update pod inspect report to hold current pod status. - * Pull images when doing podman create - * Return labes in API (fixes #5882) - * Make `find` ignore dot files - * Cleanup network option parsing - * enable integration testing - * V2 Fix support for tcp://[::]<port> connections - * Add pod prune for api v2. - * We were not handling the user option on create - * Fixes for system tests - * Enable some testing - * Log formatter: add BATS summary line - * Bump github.com/containers/psgo from 1.4.0 to 1.5.0 - * podmanV2: implement build - * Fix bug where two configurations had been created - * Podman V2 birth - * V2 Enable rootless - * Add SELinux volume information to troubleshoot.md - * podman v2 remove bloat v2 - * allow filters to work when listing containers - * Update podman-generate-systemd man page - * .gitignore: ignore v2 remote - * Bump github.com/containers/common from 0.9.0 to 0.9.1 - * Add version to podman info command - * Add basic structure of output for APIv2 pod inspect - * v2 bloat pruning phase 2 - * Add support for selecting kvm and systemd labels - * Fix up SELinux labeling - * podmanv2 fix runtime assignment - * Cirrus: Fix gate container build failure - * logformat: handle apiv2 results, add anchor links - * Update README to reflect that latest version is v1.9.0 - * Ability to prune container in api V2 - * Bump to v2.0.0-dev - * podmanv2 events - * test case added for image prune cache image - * note for skipping cache image added. - * image prune skips images with child images. - * swagger-check: new CI tool to cross-check swagger - * auto update: skip non-image policies - * build(deps): bump github.com/containers/common from 0.8.1 to 0.9.0 - * logformat: handle apiv2 results, add anchor links - * If possible use the pod name when creating a network - -- Changelog for v1.9.0 (2020-04-15) - * podmanV2: fix nil deref - * v2specgen prune libpod - * More system test fixes on regressions - * Add support for the global flags and config files - * Bump to v1.9.0-dev - -- Changelog for v1.9.0-rc2 (2020-04-14) - * Update release notes for v1.9.0-RC2 - * v2podman ps revert structure changes - * podmanv2 mount and umount - * Fix invalid container path comparison for pid cgroup - * v2podman add container init - * Need to set security options even if user does not specify options - * podmanv2 version format variable name change - * Fixes for load and other system tests - * Improve APIv2 support for Attach - * Refactor service idle support - * podmanv2 history and image remove templates - * Bump to v1.9.0-dev - * rootless: use snprintf - * podmanV2: implement search - -- Changelog for v1.9.0-rc1 (2020-04-13) - * build(deps): bump github.com/containers/buildah from 1.14.7 to 1.14.8 - * Update release notes for v1.9.0-RC1 - * v2podman container cleanup - * podmanV2: implement logs - * test: enable preserve fds test for crun - * test: fix exec preserve-fds test - * Set exit codes on errors. - * Run (make vendor) - * Fix (make vendor) - * update the latest version to 1.8.2 - * add tests for kill and exists - * v2podman ps alter formats - * run/create were processing options after the image name - * V2 podman system service - * man page: add note about issue with SELinux - * Bump Buildah to v1.14.7 - * Bump containers/image to v5.4.3 - * V2 podman diff(changes) support - * podman info needs to be run within the user namespace - * podmanv2 images user format - * podmanv2 info - * vendor c/image v5.4.2 - * Do not error on pids.current stats if ctr.path is empty - * fix rootless login/logout tests - * v2podman run - * refactor info - * podmanv2 ps - * userns: support --userns=auto - * podmanv2 start - * build(deps): bump github.com/containers/common from 0.8.0 to 0.8.1 - * build(deps): bump github.com/containers/storage from 1.18.1 to 1.18.2 - * build(deps): bump github.com/opencontainers/selinux from 1.4.0 to 1.5.0 - * v2podman attach and exec - * v2podman container create - * Cleanup whether to enter user namespace for rootless commands - * podmanv2 save image - * podmanv2 version - * checkpoint: handle XDG_RUNTIME_DIR - * checkpoint: change runtime checkpoint support test - * Pass path environment down to the OCI runtime - * podmanv2 checkpoint and restore - * Bump github.com/containers/common from 0.6.1 to 0.8.0 - * test/e2e/run_volume_test: use unique mount point - * test/e2e/run_volume_test.go: mv dockerfile decl - * test/e2e/run_volume_test: only create dir once - * Fix environment handling from containers.conf - * podmanV2: implement push - * pkg/spec.InitFSMounts: optimize - * utils: delete dead code - * attach: skip shutdown on errors - * attach: fix hang if control path is deleted - * pkg/spec.InitFSMounts: fix mount opts in place - * podmanv2 export - * podmanv2 import - * podmanv2-retry - new helper for testing v2 - * podmanv2 load - * podmanv2 pod inspect - * V2 podman inspect - * Fix repos for CentOS 7 RPM build - * podman v2 image tag and untag - * podmanv2 pod ps - * Touch up mailing list address in README.md - * add systemd build tag to podman builds - * Bump github.com/rootless-containers/rootlesskit from 0.9.2 to 0.9.3 - * Switch to using --time as opposed to --timeout to better match Docker. - * podmanV2: implement pull - * pkg/spec/initFSMounts: fix - * Cirrus: Remove darwin/windows builds in gate-job - * Cirrus: Update VM Images - * Cirrus: Minor docs update - * Revert "Default CPUShares in Inspect are 1024" - * fix more swagger inconsistencies - * V2 Move varlink home - * Bump github.com/containers/conmon - * Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 - * rootless: make cgroup ownership detection not fatal - * podmanv2 enable healthcheck run - * Update vendor of boltdb and containers/image - * swagger: top: remove "Docker" from the identifiers - * podmanv2: implement pod top - * v2 api: implement pods top endpoint - * podmanv2 commit - * Bump to buildah v1.14.5 (Edit 2020-06-03: Addresses CVE-2020-10696) - * Add support for containers.conf - * API v2 tests: usability improvements - * Sanitize port parsing for pods in play kube - * podmanv2 pod create using podspecgen - * use `pause:3.2` image for infra containers - * Add support for specifying CNI networks in podman play kube - * Fix typo in pod create - * podmanV2: implement top - * Fix Markdown typo in podman-create.1.md - * V2 podman image prune - * Support label filters for podman pod ps. - * podmanv2 container inspect - * podmanv2 pod subcommands - * Add bindings for Container Exec Create + Inspect - * apiv2 add default network in specgen - * slirp: enable seccomp filter - * V2 podman image rm | podman rmi [IMAGE] - * V2 podman image - * podmanv2 add pre-run to each commmand - * Ensure that exec sends resize events - * enable linting on v2 - * Bump github.com/rootless-containers/rootlesskit from 0.8.0 to 0.9.2 - * Bump github.com/containers/storage from 1.16.5 to 1.16.6 - * V2 podman images/image list - * podmanv2 volumes - * Combine GlobalFlags and EngineFlags into EngineOptions - * Complete podmanV2 history command - * rootlessport: use x/sys/unix instead of syscall - * podmanv2 exit code - * Bump github.com/sirupsen/logrus from 1.4.2 to 1.5.0 - * Correctly document libpod commit endpoint - * Implement APIv2 Exec Create and Inspect Endpoints - * apiv2 container commit for libpod - * Add image signing with GPG tutorial - * podmanv2 add core container commands - * Improved readability in image json output - * podmanv2 volume create - * Add stubs for cmd/podman in non-Linux local mode - * Make libpod/lock/shm completely Linux-only - * Add stubs for pkg/adapter/terminal_linux.go - * Add a stub for libpod.Container.Top - * Make cmd/podman/shared.GenerateCommand tests Linux-only - * Fix the libpod.LabelVolumePath stub - * Only run TestGetImageConfigStopSignal on Linux - * Fix the pkg/specgen/SpecGenerator.getSeccompConfig stub - * podmanv2 pod exists - * when removing networks for tests, force should be used - * Add basic structure of a spec generator for pods - * [CI:DOCS]fix type issue in pod binding test - * podmanv2 enable remote wait - * fix remote connection use of context - * use boolreport for containerexists response - * podmanv2 container exists|wait - * Add APIV2 service files - * Attempt manual removal of CNI IP allocations on refresh - * Implemented --iidfile for podman commit - * Add guildline for writing podman V2 CLI commands - * Use creds form PullImage remote - * Fix docker man page links - * Bump to v1.8.3-dev - * [CI:DOCS]remove podmanv2 binary - * Cirrus: Update VM images - * Cirrus-CI: Fix source path of vendor task - * Cirrus: Enable future installing buildah packages - * Cirrus: Include packages for buildah CI - * Cirrus: Update Ubuntu base images - * Cirrus: Use opensuse open build Ubuntu packages - * Update release notes for v1.8.2 final release - * rootlessport: handle SIGPIPE - * apiv2 add bindings for logs|events - * Bump github.com/containers/common from 0.5.0 to 0.6.1 - * Add inspect for exec sessions - * Add structure for new exec session tracking to DB - * Populate ExecSession with all required fields - * Fix path of tmp_dir - * Cirrus: Disable non-docs release processing - * container prune remove state created, configured - * Cirrus: Log libseccomp package version - * docs: mention that "podman version" prints out Remote API Version - -- Changelog for v1.8.2 (2020-03-19) - * fix reported compat issues - * Don't include SUBDIR in windows.zip - * rootless: fix usage with hidepid=1 - * V2 podman command - * serve swagger when present - * swagger: more consistency fixes - * Vendor in containers/buildah v1.14.3 - * Reduce CPU usage when --timeout=0 - * New test: man page cross-ref against --help - * podman: avoid conmon zombie on exec - * Filter pods through pod list api - * Bump to v1.8.2-dev - * Fix vendoring on master - * fix timeout file flake - * auto updates - * pkg/systemd: add dbus support - -- Changelog for v1.8.2-rc1 (2020-03-17) - * Update release notes for v1.8.2-rc1 - * Fix vendoring on master - * Update containers/storage to v1.16.5 - * config: make warning clearer - * Four small CI fixes: - * fix systemd generate tests - * apiv2 addition of manifests - * add os|arch attributes when building - * Missing double quotes in troubleshooting guide. - * force run container detached if container CreateCommand missing the detach param - * Bump github.com/containers/common from 0.4.2 to 0.5.0 - * Bump k8s.io/api from 0.17.3 to 0.17.4 - * Bump github.com/fsnotify/fsnotify from 1.4.7 to 1.4.9 - * eat signal 23 in signal proxy - * add apiv2 healthcheck code - * turn off color-mode for bindings - * remove imagefilter for varlink remote client - * Bump github.com/containers/storage from 1.16.2 to 1.16.3 - * run --rmi test: make it work - * rootlessport: detect rootless-child exit - * create: do not calculate image size - * Follow up changes from #5244 - * man page cross-reference fixes: part 2 - * Update version in README to v1.8.1 - * [CI:DOCS]Add libpod event endpoint - * Bump to v1.8.2-dev - * Update start stop api to use pod status function. - * Fix bug podman reset to not remove $XDG_RUNTIME_DIR - -- Changelog for v1.8.1 (2020-03-11) - * man pages: fix inconsistencies - * Update release notes for v1.8.1 final release - * build for amd64|arm|ppc64le - * update systemd & dbus dependencies - * Refactor handler packages - * Remove nonexistent --set arg from runlabel documentation - * hide --trace flag - * podman --help: mention defaults of bools - * docs: clarify that --syslog expects an argument - * Bump to v1.8.1-dev - * commands: rename file and add likns to readthedocs - -- Changelog for v1.8.1-rc4 (2020-03-09) - * Revert "exec: get the exit code from sync pipe instead of file" - * Revert "Exec: use ErrorConmonRead" - * Revert "exec: fix error code when conmon fails" - * rootles tutorial: remove systemd unit example - * generate systemd: add `default.target` to INSTALL - * Bump github.com/containers/storage from 1.16.1 to 1.16.2 - * use storage/pkg/ioutils - * use storage/pkg/homedir - * Fix spelling mistakes in code found by codespell - * add default network for apiv2 create - * Bump to v1.8.1-dev - * Allow users to set TMPDIR environment - * Fix upstream dockerfile and add 'by hand' ctrfile - * Cirrus: Fix fedora-minimal mirroring - * fix security-opt generate kube - -- Changelog for v1.8.1-rc3 (2020-03-06) - * Update release notes for v1.8.1-RC3 - * Part 2: try to clean up the long image instance names - * WIP: Try renaming long cirrus job names - * vendor: update github.com/containernetworking/cni to v0.7.2-0.20200304161608-4fae32b84921 - * Removed extraneous comments and defaults plus amended variable declaration - * Removed the unnecessary code - * Implemented size parameter on GetContainer - * Implement size parameter on ListContainers - * Map configured status to created to match docker API states - * Fix to remove null entry from end of images json - * Register handlers without version to align with docker API - * golangci: enable goimports - * generate systemd: remove leading slashes - * exec: fix error code when conmon fails - * Vendor buildah 1.14.2 - * env: don't set "container" env - * Fix podman image sign help output - * avoid adding to nil map - * Exec: use ErrorConmonRead - * exec: get the exit code from sync pipe instead of file - * generate systemd: add network dependencies - * Bump to Buildah v1.14.1 - * APIv2 tests: add tests for stop - * Add the rmi flag to podman-run to delete container image - * consolidate env handling into pkg/env - * CI: format cirrus logs - * Update docs/source/markdown/podman-build.1.md - * Allow devs to set labels in container images for default capabilities. - * CI: add API v2 tests - * more swagger fixes - * Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3 - * Add validate() for containers - * Cirrus: Fix gate image & false-positive exits - * Update pod bindings and Add test to validate prune pod apiv2 binding. - * Fix wrong condition in bindings test - * Ensure that exec sessions inherit supplemental groups - * Cirrus: Update VM images - * Cirrus: Force runc use in F30 - * rework apiv2 wait endpoint|binding - * build: specify input fd to buildah - * Cirrus: Remove unnecessary handle_crun workaround - * Cirrus: Print env. vars at end of setup. - * Cirrus: Fix not growing Fedora root - * network create should use firewall plugin - * add firewall plugin (no backend) to default cni config - * binding tests for volumes - * Bump to v1.8.1-dev - * container Exists: fix URL - * CI: package_versions: include hostinfo, kernel - * Review comments - * [WIP] Add cmd flag to show container name in log - -- Changelog for v1.8.1-rc2 (2020-02-27) - * Update release notes for v1.8.1-rc2 - * Vendor in latest containers/buildah - * kill test: clean up warnings; document better - * curb flakes in integration tests - * spec: allow container alias name in lookup - * add epoch for specfile - * fix trivial typo - * Add support for multiple CNI networks in podman inspect - * Remove 1 sec delay - * Temp. skip "remove pause by id" bindings test - * Fix kill test obtaining CID - * System Tests: Force default signal handlers - * Fix cgroupsv2 run test, unexpected output - * Cirrus: SELinux Enforcing for F31 w/ CGv2 - * Cirrus: collect podman system info - * Cirrus: F31: Force systemd cgroup mgr - * Cirrus: Temp. disable F31 p-in-p testing - * Cirrus: Handle runc->crun when both are possible - * Cirrus: Use deadline elevator in F31 - * Cirrus: Support testing with F31 - * rootless: become root only if the pause file is specified - * rootless: fix segfault when open fd >= FD_SETSIZE - * apiv2 tests: add more pod tests, timing check - * Update vendor of buildah and containers/common - * build: move initialization after SetXdgDirs - * utils: relax check for directory to use - * add apiv2 tests for podman pause and stop - * always run the docs task on post-merge - * Fixed build_rpm.sh script for Fedora 30 - * Add basic deadlock detection for container start/remove - * Friendly amendment: tests, and a help message - * fix port list by container with port - * more image binding tests - * docs: symlink to host device is resolved - * Add --no-healthcheck command to create/run - * enable ci on go binding tests - * add more image tests for go bindings - * Bump to v1.8.1-dev - * build(deps): bump github.com/opencontainers/selinux from 1.3.1 to 1.3.2 - -- Changelog for v1.8.1-rc1 (2020-02-21) - * Update release notes for v1.8.1 - * disable generation of cni firewall plugin - * search endpoint failure correction - * Remove ImageVolumes from database - * Upgrade make package-install for fedora31 - * Flake fix: race condition in same-IP test - * Add support for ssh:// and unix:// podman clients - * search test on fedora registry: retry 5 times - * Swagger: yet more fixes - * Login test: use --password-stdin - * implement reverse reader for log reads - * podman images: add --filter=since=XX - * populate resolv.conf with dnsname responses when in usernamespace - * Beautify podman bridge CNI config - * build(deps): bump github.com/spf13/cobra from 0.0.5 to 0.0.6 - * Warn user about --password cli option in login - * build(deps): bump github.com/stretchr/testify from 1.5.0 to 1.5.1 - * Swagger: fix one incorrect comment - * apiv2 container create using specgen - * Add test to validate the pod bindings api - * Update to the latest version of buildah - * New login and push tests - * Add network options to podman pod create - * Fixed syscall.Signal not convertable by decoder - * Fixed typo in KillContainer - * build(deps): bump github.com/containers/storage from 1.15.8 to 1.16.0 - * build(deps): bump github.com/stretchr/testify from 1.4.0 to 1.5.0 - * libpod.conf: clarify `label` description - * set process labels in pkg/spec - * libpod/config: use built-in TOML instead of manually merging - * Fixed CreateImageFromImage not respecting supplied Tag parameter - * Add installation of pre-commit to Makefile - * fix mandatory parameter in login/logout - * adds missing query struct tags and exports the fields - * Swagger: fix inconsistencies (try #2) - * Update mux rules to allow slashes in image names - * rootless: fix a regression when using -d - * Misc typo fixes - * Use cleaned destination path for indexing image volumes - * Add ability for pods to use the host network - * stats: Expose CPU usage in API - * rootless: check if the conmon process is valid - * apiv2: Fixup /containers/json filters documentation - * apiv2: Enable filtering images by ID - * Fix handler and systemd activation errors - * podman-ps: support image IDs - * Refactor image tree for API usage - * Update documentation of commit command to show image reference is optional - * Rework label parsing - * add caching for binding tests - * apiv2 libpod container logs - * add pkg/signal - * add pkg/capabilities - * build(deps): bump github.com/rootless-containers/rootlesskit - * Fix SELinux labels of volumes - * podman(1): fixes - * fix bug "" disable detach keys - * Fixed a bug about bash automatically complete - * Enhance fuse-overlayfs instructions. - * README: fix docs links - * Fix up play kube to use image data - * build(deps): bump k8s.io/api from 0.17.2 to 0.17.3 - * Only set --all when a status filter is given to ps - * use quay.io/libpod/fedora-minimal for reliability - * filtering behavior correction - * support device-cgroup-rule - * rootlessport: drop Pdeathsig in favor of Kill - * rootlessport: fix potential hang - * add pkg/seccomp - * Do not copy up when volume is not empty (Edit 2020-06-03: Addresses CVE-2020-1726) - * api: pull: fix reference parsing - * cmd/podman/pull: refactor code - * stats: add SystemUsage - * build(deps): bump k8s.io/apimachinery from 0.17.2 to 0.17.3 - * build(deps): bump github.com/gorilla/mux from 1.7.3 to 1.7.4 - * HTTP 304 (NotModified) is not an error! - * API v2 tests: catch up to moving target - * api: fix the CPU stats reported - * apiv2 stream events - * Fix container filters - * API v2: pods: fix two incorrect return codes - * Rewire ListContainers for APIv2 libpod - * podman build -f completions - * swagger: fix /libpod/images/{import,load,pull} - * Make: s/uname -o/uname -s/ - * container create: relax os/arch checks - * replace prow images test - * Remove incorrect validation of --change for commit - * [CI:DOCS] Update Code of Conduct to Containers variant - * Add test cases to validate remove and list images api. - * images --format compatible with docker - * bash-completions: Add missing subcommands in 'podman system' - * doc: Fix examples for 'podman system service' - * v2 api: /libpod/images/import - * v2 api: /libpod/images/load - * v2 api: /libpod/images/pull - * docs: add workaround for --device with rootless containers (II) - * Fix varlink code generation target. - * Modify Runtime.getImage to return a storage.Image - * Document an aspect of newFromStorage behavior - * Introduce a Runtime.newImage constructor - * Move Image.getLocalImage to Runtime.getLocalImage - * Remove the getLocalImage() call from Image.Size - * Use Runtime.NewFromLocal instead of open-coded copies - * Trivial simplification - * Create two separate newImage instances in Runtime.New - * Call NewImageRuntimeFromStore from NewImageRuntimeFromOptions - * Update readme to 1.8.0 release - * Refactor runtime functions to pass options structure - * build(deps): bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 - * LibpodAPI.BuildImage: don't require a name for the new image - * Bump to v1.8.1-dev - * Cirrus: Never run prune on other branches - * Add dockerfile to mirror fedora-minimal - * Add /swagger/ endpoint to serve swagger yaml to clients - * Add backend code for pod network options - -- Changelog for v1.8.0 (2020-02-06) - * [CI:DOCS]update contrib systemd user - * [CI:DOCS]fix systemd files for apiv2 - * Update release notes for final release of v1.8.0 - * Move podman-service to podman-system-service - * Only modify conmon cgroup if we have running containers - * fix swagger docs and make sure docs validation runs - * Special case memory-swap=-1 - * vendor github.com/mtrmac/gpgme@v0.1.2 - * vendor github.com/containers/image/v5@v5.2.0 - * Add Containerfile location e2e test - * [CI:DOCS]addition of specgen package - * {CI:DOCS] run gofmt before lint - * build(deps): bump github.com/onsi/ginkgo from 1.11.0 to 1.12.0 - * Close tarSource when finished using it - * Force --all when --filter is passed to podman ps - * Initial implementation of a spec generator package - * Fix wrong Containerfile location on build - * Wrap error for failing ImageSize calls - * swagger: v2: libpod/images/{import,load,pull} - * seperate container create network options - * Cirrus: Fix gate task + make lint|validate - * Add a binding test to check image tag and list commands. - * Update /_ping support - * [CI:DOCS]add apiv2 endpoints for exec - * build(deps): bump github.com/containers/storage from 1.15.7 to 1.15.8 - * build(deps): bump github.com/onsi/gomega from 1.8.1 to 1.9.0 - * Tear down network when restarting containers - * Move install.md to podman.io, leave link page - * Update XML to not embed quote in PATH on windows - * Bump to v1.8.0-dev - -- Changelog for v1.8.0-rc1 (2020-01-31) - * Fix a syntax error in hack/release.sh - * Minor update to release notes - * sigproxy: return after closing the channel - * fix longname handling for bindings - * Update release notes for v1.8.0 - * compat container names begin with / - * Assure validate includes lint - * make image reference for commit optional - * adjusts install.md (Ubuntu): replaces ${NAME} with hard-encoded Ubuntu to support all *buntu flavors - * adjusts install.md (Ubuntu): registries.conf setup is now in containers-image package - * markdown: fix erroneous asterisk markup for options - * speed up Makefile - * Makefile: systemd: echo instead of warn - * Makefile: remove redundant BUILDFLAGS - * Makefile: consistent PHONY use - * Makefile: remove dead vagrant target - * Makefile: move systemd buildtag check - * rootless: enable shortcut only for podman - * test: honor TEMPDIR variable - * Cirrus: Set EPOCH_TEST_COMMIT during gate task - * Deprecate & remove IsCtrSpecific in favor of IsAnon - * apiv2 binding test fixes - * history: fix size computing - * run `varlink_generate` on Linux only - * display file name of bad cni conf - * Throw error on invalid sort value - * rootless login/logout tests fail - * Update remote client bridge documentation. - * honor pull policy in play kube - * docs: replace '~' with $HOME in markdown as '~' isn't rendered properly - * install.md: registries.conf setup in containers-image package - * [CI:DOCS]Binding overhauls - * docs: fix incomplete heading underlining in network.rst - * build(deps): bump github.com/rootless-containers/rootlesskit - * docs: add missing hyphen for '-t' option, command '$' prompts - * build(deps): bump github.com/opencontainers/selinux from 1.3.0 to 1.3.1 - * [CI:DOCS]rootless exec cannot join root namespace - * expose --arch-override option for pull - * Add link from docker.sock to podman.sock - * inspect image healthchecks - * [CI:DOCS]Add copr link to fedora install page - * Hidden remote flags can be nil - * docs: add boolean values and defaults to "man podman-history" options - * docs: remove reference to "sudo" in "podman exists" examples - * docs: fix system-prune markdown; reword for clarity - * docs: clean up "man podman-rm", "man podman-rmi" - * install.md: mention availability of OpenEmbedded recipes - * Cleanup man pages exit code descriptions - * APIv2 review corrections #3 - * camelcase: fix lint reports - * fork fatih/camelcase - * Refactor time parsing to be more liberal in accepted values - * apparmor: allow receiving of signals from 'podman kill' - * Add query parameter converters for complex types - * Review corrections pass #2 - * build(deps): bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8 - * Default CPUShares in Inspect are 1024 - * markdown: fix grammar/formatting, standardize on markdown - * build(deps): bump k8s.io/api from 0.17.0 to 0.17.2 - * build(deps): bump github.com/pkg/errors from 0.9.0 to 0.9.1 - * build(deps): bump github.com/containers/conmon - * build(deps): bump github.com/json-iterator/go from 1.1.8 to 1.1.9 - * build(deps): bump github.com/uber/jaeger-client-go - * build(deps): bump github.com/containernetworking/plugins - * seccomp policy: expect profile in config label - * build(deps): bump github.com/vishvananda/netlink from 1.0.0 to 1.1.0 - * build(deps): bump github.com/containers/storage from 1.15.5 to 1.15.7 - * Update README.md to reference latest version - * Enable swagger validation for each PR - * Fix example format in system df man - * markdown: fix formatting of commands at bottom of podman-exec - * markdown: reword 'podman-inspect' to properly explain '--size' - * correct search-and-replace error - * Update release script to not manage epoch - * markdown: remove extraneous backquote from "podman rmi" - * markdown: fix formatting/content typos in migrate man page - * Update RELEASE_NOTES for v1.7.1 - * Add service endpoint - * Cirrus: Fix logic typo - * Update build images - * Cirrus: No upload snap for docs job - * [CI:DOCS]First pass at review comments - * go.mod: fix parse error - * Use cgroupv2 super magic from golang.org/x/sys/unix - * Disable go mods on varlink builds in spec - * [CI:DOCS] Add logo and dev statement - * rootless: set C variables also on shortcut - * [CI:DOCS]static files end up in _static on rtd - * [CI:DOCS] Correct link syntax - * [CI:DOCS]Connect API docs and RTD - * post-process swagger yaml for publish - * Tests for API v2 - * Minor: Bugfix in upload image - * Update `tag` documentation regarding 'alias' usage - * update install instructions for Debian, Raspbian and Ubuntu - * oci_conmon: do not create a cgroup under systemd - * Add an API for Attach over HTTP API - * systemdgen: specify --cgroups=disabled-conmon for --new - * podman: add new option --cgroups=no-conmon - * systemdgen: add --ignore flag to generic services - * e2e/run_signal_test.go: make it more robust - * hack/install_golangci.sh: check env vars - * Remove c.String(net) - * make binaries: include service - * service: don't block sigterm - * Cirrus: remove workaround for cleaning /go/bin - * [CI:DOCS]swagger cleanup and left-hand nav - * Add APIv2 CLI example POC - * api: stats: fix typo - * api: utils: add an `IsLibpodRequest` handler - * refactor top code - * top: use a separate pipe for the error stream - * v2 api: top improvements - * v2: stats: drop redundant sleep when streaming - * v2: stats: libpod: use generic handler - * v2: stats: rigorous error checks - * v2: stats: fix errors - * v2: stats: do not ignore errors - * v2: stats: remove windows-specific fields - * make .install.golangci-lint: force specific version - * Makefile: remove gometalinter - * contrib/gate/Dockerfile: bump to F31 - * [CI:DOCS]swagger corrections - * Bump to Buildah v1.13.1 - * oci_conmon: not make accessible dirs if not needed - * Enable pre-commit tool linting - * .gitignore: ingore *.coverprofile from unit tests - * make lint: include unit tests - * .golangci.yml: move swagger.go from Makefile - * make lint: include docs/ - * make lint: include pkg/tracing - * revert accidental change from codespell pr. - * swagger documentation updates - * Do not configure CNI when slirp4netns is requested - * clarify container prune --force - * more BATS tests - * gating: clean /go/bin to install fresh tools - * make lint: enable gocritic - * linter: blacklist linters instead of whitelisting - * bump golangci-lint to 1.18.0 - * rm contrib/perftest - * remove `.tool/lint` - * docs: --privileged docs completeness, consistency - * [Makefile] Ensure .gopathok dependency is met for varlink - * Add codespell to validate spelling mistakes in code. - * libpod: fix --userns=keep-id with big UIDs - * fix e2e test failure - * Cirrus: Fix libpod base images going stale - * address review comments before merge - * [CI:DOCS]update apiv2 documentation with swagger goods - * Initial commit on compatible API - * cp: drop check for rootless - * test: fix error message - * log: support --log-opt tag= - * Fix Makefile ref libseccomp branch as a commit - * policy for seccomp-profile selection - * podman-generate-systemd --new - * shared/create.go: s/data/imageData/ - * rootlessport: honor ctr.runtime.config.TmpDir - * rootlessport: remove state dir on exit - * Usage messages: show possible option values - * Update podmanimage build process - * exec: fix pipes - * fix lint - pkg/varlinkapi/virtwriter - * fix lint - pkg/util: func comment - * fix lint - pkg/spec - * fix lint in pkg/rootless - * fix lint - pkg/network: comment exported types - * fix lint - pkg/adapter: comment exported API - * fix lint - ignore image.ImageDeleteResponse definition - * fix lint - drop else block - * fix lint: add comment for NameRegex and error - * fix lint: correct func identifier in comment - * fix lint: "guarantess" is a misspelling of "guarantees" - * rootless: use RootlessKit port forwarder - * Add `untag` sub-command - * Update demo for the inspect command - * Fix podman-remote info to show registry data - * packaging: validate installed rpms - * github stale workflow: rephrase and bump close time - * Don't show PASS on success for gitvalidate - * Bump gitvalidation epoch - * Bump to v1.7.1-dev - * play kube: make seccomp handling better conform to k8s - * fix bug copy from container directory - * Add history names to image inspect data - -- Changelog for v1.7.0 (2020-01-06) - * (minor) fix broken links to container-policy.json.5 - * Generate binaries only if they are changes in src code. - * Fix presentation of man page tables - * Bump gitvalidation epoch - * Bump to v1.7.0-dev - -- Changelog for v1.7.0-rc2 (2020-01-02) - * Update release notes with further changes from 1.7.0 - * refactor network commands - * Fix race condition in kill test leading to hang - * Ensure 'make uninstall' remove bin and conf files. - * Add the pod name when we use `podman ps -p` - * Ensure SizeRw is shown when a user does 'inspect --size -t container'. - * signal parsing - better input validation - * The --quiet flag does not conflict with templates in ps - * add struct response for removal of images - * Update containers/storage to v1.15.4 - * Update containers/storage to v1.15.4 - * zsh completion: ignore multi-line output in Flags - * build(deps): bump github.com/containers/image/v5 from 5.0.0 to 5.1.0 - * if container is not in a pid namespace, stop all processes - * update c/buildah to v1.12.0 - * Remove volumes after containers in pod remove - * libpod: drop arbitrary memory limit of 4M - * docs: add workaround for --device with rootless containers - * install.md: openSUSE dependencies - * Use systemd/sd-daemon.h headers for systemd presence - * Allow the injection of TESTFLAGS - * Remove coverprofile from the repository - * troubleshooting.md: rebased master and bumped 18 to 19 - * Fix F30-F31 migration for Podman 1.7.0 - * runtime.go: show registries data and search table - * container config: add CreateCommand - * Fixed the path of hack scripts in spec file - * runtime.go: show search table in podman info - * podman info man: example update - * podman: mirror information - * Reap exec sessions on cleanup and removal - * [Makefile] `LDFLAGS` is reserved for the GCC linker - * podman images history test - clean up - * Bump gitvalidation epoch - * Bump to v1.7.0-dev - * allow exec to read files of environment variables - * Correctly export the root file-system changes - * build(deps): bump github.com/uber/jaeger-client-go - -- Changelog for v1.7.0-rc1 (2019-12-11) - * Update release notes for 1.7.0 - * docs: update podman-{pod-,}top man pages - * build(deps): bump github.com/containers/psgo from 1.3.2 to 1.4.0 - * Update containers/storage to v1.15.3 - * move image filters under libpod/images - * Re-add Fedora 31 migration code. - * macvlan networks - * Return empty runtime directory if we're not rootless - * build(deps): bump github.com/containers/storage from 1.15.0 to 1.15.2 - * Use terminal detach keys sequence specified in the config file - * Add ONBUILD support to --change - * Move Commit() to new parsing for --change - * test for #3920 (improper caching of tarballs in build) - * Enable multi-platform rpm building - * Completely rework --change parsing - * Avoid git warnings by using detach on checkout - * Improve hack/get_release_info.sh - * Bump Buildah to v1.11.6 - * rootless: enable stats test on cgroup v2 - * Improve dnf tests inside build_rpm.sh - * libpod: fix stats for rootless pods - * rootless: add fallback for renameat2 at runtime - * Attempt to install go-md2man only if missing - * Quick grammar touchup in rootless.md - * Allow chained network namespace containers - * Ensure volumes reacquire locks on state refresh - * Ignore ErrCtrRemoved when removing a container - * Add comment on rootless containers creating device nodes - * Updates on making doc building and debug optional - * troubleshooting: warn about secure boot - * libpod: fix case for executable file not found errors - * build: improved main makefile - * build: improved prepare.sh - * Fix podman-remote version to print client and server - * man page updated with examples of filter option - * install.md: added slirp4netns dependency to ubuntu - * Add podman system reset command - * fix commands.go to get links from correct directory - * Do not initialize store on rootless podman - * filter added to container prune command - * Disable checkpointing of containers started with --rm - * Make doc building in spec optional - * Donot install btrfs in RHEL/CentOS-8 - * oci: print only matching part for the errors - * command output fixed as per docker equivalent - * Detect Python executable in Makefile - * Improved build_rpm.sh - * Add support for image name history - * Remove containers when pruning a stopped pod. - * Allow --ip and --mac to be set when joining a CNI net - * Document other bind options on --volumes flag - * podman {pod,} rm/stop: add --ignore flag - * Discard errors from Shutdown in `system renumber` - * e2e/prune: run two top containers - * build(deps): bump github.com/containers/storage from 1.13.5 to 1.14.0 - * build(deps): bump gopkg.in/yaml.v2 from 2.2.5 to 2.2.7 - * build(deps): bump github.com/pkg/profile from 1.3.0 to 1.4.0 - * document updated for filter and until options - * filter added to image pruge command. - * config: use EventsLogger=file without systemd - * Error on netns not exist only when ctr is running - * Add ContainerStateRemoving - * play kube: handle seccomp labels - * podman rm/stop --cidfile - * container-restore: Fix restore with user namespace - * Add new test suite for build - * Also delete winsz fifo - * use pause image for check all - * timestamp related functions added - * Bump to Buildah v1.11.5 - * container create: os/arch check - * history: rewrite mappings - * codespell: spelling corrections - * Cirrus: Use branch-specific container tags - * warning added before image prune command - * create a separate install target for seccomp - * Add annotations in play kube - * Add pod annotations to container - * Add missing information to podman.1 man page - * Add support for make vendor-in-container - * Split up create config handling of namespaces and security - * test: add tests for --mac-address - * mount: add new options nocopyup|copyup for tmpfs - * Bump github.com/uber/jaeger-client-go - * libpod/config: default: use `crun` on Cgroups v2 - * podman images --digest: always list a digest - * events: make sure the write channel is always closed - * Add support for RunAsUser and RunAsGroup - * cni: enable tuning plugin - * podman: add support for specifying MAC - * vendor: updated ocicni for MAC address - * Makefile: add vendor-in-container - * rootless: provide workaround for missing renameat2 - * rootless: use SYS_renameat2 instead of __NR_renameat2 - * Add Kata Containers runtimes to libpod.conf - * help message: don't parse the config for cgroup-manager default - * fix bug check nonexist authfile - * Allow users to disable detach keys - * namespaces: by default create cgroupns on cgroups v2 - * Update installation - Ubuntu. [skip ci] - * pulling unqualified reference: make sure it's a docker reference - * Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.5 - * Set SELinux labels based on the security context in the kube.yaml - * Add links to readthedocs on docs/readme - * Bump development version to 1.6.4-dev - * Bump version in README to v1.6.3 - * Add release notes for v1.6.3 - * slirp4netns: fix timeout - * docs: Update "podman container rm -v" description - * logo: correct light source reflection - * stats: fix calculation for the CPU time - * [docs] Ensure we include section 5 documentation - * [Makefile] Fix docker documentation install and generation - * Fixed the JSON go template format for the 'info' action - * runtime: Fix typo - * Update link to Commands documentation - * cgroups: read correctly the CPU stats - * [CI:DOCS] make docs only prs - * Update rootless shortcomings with cgroup V2 information - * Bump github.com/onsi/gomega from 1.7.0 to 1.7.1 - * Validate contextdir on build - * Vendor in latest containers/buildah - * Bump github.com/onsi/ginkgo from 1.10.1 to 1.10.3 - * Refactor test to prevent panic - * logs: support --tail 0 - * Update document formatting and packaging code - * Restructure documentation dir - * add libpod/config - * Switch to bufio Reader for exec streams - * container start: fix regression when using name - * Fix selinux test for exec - * Cirrus: Disable F29 testing - * Wait for `mount` command to finish when mounting volume - * Cirrus: Fix upload_release_archive on branch or tag - * Fix cp from pipe - * libpod, rootless: create cgroup for conmon - * Bump github.com/json-iterator/go from 1.1.7 to 1.1.8 - * seccomp: use github.com/seccomp/containers-golang - * build: drop support for ostree - * stale action: add exempt-issue-label - * Processes execed into container should match container label - * Set default seccomp.json file for podman play kube - * images: distinguish between tags and digests - * API: report multiple digests for images - * pull/create: add --override-arch/--override-os flags - * image: don't get confused by lists - * Add e2e tests for manifest list support - * bump containers/image to v5.0.0, buildah to v1.11.4 - * goland autocorrections - * Makefile: fix embedding gitCommit - * Cirrus: Fix minor python deprecation warning - * Cirrus: Only upload tagged releases - * Fix spelling mistakes - * libpod: if slirp4netns fails, return its output - * update conmon to v2.0.2 in in_podman image - * bump cirrus images - * require conmon v2.0.1 - * require conmon v2.0.0 - * GitHub stale action - * enable dnsplugin for network create - * Add ensureState helper for checking container state - * Cleanup man pages - * Log warn instead of error for removing nonexistant container - * systemd: mask /sys/fs/cgroup/systemd/release_agent - * Add multiple networks explanation to docs - * rootless: raise an error with --network= - * Initial dump of man pages and first menus - * Return a better error for volume name conflicts - * Add documentation on options to volume create manpage - * Image volumes should not be mounted noexec - * stats: list all running containers unless specified otherwise - * rootless: detect no system session with --cgroup-manager=systemd - * add pip requirements file for rtd - * Initial checking for readthedocs - * Fix sig-proxy=false test and use image cache - * Add parsing for UID, GID in volume "o" option - * exec: remove unused var - * Rewrite backend for remote 'volume inspect' - * rootless: write storage overrides to the conf file - * Markdown Formatting Fixes - * Show volume options in 'volume inspect' - * System tests: make sure exec pid hash w/o leaking - * Bump gitvalidation epoch - * Bump to v1.6.3-dev - * check existing bridge names when creating networks - * Add support for anonymous volumes to `podman run -v` - * troubleshooting.md: document lingering mode - * rootless: do not enable lingering mode - * Add ability to redirect bash for run -i - * play kube: Container->Ctr - * play kube: refactor test suite - -- Changelog for v1.6.2 (2019-10-17) - * Finalize release notes for v1.6.2 - * rootless: drop dependency on docker - * Bump gitvalidation epoch - * Bump to v1.6.2-dev - * Refactor tests when checking for error exit codes - * Attach stdin to container at start if it was created with --interactive - -- Changelog for v1.6.2-rc1 (2019-10-16) - * Add release notes for Podman 1.6.2 - * start: print full container ID - * Add a MissingRuntime implementation - * rootless v2 cannot collect network stats - * inspect: rename ImageID go field to Image - * systemd: accept also /sbin/init - * Unwrap errors before comparing them - * vendor github.com/containers/storage@v1.13.5 - * Ensure volumes can be removed when they fail to unmount - * Fix sample's JSON syntax error in oci-hooks.5.md - * change error wording when conmon fails without logs - * images: empty list is valid json with --format=json - * Allow giving path to Podman for cleanup command - * Touch up bad math in run man page - * Add squash-all, fix squash option in build - * tests: enable ps --size tests for rootless - * container: initialize results list - * Make user io.podman.service unit WantedBy=default.target - * rootless: do not set PIDs limit if --cgroup-manager=cgroupfs - * Update build man page with latest Buildah changes - * Fix default path for auth.json - * When restoring containers, reset cgroup path - * Migrate can move containers to a new runtime - * Move OCI runtime implementation behind an interface - * show uid_map in podman info - * cli: support --systemd=always - * systemd: expect full path /usr/sbin/init - * catch runc v2 error - * Respect --sig-proxy flag with podman start --attach - * rootless: automatically recreate the pause.pid file - * rootless: do not close files twice - * refresh: do not access network ns if not in the namespace - * Cirrus: Produce and collect varlink output - * io.podman.socket: drop Also=multi-user.target - * Cirrus: Remove broken/failing testing_crun task - * Cirrus: Use new VM cache images - * Cirrus: Install conmon in Fedora VMs - * vendor c/psgo@v1.3.2 - * troubleshooting: fix useradd no-log-init argument - * Setup a reasonable default for pids-limit 4096 - * Update c/image to v4.0.1 and buildah to 1.11.3 - * When evicting containers, perform a normal remove first - * Bump gopkg.in/yaml.v2 from 2.2.3 to 2.2.4 - * podman network create: validate user input - * Cirrus: Simplify package NVR logging - * Docs: Update links, add links to latest - * Cirrus: Fix log URIs & add optional $ALSO_FILENAME - * Raise start_test polling interval - * system tests: info: deal with hyphen in username - * Bump gitvalidation epoch - * Bump to v1.6.2-dev - * Apply changes also to the windows implementation - * System-tests: Use bash explicitly - * Podman 1.6.0 has been released, update the README - * Add api link to tutorials - * Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.3 - * Allow setting default parameters with env vars - * Avoid hard-coding path to varlink and podman - * Allow changing IdentityFile and to IgnoreHosts - * rm: add containers eviction with `rm --force` - -- Changelog for v1.6.1 (2019-10-02) - * Update release notes for v1.6.1 - * Bump gitvalidation epoch - * Bump to v1.6.1-dev - * rootless: allow cgroupfs manager on cgroups v2 - * system tests: reenable skipped tests - -- Changelog for v1.6.1-rc1 (2019-10-02) - * rootless: set DBUS_SESSION_BUS_ADDRESS if it is not set - * install.md: add libbtrfs-dev for Debian build - * Bump github.com/onsi/gomega from 1.5.0 to 1.7.0 - * Cirrus: Show names/versions of critical packages - * network: add workaround for slirp4netns --enable-sandbox issue - * rootless: do not attempt a CNI refresh - * Bump github.com/containernetworking/plugins from 0.8.1 to 0.8.2 - * network: hide EPERM warning when rootless - * networking: fix segfault when slirp4netns is missing - * Bump gitvalidation epoch - * Bump to v1.6.1-dev - * Move derivitive doc so it won't be treated as a manpage - * catatonit: clone and build - * bump catatonit to v0.1.4 - -- Changelog for v1.6.0 (2019-09-30) - * info: add cgroups2 - * Finalize release notes for 1.6.0 final - * Bump github.com/onsi/ginkgo from 1.8.0 to 1.10.1 - * Bump github.com/docker/docker-credential-helpers from 0.6.2 to 0.6.3 - * Bump github.com/stretchr/testify from 1.3.0 to 1.4.0 - * Bump github.com/uber/jaeger-client-go - * Bump github.com/spf13/pflag from 1.0.3 to 1.0.5 - * update c/storage to v1.13.4 - * Cirrus: Minor, fix env. var. intention - * new examples added updated two examples with supported CMD and ENTRYPOINT syntax. - * new testcase for podman import --change added - * syntax updated for podman import --change - * Correct use of reexec.Init() - * Add a missing escape in the Makefile - * Change ginkgo Wait() to Eventually() test - * Set log-level immediately, before rootless setup - * Cirrus: Implement newly built VM images - * Add README note about security reporting process. - * Cirrus: Disable boottime Ubuntu package update - * Move noCache logic lower in stack - * cirrus: Add bash-completion support - * Add an error for pods without a name - * Make links relative in Tutorial README - * docs/podman-derivative-api.md: New file - * fix cp none exists dest path ends with '/' - * Dockerfile.fedora: install packages to build catatonit - * README: add Communications section - * drop OWNERS link for CONTRIBUTING.md - * Bump gitvalidation epoch - * Bump to v1.6.0-dev - * Handle conflict between volumes and --read-only-tmpfs - * Cirrus: Upload windows MSI release file - * conditionally send stdin on remote run - * Cirrus: VM Image accounting doc update - * Force a CNI Delete on refreshing containers - * Document the required varlink build args - * Update mac_client link - * Cirrus: Fail early on CI script unit test - * Unconditionally remove conmon files before starting - -- Changelog for v1.6.0-rc2 (2019-09-24) - * Add release notes for new-in-RC2 changes - * system tests: run test: reenable and fix - * play kube: Only support pod kind in k8s yaml - * runtime: fix logic to disable SDNotify - * add list mount tests - * Make netns bind mount shared - * Add Kata Containers support - * rootless: Rearrange setup of rootless containers - * Document the 'system' event types for 'podman events' - * Cirrus: Add upload_snap to success dependencies - * Cirrus: Add snapcraft credentials - * Cirrus: Upload snap only on merges to master - * Cirrus: Push snap continuously - * exec: set HOME also with exec sessions - * execuser: look at the source for /etc/{passwd,group} overrides - * We need to convert libpod.conf files in user homedir for cgroupv2 - * Cirrus: Temporarily disable testing on Ubuntu 19 - * Cirrus: disable Evil Units in base-images - * Cirrus: Add latest ubuntu - * Cirrus: More podbot/success improvements - * Cirrus: Fix success script - * Cirrus: Update podbot credentials - * container: make sure $HOME is always set - * Move rootless and Mac to Tutorials page - * fix trivial type for event logger - * Support podman-remote help on windows - * Clean destination paths during mount generation - * tests: use crun package - * Add a note on systemd shortcomings in rootless containers - * support non-standard ssh port for remote-client - * Add links to the Mac tutorial in the main tutorial - * Vendor c/storage 1.13.3 - * System-test: Temporarily disable 030-run - * Fix exit code failure - * exec: fix --preserve-fds - * networking: use --enable-sandbox if available - * Add 'relabel' to --mount options - * Bump Gitvalidation epoch - * Bump to v1.6.0-dev - * Unmounting a container that is already unmounted is OK - * Check for rootless before checking cgroups version in spec_test. - * Skip spec_test for rootless envs without cgroup v2. - * fix unit test to use Expect - * Cirrus: Prevent resident pollution - -- Changelog for v1.6.0-rc1 (2019-09-16) - * Fix default to pause in podman cp - * Update release notes for v1.6.0 - * Vendor Bulidah 1.11.2 - * get runtime for podman-remote push earlier - * rootless: report the correct error - * Report errors when trying to pause rootless containers - * Do not support wildcards on cp (Edit 2020-06-03: Addresses CVE-2019-18466) - * Podman-remote run should wait for exit code - * Use exit code constants - * exec: Register resize func a bit later - * clean up after healthcheck execs - * enhance podman network rm - * Add podman icon to installer - * Test that PTYs created by 'podman exec --tty' have the ONLCR flag - * Prevent podman varlink socket fight - * Touch up some bad grammar in rootless doc - * linux: fix systemd with --cgroupns=private - * rootless: run pause process in its own scope - * rootless: automatically create a systemd scope - * utils: use the user session for systemd - * Support building Windows msi file - * Add cgroup v2 info to rootless tutorial - * fix podman sign signature store for rootless - * podman-remote image trust is broken - * Cirrus: Fix unnecessary setsebool - * Add further fields to StorageContainer - * Volume lookup needs to include state to unmarshal into - * Do not prune images being used by a container - * Add support for launching containers without CGroups - * add lint and manpage check to make validate - * Add `ContainerManager` annotation to created containers - * When first mounting any named volume, copy up - * Add function for looking up volumes by partial name - * hack/man_page_checker - improve diagnostics - * podman network create - * Fixup `util.GetRootlessConfigHomeDir` permission requirements - * Fixup Makefile for BSD systems, e.g. macOS - * Replace "podman" with "Podman" - * Add instructions for mounting named volumes from the host for `podman run` - * Add instruction for using fuse-overlayfs as the rootless storage driver - * Fix podman import bash completions - * Turn off journald in podmanimages on quay.io - * build: pass down the cgroup manager to buildah - * mac_client.md - * Ignore ENOENT on umount of SHM - * play kube: fix segfault - * Return information about mount_program (fuse-overlayfs) - * Ensure good defaults on blank c/storage configuration - * Correctly report errors on unmounting SHM - * Add ability for volumes with options to mount/umount - * Fixup README.md to give proper information - * Add volume state - * Change volume driver and options JSON tags - * Update buildah to v1.11.0 - * Set TMPDIR to /var/tmp by default - * cli-flags: use a consistent format for <size><unit> - * Fix unit tests missing comparative for 'Expect' - * System tests: support for crun on f31/rawhide - * libpod: avoid polling container status - * Add test to verify noexec works with volume mounts - * Cirrus: Update e-mail -> IRC Nick table - * handle dns response from cni - * pkg/util: use rootless function to read additional users - * Enable hack/man-page-checker in CI - * rootless: detect user namespace configuration changes - * rootless.md: add systemd unit example - * docs: add note about failing rhel7 systemd on cgroups v2 - * spec: provide custom implementation for getDevices - * spec: do not set devices cgroup when rootless - * rootless: bind mount devices instead of creating them - * Add command aliases to SYNOPSIS section - * Exclude podman-remote - * Cirrus: On success, add IRC nick mention to msg - * Fix table spacing - * Revert the descriptive text for podman-remote - * WIP - ignore man pages for commands besides podman - * podman-remote is not a subcommand - * Fix formatting and enable hack/man-page-checker - * Cirrus: Load base-image names indirectly - * Cirrus: Remove image_prune YAML-alias workaround - * Fix links to manpages - * Makefile: use go proxy - * man: events-logger → events-backend - * dont panic when using varlink commit and uppercase image names - * Add a test for the new suid/exec/dev options - * Fix addition of mount options when using RO tmpfs - * Allow :z and :Z with ProcessOptions - * Set base mount options for bind mounts from base system - * Don't double-process tmpfs options - * Add support for 'exec', 'suid', 'dev' mount flags - * Update buildah to current master - * Cirrus: Reimplement release archive + upload - * Readme: Links for automatic binary releases - * Re-add locks to volumes. - * image: remove unused Decompose method - * Temporarily disable systemd test for CGroups V2 - * Add an integration test for systemd in a container - * clean up after remote build - * Cirrus: Block CNI use of google VPCs - * Add snap build test to success and release check - * Run `apt-get update` to avoid missing package while building - * Use snapcraft on Ubuntu 18.04 for libostree-dev - * Test build snap with Cirrus CI - * Update varlink doc and code - * podman cp: big set of system tests - * add iproute to podman in podman image - * Cirrus: Enable VM image housekeeping - * clean up after remote build - * Adjust name of Podman CNI network bridge - * Update cni config instructions - * Fix minor typos in podman-run docs. - * Fix link format in rootless_tutorial.md. - * Need to include command name in error message - * podman-remote: cp crashes - * generate systemd: support pods and geneartig files - * Dockerfile.fedora: install cni plugins package - * Add --digestfile option to push - * generate systemd: drop support for remote clients - * exec: run with user specified on container start - * Dockerfile*: fix build for CNI plugins - * Touchup README with Buildah build usage - * Dockerfile.*: bump CNI plugins commit - * Implement healthcheck for remote client - * networking: use firewall plugin - * Flake fix: build test timeout - * Fix error message on podman stats on cgroups v1 rootless environments - * test: enable all tests for crun - * test: fix return code check for missing workdir - * Fix directory pull image name for OCI images - * .cirrus.yml: use crun from git master - * libpod, pkg: lookup also for crun failures - * libpod.conf: add crun to runtime_supports_json - * containers, create: debug message on failed deletion - * libpod: still attempt to read the oci log file if not output - * Issue template update to include package info - * Allow customizing pod hostname - * add --cert-dir image sign - * Cirrus: Minor: Simplify crun test task - * Create framework for varlink endpoint integration tests - * Cirrus: Confirm networking more - * inclusion of podman network - * do not activate sd_notify support when varlink - * Remove --tmpfs size default - * cirrus: enable cgroups v2 tests with crun - * tests: skip pause tests if freezer is not available - * tests: enable run tests for cgroups v2 - * tests: enable cpu tests for cgroups v2 - * tests: enable memory tests for cgroups v2 - * runtime: honor --runtime flag to build - * test: fix option name - * Add support & documentation to run containers with different file types - * Use GetRuntimeDir to setup auth.json for login - * add --pull flag for podman create&run - * Fix typos - * Update Varlink API documentation for volumes changes - * Swap 'volume inspect' frontend to use the new backend - * Implement backend for 'volume inspect' - -- Changelog for v1.5.1 (2019-08-15) - * Add release notes for v1.5.1 - * Set Pod hostname as Pod name - * tests for exit status on podman run --rm - * performance fix for podman events with large journalds - * pkg/cgroups: use DBUS session when rootless - * Fix play kube command in pod yaml - * removMergeDir from inspect result if not mounted - * Running Podman with a nonexistent hooks dir is nonfatal - * Cirrus: Install varlink on Ubuntu - * Cirrus: Install varlink on Fedora - * Add missing stage-packages in snapcraft.yaml. - * Add RHEL and SUSE to snap doc - * start groundwork for adding snap - * Add user systemd service and socket - * Small optimization - only store exit code when nonzero - * Fix container exit code with Journald backend - * Revert "Cirrus: Temp. workaround missing imgprune image" - * Homebrew installation in install.md - * varlink endpoint for containerstats requires root - * Adjust get_ci_vm.sh for substitution - * Cirrus: Add verification for cgroupv2 image - * Cirrus: Add experimental fedora VM image & test - * image: add user agent to Docker registry options - * Cirrus: Minor, use newer Ubuntu base image - * tests: disable some tests currently failing when not using runc - * containers: look also for 'file not found' in the error message - * cirrus: add tests with crun on Fedora 30 - * rootless: cherry-pick runtime from the system configuration - * cirrus: install crun - * cmd: drop check for euid==0 - * storage: drop unused geteuid check - * cmd, stats: fix check for rootless mode - * oci: drop check for euid==0 - * build: use the configured runtime - * Adjust read count so that a newline can be added afterwards - * Fix incorrect use of realloc() - * Bump gitvalidation epoch - * Bump to v1.5.1-dev - * Fix a couple of errors descovered by coverity - * Test that restored container does not depend on the original container - * Fix up ConmonPidFile after restore - * Cirrus: Enable updates-testing repo for Fedora - * enable windows remote client - * implement 'make remotesystem' - * Squish a few tpyo nits in container.go doc - * Cirrus: Add Second partition for storage testing - -- Changelog for v1.5.0 (2019-08-09) - * vendor github.com/containers/storage@v1.13.2 - * Improve dns-search validation, empty domains now return an error - * fix create&run getting --authfile from cli - * Add release notes for v1.5.0 - * Touch up build man page - * podman-container-runlabel(1): drop note - * make rmi messages more compatible with docker - * Add conmon probe to runtime construction - * fix copy change file owner if cp from container - * Vendor Buildah 1.10.1 - * Allow the passing of '.' to --dns-search - * add make to make installs - * namespaces: fix Container() call - * Add a test for verifying ENTRYPOINT and CMD - * fix port early return - * Allow --ro=[true|false] with mount flag - * refer to container whose namespace we share - * add test to verify hostname is shared in a pod - * Properly share UTS namespaces in a pod - * When populating CMD, do not include Entrypoint - * systemd library conflict with seektail and addmatch - * pod top test: reenable - * cgroup: fix regression when running systemd - * Add invalid credentials fix to docs - * Revert "rootless: Rearrange setup of rootless containers" - * restore: correctly set StartedTime - * container stop: kill conmon - * honor libpod.conf in /usr/share/containers - * fix system df crashes on unnamed images - * Don't log errors to the screen when XDG_RUNTIME_DIR is not set - * various fixes for varlink endpoints - * add eventlogger to info - * Add handling for empty LogDriver - * Add rootless NFS and OverlayFS warnings to docs - * podman events format json - * add godoc link to readme - * restore: added --ignore-static-ip option - * System tests: resolve hang in rawhide rootless - * fix search output limit - * Add capability functionality to play kube - * Use "none" instead of "null" for the null eventer - * Deduplicate capabilities in generate kube - * Fix typo - * Pass on events-backend config to cleanup processes - * Print Pod ID in `podman inspect` output - * go build: use `-mod=vendor` for go >= 1.11.x - * Use buildah/pkg/parse volume parsing rather then internal version - * github.com/containers/storage v1.12.13 - * Add new exit codes to rm & rmi for running containers & dependencies - * Add runtime and conmon path discovery - * systemd, cgroupsv2: not bind mount /sys/fs/cgroup/systemd - * Ensure we generate a 'stopped' event on force-remove - * Fix Dockerfile - a dependency's name was changed - * System events are valid, don't error on them - * Do not use an events backend when restoring images - * Expose Null eventer and allow its use in the Podman CLI - * Force tests to use file backend for events - * Add a flag to set events logger type - * Fix test suite - * Retrieve exit codes for containers via events - * podman: fix memleak caused by renaming and not deleting the exit file - * Cirrus: Fix release dependencies - * Cirrus: Fix re-run of release task into no-op. - * e2e test: check exit codes for pull, save, inspect - * rootless: Rearrange setup of rootless containers - * Add comment to describe postConfigureNetNS - * Vendor in buildah 1.9.2 - * Build fix for 32-bit systems. - * Set -env variables as appropriate - * Touch up input argument error on create - * Update libpod.conf to be NixOS friendly - * Allow info test to work with usernames w/dash - * Touch up XDG, add rootless links - * Fix the syntax in the podman export documentation example - * fix `podman -v` regression - * Move random IP code for tests from checkpoint to common - * Fix commit --changes env=X=Y - * Update pause/unpause video links and demo - * Cirrus: Remove fixed clone depth - * podman: support --userns=ns|container - * pods: do not to join a userns if there is not any - * Documenation & build automation for remote darwin - * Cirrus: Bypass release during image-building - * Use systemd cgroups for Ubuntu - * Cirrus: Ubuntu: Set + Test for $RUNC_BINARY - * Cirrus: Simplify evil-unit check in image - * Cirrus: Silence systemd-banish noise - * Cirrus: Fix image build metadata update - * Cirrus: Fix missing -n on CentOS - * Cirrus: Remove disused COMMIT variables - * Improved hooks monitoring - * Fix possible runtime panic if image history len is zero - * When retrieving volumes, only use exact names - * fix import not ignoring url path - * Document SELinux label requirements for the rootfs argument - * Fixes issue #3577. - * refactor to reduce duplicated error parsing - * remove debug prints - * Re-add int64 casts for ctime - * fix build --network=container - * Fix a segfault on Podman no-store commands with refresh - * always send generic error in case io fails - * only use stdin if specified - * buffer errChan - * move handleTerminalAttach to generic build - * remove unnecessary conversions - * add detach keys support for remote - * move editing of exitCode to runtime - * Update e2e tests for remote exec - * Finish up remote exec implementation - * golangci-lint cleanup - * install.md: mention all build tags - * golangci-lint phase 4 - * Change wait to sleep in podmanimage readme - * bump cirrus images to get new conmon - * Implement conmon exec - * bump conmon to 1.0.0-rc2 - * Cirrus: Temp. workaround missing imgprune image - * vendor github.com/containers/image@v2.0.1 - * golangci-lint round #3 - * Remove debug message - * Cleanup Pull Message - * Cirrus: Fix post-merge env. var. not set. - * mkdir -p /etc/cni/net.d requires sudo - * Add support for listing read/only and read/write images - * support podman ps filter regular expressions - * rootless: add rw devices with --privileged - * Cirrus: Minor scripting typo fix - * fix --dns* and --network not set to host conflict - * podman-remote make --size optional in ps - * Remove exec PID files after use to prevent memory leaks - * Add DefaultContent API to retrieve apparmor profile content - * libpod: support for cgroup namespace - * Make GOPATH-related symlinking more precise - * Populate inspect with security-opt settings - * Properly retrieve Conmon PID - * Move the HostConfig portion of Inspect inside libpod - * Fix play kube command - * spec: rework --ulimit host - * Cirrus: Add image-test for locked dpkg - * Cirrus: Use images w/o periodic svcs - * Cirrus: Disable most periodic services/timers - * dependency/analyses: simplify scripts - * dependency-tree analysis: direct and transitive - * analyses: README: consistent code examples - * analyses: README: fix typos - * analyses: add dependency-tree.sh - * analyses: add README.md - * hack/analyses -> dependencies/analyses - * hack/analyses/go-archive-analysis.sh: fix sorting - * add hack/analyses/nm-symbols-analysis.sh - * analyse package sizes - * Completion: complete "--health-start-period" in bash - * Make the healthcheck flags compatible with Docker CLI - * healthcheck: reject empty commands - * create: ignore check if image has HEALTHCHECK NONE - * create: apply defaults on image healthcheck options - * healthcheck: improve command list parser - * Completion: --no-healthcheck is not an option - * Cirrus: Abstract destination branch refs. - * Cirrus: Print images that should be pruned - * create: improve parser for --healthcheck-command - * Improves STD output/readability in combination with debug output. - * Fix the double replySendFile() - * Cirrus: Update to freshly built cache-images - * Cirrus: Execute system-tests during image-validation - * Cirrus: Fix missing removal of packaged podman - * cgroupsv2: do not enable controllers for the last component - * spec: fix userns with less than 5 gids - * Fix spelling mistakes in man pages and other docs - * Add glob parsing for --env flag - * Add support for -env-host - * cgroups: fix a leak when using cgroupfs - * cgroups: attempt a recursive rmdir - * Fix a bug where ctrs could not be removed from pods - * golangci-lint pass number 2 - * Add tests for --ignore-rootfs checkpoint/restore option - * Add --ignore-rootfs option for checkpoint/restore - * Fix typo in checkpoint/restore related texts - * Include root file-system changes in container migration - * Add function to get a filtered tarstream diff - * Correctly set FinishedTime for checkpointed container - * first pass of corrections for golangci-lint - * Cirrus: Fix #3543: Failure in 'release' task - * fix bug convert volume host path to absolute - * Cirrus: Fix 473d06045 / enable build_without_cgo - * account for varlink calls that dont use more - * runtime: drop spurious message log - * Ensure we have a valid store when we refresh - * cgroups: skip not existing cpuacct files - * cgroups: support creating cgroupsv2 paths - * make localsystem: wipe all user config state - * podman: create and run honors auth file location - * healthcheck: support rootless mode - * Use random IP addresses during checkpoint/restore tests - * Fix podman-remote usage message to display `podman-remote` instead of `podman` - * rootless.md: Include GPFS as a parallel filesystem - * speed up rootless tests - * podman: add --ulimit host - * docs: fix --healthcheck-command option - * code cleanup - * fix integration flake tests - * CONTRIBUTING.md: fix project paths - * get last container event - * Do not hardcode podman binary location in generate systemd. - * Move skipping systemd tests to early setup. - * Reload systemd daemon on creation of units location dir in tests. - * Add debug information to "generate systemd" test. - * Use default conmon pidfile location for root containers. - * Use conmon pidfile in generated systemd unit as PIDFile. - * Cirrus: Automate releasing of tested binaries - * trivial cleanups from golang - * ps should use nostore when possible - * libpod: discerne partial IDs between containers and pods - * Added instruction to enable the user namespaces permanenty in Manjaro - * Addressed code review comments - * Updated install.md for Manjaro Linux - * Vendor latest OCICNI version - * Bump current version in README - * Wipe PID and ConmonPID in state after container stops - * Store Conmon's PID in our state and display in inspect - * Restart failed containers in tests - * Improve parsing of mounts - * Add test for generate kube with volumes - * Bump gitvalidation epoch - * Bump to v1.4.5-dev - * Fix rootless detection error for pause & unpause - * Deduplicate volumes - * cirrus: add test for compiling without cgo - * lock: new lock type "file" - * runtime: allow to specify the lock mechanism - * lock: disable without cgo - * spec: move cgo stuff to their own file - * rootless: allow to build without cgo - * attach: move cgo bits to a different file - * vendor: update containers/psgo - * Update the testing documentation with system tests. - * Pass along volumes to pod yaml - * Configure container volumes for generate kube - * configure runtime without store - * Add RUN priv'd test for build - * Cirrus: Use packaged dependencies - * Add exec after checkpoint/restore test - * Provide correct SELinux mount-label for restored container - * Track if a container is restored from an exported checkpoint - * libpod/container_internal: Make all errors loading explicitly configured hook dirs fatal - -- Changelog for v1.4.4 (2019-07-02) - * Fix release notes - * Ensure locks are freed when ctr/pod creation fails - * Update release notes for 1.4.4 - * stats: use runtime.NumCPU when percpu counters are not available - * cgroups: fix times conversion - * Update to containers/storage v1.12.13 - * rootless: do not join namespace if it has already euid == 0 - * Exclude SIGTERM from blocked signals for pause process. - * Remove umount command from remote client. - * rootless: enable linger if /run/user/UID not exists - * Makefile: set GO111MODULE=off - * libpod removal from main (phase 2) - * runtime: do not attempt to use global conf file - * runtime: use GetRootlessUID() to get rootless uid - * Remove refs to crio/conmon - * Handle images which contain no layers - * Add tests that we don't hit errors with layerless images - * stats: fix cgroup path for rootless containers - * pkg, cgroups: add initial support for cgroup v2 - * util: drop IsCgroup2UnifiedMode and use it from cgroups - * vendor: drop github.com/containerd/cgroups - * libpod: use pkg/cgroups instead of containerd/cgroups - * pkg: new package cgroups - * Remove unnecessary blackfriday dependency - * libpod: fix hang on container start and attach - * podman: clarify the format of --detach-keys argument - * libpod: specify a detach keys sequence in libpod.conf - * Fix parsing of the --tmpfs option - * Fix crash for when remote host IP or Username is not set in conf file & conf file exists. - * Bump gitvalidation epoch - * Bump to v1.4.4-dev - * Cirrus: More tests to verify cache_images - * Update release notes for 1.4.3 release - * remove libpod from main - -- Changelog for v1.4.3 (2019-06-25) - * Update 'generate kube' tests to verify YAML - * Use a different method to retrieve YAML output in tests - * update dependencies - * Fix tests - * Change Marshal -> Unmarshal in generate kube tests - * Add test for generate kube on a pod with ports - * Only include ports in one container in Kube YAML - * Support aliases for .Src and .Dst in inspect .Mounts - * Fix a segfault in 'podman ps --sync' - * migrate to go-modules - * Makefile: add go-get function - * rootless: add an entry to /etc/hosts when using slirp4netns - * libpod.conf: add runtime crun - * Fix configs location in rootless tutorial. - * Add additional debugging when refreshing locks - * Fix gofmt - * Adjust names to match struct tags in Inspect - * Fix inspect --format '{{.Mounts}}. - * runtime.go: Add /usr/local/{s,}bin - * include make podman target in install instructions - * Add /usr/local/{s,}bin to conmon paths - * update cirrus image - * Update conmon to include attach socket unlink - * Add --latest, -l to 'podman diff' - * Build cgo files with -Wall -Werror - * Add some missing periods to the readme - * fix bug creats directory copying file - * Support Reproducible Builds by removing build path - * Support SOURCE_DATE_EPOCH - * Properly initialize container OCI runtime - * vendor containers/storage v1.12.11 - * Handle containers whose OCIRuntime fields are paths - * Properly handle OCI runtime being set to a path - * add windows bridge format - * Make configuration validation not require a DB commit - * Avoid a read-write transaction on DB init - * Fix execvp uage in rootless_linux.c - * Handle possible asprintf failure in rootless_linux.c - * Fix format specifiers in rootless_linux.c - * Print container's OCI runtime in `inspect` - * Make a missing OCI runtime nonfatal - * Begin adding support for multiple OCI runtimes - * docs: add note to system migrate - * Fix documentation for log-driver - * Minor roadmap adjustment in README - * Spoof json-file logging support - * Add tests for cached and delegated mounts - * Vendor in logrus v1.4.2 - * Add RUN with priv'd command build test - * Bump gitvalidation epoch - * Bump to v1.4.3-dev - * fix broken healthcheck tests - * Allow (but ignore) Cached and Delegated volume options - * Fix example in oci-hooks.5.md - * First pass rootless tutorial - * Correctly identify the defaults for cgroup-manager - * Cirrus: Fix F30 ssh guarantee - * Cirrus: Add support for testing F30 - * Bump gate-container up to F30 - -- Changelog for v1.4.2 (2019-06-18) - * Update release notes for Podman 1.4.2 - * updating podman logo files - * fix port -l timing with healthchecks - * Bump Buildah to v1.9.0 - * Swap to using the on-disk spec for inspect mounts - * Replace podman.svg; closes #3350 - * cmd, docs, test: fix some typos - * run BATS tests in Cirrus - * Move the Config portion of Inspect into libpod - * Add remote client logging to a file - * Fix subgidname option in docs for podman run - * stop/kill: inproper state errors: s/in state/is in state/ - * test: add test for logs -f - * kill: print ID and state for non-running containers - * API.md: fix few typos - * docs/podamn.1.md: fix typo: remove double the - * CONTRIBUTING.md: fix typo - * Remove unnecessary var type to fix lint warning - * Move installPrefix and etcDir into runtime.go - * Improve DESTDIR/PREFIX/ETCDIR handling - * Bump gitvalidation epoch - * Bump to v1.4.2-dev - * Change container command to contained - * Cirrus: Simplify log collection commands - * Accidently removed /run/lock from systemd mounts - * Add warning while untagging an image podman-load - * podman copy files to the volume with a container - -- Changelog for v1.4.1 (2019-06-14) - * Completely disable global options test - * Update release notes for 1.4.1 - * Skip runlabel global options test for podman-in-podman - * pkg/apparmor: fix when AA is disabled - * Fix ENV parsing on `podman import` - * Fix storage-opts type in Cobra - * Use the logical registry location instead of the physical one in (podman info) - * Update containers/image to v2.0.0, and buildah to v1.8.4 - * Document exit codes for podman exec - * Add --storage flag to 'podman rm' (local only) - * When creating exit command, pass storage options on - * Bump cirrus images - * Mention the new Podman mailing list in contributing.md - * Update 1.4.0 release notes with ID -> Id in inspect - * Bump conmon to 0.3.0 - * Cirrus: Guarantee ssh is running for rootless - * Purge all use of easyjson and ffjson in libpod - * Split mount options in inspect further - * storage: support --mount type=bind,bind-nonrecursive - * oci: allow to specify what runtimes support JSON - * storage: fix typo - * oci: use json formatted errors from the runtime - * Make Inspect's mounts struct accurate to Docker - * Provide OCI spec path in `podman inspect` output - * If container is not in correct state podman exec should exit with 126 - * rootless: use the slirp4netns builtin DNS first - * Add --filename option to generate kube - * Fix podman-remote to user default username - * Prohibit use of positional args with --import - * BATS tests - get working again - * Add a test for 'podman play kube' to prevent regression - * Cirrus: New images w/o buildah - * Remove source-built buildah from CI - * standardize documentation formatting - * Touchup upstream Dockerfile - * only set log driver if it isn't empty - * Fix cgo includes for musl - * When you change the storage driver we ignore the storage-options - * Update vendor on containers/storage to v1.12.10 - * Bump gitvalidation epoch - * Bump to v1.4.1-dev - * Default 'pause' to false for 'podman cp' - * Update c/storage to 9b10041d7b2ef767ce9c42b5862b6c51eeb82214 - * Fix spelling - * fix tutorial link to install.md - * Cirrus: Minor cleanup of dependencies and docs - * Begin to break up pkg/inspect - * docs: Add CI section and links - -- Changelog for v1.4.0 (2019-06-07) - * Update release notes for v1.4.0 - * Update release notes for v1.4.0 - * Disable a very badly flaking healthcheck test - * rootless: skip NS_GET_PARENT on old kernels - * Cirrus: Track VM Image calling GCE project - * remove -c for podman remote global options - * Vendor Buildah v1.8.3 - * Cirrus: Disable testing on F28 (EOL) - * migration: add possibility to restore a container with a new name - * Inherit rootless init_path from system libpod.conf - * Also download container images during restore - * Include container migration into tutorial - * Add man-pages for container migration - * Added bash completion for container migration - * Add test case for container migration - * Added support to migrate containers - * Added helper functions for container migration - * Fix restore options help text and comments - * fix timing issues with some tests - * pkg/varlinkapi/virtwriter/virtwriter.go: simplify func Reader - * rootless: block signals on re-exec - * cirrus: minor cleanup and refactoring - * manpage: podman-tool table: un-confuse version and varlink - * Create Dockerfiles for podmanimage - * rootless: use TEMP_FAILURE_RETRY macro - * rootless: fix return type - * rootless: make sure the buffer is NUL terminated - * split rootless local and remote testing - * Fix podman cp test by reordering operations - * Small fix to readme to force tests to run - * Do not set tmpcopyup on /dev - * do not run remote tests inside container - * podman remote-client commit - * Fix podman cp tests - * podman-remote.conf enablement - * Error when trying to copy into a running rootless ctr - * rootless: skip check fo /etc/containers/registries.conf - * We can't pause rootless containers during cp - * Fix bug in e2e tests for podman cp - * Tolerate non-running containers in paused cp - * Add test to ensure symlinks are resolved in ctr scope - * Add --pause to podman cp manpage and bash completions - * Pause containers while copying into them - * Use securejoin to merge paths in `podman cp` - * use imagecaches for local tests - * add dns flags to docs - * add missing container cp command - * Podman logs man page shouldn't include timestamps - * Fix the varlink upgraded calls - * hack: support setting local region/zone - * document missing container update command - * Add --follow to journald ctr logging - * Address comments - * Implement podman logs with log-driver journald - * bump go-systemd version - * Added --log-driver and journald logging - * Update completions and docs to use k8s file as log driver - * bump conmon to v0.2.0 - * runtime: unlock the alive lock only once - * rootless: make JoinUserAndMountNS private - * Revert "rootless: change default path for conmon.pid" - * rootless: enable loginctl linger - * rootless: new function to join existing conmon processes - * rootless: block signals for pause - * Update install.md ostree Debian dependencies. - * fix bug dest path of copying tar - * podman: honor env variable PODMAN_USERNS - * userns: add new option --userns=keep-id - * warn when --security-opt and --privileged - * baseline tests: apparmor with --privileged - * rootless: store also the original GID in the host - * Fix a potential flake in the tests for podman cp - * cirrus: update images w/ zip pkg - * Cirrus: Add zip package to images - * rootless: fix top huser and hgroup - * vendor: update psgo to v1.3.0 - * apparmor: don't load/set profile in privileged mode - * hack: ignore from all VCS files when tarballing - * hack: shrink xfer tarball size - * hack: Display IP address of VM from script - * document nullable types - * Add test cases for login and logout - * Remove unused return statement in kube volume code - * Fix play kube when a pod is specified - * Fix a 'generate kube' bug on ctrs with named volumes - * Add test for image volume conflict with user volume - * Cirrus: Fix missing CRIO_COMMIT -> CONMON_COMMIT - * When superceding mounts, check for opposite types - * make remote resize channel buffered - * Cirrus: workaround root expand failure - * Cirrus: Stub in F30 support - * Cirrus: fixups based on review feedback - * Cirrus: Overhaul/Simplify env. var setup - * Cirrus: Run tests on test-built cache-images - * Cirrus: Support testing of VM cache-image changes - * Cirrus: Remove "too new" runc hack - * libpod: prefer WaitForFile to polling - * Remove conmon from fedora install instructions - * rootless: force resources to be nil on cgroup v1 - * Fixup Flags - * Minor fix filtering images by label - * container: move channel close to its writer - * util: fix race condition in WaitForFile - * Update vendor of buildah and containers/images - * Add Jhon Honce (@jwhonce on github) to OWNERS - * Don't set apparmor if --priviliged - * docs/libpod.conf.5: Add "have" to "higher precedence" typo - * Output name of process on runlabel command - * Minor fix splitting env vars in podman-commit - * Fixup conmon documentation - * troubleshooting.md: add note about updating subuid/subgid - * system: migrate stops the pause process - * rootless: join namespace immediately when possible - * rootless: use a pause process - * migrate: not create a new namespace - * install.remote should be separate for install.bin - * Cirrus: Confirm networking is working - * Use containers/conmon - * Fix a typo in release notes, and bump README version - * s|kubernetes-sigs/cri-o|cri-o/cri-o|g - * Bump github.com/containers/storage to v1.12.7 - * remote: version: fix nil dereference - * Bump gitvalidation epoch - * Bump to v1.3.2-dev - * Add connection information to podman-remote info - * unshare: define CONTAINERS_GRAPHROOT and CONTAINERS_RUNROOT - * Touchup run man page - * unshare: use rootless from libpod - * Replace root-based rootless tests - * rootless: default --cgroup-manager=systemd in unified mode - * create: skip resources validation with cgroup v2 - * rootless, spec: allow resources with cgroup v2 - -- Changelog for v1.3.1 (2019-05-16) - * More release notes - * Add unshare to podman - * Release notes for 1.3.1 - * Kill os.Exit() in tests, replace with asserts - * Minor capitalization fix in Readme - * Add debug mode to Ginkgo, collect debug logs in Cirrus - * set default event logger based on build tags - * Add VarlinkCall.RequiresUpgrade() type and method - * Ensure that start() in StartAndAttach() is locked - * When removing pods, free their locks - * network: raise a clearer error when using CNI - * Fix libpod.conf option ordering - * split remote tests from distro tests - * varlink: fix usage message, URI is now optional - * Update containerd/cgroups to 4994991857f9b0ae - * healthcheck benign error - * Add `systemd` build tag - * podman: fix events help string - * When removing a pod with CGroupfs, set pids limit to 0 - * Add fix for an issue breaking our CI - * Use standard remove functions for removing pod ctrs - * implement cp reads tar file from stdin/stdout - * Add information when running podman version on client - * add varlink bridge - * Add negative command-line test - * Preserve errors returned by removing pods - * Improve robustness of pod removal - * enable integration tests for remote-client - * fix podman-remote ps --ns - * podman-run|create man updates - * Update installation instructions - * remote-podman checkpoint and restore add to container submenu - * Remove tests for deprecated podman-refresh command - * When refreshing after a reboot, force lock allocation - * Do not remove volumes when --rm removes a container - * add unit tests for generate systemd - * Bump gitvalidation epoch - * Bump to v1.3.1-dev - * Upgrade to latest criu and selinux-policy - * Only run checkpoint/restore tests on Fedora >= 29 - * Fix API.md - * Cirrus: Add missing task dependencies - * Cirrus: Add check for make varlink_api_generate - -- Changelog for v1.3.0 (2019-05-06) - * Update release notes for 1.3.0 release - * Bump to Buildah v1.8.2 - * Document events logger options in libpod.conf manpage - * Try and fix restart-policy tests - * fix logout message if login only with docker - * Fix manpage typos - * Small code fix - * Fix 'restart' event in journald - * change from sysregistries to sysregistriesv2 - * Address review comments on restart policy - * Add a test for restart policy - * Add a restart event, and make one during restart policy - * Restart policy should not run if a container is running - * Restart policy conflicts with the --rm flag - * Move to using constants for valid restart policy types - * Add manpage information for restart policy - * Add support for retry count with --restart flag - * Sending signals to containers prevents restart policy - * Add container restart policy to Libpod & Podman - * Add a StoppedByUser field to the DB - * top: fallback to execing ps(1) - * clean up shared/parse/parse.go - * Generate systemd unit files for containers - * Fix podman-in-podman volume test - * Cirrus: Add pipefail confirmation check - * Cirrus: timestamp all output script output - * Update c/storage to v1.12.6 - * Fix typo in init manpage - * Add an InvalidState varlink error for Init - * Bump Buildah to v1.8.1, ImageBuilder to v1.1.0 - * Add variable for global flags to runlabel - * docs: Fix typo "healthcheck" pt2 - * cirrus lib.sh: refactor req_env_var() - * Remove two bits of dead code - * http-proxy: improve docs - * Small fixes for #2950 - * container: drop rootless check - * Add basic structure of podman init command - * Move handling of ReadOnlyTmpfs into new mounts code - * Begin adding volume tests - * Ensure that named volumes have their options parsed - * Add options parsing for tmpfs mounts - * Use EqualValues instead of reflect equality - * Hit a number of to-do comments in unified volumes code - * Fix options for non-bind and non-tmpfs volumes - * Migrate unit tests from cmd/podman into pkg/spec - * Migrate to unified volume handling code - * Always pass pod into MakeContainerConfig - * Remove non-config fields from CreateConfig - * Add a new function for converting a CreateConfig - * podman-remote port - * install.md contains hints for rootless setup on arch linux - * auto pass http_proxy into container - * enable podman-remote on windows - * Use 'sudo tee' in tutorial so install works as non-root - * Refactor container cleanup to use latest functions - * Move --mount in run man page - * Add details on rootless Podman to the readme - * podman-remote stop - * correct upstream vndr issues - * runtime: pass down the context - * system: add new subcommand "migrate" - * Vendor in latest buildah code - * remove manual install of libsystemd-dev - * Vendor in latest containers/storage - * Add --read-only-tmpfs options - * Fix remote-client testing reports - * podman-remote prune containers - * Do not hard fail on non-decodable events - * update psgo to v1.2.1 - * Add System event type and renumber, refresh events - * enable podman remote top - * fix login supports credHelpers config - * Cirrus: Collect audit log on success and failure - * Add a debug message indicating that a refresh occurred - * image: rework parent/child/history matching - * images: add context to GetParent/IsParent/Remove/Prune... - * build podman-remote with Dockerfile. - * point to 3rd party tools for `docker-compose` format - * Update vendor of container/storage - * journald event logging - * podman remote-client restart containers - * Cirrus: Use freshly built images - * Cirrus: Bump up runc commit - * Cirrus: fix obsolete Ubuntu package - * Cirrus: Install libsystemd-dev on Ubuntu - * pull: special case all-tags semantics - * Fix test compile - * Trim whitespace from ps -q before comparing - * Enhance tests for stop to check results - * Add extra CI tests for stopping all containers - * Fix podman stop --all attempting to stop created ctrs - * Cirrus: Temp. override container-selinux on F29 - * Refactor of 'podman prune' to better support remote - * bats - various small updates - * podman-remote pause|unpause - * Internal names do not match external names - * Add header to play kube output - * Clean up after play kube failure - * rootless: not close more FDs than needed - * Fix COPR builds to start working again - * Fix podman command --change CMD - * podman-remote start - * Vendor in latest Buildah - * Added remote pod prune - * Add podman pod prune - * podman-remote container commands - * Fix segfaults attribute to missing options - * Call the runtime with WithRenumber() when asked - * Add File mounts to play kube - * cmd, pkg: drop commented code - * pod: drop dead code - * rootless, mount: not create namespace - * Incorporate image and default environment variables in play kube - * Validate ENV/LABEL Change options in varlink - * oci: fix umount of /sys/kernel - * Revert "rootless: set controlling terminal for podman in the userns" - * Remove old crio reference from man pages - * create: fix segfault if container name already exists - * adding uidmap to install steps for ubuntu - * podman-remote generate kube - * rootless: do not block SIGTSTP - * rootless: set controlling terminal for podman in the userns - * Use GetContainer instead of LookupContainer for full ID - * pull: exit with error if the image is not found - * Use the same SELinux label for CRIU log files - * pull: remove cryptic error message - * new uidmap BATS test: fix - * adding additional update, needed for install - * Fix README.md -> rootless.md link - * Fixes for podman-remote run and attach - * remote-client checkpoint/restore - * Expand debugging for container cleanup errors - * spec: mask /sys/kernel when bind mounting /sys - * Add --include-volumes flag to 'podman commit' - * oci: add /sys/kernel to the masked paths - * userns: prevent /sys/kernel/* paths in the container - * imagefilter dangling handling corrected - * rootless: fix segfault on refresh if there are containers - * Add demo script and cast to images - * Initial remote flag clean up - * (minor): fix misspelled 'Healthcheck' - * BATS tests: start supporting podman-remote - * Add the ability to attach remotely to a container - * Print header for 'podman images' even with no images - * podman-remote ps - * Re-run (make vendor) to drop the now unnecessary collation code and tables - * Potentially breaking: Make hooks sort order locale-independent - * Implement podman-remote rm - * ps: now works with --size and nonroot - * Update invalid name errors to report the correct regex - * cirrus: enable remote tests for rootless - * test: fix remote tests for rootless - * test: enable userns e2e tests for rootless - * CI check for --help vs man pages: usability fix - * podman-remote create|run - * Correct varlink pull panic - * add image rmi event - * Revert "Switch to golangci-lint" - * Document shortcomings with rootless podman - * podman: enable kube for rootless - * kube: correctly set the default for MemorySwappiness - * rootless: enable healthcheck tests - * Respect image entrypoint in play kube - * Increase CI resources to help avoid hitting timeouts - * podman-remote image tree - * Added port forwarding and IP address hint. - * fix bug podman cp directory - * Fix E2E tests - * Drop LocalVolumes from our the database - * Major rework of --volumes-from flag - * Volume force-remove now removed dependent containers - * Add handling for new named volumes code in pkg/spec - * Create non-existing named volumes at container create - * Switch Libpod over to new explicit named volumes - * Add named volumes for each container to database - * Add varcheck linter - * Add deadcode linter - * Update lint to use golangci-lint - * Update registrar unit tests to match them of cri-o - * Update run tests to be skipped when not supported - * Fix Dockerfile dependencies for packer tests - * Update Dockerfile to use golang:1.12 image - * Fix a potential segfault in podman search - * Improve podman pod rm -a test - * Cirrus: Update F28 -> F29 container image - * --size does not work with rootless at present - * add remote-client diff - * Cirrus: Support special-case modes of testing - * rootless: use a single user namespace - * rootless: remove SkipStorageSetup() - * Update cri-o annotations - * Update README with current version - * docs/podman*.md: fix numerous option typos and spacing errors - * docs/podman-rm.1.md: delete "Not yet implemented" msg for volume removal - * docs/podman-inspect.1.md: add missing option hyphen for "-t" - * Bump gitvalidation epoch - * Bump to v1.3.0-dev - * Fix location of libpod.conf - * Capitalize global options help information - -- Changelog for v1.2.0 (2019-03-30) - * Update release notes for v1.2.0 - * Remove wait event - * Vendor Buildah 1.7.2 - * Add locking to ensure events file is concurrency-safe - * Alter container/pod/volume name regexp to match Docker - * test: test that an unprivileged user cannot access the storage - * userns: do not use an intermediate mount namespace - * volumes: push the chown logic to runtime_volume_linux.go - * Cleanup image2 -> image for imports - * Set blob cache directory based on GraphDriver - * utils: call GetRootlessRuntimeDir once - * rootless: set sticky bit on rundir - * oci: drop reference to runc - * Fix lint - * Ensure that we make a netns for CNI non-default nets - * rootless: change env prefix - * vendor buildah, image, storage, cni - * Default to SELinux private label for play kube mounts - * Add watch mode to podman ps - * Add all container status states to the podman-ps manual page. - * fix bug `system df` add blank space to the output - * fix bug remote-podman images --digests - * Use spaces instead of tab for JSON marshal indent - * Fix gofmt - * Remove ulele/deepcopier in favor of JSON deep copy - * doc: add note that pod publish ports are static once defined - * Sigh; disable pod-top test, it's unreliable (#2780) - * Resolve review comments - * Add a test that --add-host conflicts with --no-hosts - * Add manpages and completions for dns=none and no-hosts - * Add --no-hosts flag to disable management of /etc/hosts - * Add for --dns=none to disable creation of resolv.conf - * Add support to disable creation of network config files - * system df: reject invalid arguments - * rootless: fix regression when using exec on old containers - * Touchup commands.md - * size is optional for container inspection - * Add three test cases for podman attach test - * system df to show podman disk usage - * Add "died" event - * docs/podman-pod-create.1.md: add example with port mapping - * podman health check phase3 - * userns: use the intermediate mountns for volumes - * volume: create new volumes with right ownership - * utils: drop dead function - * troubleshooting: explain setup user: invalid argument - * Cirrus: Verify manpages for all subcommands exist - * Make "stopped" a valid state that maps to "exited" - * fix Bug 1688041-podman image save removes existing image - * podman: do not split --env on comma - * Need to pass the true paramater with --syslog in cobra - * Fix man page to mention race condition - * docs/podman-run.1.md: remove extra whitespace in --read-only - * man pages - consistency fixes - * Add new key and never-expiring test certificate - * Cirrus: Run vendor check in parallel - * Cirrus: Various fixes for rootless testing - * ps: fix segfault if the store is not initialized - * tests: re-enable some tests for rootless mode - * rootless: implement pod restart - * rootless: reimplement restart with rootless.Argument() - * test: fix SkipIfRootless() helper - * rootless, rm: fix retcode when the container is not found - * rootless: fix ps command - * rootless: fix pod kill - * Enable rootless integration tests - * BATS: new tests, and improvements to existing ones - * podman umount: error out if called with no args - * Export ConmonPidFile in 'podman inspect' for containers - * support GO template {{ json . }} - * Incorporate user from image inspect data in play kube - * Cirrus: Disable master-success IRC notices - * Cleanup messages on podman load - * Cirrus: Update VM Cache images - * podman logs on created container should exit - * Fix cut and paste errors in podman-pod-inspect - * rootless: fix pod top - * pod: fix segfault when there are no arguments to inspect - * output of port grouping in ps command added as example - * utils: split generation and writing of storage.conf - * Cirrus: Fix post-merge failure notice - * utils: avoid too long tmp directory - * podman image tree: fix usage message - * Cirrus: Notify on IRC if post-merge testing fails - * rootless: change default path for conmon.pid - * Add CLI storage conf example to run manpage - * Integration test tweaks - * display logs for multiple containers at the same time - * Make 'podman rm' exit with 125 if it had a bogus & a running container - * rootless: write the custom config file before reload - * Add support for SCTP port forwarding - * Make sure buildin volumes have the same ownership and permissions as image - * rootless: do not override user settings - * runtime: refactor NewRuntime and NewRuntimeFromConfig - * events: use os.SEEK_END instead of its value - * container: check containerInfo.Config before accessing it - * rootless: use Geteuid instead of Getuid - * rootless: use /tmp/libpod-rundir-$EUID for fallback - * build: fix build DIR -t TAG - * testcase added for listing range of ports in ps command - * port grouping in ps command output - * Update pull and pull-always in bud man page - * cirrus: upgrade slirp4netns - * rootless: fix CI regression when using slirp4netns - * save-load-export: clear cli-parsing default - * Bump timeout on a podman info test to default - * Replace skopeo-containers with containers-common - * slirp4netns: use --disable-host-loopback - * slirp4netns: set mtu to 65520 - * Tree implementation for podman images - * Replace buildah with podman in build doc - * zsh completion - * Usage messages: deduplicate '(default true)' et al - * Corrected detach man pages and code comments - * Add --replace flag to "podman container runlabel" - * rm: fix cleanup race - * Add gating tasks - * Add 'podman events' to podman(1) - * Vendor docker/docker, fsouza and more #2 - * Usability cleanup for 'inspect' - * Add event on container death - * Update vendor of Buildah and imagebuilder - * minor typo fix in 'podman top' usage - * healtcheck phase 2 - * Add event logging to libpod, even display to podman - * Fix SELinux on host shared systems in userns - * Fix broken link in io.podman.varlink - * move formats pkg to and vendor from buildah - * Ensure that tmpfs mounts do not have symlinks - * Update troubleshooting guide for Podman-in-Podman - * Buffer stdin to a file when importing "-" - * vendor psgo v1.2 - * preparation for remote-client create container - * Initialize field in InfoHost struct - * rootless: allow single mappings - * Remove --rm and --detach don't coexist note - * rootless: fix pod stop|rm if uid in the container != 0 - * rootless: fix rm when uid in the container != 0 - * rootless: disable pod stats - * rootless: do not create automatically a userns for pod kill - * rootless: support a custom arg to the new process - * slirp4netns: add builtin DNS server to resolv.conf - * errors: fix error cause comparison - * libpod: allow to configure path to the network-cmd binary - * build: honor --net - * pull: promote debug statement to error - * Fix generation of infra container command - * Remove an unused if statement I added - * Don't delete another container's resolv and hosts files - * Fix a potential segfault during infra container create - * We don't use crio-umount.conf - * Move secrets package to buildah - * Add troublshoot information about SELinux labeling of containers/storage - * test docs fixups - * Default to image entrypoint for infra container - * ginkgo status improvements - * rootless: propagate errors from info - * podman play kube defaults - * container runlabel respect $PWD - * Remove 'podman ps' restarting filter and fix stopped - * label parsing in non-quoted field - * More cleanup for failures on missing commands. - * add podman-healthcheck(1) to podman(1) - * Implement review feedback - * new system tests under BATS - * fix bug in podman images list all images with same name - * Fix help commands to show short and long description. - * implement showerror and accept HOST_PORT env which defaults to 8080 - * create: join also the mount ns of the dependency - * rootless: exec join the user+mount namespace - * oci: make explicit the extra files to the exec - * add test to cover networking - * tests to cover locks and parallel execution #2551 - * Yet another seemingly minor tweak to usage message - * Change LookupContainer logic to match Docker - * Implement podman-remote wait command and container subcommand - * Cirrus: Use imgts container to record metadata - * System-test: Documentation and TODO list - * podman-remote pod top|stats - * fix bug --device enable specifying directory as device - * add flag --extract tar file in podman cp - * Fix incorrect pod create failure - * libpod/container_internal: Split locale at the first dot, etc. - * Add volume mounting to podman play kube - * podman healthcheck run (phase 1) - * Append hosts to dependency container's /etc/hosts file - * rootless: fix clone syscall on s390 and cris archs - * Cirrus: Add dedicated rootless mode testing - * rootless: fill in correct storage conf default - * rm: set exit code to 1 if a specified container is not found - * Support filter image by reference to the repo name - * Bump gitvalidation epoch - * Bump to v1.2.0-dev - * Support podman-remote kill container(s) - * cirrus: Drop ginkgo, gomega, easyjson install - * Cirrus: Stop testing on RHEL - * Cirrus: Stop testing on RHEL - * Globally increase test timeout to 90-minutes - * cirrus: Drop ginkgo, gomega, easyjson install - * Cirrus: Add BATS package for all platforms - * Globally increase test timeout to 90-minutes - * exec: support --preserve-fds - * get_ci_vm.sh: Fix conflicting homedir files - -- Changelog for v1.1.2 (2019-03-04) - * Fix #2521 - * Update release notes for v1.1.2 - * Change timestamp format for podman logs - * Don't extract tar file in podman cp - * runtime: fill a proper default tmpdir when --config is used - * Add additional defense against 0-length log segfaults - * When logging with timestamps, append only until newline - * Ensure that each log line is newline-terminated - * A few more usage-message tweaks - * Add missing short flag -l for run/create - * Fix aliased commands to actually work - * Support podman-remote stop container(s) - * Add tests to make sure podman container and podman image commands work - * Bump gitvalidation epoch - * Bump to v1.2.0-dev - -- Changelog for v1.1.1 (2019-03-01) - * Update release notes for v1.1.1 - * Pull image for runlabel if not local - * Fix SystemExec completion race - * Fix link inconsistencies in man pages - * Verify that used OCI runtime supports checkpoint - * Should be defaulting to pull not pull-always - * podman-commands script: refactor - * Move Alias lines to descriptions of commands - * Fix usage messages for podman image list, rm - * Fix -s to --storage-driver in baseline test - * No podman container ps command exists - * Allow Exec API user to override streams - * fix up a number of misplace commands - * rootless, new[ug]idmap: on failure add output - * [ci skip] Critical note about merge bot - * podman port fix output - * Fix ignored --time argument to podman restart - * secrets: fix fips-mode with user namespaces - * Fix four errors tagged by Cobra macro debugging - * Clean up man pages to match commands - * Add debugging for errors to Cobra compatibility macros - * Command-line input validation: reject unused args - * Fix ignored --stop-timeout flag to 'podman create' - * fixup! Incorporate review feedback - * fixup! missed some more: - * fixup! Correction to 'checkpoint' - * Followup to #2456: update examples, add trust - * podman create: disable interspersed opts - * fix up a number of misplace commands - * Add a task to Cirrus gating to build w/o Varlink - * Skip checkpoint/restore tests on Fedora for now - * Fix build for non-Varlink-tagged Podman - * Remove restore as podman subcommand - * Better usage synopses for subcommands - * Bump gitvalidation epoch - * Bump to v1.2.0-dev - * Centralize setting default volume path - * Ensure volume path is set appropriately by default - * Move all storage configuration defaults into libpod - * rename pod when we have a name collision with a container - * podman remote-client readme - -- Changelog for v1.1.0 (2019-02-26) - * Vendor in latest buildah 1.7.1 - * volume: do not create a volume if there is a bind - * Only remove image volumes when removing containers - * Fix podman logs -l - * start pod containers recursively - * Update release notes for v1.1.0 - * vendor containers/image v1.5 - * Record when volume path is explicitly set in config - * Add debug information when overriding paths with the DB - * Add path for named volumes to `podman info` - * Add volume path to default libpod.conf (and manpage) - * Validate VolumePath against DB configuration - * When location of c/storage root changes, set VolumePath - * docs: cross-reference `podman-{generate,play}-kube` - * README: refine "Out of scope" section - * oci: improve error message when the OCI runtime is not found - * Label CRIU log files correctly - * Add num_locks to the default libpod config - * podman-remote pod pause|unpause|restart - * podman: fix ro bind mounts if no* opts are on the source - * Change exit code to 1 on podman rmi nosuch image - * README.md: rephrase Buildah description - * README: update "out of scope" section - * Change exit code to 1 on podman rm nosuch container - * podman-remote create|ps - * remove duplicate commands in main - * issue template: run `podman info --debug` - * Fix play to show up in podman help - * Switch defaults for podman build versus buildah - * In shared networkNS /etc/resolv.conf&/etc/hosts should be shared - * Allow dns settings with --net=host - * Fix up handling of user defined network namespaces - * Enable more podman-remote pod commands - * tests, rootless: use relative path for export test - * rootless: force same cwd when re-execing - * Vendor Buildah v1.7 - * Exit with errors not just logging error - * cmd: support rootless mode for cp command - * hide --latest on the remote-client - * Improve command line validation - * make remote-client error messaging more robust - * podman: --runtime has higher priority on runtime_path - * podman-remote pod inspect|exists - * Cirrus: Install Go 1.11 on Ubuntu VMs - * Cirrus: Add 20m extra timeout for Ubuntu - * Introduce how to start to hack on libpod. - * update: remove duplicate newline - * Fix typo in comment - * podman-remote load image - * Do not make renumber shut down the runtime - * Add podman system renumber command - * Add ability to get a runtime that renumbers - * Recreate SHM locks when renumbering on count mismatch - * Move RenumberLocks into runtime init - * Remove locks from volumes - * Expand renumber to also renumber pod locks - * Add ability to rewrite pod configs in the database - * Add initial version of renumber backend - * Add a function for overwriting container config - * enable podman-remote pod rm - * vendor containers/image v1.4 - * Adjust LISTEN_PID for reexec in varlink mode - * Update c/storage vendor to v1.10 release - * add newline to images output - * podman-remote save [image] - * hack/tree_status.sh: preserve new lines - * remove duplicate kill from `podman --help` - * iopodman.SearchImages: add ImageSearchFilter to Varlink API - * image.SearchImages: use SearchFilter type - * SearchImages: extend API with filter parameter - * podman-search: refactor code to libpod/image/search.go - * podman-search: run in parallel - * Ensure that userns is created for stopped rootless pods - * Podman pod create now errors on receiving CLI args - * podman-remote pull - * Don't start running dependencies - * Fifth chunk of Cobra Examples - * Add 4th chunk of Cobra Examples - * OpenTracing support added to start, stop, run, create, pull, and ps - * packer: Make Makefile host arch sensitive - * Add 3rd chunk of Cobra examples - * pod infra container is started before a container in a pod is run, started, or attached. - * Add registry name to fields returned by varlink image search - * Second chunk of Cobra help - * podman: honor --storage-opt again - * docs: mention the new OCI runtime configuration - * libpod: honor runtime_path from libpod.conf - * rootless: open the correct file - * Fix `podman login` lying problem - * Fix error code retrieval for podman start --attach - * Enable --rm with --detach - * Add examples for Cobra - * Add tlsVerify bool to SearchImage for varlink - * Fix volume handling in podman - * enable podman-remote volume prune - * add build to main and as subcommand to image - * --password-stdin flag in `podman login` - * 'podman cp' copy between host and container - * podman-remote build - * Vendor in latest c/storage and c/image - * show container ports of network namespace - * podman-remote volume inspect|ls - * build varlink without GOPATH - * completions: add --pod to run/create - * Parse fq name correctly for images - * Try disabling --rm on notify_socket test - * podman-remote push - * get_ci_vm : allow running without sudo - * Only build varlink when buildtag is available - * Remove a lot of '--rm' options from unit tests - * Address review comments on #2319 - * Retain a copy of container exit file on cleanup - * Fix manual detach from containers to not wait for exit - * varlink: Rename `SearchImage` to `SearchImages` - * varlink: Rename `ContainerInList` to `Container` - * varlink: Rename `ImageInList` to `Image` - * varlink: Simplify GetVersion() call - * varlink: Return all times in RFC 3339 format - * Makefile: Don't include quotes around GIT_COMMIT - * varlink: Remove the Ping() method - * podman: Show error when creating varlink listener failed - * varlink: Remove `NotImplemented` type - * Don't show global flags except for podman command - * podman-remote volume rm - * Remove urfave/cli from libpod - * podman-remote volume create - * Separate remote and local commands - * lock and sync container before checking mountpoint - * oci: do not set XDG_RUNTIME_DIR twice - * pod: drop not valid check for rootless - * Podman pod stats -- fix GO template output - * Add troubleshooting information about running a rootless containers. - * Add --all-tags to pull command - * Add common_test.go to single test instructions - * Remove container from storage on --force - * do not crash when displaying dangling images - * Add volume mounts to PS output - * Update image-trust man with further comments - * Migrate to cobra CLI - * Remove some dead type declarations - * Fix down/missing registry.access.redhat.com - * cleanup: use the correct runtime - * make vendor: always check for latest vndr - * install.md: add section about vendoring - * Add varlink generate to the make documentation - * Mention OSes that pass the build - * Generate make helping message dynamicaly. - * Makefile: minor fix to reenable system tests - * Add StartPeriod to cmd/podman/docker.HealthConfig - * Unconditionally refresh storage options from config - * rootless: do not override /dev/pts if not needed - * Fix handling of memory limits via varlink - * Add documentation on running systemd on SELinux systems - * Cirrus: add vendor_check_task - * cleanup vendor directory - * Revert "Vendor containers/buildah" - * e2e tests: sigproxy: fix rare hang condition - * Preserve exited state across reboot - * Apply 50min timeout to integration tests - * Capatilize all usage and descriptions - * Add podman system prune and info commands - * podman-remote import|export - * tests: allow to override the OCI runtime - * rootless: copy some settings from the global configuration - * Vendor containers/buildah - * Increase e2e info/json test exit timeout - * Touch up image-trust man - * Rework Podman description - * vendor latest containers/image - * Reduce Dockerfile based build time for libpod. - * libpod/image: Use RepoDigests() in Inspect() - * add Pod Manager References - * Add support for short option -f in podman version - * Add support for short option -s in podman inspect - * Add support for short option -f - * Changes to container runlabel for toolbox project - * Fix regression in ps with custom format - * Set SELinux type on bin/podman after install - * Cirrus: Add RHEL-7 testing - * For consistency in usage output the verbs changed from 3rd person to 1st person. - * podman image prune -- implement all flag - * Alter varlink API for ListContainerMounts to return a map - * Make --quiet work in podman create/run - * apparmor: don't load default profile in rootless mode - * Cirrus: Enable AppArmor build and test - * Update ArchLinux installation instructions - * tutorials: describe how to use podman in updates-testing - * [skip ci] Cirrus: Container for tracking image use - * Cirrus: Use freshly built images - * remove sudo - * Vendor in latest containers/storage - * Show a better error message when podman info fails during a refresh - * enable podman-remote version - * Update transfer.md and commands.md to add missing commands. - * rootless: support port redirection from the host - * Mask unimplemeted commands for remote client - * Vendor in latest opencontainers/selinux - * podman-remote inspect - * Vendor in latest containers/storage - * rootless: fix --pid=host without --privileged - * Do not unmarshal into c.config.Spec - * podman-inspect: don't ignore errors - * Add openSUSE Kubic to install.md - * cirrus: Record start/end time of important things - * Cirrus: Consolidate VM image names in once place - * Update README for v1.0.0 - * Installing podman - * Ensure that wait exits on state transition - * Vendor in containers/storage - * Add --latest and --all to podman mount/umount - * Cleanup coverity scan issues - * Embed runtime struct in super localRuntime - * Collaberative podman-remote container exists - * Fix up `image sign` in PR 2108 - * add support for podman-remote history - * Rename localRuntime to runtime in cmd/podman - * podman remote integrations tests - * podman remote client -- add rmi - * Run integrations test with remote-client - * [skip ci] Hack: Fix get_ci_vm.sh w/ gcloud ssh/scp - * Update master branch with v1.0 changes from 1.0 branch - * Add local storage.conf example to troubleshoot - * config: store the runtime used to create each container - * oci: allow to define multiple OCI runtimes - * libpod: allow multiple oci runtimes - * Remove imageParts.{isTagged,registry,name,tag} - * Clarify comments about isRegistry a bit. - * Use imageParts.unnormalizedRef in GetImageBaseName - * FIXME? Introduce imageParts.suspiciousRefNameTagValuesForSearch - * Use imageParts.referenceWithRegistry in Image.getLocalImage - * Don't try to look up local images with an explicit :latest suffix - * Return a reference.Named from normalizedTag - * Use reference.TagNameOnly instead of manually adding imageParts.tag in normalizeTag - * Use imageParts.normalizedReference in normalizeTag - * Add imageParts.normalizedReference() - * Use imageparts.referenceWithRegistry in normalizeTag - * Remove no longer used imageParts.assemble() - * Use getPullRefPair / getSinglePullRefPairGoal in pullGoalFromPossiblyUnqualifiedName - * Use imageParts.referenceWithRegistry in pullGoalFromPossiblyUnqualifiedName - * Use imageParts.referenceWithRegistry in getPullRefPair - * Add imageParts.referenceWithRegistry - * Don't use imageParts.assemble when pulling from a qualified name - * Reorganize normalizeTag - * Simplify pullGoalFromPossiblyUnqualifiedName - * Remove imageParts.transport - * Simplify pullGoalFromPossiblyUnqualifiedName - * Inline imageParts.assembleWithTransport into callers - * Record the original reference.Named in imageParts - * Drop image.DecomposeString, make image.Parts private imageParts again - * Don't call image.DecomposeString in imageInListToContainerImage - * Add bridge support, for the varlink connection - * Add troubleshooting statement for homedirs mounted noexec - * Set default storage options from mounts.conf file. - * podman play kube: add containers to pod - * Add darwin support for remote-client - * vendor: update everything - * vendor make target - * rootless: create the userns immediately when creating a new pod - * rootless: join both userns and mount namespace with --pod - * spec: add nosuid,noexec,nodev to ro bind mount - * Use multi-arch images in test case scripts - * Add varlink support for prune - * Replace tab with spaces in MarshalIndent in libpod - * Remove one more usage of encoding/json in libpod - * Update vendor.conf for jsoniter vendor changes - * Move all libpod/ JSON references over to jsoniter - * Update json-iterator vendor to v1.1.5 - * Remove easyjson in preparation for switch to jsoniter - * remote-client support for images - * Move python code from contrib to it's own repo python-podman - * Use defaults if paths are not specified in storage.conf - * (Minor) Cirrus: Print timestamp at start - * fix up sigstore path - * Trivial readme updates - * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE - * Fix handling of nil volumes - * sign: make all error messages lowercase - * sign: use filepath.Join instead of fmt.Sprintf - * createconfig: always cleanup a rootless container - * Fix 'image trust' from PR1899 - * libpod/image: Use ParseNormalizedNamed in RepoDigests - * apparmor: apply default profile at container initialization - * Fix up image sign and trust - * If you fail to open shm lock then attempt to create it - * List the long variant of each option before its shorter counterpart - * Use existing interface to request IP address during restore - * Added checkpoint/restore test for same IP - * Enable checkpoint test with established TCP connections - * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' - * pkg/hooks/exec: Include failed command in hook errors - * hooks/exec/runtimeconfigfilter: Log config changes - * hooks: Add pre-create hooks for runtime-config manipulation - * Add Validate completions - * Add a --workdir option to 'podman exec' - * Default --sig-proxy to true for 'podman start --attach' - * Test that 'podman start --sig-proxy' does not work without --attach - * [WIP]Support podman image sign - * vendor latest buildah - * Honor image environment variables with exec - * Minor: Remove redundant basename command in ooe.sh - * Rename libpod.Config back to ContainerConfig - * Add ability to build golang remote client - * vendor latest buildah - * Add the configuration file used to setup storage to podman info - * Address lingering review comments from SHM locking PR - * podman: set umask to 022 - * podman-login: adhere to user input - * Vendor in latest containers/buildah code - * Rootless with shmlocks was not working. - * Readd Python testing - * Update vendor of runc - * [skip ci] Docs: Add Bot Interactions section - * container runlabel NAME implementation - * Bump time for build_each_commit step - * Move lock init after tmp dir is populated properly - * DO NOT MERGE temporarily remove python tests - * When refreshing libpod, if SHM locks exist, remove them - * Ensure different error messages and creating/opening locks - * Update unit tests to use in-memory lock manager - * Remove runtime lockDir and add in-memory lock manager - * Convert pods to SHM locks - * Convert containers to SHM locking - * Add lock manager to libpod runtime - * Move to POSIX mutexes for SHM locks - * Disable lint on SHMLock struct - * Refactor locks package to build on non-Linux - * Add an SHM-backed Lock Manager implementation - * Add interface for libpod multiprocess locks - * Improve documentation and unit tests for SHM locks - * Propogate error codes from SHM lock creation and open - * Add mutex invariant to SHM semaphores. - * Initial skeleton of in-memory locks - * add container-init support - * If local storage file exists, then use it rather then defaults. - * vendor in new containers/storage - * Fix completions - * Touch up some troubleshooting nits - * Warn on overriding user-specified storage driver w/ DB - * Log container command before starting the container - * Use sprintf to generate port numbers while committing - * Add troubleshooting for sparse files - * Fix handling of symbolic links - * podman build is not using the default oci-runtime - * Re-enable checkpoint/restore CI tests on Fedora - * Fixes to handle /dev/shm correctly. - * rootless tests using stop is more reliable - * Allow alias for list, ls, ps to work - * Refactor: use idtools.ParseIDMap instead of bundling own version - * cirrus: Use updated images including new crui - * Switch all referencs to image.ContainerConfig to image.Config - * Allow users to specify a directory for additonal devices - * Change all 'can not' to 'cannot' for proper usage - * Invalid index for array - * Vendor in latest psgo code to fix race conditions - * test: add test for rootless export - * export: fix usage with rootless containers - * rootless: add function to join user and mount namespace - * libpod: always store the conmon pid file - * Use existing CRIU packages in CI setup - * skip test for blkio.weight when kernel does not support it - * Add Play - * Cirrus: Skip build all commits test on master - * prepare for move to validate on 1.11 only - * [skip ci] Gate: Update docs w/ safer local command - * Support podman image trust command - * Makefile: validate that each commit can at least build - * perf test a stress test to profile CPU load of podman - * all flakes must die - * Add information on --restart - * generate service object inline - * Cirrus: One IRC notice only - * docs/tutorials: add a basic network config - * display proper error when rmi -fa with infra containers - * add --get-login command to podman-login. - * Show image only once with images -q - * Add script to create CI VMs for debugging - * Cirrus: Migrate PAPR testing of F28 to Cirrus - * Skip checkpoint tests on Fedora <30 - * Cirrus: Add text editors to cache-images - * Bump gitvalidation epoch - * Bump to v0.12.2-dev - * Clean up some existing varlink endpoints - * mount: allow mount only when using vfs - -- Changelog for v1.0.0 (2018-1-11) - * Update release notes for v1.0 - * Remove clientintegration from Makefile - * Regenerate EasyJSON to fix JSON issues - * Update gitvalidation to avoid reverts w/o signoffs - * Cirrus: Post-Merge Testing for v1.0 Branch - * Move python code from contrib to it's own repo python-podman - * Use defaults if paths are not specified in storage.conf - * (Minor) Cirrus: Print timestamp at start - * fix up sigstore path - * Trivial readme updates - * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE - * Fix handling of nil volumes - * sign: make all error messages lowercase - * sign: use filepath.Join instead of fmt.Sprintf - * createconfig: always cleanup a rootless container - * Fix 'image trust' from PR1899 - * libpod/image: Use ParseNormalizedNamed in RepoDigests - * apparmor: apply default profile at container initialization - * Fix up image sign and trust - * List the long variant of each option before its shorter counterpart - * Use existing interface to request IP address during restore - * Added checkpoint/restore test for same IP - * Enable checkpoint test with established TCP connections - * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' - * pkg/hooks/exec: Include failed command in hook errors - * hooks/exec/runtimeconfigfilter: Log config changes - * hooks: Add pre-create hooks for runtime-config manipulation - * Add Validate completions - * Add a --workdir option to 'podman exec' - * Default --sig-proxy to true for 'podman start --attach' - * Test that 'podman start --sig-proxy' does not work without --attach - * [WIP]Support podman image sign - * vendor latest buildah - * Honor image environment variables with exec - * Minor: Remove redundant basename command in ooe.sh - * Rename libpod.Config back to ContainerConfig - * Add ability to build golang remote client - * vendor latest buildah - * Add the configuration file used to setup storage to podman info - * podman: set umask to 022 - * podman-login: adhere to user input - * Vendor in latest containers/buildah code - * Readd Python testing - * Update vendor of runc - * [skip ci] Docs: Add Bot Interactions section - * container runlabel NAME implementation - * Bump time for build_each_commit step - * add container-init support - * If local storage file exists, then use it rather then defaults. - * vendor in new containers/storage - * Fix completions - * Touch up some troubleshooting nits - * Log container command before starting the container - * Use sprintf to generate port numbers while committing - * Add troubleshooting for sparse files - * Fix handling of symbolic links - * podman build is not using the default oci-runtime - * Re-enable checkpoint/restore CI tests on Fedora - * Fixes to handle /dev/shm correctly. - * rootless tests using stop is more reliable - * Allow alias for list, ls, ps to work - * Refactor: use idtools.ParseIDMap instead of bundling own version - * cirrus: Use updated images including new crui - * Switch all referencs to image.ContainerConfig to image.Config - * Allow users to specify a directory for additonal devices - * Change all 'can not' to 'cannot' for proper usage - * Invalid index for array - * Vendor in latest psgo code to fix race conditions - * test: add test for rootless export - * export: fix usage with rootless containers - * rootless: add function to join user and mount namespace - * libpod: always store the conmon pid file - * Use existing CRIU packages in CI setup - * skip test for blkio.weight when kernel does not support it - * Add Play - * Cirrus: Skip build all commits test on master - * prepare for move to validate on 1.11 only - * [skip ci] Gate: Update docs w/ safer local command - * Support podman image trust command - * Makefile: validate that each commit can at least build - * perf test a stress test to profile CPU load of podman - * all flakes must die - * Add information on --restart - * generate service object inline - * Cirrus: One IRC notice only - * docs/tutorials: add a basic network config - * display proper error when rmi -fa with infra containers - * add --get-login command to podman-login. - * Show image only once with images -q - * Add script to create CI VMs for debugging - * Cirrus: Migrate PAPR testing of F28 to Cirrus - * Skip checkpoint tests on Fedora <30 - * Cirrus: Add text editors to cache-images - * Clean up some existing varlink endpoints - * mount: allow mount only when using vfs - -- Changelog for v0.12.1.2 (2018-12-13) - * Add release notes for 0.12.1.2 - * runlabel should sub podman for docker|/usr/bin/docker - * condition fixed for adding volume to boltdb. - * e2e: add tests for systemd - * Add test for sharing resolv and hosts with netns - * Makefile tweaks to fix make shell - * failed containers with --rm should remove themselves - * Fix documentation links and flow - * Set Socket label for contianer - * Containers sharing a netns should share resolv/hosts - * Prevent a second lookup of user for image volumes - * fix typo in kubernetes - * No need to use `-i` in go build (with go 1.10 and above) - * rootless: fix restart when using fuse-overlayfs - * Cirrus: Update base-image build docs - * Add capabilities to generate kube - * disable F29 tests on PAPR - * Ensure storage options are properly initialized - * add more example usage to varlink endpoints - * Update for API change - * Vendor buildah after merging mtrmac/blob-info-caching-on-top-of-contents-caching - * Vendor c/image after merging c/image#536 - * Bump gitvalidation epoch - * Bump to v0.12.2-dev - -- Changelog for v0.12.1.1 (2018-12-07) - * Update release notes for v0.12.1.1 - * Fix errors where OCI hooks directory does not exist - * add timeout to pod stop - * Remove manual handling of insecure registries in (podman search) - * Fix reporting the registries.conf path on error - * Remove manual handling of insecure registries in doPullImage - * Remove the forceSecure parameter on the pull call stack - * Remove manual handling of insecure registries in PushImageToReference - * Factor out the registries.conf location code in pkg/registries - * Remove the forceSecure parameter of Image.PushImageTo* - * Minimally update for the DockerInsecureSkipTLSVerify type change - * Bump gitvalidation epoch - * Bump to v0.12.2-dev - * Fix build on non-Linux - * Remove some unused data structures and code - * Vendor buildah after merging https://github.com/containers/buildah/pull/1214 - * Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53 - * Cirrus: Document and codify base-image production - * Cirrus: Use Makefile for image-building - * Refactor BooleanAction to mimic golang interface - * generate kube - -- Changelog for v0.12.1 (2018-12-06) - * Update release notes for 0.12.1 - * bind mount /etc/resolv.conf|hosts in pods - * Remove --sync flag from `podman rm` - * Add locking to Sync() on containers - * Add --sync flag to podman ps - * Add --sync option to podman rm - * Tests for podman volume commands - * Add "podman volume" command - * tutorial: add ostree dependency - * Pick registry to login from full image name as well - * Add ability to prune containers and images - * Invert tlsverify default in API - * set .54 version for f28 due to memory error - * Vendor in latest containers/storage - * pkg/lookup: Return ID-only pointers on ErrNo*Entries - * test for rmi with children - * libpod/container_internal_linux: Allow gids that aren't in the group file - * Don't initialize CNI when running as rootless - * correct algorithm for deleting all images - * Use runtime lockDir in BoltDB state - * test: update runc again - * vendor: update containers/storage - * create pod on the fly - * libpod/container_internal: Deprecate implicit hook directories - * Revert changes to GetDefaultStoreOptions - * Fix libpod static dir selection when graphroot changed - * podman pod exists - * Adding more varlink endpoints - * Ensure directory where we will make database exists - * Fix typo - * rootless: raise error if newuidmap/newgidmap are not installed - * Add better descriptions for validation errors in DB - * Fix gofmt and lint - * Make locks dir in unit tests - * Do not initialize locks dir in BoltDB - * Move rootless storage config into libpod - * Set default paths from DB if not explicitly overridden - * Add a struct indicating if some Runtime fields were set - * Make DB config validation an explicit step - * Move DB configuration up in runtime setup - * Add ability to retrieve runtime configuration from DB - * Add short-option handling to logs - * tests: always install runc on Ubuntu - * cirrus: update ubuntu image - * cirrus: make apt noninteractive - * Dockerfile, .cirrus.yml: update runc commit - * rootless: propagate XDG_RUNTIME_DIR to the OCI runtime - * Update ubuntu VM image w/ newer runc - * add pod short option to ps - * Add create test with --mount flag - * Only include container SizeRootFs when requested - * /dev/shm should be mounted even in rootless mode. - * disable checkpoint tests on f29 - * test, rootless: specify USER env variable - * Revert "downgrade runc due a rootless bug" - * Fix completions to work with podman run command - * hide kube command for now - * pypod create/run: ignore args for container command - * Add support for --all in pypodman ps command - * Fixes #1867 - * tests: fix NOTIFY_SOCKET test - * Fix golang formatting issues - * oci: propagate NOTIFY_SOCKET on runtime start - * test: fix test for NOTIFY_SOCKET - * Add test to ensure stopping a stopped container works - * Stopping a stopped container is not an error for Podman - * Disable mount options when running --privileged - * Vendor in latest containers/storage - * util: use fsnotify to wait for file - * vendor: update selinux - * rootless: store only subset of storage.conf - * rootless: fix cleanup - * network: allow slirp4netns mode also for root containers - * Added more checkpoint/restore test cases - * Fix podman container restore -a - * Update bash completion for checkpoint/restore - * Add '--tcp-established' to checkpoint/restore man page - * Added tcp-established to checkpoint/restore - * Remove unused CRIU_COMMIT variable - * Point CRIU_COMMIT to CRIU release 3.11 - * Updated CRIO_COMMIT to pull in new conmon for CRIU - * Use also a struct to pass options to Restore() - * _split_token(): handle None - * Use host's resolv.conf if no network namespace enabled - * rootless: add new netmode "slirp4netns" - * tests: change return type for PodmanAsUser to PodmanTestIntegration - * test: cleanup CNI network used by the tests - * exec: don't wait for pidfile when the runtime exited - * Remove mount options relatime from podman run --mount with shared - * Update test case name to podman run with --mount flag - * Add some tests for --ip flag with run and create command - * Add history and namespaceoptions to image inspect - * add podman container|image exists - * set root propagation based on volume properties - * Actually set version for podman module / pypodman - * implement --format for version command - * podman_tutorial.md typos: arguement -> argument; missing 'a' - * Load NAT modules to fix tests involving CRIU - * Vendor in latest containers/buildah - * Update checkpoint/restore man pages - * Added option to keep containers running after checkpointing - * Use a struct to pass options to Checkpoint() - * exec: always make explicit the tty value - * Allow users to expose ports from the pod to the host - * Improve speed of containers.list() - * output libpod container to kubernetes yaml - * rootless: create empty mounts.conf if it doesn't exist - * registries: check user registries file only in rootless mode - * rootless: create storage.conf when it doesn't exist - * rootless: create libpod.conf when it doesn't exist - * Don't use $HOST and $USER variables for remote - * Implement pypodman start command - * runlabel: use shlex for splitting commands - * Add a rule to compile system test in Makefile - * Fix no-new-privileges test - * The system test write with ginkgo - * Separate common used test functions and structs to test/utils - * Add version command to pypodman - * Bump gitvalidation epoch - * Bump to v0.11.2-dev - * Cirrus: Add documentation for system-testing - * Cirrus: Simplify optional system-test script - * Cirrus: Reveal magic, parallel system-testing - * libpod should know if the network is disabled - * Lint: Silence few given goconst lint warnings - * Lint: Extract constant unknownPackage - * Lint: Tests: add missing assertions - * Lint: Do not ignore errors from docker run command when selinux enabled - * Lint: InspectImage varlink api should return errors that occurred - * Lint: Exclude autogenerated files from lint test - * Lint: Update metalinter dependency - * Set --force-rm for podman build to true by default - * Vendor in latest containers/storage - -- Changelog for v0.11.1.1 (2018-11-15) - * Vendor in containers/storage - * Add release notes for 0.11.1.1 - * Increase pidWaitTimeout to 60s - * Cirrus: Add master branch testing status badge - * rootless: call IsRootless just once - * Bump golang to v1.10 in install.md - * Standardized container image for gofmt and lint - * Make list of approvers same as reviewers - * vendor: update ostree-go - * vendor.conf: fix typo - * Cleanup podman spec to not show git checkout is dirty - * Add space between num & unit in images output - * Update troubleshooting guide to deal with rootless path - * troubleshooting.md: add a recipe for rootless ping - * remove $-prefix from (most) shell examples - * docs: Fix duplicated entry for pod-container-unmount - * Better document rootless containers - * info: add rootless field - * Accurately update state if prepare() partially fails - * Do not hide errors when creating container with UserNSRoot - * rm -f now removes a paused container - * correct assignment of networkStatus - * podman_tutorial: cni build path has changed - * Bump gitvalidation epoch - * Bump to v0.11.2-dev - * Cirrus: Ignore any error from the IRC messenger - * rootless: default to fuse-overlayfs when available - -- Changelog for v0.11.1 (2018-11-08) - * Update release notes for 0.11.1 - * update seccomp.json - * Touch up --log* options and daemons in man pages - * Fix run --hostname test that started failing post-merge - * move defer'd function declaration ahead of prepare error return - * Don't fail if /etc/passwd or /etc/group does not exists - * Print error status code if we fail to parse it - * Properly set Running state when starting containers - * Fix misspelling - * Retrieve container PID from conmon - * If a container ceases to exist in runc, set exit status - * EXPERIMENTAL: Do not call out to runc for sync - * Actually save changes from post-stop sync - * rootless: mount /sys/fs/cgroup/systemd from the host - * rootless: don't bind mount /sys/fs/cgroup/systemd in systemd mode - * Add hostname to /etc/hosts - * Temporarily fix the Python tests to fix some PRs - * Remove conmon cgroup before pod cgroup for cgroupfs - * Fix cleanup for "Pause a bunch of running containers" - * --interactive shall keep STDIN attached even when not explicitly called out - * Do never override podman with docker - * Make kill, pause, and unpause parallel. - * Fix long image name handling - * Make restart parallel and add --all - * Add ChangeAction to parse sub-options from --change - * replace quay.io/baude to quay.io/libpod - * Change humanize to use MB vs MiB. - * allow ppc64le to pass libpod integration tests - * Cirrus-CI: Add option to run system-tests - * Cirrus: Skip rebuilding images unless instructed - * Cirrus: Disable image build job abort on push - * Cirrus: Add a readme - * Ubuntu VM image build: try update twice - * Cirrus: Enable updating F28 image - * rootless: do not add an additional /run to runroot - * rootless: avoid hang on failed slirp4netns - * Fix setting of version information - * runtime: do not allow runroot longer than 50 characters - * attach: fix attach when cuid is too long - * truncate command output in ps by default - * Update the runc commit used for testing - * make various changes to ps output - * Sync default config with libpod.conf - * Use two spaces to pad PS fields - * unmount: fix error logic - * get user and group information using securejoin and runc's user library - * CONTRIBUTING.md: add section about describing changes - * Change to exported name in ParseDevice - * Vendor in latest containers/storage - * fix bug in rm -fa parallel deletes - * Ensure test container in running state - * Add tests for selinux labels - * Add --max-workers and heuristics for parallel operations - * Increase security and performance when looking up groups - * run prepare in parallel - * downgrade runc due a rootless bug - * runlabel: run any command - * Eat our own dogfood - * vendor: update containers/storage - * Add support for /usr/local installation - * create: fix writing cidfile when using rootless - * Explain the device format in man pages - * read conmon output and convert to json in two steps - * Cirrus: Use images w/ buildah fix - * Add --all and --latest to checkpoint/restore - * Use the newly added getAllOrLatestContainers() function - * Use the new checkAllAndLatest() function - * Also factor out getAllOrLatestContainers() function - * Add checkAllAndLatest() function - * Downgrade code to support python3.4 - * Allow containers/storage to handle on SELinux labeling - * Use more reliable check for rootless for firewall init - * Vendor in latest containers/storage opencontainers/selinux - * Make podman ps fast - * Support auth file environment variable in podman build - * fix environment variable parsing - * tests: use existing CRIU version check - * Use the CRIU version check in checkpoint/restore - * Add helper function to read out CRIU version - * vendor in go-criu and dependencies - * oci: cleanup process status - * Handle http/https in registry given to login/out - * re-enable f29 testing - * correct stats err with non-running containers - * Use restoreArtifacts to save time in integration tests - * Make rm faster - * Fix man page to show info on storage - * Move rootless directory handling to the libpod/pkg/util directory - * Fix podman port -l - * Fix trivial missing markup in manpage - * Cirrus: Install CRIU in test images - * Cirrus: Use different CNI_COMMIT for Fedora - * Fix Cirrus/Packer VM image building - * Revert "Cirrus: Enable debugging delay on non-zero exit" - * Cirrus: IRC message when cirrus testing successful - * cirrus: Add simple IRC messenger - * fix NOTIFY_SOCKET in e2e testfix NOTIFY_SOCKET in e2e tests - * Bump gitvalidation epoch - * Bump to v0.10.2-dev - -- Changelog for v0.10.1.3 (2018-10-17) - * Update release notes for 0.10.1.3 - * Vendor in new new buildah/ci - * Fix podman in podman - * Bump gitvalidation epoch - * Bump to v0.10.2-dev - -- Changelog for v0.10.1.2 (2018-10-17) - * Update release notes for 0.10.1.2 - * Fix CGroup paths used for systemd CGroup mount - * Bump gitvalidation epoch - * Bump to v0.10.2-dev - -- Changelog for v0.10.1.1 (2018-10-16) - * Update release notes for 0.10.1.1 - * Mount proper cgroup for systemd to manage inside of the container. - * Cirrus: Enable debugging delay on non-zero exit - * Touchup fileo typo - * volume: resolve symlinks in paths - * volume: write the correct ID of the container in error messages - * vendor: update containers/buildah - * papr: relabel GOPATH/github.com/containers/podman - * tests: do not fail in the cleanup phase - * tests: do not make assumptions on the mount output - * papr_prepare: remove double process for starting up .papr.sh - * Add support for pod commands - * Support auth file environment variable & add change to man pages - * Generate a passwd file for users not in container - * Bump gitvalidation epoch - * Bump to v0.10.2-dev - -- Changelog for v0.10.1 (2018-10-11) - * Swap from map to channels for podman stop workers - * Add release notes for 0.10.1 - * Pass along syslog variable to podman cleanup processes - * Sort all command flags - * rootless: detect when user namespaces are not enabled - * Log an otherwise ignored error from joining a net ns - * Fix gofmt - * Add tests for --ip flag - * Update manpages for --ip flag - * Add --ip flag and plumbing into libpod - * Document --net as an alias of --network in podman run & create - * Update OCICNI vendor to 2d2983e4 - * Temporary commit to swap branches - * rootless: report more error messages from the startup phase - * rootless: fix an hang on older versions of setresuid/setresgid - * Update OCICNI vendor to e617a611 - * fix runlabel functions based on QA feedback - * Vendor latest containers/image - * Stop containers in parallel fashion - * wip - * remove hack/dind - * Vendor in latest github.com/containers/storage,image, buildah - * runlabel: execute /proc/self/exe and avoid recursion - * Re-add source-verify in cirrus-ci - * added links to buildah.io and podman.io to README.md - * Lower CPU/Memory usage by cirrus VMs - * skip userns tests on non-fedora distributions for now - * Remove Travis - * docker: Double quote array expansions to avoid re-splitting elements - * Ensure resolv.conf has the right label and path - * Remove no longer used libnetwork from vendor.conf - * Fix lint - * Drop libnetwork vendor and move the code into pkg/ - * Update libnetwork vendor to current master to fix CI - * Switch to using libnetwork's resolvconf package - * Add configuration for Cirrus-CI - * disable gce building of images - * re-add BR for golang compiler to contrib/spec/podman.spec.in - * completions: add checkpoint/restore completions - * tests: add checkpoint/restore test - * tutorial: add checkpoint/restore to tutorial - * docs: add checkpoint and restore man pages - * Add support to checkpoint/restore containers - * oci: split the stdout and stderr pipes - * oci: always set XDG_RUNTIME_DIR - * Fix pod status reporting for new Exited state - * Add ability for ubuntu to be tested - * selinux: drop superflous relabel - * rootless: always set XDG_RUNTIME_DIR - * Fix python tests - * Fix Wait() to allow Exited state as well as Stopped - * Fix cleanupRuntime to only save if container is valid - * Fix bug with exited state and container remove - * Address review comments and fix ps output - * Add ContainerStateExited and OCI delete() in cleanup() - * Need to allocate memory for hook struct - * Disable SELinux labeling if --privileged - * * Update documenation - * Implement pod varlink bindings - * Update docs to build a runc that works with systemd - * runtime: fix message which assumes the runtime is runc - * rootless: raise an error when trying to use cgroups - * Add --all flag to podman kill - * Add podman.io to README.md - * Vendor in the latest containers/storage, image and buildah - * Don't tmpcopyup on systemd cgroup - * Add container runlabel command - * run complex image names with short names - * Add buildah version and distribution to info - * Disable Fedora 29 and CentOS7 VM testing - * podman runs disabled containers and privileged containers as spc_t - * Update the OWNERS file so bot assigns sane reviewers - * rework CI tests to test on VMs - * Put openshift dockerfiles in test/install - * Bump gitvalidation epoch - * Bump to v0.9.4-dev - * contrib/python/*/Makefile: Fallback to unversioned 'python' - * Makefile: Drop PYTHON - * Makefile: Call contrib/python's clean regardless of HAS_PYTHON3 - -- Changelog for v0.9.3.1 (2018-09-25) - * Update release notes for 0.9.3.1 - * Disable problematic SELinux code causing runc issues - * Bump gitvalidation epoch - * Bump to v0.9.4-dev - -- Changelog for v0.9.3 (2018-09-21) - * Update release notes for 0.9.3 - * Add --mount option for `create` & `run` command - * Refactor Wait() to not require a timeout - * Updates from reviews - * Implement new subcommands - * Don't mount /dev/shm if the user told you --ipc=none - * rootless: error out if there are not enough UIDs/GIDs available - * Vendor in latest containers/buildah - * rootless: fix create with images not in the storage - * rootless: skip usage of filepath.Join - * create, rootless: join the userns of ns:PATH - * create, rootless: join the userns of container:CONTAINER - * spec: refactor ns modes to a common interface - * Don't output inodes created to run a container - * Add rpmbuild to the openshift fedora test image - * Add new field to libpod to indicate whether or not to use labelling - * Bind Mounts should be mounted read-only when in read-only mode - * test, rootless: enforce cgroupfs manager - * report when rootless - * add the gopath environment variable to the openshift dockerfile - * Vendor in latest opencontainers/runtime-tools - * Add python-varlink to the Fedora openshift image - * Add Dockerfile for openshift lint, gofmt, and validate testing - * Vendor in latest containers/buildah - * Don't crash if an image has no names - * Replace all usages of "install -D" with "install -d" - * Increase pidWaitTimeout to 1000ms - * Small updates to OCI spec generation - * Add new tests for ipc namespace sharing - * Hooks supports two directories, process default and override - * Bump gitvalidation epoch - * Bump to v0.9.3-dev - -- Changelog for v0.9.2.1 (2018-09-17) - * Update release notes for 0.9.2.1 - * Vendor in latest projectatomic/buildah - * Vndr latest containers/image - * Bump gitvalidation epoch - * Bump to v0.9.3-dev - -- Changelog for v0.9.2 (2018-09-14) - * Update release notes for 0.9.2 - * change search test to look for fedora and not fedora-minimal - * Don't mount /dev/* if user mounted /dev - * add registry information to varlink info - * libpod/image/pull: Return image-pulling errors from doPullImage - * Update gitvalidation epoch to avoid a bad commit - * Update README to reflect current development efforts - * rootless: do not raise an error if the entrypoint is specified - * Add Buildah Podman relationship to README.md - * Swap default mount propagation from private to rprivate - * Add a way to disable port reservation - * Add notes to check version on problem - * Do not set rlimits if we are rootless - * Up default Podman rlimits to avoid max open files - * Search registries with an empty query - * Vendor in latest containers/image - * Remove duplicate code between create.go and run.go - * Add --interval flag to podman wait - * Add `podman rm --volumes` flag - * Vendor in latest containers/storage to eliminage deadlock - * do not build with devicemapper - * run different cgroup tests depending on conditions - * dont make python when running make - * Explicitly set default CNI network name in libpod.conf - * Pass on securityOpts from podInfraContainer to container added to pod. - * Bump gitvalidation epoch - * Bump to v0.9.2-dev - -- Changelog for v0.9.1.1 (2018-09-10) - * Update release notes for 0.9.1.1 - * Replace existing iptables handler with firewall code - * Vendor CNI plugins firewall code - * Fix displaying size on size calculation error - * Bump gitvalidation epoch - * Bump to v0.9.2-dev - -- Changelog for v0.9.1 (2018-09-07) - * Update RELEASE_NOTES for 0.9.1 release - * Fix pod sharing for utsmode - * Respect user-added mounts over default spec mounts - * Ensure we do not overlap mounts in the spec - * Change references to cri-o to point at new repository - * fix docs for podman build - * use layer cache when building images - * Add first pass for baseline pod tests - * Change shm test to be less flaky. - * Update WaitForTimeOut to output OutputString to help with debugging. - * Fixups for baseline test script - * Fix nameing of Namespaces to be more consistent - * Start pod infra container when pod is created - * vendor containerd/cgroups - * Fix up libpod.conf man pages and referencese to it. - * Print errors from individual pull attempts - * Added GOPATH/bin to PATH install.md - * We should fail Podman with ExitCode 125 by default - * Add CRI logs parsing to podman logs - * rmi remove all not error when no images are present - * rootless: check uid with Geteuid() instead of Getuid() - * rootless, tests: add tests for the pod command - * rootless, create: support --pod - * rootless, run: support --pod - * rootless: create compatible pod infra container - * rootless: be in an userns to initialize the runtime - * commandNotFoundHandler: use stderr and exit code 1 - * Bump gitvalidation epoch - * Bump to v0.9.1-dev - * Update release notes for 0.8.5 - -- Changelog for v0.8.5 (2018-08-31) - * Add proper support for systemd inside of podman - * We are mistakenly seeing repos as registries. - * container: resolve rootfs symlinks - * Up time between checks for podman wait - * Turn on test debugging - * Add support for remote commands - * fixup A few language changes and subuid(5) - * Make the documentation of user namespace options in podman-run clearer - * pod create: restore help flag - * catch command-not-found errors - * don't print help message for usage errors - * Vendor in latest containers/storage and containers/image - * add conmon to copr spec - * docs: consistent format for example - * docs: consistent headings - * docs: make HISTORY consistent - * docs: fix headers - * varlink: fix --timeout usage - * run/create: reserve `-h` flag for hostname - * podman,varlink: inform user about --timeout 0 - * rootless: show an error when stats is used - * rootless: show an error when pause/unpause are used - * rootless: unexport GetUserNSForPid - * rootless, exec: use the new function to join the userns - * rootless: fix top - * rootless: add new function to join existing namespace - * Vendor in latest projectatomic/buildah - * Set nproc in containers unless explicitly overridden - * Do not set max open files by default if we are rootless - * Set default max open files in spec - * Resolve /etc/resolv.conf before reading - * document `--rm` semantics - * allow specification of entrypoint in the form of a slice - * Test RPM build and install for regressions - * rootless, search: do not create a new userns - * rootless, login, logout: do not create a new userns - * rootless, kill: do not create a new userns - * rootless, stop: do not create a new userns - * Ensure return errors match API docs - * Fix manpage to note how multiple filters are combined - * Fix handling of multiple filters in podman ps - * Fix Mount Propagation - * docs: add containers-mounts.conf(5) - * docs: use "containers-" prefix for registries and storage - * rootless: fix --pid=host - * rootless: fix --ipc=host - * spec: bind mount /sys only when userNS are enabled - * rootless, tests: add test for --uts=host - * Dockerfile.Fedora: install slirp4netns - * rootless: don't use kill --all - * rootless: exec handle processes that create an user namespace - * rootless: fix exec - * Move whale-says test to end of baseline - * Bump gitvalidation epoch - * Bump to v0.8.5-dev - -- Changelog for v0.8.4 (2018-08-24) - * Add release notes - * Regenerate easyjson after rebase - * Vendor easyjson code to fix build - * Swap from FFJSON to easyjson - * Make 'make clean' remove FFJSON generated code - * rootless: allow to override policy.json by the user - * add completion for --pod in run and create - * Fixed formatting and lowered verbosity of pod ps - * Do not try to enable AppArmor in rootless mode - * exposes tcp port only if no proto specified. - * rpm-spec: use skopeo-containers instead of containers-common - * Reveal information about container capabilities - * Vendor in latest projectatomic/buildah - * Refactor error checking in With*NSFromPod options - * Fixing network ns segfault - * Change pause container to infra container - * Support pause containers in varlink - * Added option to share kernel namespaces in libpod and podman - * Changed GetContainerStats to return ErrCtrStateInvalid - * Add GetPodStats to varlink - * rpm-spec: update distro-specific dependencies - * Add podman pod top - * Include pod stats and top in commands/completions - * Vendor changes to psgo - * Fix syntax description of --ulimit command - * Swap test image in exec test to fedora for useradd - * Add tests for exec --user - * Properly translate users into runc format for exec - * test: ad more tests for rootless containers - * rootless: fix --net host --privileged - * Fix a bug with hook ALWAYS matching with a process - * Fixed segfault in stats where container had netNS none or from container - * Enable pod stats with short ID and name - * Touch up cert-dir in man pages - * make dbuild fixed on ubuntu/debian - * vendor latest github.com/urfave/cli - * Add retry decorator for flakey tests - * Update error message from reviews - * Support Attach subcommand in pypodman - * Fix handling of devices - * tutorial: point to containers/skopeo - * point to containers/skopeo - * install.md: point to containers/libpod - * Bump gitvalidation epoch - * Bump to v0.8.4-dev - -- Changelog for v0.8.3 (2018-08-17) - * Make failure to retrieve individual ctrs/pods nonfatal - * Mention that systemd is the default cgroup manager - * Add dependency for python3-psutil module - * Vendor in latest buildah and imagebuilder - * Don't fail on size. - * Fix handling of socket connection refusal. - * podman: fix --uts=host - * podman pod stats - * Added helper function for libpod pod api calls - * CreatePod args now PodCreate structure - * Added reason to PodContainerError - * Change batchcontainer to shared - * Add Pod API to varlink. - * Change pod varlink API. - * Moved getPodStatus to pod API to be used in varlink - * Vendor in latest containers/psgo code - * switch projectatomic to containers - * Revert "spec: bind mount /sys only for rootless containers" - * Suport format param for varlink Commit - * Fix segfault in top when -l and no args are passed - * Document STORAGE_DRIVER and STORAGE_OPTS environment variable - * podman.spec: recommend slirp4netns - * Do not 'make all' on Travis for Linux - * Fix build on non-Linux OSes - * Create pod CGroups when using the systemd cgroup driver - * Switch systemd default CGroup parent to machine.slice - * spec: bind mount /sys only for rootless containers - * build, rootless: specify IsolationOCIRootless - * vendor: update buildah version - * Fix handling of hostname in --net=host - * Updated pod_api to reflect function spec - * Add create and pull commands - * rootless: not require userns for help/version - * pkg/apparmor: use a pipe instead of a tmp file - * pkg/apparmor: move data under Linux/apparmor buildtags - * pkg/apparmor: move all linux-code into apparmor_linux* - * podman in rootless mode will only work with cgroupfs at this point. - * when searching, survive errors for multiple registries - * Remove unused function in runtime.go - * Fix papr tests by forcing cgroupfs in CI - * Bump gitvalidation epoch - * Bump to v0.8.3-dev - -- Changelog for v0.8.2.1 (2018-08-11) - * Ensure pod inspect is locked and validity-checked - * Further fix tests - * Bump gitvalidation epoch - * Bump to v0.8.3-dev - * Fix python tests again - * Fix python tests to use cgroupfs - * Fix typo breaking tests - * Force cgroupfs for python tests - * Swap default CGroup manager to systemd - * Only use cgroupfs for containerized tests - * Temporarily force all tests to use cgroupfs driver - -- Changelog for v0.8.2 (2018-08-10) - * We need to sort mounts so that one mount does not over mount another. - * search name should include registry - * Split pod.go into 3 files - * Make errors during refresh nonfatal - * Add batch check to container stats lock - * removeContainer: fix deadlock - * Add FFJSON to build container - * Don't require .gopathok for individual FFJSON targets - * Add FFJSON generation to makefile - * Re-add FFJSON for container and pod structs - * Fixed a bug setting dependencies on the wrong container - * Always connect to the stdout and stderr of stream - * apparmor: respect "unconfined" setting - * oci.go: syslog: fix debug formatting - * add podman pod inspect - * Fix ambiguity in adding localhost to podman save - * Fix CGroupFS cgroup manager cgroup creation for pods - * Update Conmon commit for testing - * Pass newly-added --log-level flag to Conmon - * Cleanup man pages - * Improve ps handling of container start/stop time - * rootless: fix user lookup if USER= is not set - * enabled copr epel builds again - * Handle yum and dnf - * Test regressions against the RPM spec file - * Pass DESTDIR down to python Makefile - * Add dpkg support for returning oci/conmon versions - * Have info print conmon/oci runtime information - * Better pull error for fully-qualified images - * Stub varlink pod methods. - * Remove inotify work around - * Rename varlink socket and interface - * Change tarball filename in copr prepare and match short-commit length - * Add Runc and Conmon versions to Podman Version - * update copr spec, lets get it building again - * Add missing dependencies to build system - * Port to MacOS - * Make one runtime for the varlink service - * Bump gitvalidation epoch - * Bump to v0.8.2-dev - -- Changelog for v0.8.1 (2018-08-03) - * Vendor in latest github.com/projectatomic/buildah - * Update gitvalidation epoch - * Check for missing arguments in /proc/self/cmdline - * Added ps --pod option - * clarify pull error message - * rootless: do not set setgroups to deny when using newuidmap - * Man page fixes found by https://pagure.io/ManualPageScan - * Inline pullGoalNamesFromPossiblyUnqualifiedName into Runtime.pullGoalFromPossibly... - * Replace getPullRefName by Runtime.getPullRefPair - * Inline pullGoalNamesFromImageReference back into Runtime.pullGoalFromImageReference - * Introduce getSinglePullRefNameGoal - * Test Runtime.pullGoalFromPossiblyUnqualifiedName instead of pullGoalNameFrom... - * Test Runtime.pullGoalFromImageReference instead of pullGoalNamesFromImageReference - * Use REGISTRIES_CONFIG_PATH for all tests - * rootless: do not segfault if the parent already died - * RFC: Rename runtime.pullImage to runtime.pullImageFromHeuristicSource - * Introduce Runtime.pullImageFromReference, call it in Runtime.FromImageReference - * RFC: Remove unused transport name constants from libpod - * Replace Runtime.LoadFromArchive with Runtime.LoadFromArchiveReference - * Rename the "image" variable to "imageName" - * Fix the heuristic for docker-archive: sources in (podman pull) - * Split doPullImage from pullImage - * Remove the forceCompress parameter from getCopyOptions and DRO.GetSystemContext - * Remove the authFile parameter from getCopyOptions and DRO.GetSystemContext - * Remove the signaturePolicyPath parameter from getCopyOptions and DRO.GetSystemContext - * Add a *types.SystemContext parameter to getCopyOptions and DRO.GetSystemContext - * Move pullImage from Image to Runtime - * Do not re-parse the list of search registries just for an error message - * Eliminate duplicate determination whether to use search registries - * Eliminate the "DockerArchive means pull all refPairs" special case - * Introduce struct pullGoalNames - * Introduce struct pullGoal - * Use []pullRefPair instead of []*pullRefPair - * Use []pullRefName instead of []*pullRefName - * Introduce singlePullRefNameGoal - * Use an early return from refNamesFromPossiblyUnqualifiedName - * RFC: Rename Image.PushImage to Image.PushImageToHeuristicDestination - * Remove an unnecessary use of alltransports.ParseImageName - * RFC? Hard-code "format" string values instead of using libpod.* transport names - * Use PushImageToReference for (podman save) - * Call imageNameForSaveDestination while creating the references - * Exit early in the simple case in imageNameForSaveDestination - * Rename parameters of imageNameForSaveDestination - * Split imageNameForSaveDestination from saveCmd - * Split a single if statement into two. - * Move source handling before destination parsing - * Split Image.PushImageToReference from Image.PushImage - * Don't format to string and re-parse a DockerReference() - * Remove the :// end from DockerTransport - * Remove the TransportNames arrays - * Document the properties of DefaultTransport a bit better. - * Eliminate the "dest" variable. - * Use an early exit if a docker-archive: image has no repo tags - * Reorganize the tag loading in DockerArchive case - * Return early in refNamesFromImageReference instead of appending to pullNames - * Use srcRef.StringWithinTransport() instead of parsing imgName again - * Use a switch instead of if/if else/.../else - * Remove the error return value from getPullRefName - * Rename getPullListFromRef to refPairsFromImageReference - * Split refNamesFromImageReference from Runtime.getPullListFromRef - * Replace getPullRefPair with getPullRefName - * Include the rejected reference when parsing it fails in pullRefPairsFromRefNames - * Add --force to podman umount to force the unmounting of the rootfs - * Integration Test Improvements #3 - * Ensure container and pod refresh picks up a State - * Fix build on non-linux platforms - * Rework state testing to allow State structs to be empty - * Add additional comments on accessing state in API - * Do not fetch pod and ctr State on retrieval in Bolt - * network: add support for rootless network with slirp4netns - * varlink ImageRemove should always return image ID - * Add documentations on how to setup /etc/subuid and /etc/subgid - * Integration Test Improvements #2 - * avoid spewing fds do to restore of cached images - * Add load test for xz compressed images - * Speed up test results - * Show duration for each ginkgo test and test speed improvements - * vendor: update containers/storage - * Clean up pylint warnings and errors for podman - * podman rmi shouldn't delete named referenced images - * Bump gitvalidation epoch - * Bump to v0.8.1-dev - -- Changelog for v0.7.4 (2018-07-27) - * Add pod pause/unpause - * Fix up docker compatibility messages - * Update vendored version of runc,buildah,containers/image - * Refactored method of getting pods - * Fix godoc comment in pkg/netns - * Fix handling of Linux network namespaces - * Update containernetworking/plugins to current master - * Cleanup descriptions and help information - * Skip seccomp-dependent tests on non-Linux - * Use the Linux version BoltState.getContainerFromDB on all platforms. - * Split parseNetNSBoltData from BoltState.getContainerFromDB - * Use testify/require in a few places to avoid panics in tests - * Skip unit tests which require storage when not running as root - * Don't pollute the build output with failures to build checkseccomp - * Remove cmd/podman/user.go - * double papr timeout for all ci tests - * vendor latest containers/psgo - * Vendor latest container/storage to fix overlay mountopt - * Add pod kill - * Added pod restart - * Added pod.Restart() functionality to libpod. - * Add a mutex to BoltDB state to prevent lock issues - * Clear variables used to store options after parsing for every volume - * Clean up pylint warnings and errors - * podman: allow to specify the IPC namespace to join - * podman: allow to specify the UTS namespace to join - * podman: allow to specify the PID namespace to join - * podman: allow to specify the userns to join - * network: support ns: prefix to join existing namespace - * spec: allow container:NAME network mode - * Update comments in BoltDB and In-Memory states - * Add an E2E test to verify basic namespace functionality - * Add libpod namespace to config - * Add missing runtime.go lines to set namespace - * Address first round of review comments - * Set namespace for new pods/containers based on runtime - * Add --namespace flag to Podman - * Update documentation for the State interface - * Ensure pods are part of the set namespace when added - * Enforce namespace checks on container add - * Add tests for state namespacing - * Add namespaces to in memory state - * Untested implementation of namespaced BoltDB access - * Add constraint that dependencies must be in the same ns - * Add namespaces and initial constraints to database - * Add container and pod namespaces to configs - * Fix varlink API usage of psgo - * Update issue template to point build bugs at buildah - * We don't currently support --mac-address - * Vendor in latest containers/psgo code - * Update container Mounted() and Mountpoint() functions - * [WIP] Refactor and simplify python builds - * AppArmor: runtime check if it's enabled on the host - * Add format descriptors infor to podman top - * Fix error handling in pod start/stop. - * docs/podman-top: fix typo and whitespace - * Use the result of reference.Parse when checking for digests. - * Make refNamesFromPossiblyUnqualifiedName independent from Image - * Make Image.HasShaInInputName to an independent local function - * Split createNamesToPull into ref{Names,Pairs}FromPossiblyUnqualifiedName - * Rename local variables in Runtime.pullRefPairsFromRefNames - * Split Runtime.pullRefPairsFromRefNames from Image.createNamesToPull - * Rename nameToPull to pullRefName - * Rename pullStruct to pullRefPair - * Replace optional nameToPull.shaPullName with mandatory dstName - * Introduce nameToPull, move shaPullName in there - * Split normalizeTag from Image.TagImage - * Remove Image.isShortName - * Inline getTags into its only user - * Add unit tests for imageParts - * Add OnBuild and usernamespace test to baseline - * Bump gitvalidation epoch - * Bump to v0.7.4-dev - -- Changelog for v0.7.3 (2018-07-20) - * Update psgo vendor - * Podman load/tag/save prepend localhost when no repository is present - * Pod ps now uses pod.Status() - * Added pod start and stop - * rootless: support a per-user mounts.conf - * secrets: parse only one mounts configuration file - * rootless: allow a per-user registries.conf file - * pull: get registries using the registries pkg - * rootless: allow a per-user storage.conf file - * rootless, docs: document the libpod.conf file used in rootless mode - * Let containers/storage keep track of mounts - * podman-top: use containers/psgo - * Vendor in latest code for storage,image, buildah - * Abort a test on nil containers, so that future tests don't panic - * Fix TestPostDeleteHooks on macOS - * Use `...` for a regexp constant to improve readability - * oci: keep exposed ports busy and leak the fd into conmon - * Dockerfile: install nmap-ncat - * Update podman_tutorial.md - * Update transfer.md - * Add missing podman commands - * Update gitvalidation epoch - * Fix ps filter with key=value labels - * rootless: require subids to be present - * Downgrade setup.py - * Bump gitvalidation epoch - * Bump to v0.7.3-dev - -- Changelog for v0.7.2 (2018-07-13) - * Change logic for detecting conflicting flags in ps - * Update python directories to better support setup.py - * Fix ps --sort=size test - * remote python client for podman - * Only print container size JSON if --size was requested - * Don't print rootfs and rw sizes if they're empty - * Major fixes to podman ps --format=json output - * Ignore running containers in ps exit-code filters - * Record whether the container has exited - * rootless: correctly propagate the exit status from the container - * rootless: unshare mount namespace - * Need to wait for container to exit before completing run/start completes - * If proxy fails then then signal should be sent to the main process - * fix pull image that includes a sha - * Added full podman pod ps, with tests and man page - * Podman pod create/rm commands with man page and tests. - * Added created time to pod state - * Support multiple networks - * Log all output of logrus to syslog as well as stdout/stderr - * podman rmi should only untag image if parent of another - * Changed container status of Unknown from being printed as Dead to Error in Ps - * Fix podman build completions - * Refactor attach()/start() after podman changes - * create conmon sockets when getting their paths - * build: enable ostree in containers/storage when available - * podman/libpod: add default AppArmor profile - * runtime: delete unused function - * rootless: propagate errors from GetRootlessRuntimeDir() - * rootless: resolve the user home directory - * rootless: fix when argv[0] is not an absolute path - * Allow Init() on stopped containers - * urfave/cli: fix regression in short-opts parsing - * Add --volumes-from flag to podman run and create - * Vendor in latest buildah to add masks for /proc/keys and /proc/acpi - * Vendor in latest containers/storage - * Mask /proc/keys to protect information leak about keys on host - * ctime: Drop 32-/64-bit distinction on Linux - * Podman stats with no containers listed is the same as podman stats --all - * Refactor unittest for change in history API - * Bump gitvalidation epoch - * Bump to v0.7.2-dev - -- Changelog for v0.7.1 (2018-07-06) - * pkg/ctime: Factor libpod/finished* into a separate package - * Block use of /proc/acpi from inside containers - * remove buildah requirement for the libpod image library - * contrib/python/test/test_tunnel: Fix -nNT -> -nNTq - * Refactor podman/utils with a single container start and attach function - * Remove now-unneeded cleanupCgroup() for unsupported OS - * Remove per-container CGroup parents - * Fix nits and GOPATH in tutorial - * spec: Make addPrivilegedDevices and createBlockIO per-platform - * libpod/runtime_pod: Make removePod per-platform - * libpod/networking_unsupported: Remove JoinNetworkNameSpace - * .travis: Run gofmt and lint on OS X - * rootless: Merge rootless.go back into rootless_linux.go - * Makefile: Use a pattern rule for cross-compilation - * more changes to compile darwin - * Fix timeout issue with built-in volume test - * rootless: add /run/user/$UID to the lookup paths - * rootless: add function to retrieve the original UID - * rootless: always set XDG_RUNTIME_DIR - * rootless: set XDG_RUNTIME_DIR also for state and exec - * libpod/container: Replace containerState* with containerPlatformState - * urfave/cli: fix parsing of short opts - * docs: Follow man-pages(7) suggestions for SYNOPSIS - * Allow multiple mounts - * Makefile: Use 'git diff' to show gofmt changes - * Skip a test in Travis that has timeout issues - * vendor in selinux and buildah for darwin compilation - * add image user to inspect data - * changes to allow for darwin compilation - * Bump gitvalidation epoch - * Bump to v0.7.1-dev - -- Changelog for v0.6.5 (2018-06-29) - * Fix built-in volume issue with podman run/create - * Add `podman container cleanup` to CLI - * Allow multiple containers and all for umount - * Returning joining namespace error should not be fatal - * Start using github.com/seccomp/containers-golang - * Test to verify overlay quotas work, show container overhead on quota - * conmon no longer writes to syslog - * Fix broken f28/cloud instance - * Vendor latest projectatomic/buildah - * vendor in latest golang/x/sys - * vendor in latest docker package - * Remove the --registry flag from podman search - * utils: fix endless write of resize event - * Start prints UUID or container name that user inputs on success - * cmd/podman/utils.go: Cancel-able resize writes - * Fix podman hangs when detecting startup error in container attached mode - * travis: bump go to 1.9.x and 1.10.x - * podman-build --help: update description - * *: Replace Generator.Spec() with Generator.Config - * generator.New() requires an OS string input variable - * Vendor in latest buildah - * Vendor in latest runtime-tools - * docs: add documentation for rootless containers - * runtime: change rootless data storage default path - * rootless: use $HOME/.config/containers/libpod.conf - * test: add env variables to the debug output - * rootless: do not configure additional groups - * oci: set XDG_RUNTIME_DIR to the runtime from GetRootlessRuntimeDir() - * rootless: add management for the userNS - * container_internal: don't ignore error from cleanupNetwork() - * Mark containers invalid earlier during removal - * Add --authfile to podman search - * Vendor in latest containers/image - * add podman remote client - * Vendor in go-selinux again - * Update the vendoring of github.com/opencontainers/selinux - * Containers can dissappear - * Add podman-image and podman-container man page links - * Update ocicni vendor to pick up bugfixes - * make varlink optional for podman - * Bump gitvalidation epoch - * Bump to v0.6.5-dev - -- Changelog for v0.6.4 (2018-06-22) - * Add tests for podman refresh - * Point podman-refresh at the right manpage - * Add bash completions for podman refresh - * Add manpages for podman refresh - * Move podman refresh under the container subcommand - * Make CGroups cleanup optional on whether they exist - * Add podman refresh command - * Add Refresh() to ctrs to refresh state after db change - * Add information about the configuration files to the install docs - * Add unittests and fix bugs - * Fix docs on --sig-proxy to match current behaviour - * Podman history now prints out intermediate image IDs - * Add cap-add and cap-drop to build man page - * Option handling has become large and should be a shared function - * Fix image volumes access and mount problems on restart - * We are using err in defer function, needs to be defined name - * Update the version of conmon used in test - * install: need to install make on Fedora-like distros - * Vendor containers/storage for better error reporting on dups - * libpod: fix race with attach/start - * Implement SSH tunnels between client and podman server - * Add carriage return to log message when using --tty flag - * Errors from closing a netns on removal from DB are nonfatal - * Vendor in latest go-selinux - * Added --sort to ps - * Fix podman build -q - * Add extra debug so we can tell apart postdelete hooks - * hack/ostree_tag.sh: Fill in OSTree dependencies - * TLS verify is skipped per registry. - * Add missing functionality for podman build layers - * Add --all,-a flag to podman images - * Add MacAddress to inspect - * Update gitvalidation epoch - * top: make output tabular - * Add more network info ipv4/ipv6 and be more compatible with docker - * Do not run iptablesDNS workaround on IPv6 addresses - * Added --tls-verify functionality to podman search, with tests - * Bump gitvalidation epoch - * Bump to v0.6.4-dev - -- Changelog for v0.6.3 (2018-06-15) - * spec: remove dead code - * test: add test for running a rootless container - * container: specify path to error message - * podman: use a different store for the rootless case - * container: do not set any mapping when using a rootfs - * podman: do not use Chown in rootless mode - * network: do not attempt to create a network in rootless mode - * oci: do not set resources in rootless mode - * oci: do not use hooks in rootless mode - * oci: do not set the cgroup path in Rootless mode - * spec: change mount options for /dev/pts in rootless mode - * container: do not add shm in rootless mode - * oci: pass XDG_RUNTIME_DIR down to the OCI runtime - * podman: allow to override Tmpdir - * podman: provide a default UID mapping when non root - * podman: accept option --rootfs to use exploded images - * When setting a memory limit, also set a swap limit - * Fix cleaning up network namespaces on detached ctrs - * Vendor in latest projectatomic/buildah - * Temporarily turn of ps --last test until fixed - * Implement --latest for ps - * Correctly report errors retrieving containers in ps - * Doc changes to fix alignment on most of the docs - * Added --sort flag to podman image - * add podman container and image command - * Vendor in latest buildah code - * rmi: remove image if all tags are specified - * Aliases do not work with IsSet - * Touchups for registries.conf across a few man pages - * Remove container from state before cleaning up. - * hack/release.sh: Add a guard against -dev suffixes for argv[2] - * Bump gitvalidation epoch - * Bump to v0.6.3-dev - -- Changelog for v0.6.2 (2018-06-08) - * Test to make sure we are getting proper exit codes on podman run - * Propegate exit code on Exec calls and integrated test - * Vendor in latest buildah code - * Update epoch to fix validation problems - * Touch up whitespace issue in build man - * Add disable-content flag info to man page for build - * podman-run: clean up some formatting issues - * Add pointers for Integration Tests to docs - * Remove SELinux transition rule after conmon is started. - * Add --all flag even though it is a noop so scripts will work - * Add support for BuildImage - * Added a defer to an Unlock that immediately followed a Lock - * varlink build fixes - * podman-varlink: log timeouts - * bash completion: remove shebang - * install.md: fix typo - * Vendor in latest buildah code - * Update OWNERS file to be based on reality - * Add logo to transfer page - * libpod: Execute poststop hooks locally - * Add some test for podman run flag security-opt - * Add a function for e2e test to write json file - * Use go-selinux for selinux check - * Add flag to add annotations to a container - * Want to change the log level on buildah by default to warnf - * vendor in latest github.com/varlink/go - * hooks: Add debug logging for initial hook loading - * hooks/docs: Fix 1.0.0 Nvidia example (adding version, etc.) - * hooks/1.0.0/when_test: Fix "both, and" -> "both, or" name typo - * hooks/1.0.0: Fix 'annotation' -> 'annotations' in JSON - * hooks: Fail ReadDir if a configured hook executable is missing - * Cleanup transfer.md page, remove CRI-O content - * Vendor in latest containers/storage - * Bump gitvalidation epoch - * Bump to v0.6.2-dev - -- Changelog for v0.6.1 (2018-06-01) - * hack/release.sh: Bump spec in dev_version_commit - * hack/release.sh: No longer need to bump setup.py - * Provide examples for python podman API - * Bump Buildah vendor to pick up fix for tests - * Log podman build failures in papr - * Use Version from spec file in setup.py - * Attempt to use fedora 28 atomic host - * Fix lable handling - * runtime: add /usr/libexec/podman/conmon to the conmon paths - * varlink build - * Add OnBuild support for podman build - * return all inspect info for varlink containerinspect - * hooks/exec: Allow successful reaps for 0s post-kill timeouts - * hack/release.sh: Add a release script - * Implement container attach - * If user specifies UIDMapSlice without GIDMapSlice, set them equal - * fix panic with podman pull - * pkg/hooks/exec: Add a new package for local hook execution - * Remove --net flag and make it an alias for --network - * Catch does not exist error - * hooks: Rename Hooks() output to extensionStageHooks - * hooks: Allow local control of OCI stages via extensionStages - * We need to change the SELinux label of the conmon process to s0 - * Clear all caps, except the bounding set, when --user is specified. - * Makefile: Add stderr redirect to HAS_PYTHON3 definition - * Force update of API.md - * do not allow port related args to be used with --network=container: - * Update .gitignore for Varlink code and gopathok - * sort containers and images by create time - * Cleanup man pages - * add go generate varlink to copr spec - * Remove varlink's generated Go file - * Bump gitvalidation epoch - * Bump to v0.6.1-dev - -- Changelog for v0.5.4 (2018-05-25): - * Vendor in latest projectatomic/buildah - * Rename addFIPSsModeSecret to addFIPSModeSecret - * Make references to the Process part of Spec conditional - * save and load should support multi-tag for docker-archive - * Implement python podman create and start - * Spell check strings and comments - * hooks/1.0.0: Error on empty process.args instead of panicking - * Set Entrypoint from image only if not already set - * Update podman build to match buildah bud functionality - * Fix test_runner call of podman varlink - * Fix handling of command in images - * Add support for Zulu timestamp parsing - * Clarify using podman build with a URL, Git repo, or archive. - * Vendor in latest container/storage for devicemapper support - * set varlink timeout to 1 seconds - * podman create, start, getattachsocket - * use $GO env-var instead of hard-coded go binary - * tidy up the copr spec - * honor multiple change values - * hooks/README: Fix some Markdown typos (e.g. missing runc target) - * oci-hooks.5: Discuss directory precedence and monitoring - * finish changing the path for varlink - * Tighten the security on the podman varlink socket - * Implement podman.containers.commit() - -- Changelog for v0.5.3 (2018-05-18): - * remove hooks files reference and no varlink-python on f27 or epel - * contrib/spec/podman.spec.in: Drop README-hooks - * troubleshooting: Add console syntax highlighting - * Fix typo - * Refresh pods when refreshing podman state - * Add per-pod CGroups - * Add pod state - * hooks: Fix monitoring of multiple directories - * make sure hooks are renamed for copr spec - * Use container cleanup() functions when removing - * docs/podman.1: Link to hook documentation - * hooks/docs: Add oci-hooks.5 and per-package man page building - * Add Troubleshooting guide - * chrootuser: default to GID 0 when given a numeric --user - * Add python3 package to podman - * libpod: fix panic when using -t and the process fails to start - * Makefile: Use ?= for shell variables (ISODATE, etc.) - * Skip tests that are flaking, holding up merge queue - * Remove old varlink tests - * Allow push/save without image reference - * Vendor in latest containers/image - * Makefile: Respect GOBIN - * Fix podman inspect bash completions - * Update Tutorial with Fedora kit location - * Makefile: Drop find-godeps.sh for podman target - * Support pulling Dockerfile from http - * Refactor libpod python varlink bindings - * add more bash completions - * improve podman commit documentation and error messages - * Touch up logo links - * implement varlink commit - * fix segfault for podman push - * Add the Podman Logo - * logo: Remove unused directory - * hooks: Add package support for extension stages - * Gracefully handle containers removed from c/storage - * Add packaging for hooks/README.md - * Remove stop on error from Docker install switch in baseline tests - * docs: fix contrib/cni broken link - -- Changelog for v0.5.2 (2018-05-11): - * vendor/golang.org/x/text: Vendor collate and language - * hooks: Order injection by collated JSON filename - * libpod: Add HooksDirNotExistFatal - * hooks/read: Ignore IsNotExist for JSON files in ReadDir - * pkg/hooks: Version the hook structure and add 1.0.0 hooks - * Fix varlink remove image force - * Update Podman-specific readme - * Update main README - * vendor.conf: Pin containernetworking/plugins to 1fb94a42 - * Do not error trying to remove cgroups that don't exist - * Remove parent cgroup we create with cgroupfs - * Place Conmon and Container in separate CGroups - * Add --cgroup-manager flag to Podman binary - * Major fixes to systemd cgroup handling - * Skip systemd-style CGroups test - * Alter CGroup path handling for 'podman top' - * Add validation for CGroup parents. Pass CGroups path into runc - * vendor/github.com/docker/docker/hack: Remove unused directory - * varlink info - * vendor.conf: Bump containerd/cgroups to 77e62851 - * vendor.conf: Bump CNI to v0.6.0 - * Dont eat the pull error message for varlink - * podman push should honor registries.conf - * alphabetize the varlink methods, types, and errors in the docs - * Add missing newline to podman port - * Generate varlink API documentation automatically - * Allow streaming on some varlink container methods - * Remove extra close from attach resize channel - * Vendor in latest containers/storage fix for UserNS - * container.go: fix lint error - * Dockerfile.Fedora: use fedora:28 instead of fedora:27 - * Fix calculation of RunningFor in ps json output - * Should not error out if container no longer exists in oci - * Make invalid state nonfatal when cleaning up in run - * test/e2e/run_userns_test.go: new file - * podman, userNS: configure an intermediate mount namespace - * networking, userNS: configure the network namespace after create - * Begin wiring in USERNS Support into podman - -- Changelog for v0.5.1 (2018-05-04): - * Fix pulling from secure registry - * Optionally init() during container restart - * bashcompletion enhancements - * Add directory for systemd socket and service if not present - * varlink containers - * Make podman commit to localhost rather then docker.io - * Trivial refactor on volume addition - * When adding volumes to DB, handle nontrivial cases - * Add accessors for new image fields in container config - * Store user Volumes, Entrypoint, Command in database - * Further fix Godoc comments in options.go - * Update hooks to use config bool to detect volume mounts - * Fix Godoc comments in options.go - * Add config bool to indicate there are user volumes - * Print the Buildah comment from commit to given writer - * Do not print unnecessary Buildah details during commit - * remove options from create/run that we cannot support - * fix typos in the inspect json structs - * Fix podman logout --all flag - * podman should assign a host port to -p when omitted - * Vendor in latest buildah - * Fix misc stuff found by jhonce - * libpod.conf: Podman's conmon path on openSUSE - * Add iidfile parame to build and commit man pages - * do not commit default volumes from container - * correct varlink command in service file - * Vendor in latest containers/image - * Make ':' a restricted character for file names - * Add more validation to --volume flag for run and create - * Fix libseccomp not working in travis - * CONTRIBUTING: Document PR approval and link to OWNERS - * OWNERS: rename 'assignees' to 'approvers' - -- Changelog for v0.4.4 (2018-04-27): - * Use buildah commit and bud in podman - * README: Link to CONTRIBUTING.md - * Remove systemd-cat support - * Refactor unittest for varlink component - * Update .gitignore for python work - * Modify secrets pkg - * varlink images - * Retrieve IP addresses for container from DB - * Add --default-mounts-file hidden flag - * Add isolation note to build man page - * Modify man pages so they compile correctly in mandb - * Strip transport from image name when looking for local image - * readme: improve formatting, add links - * updated epoch for bad dco - * Only generate the varlink glue code if needed and from the vendor dir - * Latest revendoring deleted the cmd dir in varlink - * Remove more Errorf in favor of Wrapf - * Do not eat error messages from pullImage - * Updated varlink vendored code - * Add unit files to the copr spec - * packagers need the varlink generated file - * Makefile; make podman depend on varlink_generate - * Modify --user flag for podman create and run - * Add some podman search test with filter - * Fix podman search no-trunc test - * Dusty would prefer it to be part of the release. - * Add FIPS mode secret - * Initial varlink implementation - * Add restart test with timeout - * Improve restart latest container test - * Add start time check for restart test - * add libpod.conf man page - * Add seconds after epoch to copr rpms to tie break versioning - * enable no test cache - -- Changelog for v0.4.3 (2018-04-20): - * podman push without destination image - * Add make .git target - * Fix tests for podman run --attach - * Print ctr ID if neither STDOUT and STDERR are attached - * Add one test case for check diff in container and committed image - * Vendor in latest containers/image and contaners/storage - * Fix a typo - * It is OK to start an already running container (with no attach) - * Refactor logic for forceSecure in pull for readability - * Small logic fix for podman pull with tls-verify - * Allow podman start to attach to a running container - * regression: tls verify should be set on registries.conf if insecure - * ip validation game too strong - * - reverse host field order (ip goes first) - fix host string split to permit IPv6 - * Allow podman to exit exit codes of removed containers - * Modify diff and inspect docs - * Add oci-systemd-hook as a runtime dep to copr spec - * validate dns-search values prior to creation - * Change container.locked to batched - * Add a function for check if command exist - * Add WaitContainerReady for wait for docker registry ready - * Add several podman push tests - * podman pull should always try to pull - * Allow the use of -i/-a on any container - * Fix secrets patch - * Remove demos.sh file from test - -- Changelog for v0.4.2 (2018-04-13): - * Fix podman run --attach tests - * Fix another comparison of a Go interface against nil - * Allowing attaching stdin to non-interactive containers - * Add tests for podman attach - * Change attach to accept a struct containing streams - * Fix terminal attach - * Changes to attach to enable per-stream attaching - * HACK temporary fix for test suite - * Fix locking interaction in batched Exec() on container - * Fix leaking files in Ginkgo - * Force host UID/GID mapping when creating containers - * Do not lock all containers during pod kill - * Make pod stop lock one container at a time - * Do not lock all containers during pod start - * Containers transitioning to stop should not break stats - * Add -i to exec for compatibility reasons - * Unescape characters in inspect JSON format output - * Use buildah commit for podman commit - * Functionality changes to the following flags - * Vendor in latest containers/storage and containers/image - -- Changelog for v0.4.1 (2018-04-05): - * Remove image via storage if a buildah container is associated - * Add hooks support to podman - * Run images with no names - * Prevent a potential race when stopping containers - * Only allocate tty when -t - * Stopping a stopped container should not be an error - * Add conmon-pidfile flag to bash completions/manpages - * --entrypoint= should delete existing entrypoint - * Fix golint - * Remove explicit Init() calls in run and start - * Refactor dependency checks from init() into public API - * Do not require Init() before Start() - * Ensure dependencies are running before initializing containers - * Add container dependencies to Inspect output - * Add backend code for generic dependencies - * Vendor in latest containers/image - * Makefile: Fix typo podmon -> podman - * Correct a godoc comment - * Sleep for 5 seconds before pushing to registry in tests - * Change errorf to warnf in warning removing ctr storage - * Don't return an ImageConfig when creating storage - * More gracefully handle unexpected storage deletion - * Remove crictl from Dockerfile - * Eliminate raceyness of sig-proxy test - -- Changelog for v0.3.5 (2018-03-29): - * Allow sha256: prefix for input - * Add secrets patch to podman - * Fix tests - * Remove a loop in container graph - * Only start containers that are not running in pod start - * Change pod Start() to use container dependency graph - * Add tests for container graphs - * Initial implementation of container graph generation - * Error is already wrapped properly. - * Check for duplicate names when generating new container and pod names. - * podman: new option --conmon-pidfile= - * Ensure container dependencies are part of the same pod - * Prevent ctrs not in pods from depending on pod ctrs - * Disable --sig-proxy tests due to race conditions - * Remove dependency on kubernetes - * Vendor in lots of kubernetes stuff to shrink image size - * Fix some minor issues lint has been picking up - * cmd/podman/run.go: Error nicely when no image found - * podman exec should handle options --env foo - * Remove current SQLite DB driver - * Update containers/storage to pick up overlay driver fix - * First tag, untag THEN reload the image - * Add files section to podman man page - -- Changelog for v0.3.4 (2018-03-23): - * Bump version to v0.3.4 - * Make container env variable conditional - * Stage 4 Image cleanup - * Add CONTAINER environment variable - * Small manpage reword - * Document .containerenv in manpages. Move it to /run. - * Add .containerenv file - * Add script to determine dependency sizes - * If cidfile exists, do not proceed - * Removing tagged images change in behavior - * Use podman to test podman on FAH - * Migrate podman inspect and tag to image library - * Migrate podman images to image library - * Makefile: add changelog target - * Image library stage 4 - create and commit - * Add 'podman restart' asciinema - * Fix Travis tests for sig-proxy diff --git a/cmd/podman/common/completion.go b/cmd/podman/common/completion.go index 3966606e3..e925fb4f1 100644 --- a/cmd/podman/common/completion.go +++ b/cmd/podman/common/completion.go @@ -223,7 +223,7 @@ func getSecrets(cmd *cobra.Command, toComplete string) ([]string, cobra.ShellCom cobra.CompErrorln(err.Error()) return nil, cobra.ShellCompDirectiveNoFileComp } - secrets, err := engine.SecretList(registry.GetContext()) + secrets, err := engine.SecretList(registry.GetContext(), entities.SecretListRequest{}) if err != nil { cobra.CompErrorln(err.Error()) return nil, cobra.ShellCompDirectiveNoFileComp diff --git a/cmd/podman/generate/systemd.go b/cmd/podman/generate/systemd.go index b76a71f0d..2ab33c26b 100644 --- a/cmd/podman/generate/systemd.go +++ b/cmd/podman/generate/systemd.go @@ -12,15 +12,22 @@ import ( "github.com/containers/podman/v3/cmd/podman/registry" "github.com/containers/podman/v3/cmd/podman/utils" "github.com/containers/podman/v3/pkg/domain/entities" + systemDefine "github.com/containers/podman/v3/pkg/systemd/define" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) +const ( + restartPolicyFlagName = "restart-policy" + timeFlagName = "time" +) + var ( files bool format string systemdTimeout uint + systemdRestart string systemdOptions = entities.GenerateSystemdOptions{} systemdDescription = `Generate systemd units for a pod or container. The generated units can later be controlled via systemctl(1).` @@ -47,7 +54,6 @@ func init() { flags.BoolVarP(&systemdOptions.Name, "name", "n", false, "Use container/pod names instead of IDs") flags.BoolVarP(&files, "files", "f", false, "Generate .service files instead of printing to stdout") - timeFlagName := "time" flags.UintVarP(&systemdTimeout, timeFlagName, "t", containerConfig.Engine.StopTimeout, "Stop timeout override") _ = systemdCmd.RegisterFlagCompletionFunc(timeFlagName, completion.AutocompleteNone) flags.BoolVarP(&systemdOptions.New, "new", "", false, "Create a new container or pod instead of starting an existing one") @@ -65,8 +71,7 @@ func init() { flags.StringVar(&systemdOptions.Separator, separatorFlagName, "-", "Systemd unit name separator between name/id and prefix") _ = systemdCmd.RegisterFlagCompletionFunc(separatorFlagName, completion.AutocompleteNone) - restartPolicyFlagName := "restart-policy" - flags.StringVar(&systemdOptions.RestartPolicy, restartPolicyFlagName, "on-failure", "Systemd restart-policy") + flags.StringVar(&systemdRestart, restartPolicyFlagName, systemDefine.DefaultRestartPolicy, "Systemd restart-policy") _ = systemdCmd.RegisterFlagCompletionFunc(restartPolicyFlagName, common.AutocompleteSystemdRestartOptions) formatFlagName := "format" @@ -77,9 +82,12 @@ func init() { } func systemd(cmd *cobra.Command, args []string) error { - if cmd.Flags().Changed("time") { + if cmd.Flags().Changed(timeFlagName) { systemdOptions.StopTimeout = &systemdTimeout } + if cmd.Flags().Changed(restartPolicyFlagName) { + systemdOptions.RestartPolicy = &systemdRestart + } if registry.IsRemote() { logrus.Warnln("The generated units should be placed on your remote system") diff --git a/cmd/podman/healthcheck/run.go b/cmd/podman/healthcheck/run.go index fe8dc2573..b03a07bc4 100644 --- a/cmd/podman/healthcheck/run.go +++ b/cmd/podman/healthcheck/run.go @@ -6,6 +6,7 @@ import ( "github.com/containers/podman/v3/cmd/podman/common" "github.com/containers/podman/v3/cmd/podman/registry" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/spf13/cobra" ) @@ -34,9 +35,9 @@ func run(cmd *cobra.Command, args []string) error { if err != nil { return err } - if response.Status == "unhealthy" { + if response.Status == define.HealthCheckUnhealthy { registry.SetExitCode(1) + fmt.Println(response.Status) } - fmt.Println(response.Status) return err } diff --git a/cmd/podman/inspect/inspect.go b/cmd/podman/inspect/inspect.go index bd3060882..4c7fa33a4 100644 --- a/cmd/podman/inspect/inspect.go +++ b/cmd/podman/inspect/inspect.go @@ -254,7 +254,9 @@ func printTmpl(typ, row string, data []interface{}) error { if err != nil { return err } - return t.Execute(w, data) + err = t.Execute(w, data) + w.Flush() + return err } func (i *inspector) inspectAll(ctx context.Context, namesOrIDs []string) ([]interface{}, []error, error) { diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go index ac0d06a07..ec44a707d 100644 --- a/cmd/podman/machine/init.go +++ b/cmd/podman/machine/init.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine @@ -40,7 +40,7 @@ func init() { flags.Uint64Var( &initOpts.CPUS, cpusFlagName, 1, - "Number of CPUs. The default is 1.", + "Number of CPUs", ) _ = initCmd.RegisterFlagCompletionFunc(cpusFlagName, completion.AutocompleteNone) @@ -57,7 +57,7 @@ func init() { flags.Uint64VarP( &initOpts.Memory, memoryFlagName, "m", 2048, - "Memory (in MB)", + "Memory in MB", ) _ = initCmd.RegisterFlagCompletionFunc(memoryFlagName, completion.AutocompleteNone) diff --git a/cmd/podman/machine/list.go b/cmd/podman/machine/list.go index 134a081ab..d4360bb9b 100644 --- a/cmd/podman/machine/list.go +++ b/cmd/podman/machine/list.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go index b059afc38..8ff9055f0 100644 --- a/cmd/podman/machine/machine.go +++ b/cmd/podman/machine/machine.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/cmd/podman/machine/rm.go b/cmd/podman/machine/rm.go index 02e3dfeb8..c17399c78 100644 --- a/cmd/podman/machine/rm.go +++ b/cmd/podman/machine/rm.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/cmd/podman/machine/ssh.go b/cmd/podman/machine/ssh.go index f185948f5..84e9e88ab 100644 --- a/cmd/podman/machine/ssh.go +++ b/cmd/podman/machine/ssh.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go index f8f0eed09..4ae31e6de 100644 --- a/cmd/podman/machine/start.go +++ b/cmd/podman/machine/start.go @@ -1,8 +1,10 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine import ( + "fmt" + "github.com/containers/podman/v3/cmd/podman/registry" "github.com/containers/podman/v3/pkg/machine" "github.com/containers/podman/v3/pkg/machine/qemu" @@ -58,5 +60,9 @@ func start(cmd *cobra.Command, args []string) error { if err != nil { return err } - return vm.Start(vmName, machine.StartOptions{}) + if err := vm.Start(vmName, machine.StartOptions{}); err != nil { + return err + } + fmt.Printf("Machine %q started successfully\n", vmName) + return nil } diff --git a/cmd/podman/machine/stop.go b/cmd/podman/machine/stop.go index 2d5aa7b95..76ba85601 100644 --- a/cmd/podman/machine/stop.go +++ b/cmd/podman/machine/stop.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/cmd/podman/networks/create.go b/cmd/podman/networks/create.go index 1f3b321ba..b5ddd215f 100644 --- a/cmd/podman/networks/create.go +++ b/cmd/podman/networks/create.go @@ -11,6 +11,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/pkg/errors" + "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) @@ -56,7 +57,8 @@ func networkCreateFlags(cmd *cobra.Command) { macvlanFlagName := "macvlan" flags.StringVar(&networkCreateOptions.MacVLAN, macvlanFlagName, "", "create a Macvlan connection based on this device") - _ = cmd.RegisterFlagCompletionFunc(macvlanFlagName, completion.AutocompleteNone) + // This option is deprecated + flags.MarkHidden(macvlanFlagName) labelFlagName := "label" flags.StringArrayVar(&labels, labelFlagName, nil, "set metadata on a network") @@ -100,6 +102,11 @@ func networkCreate(cmd *cobra.Command, args []string) error { if err != nil { return errors.Wrapf(err, "unable to process options") } + + if networkCreateOptions.MacVLAN != "" { + logrus.Warn("The --macvlan option is deprecated, use `--driver macvlan --opt parent=<device>` instead") + } + response, err := registry.ContainerEngine().NetworkCreate(registry.Context(), name, networkCreateOptions) if err != nil { return err diff --git a/cmd/podman/pods/inspect.go b/cmd/podman/pods/inspect.go index 4bb88f48a..96eaec3b9 100644 --- a/cmd/podman/pods/inspect.go +++ b/cmd/podman/pods/inspect.go @@ -80,5 +80,7 @@ func inspect(cmd *cobra.Command, args []string) error { if err != nil { return err } - return t.Execute(w, *responses) + err = t.Execute(w, *responses) + w.Flush() + return err } diff --git a/cmd/podman/pods/logs.go b/cmd/podman/pods/logs.go new file mode 100644 index 000000000..fe5205669 --- /dev/null +++ b/cmd/podman/pods/logs.go @@ -0,0 +1,140 @@ +package pods + +import ( + "os" + + "github.com/containers/common/pkg/completion" + "github.com/containers/podman/v3/cmd/podman/common" + "github.com/containers/podman/v3/cmd/podman/registry" + "github.com/containers/podman/v3/cmd/podman/validate" + "github.com/containers/podman/v3/libpod/define" + "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/util" + "github.com/pkg/errors" + "github.com/spf13/cobra" +) + +// logsOptionsWrapper wraps entities.LogsOptions and prevents leaking +// CLI-only fields into the API types. +type logsOptionsWrapper struct { + entities.PodLogsOptions + + SinceRaw string + + UntilRaw string +} + +var ( + logsPodOptions logsOptionsWrapper + logsPodDescription = `Displays logs for pod with one or more containers.` + logsPodCommand = &cobra.Command{ + Use: "logs [options] POD", + Short: "Fetch logs for pod with one or more containers", + Long: logsPodDescription, + // We dont want users to invoke latest and pod togather + Args: func(cmd *cobra.Command, args []string) error { + switch { + case registry.IsRemote() && logsPodOptions.Latest: + return errors.New(cmd.Name() + " does not support 'latest' when run remotely") + case len(args) > 1: + return errors.New("requires exactly 1 arg") + case logsPodOptions.Latest && len(args) > 0: + return errors.New("--latest and pods cannot be used together") + case !logsPodOptions.Latest && len(args) < 1: + return errors.New("specify at least one pod name or ID to log") + } + return nil + }, + RunE: logs, + ValidArgsFunction: common.AutocompletePods, + Example: `podman pod logs podID + podman pod logs -c ctrname podName + podman pod logs --tail 2 mywebserver + podman pod logs --follow=true --since 10m podID + podman pod logs mywebserver`, + } + + containerLogsCommand = &cobra.Command{ + Use: logsPodCommand.Use, + Short: logsPodCommand.Short, + Long: logsPodCommand.Long, + Args: logsPodCommand.Args, + RunE: logsPodCommand.RunE, + ValidArgsFunction: logsPodCommand.ValidArgsFunction, + Example: `podman pod logs podId + podman pod logs -c ctrname podName + podman pod logs --tail 2 mywebserver + podman pod logs --follow=true --since 10m podID`, + } +) + +func init() { + registry.Commands = append(registry.Commands, registry.CliCommand{ + Command: logsPodCommand, + }) + logsFlags(logsPodCommand) + validate.AddLatestFlag(logsPodCommand, &logsPodOptions.Latest) + + // container logs + registry.Commands = append(registry.Commands, registry.CliCommand{ + Command: containerLogsCommand, + Parent: podCmd, + }) + logsFlags(containerLogsCommand) + validate.AddLatestFlag(containerLogsCommand, &logsPodOptions.Latest) +} + +func logsFlags(cmd *cobra.Command) { + flags := cmd.Flags() + + flags.BoolVar(&logsPodOptions.Details, "details", false, "Show extra details provided to the logs") + flags.BoolVarP(&logsPodOptions.Follow, "follow", "f", false, "Follow log output.") + + containerNameFlag := "container" + flags.StringVarP(&logsPodOptions.ContainerName, containerNameFlag, "c", "", "Filter logs by container name or id which belongs to pod") + _ = cmd.RegisterFlagCompletionFunc(containerNameFlag, common.AutocompleteContainers) + + sinceFlagName := "since" + flags.StringVar(&logsPodOptions.SinceRaw, sinceFlagName, "", "Show logs since TIMESTAMP") + _ = cmd.RegisterFlagCompletionFunc(sinceFlagName, completion.AutocompleteNone) + + untilFlagName := "until" + flags.StringVar(&logsPodOptions.UntilRaw, untilFlagName, "", "Show logs until TIMESTAMP") + _ = cmd.RegisterFlagCompletionFunc(untilFlagName, completion.AutocompleteNone) + + tailFlagName := "tail" + flags.Int64Var(&logsPodOptions.Tail, tailFlagName, -1, "Output the specified number of LINES at the end of the logs.") + _ = cmd.RegisterFlagCompletionFunc(tailFlagName, completion.AutocompleteNone) + + flags.BoolVarP(&logsPodOptions.Timestamps, "timestamps", "t", false, "Output the timestamps in the log") + flags.SetInterspersed(false) + _ = flags.MarkHidden("details") +} + +func logs(_ *cobra.Command, args []string) error { + if logsPodOptions.SinceRaw != "" { + // parse time, error out if something is wrong + since, err := util.ParseInputTime(logsPodOptions.SinceRaw, true) + if err != nil { + return errors.Wrapf(err, "error parsing --since %q", logsPodOptions.SinceRaw) + } + logsPodOptions.Since = since + } + if logsPodOptions.UntilRaw != "" { + // parse time, error out if something is wrong + until, err := util.ParseInputTime(logsPodOptions.UntilRaw, false) + if err != nil { + return errors.Wrapf(err, "error parsing --until %q", logsPodOptions.UntilRaw) + } + logsPodOptions.Until = until + } + + // Remote can only process one container at a time + if registry.IsRemote() && logsPodOptions.ContainerName == "" { + return errors.Wrapf(define.ErrInvalidArg, "-c or --container cannot be empty") + } + + logsPodOptions.StdoutWriter = os.Stdout + logsPodOptions.StderrWriter = os.Stderr + return registry.ContainerEngine().PodLogs(registry.GetContext(), args[0], logsPodOptions.PodLogsOptions) +} diff --git a/cmd/podman/secrets/list.go b/cmd/podman/secrets/list.go index e64990c6f..f136de4ab 100644 --- a/cmd/podman/secrets/list.go +++ b/cmd/podman/secrets/list.go @@ -48,7 +48,7 @@ func init() { } func ls(cmd *cobra.Command, args []string) error { - responses, err := registry.ContainerEngine().SecretList(context.Background()) + responses, err := registry.ContainerEngine().SecretList(context.Background(), entities.SecretListRequest{}) if err != nil { return err } diff --git a/cmd/podman/system/unshare.go b/cmd/podman/system/unshare.go index f930d8b62..50230609e 100644 --- a/cmd/podman/system/unshare.go +++ b/cmd/podman/system/unshare.go @@ -2,6 +2,7 @@ package system import ( "os" + "os/exec" "github.com/containers/common/pkg/completion" "github.com/containers/podman/v3/cmd/podman/registry" @@ -50,5 +51,23 @@ func unshare(cmd *cobra.Command, args []string) error { args = []string{shell} } - return registry.ContainerEngine().Unshare(registry.Context(), args, unshareOptions) + err := registry.ContainerEngine().Unshare(registry.Context(), args, unshareOptions) + if err != nil { + if exitError, ok := err.(*exec.ExitError); ok { + // the user command inside the unshare env has failed + // we set the exit code, do not return the error to the user + // otherwise "exit status X" will be printed + registry.SetExitCode(exitError.ExitCode()) + return nil + } + // cmd.Run() can return fs.ErrNotExist, fs.ErrPermission or exec.ErrNotFound + // follow podman run/exec standard with the exit codes + if errors.Is(err, os.ErrNotExist) || errors.Is(err, exec.ErrNotFound) { + registry.SetExitCode(127) + } else if errors.Is(err, os.ErrPermission) { + registry.SetExitCode(126) + } + return err + } + return nil } diff --git a/contrib/cirrus/pr-should-include-tests b/contrib/cirrus/pr-should-include-tests index 0124e238e..09ab002cf 100755 --- a/contrib/cirrus/pr-should-include-tests +++ b/contrib/cirrus/pr-should-include-tests @@ -35,7 +35,6 @@ filtered_changes=$(git diff --name-status $base $head | fgrep -vx .cirrus.yml | fgrep -vx .gitignore | fgrep -vx Makefile | - fgrep -vx changelog.txt | fgrep -vx go.mod | fgrep -vx go.sum | egrep -v '^[^/]+\.md$' | diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index b5c324459..00e94b41d 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -1125,7 +1125,7 @@ Example: `containers:2147483647:2147483648`. Podman allocates unique ranges of UIDs and GIDs from the `containers` subpordinate user ids. The size of the ranges is based on the number of UIDs required in the image. The number of UIDs and GIDs can be overridden with the `size` option. The `auto` options currently does not work in rootless mode - Valid `auto`options: + Valid `auto` options: - *gidmapping*=_CONTAINER_GID:HOST_GID:SIZE_: to force a GID mapping to be present in the user namespace. - *size*=_SIZE_: to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will estimate a size for the user namespace. @@ -1135,11 +1135,11 @@ Podman allocates unique ranges of UIDs and GIDs from the `containers` subpordina **host**: run in the user namespace of the caller. The processes running in the container will have the same privileges on the host as any other process launched by the calling user (default). -- **keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user. +**keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user. -- **ns:**_namespace_: run the container in the given existing user namespace. +**ns:**_namespace_: run the container in the given existing user namespace. -- **private**: create a new namespace for the container. +**private**: create a new namespace for the container. This option is incompatible with **--gidmap**, **--uidmap**, **--subuidname** and **--subgidname**. diff --git a/docs/source/markdown/podman-generate-kube.1.md b/docs/source/markdown/podman-generate-kube.1.md index 2e00b58b6..2e9f68bf3 100644 --- a/docs/source/markdown/podman-generate-kube.1.md +++ b/docs/source/markdown/podman-generate-kube.1.md @@ -16,6 +16,9 @@ Volumes appear in the generated YAML according to two different volume types. Bi Potential name conflicts between volumes are avoided by using a standard naming scheme for each volume type. The *hostPath* volume types are named according to the path on the host machine, replacing forward slashes with hyphens less any leading and trailing forward slashes. The special case of the filesystem root, `/`, translates to the name `root`. Additionally, the name is suffixed with `-host` to avoid naming conflicts with *persistentVolumeClaim* volumes. Each *persistentVolumeClaim* volume type uses the name of its associated named volume suffixed with `-pvc`. +Note that if an init container is created with type `once` and the pod has been started, the init container will not show up in the generated kube YAML as `once` type init containers are deleted after they are run. If the pod has only been created and not started, it will be in the generated kube YAML. +Init containers created with type `always` will always be generated in the kube YAML as they are never deleted, even after running to completion. + Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1). ## OPTIONS diff --git a/docs/source/markdown/podman-info.1.md b/docs/source/markdown/podman-info.1.md index 227fbd92d..7127f9026 100644 --- a/docs/source/markdown/podman-info.1.md +++ b/docs/source/markdown/podman-info.1.md @@ -31,23 +31,18 @@ Run podman info with plain text response: $ podman info host: arch: amd64 - buildahVersion: 1.19.0-dev - cgroupControllers: - - cpuset - - cpu - - io - - memory - - pids + buildahVersion: 1.22.3 + cgroupControllers: [] cgroupManager: systemd cgroupVersion: v2 conmon: - package: conmon-2.0.22-2.fc33.x86_64 + package: conmon-2.0.29-2.fc34.x86_64 path: /usr/bin/conmon - version: 'conmon version 2.0.22, commit: 1be6c73605006a85f7ed60b7f76a51e28eb67e01' + version: 'conmon version 2.0.29, commit: ' cpus: 8 distribution: distribution: fedora - version: "33" + version: "34" eventLogger: journald hostname: localhost.localdomain idMappings: @@ -65,108 +60,112 @@ host: - container_id: 1 host_id: 100000 size: 65536 - kernel: 5.9.11-200.fc33.x86_64 + kernel: 5.13.13-200.fc34.x86_64 linkmode: dynamic - memFree: 837505024 - memTotal: 16416481280 + logDriver: journald + memFree: 1351262208 + memTotal: 16401895424 ociRuntime: name: crun - package: crun-0.16-1.fc33.x86_64 + package: crun-1.0-1.fc34.x86_64 path: /usr/bin/crun version: |- - crun version 0.16 - commit: eb0145e5ad4d8207e84a327248af76663d4e50dd + crun version 1.0 + commit: 139dc6971e2f1d931af520188763e984d6cdfbf8 spec: 1.0.0 - +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL + +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL os: linux remoteSocket: - exists: true path: /run/user/3267/podman/podman.sock security: apparmorEnabled: false capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: true seccompEnabled: true + seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: true + serviceIsRemote: false slirp4netns: executable: /bin/slirp4netns - package: slirp4netns-1.1.4-4.dev.giteecccdb.fc33.x86_64 + package: slirp4netns-1.1.12-2.fc34.x86_64 version: |- - slirp4netns version 1.1.4+dev - commit: eecccdb96f587b11d7764556ffacfeaffe4b6e11 - libslirp: 4.3.1 + slirp4netns version 1.1.12 + commit: 7a104a101aa3278a2152351a082a6df71f57c9a3 + libslirp: 4.4.0 SLIRP_CONFIG_VERSION_MAX: 3 libseccomp: 2.5.0 - swapFree: 6509203456 - swapTotal: 12591292416 - uptime: 264h 14m 32.73s (Approximately 11.00 days) + swapFree: 16818888704 + swapTotal: 16886259712 + uptime: 33h 57m 32.85s (Approximately 1.38 days) +plugins: + log: + - k8s-file + - none + - journald + network: + - bridge + - macvlan + volume: + - local registries: + localhost:5000: + Blocked: false + Insecure: true + Location: localhost:5000 + MirrorByDigestOnly: false + Mirrors: null + Prefix: localhost:5000 search: - registry.fedoraproject.org - registry.access.redhat.com - - registry.centos.org - docker.io store: configFile: /home/dwalsh/.config/containers/storage.conf containerStore: - number: 3 + number: 2 paused: 0 - running: 0 - stopped: 3 + running: 1 + stopped: 1 graphDriverName: overlay - graphOptions: - overlay.mount_program: - Executable: /home/dwalsh/bin/fuse-overlayfs - Package: Unknown - Version: |- - fusermount3 version: 3.9.3 - fuse-overlayfs: version 0.7.2 - FUSE library version 3.9.3 - using FUSE kernel interface version 7.31 + graphOptions: {} graphRoot: /home/dwalsh/.local/share/containers/storage graphStatus: Backing Filesystem: extfs - Native Overlay Diff: "false" + Native Overlay Diff: "true" Supports d_type: "true" Using metacopy: "false" imageStore: - number: 77 + number: 37 runRoot: /run/user/3267/containers volumePath: /home/dwalsh/.local/share/containers/storage/volumes version: - APIVersion: 3.0.0 - Built: 1608562922 - BuiltTime: Mon Dec 21 10:02:02 2020 - GitCommit: d6925182cdaf94225908a386d02eae8fd3e01123-dirty - GoVersion: go1.15.5 + APIVersion: 3.3.1 + Built: 1631137208 + BuiltTime: Wed Sep 8 17:40:08 2021 + GitCommit: ab272d1e9bf4daac224fb230e0c9b5c56c4cab4d-dirty + GoVersion: go1.16.6 OsArch: linux/amd64 - Version: 3.0.0-dev - + Version: 3.3.1 ``` Run podman info with JSON formatted response: ``` +$ ./bin/podman info --format json { "host": { "arch": "amd64", - "buildahVersion": "1.19.0-dev", + "buildahVersion": "1.22.3", "cgroupManager": "systemd", "cgroupVersion": "v2", - "cgroupControllers": [ - "cpuset", - "cpu", - "io", - "memory", - "pids" - ], + "cgroupControllers": [], "conmon": { - "package": "conmon-2.0.22-2.fc33.x86_64", + "package": "conmon-2.0.29-2.fc34.x86_64", "path": "/usr/bin/conmon", - "version": "conmon version 2.0.22, commit: 1be6c73605006a85f7ed60b7f76a51e28eb67e01" + "version": "conmon version 2.0.29, commit: " }, "cpus": 8, "distribution": { "distribution": "fedora", - "version": "33" + "version": "34" }, "eventLogger": "journald", "hostname": "localhost.localdomain", @@ -196,81 +195,99 @@ Run podman info with JSON formatted response: } ] }, - "kernel": "5.9.11-200.fc33.x86_64", - "memFree": 894574592, - "memTotal": 16416481280, + "kernel": "5.13.13-200.fc34.x86_64", + "logDriver": "journald", + "memFree": 1274040320, + "memTotal": 16401895424, "ociRuntime": { "name": "crun", - "package": "crun-0.16-1.fc33.x86_64", + "package": "crun-1.0-1.fc34.x86_64", "path": "/usr/bin/crun", - "version": "crun version 0.16\ncommit: eb0145e5ad4d8207e84a327248af76663d4e50dd\nspec: 1.0.0\n+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL" + "version": "crun version 1.0\ncommit: 139dc6971e2f1d931af520188763e984d6cdfbf8\nspec: 1.0.0\n+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL" }, "os": "linux", "remoteSocket": { - "path": "/run/user/3267/podman/podman.sock", - "exists": true + "path": "/run/user/3267/podman/podman.sock" }, + "serviceIsRemote": false, "security": { "apparmorEnabled": false, "capabilities": "CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT", "rootless": true, "seccompEnabled": true, + "seccompProfilePath": "/usr/share/containers/seccomp.json", "selinuxEnabled": true }, "slirp4netns": { "executable": "/bin/slirp4netns", - "package": "slirp4netns-1.1.4-4.dev.giteecccdb.fc33.x86_64", - "version": "slirp4netns version 1.1.4+dev\ncommit: eecccdb96f587b11d7764556ffacfeaffe4b6e11\nlibslirp: 4.3.1\nSLIRP_CONFIG_VERSION_MAX: 3\nlibseccomp: 2.5.0" + "package": "slirp4netns-1.1.12-2.fc34.x86_64", + "version": "slirp4netns version 1.1.12\ncommit: 7a104a101aa3278a2152351a082a6df71f57c9a3\nlibslirp: 4.4.0\nSLIRP_CONFIG_VERSION_MAX: 3\nlibseccomp: 2.5.0" }, - "swapFree": 6509203456, - "swapTotal": 12591292416, - "uptime": "264h 13m 12.39s (Approximately 11.00 days)", + "swapFree": 16818888704, + "swapTotal": 16886259712, + "uptime": "33h 59m 25.69s (Approximately 1.38 days)", "linkmode": "dynamic" }, "store": { "configFile": "/home/dwalsh/.config/containers/storage.conf", "containerStore": { - "number": 3, + "number": 2, "paused": 0, - "running": 0, - "stopped": 3 + "running": 1, + "stopped": 1 }, "graphDriverName": "overlay", "graphOptions": { - "overlay.mount_program": { - "Executable": "/home/dwalsh/bin/fuse-overlayfs", - "Package": "Unknown", - "Version": "fusermount3 version: 3.9.3\nfuse-overlayfs: version 0.7.2\nFUSE library version 3.9.3\nusing FUSE kernel interface version 7.31" -} }, "graphRoot": "/home/dwalsh/.local/share/containers/storage", "graphStatus": { "Backing Filesystem": "extfs", - "Native Overlay Diff": "false", + "Native Overlay Diff": "true", "Supports d_type": "true", "Using metacopy": "false" }, "imageStore": { - "number": 77 + "number": 37 }, "runRoot": "/run/user/3267/containers", "volumePath": "/home/dwalsh/.local/share/containers/storage/volumes" }, "registries": { + "localhost:5000": { + "Prefix": "localhost:5000", + "Location": "localhost:5000", + "Insecure": true, + "Mirrors": null, + "Blocked": false, + "MirrorByDigestOnly": false +}, "search": [ "registry.fedoraproject.org", "registry.access.redhat.com", - "registry.centos.org", "docker.io" ] }, + "plugins": { + "volume": [ + "local" + ], + "network": [ + "bridge", + "macvlan" + ], + "log": [ + "k8s-file", + "none", + "journald" + ] + }, "version": { - "APIVersion": "3.0.0", - "Version": "3.0.0-dev", - "GoVersion": "go1.15.5", - "GitCommit": "d6925182cdaf94225908a386d02eae8fd3e01123-dirty", - "BuiltTime": "Mon Dec 21 10:02:02 2020", - "Built": 1608562922, + "APIVersion": "3.3.1", + "Version": "3.3.1", + "GoVersion": "go1.16.6", + "GitCommit": "", + "BuiltTime": "Mon Aug 30 16:46:36 2021", + "Built": 1630356396, "OsArch": "linux/amd64" } } diff --git a/docs/source/markdown/podman-network-create.1.md b/docs/source/markdown/podman-network-create.1.md index d110c4ceb..04290c188 100644 --- a/docs/source/markdown/podman-network-create.1.md +++ b/docs/source/markdown/podman-network-create.1.md @@ -25,7 +25,8 @@ resolution. #### **--driver**, **-d** -Driver to manage the network (default "bridge"). Currently only `bridge` is supported. +Driver to manage the network. Currently `bridge` and `macvlan` is supported. Defaults to `bridge`. +As rootless the `macvlan` driver has no access to the host network interfaces because rootless networking requires a separate network namespace. #### **--opt**=*option*, **-o** @@ -54,13 +55,6 @@ must be used with a *subnet* option. Set metadata for a network (e.g., --label mykey=value). -#### **--macvlan** - -*This option is being deprecated* - -Create a *Macvlan* based connection rather than a classic bridge. You must pass an interface name from the host for the -Macvlan connection. - #### **--subnet** The subnet in CIDR notation. diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md index 33f79e7ef..c170d6495 100644 --- a/docs/source/markdown/podman-play-kube.1.md +++ b/docs/source/markdown/podman-play-kube.1.md @@ -20,6 +20,8 @@ Currently, the supported Kubernetes kinds are: Only two volume types are supported by play kube, the *hostPath* and *persistentVolumeClaim* volume types. For the *hostPath* volume type, only the *default (empty)*, *DirectoryOrCreate*, *Directory*, *FileOrCreate*, *File*, and *Socket* subtypes are supported. The *CharDevice* and *BlockDevice* subtypes are not supported. Podman interprets the value of *hostPath* *path* as a file path when it contains at least one forward slash, otherwise Podman treats the value as the name of a named volume. When using a *persistentVolumeClaim*, the value for *claimName* is the name for the Podman named volume. +Note: When playing a kube YAML with init containers, the init container will be created with init type value `always`. + Note: *hostPath* volume types created by play kube will be given an SELinux private label (Z) Note: If the `:latest` tag is used, Podman will attempt to pull the image from a registry. If the image was built locally with Podman or Buildah, it will have `localhost` as the domain, in that case, Podman will use the image from the local store even if it has the `:latest` tag. @@ -113,9 +115,28 @@ Set logging driver for all created containers. Assign a static mac address to the pod. This option can be specified several times when play kube creates more than one pod. -#### **--network**=*networks*, **--net** - -A comma-separated list of the names of CNI networks the pod should join. +#### **--network**=*mode*, **--net** + +Change the network mode of the pod. The host and bridge network mode should be configured in the yaml file. +Valid _mode_ values are: + +- **none**: Create a network namespace for the container but do not configure network interfaces for it, thus the container has no network connectivity. +- **container:**_id_: Reuse another container's network stack. +- **network**: Connect to a user-defined network, multiple networks should be comma-separated. +- **ns:**_path_: Path to a network namespace to join. +- **private**: Create a new namespace for the container. This will use the **bridge** mode for rootfull containers and **slirp4netns** for rootless ones. +- **slirp4netns[:OPTIONS,...]**: use **slirp4netns**(1) to create a user network stack. This is the default for rootless containers. It is possible to specify these additional options: + - **allow_host_loopback=true|false**: Allow the slirp4netns to reach the host loopback IP (`10.0.2.2`, which is added to `/etc/hosts` as `host.containers.internal` for your convenience). Default is false. + - **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`). + - **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`). + - **enable_ipv6=true|false**: Enable IPv6. Default is false. (Required for `outbound_addr6`). + - **outbound_addr=INTERFACE**: Specify the outbound interface slirp should bind to (ipv4 traffic only). + - **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp should bind to. + - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp should bind to (ipv6 traffic only). + - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp should bind to. + - **port_handler=rootlesskit**: Use rootlesskit for port forwarding. Default. + Note: Rootlesskit changes the source IP address of incoming packets to a IP address in the container network namespace, usually `10.0.2.100`. If your application requires the real source IP address, e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for rootless containers when connected to user-defined networks. + - **port_handler=slirp4netns**: Use the slirp4netns port forwarding, it is slower than rootlesskit but preserves the correct source IP address. This port handler cannot be used for user-defined networks. #### **--quiet**, **-q** diff --git a/docs/source/markdown/podman-pod-logs.1.md b/docs/source/markdown/podman-pod-logs.1.md new file mode 100644 index 000000000..8378f2eea --- /dev/null +++ b/docs/source/markdown/podman-pod-logs.1.md @@ -0,0 +1,88 @@ +% podman-pod-logs(1) + +## NAME +podman\-pod\-logs - Displays logs for pod with one or more containers + +## SYNOPSIS +**podman pod logs** [*options*] *pod* + +## DESCRIPTION +The podman pod logs command batch-retrieves whatever logs are present with all the containers of a pod. Pod logs can be filtered by container name or id using flag **-c** or **--container** if needed. + +Note: Long running command of `podman pod log` with a `-f` or `--follow` needs to be reinvoked if new container is added to the pod dynamically otherwise logs of newly added containers would not be visible in log stream. + +## OPTIONS + +#### **--container**, **-c** + +By default `podman pod logs` retrives logs for all the containers available within the pod differentiate by field `container`. However there are use-cases where user would want to limit the log stream only to a particular container of a pod for such cases `-c` can be used like `podman pod logs -c ctrNameorID podname`. + +#### **--follow**, **-f** + +Follow log output. Default is false. + +Note: If you are following a pod which is removed `podman pod rm`, then there is a +chance the the log file will be removed before `podman pod logs` reads the final content. + +#### **--latest**, **-l** + +Instead of providing the pod name or id, get logs of the last created pod. (This option is not available with the remote Podman client) + +#### **--since**=*TIMESTAMP* + +Show logs since TIMESTAMP. The --since option can be Unix timestamps, date formatted timestamps, or Go duration +strings (e.g. 10m, 1h30m) computed relative to the client machine's time. Supported formats for date formatted +time stamps include RFC3339Nano, RFC3339, 2006-01-02T15:04:05, 2006-01-02T15:04:05.999999999, 2006-01-02Z07:00, +and 2006-01-02. + +#### **--until**=*TIMESTAMP* + +Show logs until TIMESTAMP. The --until option can be Unix timestamps, date formatted timestamps, or Go duration +strings (e.g. 10m, 1h30m) computed relative to the client machine's time. Supported formats for date formatted +time stamps include RFC3339Nano, RFC3339, 2006-01-02T15:04:05, 2006-01-02T15:04:05.999999999, 2006-01-02Z07:00, +and 2006-01-02. + + +#### **--tail**=*LINES* + +Output the specified number of LINES at the end of the logs. LINES must be an integer. Defaults to -1, +which prints all lines + +#### **--timestamps**, **-t** + +Show timestamps in the log outputs. The default is false + +## EXAMPLE + +To view a pod's logs: +``` +podman pod logs -t podIdorName +``` + +To view logs of a specific container on the pod +``` +podman pod logs -c ctrIdOrName podIdOrName +``` + +To view all pod logs: +``` +podman pod logs -t --since 0 myserver-pod-1 +``` + +To view a pod's logs since a certain time: +``` +podman pod logs -t --since 2017-08-07T10:10:09.055837383-04:00 myserver-pod-1 +``` + +To view a pod's logs generated in the last 10 minutes: +``` +podman pod logs --since 10m myserver-pod-1 +``` + +To view a pod's logs until 30 minutes ago: +``` +podman pod logs --until 30m myserver-pod-1 +``` + +## SEE ALSO +podman(1), podman-pod-start(1), podman-pod-rm(1), podman-logs(1) diff --git a/docs/source/markdown/podman-pod.1.md b/docs/source/markdown/podman-pod.1.md index e5a8207e9..9de2442bd 100644 --- a/docs/source/markdown/podman-pod.1.md +++ b/docs/source/markdown/podman-pod.1.md @@ -17,11 +17,12 @@ podman pod is a set of subcommands that manage pods, or groups of containers. | exists | [podman-pod-exists(1)](podman-pod-exists.1.md) | Check if a pod exists in local storage. | | inspect | [podman-pod-inspect(1)](podman-pod-inspect.1.md) | Displays information describing a pod. | | kill | [podman-pod-kill(1)](podman-pod-kill.1.md) | Kill the main process of each container in one or more pods. | +| logs | [podman-pod-logs(1)](podman-pod-logs.1.md) | Displays logs for pod with one or more containers. | | pause | [podman-pod-pause(1)](podman-pod-pause.1.md) | Pause one or more pods. | -| prune | [podman-pod-prune(1)](podman-pod-prune.1.md) | Remove all stopped pods and their containers. | +| prune | [podman-pod-prune(1)](podman-pod-prune.1.md) | Remove all stopped pods and their containers. | | ps | [podman-pod-ps(1)](podman-pod-ps.1.md) | Prints out information about pods. | | restart | [podman-pod-restart(1)](podman-pod-restart.1.md) | Restart one or more pods. | -| rm | [podman-pod-rm(1)](podman-pod-rm.1.md) | Remove one or more stopped pods and containers. | +| rm | [podman-pod-rm(1)](podman-pod-rm.1.md) | Remove one or more stopped pods and containers. | | start | [podman-pod-start(1)](podman-pod-start.1.md) | Start one or more pods. | | stats | [podman-pod-stats(1)](podman-pod-stats.1.md) | Display a live stream of resource usage stats for containers in one or more pods. | | stop | [podman-pod-stop(1)](podman-pod-stop.1.md) | Stop one or more pods. | diff --git a/docs/source/markdown/podman-pull.1.md b/docs/source/markdown/podman-pull.1.md index 189464d17..aa0815f4b 100644 --- a/docs/source/markdown/podman-pull.1.md +++ b/docs/source/markdown/podman-pull.1.md @@ -43,7 +43,7 @@ $ podman pull oci-archive:/tmp/myimage ``` ## OPTIONS -#### **--all-tags**, **a** +#### **--all-tags** All tagged images in the repository will be pulled. diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index caff714d6..63224b49d 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -1184,7 +1184,7 @@ Example: `containers:2147483647:2147483648`. Podman allocates unique ranges of UIDs and GIDs from the `containers` subpordinate user ids. The size of the ranges is based on the number of UIDs required in the image. The number of UIDs and GIDs can be overridden with the `size` option. The `auto` options currently does not work in rootless mode - Valid `auto`options: + Valid `auto` options: - *gidmapping*=_CONTAINER_GID:HOST_GID:SIZE_: to force a GID mapping to be present in the user namespace. - *size*=_SIZE_: to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` will estimate a size for the user namespace. @@ -1194,11 +1194,11 @@ Podman allocates unique ranges of UIDs and GIDs from the `containers` subpordina **host**: run in the user namespace of the caller. The processes running in the container will have the same privileges on the host as any other process launched by the calling user (default). -- **keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user. +**keep-id**: creates a user namespace where the current rootless user's UID:GID are mapped to the same values in the container. This option is ignored for containers created by the root user. -- **ns:**_namespace_: run the container in the given existing user namespace. +**ns:**_namespace_: run the container in the given existing user namespace. -- **private**: create a new namespace for the container. +**private**: create a new namespace for the container. This option is incompatible with **--gidmap**, **--uidmap**, **--subuidname** and **--subgidname**. diff --git a/docs/source/markdown/podman-system-connection-add.1.md b/docs/source/markdown/podman-system-connection-add.1.md index ad9acb4d8..fa763d7cc 100644 --- a/docs/source/markdown/podman-system-connection-add.1.md +++ b/docs/source/markdown/podman-system-connection-add.1.md @@ -41,9 +41,9 @@ $ podman system connection add QA podman.example.com $ podman system connection add --identity ~/.ssh/dev_rsa production ssh://root@server.example.com:2222 -$ podman system connection add unix:///run/podman/podman.sock +$ podman system connection add testing unix:///run/podman/podman.sock -$ podman system connection add tcp://localhost:8080 +$ podman system connection add debug tcp://localhost:8080 ``` ## SEE ALSO podman-system(1) , podman-system-connection(1) , containers.conf(5) diff --git a/docs/source/markdown/podman-unshare.1.md b/docs/source/markdown/podman-unshare.1.md index 2e7adfd34..72821b6e5 100644 --- a/docs/source/markdown/podman-unshare.1.md +++ b/docs/source/markdown/podman-unshare.1.md @@ -37,6 +37,35 @@ connect to a rootless container via IP address (CNI networking). This is otherwi not possible from the host network namespace. _Note: Using this option with more than one unshare session can have unexpected results._ +## Exit Codes + +The exit code from `podman unshare` gives information about why the container +failed to run or why it exited. When `podman unshare` commands exit with a non-zero code, +the exit codes follow the `chroot` standard, see below: + + **125** The error is with podman **_itself_** + + $ podman unshare --foo; echo $? + Error: unknown flag: --foo + 125 + + **126** Executing a _contained command_ and the _command_ cannot be invoked + + $ podman unshare /etc; echo $? + Error: fork/exec /etc: permission denied + 126 + + **127** Executing a _contained command_ and the _command_ cannot be found + + $ podman run busybox foo; echo $? + Error: fork/exec /usr/bin/bogus: no such file or directory + 127 + + **Exit code** _contained command_ exit code + + $ podman run busybox /bin/sh -c 'exit 3'; echo $? + 3 + ## EXAMPLE ``` diff --git a/docs/source/pod.rst b/docs/source/pod.rst index 2df377762..d9ad07d83 100644 --- a/docs/source/pod.rst +++ b/docs/source/pod.rst @@ -9,6 +9,8 @@ Pod :doc:`kill <markdown/podman-pod-kill.1>` Send the specified signal or SIGKILL to containers in pod +:doc:`logs <markdown/podman-pod-logs.1>` Displays logs for pod with one or more containers + :doc:`pause <markdown/podman-pause.1>` Pause one or more pods :doc:`prune <markdown/podman-pod-prune.1>` Remove all stopped pods and their containers diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md index 7419f445e..92d0c41b1 100644 --- a/docs/tutorials/podman_tutorial.md +++ b/docs/tutorials/podman_tutorial.md @@ -50,11 +50,11 @@ Note: The -l is a convenience argument for **latest container**. You can also u of -l. ### Testing the httpd server -Now that we have the IP address of the container, we can test the network communication between the host +As we do not have the IP address of the container, we can test the network communication between the host operating system and the container using curl. The following command should display the index page of our containerized httpd server. ```console -curl http://<IP_address>:8080 +curl http://localhost:8080 ``` ### Viewing the container's logs @@ -12,12 +12,12 @@ require ( github.com/containernetworking/cni v0.8.1 github.com/containernetworking/plugins v0.9.1 github.com/containers/buildah v1.22.3 - github.com/containers/common v0.43.2 + github.com/containers/common v0.44.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/image/v5 v5.16.0 github.com/containers/ocicrypt v1.1.2 - github.com/containers/psgo v1.5.2 - github.com/containers/storage v1.35.0 + github.com/containers/psgo v1.6.0 + github.com/containers/storage v1.36.0 github.com/coreos/go-systemd/v22 v22.3.2 github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3 github.com/cri-o/ocicni v0.2.1-0.20210621164014-d0acc7862283 @@ -32,9 +32,10 @@ require ( github.com/dtylman/scp v0.0.0-20181017070807-f3000a34aef4 github.com/fsnotify/fsnotify v1.5.1 github.com/ghodss/yaml v1.0.0 - github.com/godbus/dbus/v5 v5.0.4 + github.com/godbus/dbus/v5 v5.0.5 github.com/google/shlex v0.0.0-20181106134648-c34317bd91bf github.com/google/uuid v1.3.0 + github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33 github.com/gorilla/mux v1.8.0 github.com/gorilla/schema v1.2.0 github.com/hashicorp/go-multierror v1.1.1 @@ -50,7 +51,7 @@ require ( github.com/opencontainers/runc v1.0.2 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 github.com/opencontainers/runtime-tools v0.9.0 - github.com/opencontainers/selinux v1.8.4 + github.com/opencontainers/selinux v1.8.5 github.com/pkg/errors v0.9.1 github.com/pmezard/go-difflib v1.0.0 github.com/rootless-containers/rootlesskit v0.14.5 @@ -61,14 +62,13 @@ require ( github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 github.com/uber/jaeger-client-go v2.29.1+incompatible github.com/vbauerster/mpb/v6 v6.0.4 + github.com/vbauerster/mpb/v7 v7.1.4 // indirect github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852 go.etcd.io/bbolt v1.3.6 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a golang.org/x/sync v0.0.0-20210220032951-036812b2e83c - golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 + golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b k8s.io/api v0.22.1 k8s.io/apimachinery v0.22.1 ) - -replace github.com/vbauerster/mpb/v7 => github.com/mtrmac/mpb/v7 v7.0.5-0.20210831125917-6bcc64f93d02 @@ -74,8 +74,9 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.20 h1:ZTwcx3NS8n07kPf/JZ1qwU6vnjhVPMUWlXBF8r9UxrE= github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= +github.com/Microsoft/hcsshim v0.8.22 h1:CulZ3GW8sNJExknToo+RWD+U+6ZM5kkNfuxywSDPd08= +github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -182,6 +183,7 @@ github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMX github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= @@ -216,6 +218,8 @@ github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJ github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.8.0 h1:oA1wx8kTFfImfsT5bScbrZd8gK+WtQnn15q82Djvm0Y= +github.com/containerd/stargz-snapshotter/estargz v0.8.0/go.mod h1:mwIwuwb+D8FX2t45Trwi0hmWmZm5VW7zPP/rekwhWQU= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= @@ -241,12 +245,11 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD github.com/containers/buildah v1.22.3 h1:RomxwUa24jMcqzXQetpw4wGMfNlNZLhc9qwyoWHblwc= github.com/containers/buildah v1.22.3/go.mod h1:JVXRyx5Rkp5w5jwvaXe45kuHtyoxpERMjXrR45+3Wfg= github.com/containers/common v0.42.1/go.mod h1:AaF3ipZfgezsctDuhzLkq4Vl+LkEy7J74ikh2HSXDsg= -github.com/containers/common v0.43.2 h1:oSP5d5sDrq7OkoqLPVrLpi1LZOAwpTwOZXgPDHfmD0E= -github.com/containers/common v0.43.2/go.mod h1:BAoVyRYlxKZKAYpHcFMdrXlIZyzbJp9NwKTgadTd/Dg= +github.com/containers/common v0.44.0 h1:YpjfOxmWrnVyxugYgiWV1Vo/Xg8JUfe32QZz3SAMfUk= +github.com/containers/common v0.44.0/go.mod h1:7sdP4vmI5Bm6FPFxb3lvAh1Iktb6tiO1MzjUzhxdoGo= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.14.0/go.mod h1:SxiBKOcKuT+4yTjD0AskjO+UwFvNcVOJ9qlAw1HNSPU= -github.com/containers/image/v5 v5.15.0/go.mod h1:gzdBcooi6AFdiqfzirUqv90hUyHyI0MMdaqKzACKr2s= github.com/containers/image/v5 v5.15.2/go.mod h1:8jejVSzTDfyPwr/HXp9rri34n/vbdavYk6IzTiB3TBw= github.com/containers/image/v5 v5.16.0 h1:WQcNSzb7+ngS2cfynx0vUwhk+scpgiKlldVcsF8GPbI= github.com/containers/image/v5 v5.16.0/go.mod h1:XgTpfAPLRGOd1XYyCU5cISFr777bLmOerCSpt/v7+Q4= @@ -257,16 +260,15 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/containers/ocicrypt v1.1.2 h1:Ez+GAMP/4GLix5Ywo/fL7O0nY771gsBIigiqUm1aXz0= github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/containers/psgo v1.5.2 h1:3aoozst/GIwsrr/5jnFy3FrJay98uujPCu9lTuSZ/Cw= -github.com/containers/psgo v1.5.2/go.mod h1:2ubh0SsreMZjSXW1Hif58JrEcFudQyIy9EzPUWfawVU= +github.com/containers/psgo v1.6.0 h1:jkl/5kndKmJ/bnSFq8in6xRDAzgW26GnNuTxoycNFvk= +github.com/containers/psgo v1.6.0/go.mod h1:ggVhB2KQi9qGZdqSlczqN0BwcJdotmpRru87S1anRO8= github.com/containers/storage v1.23.5/go.mod h1:ha26Q6ngehFNhf3AWoXldvAvwI4jFe3ETQAf/CeZPyM= github.com/containers/storage v1.32.6/go.mod h1:mdB+b89p+jU8zpzLTVXA0gWMmIo0WrkfGMh1R8O2IQw= -github.com/containers/storage v1.33.0/go.mod h1:FUZPF4nJijX8ixdhByZJXf02cvbyLi6dyDwXdIe8QVY= github.com/containers/storage v1.33.1/go.mod h1:FUZPF4nJijX8ixdhByZJXf02cvbyLi6dyDwXdIe8QVY= -github.com/containers/storage v1.34.0/go.mod h1:t6I+hTgPU0/tVxQ75vw406wDi/TXwYBqZp4QZV9N7b8= github.com/containers/storage v1.34.1/go.mod h1:FY2TcbfgCLMU4lYoKnlZeZXeH353TOTbpDEA+sAcqAY= -github.com/containers/storage v1.35.0 h1:bNduWshYm1tq4IPJRC+zLs3VQ+1tbauU0CZBaqzPxw4= github.com/containers/storage v1.35.0/go.mod h1:qzYhasQP2/V9D9XdO+vRwkHBhsBO0oznMLzzRDQ8s20= +github.com/containers/storage v1.36.0 h1:OelxllCW19tnNngYuZw2ty/zLabVMG5rSs3KSwO1Lzc= +github.com/containers/storage v1.36.0/go.mod h1:vbd3SKVQNHdmU5qQI6hTEcKPxnZkGqydG4f6uwrI5a8= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -405,8 +407,9 @@ github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblf github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e h1:BWhy2j3IXJhjCbC68FptL43tDKIq8FladmaTs3Xs7Z8= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/godbus/dbus/v5 v5.0.4 h1:9349emZab16e7zQvpmsbtjc18ykshndd8y2PG3sgJbA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.0.5 h1:9Eg0XUhQxtkV8ykTMKtMMYY72g4NgxtRq4jgh4Ih5YM= +github.com/godbus/dbus/v5 v5.0.5/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= @@ -450,7 +453,6 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -501,6 +503,7 @@ github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3i github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33 h1:893HsJqtxp9z1SF76gg6hY70hRY1wVlTSnC/h1yUDCo= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= @@ -589,9 +592,9 @@ github.com/klauspost/compress v1.11.0/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.4 h1:0zhec2I8zGnjWcKyLl6i3gPqKANCCn5e9xmviEEeX6s= github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.13.5 h1:9O69jUPDcsT9fEm74W92rZL9FQY7rCdaXVneq+yyzl4= +github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -687,8 +690,6 @@ github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6 github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/mtrmac/gpgme v0.1.2 h1:dNOmvYmsrakgW7LcgiprD0yfRuQQe8/C8F6Z+zogO3s= github.com/mtrmac/gpgme v0.1.2/go.mod h1:GYYHnGSuS7HK3zVS2n3y73y0okK/BeKzwnn5jgiVFNI= -github.com/mtrmac/mpb/v7 v7.0.5-0.20210831125917-6bcc64f93d02 h1:6FgywoK3FxI2NCAiDHdcpguaZ4mhOQpKRd6MjN5nelo= -github.com/mtrmac/mpb/v7 v7.0.5-0.20210831125917-6bcc64f93d02/go.mod h1:X5GlohZw2fIpypMXWaKart+HGSAjpz49skxkDk+ZL7c= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= @@ -723,7 +724,6 @@ github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1y github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7mt48= github.com/onsi/gomega v1.14.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.16.0 h1:6gjqkI8iiRHMvdccRJM8rVKjCWk6ZIm6FTm3ddIe4/c= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -738,7 +738,6 @@ github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 h1:TVzvdjOalkJBNkbpPVMAr4KV9QRf2IjfxdyxwAK78Gs= github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.0.0-20190425234816-dae70e8efea4/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= @@ -763,9 +762,9 @@ github.com/opencontainers/selinux v1.5.1/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwy github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.8.3/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= -github.com/opencontainers/selinux v1.8.4 h1:krlgQ6/j9CkCXT5oW0yVXdQFOME3NjKuuAZXuR6O7P4= github.com/opencontainers/selinux v1.8.4/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= +github.com/opencontainers/selinux v1.8.5 h1:OkT6bMHOQ1JQQO4ihjQ49sj0+wciDcjziSVTRn8VeTA= +github.com/opencontainers/selinux v1.8.5/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= github.com/openshift/imagebuilder v1.2.2-0.20210415181909-87f3e48c2656 h1:WaxyNFpmIDu4i6so9r6LVFIbSaXqsj8oitMitt86ae4= github.com/openshift/imagebuilder v1.2.2-0.20210415181909-87f3e48c2656/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo= github.com/ostreedev/ostree-go v0.0.0-20190702140239-759a8c1ac913 h1:TnbXhKzrTOyuvWrjI8W6pcoI9XPbLHFXCdN2dtUw7Rw= @@ -775,7 +774,6 @@ github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/9 github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pkg/errors v0.0.0-20190227000051-27936f6d90f9/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -839,7 +837,6 @@ github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvW github.com/seccomp/libseccomp-golang v0.9.2-0.20200616122406-847368b35ebf h1:b0+ZBD3rohnkQ4q5duD1+RyTXTg9yk+qTOPMSQtapO0= github.com/seccomp/libseccomp-golang v0.9.2-0.20200616122406-847368b35ebf/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v0.0.0-20190403091019-9b3cdde74fbe/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -920,6 +917,10 @@ github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlI github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= github.com/vbauerster/mpb/v6 v6.0.4 h1:h6J5zM/2wimP5Hj00unQuV8qbo5EPcj6wbkCqgj7KcY= github.com/vbauerster/mpb/v6 v6.0.4/go.mod h1:a/+JT57gqh6Du0Ay5jSR+uBMfXGdlR7VQlGP52fJxLM= +github.com/vbauerster/mpb/v7 v7.0.3/go.mod h1:NXGsfPGx6G2JssqvEcULtDqUrxuuYs4llpv8W6ZUpzk= +github.com/vbauerster/mpb/v7 v7.1.3/go.mod h1:X5GlohZw2fIpypMXWaKart+HGSAjpz49skxkDk+ZL7c= +github.com/vbauerster/mpb/v7 v7.1.4 h1:XGWpWEB8aWnvqSlAMA7F7kdeUGqcTujuVFvYj9+59Ww= +github.com/vbauerster/mpb/v7 v7.1.4/go.mod h1:4zulrZfvshMOnd2APiHgWS9Yrw08AzZVRr9G11tkpcQ= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852 h1:cPXZWzzG0NllBLdjWoD1nDfaqu98YMv+OneaKc8sPOA= @@ -1120,7 +1121,6 @@ golang.org/x/sys v0.0.0-20190411185658-b44545bcd369/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190418153312-f0ce4c0180be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190425145619-16072639606e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1204,8 +1204,10 @@ golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 h1:rw6UNGRMfarCepjI8qOepea/SXwIBVfTKjztZ5gBbq4= +golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34 h1:GkvMjFtXUmahfDtashnc1mnrCtuBVcwse5QV2lUk/tI= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201113234701-d7a72108b828/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= diff --git a/hack/release.sh b/hack/release.sh index 34842de2e..7925d55ad 100755 --- a/hack/release.sh +++ b/hack/release.sh @@ -36,20 +36,10 @@ write_spec_version() sed -i "s/^\(Version: *\).*/\1${LOCAL_VERSION}/" contrib/spec/podman.spec.in } -write_changelog() -{ - echo "- Changelog for v${VERSION} (${DATE})" >.changelog.txt && - git log --no-merges --format=' * %s' "${LAST_TAG}..HEAD" >>.changelog.txt && - echo >>.changelog.txt && - cat changelog.txt >>.changelog.txt && - mv -f .changelog.txt changelog.txt -} - release_commit() { write_go_version "${VERSION}" && write_spec_version "${VERSION}" && - write_changelog && git commit -asm "Bump to v${VERSION}" } diff --git a/libpod/container.go b/libpod/container.go index c57250d72..a4bbb5dd0 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -159,6 +159,9 @@ type ContainerState struct { // OOMKilled indicates that the container was killed as it ran out of // memory OOMKilled bool `json:"oomKilled,omitempty"` + // Checkpointed indicates that the container was stopped by a checkpoint + // operation. + Checkpointed bool `json:"checkpointed,omitempty"` // PID is the PID of a running container PID int `json:"pid,omitempty"` // ConmonPID is the PID of the container's conmon @@ -1059,6 +1062,11 @@ func (c *Container) IsInfra() bool { return c.config.IsInfra } +// IsInitCtr returns whether the container is an init container +func (c *Container) IsInitCtr() bool { + return len(c.config.InitContainerType) > 0 +} + // IsReadOnly returns whether the container is running in read only mode func (c *Container) IsReadOnly() bool { return c.config.Spec.Root.Readonly diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index 97318a2e8..2ef4532cd 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -103,18 +103,19 @@ func (c *Container) getContainerInspectData(size bool, driverData *define.Driver Path: path, Args: args, State: &define.InspectContainerState{ - OciVersion: ctrSpec.Version, - Status: runtimeInfo.State.String(), - Running: runtimeInfo.State == define.ContainerStateRunning, - Paused: runtimeInfo.State == define.ContainerStatePaused, - OOMKilled: runtimeInfo.OOMKilled, - Dead: runtimeInfo.State.String() == "bad state", - Pid: runtimeInfo.PID, - ConmonPid: runtimeInfo.ConmonPID, - ExitCode: runtimeInfo.ExitCode, - Error: "", // can't get yet - StartedAt: runtimeInfo.StartedTime, - FinishedAt: runtimeInfo.FinishedTime, + OciVersion: ctrSpec.Version, + Status: runtimeInfo.State.String(), + Running: runtimeInfo.State == define.ContainerStateRunning, + Paused: runtimeInfo.State == define.ContainerStatePaused, + OOMKilled: runtimeInfo.OOMKilled, + Dead: runtimeInfo.State.String() == "bad state", + Pid: runtimeInfo.PID, + ConmonPid: runtimeInfo.ConmonPID, + ExitCode: runtimeInfo.ExitCode, + Error: "", // can't get yet + StartedAt: runtimeInfo.StartedTime, + FinishedAt: runtimeInfo.FinishedTime, + Checkpointed: runtimeInfo.Checkpointed, }, Image: config.RootfsImageID, ImageName: config.RootfsImageName, diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 9082b136a..4d1a25541 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -584,6 +584,7 @@ func resetState(state *ContainerState) { state.StoppedByUser = false state.RestartPolicyMatch = false state.RestartCount = 0 + state.Checkpointed = false } // Refresh refreshes the container's state after a restart. @@ -1110,6 +1111,7 @@ func (c *Container) init(ctx context.Context, retainRetries bool) error { c.state.ExecSessions = make(map[string]*ExecSession) } + c.state.Checkpointed = false c.state.ExitCode = 0 c.state.Exited = false c.state.State = define.ContainerStateCreated diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 847122929..eabe8efd2 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1,3 +1,4 @@ +//go:build linux // +build linux package libpod @@ -1145,6 +1146,7 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO if !options.KeepRunning && !options.PreCheckPoint { c.state.State = define.ContainerStateStopped + c.state.Checkpointed = true // Cleanup Storage and Network if err := c.cleanup(ctx); err != nil { @@ -1942,9 +1944,24 @@ func (c *Container) generateHosts(path string) (string, error) { } hosts := string(orig) hosts += c.getHosts() + + hosts = c.appendLocalhost(hosts) + return c.writeStringToRundir("hosts", hosts) } +// based on networking mode we may want to append the localhost +// if there isn't any record for it and also this shoud happen +// in slirp4netns and similar network modes. +func (c *Container) appendLocalhost(hosts string) string { + if !strings.Contains(hosts, "localhost") && + !c.config.NetMode.IsHost() { + hosts += "127.0.0.1\tlocalhost\n::1\tlocalhost\n" + } + + return hosts +} + // appendHosts appends a container's config and state pertaining to hosts to a container's // local hosts file. netCtr is the container from which the netNS information is // taken. diff --git a/libpod/container_internal_linux_test.go b/libpod/container_internal_linux_test.go index 1465ffbea..899f9bffd 100644 --- a/libpod/container_internal_linux_test.go +++ b/libpod/container_internal_linux_test.go @@ -1,3 +1,4 @@ +//go:build linux // +build linux package libpod @@ -7,6 +8,7 @@ import ( "os" "testing" + "github.com/containers/podman/v3/pkg/namespaces" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" ) @@ -68,3 +70,30 @@ func TestGenerateUserGroupEntry(t *testing.T) { } assert.Equal(t, group, "567:x:567:567\n") } + +func TestAppendLocalhost(t *testing.T) { + { + c := Container{ + config: &ContainerConfig{ + ContainerNetworkConfig: ContainerNetworkConfig{ + NetMode: namespaces.NetworkMode("slirp4netns"), + }, + }, + } + + assert.Equal(t, "127.0.0.1\tlocalhost\n::1\tlocalhost\n", c.appendLocalhost("")) + assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost")) + } + { + c := Container{ + config: &ContainerConfig{ + ContainerNetworkConfig: ContainerNetworkConfig{ + NetMode: namespaces.NetworkMode("host"), + }, + }, + } + + assert.Equal(t, "", c.appendLocalhost("")) + assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost")) + } +} diff --git a/libpod/container_log.go b/libpod/container_log.go index 3988bb654..89dd5e8b0 100644 --- a/libpod/container_log.go +++ b/libpod/container_log.go @@ -107,16 +107,18 @@ func (c *Container) readFromLogFile(ctx context.Context, options *logs.LogOption // until EOF. state, err := c.State() if err != nil || state != define.ContainerStateRunning { - // Make sure to wait at least for the poll duration - // before stopping the file logger (see #10675). - time.Sleep(watch.POLL_DURATION) - tailError := t.StopAtEOF() - if tailError != nil && fmt.Sprintf("%v", tailError) != "tail: stop at eof" { - logrus.Errorf("Error stopping logger: %v", tailError) - } if err != nil && errors.Cause(err) != define.ErrNoSuchCtr { logrus.Errorf("Error getting container state: %v", err) } + go func() { + // Make sure to wait at least for the poll duration + // before stopping the file logger (see #10675). + time.Sleep(watch.POLL_DURATION) + tailError := t.StopAtEOF() + if tailError != nil && tailError.Error() != "tail: stop at eof" { + logrus.Errorf("Error stopping logger: %v", tailError) + } + }() return nil } diff --git a/libpod/container_top_linux.go b/libpod/container_top_linux.go index ee03570ab..0d4cba85e 100644 --- a/libpod/container_top_linux.go +++ b/libpod/container_top_linux.go @@ -47,7 +47,7 @@ func (c *Container) Top(descriptors []string) ([]string, error) { if psgoErr == nil { return output, nil } - if errors.Cause(psgoErr) != psgo.ErrUnknownDescriptor { + if !errors.Is(psgoErr, psgo.ErrUnknownDescriptor) { return nil, psgoErr } diff --git a/libpod/define/container_inspect.go b/libpod/define/container_inspect.go index af8ba6ecf..90703a807 100644 --- a/libpod/define/container_inspect.go +++ b/libpod/define/container_inspect.go @@ -189,20 +189,21 @@ type InspectMount struct { // Docker, but here we see more fields that are unused (nonsensical in the // context of Libpod). type InspectContainerState struct { - OciVersion string `json:"OciVersion"` - Status string `json:"Status"` - Running bool `json:"Running"` - Paused bool `json:"Paused"` - Restarting bool `json:"Restarting"` // TODO - OOMKilled bool `json:"OOMKilled"` - Dead bool `json:"Dead"` - Pid int `json:"Pid"` - ConmonPid int `json:"ConmonPid,omitempty"` - ExitCode int32 `json:"ExitCode"` - Error string `json:"Error"` // TODO - StartedAt time.Time `json:"StartedAt"` - FinishedAt time.Time `json:"FinishedAt"` - Healthcheck HealthCheckResults `json:"Healthcheck,omitempty"` + OciVersion string `json:"OciVersion"` + Status string `json:"Status"` + Running bool `json:"Running"` + Paused bool `json:"Paused"` + Restarting bool `json:"Restarting"` // TODO + OOMKilled bool `json:"OOMKilled"` + Dead bool `json:"Dead"` + Pid int `json:"Pid"` + ConmonPid int `json:"ConmonPid,omitempty"` + ExitCode int32 `json:"ExitCode"` + Error string `json:"Error"` // TODO + StartedAt time.Time `json:"StartedAt"` + FinishedAt time.Time `json:"FinishedAt"` + Healthcheck HealthCheckResults `json:"Healthcheck,omitempty"` + Checkpointed bool `json:"Checkpointed,omitempty"` } // HealthCheckResults describes the results/logs from a healthcheck diff --git a/libpod/define/info.go b/libpod/define/info.go index 95c1196dd..73df80087 100644 --- a/libpod/define/info.go +++ b/libpod/define/info.go @@ -36,6 +36,7 @@ type HostInfo struct { Hostname string `json:"hostname"` IDMappings IDMappings `json:"idMappings,omitempty"` Kernel string `json:"kernel"` + LogDriver string `json:"logDriver"` MemFree int64 `json:"memFree"` MemTotal int64 `json:"memTotal"` OCIRuntime *OCIRuntimeInfo `json:"ociRuntime"` diff --git a/libpod/info.go b/libpod/info.go index 8f4c7f015..31ec9cdc1 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -126,6 +126,7 @@ func (r *Runtime) hostInfo() (*define.HostInfo, error) { Linkmode: linkmode.Linkmode(), CPUs: runtime.NumCPU(), Distribution: hostDistributionInfo, + LogDriver: r.config.Containers.LogDriver, EventLogger: r.eventer.String(), Hostname: host, IDMappings: define.IDMappings{}, diff --git a/libpod/kube.go b/libpod/kube.go index fff040adb..812bb101b 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -4,6 +4,7 @@ import ( "fmt" "math/rand" "os" + "sort" "strconv" "strings" "time" @@ -220,8 +221,14 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor deDupPodVolumes := make(map[string]*v1.Volume) first := true podContainers := make([]v1.Container, 0, len(containers)) + podInitCtrs := []v1.Container{} podAnnotations := make(map[string]string) dnsInfo := v1.PodDNSConfig{} + + // Let's sort the containers in order of created time + // This will ensure that the init containers are defined in the correct order in the kube yaml + sort.Slice(containers, func(i, j int) bool { return containers[i].CreatedTime().Before(containers[j].CreatedTime()) }) + for _, ctr := range containers { if !ctr.IsInfra() { // Convert auto-update labels into kube annotations @@ -229,6 +236,8 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor podAnnotations[k] = v } + isInit := ctr.IsInitCtr() + ctr, volumes, _, err := containerToV1Container(ctr) if err != nil { return nil, err @@ -245,6 +254,10 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor ctr.Ports = ports first = false } + if isInit { + podInitCtrs = append(podInitCtrs, ctr) + continue + } podContainers = append(podContainers, ctr) // Deduplicate volumes, so if containers in the pod share a volume, it's only // listed in the volumes section once @@ -278,13 +291,14 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor return newPodObject( p.Name(), podAnnotations, + podInitCtrs, podContainers, podVolumes, &dnsInfo, hostNetwork), nil } -func newPodObject(podName string, annotations map[string]string, containers []v1.Container, volumes []v1.Volume, dnsOptions *v1.PodDNSConfig, hostNetwork bool) *v1.Pod { +func newPodObject(podName string, annotations map[string]string, initCtrs, containers []v1.Container, volumes []v1.Volume, dnsOptions *v1.PodDNSConfig, hostNetwork bool) *v1.Pod { tm := v12.TypeMeta{ Kind: "Pod", APIVersion: "v1", @@ -304,9 +318,10 @@ func newPodObject(podName string, annotations map[string]string, containers []v1 Annotations: annotations, } ps := v1.PodSpec{ - Containers: containers, - Volumes: volumes, - HostNetwork: hostNetwork, + Containers: containers, + HostNetwork: hostNetwork, + InitContainers: initCtrs, + Volumes: volumes, } if dnsOptions != nil { ps.DNSConfig = dnsOptions @@ -323,6 +338,7 @@ func newPodObject(podName string, annotations map[string]string, containers []v1 // for a single container. we "insert" that container description in a pod. func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { kubeCtrs := make([]v1.Container, 0, len(ctrs)) + kubeInitCtrs := []v1.Container{} kubeVolumes := make([]v1.Volume, 0) hostNetwork := true podDNS := v1.PodDNSConfig{} @@ -333,6 +349,8 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { kubeAnnotations[k] = v } + isInit := ctr.IsInitCtr() + if !ctr.HostNetwork() { hostNetwork = false } @@ -340,7 +358,11 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { if err != nil { return nil, err } - kubeCtrs = append(kubeCtrs, kubeCtr) + if isInit { + kubeInitCtrs = append(kubeInitCtrs, kubeCtr) + } else { + kubeCtrs = append(kubeCtrs, kubeCtr) + } kubeVolumes = append(kubeVolumes, kubeVols...) // Combine DNS information in sum'd structure @@ -379,6 +401,7 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { return newPodObject( strings.ReplaceAll(ctrs[0].Name(), "_", ""), kubeAnnotations, + kubeInitCtrs, kubeCtrs, kubeVolumes, &podDNS, diff --git a/libpod/network/devices.go b/libpod/network/devices.go index de6bb4efc..fc9aff337 100644 --- a/libpod/network/devices.go +++ b/libpod/network/devices.go @@ -2,12 +2,11 @@ package network import ( "fmt" - "os/exec" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/pkg/util" - "github.com/containers/podman/v3/utils" "github.com/sirupsen/logrus" + "github.com/vishvananda/netlink" ) // GetFreeDeviceName returns a device name that is unused; used when no network @@ -52,12 +51,9 @@ func GetFreeDeviceName(config *config.Config) (string, error) { // RemoveInterface removes an interface by the given name func RemoveInterface(interfaceName string) error { - // Make sure we have the ip command on the system - ipPath, err := exec.LookPath("ip") + link, err := netlink.LinkByName(interfaceName) if err != nil { return err } - // Delete the network interface - _, err = utils.ExecCmd(ipPath, []string{"link", "del", interfaceName}...) - return err + return netlink.LinkDel(link) } diff --git a/libpod/network/network.go b/libpod/network/network.go index 805988432..3b81ce776 100644 --- a/libpod/network/network.go +++ b/libpod/network/network.go @@ -194,8 +194,9 @@ func removeNetwork(config *config.Config, name string) error { return errors.Wrapf(err, "failed to get live network names") } if util.StringInSlice(interfaceName, liveNetworkNames) { - if err := RemoveInterface(interfaceName); err != nil { - return errors.Wrapf(err, "failed to delete the network interface %q", interfaceName) + if err = RemoveInterface(interfaceName); err != nil { + // only log the error, it is not fatal + logrus.Infof("failed to remove network interface %s: %v", interfaceName, err) } } } diff --git a/libpod/networking_slirp4netns.go b/libpod/networking_slirp4netns.go index 5858364ff..a09027b72 100644 --- a/libpod/networking_slirp4netns.go +++ b/libpod/networking_slirp4netns.go @@ -632,16 +632,7 @@ func (c *Container) reloadRootlessRLKPortMapping() error { childIP := getRootlessPortChildIP(c) logrus.Debugf("reloading rootless ports for container %s, childIP is %s", c.config.ID, childIP) - var conn net.Conn - var err error - // try three times to connect to the socket, maybe it is not ready yet - for i := 0; i < 3; i++ { - conn, err = net.Dial("unix", filepath.Join(c.runtime.config.Engine.TmpDir, "rp", c.config.ID)) - if err == nil { - break - } - time.Sleep(250 * time.Millisecond) - } + conn, err := openUnixSocket(filepath.Join(c.runtime.config.Engine.TmpDir, "rp", c.config.ID)) if err != nil { // This is not a hard error for backwards compatibility. A container started // with an old version did not created the rootlessport socket. diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 353e6af71..c00d83f95 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -46,7 +46,9 @@ import ( const ( // This is Conmon's STDIO_BUF_SIZE. I don't believe we have access to it // directly from the Go code, so const it here - bufferSize = conmonConfig.BufSize + // Important: The conmon attach socket uses an extra byte at the beginning of each + // message to specify the STREAM so we have to increase the buffer size by one + bufferSize = conmonConfig.BufSize + 1 ) // ConmonOCIRuntime is an OCI runtime managed by Conmon. diff --git a/libpod/runtime.go b/libpod/runtime.go index c5f5db531..761fa08a2 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -15,6 +15,8 @@ import ( "syscall" "time" + "golang.org/x/sys/unix" + "github.com/containers/buildah/pkg/parse" "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" @@ -328,6 +330,24 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) { runtime.mergeDBConfig(dbConfig) + unified, _ := cgroups.IsCgroup2UnifiedMode() + if unified && rootless.IsRootless() && !systemd.IsSystemdSessionValid(rootless.GetRootlessUID()) { + // If user is rootless and XDG_RUNTIME_DIR is found, podman will not proceed with /tmp directory + // it will try to use existing XDG_RUNTIME_DIR + // if current user has no write access to XDG_RUNTIME_DIR we will fail later + if err := unix.Access(runtime.storageConfig.RunRoot, unix.W_OK); err != nil { + msg := "XDG_RUNTIME_DIR is pointing to a path which is not writable. Most likely podman will fail." + if errors.Is(err, os.ErrNotExist) { + // if dir does not exists try to create it + if err := os.MkdirAll(runtime.storageConfig.RunRoot, 0700); err != nil { + logrus.Warn(msg) + } + } else { + logrus.Warn(msg) + } + } + } + logrus.Debugf("Using graph driver %s", runtime.storageConfig.GraphDriverName) logrus.Debugf("Using graph root %s", runtime.storageConfig.GraphRoot) logrus.Debugf("Using run root %s", runtime.storageConfig.RunRoot) diff --git a/libpod/stats.go b/libpod/stats.go index 6f0360ef1..975152535 100644 --- a/libpod/stats.go +++ b/libpod/stats.go @@ -30,7 +30,7 @@ func (c *Container) GetContainerStats(previousStats *define.ContainerStats) (*de } } - if c.state.State != define.ContainerStateRunning { + if c.state.State != define.ContainerStateRunning && c.state.State != define.ContainerStatePaused { return stats, define.ErrCtrStateInvalid } @@ -54,6 +54,12 @@ func (c *Container) GetContainerStats(previousStats *define.ContainerStats) (*de return nil, err } + // If the current total usage in the cgroup is less than what was previously + // recorded then it means the container was restarted and runs in a new cgroup + if previousStats.Duration > cgroupStats.CPU.Usage.Total { + previousStats = &define.ContainerStats{} + } + previousCPU := previousStats.CPUNano now := uint64(time.Now().UnixNano()) stats.Duration = cgroupStats.CPU.Usage.Total @@ -65,7 +71,7 @@ func (c *Container) GetContainerStats(previousStats *define.ContainerStats) (*de stats.MemLimit = getMemLimit(cgroupStats.Memory.Usage.Limit) stats.MemPerc = (float64(stats.MemUsage) / float64(stats.MemLimit)) * 100 stats.PIDs = 0 - if conState == define.ContainerStateRunning { + if conState == define.ContainerStateRunning || conState == define.ContainerStatePaused { stats.PIDs = cgroupStats.Pids.Current } stats.BlockInput, stats.BlockOutput = calculateBlockIO(cgroupStats) diff --git a/pkg/api/handlers/compat/auth.go b/pkg/api/handlers/compat/auth.go index 3594c9781..2244adc3d 100644 --- a/pkg/api/handlers/compat/auth.go +++ b/pkg/api/handlers/compat/auth.go @@ -11,6 +11,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" docker "github.com/docker/docker/api/types" "github.com/pkg/errors" @@ -37,7 +38,7 @@ func Auth(w http.ResponseWriter, r *http.Request) { skipTLS = types.NewOptionalBool(true) } - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) sysCtx := runtime.SystemContext() sysCtx.DockerInsecureSkipTLSVerify = skipTLS diff --git a/pkg/api/handlers/compat/changes.go b/pkg/api/handlers/compat/changes.go index dfe656755..fe580437d 100644 --- a/pkg/api/handlers/compat/changes.go +++ b/pkg/api/handlers/compat/changes.go @@ -6,13 +6,14 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/gorilla/schema" "github.com/pkg/errors" ) func Changes(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Parent string `schema:"parent"` diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go index 95c09ff0e..26e1bf00b 100644 --- a/pkg/api/handlers/compat/containers.go +++ b/pkg/api/handlers/compat/containers.go @@ -14,6 +14,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/filters" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -31,7 +32,7 @@ import ( ) func RemoveContainer(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Force bool `schema:"force"` Ignore bool `schema:"ignore"` @@ -63,7 +64,7 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { options.Volumes = query.DockerVolumes } - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} @@ -92,8 +93,8 @@ func RemoveContainer(w http.ResponseWriter, r *http.Request) { } func ListContainers(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { All bool `schema:"all"` Limit int `schema:"limit"` @@ -168,8 +169,8 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { } func GetContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Size bool `schema:"size"` }{ @@ -197,8 +198,8 @@ func GetContainer(w http.ResponseWriter, r *http.Request) { func KillContainer(w http.ResponseWriter, r *http.Request) { // /{version}/containers/(name)/kill - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Signal string `schema:"signal"` }{ @@ -584,8 +585,8 @@ func formatCapabilities(slice []string) { } func RenameContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) name := utils.GetName(r) query := struct { diff --git a/pkg/api/handlers/compat/containers_archive.go b/pkg/api/handlers/compat/containers_archive.go index 541f702e7..cda23a399 100644 --- a/pkg/api/handlers/compat/containers_archive.go +++ b/pkg/api/handlers/compat/containers_archive.go @@ -9,6 +9,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/copy" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -18,8 +19,8 @@ import ( ) func Archive(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) switch r.Method { case http.MethodPut: diff --git a/pkg/api/handlers/compat/containers_attach.go b/pkg/api/handlers/compat/containers_attach.go index c230efbe0..40d5e2d4d 100644 --- a/pkg/api/handlers/compat/containers_attach.go +++ b/pkg/api/handlers/compat/containers_attach.go @@ -7,14 +7,15 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/api/server/idle" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/gorilla/schema" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) func AttachContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { DetachKeys string `schema:"detachKeys"` @@ -104,7 +105,7 @@ func AttachContainer(w http.ResponseWriter, r *http.Request) { if <-hijackChan { // If connection was Hijacked, we have to signal it's being closed - t := r.Context().Value("idletracker").(*idle.Tracker) + t := r.Context().Value(api.IdleTrackerKey).(*idle.Tracker) defer t.Close() if err != nil { diff --git a/pkg/api/handlers/compat/containers_create.go b/pkg/api/handlers/compat/containers_create.go index 9df35697a..94d20a04a 100644 --- a/pkg/api/handlers/compat/containers_create.go +++ b/pkg/api/handlers/compat/containers_create.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/specgen" @@ -18,8 +19,8 @@ import ( ) func CreateContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Name string `schema:"name"` }{ diff --git a/pkg/api/handlers/compat/containers_export.go b/pkg/api/handlers/compat/containers_export.go index 252d2d8b5..6b43a544b 100644 --- a/pkg/api/handlers/compat/containers_export.go +++ b/pkg/api/handlers/compat/containers_export.go @@ -7,11 +7,12 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/pkg/errors" ) func ExportContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) con, err := runtime.LookupContainer(name) if err != nil { diff --git a/pkg/api/handlers/compat/containers_logs.go b/pkg/api/handlers/compat/containers_logs.go index a7cfe09ea..4adcaa511 100644 --- a/pkg/api/handlers/compat/containers_logs.go +++ b/pkg/api/handlers/compat/containers_logs.go @@ -13,6 +13,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/logs" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/util" "github.com/gorilla/schema" "github.com/pkg/errors" @@ -20,8 +21,8 @@ import ( ) func LogsFromContainer(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Follow bool `schema:"follow"` diff --git a/pkg/api/handlers/compat/containers_pause.go b/pkg/api/handlers/compat/containers_pause.go index d00b19acc..99c2f6bdc 100644 --- a/pkg/api/handlers/compat/containers_pause.go +++ b/pkg/api/handlers/compat/containers_pause.go @@ -5,10 +5,11 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" ) func PauseContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // /{version}/containers/(name)/pause name := utils.GetName(r) diff --git a/pkg/api/handlers/compat/containers_prune.go b/pkg/api/handlers/compat/containers_prune.go index 61ea7a89e..9fa8bc9f4 100644 --- a/pkg/api/handlers/compat/containers_prune.go +++ b/pkg/api/handlers/compat/containers_prune.go @@ -7,6 +7,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities/reports" "github.com/containers/podman/v3/pkg/domain/filters" "github.com/containers/podman/v3/pkg/util" @@ -14,7 +15,7 @@ import ( ) func PruneContainers(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filtersMap, err := util.PrepareFilters(r) if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) @@ -65,7 +66,7 @@ func PruneContainers(w http.ResponseWriter, r *http.Request) { } func PruneContainersHelper(r *http.Request, filterFuncs []libpod.ContainerFilter) ([]*reports.PruneReport, error) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) report, err := runtime.PruneContainers(filterFuncs) if err != nil { diff --git a/pkg/api/handlers/compat/containers_restart.go b/pkg/api/handlers/compat/containers_restart.go index 46a6297fa..8ef2ff308 100644 --- a/pkg/api/handlers/compat/containers_restart.go +++ b/pkg/api/handlers/compat/containers_restart.go @@ -6,6 +6,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/gorilla/schema" @@ -13,8 +14,8 @@ import ( ) func RestartContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} diff --git a/pkg/api/handlers/compat/containers_start.go b/pkg/api/handlers/compat/containers_start.go index f1ed1b2b8..ca2b5d84c 100644 --- a/pkg/api/handlers/compat/containers_start.go +++ b/pkg/api/handlers/compat/containers_start.go @@ -3,6 +3,7 @@ package compat import ( "net/http" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/sirupsen/logrus" "github.com/containers/podman/v3/libpod" @@ -12,7 +13,7 @@ import ( ) func StartContainer(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { DetachKeys string `schema:"detachKeys"` }{ @@ -26,7 +27,7 @@ func StartContainer(w http.ResponseWriter, r *http.Request) { // TODO - start does not support adding detach keys logrus.Info("the detach keys parameter is not supported on start container") } - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) con, err := runtime.LookupContainer(name) if err != nil { diff --git a/pkg/api/handlers/compat/containers_stats.go b/pkg/api/handlers/compat/containers_stats.go index 851955207..e872f885a 100644 --- a/pkg/api/handlers/compat/containers_stats.go +++ b/pkg/api/handlers/compat/containers_stats.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/cgroups" docker "github.com/docker/docker/api/types" "github.com/gorilla/schema" @@ -18,12 +19,12 @@ import ( const DefaultStatsPeriod = 5 * time.Second func StatsContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Stream bool `schema:"stream"` - OneShot bool `schema:"one-shot"` //added schema for one shot + OneShot bool `schema:"one-shot"` // added schema for one shot }{ Stream: true, } @@ -64,7 +65,7 @@ func StatsContainer(w http.ResponseWriter, r *http.Request) { coder := json.NewEncoder(w) // Write header and content type. w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") if flusher, ok := w.(http.Flusher); ok { flusher.Flush() } @@ -97,7 +98,7 @@ streamLabel: // A label to flatten the scope default: // Container stats - stats, err := ctnr.GetContainerStats(stats) + stats, err = ctnr.GetContainerStats(stats) if err != nil { logrus.Errorf("Unable to get container stats: %v", err) return diff --git a/pkg/api/handlers/compat/containers_stop.go b/pkg/api/handlers/compat/containers_stop.go index 3ae223693..10ac67f76 100644 --- a/pkg/api/handlers/compat/containers_stop.go +++ b/pkg/api/handlers/compat/containers_stop.go @@ -6,6 +6,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/gorilla/schema" @@ -13,8 +14,8 @@ import ( ) func StopContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} diff --git a/pkg/api/handlers/compat/containers_top.go b/pkg/api/handlers/compat/containers_top.go index cae044a89..b5debd37d 100644 --- a/pkg/api/handlers/compat/containers_top.go +++ b/pkg/api/handlers/compat/containers_top.go @@ -7,13 +7,14 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/gorilla/schema" "github.com/pkg/errors" ) func TopContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) defaultValue := "-ef" if utils.IsLibpodRequest(r) { diff --git a/pkg/api/handlers/compat/containers_unpause.go b/pkg/api/handlers/compat/containers_unpause.go index a37c4ba2a..3f4f2f531 100644 --- a/pkg/api/handlers/compat/containers_unpause.go +++ b/pkg/api/handlers/compat/containers_unpause.go @@ -5,10 +5,11 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" ) func UnpauseContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // /{version}/containers/(name)/unpause name := utils.GetName(r) diff --git a/pkg/api/handlers/compat/events.go b/pkg/api/handlers/compat/events.go index 9fbac91e0..a79b33ecc 100644 --- a/pkg/api/handlers/compat/events.go +++ b/pkg/api/handlers/compat/events.go @@ -6,6 +6,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/events" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/util" "github.com/gorilla/schema" @@ -14,13 +15,12 @@ import ( "github.com/sirupsen/logrus" ) -// NOTE: this endpoint serves both the docker-compatible one and the new libpod -// one. +// GetEvents endpoint serves both the docker-compatible one and the new libpod one func GetEvents(w http.ResponseWriter, r *http.Request) { var ( fromStart bool - decoder = r.Context().Value("decoder").(*schema.Decoder) - runtime = r.Context().Value("runtime").(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) json = jsoniter.ConfigCompatibleWithStandardLibrary // FIXME: this should happen on the package level ) diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index 77e62c112..ea61a1013 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -11,6 +11,7 @@ import ( "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/api/server/idle" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/specgen/generate" "github.com/gorilla/mux" "github.com/pkg/errors" @@ -19,7 +20,7 @@ import ( // ExecCreateHandler creates an exec session for a given container. func ExecCreateHandler(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) input := new(handlers.ExecCreateConfig) if err := json.NewDecoder(r.Body).Decode(&input); err != nil { @@ -101,7 +102,7 @@ func ExecCreateHandler(w http.ResponseWriter, r *http.Request) { // ExecInspectHandler inspects a given exec session. func ExecInspectHandler(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) sessionID := mux.Vars(r)["id"] sessionCtr, err := runtime.GetExecSessionContainer(sessionID) @@ -129,7 +130,7 @@ func ExecInspectHandler(w http.ResponseWriter, r *http.Request) { // ExecStartHandler runs a given exec session. func ExecStartHandler(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) sessionID := mux.Vars(r)["id"] @@ -191,7 +192,7 @@ func ExecStartHandler(w http.ResponseWriter, r *http.Request) { if <-hijackChan { // If connection was Hijacked, we have to signal it's being closed - t := r.Context().Value("idletracker").(*idle.Tracker) + t := r.Context().Value(api.IdleTrackerKey).(*idle.Tracker) defer t.Close() if err != nil { diff --git a/pkg/api/handlers/compat/images.go b/pkg/api/handlers/compat/images.go index 6f8fb21f0..0b7ba8bee 100644 --- a/pkg/api/handlers/compat/images.go +++ b/pkg/api/handlers/compat/images.go @@ -17,6 +17,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -45,7 +46,7 @@ func mergeNameAndTagOrDigest(name, tagOrDigest string) string { func ExportImage(w http.ResponseWriter, r *http.Request) { // 200 ok // 500 server - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) tmpfile, err := ioutil.TempFile("", "api.tar") if err != nil { @@ -89,8 +90,8 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { var ( destImage string ) - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Author string `schema:"author"` @@ -162,8 +163,8 @@ func CreateImageFromSrc(w http.ResponseWriter, r *http.Request) { // 200 no error // 404 repo does not exist or no read access // 500 internal - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Changes []string `schema:"changes"` @@ -234,8 +235,8 @@ func CreateImageFromImage(w http.ResponseWriter, r *http.Request) { // 200 no error // 404 repo does not exist or no read access // 500 internal - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { FromImage string `schema:"fromImage"` @@ -301,7 +302,7 @@ func CreateImageFromImage(w http.ResponseWriter, r *http.Request) { } w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") flush() enc := json.NewEncoder(w) @@ -407,8 +408,8 @@ func GetImages(w http.ResponseWriter, r *http.Request) { func LoadImages(w http.ResponseWriter, r *http.Request) { // TODO this is basically wrong // TODO ... improve these ^ messages to something useful - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Changes map[string]string `json:"changes"` // Ignored @@ -465,8 +466,8 @@ func LoadImages(w http.ResponseWriter, r *http.Request) { func ExportImages(w http.ResponseWriter, r *http.Request) { // 200 OK // 500 Error - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Names []string `schema:"names"` diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 0fcca1821..6855742b2 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -20,6 +20,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/channel" "github.com/containers/storage/pkg/archive" @@ -128,7 +129,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Tag: []string{}, } - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, err) return @@ -410,7 +411,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { reporter := channel.NewWriter(make(chan []byte)) defer reporter.Close() - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) rtc, err := runtime.GetConfig() if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) @@ -520,7 +521,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { // Send headers and prime client for stream to come w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") flush() body := w.(io.Writer) diff --git a/pkg/api/handlers/compat/images_history.go b/pkg/api/handlers/compat/images_history.go index 54c893f47..0c6b9fa88 100644 --- a/pkg/api/handlers/compat/images_history.go +++ b/pkg/api/handlers/compat/images_history.go @@ -6,11 +6,12 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/pkg/errors" ) func HistoryImage(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) newImage, _, err := runtime.LibimageRuntime().LookupImage(name, nil) diff --git a/pkg/api/handlers/compat/images_prune.go b/pkg/api/handlers/compat/images_prune.go index bbbfb5577..5728c83c7 100644 --- a/pkg/api/handlers/compat/images_prune.go +++ b/pkg/api/handlers/compat/images_prune.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/util" @@ -19,7 +20,7 @@ func PruneImages(w http.ResponseWriter, r *http.Request) { var ( filters []string ) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go index 62f8cdc77..07ff76819 100644 --- a/pkg/api/handlers/compat/images_push.go +++ b/pkg/api/handlers/compat/images_push.go @@ -10,6 +10,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -22,8 +23,8 @@ import ( // PushImage is the handler for the compat http endpoint for pushing images. func PushImage(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) digestFile, err := ioutil.TempFile("", "digest.txt") if err != nil { @@ -105,7 +106,7 @@ func PushImage(w http.ResponseWriter, r *http.Request) { } w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") flush() var report jsonmessage.JSONMessage diff --git a/pkg/api/handlers/compat/images_remove.go b/pkg/api/handlers/compat/images_remove.go index 390f25caf..2dc247c1f 100644 --- a/pkg/api/handlers/compat/images_remove.go +++ b/pkg/api/handlers/compat/images_remove.go @@ -5,6 +5,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/storage" @@ -13,8 +14,8 @@ import ( ) func RemoveImage(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Force bool `schema:"force"` diff --git a/pkg/api/handlers/compat/images_search.go b/pkg/api/handlers/compat/images_search.go index 13a3693fa..01282513e 100644 --- a/pkg/api/handlers/compat/images_search.go +++ b/pkg/api/handlers/compat/images_search.go @@ -7,6 +7,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -16,8 +17,8 @@ import ( ) func SearchImages(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Term string `json:"term"` Limit int `json:"limit"` diff --git a/pkg/api/handlers/compat/images_tag.go b/pkg/api/handlers/compat/images_tag.go index 199ad0488..7858298be 100644 --- a/pkg/api/handlers/compat/images_tag.go +++ b/pkg/api/handlers/compat/images_tag.go @@ -6,11 +6,12 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/pkg/errors" ) func TagImage(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // /v1.xx/images/(name)/tag name := utils.GetName(r) diff --git a/pkg/api/handlers/compat/info.go b/pkg/api/handlers/compat/info.go index 2c26c7bf8..941718a8b 100644 --- a/pkg/api/handlers/compat/info.go +++ b/pkg/api/handlers/compat/info.go @@ -15,6 +15,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/rootless" docker "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/registry" @@ -27,7 +28,7 @@ import ( func GetInfo(w http.ResponseWriter, r *http.Request) { // 200 ok // 500 internal - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) infoData, err := runtime.Info() if err != nil { diff --git a/pkg/api/handlers/compat/networks.go b/pkg/api/handlers/compat/networks.go index b990a916b..847e6dcff 100644 --- a/pkg/api/handlers/compat/networks.go +++ b/pkg/api/handlers/compat/networks.go @@ -14,11 +14,13 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/libpod/network" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" networkid "github.com/containers/podman/v3/pkg/network" "github.com/containers/podman/v3/pkg/util" "github.com/docker/docker/api/types" + dockerNetwork "github.com/docker/docker/api/types/network" "github.com/gorilla/schema" "github.com/pkg/errors" @@ -32,7 +34,7 @@ type pluginInterface struct { } func InspectNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // scope is only used to see if the user passes any illegal value, verbose is not used but implemented // for compatibility purposes only. @@ -42,7 +44,7 @@ func InspectNetwork(w http.ResponseWriter, r *http.Request) { }{ scope: "local", } - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return @@ -195,7 +197,7 @@ func getPlugin(plugins []*libcni.NetworkConfig) (pluginInterface, error) { } func ListNetworks(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) @@ -234,7 +236,7 @@ func CreateNetwork(w http.ResponseWriter, r *http.Request) { name string networkCreate types.NetworkCreateRequest ) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) if err := json.NewDecoder(r.Body).Decode(&networkCreate); err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) return @@ -304,7 +306,7 @@ func CreateNetwork(w http.ResponseWriter, r *http.Request) { } func RemoveNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ic := abi.ContainerEngine{Libpod: runtime} query := struct { @@ -313,7 +315,7 @@ func RemoveNetwork(w http.ResponseWriter, r *http.Request) { // This is where you can override the golang default value for one of fields } - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return @@ -348,7 +350,7 @@ func RemoveNetwork(w http.ResponseWriter, r *http.Request) { // Connect adds a container to a network func Connect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var ( aliases []string @@ -382,7 +384,7 @@ func Connect(w http.ResponseWriter, r *http.Request) { // Disconnect removes a container from a network func Disconnect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var netDisconnect types.NetworkDisconnect if err := json.NewDecoder(r.Body).Decode(&netDisconnect); err != nil { @@ -409,7 +411,7 @@ func Disconnect(w http.ResponseWriter, r *http.Request) { // Prune removes unused networks func Prune(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) diff --git a/pkg/api/handlers/compat/ping.go b/pkg/api/handlers/compat/ping.go index 5513e902e..ce32d9b7c 100644 --- a/pkg/api/handlers/compat/ping.go +++ b/pkg/api/handlers/compat/ping.go @@ -13,7 +13,7 @@ import ( // Clients will use the Header availability to test which backend engine is in use. // Note: Additionally handler supports GET and HEAD methods func Ping(w http.ResponseWriter, r *http.Request) { - // Note API-Version and Libpod-API-Version are set in handler_api.go + // Note: API-Version and Libpod-API-Version are set in handler_api.go w.Header().Set("BuildKit-Version", "") w.Header().Set("Builder-Version", "") w.Header().Set("Docker-Experimental", "true") diff --git a/pkg/api/handlers/compat/resize.go b/pkg/api/handlers/compat/resize.go index 844fb74c4..d7796658b 100644 --- a/pkg/api/handlers/compat/resize.go +++ b/pkg/api/handlers/compat/resize.go @@ -8,14 +8,15 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/gorilla/mux" "github.com/gorilla/schema" "github.com/pkg/errors" ) func ResizeTTY(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) // /containers/{id}/resize query := struct { diff --git a/pkg/api/handlers/compat/secrets.go b/pkg/api/handlers/compat/secrets.go index 86e3887a4..52cfe03ba 100644 --- a/pkg/api/handlers/compat/secrets.go +++ b/pkg/api/handlers/compat/secrets.go @@ -9,33 +9,28 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" - "github.com/gorilla/schema" + "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" ) func ListSecrets(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) - query := struct { - Filters map[string][]string `schema:"filters"` - }{} - - if err := decoder.Decode(&query, r.URL.Query()); err != nil { - utils.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest, + filtersMap, err := util.PrepareFilters(r) + if err != nil { + utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } - if len(query.Filters) > 0 { - utils.Error(w, "filters not supported", http.StatusBadRequest, - errors.Wrapf(errors.New("bad parameter"), "filters not supported")) - return - } ic := abi.ContainerEngine{Libpod: runtime} - reports, err := ic.SecretList(r.Context()) + listOptions := entities.SecretListRequest{ + Filters: *filtersMap, + } + reports, err := ic.SecretList(r.Context(), listOptions) if err != nil { utils.InternalServerError(w, err) return @@ -59,7 +54,7 @@ func ListSecrets(w http.ResponseWriter, r *http.Request) { func InspectSecret(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) name := utils.GetName(r) names := []string{name} @@ -92,7 +87,7 @@ func InspectSecret(w http.ResponseWriter, r *http.Request) { func RemoveSecret(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) opts := entities.SecretRmOptions{} @@ -112,7 +107,7 @@ func RemoveSecret(w http.ResponseWriter, r *http.Request) { func CreateSecret(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) opts := entities.SecretCreateOptions{} createParams := struct { diff --git a/pkg/api/handlers/compat/system.go b/pkg/api/handlers/compat/system.go index 57702698b..1e78db181 100644 --- a/pkg/api/handlers/compat/system.go +++ b/pkg/api/handlers/compat/system.go @@ -7,6 +7,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" docker "github.com/docker/docker/api/types" @@ -14,7 +15,7 @@ import ( func GetDiskUsage(w http.ResponseWriter, r *http.Request) { options := entities.SystemDfOptions{} - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ic := abi.ContainerEngine{Libpod: runtime} df, err := ic.SystemDf(r.Context(), options) if err != nil { diff --git a/pkg/api/handlers/compat/version.go b/pkg/api/handlers/compat/version.go index a115cc885..01cbb252c 100644 --- a/pkg/api/handlers/compat/version.go +++ b/pkg/api/handlers/compat/version.go @@ -9,6 +9,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/entities/types" "github.com/containers/podman/v3/version" @@ -17,7 +18,7 @@ import ( ) func VersionHandler(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) running, err := define.GetVersion() if err != nil { diff --git a/pkg/api/handlers/compat/volumes.go b/pkg/api/handlers/compat/volumes.go index 1ff1468e7..0f9b66888 100644 --- a/pkg/api/handlers/compat/volumes.go +++ b/pkg/api/handlers/compat/volumes.go @@ -11,6 +11,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/filters" "github.com/containers/podman/v3/pkg/domain/infra/abi/parse" "github.com/containers/podman/v3/pkg/util" @@ -21,9 +22,8 @@ import ( ) func ListVolumes(w http.ResponseWriter, r *http.Request) { - var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - ) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + filtersMap, err := util.PrepareFilters(r) if err != nil { utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, @@ -79,8 +79,8 @@ func ListVolumes(w http.ResponseWriter, r *http.Request) { func CreateVolume(w http.ResponseWriter, r *http.Request) { var ( volumeOptions []libpod.VolumeCreateOption - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) /* No query string data*/ query := struct{}{} @@ -181,7 +181,7 @@ func CreateVolume(w http.ResponseWriter, r *http.Request) { func InspectVolume(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) name := utils.GetName(r) vol, err := runtime.GetVolume(name) @@ -209,8 +209,8 @@ func InspectVolume(w http.ResponseWriter, r *http.Request) { func RemoveVolume(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) query := struct { Force bool `schema:"force"` @@ -225,7 +225,7 @@ func RemoveVolume(w http.ResponseWriter, r *http.Request) { } /* The implications for `force` differ between Docker and us, so we can't - * simply pass the `force` parameter to `runeimt.RemoveVolume()`. + * simply pass the `force` parameter to `runtime.RemoveVolume()`. * Specifically, Docker's behavior seems to be that `force` means "do not * error on missing volume"; ours means "remove any not-running containers * using the volume at the same time". @@ -263,7 +263,7 @@ func RemoveVolume(w http.ResponseWriter, r *http.Request) { func PruneVolumes(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) filterMap, err := util.PrepareFilters(r) if err != nil { diff --git a/pkg/api/handlers/libpod/containers.go b/pkg/api/handlers/libpod/containers.go index 77269db8b..4639093f2 100644 --- a/pkg/api/handlers/libpod/containers.go +++ b/pkg/api/handlers/libpod/containers.go @@ -9,6 +9,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/compat" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/util" @@ -18,8 +19,8 @@ import ( ) func ContainerExists(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} @@ -58,7 +59,7 @@ func ContainerExists(w http.ResponseWriter, r *http.Request) { } func ListContainers(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { All bool `schema:"all"` External bool `schema:"external"` @@ -89,7 +90,7 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { limit = query.Last } - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} @@ -118,7 +119,7 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { } func GetContainer(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Size bool `schema:"size"` }{ @@ -130,7 +131,7 @@ func GetContainer(w http.ResponseWriter, r *http.Request) { errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) container, err := runtime.LookupContainer(name) if err != nil { @@ -150,7 +151,7 @@ func WaitContainer(w http.ResponseWriter, r *http.Request) { } func UnmountContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) conn, err := runtime.LookupContainer(name) if err != nil { @@ -165,7 +166,7 @@ func UnmountContainer(w http.ResponseWriter, r *http.Request) { utils.WriteResponse(w, http.StatusNoContent, "") } func MountContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) conn, err := runtime.LookupContainer(name) if err != nil { @@ -181,7 +182,7 @@ func MountContainer(w http.ResponseWriter, r *http.Request) { func ShowMountedContainers(w http.ResponseWriter, r *http.Request) { response := make(map[string]string) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) conns, err := runtime.GetAllContainers() if err != nil { utils.InternalServerError(w, err) @@ -201,7 +202,7 @@ func ShowMountedContainers(w http.ResponseWriter, r *http.Request) { func Checkpoint(w http.ResponseWriter, r *http.Request) { var targetFile string - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Keep bool `schema:"keep"` LeaveRunning bool `schema:"leaveRunning"` @@ -218,7 +219,7 @@ func Checkpoint(w http.ResponseWriter, r *http.Request) { return } name := utils.GetName(r) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ctr, err := runtime.LookupContainer(name) if err != nil { utils.ContainerNotFound(w, name, err) @@ -268,7 +269,7 @@ func Restore(w http.ResponseWriter, r *http.Request) { var ( targetFile string ) - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Keep bool `schema:"keep"` TCPEstablished bool `schema:"tcpEstablished"` @@ -287,7 +288,7 @@ func Restore(w http.ResponseWriter, r *http.Request) { return } name := utils.GetName(r) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ctr, err := runtime.LookupContainer(name) if err != nil { utils.ContainerNotFound(w, name, err) @@ -328,7 +329,7 @@ func Restore(w http.ResponseWriter, r *http.Request) { func InitContainer(w http.ResponseWriter, r *http.Request) { name := utils.GetName(r) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ctr, err := runtime.LookupContainer(name) if err != nil { utils.ContainerNotFound(w, name, err) @@ -347,7 +348,7 @@ func InitContainer(w http.ResponseWriter, r *http.Request) { } func ShouldRestart(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) // Now use the ABI implementation to prevent us from having duplicate // code. containerEngine := abi.ContainerEngine{Libpod: runtime} diff --git a/pkg/api/handlers/libpod/containers_create.go b/pkg/api/handlers/libpod/containers_create.go index 0e2163d5c..77bfe7b50 100644 --- a/pkg/api/handlers/libpod/containers_create.go +++ b/pkg/api/handlers/libpod/containers_create.go @@ -7,6 +7,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/specgen/generate" @@ -16,7 +17,7 @@ import ( // CreateContainer takes a specgenerator and makes a container. It returns // the new container ID on success along with any warnings. func CreateContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var sg specgen.SpecGenerator if err := json.NewDecoder(r.Body).Decode(&sg); err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) diff --git a/pkg/api/handlers/libpod/containers_stats.go b/pkg/api/handlers/libpod/containers_stats.go index 8a04884b0..084f1252d 100644 --- a/pkg/api/handlers/libpod/containers_stats.go +++ b/pkg/api/handlers/libpod/containers_stats.go @@ -6,6 +6,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/cgroups" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -16,8 +17,8 @@ import ( ) func StatsContainer(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) // Check if service is running rootless (cheap check) if rootless.IsRootless() { @@ -60,7 +61,7 @@ func StatsContainer(w http.ResponseWriter, r *http.Request) { // Write header and content type. w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") if flusher, ok := w.(http.Flusher); ok { flusher.Flush() } diff --git a/pkg/api/handlers/libpod/generate.go b/pkg/api/handlers/libpod/generate.go index 0e6e9100a..117c5e2aa 100644 --- a/pkg/api/handlers/libpod/generate.go +++ b/pkg/api/handlers/libpod/generate.go @@ -5,6 +5,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/util" @@ -13,19 +14,18 @@ import ( ) func GenerateSystemd(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { - Name bool `schema:"useName"` - New bool `schema:"new"` - NoHeader bool `schema:"noHeader"` - RestartPolicy string `schema:"restartPolicy"` - StopTimeout uint `schema:"stopTimeout"` - ContainerPrefix string `schema:"containerPrefix"` - PodPrefix string `schema:"podPrefix"` - Separator string `schema:"separator"` + Name bool `schema:"useName"` + New bool `schema:"new"` + NoHeader bool `schema:"noHeader"` + RestartPolicy *string `schema:"restartPolicy"` + StopTimeout uint `schema:"stopTimeout"` + ContainerPrefix string `schema:"containerPrefix"` + PodPrefix string `schema:"podPrefix"` + Separator string `schema:"separator"` }{ - RestartPolicy: "on-failure", StopTimeout: util.DefaultContainerConfig().Engine.StopTimeout, ContainerPrefix: "container", PodPrefix: "pod", @@ -49,6 +49,7 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) { PodPrefix: query.PodPrefix, Separator: query.Separator, } + report, err := containerEngine.GenerateSystemd(r.Context(), utils.GetName(r), options) if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "error generating systemd units")) @@ -59,8 +60,8 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) { } func GenerateKube(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Names []string `schema:"names"` Service bool `schema:"service"` diff --git a/pkg/api/handlers/libpod/healthcheck.go b/pkg/api/handlers/libpod/healthcheck.go index 27478ddec..cad4378e5 100644 --- a/pkg/api/handlers/libpod/healthcheck.go +++ b/pkg/api/handlers/libpod/healthcheck.go @@ -6,10 +6,11 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" ) func RunHealthCheck(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) status, err := runtime.HealthCheck(name) if err != nil { diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index d759f4824..72093c492 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -18,6 +18,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -41,7 +42,7 @@ import ( // create func ImageExists(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) ir := abi.ImageEngine{Libpod: runtime} @@ -58,9 +59,9 @@ func ImageExists(w http.ResponseWriter, r *http.Request) { } func ImageTree(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { WhatRequires bool `schema:"whatrequires"` }{ @@ -101,8 +102,8 @@ func GetImage(w http.ResponseWriter, r *http.Request) { } func GetImages(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { All bool Digests bool @@ -146,8 +147,8 @@ func PruneImages(w http.ResponseWriter, r *http.Request) { var ( err error ) - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { All bool `schema:"all"` }{ @@ -198,8 +199,8 @@ func ExportImage(w http.ResponseWriter, r *http.Request) { var ( output string ) - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Compress bool `schema:"compress"` Format string `schema:"format"` @@ -279,8 +280,8 @@ func ExportImages(w http.ResponseWriter, r *http.Request) { var ( output string ) - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Compress bool `schema:"compress"` Format string `schema:"format"` @@ -369,7 +370,7 @@ func ExportImages(w http.ResponseWriter, r *http.Request) { } func ImagesLoad(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) tmpfile, err := ioutil.TempFile("", "libpod-images-load.tar") if err != nil { @@ -398,8 +399,8 @@ func ImagesLoad(w http.ResponseWriter, r *http.Request) { } func ImagesImport(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Changes []string `schema:"changes"` Message string `schema:"message"` @@ -453,8 +454,8 @@ func ImagesImport(w http.ResponseWriter, r *http.Request) { // PushImage is the handler for the compat http endpoint for pushing images. func PushImage(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Destination string `schema:"destination"` @@ -522,8 +523,8 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { destImage string mimeType string ) - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { Author string `schema:"author"` @@ -597,7 +598,7 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { } func UntagImage(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) tags := []string{} // Note: if empty, all tags will be removed from the image. repo := r.Form.Get("repo") @@ -641,8 +642,8 @@ func UntagImage(w http.ResponseWriter, r *http.Request) { // ImagesBatchRemove is the endpoint for batch image removal. func ImagesBatchRemove(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { All bool `schema:"all"` Force bool `schema:"force"` @@ -665,8 +666,8 @@ func ImagesBatchRemove(w http.ResponseWriter, r *http.Request) { // ImagesRemove is the endpoint for removing one image. func ImagesRemove(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Force bool `schema:"force"` }{ diff --git a/pkg/api/handlers/libpod/images_pull.go b/pkg/api/handlers/libpod/images_pull.go index 3c13c6e20..fabdb326b 100644 --- a/pkg/api/handlers/libpod/images_pull.go +++ b/pkg/api/handlers/libpod/images_pull.go @@ -10,6 +10,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/channel" "github.com/containers/podman/v3/pkg/domain/entities" @@ -23,8 +24,8 @@ import ( // transport or be normalized to one). Other transports are rejected as they // do not make sense in a remote context. func ImagesPull(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Reference string `schema:"reference"` OS string `schema:"OS"` @@ -107,7 +108,7 @@ func ImagesPull(w http.ResponseWriter, r *http.Request) { } w.WriteHeader(http.StatusOK) - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") flush() enc := json.NewEncoder(w) diff --git a/pkg/api/handlers/libpod/info.go b/pkg/api/handlers/libpod/info.go index 8868d563d..67dc8637c 100644 --- a/pkg/api/handlers/libpod/info.go +++ b/pkg/api/handlers/libpod/info.go @@ -5,11 +5,12 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/infra/abi" ) func GetInfo(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) containerEngine := abi.ContainerEngine{Libpod: runtime} info, err := containerEngine.Info(r.Context()) if err != nil { diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go index 2f36db583..869c83fa3 100644 --- a/pkg/api/handlers/libpod/manifests.go +++ b/pkg/api/handlers/libpod/manifests.go @@ -11,6 +11,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -20,8 +21,8 @@ import ( ) func ManifestCreate(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Name []string `schema:"name"` Image []string `schema:"image"` @@ -57,7 +58,7 @@ func ManifestCreate(w http.ResponseWriter, r *http.Request) { // ExistsManifest check if a manifest list exists func ExistsManifest(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) imageEngine := abi.ImageEngine{Libpod: runtime} @@ -74,7 +75,7 @@ func ExistsManifest(w http.ResponseWriter, r *http.Request) { } func ManifestInspect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) imageEngine := abi.ImageEngine{Libpod: runtime} @@ -94,7 +95,7 @@ func ManifestInspect(w http.ResponseWriter, r *http.Request) { } func ManifestAdd(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var addOptions entities.ManifestAddOptions if err := json.NewDecoder(r.Body).Decode(&addOptions); err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) @@ -124,8 +125,8 @@ func ManifestAdd(w http.ResponseWriter, r *http.Request) { } func ManifestRemove(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Digest string `schema:"digest"` }{ @@ -155,8 +156,8 @@ func ManifestRemove(w http.ResponseWriter, r *http.Request) { } func ManifestPush(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { All bool `schema:"all"` Destination string `schema:"destination"` diff --git a/pkg/api/handlers/libpod/networks.go b/pkg/api/handlers/libpod/networks.go index e4f450e12..122ab1d3d 100644 --- a/pkg/api/handlers/libpod/networks.go +++ b/pkg/api/handlers/libpod/networks.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/libpod/network" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/util" @@ -16,8 +17,8 @@ import ( ) func CreateNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) options := entities.NetworkCreateOptions{} if err := json.NewDecoder(r.Body).Decode(&options); err != nil { utils.Error(w, "unable to marshall input", http.StatusInternalServerError, errors.Wrap(err, "Decode()")) @@ -45,7 +46,7 @@ func CreateNetwork(w http.ResponseWriter, r *http.Request) { utils.WriteResponse(w, http.StatusOK, report) } func ListNetworks(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, @@ -66,8 +67,8 @@ func ListNetworks(w http.ResponseWriter, r *http.Request) { } func RemoveNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Force bool `schema:"force"` }{ @@ -100,8 +101,8 @@ func RemoveNetwork(w http.ResponseWriter, r *http.Request) { } func InspectNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { }{ // override any golang type defaults @@ -129,7 +130,7 @@ func InspectNetwork(w http.ResponseWriter, r *http.Request) { // Connect adds a container to a network func Connect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) var netConnect entities.NetworkConnectOptions if err := json.NewDecoder(r.Body).Decode(&netConnect); err != nil { @@ -155,7 +156,7 @@ func Connect(w http.ResponseWriter, r *http.Request) { // ExistsNetwork check if a network exists func ExistsNetwork(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) ic := abi.ContainerEngine{Libpod: runtime} @@ -173,7 +174,7 @@ func ExistsNetwork(w http.ResponseWriter, r *http.Request) { // Prune removes unused networks func Prune(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { diff --git a/pkg/api/handlers/libpod/play.go b/pkg/api/handlers/libpod/play.go index 4f79d5f20..0def32821 100644 --- a/pkg/api/handlers/libpod/play.go +++ b/pkg/api/handlers/libpod/play.go @@ -10,6 +10,7 @@ import ( "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -19,8 +20,8 @@ import ( ) func PlayKube(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { Network string `schema:"network"` TLSVerify bool `schema:"tlsVerify"` @@ -121,7 +122,7 @@ func PlayKube(w http.ResponseWriter, r *http.Request) { } func PlayKubeDown(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) tmpfile, err := ioutil.TempFile("", "libpod-play-kube.yml") if err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "unable to create tempfile")) diff --git a/pkg/api/handlers/libpod/pods.go b/pkg/api/handlers/libpod/pods.go index 3d6cf093b..cc686c69d 100644 --- a/pkg/api/handlers/libpod/pods.go +++ b/pkg/api/handlers/libpod/pods.go @@ -14,6 +14,7 @@ import ( "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/specgen" @@ -27,7 +28,7 @@ import ( func PodCreate(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) err error ) psg := specgen.PodSpecGenerator{InfraContainerSpec: &specgen.SpecGenerator{}} @@ -100,7 +101,7 @@ func PodCreate(w http.ResponseWriter, r *http.Request) { } func Pods(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) filterMap, err := util.PrepareFilters(r) if err != nil { @@ -122,7 +123,7 @@ func Pods(w http.ResponseWriter, r *http.Request) { } func PodInspect(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) pod, err := runtime.LookupPod(name) if err != nil { @@ -144,8 +145,8 @@ func PodInspect(w http.ResponseWriter, r *http.Request) { func PodStop(w http.ResponseWriter, r *http.Request) { var ( stopError error - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) responses map[string]error ) query := struct { @@ -206,7 +207,7 @@ func PodStop(w http.ResponseWriter, r *http.Request) { } func PodStart(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) pod, err := runtime.LookupPod(name) if err != nil { @@ -243,8 +244,8 @@ func PodStart(w http.ResponseWriter, r *http.Request) { func PodDelete(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) query := struct { Force bool `schema:"force"` @@ -272,7 +273,7 @@ func PodDelete(w http.ResponseWriter, r *http.Request) { } func PodRestart(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) pod, err := runtime.LookupPod(name) if err != nil { @@ -308,7 +309,7 @@ func PodPrune(w http.ResponseWriter, r *http.Request) { func PodPruneHelper(r *http.Request) ([]*entities.PodPruneReport, error) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) responses, err := runtime.PrunePods(r.Context()) if err != nil { @@ -325,7 +326,7 @@ func PodPruneHelper(r *http.Request) ([]*entities.PodPruneReport, error) { } func PodPause(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) pod, err := runtime.LookupPod(name) if err != nil { @@ -351,7 +352,7 @@ func PodPause(w http.ResponseWriter, r *http.Request) { } func PodUnpause(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) pod, err := runtime.LookupPod(name) if err != nil { @@ -377,8 +378,8 @@ func PodUnpause(w http.ResponseWriter, r *http.Request) { } func PodTop(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { PsArgs string `schema:"ps_args"` @@ -420,8 +421,8 @@ func PodTop(w http.ResponseWriter, r *http.Request) { func PodKill(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) signal = "SIGKILL" ) query := struct { @@ -489,7 +490,7 @@ func PodKill(w http.ResponseWriter, r *http.Request) { } func PodExists(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) _, err := runtime.LookupPod(name) if err != nil { @@ -500,8 +501,8 @@ func PodExists(w http.ResponseWriter, r *http.Request) { } func PodStats(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) - decoder := r.Context().Value("decoder").(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := struct { NamesOrIDs []string `schema:"namesOrIDs"` diff --git a/pkg/api/handlers/libpod/secrets.go b/pkg/api/handlers/libpod/secrets.go index 7086d9e38..5cdff8387 100644 --- a/pkg/api/handlers/libpod/secrets.go +++ b/pkg/api/handlers/libpod/secrets.go @@ -7,6 +7,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/gorilla/schema" @@ -15,8 +16,8 @@ import ( func CreateSecret(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) decoder.RegisterConverter(map[string]string{}, func(str string) reflect.Value { diff --git a/pkg/api/handlers/libpod/system.go b/pkg/api/handlers/libpod/system.go index bca92a4af..b7c60736f 100644 --- a/pkg/api/handlers/libpod/system.go +++ b/pkg/api/handlers/libpod/system.go @@ -5,6 +5,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" "github.com/containers/podman/v3/pkg/util" @@ -14,8 +15,8 @@ import ( // SystemPrune removes unused data func SystemPrune(w http.ResponseWriter, r *http.Request) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { All bool `schema:"all"` @@ -53,7 +54,7 @@ func SystemPrune(w http.ResponseWriter, r *http.Request) { func DiskUsage(w http.ResponseWriter, r *http.Request) { // Options are only used by the CLI options := entities.SystemDfOptions{} - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ic := abi.ContainerEngine{Libpod: runtime} response, err := ic.SystemDf(r.Context(), options) if err != nil { diff --git a/pkg/api/handlers/libpod/volumes.go b/pkg/api/handlers/libpod/volumes.go index 68aec30d5..318758868 100644 --- a/pkg/api/handlers/libpod/volumes.go +++ b/pkg/api/handlers/libpod/volumes.go @@ -8,6 +8,7 @@ import ( "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/api/handlers/utils" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/entities/reports" "github.com/containers/podman/v3/pkg/domain/filters" @@ -21,8 +22,8 @@ import ( func CreateVolume(w http.ResponseWriter, r *http.Request) { var ( volumeOptions []libpod.VolumeCreateOption - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) query := struct { }{ @@ -75,7 +76,7 @@ func CreateVolume(w http.ResponseWriter, r *http.Request) { func InspectVolume(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) name := utils.GetName(r) vol, err := runtime.GetVolume(name) @@ -96,7 +97,7 @@ func InspectVolume(w http.ResponseWriter, r *http.Request) { func ListVolumes(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) filterMap, err := util.PrepareFilters(r) if err != nil { @@ -142,7 +143,7 @@ func PruneVolumes(w http.ResponseWriter, r *http.Request) { func pruneVolumesHelper(r *http.Request) ([]*reports.PruneReport, error) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) ) filterMap, err := util.PrepareFilters(r) if err != nil { @@ -164,8 +165,8 @@ func pruneVolumesHelper(r *http.Request) ([]*reports.PruneReport, error) { func RemoveVolume(w http.ResponseWriter, r *http.Request) { var ( - runtime = r.Context().Value("runtime").(*libpod.Runtime) - decoder = r.Context().Value("decoder").(*schema.Decoder) + runtime = r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder = r.Context().Value(api.DecoderKey).(*schema.Decoder) ) query := struct { Force bool `schema:"force"` @@ -197,7 +198,7 @@ func RemoveVolume(w http.ResponseWriter, r *http.Request) { // ExistsVolume check if a volume exists func ExistsVolume(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) name := utils.GetName(r) ic := abi.ContainerEngine{Libpod: runtime} diff --git a/pkg/api/handlers/swagger/swagger.go b/pkg/api/handlers/swagger/swagger.go index 2296eea3a..9844839b7 100644 --- a/pkg/api/handlers/swagger/swagger.go +++ b/pkg/api/handlers/swagger/swagger.go @@ -176,3 +176,12 @@ type swagInspectPodResponse struct { define.InspectPodData } } + +// Get stats for one or more containers +// swagger:response ContainerStats +type swagContainerStatsResponse struct { + // in:body + Body struct { + define.ContainerStats + } +} diff --git a/pkg/api/handlers/utils/containers.go b/pkg/api/handlers/utils/containers.go index fb1f8b7c1..5cdb31de1 100644 --- a/pkg/api/handlers/utils/containers.go +++ b/pkg/api/handlers/utils/containers.go @@ -8,6 +8,7 @@ import ( "time" "github.com/containers/podman/v3/libpod/events" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/domain/infra/abi" @@ -36,7 +37,7 @@ func WaitContainerDocker(w http.ResponseWriter, r *http.Request) { query := waitQueryDocker{} - decoder := ctx.Value("decoder").(*schema.Decoder) + decoder := ctx.Value(api.DecoderKey).(*schema.Decoder) if err = decoder.Decode(&query, r.URL.Query()); err != nil { Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return @@ -68,7 +69,7 @@ func WaitContainerDocker(w http.ResponseWriter, r *http.Request) { // In docker compatibility mode we have to send headers in advance, // otherwise docker client would freeze. - w.Header().Add("Content-Type", "application/json") + w.Header().Set("Content-Type", "application/json") w.WriteHeader(200) if flusher, ok := w.(http.Flusher); ok { flusher.Flush() @@ -103,7 +104,7 @@ func WaitContainerLibpod(w http.ResponseWriter, r *http.Request) { interval = time.Millisecond * 250 conditions = []define.ContainerStatus{define.ContainerStateStopped, define.ContainerStateExited} ) - decoder := r.Context().Value("decoder").(*schema.Decoder) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) query := waitQueryLibpod{} if err := decoder.Decode(&query, r.URL.Query()); err != nil { Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) @@ -143,7 +144,7 @@ func WaitContainerLibpod(w http.ResponseWriter, r *http.Request) { type containerWaitFn func(conditions ...define.ContainerStatus) (int32, error) func createContainerWaitFn(ctx context.Context, containerName string, interval time.Duration) containerWaitFn { - runtime := ctx.Value("runtime").(*libpod.Runtime) + runtime := ctx.Value(api.RuntimeKey).(*libpod.Runtime) var containerEngine entities.ContainerEngine = &abi.ContainerEngine{Libpod: runtime} return func(conditions ...define.ContainerStatus) (int32, error) { @@ -205,7 +206,7 @@ func waitRemoved(ctrWait containerWaitFn) (int32, error) { } func waitNextExit(ctx context.Context, containerName string) (int32, error) { - runtime := ctx.Value("runtime").(*libpod.Runtime) + runtime := ctx.Value(api.RuntimeKey).(*libpod.Runtime) containerEngine := &abi.ContainerEngine{Libpod: runtime} eventChannel := make(chan *events.Event) errChannel := make(chan error) @@ -237,7 +238,7 @@ func waitNotRunning(ctrWait containerWaitFn) (int32, error) { } func containerExists(ctx context.Context, name string) (bool, error) { - runtime := ctx.Value("runtime").(*libpod.Runtime) + runtime := ctx.Value(api.RuntimeKey).(*libpod.Runtime) var containerEngine entities.ContainerEngine = &abi.ContainerEngine{Libpod: runtime} var ctrExistsOpts entities.ContainerExistsOptions diff --git a/pkg/api/handlers/utils/images.go b/pkg/api/handlers/utils/images.go index 1e3647a3e..d5eb71aa1 100644 --- a/pkg/api/handlers/utils/images.go +++ b/pkg/api/handlers/utils/images.go @@ -11,6 +11,7 @@ import ( "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" "github.com/containers/podman/v3/libpod" + api "github.com/containers/podman/v3/pkg/api/types" "github.com/gorilla/schema" "github.com/pkg/errors" ) @@ -51,8 +52,8 @@ func ParseStorageReference(name string) (types.ImageReference, error) { // GetImages is a common function used to get images for libpod and other compatibility // mechanisms func GetImages(w http.ResponseWriter, r *http.Request) ([]*libimage.Image, error) { - decoder := r.Context().Value("decoder").(*schema.Decoder) - runtime := r.Context().Value("runtime").(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) query := struct { All bool Digests bool @@ -87,7 +88,7 @@ func GetImages(w http.ResponseWriter, r *http.Request) ([]*libimage.Image, error } func GetImage(r *http.Request, name string) (*libimage.Image, error) { - runtime := r.Context().Value("runtime").(*libpod.Runtime) + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) image, _, err := runtime.LibimageRuntime().LookupImage(name, nil) if err != nil { return nil, err diff --git a/pkg/api/server/handler_api.go b/pkg/api/server/handler_api.go index becc674c0..88b9b7397 100644 --- a/pkg/api/server/handler_api.go +++ b/pkg/api/server/handler_api.go @@ -1,61 +1,25 @@ package server import ( - "context" "fmt" "net/http" "runtime" - "github.com/containers/podman/v3/pkg/api/handlers/utils" - "github.com/containers/podman/v3/pkg/auth" "github.com/containers/podman/v3/version" - "github.com/google/uuid" "github.com/sirupsen/logrus" ) // APIHandler is a wrapper to enhance HandlerFunc's and remove redundant code func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - // http.Server hides panics, we want to see them and fix the cause. - defer func() { - err := recover() - if err != nil { - buf := make([]byte, 1<<20) - n := runtime.Stack(buf, true) - logrus.Warnf("Recovering from API handler panic: %v, %s", err, buf[:n]) - // Try to inform client things went south... won't work if handler already started writing response body - utils.InternalServerError(w, fmt.Errorf("%v", err)) - } - }() - - // Wrapper to hide some boiler plate + // Wrapper to hide some boilerplate fn := func(w http.ResponseWriter, r *http.Request) { - rid := uuid.New().String() - logrus.Infof("APIHandler(%s) -- %s %s BEGIN", rid, r.Method, r.URL.String()) - if logrus.IsLevelEnabled(logrus.DebugLevel) { - for k, v := range r.Header { - switch auth.HeaderAuthName(k) { - case auth.XRegistryConfigHeader, auth.XRegistryAuthHeader: - logrus.Debugf("APIHandler(%s) -- Header: %s=<hidden>", rid, k) - default: - logrus.Debugf("APIHandler(%s) -- Header: %s=%v", rid, k, v) - } - } - } - // Set in case handler wishes to correlate logging events - r.Header.Set("X-Reference-Id", rid) - if err := r.ParseForm(); err != nil { - logrus.Infof("Failed Request: unable to parse form: %q (%s)", err, rid) + logrus.WithFields(logrus.Fields{ + "X-Reference-Id": r.Header.Get("X-Reference-Id"), + }).Info("Failed Request: unable to parse form: " + err.Error()) } - // TODO: Use r.ConnContext when ported to go 1.13 - c := context.WithValue(r.Context(), "decoder", s.Decoder) // nolint - c = context.WithValue(c, "runtime", s.Runtime) // nolint - c = context.WithValue(c, "shutdownFunc", s.Shutdown) // nolint - c = context.WithValue(c, "idletracker", s.idleTracker) // nolint - r = r.WithContext(c) - cv := version.APIVersion[version.Compat][version.CurrentAPI] w.Header().Set("API-Version", fmt.Sprintf("%d.%d", cv.Major, cv.Minor)) @@ -70,7 +34,6 @@ func (s *APIServer) APIHandler(h http.HandlerFunc) http.HandlerFunc { } h(w, r) - logrus.Debugf("APIHandler(%s) -- %s %s END", rid, r.Method, r.URL.String()) } fn(w, r) } diff --git a/pkg/api/server/handler_logging.go b/pkg/api/server/handler_logging.go new file mode 100644 index 000000000..699fab7a5 --- /dev/null +++ b/pkg/api/server/handler_logging.go @@ -0,0 +1,51 @@ +package server + +import ( + "io" + "io/ioutil" + "net/http" + "time" + + "github.com/gorilla/mux" + "github.com/sirupsen/logrus" +) + +type responseWriter struct { + http.ResponseWriter +} + +var apiLogger = &logrus.Logger{ + Formatter: &logrus.TextFormatter{ + DisableColors: true, + DisableLevelTruncation: true, + FullTimestamp: true, + QuoteEmptyFields: true, + TimestampFormat: time.RFC3339, + }, + Level: logrus.TraceLevel, + Out: logrus.StandardLogger().Out, +} + +func (l responseWriter) Write(b []byte) (int, error) { + apiLogger.WithFields(logrus.Fields{ + "API": "response", + "X-Reference-Id": l.Header().Get("X-Reference-Id"), + }).Trace(string(b)) + return l.ResponseWriter.Write(b) +} + +func loggingHandler() mux.MiddlewareFunc { + return func(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + annotated := apiLogger.WithFields(logrus.Fields{ + "API": "request", + "X-Reference-Id": r.Header.Get("X-Reference-Id"), + }) + r.Body = ioutil.NopCloser( + io.TeeReader(r.Body, annotated.WriterLevel(logrus.TraceLevel))) + + w = responseWriter{ResponseWriter: w} + h.ServeHTTP(w, r) + }) + } +} diff --git a/pkg/api/server/handler_panic.go b/pkg/api/server/handler_panic.go new file mode 100644 index 000000000..f643db79a --- /dev/null +++ b/pkg/api/server/handler_panic.go @@ -0,0 +1,32 @@ +package server + +import ( + "fmt" + "net/http" + "runtime" + + "github.com/containers/podman/v3/pkg/api/handlers/utils" + "github.com/gorilla/mux" + "github.com/sirupsen/logrus" +) + +// panicHandler captures panics from endpoint handlers and logs stack trace +func panicHandler() mux.MiddlewareFunc { + return func(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // http.Server hides panics from handlers, we want to record them and fix the cause + defer func() { + err := recover() + if err != nil { + buf := make([]byte, 1<<20) + n := runtime.Stack(buf, true) + logrus.Warnf("Recovering from API service endpoint handler panic: %v, %s", err, buf[:n]) + // Try to inform client things went south... won't work if handler already started writing response body + utils.InternalServerError(w, fmt.Errorf("%v", err)) + } + }() + + h.ServeHTTP(w, r) + }) + } +} diff --git a/pkg/api/server/handler_rid.go b/pkg/api/server/handler_rid.go new file mode 100644 index 000000000..b624b99a6 --- /dev/null +++ b/pkg/api/server/handler_rid.go @@ -0,0 +1,34 @@ +package server + +import ( + "fmt" + "net/http" + + "github.com/containers/podman/v3/pkg/api/types" + "github.com/google/uuid" + "github.com/gorilla/handlers" + "github.com/gorilla/mux" + "github.com/sirupsen/logrus" +) + +// referenceIDHandler adds X-Reference-Id Header allowing event correlation +// and Apache style request logging +func referenceIDHandler() mux.MiddlewareFunc { + return func(h http.Handler) http.Handler { + return handlers.CombinedLoggingHandler(logrus.StandardLogger().Out, + http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + rid := r.Header.Get("X-Reference-Id") + if rid == "" { + if c := r.Context().Value(types.ConnKey); c == nil { + rid = uuid.New().String() + } else { + rid = fmt.Sprintf("%p", c) + } + } + + r.Header.Set("X-Reference-Id", rid) + w.Header().Set("X-Reference-Id", rid) + h.ServeHTTP(w, r) + })) + } +} diff --git a/pkg/api/server/idle/tracker.go b/pkg/api/server/idle/tracker.go index 687ebd7d4..480239f05 100644 --- a/pkg/api/server/idle/tracker.go +++ b/pkg/api/server/idle/tracker.go @@ -1,6 +1,7 @@ package idle import ( + "fmt" "net" "net/http" "sync" @@ -39,7 +40,10 @@ func (t *Tracker) ConnState(conn net.Conn, state http.ConnState) { t.mux.Lock() defer t.mux.Unlock() - logrus.Debugf("IdleTracker %p:%v %dm+%dh/%dt connection(s)", conn, state, len(t.managed), t.hijacked, t.TotalConnections()) + logrus.WithFields(logrus.Fields{ + "X-Reference-Id": fmt.Sprintf("%p", conn), + }).Debugf("IdleTracker:%v %dm+%dh/%dt connection(s)", state, len(t.managed), t.hijacked, t.TotalConnections()) + switch state { case http.StateNew: t.total++ @@ -68,7 +72,9 @@ func (t *Tracker) ConnState(conn net.Conn, state http.ConnState) { if _, found := t.managed[conn]; found { delete(t.managed, conn) } else { - logrus.Warnf("IdleTracker %p: StateClosed transition by un-managed connection", conn) + logrus.WithFields(logrus.Fields{ + "X-Reference-Id": fmt.Sprintf("%p", conn), + }).Warnf("IdleTracker: StateClosed transition by connection marked un-managed") } } diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index b36cb75f1..8dcea1301 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -1028,7 +1028,8 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // - in: query // name: t // type: integer - // description: timeout before sending kill signal to container + // default: 10 + // description: number of seconds to wait before killing container // produces: // - application/json // responses: @@ -1123,11 +1124,9 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // - application/json // responses: // 200: - // description: no error + // $ref: "#/responses/ContainerStats" // 404: // $ref: "#/responses/NoSuchContainer" - // 409: - // $ref: "#/responses/ConflictError" // 500: // $ref: "#/responses/InternalError" r.HandleFunc(VersionedPath("/libpod/containers/stats"), s.APIHandler(libpod.StatsContainer)).Methods(http.MethodGet) diff --git a/pkg/api/server/register_secrets.go b/pkg/api/server/register_secrets.go index ca9790e93..129912179 100644 --- a/pkg/api/server/register_secrets.go +++ b/pkg/api/server/register_secrets.go @@ -44,6 +44,14 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - secrets // summary: List secrets // description: Returns a list of secrets + // parameters: + // - in: query + // name: filters + // type: string + // description: | + // JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: + // - `name=[name]` Matches secrets name (accepts regex). + // - `id=[id]` Matches for full or partial ID. // produces: // - application/json // parameters: @@ -110,6 +118,14 @@ func (s *APIServer) registerSecretHandlers(r *mux.Router) error { // - secrets (compat) // summary: List secrets // description: Returns a list of secrets + // parameters: + // - in: query + // name: filters + // type: string + // description: | + // JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters: + // - `name=[name]` Matches secrets name (accepts regex). + // - `id=[id]` Matches for full or partial ID. // produces: // - application/json // parameters: diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go index 72ae27276..34d0fa246 100644 --- a/pkg/api/server/server.go +++ b/pkg/api/server/server.go @@ -7,7 +7,7 @@ import ( "net" "net/http" "os" - goRuntime "runtime" + "runtime" "strings" "sync" "syscall" @@ -17,11 +17,11 @@ import ( "github.com/containers/podman/v3/libpod/shutdown" "github.com/containers/podman/v3/pkg/api/handlers" "github.com/containers/podman/v3/pkg/api/server/idle" + "github.com/containers/podman/v3/pkg/api/types" "github.com/coreos/go-systemd/v22/activation" "github.com/coreos/go-systemd/v22/daemon" "github.com/gorilla/mux" "github.com/gorilla/schema" - "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -44,8 +44,10 @@ const ( UnlimitedServiceDuration = 0 * time.Second ) -// shutdownOnce ensures Shutdown() may safely be called from several go routines -var shutdownOnce sync.Once +var ( + // shutdownOnce ensures Shutdown() may safely be called from several go routines + shutdownOnce sync.Once +) type Options struct { Timeout time.Duration @@ -66,15 +68,15 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li // If listener not provided try socket activation protocol if listener == nil { if _, found := os.LookupEnv("LISTEN_PID"); !found { - return nil, errors.Errorf("Cannot create API Server, no listener provided and socket activation protocol is not active.") + return nil, fmt.Errorf("no service listener provided and socket activation protocol is not active") } listeners, err := activation.Listeners() if err != nil { - return nil, errors.Wrap(err, "Cannot retrieve file descriptors from systemd") + return nil, fmt.Errorf("cannot retrieve file descriptors from systemd: %w", err) } if len(listeners) != 1 { - return nil, errors.Errorf("Wrong number of file descriptors for socket activation protocol (%d != 1)", len(listeners)) + return nil, fmt.Errorf("wrong number of file descriptors for socket activation protocol (%d != 1)", len(listeners)) } listener = &listeners[0] } @@ -84,24 +86,35 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li logrus.Debugf("CORS Headers were set to %s", corsHeaders) } - logrus.Infof("API server listening on %q", (*listener).Addr()) + logrus.Infof("API service listening on %q", (*listener).Addr()) router := mux.NewRouter().UseEncodedPath() - idle := idle.NewTracker(duration) + tracker := idle.NewTracker(duration) server := APIServer{ Server: http.Server{ + ConnContext: func(ctx context.Context, c net.Conn) context.Context { + return context.WithValue(ctx, types.ConnKey, c) + }, + ConnState: tracker.ConnState, + ErrorLog: log.New(logrus.StandardLogger().Out, "", 0), Handler: router, IdleTimeout: duration * 2, - ConnState: idle.ConnState, - ErrorLog: log.New(logrus.StandardLogger().Out, "", 0), }, - Decoder: handlers.NewAPIDecoder(), - idleTracker: idle, - Listener: *listener, - Runtime: runtime, CorsHeaders: corsHeaders, + Listener: *listener, + idleTracker: tracker, + } + + server.BaseContext = func(l net.Listener) context.Context { + ctx := context.WithValue(context.Background(), types.DecoderKey, handlers.NewAPIDecoder()) + ctx = context.WithValue(ctx, types.RuntimeKey, runtime) + ctx = context.WithValue(ctx, types.IdleTrackerKey, tracker) + return ctx } + // Capture panics and print stack traces for diagnostics, + // additionally process X-Reference-Id Header to support event correlation + router.Use(panicHandler(), referenceIDHandler()) router.NotFoundHandler = http.HandlerFunc( func(w http.ResponseWriter, r *http.Request) { // We can track user errors... @@ -149,6 +162,8 @@ func newServer(runtime *libpod.Runtime, duration time.Duration, listener *net.Li } if logrus.IsLevelEnabled(logrus.TraceLevel) { + // If in trace mode log request and response bodies + router.Use(loggingHandler()) router.Walk(func(route *mux.Route, r *mux.Router, ancestors []*mux.Route) error { // nolint path, err := route.GetPathTemplate() if err != nil { @@ -177,13 +192,13 @@ func setupSystemd() { payload := fmt.Sprintf("MAINPID=%d\n", os.Getpid()) payload += daemon.SdNotifyReady if sent, err := daemon.SdNotify(true, payload); err != nil { - logrus.Errorf("Error notifying systemd of Conmon PID: %s", err.Error()) + logrus.Error("API service error notifying systemd of Conmon PID: " + err.Error()) } else if !sent { - logrus.Warn("SDNotify not sent successfully") + logrus.Warn("API service unable to successfully send SDNotify") } if err := os.Unsetenv("INVOCATION_ID"); err != nil { - logrus.Errorf("Error unsetting INVOCATION_ID: %s", err.Error()) + logrus.Error("API service failed unsetting INVOCATION_ID: " + err.Error()) } } @@ -205,7 +220,7 @@ func (s *APIServer) Serve() error { go func() { <-s.idleTracker.Done() - logrus.Debugf("API Server idle for %s", s.idleTracker.Duration.Round(time.Second).String()) + logrus.Debug("API service shutting down, idle for " + s.idleTracker.Duration.Round(time.Second).String()) _ = s.Shutdown() }() @@ -213,12 +228,12 @@ func (s *APIServer) Serve() error { go func() { pprofMux := mux.NewRouter() pprofMux.PathPrefix("/debug/pprof").Handler(http.DefaultServeMux) - goRuntime.SetMutexProfileFraction(1) - goRuntime.SetBlockProfileRate(1) + runtime.SetMutexProfileFraction(1) + runtime.SetBlockProfileRate(1) s.pprof = &http.Server{Addr: "localhost:8888", Handler: pprofMux} err := s.pprof.ListenAndServe() if err != nil && err != http.ErrServerClosed { - logrus.Warn("Profiler Service failed: " + err.Error()) + logrus.Warn("API profiler service failed: " + err.Error()) } }() } @@ -230,7 +245,7 @@ func (s *APIServer) Serve() error { go func() { err := s.Server.Serve(s.Listener) if err != nil && err != http.ErrServerClosed { - errChan <- errors.Wrap(err, "failed to start API server") + errChan <- fmt.Errorf("failed to start API service: %w", err) return } errChan <- nil @@ -242,14 +257,14 @@ func (s *APIServer) Serve() error { // Shutdown is a clean shutdown waiting on existing clients func (s *APIServer) Shutdown() error { if s.idleTracker.Duration == UnlimitedServiceDuration { - logrus.Debug("APIServer.Shutdown ignored as Duration is UnlimitedService") + logrus.Debug("API service shutdown ignored as Duration is UnlimitedService") return nil } shutdownOnce.Do(func() { if logrus.IsLevelEnabled(logrus.DebugLevel) { - _, file, line, _ := goRuntime.Caller(1) - logrus.Debugf("APIServer.Shutdown by %s:%d, %d/%d connection(s)", + _, file, line, _ := runtime.Caller(1) + logrus.Debugf("API service shutdown by %s:%d, %d/%d connection(s)", file, line, s.idleTracker.ActiveConnections(), s.idleTracker.TotalConnections()) go func() { @@ -257,8 +272,7 @@ func (s *APIServer) Shutdown() error { go func() { defer cancel() if err := s.pprof.Shutdown(ctx); err != nil { - logrus.Warn( - errors.Wrapf(err, "failed to cleanly shutdown pprof Server")) + logrus.Warn("Failed to cleanly shutdown API pprof service: " + err.Error()) } }() <-ctx.Done() @@ -272,8 +286,7 @@ func (s *APIServer) Shutdown() error { err := s.Server.Shutdown(ctx) if err != nil && err != context.Canceled && err != http.ErrServerClosed { - logrus.Error( - errors.Wrapf(err, "failed to cleanly shutdown APIServer")) + logrus.Error("Failed to cleanly shutdown API service: " + err.Error()) } }() <-ctx.Done() diff --git a/pkg/api/types/types.go b/pkg/api/types/types.go index 1b91364e3..d5067cc54 100644 --- a/pkg/api/types/types.go +++ b/pkg/api/types/types.go @@ -1,9 +1,18 @@ package types const ( - // DefaultAPIVersion is the version of the API the server defaults to. + // DefaultAPIVersion is the version of the compatible API the server defaults to DefaultAPIVersion = "1.40" // See https://docs.docker.com/engine/api/v1.40/ - // DefaultAPIVersion is the minimal required version of the API. + // MinimalAPIVersion is the minimal required version of the compatible API MinimalAPIVersion = "1.24" ) + +type APIContextKey int + +const ( + DecoderKey APIContextKey = iota + RuntimeKey + IdleTrackerKey + ConnKey +) diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go index ecfa6651c..6aff880f4 100644 --- a/pkg/auth/auth.go +++ b/pkg/auth/auth.go @@ -259,7 +259,9 @@ func authConfigsToAuthFile(authConfigs map[string]types.DockerAuthConfig) (strin // tested, and we make sure to use the same code as the image backend. sys := types.SystemContext{AuthFilePath: authFilePath} for server, config := range authConfigs { - // Note that we do not validate the credentials here. Wassume + server = normalize(server) + + // Note that we do not validate the credentials here. We assume // that all credentials are valid. They'll be used on demand // later. if err := imageAuth.SetAuthentication(&sys, server, config.Username, config.Password); err != nil { @@ -270,6 +272,22 @@ func authConfigsToAuthFile(authConfigs map[string]types.DockerAuthConfig) (strin return authFilePath, nil } +// normalize takes a server and removes the leading "http[s]://" prefix as well +// as removes path suffixes from docker registries. +func normalize(server string) string { + stripped := strings.TrimPrefix(server, "http://") + stripped = strings.TrimPrefix(stripped, "https://") + + /// Normalize docker registries + if strings.HasPrefix(stripped, "index.docker.io/") || + strings.HasPrefix(stripped, "registry-1.docker.io/") || + strings.HasPrefix(stripped, "docker.io/") { + stripped = strings.SplitN(stripped, "/", 2)[0] + } + + return stripped +} + // dockerAuthToImageAuth converts a docker auth config to one we're using // internally from c/image. Note that the Docker types look slightly // different, so we need to convert to be extra sure we're not running into diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go new file mode 100644 index 000000000..da2d9a5c5 --- /dev/null +++ b/pkg/auth/auth_test.go @@ -0,0 +1,66 @@ +package auth + +import ( + "io/ioutil" + "testing" + + "github.com/containers/image/v5/types" + "github.com/stretchr/testify/assert" +) + +func TestAuthConfigsToAuthFile(t *testing.T) { + for _, tc := range []struct { + name string + server string + shouldErr bool + expectedContains string + }{ + { + name: "empty auth configs", + server: "", + shouldErr: false, + expectedContains: "{}", + }, + { + name: "registry with prefix", + server: "my-registry.local/username", + shouldErr: false, + expectedContains: `"my-registry.local/username":`, + }, + { + name: "normalize https:// prefix", + server: "http://my-registry.local/username", + shouldErr: false, + expectedContains: `"my-registry.local/username":`, + }, + { + name: "normalize docker registry with https prefix", + server: "http://index.docker.io/v1/", + shouldErr: false, + expectedContains: `"index.docker.io":`, + }, + { + name: "normalize docker registry without https prefix", + server: "docker.io/v2/", + shouldErr: false, + expectedContains: `"docker.io":`, + }, + } { + configs := map[string]types.DockerAuthConfig{} + if tc.server != "" { + configs[tc.server] = types.DockerAuthConfig{} + } + + filePath, err := authConfigsToAuthFile(configs) + + if tc.shouldErr { + assert.NotNil(t, err) + assert.Empty(t, filePath) + } else { + assert.Nil(t, err) + content, err := ioutil.ReadFile(filePath) + assert.Nil(t, err) + assert.Contains(t, string(content), tc.expectedContains) + } + } +} diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 39e0fc5df..3beafa585 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -501,6 +501,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { if err != nil { return err } + hdr.Uid, hdr.Gid = 0, 0 orig, ok := seen[di] if ok { hdr.Typeflag = tar.TypeLink @@ -532,6 +533,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { return lerr } hdr.Name = name + hdr.Uid, hdr.Gid = 0, 0 if lerr := tw.WriteHeader(hdr); lerr != nil { return lerr } @@ -545,6 +547,7 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) { return lerr } hdr.Name = name + hdr.Uid, hdr.Gid = 0, 0 if lerr := tw.WriteHeader(hdr); lerr != nil { return lerr } diff --git a/pkg/bindings/secrets/secrets.go b/pkg/bindings/secrets/secrets.go index b741d3e5c..c439971c9 100644 --- a/pkg/bindings/secrets/secrets.go +++ b/pkg/bindings/secrets/secrets.go @@ -18,7 +18,11 @@ func List(ctx context.Context, options *ListOptions) ([]*entities.SecretInfoRepo if err != nil { return nil, err } - response, err := conn.DoRequest(nil, http.MethodGet, "/secrets/json", nil, nil) + params, err := options.ToParams() + if err != nil { + return nil, err + } + response, err := conn.DoRequest(nil, http.MethodGet, "/secrets/json", params, nil) if err != nil { return secrs, err } diff --git a/pkg/bindings/secrets/types.go b/pkg/bindings/secrets/types.go index a64dea1b4..01c3c248d 100644 --- a/pkg/bindings/secrets/types.go +++ b/pkg/bindings/secrets/types.go @@ -3,6 +3,7 @@ package secrets //go:generate go run ../generator/generator.go ListOptions // ListOptions are optional options for inspecting secrets type ListOptions struct { + Filters map[string][]string } //go:generate go run ../generator/generator.go InspectOptions diff --git a/pkg/bindings/secrets/types_list_options.go b/pkg/bindings/secrets/types_list_options.go index 568e021a8..e4501dde8 100644 --- a/pkg/bindings/secrets/types_list_options.go +++ b/pkg/bindings/secrets/types_list_options.go @@ -19,3 +19,19 @@ func (o *ListOptions) Changed(fieldName string) bool { func (o *ListOptions) ToParams() (url.Values, error) { return util.ToParams(o) } + +// WithFilters +func (o *ListOptions) WithFilters(value map[string][]string) *ListOptions { + v := value + o.Filters = v + return o +} + +// GetFilters +func (o *ListOptions) GetFilters() map[string][]string { + var filters map[string][]string + if o.Filters == nil { + return filters + } + return o.Filters +} diff --git a/pkg/bindings/test/containers_test.go b/pkg/bindings/test/containers_test.go index 4d1361746..b9ed67255 100644 --- a/pkg/bindings/test/containers_test.go +++ b/pkg/bindings/test/containers_test.go @@ -326,11 +326,11 @@ var _ = Describe("Podman containers ", func() { // TODO for the life of me, i cannot get this to work. maybe another set // of eyes will // successful healthcheck - //status := "healthy" + //status := define.HealthCheckHealthy //for i:=0; i < 10; i++ { // result, err := containers.RunHealthCheck(connText, "hc") // Expect(err).To(BeNil()) - // if result.Status != "healthy" { + // if result.Status != define.HealthCheckHealthy { // fmt.Println("Healthcheck container still starting, retrying in 1 second") // time.Sleep(1 * time.Second) // continue @@ -338,7 +338,7 @@ var _ = Describe("Podman containers ", func() { // status = result.Status // break //} - //Expect(status).To(Equal("healthy")) + //Expect(status).To(Equal(define.HealthCheckHealthy)) // TODO enable this when wait is working // healthcheck on a stopped container should be a 409 diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index 9cb32a364..4bb8de69b 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -231,7 +231,10 @@ func getCgroupPathForCurrentProcess() (string, error) { for s.Scan() { text := s.Text() procEntries := strings.SplitN(text, "::", 2) - cgroupPath = procEntries[1] + // set process cgroupPath only if entry is valid + if len(procEntries) > 1 { + cgroupPath = procEntries[1] + } } if err := s.Err(); err != nil { return cgroupPath, err diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go index bd011d309..3da31d8a0 100644 --- a/pkg/domain/entities/engine_container.go +++ b/pkg/domain/entities/engine_container.go @@ -72,6 +72,7 @@ type ContainerEngine interface { PodExists(ctx context.Context, nameOrID string) (*BoolReport, error) PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error) PodKill(ctx context.Context, namesOrIds []string, options PodKillOptions) ([]*PodKillReport, error) + PodLogs(ctx context.Context, pod string, options PodLogsOptions) error PodPause(ctx context.Context, namesOrIds []string, options PodPauseOptions) ([]*PodPauseReport, error) PodPrune(ctx context.Context, options PodPruneOptions) ([]*PodPruneReport, error) PodPs(ctx context.Context, options PodPSOptions) ([]*ListPodsReport, error) @@ -85,7 +86,7 @@ type ContainerEngine interface { SetupRootless(ctx context.Context, noMoveProcess bool) error SecretCreate(ctx context.Context, name string, reader io.Reader, options SecretCreateOptions) (*SecretCreateReport, error) SecretInspect(ctx context.Context, nameOrIDs []string) ([]*SecretInfoReport, []error, error) - SecretList(ctx context.Context) ([]*SecretInfoReport, error) + SecretList(ctx context.Context, opts SecretListRequest) ([]*SecretInfoReport, error) SecretRm(ctx context.Context, nameOrID []string, opts SecretRmOptions) ([]*SecretRmReport, error) Shutdown(ctx context.Context) SystemDf(ctx context.Context, options SystemDfOptions) (*SystemDfReport, error) diff --git a/pkg/domain/entities/generate.go b/pkg/domain/entities/generate.go index 8a437061f..7809c5241 100644 --- a/pkg/domain/entities/generate.go +++ b/pkg/domain/entities/generate.go @@ -9,7 +9,7 @@ type GenerateSystemdOptions struct { // New - create a new container instead of starting a new one. New bool // RestartPolicy - systemd restart policy. - RestartPolicy string + RestartPolicy *string // StopTimeout - time when stopping the container. StopTimeout *uint // ContainerPrefix - systemd unit name prefix for containers diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index 262b09cad..c575212b1 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -89,6 +89,8 @@ type ImageRemoveOptions struct { All bool // Foce will force image removal including containers using the images. Force bool + // Confirms if given name is a manifest list and removes it, otherwise returns error. + LookupManifest bool } // ImageRemoveResponse is the response for removing one or more image(s) from storage diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go index 77329e328..f630b3f24 100644 --- a/pkg/domain/entities/play.go +++ b/pkg/domain/entities/play.go @@ -51,6 +51,8 @@ type PlayKubePod struct { ID string // Containers - the IDs of the containers running in the created pod. Containers []string + // InitContainers - the IDs of the init containers to be run in the created pod. + InitContainers []string // Logs - non-fatal errors and log messages while processing. Logs []string // ContainerErrors - any errors that occurred while starting containers diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 10bd7e5ce..d9dd0c532 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -133,6 +133,14 @@ type PodCreateOptions struct { Userns specgen.Namespace } +// PodLogsOptions describes the options to extract pod logs. +type PodLogsOptions struct { + // Other fields are exactly same as ContainerLogOpts + ContainerLogsOptions + // If specified will only fetch the logs of specified container + ContainerName string +} + type ContainerCreateOptions struct { Annotation []string Attach []string @@ -426,3 +434,22 @@ func ValidatePodStatsOptions(args []string, options *PodStatsOptions) error { return errors.New("--all, --latest and arguments cannot be used together") } } + +// Converts PodLogOptions to ContainerLogOptions +func PodLogsOptionsToContainerLogsOptions(options PodLogsOptions) ContainerLogsOptions { + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := ContainerLogsOptions{ + Details: options.Details, + Latest: options.Latest, + Follow: options.Follow, + Names: options.Names, + Since: options.Since, + Until: options.Until, + Tail: options.Tail, + Timestamps: options.Timestamps, + StdoutWriter: options.StdoutWriter, + StderrWriter: options.StderrWriter, + } + return containerLogsOpts +} diff --git a/pkg/domain/entities/secrets.go b/pkg/domain/entities/secrets.go index 56a1465b7..55b470d7b 100644 --- a/pkg/domain/entities/secrets.go +++ b/pkg/domain/entities/secrets.go @@ -16,7 +16,7 @@ type SecretCreateOptions struct { } type SecretListRequest struct { - Filters map[string]string + Filters map[string][]string } type SecretListReport struct { diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index 8b2a5bfae..dc5f7a0df 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -173,13 +173,17 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin return err } } - if c.AutoRemove() { - // Issue #7384: if the container is configured for - // auto-removal, it might already have been removed at - // this point. - return nil + err = c.Cleanup(ctx) + if err != nil { + // Issue #7384 and #11384: If the container is configured for + // auto-removal, it might already have been removed at this point. + // We still need to to cleanup since we do not know if the other cleanup process is successful + if c.AutoRemove() && (errors.Is(err, define.ErrNoSuchCtr) || errors.Is(err, define.ErrCtrRemoved)) { + return nil + } + return err } - return c.Cleanup(ctx) + return nil }) if err != nil { return nil, err @@ -367,7 +371,7 @@ func (ic *ContainerEngine) ContainerInspect(ctx context.Context, namesOrIds []st if options.Latest { ctr, err := ic.Libpod.GetLatestContainer() if err != nil { - if errors.Cause(err) == define.ErrNoSuchCtr { + if errors.Is(err, define.ErrNoSuchCtr) { return nil, []error{errors.Wrapf(err, "no containers to inspect")}, nil } return nil, nil, err @@ -393,7 +397,7 @@ func (ic *ContainerEngine) ContainerInspect(ctx context.Context, namesOrIds []st if err != nil { // ErrNoSuchCtr is non-fatal, other errors will be // treated as fatal. - if errors.Cause(err) == define.ErrNoSuchCtr { + if errors.Is(err, define.ErrNoSuchCtr) { errs = append(errs, errors.Errorf("no such container %s", name)) continue } @@ -402,6 +406,12 @@ func (ic *ContainerEngine) ContainerInspect(ctx context.Context, namesOrIds []st inspect, err := ctr.Inspect(options.Size) if err != nil { + // ErrNoSuchCtr is non-fatal, other errors will be + // treated as fatal. + if errors.Is(err, define.ErrNoSuchCtr) { + errs = append(errs, errors.Errorf("no such container %s", name)) + continue + } return nil, nil, err } diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index e8739615d..a88d38a10 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -521,6 +521,7 @@ func (ir *ImageEngine) Remove(ctx context.Context, images []string, opts entitie libimageOptions := &libimage.RemoveImagesOptions{} libimageOptions.Filters = []string{"readonly=false"} libimageOptions.Force = opts.Force + libimageOptions.LookupManifest = opts.LookupManifest if !opts.All { libimageOptions.Filters = append(libimageOptions.Filters, "intermediate=false") } diff --git a/pkg/domain/infra/abi/manifest.go b/pkg/domain/infra/abi/manifest.go index 666bc997d..1dd0686ac 100644 --- a/pkg/domain/infra/abi/manifest.go +++ b/pkg/domain/infra/abi/manifest.go @@ -306,7 +306,7 @@ func (ir *ImageEngine) ManifestRemove(ctx context.Context, names []string) (stri // ManifestRm removes the specified manifest list from storage func (ir *ImageEngine) ManifestRm(ctx context.Context, names []string) (report *entities.ImageRemoveReport, rmErrors []error) { - return ir.Remove(ctx, names, entities.ImageRemoveOptions{}) + return ir.Remove(ctx, names, entities.ImageRemoveOptions{LookupManifest: true}) } // ManifestPush pushes a manifest list or image index to the destination diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 2799df794..87506f70c 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -196,9 +196,11 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY if (ns.IsBridge() && len(cniNets) == 0) || ns.IsHost() { return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML") } - logrus.Debugf("Pod %q joining CNI networks: %v", podName, cniNets) - podOpt.Net.Network.NSMode = specgen.Bridge - podOpt.Net.CNINetworks = append(podOpt.Net.CNINetworks, cniNets...) + + podOpt.Net.Network = ns + if len(cniNets) > 0 { + podOpt.Net.CNINetworks = append(podOpt.Net.CNINetworks, cniNets...) + } if len(netOpts) > 0 { podOpt.Net.NetworkOptions = netOpts } @@ -267,12 +269,9 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY } if podOpt.Infra { - imagePull := config.DefaultInfraImage - if podOpt.InfraImage != config.DefaultInfraImage && podOpt.InfraImage != "" { - imagePull = podOpt.InfraImage - } + containerConfig := util.DefaultContainerConfig() - pulledImages, err := pullImage(ic, writer, imagePull, options, config.PullPolicyNewer) + pulledImages, err := pullImage(ic, writer, containerConfig.Engine.InfraImage, options, config.PullPolicyNewer) if err != nil { return nil, err } @@ -305,76 +304,59 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY } containers := make([]*libpod.Container, 0, len(podYAML.Spec.Containers)) + initContainers := make([]*libpod.Container, 0, len(podYAML.Spec.InitContainers)) cwd, err := os.Getwd() if err != nil { return nil, err } + + for _, initCtr := range podYAML.Spec.InitContainers { + // Init containers cannot have either of lifecycle, livenessProbe, readinessProbe, or startupProbe set + if initCtr.Lifecycle != nil || initCtr.LivenessProbe != nil || initCtr.ReadinessProbe != nil || initCtr.StartupProbe != nil { + return nil, errors.Errorf("cannot create an init container that has either of lifecycle, livenessProbe, readinessProbe, or startupProbe set") + } + pulledImage, labels, err := ic.getImageAndLabelInfo(ctx, cwd, annotations, writer, initCtr, options) + if err != nil { + return nil, err + } + + specgenOpts := kube.CtrSpecGenOptions{ + Container: initCtr, + Image: pulledImage, + Volumes: volumes, + PodID: pod.ID(), + PodName: podName, + PodInfraID: podInfraID, + ConfigMaps: configMaps, + SeccompPaths: seccompPaths, + RestartPolicy: ctrRestartPolicy, + NetNSIsHost: p.NetNS.IsHost(), + SecretsManager: secretsManager, + LogDriver: options.LogDriver, + Labels: labels, + InitContainerType: define.AlwaysInitContainer, + } + specGen, err := kube.ToSpecGen(ctx, &specgenOpts) + if err != nil { + return nil, err + } + rtSpec, spec, opts, err := generate.MakeContainer(ctx, ic.Libpod, specGen) + if err != nil { + return nil, err + } + ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, opts...) + if err != nil { + return nil, err + } + + initContainers = append(initContainers, ctr) + } for _, container := range podYAML.Spec.Containers { if !strings.Contains("infra", container.Name) { - // Contains all labels obtained from kube - labels := make(map[string]string) - var pulledImage *libimage.Image - buildFile, err := getBuildFile(container.Image, cwd) - if err != nil { - return nil, err - } - existsLocally, err := ic.Libpod.LibimageRuntime().Exists(container.Image) + pulledImage, labels, err := ic.getImageAndLabelInfo(ctx, cwd, annotations, writer, container, options) if err != nil { return nil, err } - if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) { - buildOpts := new(buildahDefine.BuildOptions) - commonOpts := new(buildahDefine.CommonBuildOptions) - buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault - buildOpts.Isolation = buildahDefine.IsolationChroot - buildOpts.CommonBuildOpts = commonOpts - buildOpts.Output = container.Image - if _, _, err := ic.Libpod.Build(ctx, *buildOpts, []string{buildFile}...); err != nil { - return nil, err - } - i, _, err := ic.Libpod.LibimageRuntime().LookupImage(container.Image, new(libimage.LookupImageOptions)) - if err != nil { - return nil, err - } - pulledImage = i - } else { - // NOTE: set the pull policy to "newer". This will cover cases - // where the "latest" tag requires a pull and will also - // transparently handle "localhost/" prefixed files which *may* - // refer to a locally built image OR an image running a - // registry on localhost. - pullPolicy := config.PullPolicyNewer - if len(container.ImagePullPolicy) > 0 { - // Make sure to lower the strings since K8s pull policy - // may be capitalized (see bugzilla.redhat.com/show_bug.cgi?id=1985905). - rawPolicy := string(container.ImagePullPolicy) - pullPolicy, err = config.ParsePullPolicy(strings.ToLower(rawPolicy)) - if err != nil { - return nil, err - } - } - pulledImages, err := pullImage(ic, writer, container.Image, options, pullPolicy) - if err != nil { - return nil, err - } - pulledImage = pulledImages[0] - } - - // Handle kube annotations - for k, v := range annotations { - switch k { - // Auto update annotation without container name will apply to - // all containers within the pod - case autoupdate.Label, autoupdate.AuthfileLabel: - labels[k] = v - // Auto update annotation with container name will apply only - // to the specified container - case fmt.Sprintf("%s/%s", autoupdate.Label, container.Name), - fmt.Sprintf("%s/%s", autoupdate.AuthfileLabel, container.Name): - prefixAndCtr := strings.Split(k, "/") - labels[prefixAndCtr[0]] = v - } - } specgenOpts := kube.CtrSpecGenOptions{ Container: container, @@ -395,7 +377,6 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY if err != nil { return nil, err } - rtSpec, spec, opts, err := generate.MakeContainer(ctx, ic.Libpod, specGen) if err != nil { return nil, err @@ -424,12 +405,96 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY for _, ctr := range containers { playKubePod.Containers = append(playKubePod.Containers, ctr.ID()) } + for _, initCtr := range initContainers { + playKubePod.InitContainers = append(playKubePod.InitContainers, initCtr.ID()) + } report.Pods = append(report.Pods, playKubePod) return &report, nil } +// getImageAndLabelInfo returns the image information and how the image should be pulled plus as well as labels to be used for the container in the pod. +// Moved this to a separate function so that it can be used for both init and regular containers when playing a kube yaml. +func (ic *ContainerEngine) getImageAndLabelInfo(ctx context.Context, cwd string, annotations map[string]string, writer io.Writer, container v1.Container, options entities.PlayKubeOptions) (*libimage.Image, map[string]string, error) { + // Contains all labels obtained from kube + labels := make(map[string]string) + var pulledImage *libimage.Image + buildFile, err := getBuildFile(container.Image, cwd) + if err != nil { + return nil, nil, err + } + existsLocally, err := ic.Libpod.LibimageRuntime().Exists(container.Image) + if err != nil { + return nil, nil, err + } + if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) { + buildOpts := new(buildahDefine.BuildOptions) + commonOpts := new(buildahDefine.CommonBuildOptions) + buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault + buildOpts.Isolation = buildahDefine.IsolationChroot + buildOpts.CommonBuildOpts = commonOpts + buildOpts.Output = container.Image + if _, _, err := ic.Libpod.Build(ctx, *buildOpts, []string{buildFile}...); err != nil { + return nil, nil, err + } + i, _, err := ic.Libpod.LibimageRuntime().LookupImage(container.Image, new(libimage.LookupImageOptions)) + if err != nil { + return nil, nil, err + } + pulledImage = i + } else { + // NOTE: set the pull policy to "newer". This will cover cases + // where the "latest" tag requires a pull and will also + // transparently handle "localhost/" prefixed files which *may* + // refer to a locally built image OR an image running a + // registry on localhost. + pullPolicy := config.PullPolicyNewer + if len(container.ImagePullPolicy) > 0 { + // Make sure to lower the strings since K8s pull policy + // may be capitalized (see bugzilla.redhat.com/show_bug.cgi?id=1985905). + rawPolicy := string(container.ImagePullPolicy) + pullPolicy, err = config.ParsePullPolicy(strings.ToLower(rawPolicy)) + if err != nil { + return nil, nil, err + } + } + // This ensures the image is the image store + pullOptions := &libimage.PullOptions{} + pullOptions.AuthFilePath = options.Authfile + pullOptions.CertDirPath = options.CertDir + pullOptions.SignaturePolicyPath = options.SignaturePolicy + pullOptions.Writer = writer + pullOptions.Username = options.Username + pullOptions.Password = options.Password + pullOptions.InsecureSkipTLSVerify = options.SkipTLSVerify + + pulledImages, err := ic.Libpod.LibimageRuntime().Pull(ctx, container.Image, pullPolicy, pullOptions) + if err != nil { + return nil, nil, err + } + pulledImage = pulledImages[0] + } + + // Handle kube annotations + for k, v := range annotations { + switch k { + // Auto update annotation without container name will apply to + // all containers within the pod + case autoupdate.Label, autoupdate.AuthfileLabel: + labels[k] = v + // Auto update annotation with container name will apply only + // to the specified container + case fmt.Sprintf("%s/%s", autoupdate.Label, container.Name), + fmt.Sprintf("%s/%s", autoupdate.AuthfileLabel, container.Name): + prefixAndCtr := strings.Split(k, "/") + labels[prefixAndCtr[0]] = v + } + } + + return pulledImage, labels, nil +} + // playKubePVC creates a podman volume from a kube persistent volume claim. func (ic *ContainerEngine) playKubePVC(ctx context.Context, pvcYAML *v1.PersistentVolumeClaim, options entities.PlayKubeOptions) (*entities.PlayKubeReport, error) { var report entities.PlayKubeReport diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go index 98233f60d..6b432c214 100644 --- a/pkg/domain/infra/abi/pods.go +++ b/pkg/domain/infra/abi/pods.go @@ -83,6 +83,46 @@ func (ic *ContainerEngine) PodKill(ctx context.Context, namesOrIds []string, opt return reports, nil } +func (ic *ContainerEngine) PodLogs(ctx context.Context, nameOrID string, options entities.PodLogsOptions) error { + // Implementation accepts slice + podName := []string{nameOrID} + pod, err := getPodsByContext(false, options.Latest, podName, ic.Libpod) + if err != nil { + return err + } + // Get pod containers + podCtrs, err := pod[0].AllContainers() + if err != nil { + return err + } + + ctrNames := []string{} + // Check if `kubectl pod logs -c ctrname <podname>` alike command is used + if options.ContainerName != "" { + ctrFound := false + for _, ctr := range podCtrs { + if ctr.ID() == options.ContainerName || ctr.Name() == options.ContainerName { + ctrNames = append(ctrNames, options.ContainerName) + ctrFound = true + } + } + if !ctrFound { + return errors.Wrapf(define.ErrNoSuchCtr, "container %s is not in pod %s", options.ContainerName, nameOrID) + } + } else { + // No container name specified select all containers + for _, ctr := range podCtrs { + ctrNames = append(ctrNames, ctr.Name()) + } + } + + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := entities.PodLogsOptionsToContainerLogsOptions(options) + + return ic.ContainerLogs(ctx, ctrNames, containerLogsOpts) +} + func (ic *ContainerEngine) PodPause(ctx context.Context, namesOrIds []string, options entities.PodPauseOptions) ([]*entities.PodPauseReport, error) { reports := []*entities.PodPauseReport{} pods, err := getPodsByContext(options.All, options.Latest, namesOrIds, ic.Libpod) diff --git a/pkg/domain/infra/abi/secrets.go b/pkg/domain/infra/abi/secrets.go index 0bdb4ce60..2bf8eaae3 100644 --- a/pkg/domain/infra/abi/secrets.go +++ b/pkg/domain/infra/abi/secrets.go @@ -7,6 +7,7 @@ import ( "path/filepath" "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/domain/utils" "github.com/pkg/errors" ) @@ -84,7 +85,7 @@ func (ic *ContainerEngine) SecretInspect(ctx context.Context, nameOrIDs []string return reports, errs, nil } -func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretInfoReport, error) { +func (ic *ContainerEngine) SecretList(ctx context.Context, opts entities.SecretListRequest) ([]*entities.SecretInfoReport, error) { manager, err := ic.Libpod.SecretsManager() if err != nil { return nil, err @@ -95,19 +96,25 @@ func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretIn } report := make([]*entities.SecretInfoReport, 0, len(secretList)) for _, secret := range secretList { - reportItem := entities.SecretInfoReport{ - ID: secret.ID, - CreatedAt: secret.CreatedAt, - UpdatedAt: secret.CreatedAt, - Spec: entities.SecretSpec{ - Name: secret.Name, - Driver: entities.SecretDriverSpec{ - Name: secret.Driver, - Options: secret.DriverOptions, + result, err := utils.IfPassesSecretsFilter(secret, opts.Filters) + if err != nil { + return nil, err + } + if result { + reportItem := entities.SecretInfoReport{ + ID: secret.ID, + CreatedAt: secret.CreatedAt, + UpdatedAt: secret.CreatedAt, + Spec: entities.SecretSpec{ + Name: secret.Name, + Driver: entities.SecretDriverSpec{ + Name: secret.Driver, + Options: secret.DriverOptions, + }, }, - }, + } + report = append(report, &reportItem) } - report = append(report, &reportItem) } return report, nil } diff --git a/pkg/domain/infra/tunnel/generate.go b/pkg/domain/infra/tunnel/generate.go index 3d3cd52be..9f69abb1a 100644 --- a/pkg/domain/infra/tunnel/generate.go +++ b/pkg/domain/infra/tunnel/generate.go @@ -9,7 +9,10 @@ import ( func (ic *ContainerEngine) GenerateSystemd(ctx context.Context, nameOrID string, opts entities.GenerateSystemdOptions) (*entities.GenerateSystemdReport, error) { options := new(generate.SystemdOptions).WithUseName(opts.Name).WithContainerPrefix(opts.ContainerPrefix).WithNew(opts.New).WithNoHeader(opts.NoHeader) - options.WithPodPrefix(opts.PodPrefix).WithRestartPolicy(opts.RestartPolicy).WithSeparator(opts.Separator) + options.WithPodPrefix(opts.PodPrefix).WithSeparator(opts.Separator) + if opts.RestartPolicy != nil { + options.WithRestartPolicy(*opts.RestartPolicy) + } if to := opts.StopTimeout; to != nil { options.WithStopTimeout(*opts.StopTimeout) } diff --git a/pkg/domain/infra/tunnel/manifest.go b/pkg/domain/infra/tunnel/manifest.go index b8069405a..62634f561 100644 --- a/pkg/domain/infra/tunnel/manifest.go +++ b/pkg/domain/infra/tunnel/manifest.go @@ -85,7 +85,7 @@ func (ir *ImageEngine) ManifestRemove(ctx context.Context, names []string) (stri // ManifestRm removes the specified manifest list from storage func (ir *ImageEngine) ManifestRm(ctx context.Context, names []string) (*entities.ImageRemoveReport, []error) { - return ir.Remove(ctx, names, entities.ImageRemoveOptions{}) + return ir.Remove(ctx, names, entities.ImageRemoveOptions{LookupManifest: true}) } // ManifestPush pushes a manifest list or image index to the destination diff --git a/pkg/domain/infra/tunnel/pods.go b/pkg/domain/infra/tunnel/pods.go index 480adb88a..8139216b3 100644 --- a/pkg/domain/infra/tunnel/pods.go +++ b/pkg/domain/infra/tunnel/pods.go @@ -42,6 +42,16 @@ func (ic *ContainerEngine) PodKill(ctx context.Context, namesOrIds []string, opt return reports, nil } +func (ic *ContainerEngine) PodLogs(_ context.Context, nameOrIDs string, options entities.PodLogsOptions) error { + // PodLogsOptions are similar but contains few extra fields like ctrName + // So cast other values as is so we can re-use the code + containerLogsOpts := entities.PodLogsOptionsToContainerLogsOptions(options) + + // interface only accepts slice, keep everything consistent + name := []string{options.ContainerName} + return ic.ContainerLogs(nil, name, containerLogsOpts) +} + func (ic *ContainerEngine) PodPause(ctx context.Context, namesOrIds []string, options entities.PodPauseOptions) ([]*entities.PodPauseReport, error) { foundPods, err := getPodsByContext(ic.ClientCtx, options.All, namesOrIds) if err != nil { diff --git a/pkg/domain/infra/tunnel/secrets.go b/pkg/domain/infra/tunnel/secrets.go index ecbb80931..6337c7fbe 100644 --- a/pkg/domain/infra/tunnel/secrets.go +++ b/pkg/domain/infra/tunnel/secrets.go @@ -43,8 +43,9 @@ func (ic *ContainerEngine) SecretInspect(ctx context.Context, nameOrIDs []string return allInspect, errs, nil } -func (ic *ContainerEngine) SecretList(ctx context.Context) ([]*entities.SecretInfoReport, error) { - secrs, _ := secrets.List(ic.ClientCtx, nil) +func (ic *ContainerEngine) SecretList(ctx context.Context, opts entities.SecretListRequest) ([]*entities.SecretInfoReport, error) { + options := new(secrets.ListOptions).WithFilters(opts.Filters) + secrs, _ := secrets.List(ic.ClientCtx, options) return secrs, nil } diff --git a/pkg/domain/utils/secrets_filters.go b/pkg/domain/utils/secrets_filters.go new file mode 100644 index 000000000..3ff7c7530 --- /dev/null +++ b/pkg/domain/utils/secrets_filters.go @@ -0,0 +1,24 @@ +package utils + +import ( + "strings" + + "github.com/containers/common/pkg/secrets" + "github.com/containers/podman/v3/pkg/util" + "github.com/pkg/errors" +) + +func IfPassesSecretsFilter(s secrets.Secret, filters map[string][]string) (bool, error) { + result := true + for key, filterValues := range filters { + switch strings.ToLower(key) { + case "name": + result = util.StringMatchRegexSlice(s.Name, filterValues) + case "id": + result = util.StringMatchRegexSlice(s.ID, filterValues) + default: + return false, errors.Errorf("invalid filter %q", key) + } + } + return result, nil +} diff --git a/pkg/machine/config.go b/pkg/machine/config.go index 620955a7b..8db2335aa 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/connection.go b/pkg/machine/connection.go index 3edcbd10e..ed1093264 100644 --- a/pkg/machine/connection.go +++ b/pkg/machine/connection.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/fcos.go b/pkg/machine/fcos.go index 85cedcd5a..4ea965b7f 100644 --- a/pkg/machine/fcos.go +++ b/pkg/machine/fcos.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 1d77083d0..89b556b14 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine @@ -135,10 +135,25 @@ func getDirs(usrName string) []Directory { Path: d, User: getNodeUsr(usrName), }, - DirectoryEmbedded1: DirectoryEmbedded1{Mode: intToPtr(493)}, + DirectoryEmbedded1: DirectoryEmbedded1{Mode: intToPtr(0755)}, } dirs[i] = newDir } + + // Issue #11489: make sure that we can inject a custom registries.conf + // file on the system level to force a single search registry. + // The remote client does not yet support prompting for short-name + // resolution, so we enforce a single search registry (i.e., docker.io) + // as a workaround. + dirs = append(dirs, Directory{ + Node: Node{ + Group: getNodeGrp("root"), + Path: "/etc/containers/registries.conf.d", + User: getNodeUsr("root"), + }, + DirectoryEmbedded1: DirectoryEmbedded1{Mode: intToPtr(0755)}, + }) + return dirs } @@ -158,7 +173,7 @@ func getFiles(usrName string) []File { Contents: Resource{ Source: strToPtr("data:,%5BUnit%5D%0ADescription%3DA%20systemd%20user%20unit%20demo%0AAfter%3Dnetwork-online.target%0AWants%3Dnetwork-online.target%20podman.socket%0A%5BService%5D%0AExecStart%3D%2Fusr%2Fbin%2Fsleep%20infinity%0A"), }, - Mode: intToPtr(484), + Mode: intToPtr(0744), }, }) @@ -175,7 +190,7 @@ func getFiles(usrName string) []File { Contents: Resource{ Source: strToPtr("data:,%5Bcontainers%5D%0D%0Anetns%3D%22bridge%22%0D%0Arootless_networking%3D%22cni%22"), }, - Mode: intToPtr(484), + Mode: intToPtr(0744), }, }) // Add a file into linger @@ -185,7 +200,7 @@ func getFiles(usrName string) []File { Path: "/var/lib/systemd/linger/core", User: getNodeUsr(usrName), }, - FileEmbedded1: FileEmbedded1{Mode: intToPtr(420)}, + FileEmbedded1: FileEmbedded1{Mode: intToPtr(0644)}, }) // Set machine_enabled to true to indicate we're in a VM @@ -200,9 +215,30 @@ func getFiles(usrName string) []File { Contents: Resource{ Source: strToPtr("data:,%5Bengine%5D%0Amachine_enabled%3Dtrue%0A"), }, - Mode: intToPtr(420), + Mode: intToPtr(0644), + }, + }) + + // Issue #11489: make sure that we can inject a custom registries.conf + // file on the system level to force a single search registry. + // The remote client does not yet support prompting for short-name + // resolution, so we enforce a single search registry (i.e., docker.io) + // as a workaround. + files = append(files, File{ + Node: Node{ + Group: getNodeGrp("root"), + Path: "/etc/containers/registries.conf.d/999-podman-machine.conf", + User: getNodeUsr("root"), + }, + FileEmbedded1: FileEmbedded1{ + Append: nil, + Contents: Resource{ + Source: strToPtr("data:,unqualified-search-registries%3D%5B%22docker.io%22%5D"), + }, + Mode: intToPtr(0644), }, }) + return files } diff --git a/pkg/machine/ignition_schema.go b/pkg/machine/ignition_schema.go index 6ac8af826..aa4b8e060 100644 --- a/pkg/machine/ignition_schema.go +++ b/pkg/machine/ignition_schema.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/keys.go b/pkg/machine/keys.go index 81ec44ea8..319fc2b4e 100644 --- a/pkg/machine/keys.go +++ b/pkg/machine/keys.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/libvirt/config.go b/pkg/machine/libvirt/config.go deleted file mode 100644 index 1ce5ab154..000000000 --- a/pkg/machine/libvirt/config.go +++ /dev/null @@ -1,6 +0,0 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin - -package libvirt - -type MachineVM struct { -} diff --git a/pkg/machine/libvirt/machine.go b/pkg/machine/libvirt/machine.go deleted file mode 100644 index e1aa1569b..000000000 --- a/pkg/machine/libvirt/machine.go +++ /dev/null @@ -1,17 +0,0 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin - -package libvirt - -import "github.com/containers/podman/v3/pkg/machine" - -func (v *MachineVM) Init(name string, opts machine.InitOptions) error { - return nil -} - -func (v *MachineVM) Start(name string) error { - return nil -} - -func (v *MachineVM) Stop(name string) error { - return nil -} diff --git a/pkg/machine/libvirt/machine_unsupported.go b/pkg/machine/libvirt/machine_unsupported.go deleted file mode 100644 index 8b54440fe..000000000 --- a/pkg/machine/libvirt/machine_unsupported.go +++ /dev/null @@ -1,3 +0,0 @@ -// +build !amd64 amd64,windows - -package libvirt diff --git a/pkg/machine/pull.go b/pkg/machine/pull.go index 662896de5..f79ac6ec4 100644 --- a/pkg/machine/pull.go +++ b/pkg/machine/pull.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package machine diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 013f28960..3d0fa4094 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package qemu diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index 3a6fecff4..5d8c6e6ce 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -1,4 +1,4 @@ -// +build amd64,linux arm64,linux amd64,darwin arm64,darwin +// +build amd64,!windows arm64,!windows package qemu @@ -278,6 +278,9 @@ func (v *MachineVM) Start(name string, _ machine.StartOptions) error { time.Sleep(wait) wait++ } + if err != nil { + return err + } fd, err := qemuSocketConn.(*net.UnixConn).File() if err != nil { diff --git a/pkg/machine/qemu/options_darwin.go b/pkg/machine/qemu/options_darwin.go index 440937131..124358db8 100644 --- a/pkg/machine/qemu/options_darwin.go +++ b/pkg/machine/qemu/options_darwin.go @@ -2,14 +2,12 @@ package qemu import ( "os" - - "github.com/pkg/errors" ) func getRuntimeDir() (string, error) { tmpDir, ok := os.LookupEnv("TMPDIR") if !ok { - return "", errors.New("unable to resolve TMPDIR") + tmpDir = "/tmp" } return tmpDir, nil } diff --git a/pkg/machine/qemu/options_darwin_amd64.go b/pkg/machine/qemu/options_darwin_amd64.go index ee1036291..ff8d10db1 100644 --- a/pkg/machine/qemu/options_darwin_amd64.go +++ b/pkg/machine/qemu/options_darwin_amd64.go @@ -5,7 +5,7 @@ var ( ) func (v *MachineVM) addArchOptions() []string { - opts := []string{"-machine", "q35,accel=hvf:tcg"} + opts := []string{"-machine", "q35,accel=hvf:tcg", "-cpu", "host"} return opts } diff --git a/pkg/machine/qemu/options_darwin_arm64.go b/pkg/machine/qemu/options_darwin_arm64.go index 7513b3048..43cd3d69d 100644 --- a/pkg/machine/qemu/options_darwin_arm64.go +++ b/pkg/machine/qemu/options_darwin_arm64.go @@ -1,6 +1,7 @@ package qemu import ( + "os" "os/exec" "path/filepath" ) @@ -13,9 +14,10 @@ func (v *MachineVM) addArchOptions() []string { ovmfDir := getOvmfDir(v.ImagePath, v.Name) opts := []string{ "-accel", "hvf", + "-accel", "tcg", "-cpu", "cortex-a57", "-M", "virt,highmem=off", - "-drive", "file=/usr/local/share/qemu/edk2-aarch64-code.fd,if=pflash,format=raw,readonly=on", + "-drive", "file=" + getEdk2CodeFd("edk2-aarch64-code.fd") + ",if=pflash,format=raw,readonly=on", "-drive", "file=" + ovmfDir + ",if=pflash,format=raw"} return opts } @@ -34,3 +36,23 @@ func (v *MachineVM) archRemovalFiles() []string { func getOvmfDir(imagePath, vmName string) string { return filepath.Join(filepath.Dir(imagePath), vmName+"_ovmf_vars.fd") } + +/* + * QEmu can be installed in multiple locations on MacOS, especially on + * Apple Silicon systems. A build from source will likely install it in + * /usr/local/bin, whereas Homebrew package management standard is to + * install in /opt/homebrew + */ +func getEdk2CodeFd(name string) string { + dirs := []string{ + "/usr/local/share/qemu", + "/opt/homebrew/share/qemu", + } + for _, dir := range dirs { + fullpath := filepath.Join(dir, name) + if _, err := os.Stat(fullpath); err == nil { + return fullpath + } + } + return name +} diff --git a/pkg/rootlessport/rootlessport_linux.go b/pkg/rootlessport/rootlessport_linux.go index 9a2f93f8e..730d91aa2 100644 --- a/pkg/rootlessport/rootlessport_linux.go +++ b/pkg/rootlessport/rootlessport_linux.go @@ -218,10 +218,20 @@ outer: // we only need to have a socket to reload ports when we run under rootless cni if cfg.RootlessCNI { - socket, err := net.Listen("unix", filepath.Join(socketDir, cfg.ContainerID)) + // workaround to bypass the 108 char socket path limit + // open the fd and use the path to the fd as bind argument + fd, err := unix.Open(socketDir, unix.O_PATH, 0) if err != nil { return err } + socket, err := net.ListenUnix("unixpacket", &net.UnixAddr{Name: fmt.Sprintf("/proc/self/fd/%d/%s", fd, cfg.ContainerID), Net: "unixpacket"}) + if err != nil { + return err + } + err = unix.Close(fd) + if err != nil { + logrus.Warnf("failed to close the socketDir fd: %v", err) + } defer socket.Close() go serve(socket, driver) } diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 5188abc3a..c01d7a1f0 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -114,6 +114,9 @@ type CtrSpecGenOptions struct { Labels map[string]string // IsInfra bool + // InitContainerType sets what type the init container is + // Note: When playing a kube yaml, the inti container type will be set to "always" only + InitContainerType string } func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGenerator, error) { @@ -135,6 +138,8 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener Driver: opts.LogDriver, } + s.InitContainerType = opts.InitContainerType + setupSecurityContext(s, opts.Container) err := setupLivenessProbe(s, opts.Container, opts.RestartPolicy) if err != nil { diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go index 9f676db1b..6a6397257 100644 --- a/pkg/specgenutil/specgen.go +++ b/pkg/specgenutil/specgen.go @@ -453,7 +453,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions s.ImageVolumeMode = "anonymous" } - s.Systemd = c.Systemd + s.Systemd = strings.ToLower(c.Systemd) s.SdNotifyMode = c.SdNotifyMode if s.ResourceLimits == nil { s.ResourceLimits = &specs.LinuxResources{} diff --git a/pkg/systemd/define/const.go b/pkg/systemd/define/const.go index 1b50be5db..6bab8b629 100644 --- a/pkg/systemd/define/const.go +++ b/pkg/systemd/define/const.go @@ -1,8 +1,13 @@ package define -// EnvVariable "PODMAN_SYSTEMD_UNIT" is set in all generated systemd units and -// is set to the unit's (unique) name. -const EnvVariable = "PODMAN_SYSTEMD_UNIT" +const ( + // Default restart policy for generated unit files. + DefaultRestartPolicy = "on-failure" + + // EnvVariable "PODMAN_SYSTEMD_UNIT" is set in all generated systemd units and + // is set to the unit's (unique) name. + EnvVariable = "PODMAN_SYSTEMD_UNIT" +) // RestartPolicies includes all valid restart policies to be used in a unit // file. diff --git a/pkg/systemd/generate/common.go b/pkg/systemd/generate/common.go index 49465fb30..3515bb3b7 100644 --- a/pkg/systemd/generate/common.go +++ b/pkg/systemd/generate/common.go @@ -71,12 +71,13 @@ func filterCommonContainerFlags(command []string, argCount int) []string { case s == "--rm": // Boolean flags support --flag and --flag={true,false}. continue - case s == "--sdnotify", s == "--cgroups", s == "--cidfile": + case s == "--sdnotify", s == "--cgroups", s == "--cidfile", s == "--restart": i++ continue case strings.HasPrefix(s, "--rm="), strings.HasPrefix(s, "--cgroups="), - strings.HasPrefix(s, "--cidfile="): + strings.HasPrefix(s, "--cidfile="), + strings.HasPrefix(s, "--restart="): continue } processed = append(processed, s) diff --git a/pkg/systemd/generate/common_test.go b/pkg/systemd/generate/common_test.go index 80abebb26..45004ecb0 100644 --- a/pkg/systemd/generate/common_test.go +++ b/pkg/systemd/generate/common_test.go @@ -117,12 +117,12 @@ func TestFilterCommonContainerFlags(t *testing.T) { 1, }, { - []string{"podman", "run", "--cgroups=foo", "alpine"}, + []string{"podman", "run", "--cgroups=foo", "--restart=foo", "alpine"}, []string{"podman", "run", "alpine"}, 1, }, { - []string{"podman", "run", "--cgroups=foo", "--rm", "alpine"}, + []string{"podman", "run", "--cgroups=foo", "--rm", "--restart", "foo", "alpine"}, []string{"podman", "run", "alpine"}, 1, }, diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index 188926115..037652a6d 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -10,6 +10,7 @@ import ( "time" "github.com/containers/podman/v3/libpod" + libpodDefine "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/systemd/define" "github.com/containers/podman/v3/version" @@ -34,6 +35,8 @@ type containerInfo struct { StopTimeout uint // RestartPolicy of the systemd unit (e.g., no, on-failure, always). RestartPolicy string + // Custom number of restart attempts. + StartLimitBurst string // PIDFile of the service. Required for forking services. Must point to the // PID of the associated conmon process. PIDFile string @@ -101,6 +104,9 @@ Environment={{{{.EnvVariable}}}}=%n Environment={{{{- range $index, $value := .ExtraEnvs -}}}}{{{{if $index}}}} {{{{end}}}}{{{{ $value }}}}{{{{end}}}} {{{{- end}}}} Restart={{{{.RestartPolicy}}}} +{{{{- if .StartLimitBurst}}}} +StartLimitBurst={{{{.StartLimitBurst}}}} +{{{{- end}}}} TimeoutStopSec={{{{.TimeoutStopSec}}}} {{{{- if .ExecStartPre}}}} ExecStartPre={{{{.ExecStartPre}}}} @@ -175,7 +181,7 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste info := containerInfo{ ServiceName: serviceName, ContainerNameOrID: nameOrID, - RestartPolicy: options.RestartPolicy, + RestartPolicy: define.DefaultRestartPolicy, PIDFile: conmonPidFile, StopTimeout: timeout, GenerateTimestamp: true, @@ -202,8 +208,11 @@ func containerServiceName(ctr *libpod.Container, options entities.GenerateSystem // containerInfo. Note that the containerInfo is also post processed and // completed, which allows for an easier unit testing. func executeContainerTemplate(info *containerInfo, options entities.GenerateSystemdOptions) (string, error) { - if err := validateRestartPolicy(info.RestartPolicy); err != nil { - return "", err + if options.RestartPolicy != nil { + if err := validateRestartPolicy(*options.RestartPolicy); err != nil { + return "", err + } + info.RestartPolicy = *options.RestartPolicy } // Make sure the executable is set. @@ -275,6 +284,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst fs.Bool("replace", false, "") fs.StringArrayP("env", "e", nil, "") fs.String("sdnotify", "", "") + fs.String("restart", "", "") fs.Parse(remainingCmd) remainingCmd = filterCommonContainerFlags(remainingCmd, fs.NArg()) @@ -339,6 +349,27 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst } } + // Unless the user explicitly set a restart policy, check + // whether the container was created with a custom one and use + // it instead of the default. + if options.RestartPolicy == nil { + restartPolicy, err := fs.GetString("restart") + if err != nil { + return "", err + } + if restartPolicy != "" { + if strings.HasPrefix(restartPolicy, "on-failure:") { + // Special case --restart=on-failure:5 + spl := strings.Split(restartPolicy, ":") + restartPolicy = spl[0] + info.StartLimitBurst = spl[1] + } else if restartPolicy == libpodDefine.RestartPolicyUnlessStopped { + restartPolicy = libpodDefine.RestartPolicyAlways + } + info.RestartPolicy = restartPolicy + } + } + envs, err := fs.GetStringArray("env") if err != nil { return "", err diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go index c60c301cc..f46513459 100644 --- a/pkg/systemd/generate/containers_test.go +++ b/pkg/systemd/generate/containers_test.go @@ -52,7 +52,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=82 ExecStart=/usr/bin/podman start 639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401 ExecStop=/usr/bin/podman stop -t 22 639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401 @@ -78,7 +78,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStart=/usr/bin/podman start foobar ExecStop=/usr/bin/podman stop -t 10 foobar @@ -104,7 +104,7 @@ After=a.service b.service c.service pod.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStart=/usr/bin/podman start foobar ExecStop=/usr/bin/podman stop -t 10 foobar @@ -128,7 +128,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space" @@ -153,7 +153,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm -d --replace --sdnotify=container --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space" @@ -178,7 +178,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN @@ -203,7 +203,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN @@ -228,7 +228,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace --detach --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN @@ -253,7 +253,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest @@ -279,7 +279,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=102 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon ` + @@ -308,7 +308,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=102 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test -p 80:80 awesome-image:latest somecmd --detach=false @@ -333,7 +333,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=102 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman --events-backend none --runroot /root run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest @@ -358,7 +358,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest @@ -383,7 +383,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test --log-driver=journald --log-opt=tag={{.Name}} awesome-image:latest @@ -408,7 +408,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test awesome-image:latest sh -c "kill $$$$ && echo %%\\" @@ -433,7 +433,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --conmon-pidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo alpine @@ -458,7 +458,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon -d --conmon-pidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo --pod-id-file /tmp/pod-foobar.pod-id-file alpine @@ -484,7 +484,7 @@ RequiresMountsFor=/var/run/containers/storage [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Environment=FOO=abc "BAR=my test" USER=%%a -Restart=always +Restart=on-failure TimeoutStopSec=70 ExecStartPre=/bin/rm -f %t/%n.ctr-id ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --env FOO --env=BAR --env=MYENV=2 -e USER awesome-image:latest @@ -496,6 +496,32 @@ NotifyAccess=all [Install] WantedBy=multi-user.target default.target ` + + goodNewWithRestartPolicy := `# jadda-jadda.service +# autogenerated by Podman CI + +[Unit] +Description=Podman jadda-jadda.service +Documentation=man:podman-generate-systemd(1) +Wants=network-online.target +After=network-online.target +RequiresMountsFor=/var/run/containers/storage + +[Service] +Environment=PODMAN_SYSTEMD_UNIT=%n +Restart=on-failure +StartLimitBurst=42 +TimeoutStopSec=70 +ExecStartPre=/bin/rm -f %t/%n.ctr-id +ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest +ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id +ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id +Type=notify +NotifyAccess=all + +[Install] +WantedBy=multi-user.target default.target +` tests := []struct { name string info containerInfo @@ -510,7 +536,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", ContainerNameOrID: "639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 22, PodmanVersion: "CI", @@ -528,7 +553,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", ContainerNameOrID: "639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 22, PodmanVersion: "CI", @@ -546,7 +570,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "container-foobar", ContainerNameOrID: "foobar", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -564,7 +587,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "container-foobar", ContainerNameOrID: "foobar", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -578,29 +600,11 @@ WantedBy=multi-user.target default.target false, false, }, - {"bad restart policy", - containerInfo{ - Executable: "/usr/bin/podman", - ServiceName: "639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", - RestartPolicy: "never", - PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", - StopTimeout: 10, - PodmanVersion: "CI", - EnvVariable: define.EnvVariable, - GraphRoot: "/var/lib/containers/storage", - RunRoot: "/var/run/containers/storage", - }, - "", - false, - false, - true, - }, {"good with name and generic", containerInfo{ Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -619,7 +623,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -638,7 +641,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -657,7 +659,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -679,7 +680,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -698,7 +698,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "container-639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", ContainerNameOrID: "639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -717,7 +716,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -736,7 +734,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -755,7 +752,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -774,7 +770,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -793,7 +788,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -812,26 +806,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", - PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", - StopTimeout: 42, - PodmanVersion: "CI", - CreateCommand: []string{"I'll get stripped", "run", "-tid", "awesome-image:latest"}, - EnvVariable: define.EnvVariable, - GraphRoot: "/var/lib/containers/storage", - RunRoot: "/var/run/containers/storage", - }, - genGoodNewDetach("-tid"), - true, - false, - false, - }, - {"good with root flags", - containerInfo{ - Executable: "/usr/bin/podman", - ServiceName: "jadda-jadda", - ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -850,7 +824,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -869,7 +842,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -888,7 +860,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -907,7 +878,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -926,7 +896,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -948,7 +917,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "jadda-jadda", ContainerNameOrID: "jadda-jadda", - RestartPolicy: "always", PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -963,6 +931,24 @@ WantedBy=multi-user.target default.target false, false, }, + {"good with restart policy", + containerInfo{ + Executable: "/usr/bin/podman", + ServiceName: "jadda-jadda", + ContainerNameOrID: "jadda-jadda", + PIDFile: "/var/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", + StopTimeout: 10, + PodmanVersion: "CI", + GraphRoot: "/var/lib/containers/storage", + RunRoot: "/var/run/containers/storage", + CreateCommand: []string{"I'll get stripped", "create", "--restart", "on-failure:42", "awesome-image:latest"}, + EnvVariable: define.EnvVariable, + }, + goodNewWithRestartPolicy, + true, + false, + false, + }, } for _, tt := range tests { test := tt @@ -971,6 +957,7 @@ WantedBy=multi-user.target default.target New: test.new, NoHeader: test.noHeader, } + test.info.RestartPolicy = define.DefaultRestartPolicy got, err := executeContainerTemplate(&test.info, opts) if (err != nil) != test.wantErr { t.Errorf("CreateContainerSystemdUnit() %s error = \n%v, wantErr \n%v", test.name, err, test.wantErr) diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go index 1b92649e8..e755b8eea 100644 --- a/pkg/systemd/generate/pods.go +++ b/pkg/systemd/generate/pods.go @@ -217,7 +217,6 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) ( info := podInfo{ ServiceName: serviceName, InfraNameOrID: ctrNameOrID, - RestartPolicy: options.RestartPolicy, PIDFile: conmonPidFile, StopTimeout: timeout, GenerateTimestamp: true, @@ -230,8 +229,12 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) ( // that the podInfo is also post processed and completed, which allows for an // easier unit testing. func executePodTemplate(info *podInfo, options entities.GenerateSystemdOptions) (string, error) { - if err := validateRestartPolicy(info.RestartPolicy); err != nil { - return "", err + info.RestartPolicy = define.DefaultRestartPolicy + if options.RestartPolicy != nil { + if err := validateRestartPolicy(*options.RestartPolicy); err != nil { + return "", err + } + info.RestartPolicy = *options.RestartPolicy } // Make sure the executable is set. diff --git a/pkg/systemd/generate/pods_test.go b/pkg/systemd/generate/pods_test.go index 4b8a9ffd5..c565a30ed 100644 --- a/pkg/systemd/generate/pods_test.go +++ b/pkg/systemd/generate/pods_test.go @@ -53,7 +53,7 @@ Before=container-1.service container-2.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n -Restart=always +Restart=on-failure TimeoutStopSec=102 ExecStart=/usr/bin/podman start jadda-jadda-infra ExecStop=/usr/bin/podman stop -t 42 jadda-jadda-infra @@ -192,7 +192,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -211,7 +210,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -230,7 +228,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "always", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 42, PodmanVersion: "CI", @@ -249,7 +246,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "on-failure", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -268,7 +264,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "on-failure", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -287,7 +282,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "on-failure", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -306,7 +300,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "on-failure", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", @@ -325,7 +318,6 @@ WantedBy=multi-user.target default.target Executable: "/usr/bin/podman", ServiceName: "pod-123abc", InfraNameOrID: "jadda-jadda-infra", - RestartPolicy: "on-failure", PIDFile: "/run/containers/storage/overlay-containers/639c53578af4d84b8800b4635fa4e680ee80fd67e0e6a2d4eea48d1e3230f401/userdata/conmon.pid", StopTimeout: 10, PodmanVersion: "CI", diff --git a/pkg/terminal/console_windows.go b/pkg/terminal/console_windows.go index 08e66cb3a..9a636d681 100644 --- a/pkg/terminal/console_windows.go +++ b/pkg/terminal/console_windows.go @@ -25,7 +25,7 @@ func setConsoleMode(handle windows.Handle, flags uint32) error { var mode uint32 err := windows.GetConsoleMode(handle, &mode) if err != nil { - return err + return nil // not a terminal } if err := windows.SetConsoleMode(handle, mode|flags); err != nil { // In similar code, it is not considered an error if we cannot set the diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index cb992d8b6..6eba0bc3c 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -1,4 +1,4 @@ -// +build linux darwin +// +build !windows package util diff --git a/test/apiv2/50-secrets.at b/test/apiv2/50-secrets.at index 034ec080a..ed0e8fb6b 100644 --- a/test/apiv2/50-secrets.at +++ b/test/apiv2/50-secrets.at @@ -27,8 +27,37 @@ t GET secrets 200 \ .[0].Spec.Name=mysecret \ .[0].Version.Index=1 -# secret list unsupported filters -t GET secrets?filters='{"name":["foo1"]}' 400 +# secret list with filters +t GET secrets?filters='{"name":["mysecret"]}' 200 \ + length=1 \ + .[0].Spec.Name=mysecret \ + .[0].Version.Index=1 + +t GET secrets?filters='{"name":["mysecret2"]}' 200 \ + length=0 \ + +# secret libpod list with filters +t GET libpod/secrets/json?filters='{"name":["mysecret"]}' 200 \ + length=1 \ + .[0].Spec.Name=mysecret \ + +t GET libpod/secrets/json?filters='{"name":["mysecret2"]}' 200 \ + length=0 \ + +# secret list with unsupported filters +t GET secrets?filters='{"label":["xyz"]}' 500 + +#compat api list secrets sanity checks +t GET secrets?filters='garb1age}' 500 \ + .cause="invalid character 'g' looking for beginning of value" +t GET secrets?filters='{"label":["testl' 500 \ + .cause="unexpected end of JSON input" + +#libpod api list secrets sanity checks +t GET libpod/secrets/json?filters='garb1age}' 500 \ + .cause="invalid character 'g' looking for beginning of value" +t GET libpod/secrets/json?filters='{"label":["testl' 500 \ + .cause="unexpected end of JSON input" # secret rm t DELETE secrets/mysecret 204 diff --git a/test/apiv2/python/rest_api/test_v2_0_0_system.py b/test/apiv2/python/rest_api/test_v2_0_0_system.py index 3dfd08525..2d3935c9c 100644 --- a/test/apiv2/python/rest_api/test_v2_0_0_system.py +++ b/test/apiv2/python/rest_api/test_v2_0_0_system.py @@ -1,5 +1,6 @@ import json import unittest +import uuid import requests from .fixtures import APITestCase @@ -92,6 +93,18 @@ class SystemTestCase(APITestCase): r = requests.get(self.uri("/system/df")) self.assertEqual(r.status_code, 200, r.text) + def test_reference_id(self): + rid = str(uuid.uuid4()) + r = requests.get(self.uri("/info"), headers={"X-Reference-Id": rid}) + self.assertEqual(r.status_code, 200, r.text) + + self.assertIn("X-Reference-Id", r.headers) + self.assertEqual(r.headers["X-Reference-Id"], rid) + + r = requests.get(self.uri("/info")) + self.assertIn("X-Reference-Id", r.headers) + self.assertNotEqual(r.headers["X-Reference-Id"], rid) + if __name__ == "__main__": unittest.main() diff --git a/test/e2e/build/envwithtab/Dockerfile b/test/e2e/build/envwithtab/Dockerfile new file mode 100644 index 000000000..0d8480c04 --- /dev/null +++ b/test/e2e/build/envwithtab/Dockerfile @@ -0,0 +1,3 @@ +FROM alpine + +ENV TEST=" t" diff --git a/test/e2e/checkpoint_test.go b/test/e2e/checkpoint_test.go index 1c9a8dc6f..403d739f0 100644 --- a/test/e2e/checkpoint_test.go +++ b/test/e2e/checkpoint_test.go @@ -93,6 +93,12 @@ var _ = Describe("Podman checkpoint", func() { Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0)) Expect(podmanTest.GetContainerStatus()).To(ContainSubstring("Exited")) + inspect := podmanTest.Podman([]string{"inspect", cid}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + inspectOut := inspect.InspectContainerToJSON() + Expect(inspectOut[0].State.Checkpointed).To(BeTrue()) + result = podmanTest.Podman([]string{"container", "restore", cid}) result.WaitWithDefaultTimeout() diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 8996bf6a0..bf89a0708 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -174,6 +174,78 @@ var _ = Describe("Podman generate kube", func() { Expect(string(kube.Out.Contents())).To(ContainSubstring(`name: pod2`)) }) + It("podman generate kube on pod with init containers", func() { + session := podmanTest.Podman([]string{"create", "--pod", "new:toppod", "--init-ctr", "always", ALPINE, "echo", "hello"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"create", "--pod", "toppod", "--init-ctr", "always", ALPINE, "echo", "world"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"create", "--pod", "toppod", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + kube := podmanTest.Podman([]string{"generate", "kube", "toppod"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + pod := new(v1.Pod) + err := yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + Expect(pod.Spec.HostNetwork).To(Equal(false)) + + numContainers := len(pod.Spec.Containers) + len(pod.Spec.InitContainers) + Expect(numContainers).To(Equal(3)) + + // Init container should be in the generated kube yaml if created with "once" type and the pod has not been started + session = podmanTest.Podman([]string{"create", "--pod", "new:toppod-2", "--init-ctr", "once", ALPINE, "echo", "using once type"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"create", "--pod", "toppod-2", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + kube = podmanTest.Podman([]string{"generate", "kube", "toppod-2"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + pod = new(v1.Pod) + err = yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + Expect(pod.Spec.HostNetwork).To(Equal(false)) + + numContainers = len(pod.Spec.Containers) + len(pod.Spec.InitContainers) + Expect(numContainers).To(Equal(2)) + + // Init container should not be in the generated kube yaml if created with "once" type and the pod has been started + session = podmanTest.Podman([]string{"create", "--pod", "new:toppod-3", "--init-ctr", "once", ALPINE, "echo", "using once type"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"create", "--pod", "toppod-3", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"pod", "start", "toppod-3"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + kube = podmanTest.Podman([]string{"generate", "kube", "toppod-3"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + pod = new(v1.Pod) + err = yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + Expect(pod.Spec.HostNetwork).To(Equal(false)) + + numContainers = len(pod.Spec.Containers) + len(pod.Spec.InitContainers) + Expect(numContainers).To(Equal(1)) + }) + It("podman generate kube on pod with host network", func() { podSession := podmanTest.Podman([]string{"pod", "create", "--name", "testHostNetwork", "--network", "host"}) podSession.WaitWithDefaultTimeout() diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go index 899c84a14..87f042ed9 100644 --- a/test/e2e/healthcheck_run_test.go +++ b/test/e2e/healthcheck_run_test.go @@ -5,6 +5,7 @@ import ( "os" "time" + define "github.com/containers/podman/v3/libpod/define" . "github.com/containers/podman/v3/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -157,7 +158,7 @@ var _ = Describe("Podman healthcheck run", func() { Expect(hc).Should(Exit(1)) inspect = podmanTest.InspectContainer("hc") - Expect(inspect[0].State.Healthcheck.Status).To(Equal("unhealthy")) + Expect(inspect[0].State.Healthcheck.Status).To(Equal(define.HealthCheckUnhealthy)) }) @@ -171,7 +172,7 @@ var _ = Describe("Podman healthcheck run", func() { Expect(hc).Should(Exit(0)) inspect := podmanTest.InspectContainer("hc") - Expect(inspect[0].State.Healthcheck.Status).To(Equal("healthy")) + Expect(inspect[0].State.Healthcheck.Status).To(Equal(define.HealthCheckHealthy)) }) It("podman healthcheck unhealthy but valid arguments check", func() { @@ -201,7 +202,7 @@ var _ = Describe("Podman healthcheck run", func() { Expect(hc).Should(Exit(1)) inspect = podmanTest.InspectContainer("hc") - Expect(inspect[0].State.Healthcheck.Status).To(Equal("unhealthy")) + Expect(inspect[0].State.Healthcheck.Status).To(Equal(define.HealthCheckUnhealthy)) foo := podmanTest.Podman([]string{"exec", "hc", "touch", "/foo"}) foo.WaitWithDefaultTimeout() @@ -212,6 +213,6 @@ var _ = Describe("Podman healthcheck run", func() { Expect(hc).Should(Exit(0)) inspect = podmanTest.InspectContainer("hc") - Expect(inspect[0].State.Healthcheck.Status).To(Equal("healthy")) + Expect(inspect[0].State.Healthcheck.Status).To(Equal(define.HealthCheckHealthy)) }) }) diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 89859e74f..59615d009 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -50,6 +50,24 @@ var _ = Describe("Podman inspect", func() { Expect(session).To(ExitWithError()) }) + It("podman inspect filter should work if result contains tab", func() { + session := podmanTest.Podman([]string{"build", "--tag", "envwithtab", "build/envwithtab"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + // Verify that OS and Arch are being set + inspect := podmanTest.Podman([]string{"inspect", "-f", "{{ .Config.Env }}", "envwithtab"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + // output should not be empty + // test validates fix for https://github.com/containers/podman/issues/8785 + Expect(strings.Contains(inspect.OutputToString(), "TEST")) + + session = podmanTest.Podman([]string{"rmi", "envwithtab"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + }) + It("podman inspect with GO format", func() { session := podmanTest.Podman([]string{"inspect", "--format", "{{.ID}}", ALPINE}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/manifest_test.go b/test/e2e/manifest_test.go index 95f90d4c1..27aaaba48 100644 --- a/test/e2e/manifest_test.go +++ b/test/e2e/manifest_test.go @@ -280,4 +280,32 @@ var _ = Describe("Podman manifest", func() { session.WaitWithDefaultTimeout() Expect(session).Should(Exit(1)) }) + + It("podman manifest rm should not remove referenced images", func() { + manifestList := "manifestlist" + imageName := "quay.io/libpod/busybox" + + session := podmanTest.Podman([]string{"pull", imageName}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"manifest", "create", manifestList}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"manifest", "add", manifestList, imageName}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"manifest", "rm", manifestList}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + //image should still show up + session = podmanTest.Podman([]string{"images"}) + session.WaitWithDefaultTimeout() + Expect(session.OutputToString()).To(ContainSubstring(imageName)) + Expect(session).Should(Exit(0)) + }) + }) diff --git a/test/e2e/pause_test.go b/test/e2e/pause_test.go index ea7a96428..2e5e07de9 100644 --- a/test/e2e/pause_test.go +++ b/test/e2e/pause_test.go @@ -79,6 +79,11 @@ var _ = Describe("Podman pause", func() { Expect(result).To(ExitWithError()) Expect(podmanTest.NumberOfContainersRunning()).To(Equal(0)) Expect(strings.ToLower(podmanTest.GetContainerStatus())).To(ContainSubstring(createdState)) + + // check we can read stats for a paused container + result = podmanTest.Podman([]string{"stats", "--no-stream", cid}) + result.WaitWithDefaultTimeout() + Expect(result).To(ExitWithError()) }) It("podman pause a running container by id", func() { diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index ab496f0eb..fcda89fbc 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -11,6 +11,8 @@ import ( "text/template" "time" + "github.com/containers/common/pkg/config" + "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/util" . "github.com/containers/podman/v3/test/utils" "github.com/containers/storage/pkg/stringid" @@ -30,6 +32,22 @@ metadata: spec: hostname: unknown ` +var checkInfraImagePodYaml = ` +apiVersion: v1 +kind: Pod +metadata: + labels: + app: check-infra-image + name: check-infra-image +spec: + containers: + - name: alpine + image: quay.io/libpod/alpine:latest + command: + - sleep + - 24h +status: {} +` var sharedNamespacePodYaml = ` apiVersion: v1 kind: Pod @@ -246,6 +264,17 @@ spec: {{ end }} ip: {{ .IP }} {{ end }} + initContainers: +{{ with .InitCtrs }} + {{ range . }} + - command: + {{ range .Cmd }} + - {{.}} + {{ end }} + image: {{ .Image }} + name: {{ .Name }} + {{ end }} +{{ end }} containers: {{ with .Ctrs }} {{ range . }} @@ -648,6 +677,7 @@ type Pod struct { HostNetwork bool HostAliases []HostAlias Ctrs []*Ctr + InitCtrs []*Ctr Volumes []*Volume Labels map[string]string Annotations map[string]string @@ -669,6 +699,7 @@ func getPod(options ...podOption) *Pod { HostNetwork: false, HostAliases: nil, Ctrs: make([]*Ctr, 0), + InitCtrs: make([]*Ctr, 0), Volumes: make([]*Volume, 0), Labels: make(map[string]string), Annotations: make(map[string]string), @@ -711,6 +742,12 @@ func withCtr(c *Ctr) podOption { } } +func withPodInitCtr(ic *Ctr) podOption { + return func(pod *Pod) { + pod.InitCtrs = append(pod.InitCtrs, ic) + } +} + func withRestartPolicy(policy string) podOption { return func(pod *Pod) { pod.RestartPolicy = policy @@ -830,6 +867,7 @@ type Ctr struct { VolumeReadOnly bool Env []Env EnvFrom []EnvFrom + InitCtrType string } // getCtr takes a list of ctrOptions and returns a Ctr with sane defaults @@ -853,6 +891,7 @@ func getCtr(options ...ctrOption) *Ctr { VolumeReadOnly: false, Env: []Env{}, EnvFrom: []EnvFrom{}, + InitCtrType: "", } for _, option := range options { option(&c) @@ -868,6 +907,12 @@ func withName(name string) ctrOption { } } +func withInitCtr() ctrOption { + return func(c *Ctr) { + c.InitCtrType = define.AlwaysInitContainer + } +} + func withCmd(cmd []string) ctrOption { return func(c *Ctr) { c.Cmd = cmd @@ -1098,6 +1143,55 @@ var _ = Describe("Podman play kube", func() { Expect(label).To(ContainSubstring("unconfined_u:system_r:spc_t:s0")) }) + It("podman play kube should use default infra_image", func() { + err := writeYaml(checkInfraImagePodYaml, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + podInspect := podmanTest.Podman([]string{"inspect", "check-infra-image", "--format", "{{ .InfraContainerID }}"}) + podInspect.WaitWithDefaultTimeout() + infraContainerID := podInspect.OutputToString() + + conInspect := podmanTest.Podman([]string{"inspect", infraContainerID, "--format", "{{ .ImageName }}"}) + conInspect.WaitWithDefaultTimeout() + infraContainerImage := conInspect.OutputToString() + Expect(infraContainerImage).To(Equal(config.DefaultInfraImage)) + }) + + It("podman play kube should use customized infra_image", func() { + conffile := filepath.Join(podmanTest.TempDir, "container.conf") + + infraImage := "k8s.gcr.io/pause:3.2" + err := ioutil.WriteFile(conffile, []byte(fmt.Sprintf("[engine]\ninfra_image=\"%s\"\n", infraImage)), 0644) + Expect(err).To(BeNil()) + + os.Setenv("CONTAINERS_CONF", conffile) + defer os.Unsetenv("CONTAINERS_CONF") + + if IsRemote() { + podmanTest.RestartRemoteService() + } + + err = writeYaml(checkInfraImagePodYaml, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + podInspect := podmanTest.Podman([]string{"inspect", "check-infra-image", "--format", "{{ .InfraContainerID }}"}) + podInspect.WaitWithDefaultTimeout() + infraContainerID := podInspect.OutputToString() + + conInspect := podmanTest.Podman([]string{"inspect", infraContainerID, "--format", "{{ .ImageName }}"}) + conInspect.WaitWithDefaultTimeout() + infraContainerImage := conInspect.OutputToString() + Expect(infraContainerImage).To(Equal(infraImage)) + }) + It("podman play kube should share ipc,net,uts when shareProcessNamespace is set", func() { SkipIfRootless("Requires root privileges for sharing few namespaces") err := writeYaml(sharedNamespacePodYaml, kubeYaml) @@ -1143,7 +1237,7 @@ var _ = Describe("Podman play kube", func() { hc := podmanTest.Podman([]string{"healthcheck", "run", "liveness-unhealthy-probe-pod-0-alpine"}) hc.WaitWithDefaultTimeout() hcoutput := hc.OutputToString() - Expect(hcoutput).To(ContainSubstring("unhealthy")) + Expect(hcoutput).To(ContainSubstring(define.HealthCheckUnhealthy)) }) It("podman play kube fail with nonexistent authfile", func() { @@ -1228,6 +1322,33 @@ var _ = Describe("Podman play kube", func() { Expect(inspect.OutputToString()).To(ContainSubstring(`[]`)) }) + // If you have an init container in the pod yaml, podman should create and run the init container with play kube + It("podman play kube test with init containers", func() { + pod := getPod(withPodInitCtr(getCtr(withImage(ALPINE), withCmd([]string{"echo", "hello"}), withInitCtr(), withName("init-test"))), withCtr(getCtr(withImage(ALPINE), withCmd([]string{"top"})))) + err := generateKubeYaml("pod", pod, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Expect the number of containers created to be 3, one init, infra, and regular container + numOfCtrs := podmanTest.NumberOfContainers() + Expect(numOfCtrs).To(Equal(3)) + + // Init container should have exited after running + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-init-test"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("exited")) + + // Regular container should be in running state + inspect = podmanTest.Podman([]string{"inspect", "--format", "{{.State.Status}}", "testPod-" + defaultCtrName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect).Should(Exit(0)) + Expect(inspect.OutputToString()).To(ContainSubstring("running")) + }) + // If you supply only args for a Container, the default Entrypoint defined in the Docker image is run with the args that you supplied. It("podman play kube test correct command with only set args in yaml file", func() { pod := getPod(withCtr(getCtr(withImage(registry), withCmd(nil), withArg([]string{"echo", "hello"})))) @@ -1289,6 +1410,40 @@ var _ = Describe("Podman play kube", func() { Expect(logs.OutputToString()).To(ContainSubstring("hello world")) }) + It("podman pod logs test", func() { + SkipIfRemote("podman-remote pod logs -c is mandatory for remote machine") + p := getPod(withCtr(getCtr(withCmd([]string{"echo", "hello"}), withArg([]string{"world"})))) + + err := generateKubeYaml("pod", p, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + logs := podmanTest.Podman([]string{"pod", "logs", p.Name}) + logs.WaitWithDefaultTimeout() + Expect(logs).Should(Exit(0)) + Expect(logs.OutputToString()).To(ContainSubstring("hello world")) + }) + + It("podman-remote pod logs test", func() { + // -c or --container is required in podman-remote due to api limitation. + p := getPod(withCtr(getCtr(withCmd([]string{"echo", "hello"}), withArg([]string{"world"})))) + + err := generateKubeYaml("pod", p, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + logs := podmanTest.Podman([]string{"pod", "logs", "-c", getCtrNameInPod(p), p.Name}) + logs.WaitWithDefaultTimeout() + Expect(logs).Should(Exit(0)) + Expect(logs.OutputToString()).To(ContainSubstring("hello world")) + }) + It("podman play kube test restartPolicy", func() { // podName, set, expect testSli := [][]string{ diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index b0faabf6c..f82c3d9d1 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -148,7 +148,7 @@ registries = ['{{.Host}}:{{.Port}}']` search := podmanTest.Podman([]string{"search", "docker.io/alpine"}) search.WaitWithDefaultTimeout() Expect(search).Should(Exit(0)) - Expect(len(search.OutputToStringArray())).To(Equal(26)) + Expect(len(search.OutputToStringArray())).To(BeNumerically(">", 10)) search = podmanTest.Podman([]string{"search", "--limit", "3", "docker.io/alpine"}) search.WaitWithDefaultTimeout() @@ -462,7 +462,7 @@ registries = ['{{.Host}}:{{.Port}}']` search = podmanTest.Podman([]string{"search", "--list-tags", "docker.io/library/alpine"}) search.WaitWithDefaultTimeout() Expect(search).Should(Exit(0)) - Expect(len(search.OutputToStringArray()) > 2).To(BeTrue()) + Expect(len(search.OutputToStringArray())).To(BeNumerically(">", 2)) search = podmanTest.Podman([]string{"search", "--filter=is-official", "--list-tags", "docker.io/library/alpine"}) search.WaitWithDefaultTimeout() @@ -477,6 +477,6 @@ registries = ['{{.Host}}:{{.Port}}']` search := podmanTest.Podman([]string{"search", "--limit", "130", "registry.redhat.io/rhel"}) search.WaitWithDefaultTimeout() Expect(search).Should(Exit(0)) - Expect(len(search.OutputToStringArray())).To(Equal(131)) + Expect(len(search.OutputToStringArray())).To(BeNumerically("<=", 131)) }) }) diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 3213a839a..a1b25b723 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -176,4 +176,21 @@ WantedBy=multi-user.target Expect(session.OutputToString()).To(Not(ContainSubstring("noexec"))) }) + + It("podman run --systemd arg is case insensitive", func() { + session := podmanTest.Podman([]string{"run", "--rm", "--systemd", "Always", ALPINE, "echo", "test"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).Should(Equal("test")) + + session = podmanTest.Podman([]string{"run", "--rm", "--systemd", "True", ALPINE, "echo", "test"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).Should(Equal("test")) + + session = podmanTest.Podman([]string{"run", "--rm", "--systemd", "False", ALPINE, "echo", "test"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).Should(Equal("test")) + }) }) diff --git a/test/e2e/unshare_test.go b/test/e2e/unshare_test.go index eacdda68a..79ce68e89 100644 --- a/test/e2e/unshare_test.go +++ b/test/e2e/unshare_test.go @@ -47,8 +47,7 @@ var _ = Describe("Podman unshare", func() { session := podmanTest.Podman([]string{"unshare", "readlink", "/proc/self/ns/user"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - ok, _ := session.GrepString(userNS) - Expect(ok).To(BeFalse()) + Expect(session.OutputToString()).ToNot(ContainSubstring(userNS)) }) It("podman unshare --rootles-cni", func() { @@ -57,4 +56,36 @@ var _ = Describe("Podman unshare", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToString()).To(ContainSubstring("tap0")) }) + + It("podman unshare exit codes", func() { + session := podmanTest.Podman([]string{"unshare", "false"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(1)) + Expect(session.OutputToString()).Should(Equal("")) + Expect(session.ErrorToString()).Should(Equal("")) + + session = podmanTest.Podman([]string{"unshare", "/usr/bin/bogus"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(127)) + Expect(session.OutputToString()).Should(Equal("")) + Expect(session.ErrorToString()).Should(ContainSubstring("no such file or directory")) + + session = podmanTest.Podman([]string{"unshare", "bogus"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(127)) + Expect(session.OutputToString()).Should(Equal("")) + Expect(session.ErrorToString()).Should(ContainSubstring("executable file not found in $PATH")) + + session = podmanTest.Podman([]string{"unshare", "/usr"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(126)) + Expect(session.OutputToString()).Should(Equal("")) + Expect(session.ErrorToString()).Should(ContainSubstring("permission denied")) + + session = podmanTest.Podman([]string{"unshare", "--bogus"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(125)) + Expect(session.OutputToString()).Should(Equal("")) + Expect(session.ErrorToString()).Should(ContainSubstring("unknown flag: --bogus")) + }) }) diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 96ca2c1bd..0ea0f8356 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -9,6 +9,7 @@ load helpers buildahVersion: *[0-9.]\\\+ conmon:\\\s\\\+package: distribution: +logDriver: ociRuntime:\\\s\\\+name: os: rootless: diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index 32282c8e1..a04d2ac74 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -174,4 +174,31 @@ $s_after" _log_test_until journald } +function _log_test_follow() { + local driver=$1 + cname=$(random_string) + contentA=$(random_string) + contentB=$(random_string) + contentC=$(random_string) + + # Note: it seems we need at least three log lines to hit #11461. + run_podman run --log-driver=$driver --name $cname $IMAGE sh -c "echo $contentA; echo $contentB; echo $contentC" + run_podman logs -f $cname + is "$output" "$contentA +$contentB +$contentC" "logs -f on exitted container works" + + run_podman rm -f $cname +} + +@test "podman logs - --follow k8s-file" { + _log_test_follow k8s-file +} + +@test "podman logs - --follow journald" { + # We can't use journald on RHEL as rootless: rhbz#1895105 + skip_if_journald_unavailable + + _log_test_follow journald +} # vim: filetype=sh diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 0f58b2784..47db08eb1 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -929,6 +929,33 @@ EOF is "$output" ".*test1" "test1 should exists in the final image" } +@test "podman build build context ownership" { + tmpdir=$PODMAN_TMPDIR/build-test + subdir=$tmpdir/subdir + mkdir -p $subdir + + touch $tmpdir/empty-file.txt + if is_remote && ! is_rootless ; then + # TODO: set this file's owner to a UID:GID that will not be mapped + # in the context where the remote server is running, which generally + # requires us to be root (or running with more mapped IDs) on the + # client, but not root (or running with fewer mapped IDs) on the + # remote server + # 4294967292:4294967292 (0xfffffffc:0xfffffffc) isn't that, but + # it will catch errors where a remote server doesn't apply the right + # default as it copies content into the container + chown 4294967292:4294967292 $tmpdir/empty-file.txt + fi + cat >$tmpdir/Dockerfile <<EOF +FROM $IMAGE +COPY empty-file.txt . +RUN echo 0:0 | tee expected.txt +RUN stat -c "%u:%g" empty-file.txt | tee actual.txt +RUN cmp expected.txt actual.txt +EOF + run_podman build -t build_test $tmpdir +} + function teardown() { # A timeout or other error in 'build' can leave behind stale images # that podman can't even see and which will cascade into subsequent diff --git a/test/system/075-exec.bats b/test/system/075-exec.bats index 3e8c3c1ea..b7367d153 100644 --- a/test/system/075-exec.bats +++ b/test/system/075-exec.bats @@ -101,4 +101,32 @@ load helpers run_podman rm $cid } +# #11496: podman-remote loses output +@test "podman exec/run - missing output" { + local bigfile=${PODMAN_TMPDIR}/bigfile + local newfile=${PODMAN_TMPDIR}/newfile + # create a big file, bigger than the 8K buffer size + base64 /dev/urandom | head -c 20K > $bigfile + + run_podman run --rm -v $bigfile:/tmp/test:Z $IMAGE cat /tmp/test + printf "%s" "$output" > $newfile + # use cmp to compare the files, this is very helpful since it will + # tell us the first wrong byte in case this fails + run cmp $bigfile $newfile + is "$output" "" "run output is identical with the file" + + run_podman run -d --stop-timeout 0 -v $bigfile:/tmp/test:Z $IMAGE sleep inf + cid="$output" + + run_podman exec $cid cat /tmp/test + printf "%s" "$output" > $newfile + # use cmp to compare the files, this is very helpful since it will + # tell us the first wrong byte in case this fails + run cmp $bigfile $newfile + is "$output" "" "exec output is identical with the file" + + # Clean up + run_podman rm -f $cid +} + # vim: filetype=sh diff --git a/test/system/125-import.bats b/test/system/125-import.bats index c53711618..5995d71bf 100644 --- a/test/system/125-import.bats +++ b/test/system/125-import.bats @@ -43,3 +43,66 @@ load helpers is "$output" "$random_content" "tagged import via stdin" run_podman rmi -f $fqin } + +@test "podman export, alter tarball, re-import" { + + # Create a test file following test + mkdir $PODMAN_TMPDIR/tmp + touch $PODMAN_TMPDIR/testfile1 + echo "modified tar file" >> $PODMAN_TMPDIR/tmp/testfile2 + + # Create Dockerfile for test + dockerfile=$PODMAN_TMPDIR/Dockerfile + + cat >$dockerfile <<EOF +FROM $IMAGE +ADD testfile1 /tmp +WORKDIR /tmp +EOF + + b_img=before_change_img + b_cnt=before_change_cnt + a_img=after_change_img + a_cnt=after_change_cnt + + # Build from Dockerfile FROM non-existing local image + run_podman build -t $b_img $PODMAN_TMPDIR + run_podman create --name $b_cnt $b_img + + # Export built container as tarball + run_podman export -o $PODMAN_TMPDIR/$b_cnt.tar $b_cnt + run_podman rm -f $b_cnt + + # Modify tarball contents + tar --delete -f $PODMAN_TMPDIR/$b_cnt.tar tmp/testfile1 + tar -C $PODMAN_TMPDIR -rf $PODMAN_TMPDIR/$b_cnt.tar tmp/testfile2 + + # Import tarball and Tag imported image + run_podman import -q $PODMAN_TMPDIR/$b_cnt.tar \ + --change "CMD sh -c \ + \"trap 'exit 33' 2; + while true; do sleep 0.05;done\"" $a_img + + # Run imported image to confirm tarball modification, block on non-special signal + run_podman run --name $a_cnt -d $a_img + + # Confirm testfile1 is deleted from tarball + run_podman 1 exec $a_cnt cat /tmp/testfile1 + is "$output" ".*can't open '/tmp/testfile1': No such file or directory" + + # Confirm testfile2 is added to tarball + run_podman exec $a_cnt cat /tmp/testfile2 + is "$output" "modified tar file" "modify tarball content" + + # Kill can send non-TERM/KILL signal to container to exit + run_podman kill --signal 2 $a_cnt + run_podman wait $a_cnt + + # Confirm exit within timeout + run_podman ps -a --filter name=$a_cnt --format '{{.Status}}' + is "$output" "Exited (33)" "Exit by non-TERM/KILL" + + run_podman rm -f $a_cnt + run_podman rmi $b_img $a_img + +} diff --git a/test/system/150-login.bats b/test/system/150-login.bats index b6c04db08..ed925044c 100644 --- a/test/system/150-login.bats +++ b/test/system/150-login.bats @@ -22,12 +22,7 @@ fi # Randomly-assigned port in the 5xxx range if [ -z "${PODMAN_LOGIN_REGISTRY_PORT}" ]; then - for port in $(shuf -i 5000-5999);do - if ! { exec 3<> /dev/tcp/127.0.0.1/$port; } &>/dev/null; then - export PODMAN_LOGIN_REGISTRY_PORT=$port - break - fi - done + export PODMAN_LOGIN_REGISTRY_PORT=$(random_free_port) fi # Override any user-set path to an auth file diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats index 266f91298..027abf9dc 100644 --- a/test/system/200-pod.bats +++ b/test/system/200-pod.bats @@ -76,11 +76,7 @@ function teardown() { fi # Randomly-assigned port in the 5xxx range - for port in $(shuf -i 5000-5999);do - if ! { exec 3<> /dev/tcp/127.0.0.1/$port; } &>/dev/null; then - break - fi - done + port=$(random_free_port) # Listener. This will exit as soon as it receives a message. run_podman run -d --pod $podname $IMAGE nc -l -p $port @@ -183,16 +179,8 @@ function random_ip() { pod_id_file=${PODMAN_TMPDIR}/pod-id-file # Randomly-assigned ports in the 5xxx and 6xxx range - for port_in in $(shuf -i 5000-5999);do - if ! { exec 3<> /dev/tcp/127.0.0.1/$port_in; } &>/dev/null; then - break - fi - done - for port_out in $(shuf -i 6000-6999);do - if ! { exec 3<> /dev/tcp/127.0.0.1/$port_out; } &>/dev/null; then - break - fi - done + port_in=$(random_free_port 5000-5999) + port_out=$(random_free_port 6000-6999) # Create a pod with all the desired options # FIXME: --ip=$ip fails: diff --git a/test/system/220-healthcheck.bats b/test/system/220-healthcheck.bats index f929c6770..e416629e6 100644 --- a/test/system/220-healthcheck.bats +++ b/test/system/220-healthcheck.bats @@ -74,7 +74,7 @@ EOF # # So, just force a healthcheck run, then confirm that it's running. run_podman healthcheck run healthcheck_c - is "$output" "healthy" "output from 'podman healthcheck run'" + is "$output" "" "output from 'podman healthcheck run'" _check_health "All healthy" " Status | healthy diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index 08fad5e7c..4578d9e60 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -136,6 +136,29 @@ function service_cleanup() { service_cleanup } +# Regression test for #11438 +@test "podman generate systemd - restart policy" { + cname=$(random_string) + run_podman create --restart=always --name $cname $IMAGE + run_podman generate systemd --new $cname + is "$output" ".*Restart=always.*" "Use container's restart policy if set" + run_podman generate systemd --new --restart-policy=on-failure $cname + is "$output" ".*Restart=on-failure.*" "Override container's restart policy" + + cname2=$(random_string) + run_podman create --restart=unless-stopped --name $cname2 $IMAGE + run_podman generate systemd --new $cname2 + is "$output" ".*Restart=always.*" "unless-stopped translated to always" + + cname3=$(random_string) + run_podman create --restart=on-failure:42 --name $cname3 $IMAGE + run_podman generate systemd --new $cname3 + is "$output" ".*Restart=on-failure.*" "on-failure:xx is parsed correclty" + is "$output" ".*StartLimitBurst=42.*" "on-failure:xx is parsed correctly" + + run_podman rm -f $cname $cname2 $cname3 +} + function set_listen_env() { export LISTEN_PID="100" LISTEN_FDS="1" LISTEN_FDNAMES="listen_fdnames" } diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index b172bb917..bb4b5c13f 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -339,6 +339,8 @@ EOF } @test "podman auto-update using systemd" { + skip_if_journald_unavailable + generate_service alpine image cat >$UNIT_DIR/podman-auto-update-$cname.timer <<EOF @@ -386,7 +388,9 @@ EOF done if [[ -n "$failed_start" ]]; then - die "Did not find expected string '$expect' in journalctl output for $cname" + echo "journalctl output:" + sed -e 's/^/ /' <<<"$output" + die "Did not find expected string '$expect' in journalctl output for $cname" fi _confirm_update $cname $ori_image diff --git a/test/system/260-sdnotify.bats b/test/system/260-sdnotify.bats index b5d3f9b86..0dae569a8 100644 --- a/test/system/260-sdnotify.bats +++ b/test/system/260-sdnotify.bats @@ -157,6 +157,10 @@ function _assert_mainpid_is_conmon() { # With container, READY=1 isn't necessarily the last message received; # just look for it anywhere in received messages run cat $_SOCAT_LOG + # The 'echo's help us debug failed runs + echo "socat log:" + echo "$output" + is "$output" ".*READY=1" "received READY=1 through notify socket" _assert_mainpid_is_conmon "${lines[0]}" diff --git a/test/system/271-tcp-cors-server.bats b/test/system/271-tcp-cors-server.bats index cdfa82e82..d8e4eb3df 100644 --- a/test/system/271-tcp-cors-server.bats +++ b/test/system/271-tcp-cors-server.bats @@ -14,7 +14,7 @@ SOCKET_FILE="$UNIT_DIR/$SERVICE_NAME.socket" @test "podman system service - tcp CORS" { skip_if_remote "system service tests are meaningless over remote" - PORT=$(( ((RANDOM<<15)|RANDOM) % 63001 + 2000 )) + PORT=$(random_free_port 63000-64999) run_podman system service --cors="*" tcp:$SERVICE_TCP_HOST:$PORT -t 20 & podman_pid="$!" sleep 5s @@ -26,7 +26,7 @@ SOCKET_FILE="$UNIT_DIR/$SERVICE_NAME.socket" @test "podman system service - tcp without CORS" { skip_if_remote "system service tests are meaningless over remote" - PORT=$(( ((RANDOM<<15)|RANDOM) % 63001 + 2000 )) + PORT=$(random_free_port 63000-64999) run_podman system service tcp:$SERVICE_TCP_HOST:$PORT -t 20 & podman_pid="$!" sleep 5s diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 3ebe45e63..ad5891dd9 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -23,7 +23,7 @@ load helpers random_1=$(random_string 30) random_2=$(random_string 30) - HOST_PORT=8080 + HOST_PORT=$(random_free_port) SERVER=http://127.0.0.1:$HOST_PORT # Create a test file with random content @@ -114,11 +114,8 @@ load helpers # Issue #5466 - port-forwarding doesn't work with this option and -d @test "podman networking: port with --userns=keep-id" { - # FIXME: randomize port, and create second random host port - myport=54321 - for cidr in "" "$(random_rfc1918_subnet).0/24"; do - myport=$(( myport + 1 )) + myport=$(random_free_port 52000-52999) if [[ -z $cidr ]]; then # regex to match that we are in 10.X subnet match="10\..*" @@ -188,6 +185,7 @@ load helpers # "network create" now works rootless, with the help of a special container @test "podman network create" { + # Deliberately use a fixed port, not random_open_port, because of #10806 myport=54322 local mynetname=testnet-$(random_string 10) @@ -244,7 +242,7 @@ load helpers skip_if_remote "podman network reload does not have remote support" random_1=$(random_string 30) - HOST_PORT=12345 + HOST_PORT=$(random_free_port) SERVER=http://127.0.0.1:$HOST_PORT # Create a test file with random content @@ -396,7 +394,7 @@ load helpers # Test for https://github.com/containers/podman/issues/10052 @test "podman network connect/disconnect with port forwarding" { random_1=$(random_string 30) - HOST_PORT=12345 + HOST_PORT=$(random_free_port) SERVER=http://127.0.0.1:$HOST_PORT # Create a test file with random content diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 498956b9a..2b05cdd84 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -98,6 +98,16 @@ RELABEL="system_u:object_r:container_file_t:s0" run_podman 125 play kube --network host $PODMAN_TMPDIR/test.yaml is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host" run_podman play kube --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml + run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" + infraID="$output" + run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID + is "$output" "slirp4netns" "network mode slirp4netns is set for the container" + run_podman pod rm -f test_pod + run_podman play kube --network none $PODMAN_TMPDIR/test.yaml + run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" + infraID="$output" + run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID + is "$output" "none" "network mode none is set for the container" run_podman pod rm -f test_pod } @@ -140,4 +150,5 @@ _EOF run_podman inspect --format "{{ .Config.User }}" test_pod-test is "$output" bin "expect container within pod to run as the bin user" run_podman pod rm -f test_pod + run_podman rmi -f userimage:latest } diff --git a/test/system/helpers.bash b/test/system/helpers.bash index bd9471ace..28ea924bb 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -278,6 +278,23 @@ function wait_for_ready { wait_for_output 'READY' "$@" } +###################### +# random_free_port # Pick an available port within a specified range +###################### +function random_free_port() { + local range=${1:-5000-5999} + + local port + for port in $(shuf -i ${range}); do + if ! { exec {unused_fd}<> /dev/tcp/127.0.0.1/$port; } &>/dev/null; then + echo $port + return + fi + done + + die "Could not find open port in range $range" +} + ################### # wait_for_port # Returns once port is available on host ################### @@ -288,7 +305,7 @@ function wait_for_port() { # Wait while [ $_timeout -gt 0 ]; do - { exec 5<> /dev/tcp/$host/$port; } &>/dev/null && return + { exec {unused_fd}<> /dev/tcp/$host/$port; } &>/dev/null && return sleep 1 _timeout=$(( $_timeout - 1 )) done diff --git a/test/system/helpers.t b/test/system/helpers.t index 190e8ba35..b83d9a89b 100755 --- a/test/system/helpers.t +++ b/test/system/helpers.t @@ -213,8 +213,16 @@ declare -a lines=( ) check_same_dev "zero-line output" - # END remove_same_dev_warning ############################################################################### +# BEGIN random_free_port + +# Assumes that 16700 is open +found=$(random_free_port 16700-16700) + +check_result "$found" "16700" "random_free_port" + +# END random_free_port +############################################################################### exit $rc diff --git a/test/testvol/main.go b/test/testvol/main.go index 14f253aa7..721f47bcd 100644 --- a/test/testvol/main.go +++ b/test/testvol/main.go @@ -224,13 +224,13 @@ func (d *DirDriver) Remove(req *volume.RemoveRequest) error { vol, exists := d.volumes[req.Name] if !exists { logrus.Debugf("Did not find volume %s", req.Name) - return errors.Errorf("no volume with name %s found") + return errors.Errorf("no volume with name %s found", req.Name) } logrus.Debugf("Found volume %s", req.Name) if len(vol.mounts) > 0 { logrus.Debugf("Cannot remove %s, is mounted", req.Name) - return errors.Errorf("volume %s is mounted and cannot be removed") + return errors.Errorf("volume %s is mounted and cannot be removed", req.Name) } delete(d.volumes, req.Name) diff --git a/test/upgrade/helpers.bash b/test/upgrade/helpers.bash index 41d9279e6..16fedb053 100644 --- a/test/upgrade/helpers.bash +++ b/test/upgrade/helpers.bash @@ -9,3 +9,11 @@ setup() { teardown() { : } + +# skip a test when the given version is older than the currently tested one +skip_if_version_older() { + # use ${PODMAN_UPGRADE_FROM##v} to trim the leading "v" + if printf '%s\n%s\n' "${PODMAN_UPGRADE_FROM##v}" "$1" | sort --check=quiet --version-sort; then + skip "${2-test is only meaningful when upgrading from $1 or later}" + fi +} diff --git a/test/upgrade/test-upgrade.bats b/test/upgrade/test-upgrade.bats index ca478e263..5cb302a85 100644 --- a/test/upgrade/test-upgrade.bats +++ b/test/upgrade/test-upgrade.bats @@ -21,9 +21,7 @@ if [ -z "${RANDOM_STRING_1}" ]; then export LABEL_CREATED=$(random_string 16) export LABEL_FAILED=$(random_string 17) export LABEL_RUNNING=$(random_string 18) - - # FIXME: randomize this - HOST_PORT=34567 + export HOST_PORT=$(random_free_port) fi # Version string of the podman we're actually testing, e.g. '3.0.0-dev-d1a26013' @@ -44,7 +42,8 @@ setup() { false fi - export _PODMAN_TEST_OPTS="--root=$PODMAN_UPGRADE_WORKDIR/root --runroot=$PODMAN_UPGRADE_WORKDIR/runroot --tmpdir=$PODMAN_UPGRADE_WORKDIR/tmp" + # cgroup-manager=systemd does not work inside a container + export _PODMAN_TEST_OPTS="--cgroup-manager=cgroupfs --root=$PODMAN_UPGRADE_WORKDIR/root --runroot=$PODMAN_UPGRADE_WORKDIR/runroot --tmpdir=$PODMAN_UPGRADE_WORKDIR/tmp" } ############################################################################### @@ -76,8 +75,8 @@ setup() { cat >| $pmscript <<EOF #!/bin/bash -# cgroup-manager=systemd does not work inside a container -opts="--cgroup-manager=cgroupfs --events-backend=file $_PODMAN_TEST_OPTS" +# events-backend=journald does not work inside a container +opts="--events-backend=file $_PODMAN_TEST_OPTS" set -ex @@ -95,22 +94,17 @@ podman \$opts run --name mydonecontainer $IMAGE echo ++$RANDOM_STRING_1++ podman \$opts run --name myfailedcontainer --label mylabel=$LABEL_FAILED \ $IMAGE sh -c 'exit 17' || true -# FIXME: add "-p $HOST_PORT:80" -# ...I tried and tried, and could not get this to work. I could never -# connect to the port from the host, nor even from the podman_parent -# container; I could never see the port listed in 'ps' nor 'inspect'. -# And, finally, I ended up in a state where the container wouldn't -# even start, and via complicated 'podman logs' found out: -# httpd: bind: Address in use -# So I just give up for now. -# podman \$opts run -d --name myrunningcontainer --label mylabel=$LABEL_RUNNING \ + --network bridge \ + -p $HOST_PORT:80 \ -v $pmroot/var/www:/var/www \ -w /var/www \ $IMAGE /bin/busybox-extras httpd -f -p 80 podman \$opts pod create --name mypod +podman \$opts network create mynetwork + echo READY while :;do if [ -e /stop ]; then @@ -140,6 +134,7 @@ EOF # # mount /etc/containers/storage.conf to use the same storage settings as on the host # mount /dev/shm because the container locks are stored there + # mount /var/lib/cni and /etc/cni/net.d for cni networking # $PODMAN run -d --name podman_parent --pid=host \ --privileged \ @@ -149,6 +144,9 @@ EOF -v /etc/containers/storage.conf:/etc/containers/storage.conf \ -v /dev/fuse:/dev/fuse \ -v /run/crun:/run/crun \ + -v /run/netns:/run/netns:rshared \ + -v /var/lib/cni:/var/lib/cni \ + -v /etc/cni/net.d:/etc/cni/net.d \ -v /dev/shm:/dev/shm \ -v $pmroot:$pmroot \ $OLD_PODMAN $pmroot/setup @@ -187,7 +185,7 @@ EOF is "${lines[1]}" "mycreatedcontainer--Created----$LABEL_CREATED" "created" is "${lines[2]}" "mydonecontainer--Exited (0).*----<no value>" "done" is "${lines[3]}" "myfailedcontainer--Exited (17) .*----$LABEL_FAILED" "fail" - is "${lines[4]}" "myrunningcontainer--Up .*----$LABEL_RUNNING" "running" + is "${lines[4]}" "myrunningcontainer--Up .*--0.0.0.0:$HOST_PORT->80/tcp--$LABEL_RUNNING" "running" # For debugging: dump containers and IDs if [[ -n "$PODMAN_UPGRADE_TEST_DEBUG" ]]; then @@ -212,6 +210,30 @@ failed | exited | 17 done < <(parse_table "$tests") } +@test "network - curl" { + run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt + is "$output" "$RANDOM_STRING_1" "curl on running container" +} + +# IMPORTANT: connect should happen before restart, we want to check +# if we can connect on an existing running container +@test "network - connect" { + skip_if_version_older 2.2.0 + run_podman network connect mynetwork myrunningcontainer + run_podman network disconnect podman myrunningcontainer + run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt + is "$output" "$RANDOM_STRING_1" "curl on container with second network connected" +} + +@test "network - restart" { + # restart the container and check if we can still use the port + run_podman stop -t0 myrunningcontainer + run_podman start myrunningcontainer + run curl --max-time 3 -s 127.0.0.1:$HOST_PORT/index.txt + is "$output" "$RANDOM_STRING_1" "curl on restarted container" +} + + @test "logs" { run_podman logs mydonecontainer is "$output" "++$RANDOM_STRING_1++" "podman logs on stopped container" @@ -235,7 +257,7 @@ failed | exited | 17 run_podman pod inspect mypod is "$output" ".*mypod.*" - run_podman --cgroup-manager=cgroupfs pod start mypod + run_podman pod start mypod is "$output" "[0-9a-f]\\{64\\}" "podman pod start" run_podman pod ps @@ -245,7 +267,7 @@ failed | exited | 17 run_podman pod stop mypod is "$output" "[0-9a-f]\\{64\\}" "podman pod stop" - run_podman --cgroup-manager=cgroupfs pod rm mypod + run_podman pod rm mypod # FIXME: CI runs show this (non fatal) error: # Error updating pod <ID> conmon cgroup PID limit: open /sys/fs/cgroup/libpod_parent/<ID>/conmon/pids.max: no such file or directory # Investigate how to fix this (likely a race condition) @@ -257,7 +279,7 @@ failed | exited | 17 @test "start" { - run_podman --cgroup-manager=cgroupfs start -a mydonecontainer + run_podman start -a mydonecontainer is "$output" "++$RANDOM_STRING_1++" "start on already-run container" } @@ -295,6 +317,8 @@ failed | exited | 17 run_podman logs podman_parent run_podman rm -f podman_parent + run_podman network rm -f mynetwork + umount $PODMAN_UPGRADE_WORKDIR/root/overlay || true rm -rf $PODMAN_UPGRADE_WORKDIR diff --git a/troubleshooting.md b/troubleshooting.md index 686166da0..a6c014625 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -881,3 +881,29 @@ def signal_listener(): if __name__ == "__main__": signal_listener() ``` +### 30) Podman run fails with `ERRO[0000] XDG_RUNTIME_DIR directory "/run/user/0" is not owned by the current user` or `Error: error creating tmpdir: mkdir /run/user/1000: permission denied`. + +A failure is encountered when performing `podman run` with a warning `XDG_RUNTIME_DIR is pointing to a path which is not writable. Most likely podman will fail.` + +#### Symptom + +A rootless container is being invoked with cgroup configuration as `cgroupv2` for user with missing or invalid **systemd session**. + +Example cases +```bash +# su user1 -c 'podman images' +ERRO[0000] XDG_RUNTIME_DIR directory "/run/user/0" is not owned by the current user +``` +```bash +# su - user1 -c 'podman images' +Error: error creating tmpdir: mkdir /run/user/1000: permission denied +``` + +#### Solution + +Podman expects a valid login session for the `rootless+cgroupv2` use-case. Podman execution is expected to fail if the login session is not present. In most cases, podman will figure out a solution on its own but if `XDG_RUNTIME_DIR` is pointing to a path that is not writable execution will most fail. Typical scenarious of such cases are seen when users are trying to use Podman with `su - <user> -c '<podman-command>`, or `sudo -l` and badly configured systemd session. + +Resolution steps + +* Before invoking Podman command create a valid login session for your rootless user using `loginctl enable-linger <username>` +* If `loginctl` is unavailable you can also try logging in via `ssh` i.e `ssh <username>@localhost`. diff --git a/vendor/github.com/Microsoft/hcsshim/go.mod b/vendor/github.com/Microsoft/hcsshim/go.mod index 21640a6b9..8360b0a50 100644 --- a/vendor/github.com/Microsoft/hcsshim/go.mod +++ b/vendor/github.com/Microsoft/hcsshim/go.mod @@ -6,7 +6,9 @@ require ( github.com/Microsoft/go-winio v0.4.17 github.com/containerd/cgroups v1.0.1 github.com/containerd/console v1.0.2 - github.com/containerd/containerd v1.5.1 + github.com/containerd/containerd v1.4.9 + github.com/containerd/continuity v0.1.0 // indirect + github.com/containerd/fifo v1.0.0 // indirect github.com/containerd/go-runc v1.0.0 github.com/containerd/ttrpc v1.0.2 github.com/containerd/typeurl v1.0.2 @@ -19,6 +21,7 @@ require ( golang.org/x/sync v0.0.0-20201207232520-09787c993a3a golang.org/x/sys v0.0.0-20210324051608-47abb6519492 google.golang.org/grpc v1.33.2 + gotest.tools/v3 v3.0.3 // indirect ) replace ( diff --git a/vendor/github.com/Microsoft/hcsshim/go.sum b/vendor/github.com/Microsoft/hcsshim/go.sum index b7bede13f..8ad3a8b8f 100644 --- a/vendor/github.com/Microsoft/hcsshim/go.sum +++ b/vendor/github.com/Microsoft/hcsshim/go.sum @@ -1,779 +1,220 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17 h1:iT12IBVClFevaf8PuVyi3UmZOVh4OqnaLxDTW2O6j3w= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= -github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= -github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= -github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1 h1:iJnMvco9XGvKUvNQkv88bE4uJXxRQH18efbKo9w5vHQ= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2 h1:Pi6D+aZXM+oUw1czuKgH5IJ+y0jhYcwBJfx5/Ghn9dE= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= -github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= -github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= -github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.1 h1:xWHPAoe6VkUiI9GAvndJM7s/0MTrmwX3AQiYTr3olf0= -github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= -github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= +github.com/containerd/containerd v1.4.9 h1:JIw9mjVw4LsGmnA/Bqg9j9e+XB7soOJufrKUpA6n2Ns= +github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/continuity v0.1.0 h1:UFRRY5JemiAhPZrr/uE0n8fMTLcZsUvySPr1+D7pgr8= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/fifo v1.0.0 h1:6PirWBr9/L7GDamKr+XM0IeUFXu5mf3M/BPpH9gaLBU= github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= -github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= -github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= github.com/containerd/go-runc v1.0.0 h1:oU+lLv1ULm5taqgV/CJivypVODI4SUz1znWjv3nNYS0= github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= -github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= -github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= -github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= -github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.0.2 h1:2/O3oTZN36q2xRolk0a2WWGgh7/Vf/liElg5hFYLX9U= github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= -github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= -github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= -github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6 h1:ZgQEtGgCBiWRM39fZuwSd1LwSqqSW0hOdXCYYDX0R3I= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5 h1:F768QJ1E9tib+q5Sc8MkdJi1RxLTbRcTf8LJV56aRls= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.4.1 h1:1O+1cHA1aujwEwwVMa2Xm2l+gIpUHyd3+D+d7LZh1kM= -github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d h1:pNa8metDkwZjb9g4T8s+krQ+HRgZAkqnXml+wNir/+s= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1 h1:Lo6mRUjdS99f3zxYOUalftWHUoOGaDRqFk1+j0Q57/I= github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3xv4= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.7.0 h1:ShrD1U9pZB12TX0cVy0DtePoCH97K8EtX+mg7ZARUtM= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= -github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3 h1:8sGtKOrtQqkN1bp2AtX+misvLIlOmsEsNd+9NIcPEm8= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492 h1:Paq34FxTluEPvVyayQqMPgHm+vTOrIifmcYxFBx9TLg= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -781,105 +222,20 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 h1:YzfoEYWbODU5Fbt37+h7X16BWQbad7Q4S6gclTKFXM8= google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/grpc v1.27.1 h1:zvIju4sqAGvwKspUQOhwnpcqSbzi7/H6QomNNjTL4sk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= -k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= -k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= -k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= -k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= -k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go b/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go index 408312672..9e0059447 100644 --- a/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go +++ b/vendor/github.com/Microsoft/hcsshim/hnsendpoint.go @@ -7,6 +7,9 @@ import ( // HNSEndpoint represents a network endpoint in HNS type HNSEndpoint = hns.HNSEndpoint +// HNSEndpointStats represent the stats for an networkendpoint in HNS +type HNSEndpointStats = hns.EndpointStats + // Namespace represents a Compartment. type Namespace = hns.Namespace @@ -108,3 +111,8 @@ func GetHNSEndpointByID(endpointID string) (*HNSEndpoint, error) { func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) { return hns.GetHNSEndpointByName(endpointName) } + +// GetHNSEndpointStats gets the endpoint stats by ID +func GetHNSEndpointStats(endpointName string) (*HNSEndpointStats, error) { + return hns.GetHNSEndpointStats(endpointName) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go index b36315a39..262714b4d 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go @@ -30,6 +30,7 @@ type HNSEndpoint struct { EnableLowMetric bool `json:",omitempty"` Namespace *Namespace `json:",omitempty"` EncapOverhead uint16 `json:",omitempty"` + SharedContainers []string `json:",omitempty"` } //SystemType represents the type of the system on which actions are done @@ -57,6 +58,18 @@ type EndpointResquestResponse struct { Error string } +// EndpointStats is the object that has stats for a given endpoint +type EndpointStats struct { + BytesReceived uint64 `json:"BytesReceived"` + BytesSent uint64 `json:"BytesSent"` + DroppedPacketsIncoming uint64 `json:"DroppedPacketsIncoming"` + DroppedPacketsOutgoing uint64 `json:"DroppedPacketsOutgoing"` + EndpointID string `json:"EndpointId"` + InstanceID string `json:"InstanceId"` + PacketsReceived uint64 `json:"PacketsReceived"` + PacketsSent uint64 `json:"PacketsSent"` +} + // HNSEndpointRequest makes a HNS call to modify/query a network endpoint func HNSEndpointRequest(method, path, request string) (*HNSEndpoint, error) { endpoint := &HNSEndpoint{} @@ -79,11 +92,27 @@ func HNSListEndpointRequest() ([]HNSEndpoint, error) { return endpoint, nil } +// hnsEndpointStatsRequest makes a HNS call to query the stats for a given endpoint ID +func hnsEndpointStatsRequest(id string) (*EndpointStats, error) { + var stats EndpointStats + err := hnsCall("GET", "/endpointstats/"+id, "", &stats) + if err != nil { + return nil, err + } + + return &stats, nil +} + // GetHNSEndpointByID get the Endpoint by ID func GetHNSEndpointByID(endpointID string) (*HNSEndpoint, error) { return HNSEndpointRequest("GET", endpointID, "") } +// GetHNSEndpointStats get the stats for a n Endpoint by ID +func GetHNSEndpointStats(endpointID string) (*EndpointStats, error) { + return hnsEndpointStatsRequest(endpointID) +} + // GetHNSEndpointByName gets the endpoint filtered by Name func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) { hnsResponse, err := HNSListEndpointRequest() diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/LICENSE b/vendor/github.com/containerd/stargz-snapshotter/estargz/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/build.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/build.go new file mode 100644 index 000000000..708b26689 --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/build.go @@ -0,0 +1,628 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/* + Copyright 2019 The Go Authors. All rights reserved. + Use of this source code is governed by a BSD-style + license that can be found in the LICENSE file. +*/ + +package estargz + +import ( + "archive/tar" + "bytes" + "compress/gzip" + "fmt" + "io" + "io/ioutil" + "os" + "path" + "runtime" + "strings" + "sync" + + "github.com/containerd/stargz-snapshotter/estargz/errorutil" + "github.com/klauspost/compress/zstd" + digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" + "golang.org/x/sync/errgroup" +) + +type options struct { + chunkSize int + compressionLevel int + prioritizedFiles []string + missedPrioritizedFiles *[]string + compression Compression +} + +type Option func(o *options) error + +// WithChunkSize option specifies the chunk size of eStargz blob to build. +func WithChunkSize(chunkSize int) Option { + return func(o *options) error { + o.chunkSize = chunkSize + return nil + } +} + +// WithCompressionLevel option specifies the gzip compression level. +// The default is gzip.BestCompression. +// See also: https://godoc.org/compress/gzip#pkg-constants +func WithCompressionLevel(level int) Option { + return func(o *options) error { + o.compressionLevel = level + return nil + } +} + +// WithPrioritizedFiles option specifies the list of prioritized files. +// These files must be complete paths that are absolute or relative to "/" +// For example, all of "foo/bar", "/foo/bar", "./foo/bar" and "../foo/bar" +// are treated as "/foo/bar". +func WithPrioritizedFiles(files []string) Option { + return func(o *options) error { + o.prioritizedFiles = files + return nil + } +} + +// WithAllowPrioritizeNotFound makes Build continue the execution even if some +// of prioritized files specified by WithPrioritizedFiles option aren't found +// in the input tar. Instead, this records all missed file names to the passed +// slice. +func WithAllowPrioritizeNotFound(missedFiles *[]string) Option { + return func(o *options) error { + if missedFiles == nil { + return fmt.Errorf("WithAllowPrioritizeNotFound: slice must be passed") + } + o.missedPrioritizedFiles = missedFiles + return nil + } +} + +// WithCompression specifies compression algorithm to be used. +// Default is gzip. +func WithCompression(compression Compression) Option { + return func(o *options) error { + o.compression = compression + return nil + } +} + +// Blob is an eStargz blob. +type Blob struct { + io.ReadCloser + diffID digest.Digester + tocDigest digest.Digest +} + +// DiffID returns the digest of uncompressed blob. +// It is only valid to call DiffID after Close. +func (b *Blob) DiffID() digest.Digest { + return b.diffID.Digest() +} + +// TOCDigest returns the digest of uncompressed TOC JSON. +func (b *Blob) TOCDigest() digest.Digest { + return b.tocDigest +} + +// Build builds an eStargz blob which is an extended version of stargz, from a blob (gzip, zstd +// or plain tar) passed through the argument. If there are some prioritized files are listed in +// the option, these files are grouped as "prioritized" and can be used for runtime optimization +// (e.g. prefetch). This function builds a blob in parallel, with dividing that blob into several +// (at least the number of runtime.GOMAXPROCS(0)) sub-blobs. +func Build(tarBlob *io.SectionReader, opt ...Option) (_ *Blob, rErr error) { + var opts options + opts.compressionLevel = gzip.BestCompression // BestCompression by default + for _, o := range opt { + if err := o(&opts); err != nil { + return nil, err + } + } + if opts.compression == nil { + opts.compression = newGzipCompressionWithLevel(opts.compressionLevel) + } + layerFiles := newTempFiles() + defer func() { + if rErr != nil { + if err := layerFiles.CleanupAll(); err != nil { + rErr = errors.Wrapf(rErr, "failed to cleanup tmp files: %v", err) + } + } + }() + tarBlob, err := decompressBlob(tarBlob, layerFiles) + if err != nil { + return nil, err + } + entries, err := sortEntries(tarBlob, opts.prioritizedFiles, opts.missedPrioritizedFiles) + if err != nil { + return nil, err + } + tarParts := divideEntries(entries, runtime.GOMAXPROCS(0)) + writers := make([]*Writer, len(tarParts)) + payloads := make([]*os.File, len(tarParts)) + var mu sync.Mutex + var eg errgroup.Group + for i, parts := range tarParts { + i, parts := i, parts + // builds verifiable stargz sub-blobs + eg.Go(func() error { + esgzFile, err := layerFiles.TempFile("", "esgzdata") + if err != nil { + return err + } + sw := NewWriterWithCompressor(esgzFile, opts.compression) + sw.ChunkSize = opts.chunkSize + if err := sw.AppendTar(readerFromEntries(parts...)); err != nil { + return err + } + mu.Lock() + writers[i] = sw + payloads[i] = esgzFile + mu.Unlock() + return nil + }) + } + if err := eg.Wait(); err != nil { + rErr = err + return nil, err + } + tocAndFooter, tocDgst, err := closeWithCombine(opts.compressionLevel, writers...) + if err != nil { + rErr = err + return nil, err + } + var rs []io.Reader + for _, p := range payloads { + fs, err := fileSectionReader(p) + if err != nil { + return nil, err + } + rs = append(rs, fs) + } + diffID := digest.Canonical.Digester() + pr, pw := io.Pipe() + go func() { + r, err := opts.compression.Reader(io.TeeReader(io.MultiReader(append(rs, tocAndFooter)...), pw)) + if err != nil { + pw.CloseWithError(err) + return + } + defer r.Close() + if _, err := io.Copy(diffID.Hash(), r); err != nil { + pw.CloseWithError(err) + return + } + pw.Close() + }() + return &Blob{ + ReadCloser: readCloser{ + Reader: pr, + closeFunc: layerFiles.CleanupAll, + }, + tocDigest: tocDgst, + diffID: diffID, + }, nil +} + +// closeWithCombine takes unclosed Writers and close them. This also returns the +// toc that combined all Writers into. +// Writers doesn't write TOC and footer to the underlying writers so they can be +// combined into a single eStargz and tocAndFooter returned by this function can +// be appended at the tail of that combined blob. +func closeWithCombine(compressionLevel int, ws ...*Writer) (tocAndFooterR io.Reader, tocDgst digest.Digest, err error) { + if len(ws) == 0 { + return nil, "", fmt.Errorf("at least one writer must be passed") + } + for _, w := range ws { + if w.closed { + return nil, "", fmt.Errorf("writer must be unclosed") + } + defer func(w *Writer) { w.closed = true }(w) + if err := w.closeGz(); err != nil { + return nil, "", err + } + if err := w.bw.Flush(); err != nil { + return nil, "", err + } + } + var ( + mtoc = new(JTOC) + currentOffset int64 + ) + mtoc.Version = ws[0].toc.Version + for _, w := range ws { + for _, e := range w.toc.Entries { + // Recalculate Offset of non-empty files/chunks + if (e.Type == "reg" && e.Size > 0) || e.Type == "chunk" { + e.Offset += currentOffset + } + mtoc.Entries = append(mtoc.Entries, e) + } + if w.toc.Version > mtoc.Version { + mtoc.Version = w.toc.Version + } + currentOffset += w.cw.n + } + + return tocAndFooter(ws[0].compressor, mtoc, currentOffset) +} + +func tocAndFooter(compressor Compressor, toc *JTOC, offset int64) (io.Reader, digest.Digest, error) { + buf := new(bytes.Buffer) + tocDigest, err := compressor.WriteTOCAndFooter(buf, offset, toc, nil) + if err != nil { + return nil, "", err + } + return buf, tocDigest, nil +} + +// divideEntries divides passed entries to the parts at least the number specified by the +// argument. +func divideEntries(entries []*entry, minPartsNum int) (set [][]*entry) { + var estimatedSize int64 + for _, e := range entries { + estimatedSize += e.header.Size + } + unitSize := estimatedSize / int64(minPartsNum) + var ( + nextEnd = unitSize + offset int64 + ) + set = append(set, []*entry{}) + for _, e := range entries { + set[len(set)-1] = append(set[len(set)-1], e) + offset += e.header.Size + if offset > nextEnd { + set = append(set, []*entry{}) + nextEnd += unitSize + } + } + return +} + +var errNotFound = errors.New("not found") + +// sortEntries reads the specified tar blob and returns a list of tar entries. +// If some of prioritized files are specified, the list starts from these +// files with keeping the order specified by the argument. +func sortEntries(in io.ReaderAt, prioritized []string, missedPrioritized *[]string) ([]*entry, error) { + + // Import tar file. + intar, err := importTar(in) + if err != nil { + return nil, errors.Wrap(err, "failed to sort") + } + + // Sort the tar file respecting to the prioritized files list. + sorted := &tarFile{} + for _, l := range prioritized { + if err := moveRec(l, intar, sorted); err != nil { + if errors.Is(err, errNotFound) && missedPrioritized != nil { + *missedPrioritized = append(*missedPrioritized, l) + continue // allow not found + } + return nil, errors.Wrap(err, "failed to sort tar entries") + } + } + if len(prioritized) == 0 { + sorted.add(&entry{ + header: &tar.Header{ + Name: NoPrefetchLandmark, + Typeflag: tar.TypeReg, + Size: int64(len([]byte{landmarkContents})), + }, + payload: bytes.NewReader([]byte{landmarkContents}), + }) + } else { + sorted.add(&entry{ + header: &tar.Header{ + Name: PrefetchLandmark, + Typeflag: tar.TypeReg, + Size: int64(len([]byte{landmarkContents})), + }, + payload: bytes.NewReader([]byte{landmarkContents}), + }) + } + + // Dump all entry and concatinate them. + return append(sorted.dump(), intar.dump()...), nil +} + +// readerFromEntries returns a reader of tar archive that contains entries passed +// through the arguments. +func readerFromEntries(entries ...*entry) io.Reader { + pr, pw := io.Pipe() + go func() { + tw := tar.NewWriter(pw) + defer tw.Close() + for _, entry := range entries { + if err := tw.WriteHeader(entry.header); err != nil { + pw.CloseWithError(fmt.Errorf("Failed to write tar header: %v", err)) + return + } + if _, err := io.Copy(tw, entry.payload); err != nil { + pw.CloseWithError(fmt.Errorf("Failed to write tar payload: %v", err)) + return + } + } + pw.Close() + }() + return pr +} + +func importTar(in io.ReaderAt) (*tarFile, error) { + tf := &tarFile{} + pw, err := newCountReader(in) + if err != nil { + return nil, errors.Wrap(err, "failed to make position watcher") + } + tr := tar.NewReader(pw) + + // Walk through all nodes. + for { + // Fetch and parse next header. + h, err := tr.Next() + if err != nil { + if err == io.EOF { + break + } else { + return nil, errors.Wrap(err, "failed to parse tar file") + } + } + switch cleanEntryName(h.Name) { + case PrefetchLandmark, NoPrefetchLandmark: + // Ignore existing landmark + continue + } + + // Add entry. If it already exists, replace it. + if _, ok := tf.get(h.Name); ok { + tf.remove(h.Name) + } + tf.add(&entry{ + header: h, + payload: io.NewSectionReader(in, pw.currentPos(), h.Size), + }) + } + + return tf, nil +} + +func moveRec(name string, in *tarFile, out *tarFile) error { + name = cleanEntryName(name) + if name == "" { // root directory. stop recursion. + if e, ok := in.get(name); ok { + // entry of the root directory exists. we should move it as well. + // this case will occur if tar entries are prefixed with "./", "/", etc. + out.add(e) + in.remove(name) + } + return nil + } + + _, okIn := in.get(name) + _, okOut := out.get(name) + if !okIn && !okOut { + return errors.Wrapf(errNotFound, "file: %q", name) + } + + parent, _ := path.Split(strings.TrimSuffix(name, "/")) + if err := moveRec(parent, in, out); err != nil { + return err + } + if e, ok := in.get(name); ok && e.header.Typeflag == tar.TypeLink { + if err := moveRec(e.header.Linkname, in, out); err != nil { + return err + } + } + if e, ok := in.get(name); ok { + out.add(e) + in.remove(name) + } + return nil +} + +type entry struct { + header *tar.Header + payload io.ReadSeeker +} + +type tarFile struct { + index map[string]*entry + stream []*entry +} + +func (f *tarFile) add(e *entry) { + if f.index == nil { + f.index = make(map[string]*entry) + } + f.index[cleanEntryName(e.header.Name)] = e + f.stream = append(f.stream, e) +} + +func (f *tarFile) remove(name string) { + name = cleanEntryName(name) + if f.index != nil { + delete(f.index, name) + } + var filtered []*entry + for _, e := range f.stream { + if cleanEntryName(e.header.Name) == name { + continue + } + filtered = append(filtered, e) + } + f.stream = filtered +} + +func (f *tarFile) get(name string) (e *entry, ok bool) { + if f.index == nil { + return nil, false + } + e, ok = f.index[cleanEntryName(name)] + return +} + +func (f *tarFile) dump() []*entry { + return f.stream +} + +type readCloser struct { + io.Reader + closeFunc func() error +} + +func (rc readCloser) Close() error { + return rc.closeFunc() +} + +func fileSectionReader(file *os.File) (*io.SectionReader, error) { + info, err := file.Stat() + if err != nil { + return nil, err + } + return io.NewSectionReader(file, 0, info.Size()), nil +} + +func newTempFiles() *tempFiles { + return &tempFiles{} +} + +type tempFiles struct { + files []*os.File + filesMu sync.Mutex +} + +func (tf *tempFiles) TempFile(dir, pattern string) (*os.File, error) { + f, err := ioutil.TempFile(dir, pattern) + if err != nil { + return nil, err + } + tf.filesMu.Lock() + tf.files = append(tf.files, f) + tf.filesMu.Unlock() + return f, nil +} + +func (tf *tempFiles) CleanupAll() error { + tf.filesMu.Lock() + defer tf.filesMu.Unlock() + var allErr []error + for _, f := range tf.files { + if err := f.Close(); err != nil { + allErr = append(allErr, err) + } + if err := os.Remove(f.Name()); err != nil { + allErr = append(allErr, err) + } + } + tf.files = nil + return errorutil.Aggregate(allErr) +} + +func newCountReader(r io.ReaderAt) (*countReader, error) { + pos := int64(0) + return &countReader{r: r, cPos: &pos}, nil +} + +type countReader struct { + r io.ReaderAt + cPos *int64 + + mu sync.Mutex +} + +func (cr *countReader) Read(p []byte) (int, error) { + cr.mu.Lock() + defer cr.mu.Unlock() + + n, err := cr.r.ReadAt(p, *cr.cPos) + if err == nil { + *cr.cPos += int64(n) + } + return n, err +} + +func (cr *countReader) Seek(offset int64, whence int) (int64, error) { + cr.mu.Lock() + defer cr.mu.Unlock() + + switch whence { + default: + return 0, fmt.Errorf("Unknown whence: %v", whence) + case io.SeekStart: + case io.SeekCurrent: + offset += *cr.cPos + case io.SeekEnd: + return 0, fmt.Errorf("Unsupported whence: %v", whence) + } + + if offset < 0 { + return 0, fmt.Errorf("invalid offset") + } + *cr.cPos = offset + return offset, nil +} + +func (cr *countReader) currentPos() int64 { + cr.mu.Lock() + defer cr.mu.Unlock() + + return *cr.cPos +} + +func decompressBlob(org *io.SectionReader, tmp *tempFiles) (*io.SectionReader, error) { + if org.Size() < 4 { + return org, nil + } + src := make([]byte, 4) + if _, err := org.Read(src); err != nil && err != io.EOF { + return nil, err + } + var dR io.Reader + if bytes.Equal([]byte{0x1F, 0x8B, 0x08}, src[:3]) { + // gzip + dgR, err := gzip.NewReader(io.NewSectionReader(org, 0, org.Size())) + if err != nil { + return nil, err + } + defer dgR.Close() + dR = io.Reader(dgR) + } else if bytes.Equal([]byte{0x28, 0xb5, 0x2f, 0xfd}, src[:4]) { + // zstd + dzR, err := zstd.NewReader(io.NewSectionReader(org, 0, org.Size())) + if err != nil { + return nil, err + } + defer dzR.Close() + dR = io.Reader(dzR) + } else { + // uncompressed + return io.NewSectionReader(org, 0, org.Size()), nil + } + b, err := tmp.TempFile("", "uncompresseddata") + if err != nil { + return nil, err + } + if _, err := io.Copy(b, dR); err != nil { + return nil, err + } + return fileSectionReader(b) +} diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/errorutil/errors.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/errorutil/errors.go new file mode 100644 index 000000000..6de78b02d --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/errorutil/errors.go @@ -0,0 +1,40 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package errorutil + +import ( + "errors" + "fmt" + "strings" +) + +// Aggregate combines a list of errors into a single new error. +func Aggregate(errs []error) error { + switch len(errs) { + case 0: + return nil + case 1: + return errs[0] + default: + points := make([]string, len(errs)+1) + points[0] = fmt.Sprintf("%d error(s) occurred:", len(errs)) + for i, err := range errs { + points[i+1] = fmt.Sprintf("* %s", err) + } + return errors.New(strings.Join(points, "\n\t")) + } +} diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/estargz.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/estargz.go new file mode 100644 index 000000000..e997d9cce --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/estargz.go @@ -0,0 +1,933 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/* + Copyright 2019 The Go Authors. All rights reserved. + Use of this source code is governed by a BSD-style + license that can be found in the LICENSE file. +*/ + +package estargz + +import ( + "archive/tar" + "bufio" + "bytes" + "compress/gzip" + "crypto/sha256" + "fmt" + "hash" + "io" + "io/ioutil" + "os" + "path" + "sort" + "strings" + "sync" + "time" + + "github.com/containerd/stargz-snapshotter/estargz/errorutil" + digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" +) + +// A Reader permits random access reads from a stargz file. +type Reader struct { + sr *io.SectionReader + toc *JTOC + tocDigest digest.Digest + + // m stores all non-chunk entries, keyed by name. + m map[string]*TOCEntry + + // chunks stores all TOCEntry values for regular files that + // are split up. For a file with a single chunk, it's only + // stored in m. + chunks map[string][]*TOCEntry + + decompressor Decompressor +} + +type openOpts struct { + tocOffset int64 + decompressors []Decompressor + telemetry *Telemetry +} + +// OpenOption is an option used during opening the layer +type OpenOption func(o *openOpts) error + +// WithTOCOffset option specifies the offset of TOC +func WithTOCOffset(tocOffset int64) OpenOption { + return func(o *openOpts) error { + o.tocOffset = tocOffset + return nil + } +} + +// WithDecompressors option specifies decompressors to use. +// Default is gzip-based decompressor. +func WithDecompressors(decompressors ...Decompressor) OpenOption { + return func(o *openOpts) error { + o.decompressors = decompressors + return nil + } +} + +// WithTelemetry option specifies the telemetry hooks +func WithTelemetry(telemetry *Telemetry) OpenOption { + return func(o *openOpts) error { + o.telemetry = telemetry + return nil + } +} + +// A func which takes start time and records the diff +type MeasureLatencyHook func(time.Time) + +// A struct which defines telemetry hooks. By implementing these hooks you should be able to record +// the latency metrics of the respective steps of estargz open operation. To be used with estargz.OpenWithTelemetry(...) +type Telemetry struct { + GetFooterLatency MeasureLatencyHook // measure time to get stargz footer (in milliseconds) + GetTocLatency MeasureLatencyHook // measure time to GET TOC JSON (in milliseconds) + DeserializeTocLatency MeasureLatencyHook // measure time to deserialize TOC JSON (in milliseconds) +} + +// Open opens a stargz file for reading. +// The behaviour is configurable using options. +// +// Note that each entry name is normalized as the path that is relative to root. +func Open(sr *io.SectionReader, opt ...OpenOption) (*Reader, error) { + var opts openOpts + for _, o := range opt { + if err := o(&opts); err != nil { + return nil, err + } + } + + gzipCompressors := []Decompressor{new(GzipDecompressor), new(legacyGzipDecompressor)} + decompressors := append(gzipCompressors, opts.decompressors...) + + // Determine the size to fetch. Try to fetch as many bytes as possible. + fetchSize := maxFooterSize(sr.Size(), decompressors...) + if maybeTocOffset := opts.tocOffset; maybeTocOffset > fetchSize { + if maybeTocOffset > sr.Size() { + return nil, fmt.Errorf("blob size %d is smaller than the toc offset", sr.Size()) + } + fetchSize = sr.Size() - maybeTocOffset + } + + start := time.Now() // before getting layer footer + footer := make([]byte, fetchSize) + if _, err := sr.ReadAt(footer, sr.Size()-fetchSize); err != nil { + return nil, fmt.Errorf("error reading footer: %v", err) + } + if opts.telemetry != nil && opts.telemetry.GetFooterLatency != nil { + opts.telemetry.GetFooterLatency(start) + } + + var allErr []error + var found bool + var r *Reader + for _, d := range decompressors { + fSize := d.FooterSize() + fOffset := positive(int64(len(footer)) - fSize) + maybeTocBytes := footer[:fOffset] + tocOffset, tocSize, err := d.ParseFooter(footer[fOffset:]) + if err != nil { + allErr = append(allErr, err) + continue + } + if tocSize <= 0 { + tocSize = sr.Size() - tocOffset - fSize + } + if tocSize < int64(len(maybeTocBytes)) { + maybeTocBytes = maybeTocBytes[:tocSize] + } + r, err = parseTOC(d, sr, tocOffset, tocSize, maybeTocBytes, opts) + if err == nil { + found = true + break + } + allErr = append(allErr, err) + } + if !found { + return nil, errorutil.Aggregate(allErr) + } + if err := r.initFields(); err != nil { + return nil, fmt.Errorf("failed to initialize fields of entries: %v", err) + } + return r, nil +} + +// OpenFooter extracts and parses footer from the given blob. +// only supports gzip-based eStargz. +func OpenFooter(sr *io.SectionReader) (tocOffset int64, footerSize int64, rErr error) { + if sr.Size() < FooterSize && sr.Size() < legacyFooterSize { + return 0, 0, fmt.Errorf("blob size %d is smaller than the footer size", sr.Size()) + } + var footer [FooterSize]byte + if _, err := sr.ReadAt(footer[:], sr.Size()-FooterSize); err != nil { + return 0, 0, fmt.Errorf("error reading footer: %v", err) + } + var allErr []error + for _, d := range []Decompressor{new(GzipDecompressor), new(legacyGzipDecompressor)} { + fSize := d.FooterSize() + fOffset := positive(int64(len(footer)) - fSize) + tocOffset, _, err := d.ParseFooter(footer[fOffset:]) + if err == nil { + return tocOffset, fSize, err + } + allErr = append(allErr, err) + } + return 0, 0, errorutil.Aggregate(allErr) +} + +// initFields populates the Reader from r.toc after decoding it from +// JSON. +// +// Unexported fields are populated and TOCEntry fields that were +// implicit in the JSON are populated. +func (r *Reader) initFields() error { + r.m = make(map[string]*TOCEntry, len(r.toc.Entries)) + r.chunks = make(map[string][]*TOCEntry) + var lastPath string + uname := map[int]string{} + gname := map[int]string{} + var lastRegEnt *TOCEntry + for _, ent := range r.toc.Entries { + ent.Name = cleanEntryName(ent.Name) + if ent.Type == "reg" { + lastRegEnt = ent + } + if ent.Type == "chunk" { + ent.Name = lastPath + r.chunks[ent.Name] = append(r.chunks[ent.Name], ent) + if ent.ChunkSize == 0 && lastRegEnt != nil { + ent.ChunkSize = lastRegEnt.Size - ent.ChunkOffset + } + } else { + lastPath = ent.Name + + if ent.Uname != "" { + uname[ent.UID] = ent.Uname + } else { + ent.Uname = uname[ent.UID] + } + if ent.Gname != "" { + gname[ent.GID] = ent.Gname + } else { + ent.Gname = uname[ent.GID] + } + + ent.modTime, _ = time.Parse(time.RFC3339, ent.ModTime3339) + + if ent.Type == "dir" { + ent.NumLink++ // Parent dir links to this directory + } + r.m[ent.Name] = ent + } + if ent.Type == "reg" && ent.ChunkSize > 0 && ent.ChunkSize < ent.Size { + r.chunks[ent.Name] = make([]*TOCEntry, 0, ent.Size/ent.ChunkSize+1) + r.chunks[ent.Name] = append(r.chunks[ent.Name], ent) + } + if ent.ChunkSize == 0 && ent.Size != 0 { + ent.ChunkSize = ent.Size + } + } + + // Populate children, add implicit directories: + for _, ent := range r.toc.Entries { + if ent.Type == "chunk" { + continue + } + // add "foo/": + // add "foo" child to "" (creating "" if necessary) + // + // add "foo/bar/": + // add "bar" child to "foo" (creating "foo" if necessary) + // + // add "foo/bar.txt": + // add "bar.txt" child to "foo" (creating "foo" if necessary) + // + // add "a/b/c/d/e/f.txt": + // create "a/b/c/d/e" node + // add "f.txt" child to "e" + + name := ent.Name + pdirName := parentDir(name) + if name == pdirName { + // This entry and its parent are the same. + // Ignore this for avoiding infinite loop of the reference. + // The example case where this can occur is when tar contains the root + // directory itself (e.g. "./", "/"). + continue + } + pdir := r.getOrCreateDir(pdirName) + ent.NumLink++ // at least one name(ent.Name) references this entry. + if ent.Type == "hardlink" { + if org, ok := r.m[cleanEntryName(ent.LinkName)]; ok { + org.NumLink++ // original entry is referenced by this ent.Name. + ent = org + } else { + return fmt.Errorf("%q is a hardlink but the linkname %q isn't found", ent.Name, ent.LinkName) + } + } + pdir.addChild(path.Base(name), ent) + } + + lastOffset := r.sr.Size() + for i := len(r.toc.Entries) - 1; i >= 0; i-- { + e := r.toc.Entries[i] + if e.isDataType() { + e.nextOffset = lastOffset + } + if e.Offset != 0 { + lastOffset = e.Offset + } + } + + return nil +} + +func parentDir(p string) string { + dir, _ := path.Split(p) + return strings.TrimSuffix(dir, "/") +} + +func (r *Reader) getOrCreateDir(d string) *TOCEntry { + e, ok := r.m[d] + if !ok { + e = &TOCEntry{ + Name: d, + Type: "dir", + Mode: 0755, + NumLink: 2, // The directory itself(.) and the parent link to this directory. + } + r.m[d] = e + if d != "" { + pdir := r.getOrCreateDir(parentDir(d)) + pdir.addChild(path.Base(d), e) + } + } + return e +} + +// VerifyTOC checks that the TOC JSON in the passed blob matches the +// passed digests and that the TOC JSON contains digests for all chunks +// contained in the blob. If the verification succceeds, this function +// returns TOCEntryVerifier which holds all chunk digests in the stargz blob. +func (r *Reader) VerifyTOC(tocDigest digest.Digest) (TOCEntryVerifier, error) { + // Verify the digest of TOC JSON + if r.tocDigest != tocDigest { + return nil, fmt.Errorf("invalid TOC JSON %q; want %q", r.tocDigest, tocDigest) + } + + chunkDigestMap := make(map[int64]digest.Digest) // map from chunk offset to the chunk digest + regDigestMap := make(map[int64]digest.Digest) // map from chunk offset to the reg file digest + var chunkDigestMapIncomplete bool + var regDigestMapIncomplete bool + var containsChunk bool + for _, e := range r.toc.Entries { + if e.Type != "reg" && e.Type != "chunk" { + continue + } + + // offset must be unique in stargz blob + _, dOK := chunkDigestMap[e.Offset] + _, rOK := regDigestMap[e.Offset] + if dOK || rOK { + return nil, fmt.Errorf("offset %d found twice", e.Offset) + } + + if e.Type == "reg" { + if e.Size == 0 { + continue // ignores empty file + } + + // record the digest of regular file payload + if e.Digest != "" { + d, err := digest.Parse(e.Digest) + if err != nil { + return nil, errors.Wrapf(err, + "failed to parse regular file digest %q", e.Digest) + } + regDigestMap[e.Offset] = d + } else { + regDigestMapIncomplete = true + } + } else { + containsChunk = true // this layer contains "chunk" entries. + } + + // "reg" also can contain ChunkDigest (e.g. when "reg" is the first entry of + // chunked file) + if e.ChunkDigest != "" { + d, err := digest.Parse(e.ChunkDigest) + if err != nil { + return nil, errors.Wrapf(err, + "failed to parse chunk digest %q", e.ChunkDigest) + } + chunkDigestMap[e.Offset] = d + } else { + chunkDigestMapIncomplete = true + } + } + + if chunkDigestMapIncomplete { + // Though some chunk digests are not found, if this layer doesn't contain + // "chunk"s and all digest of "reg" files are recorded, we can use them instead. + if !containsChunk && !regDigestMapIncomplete { + return &verifier{digestMap: regDigestMap}, nil + } + return nil, fmt.Errorf("some ChunkDigest not found in TOC JSON") + } + + return &verifier{digestMap: chunkDigestMap}, nil +} + +// verifier is an implementation of TOCEntryVerifier which holds verifiers keyed by +// offset of the chunk. +type verifier struct { + digestMap map[int64]digest.Digest + digestMapMu sync.Mutex +} + +// Verifier returns a content verifier specified by TOCEntry. +func (v *verifier) Verifier(ce *TOCEntry) (digest.Verifier, error) { + v.digestMapMu.Lock() + defer v.digestMapMu.Unlock() + d, ok := v.digestMap[ce.Offset] + if !ok { + return nil, fmt.Errorf("verifier for offset=%d,size=%d hasn't been registered", + ce.Offset, ce.ChunkSize) + } + return d.Verifier(), nil +} + +// ChunkEntryForOffset returns the TOCEntry containing the byte of the +// named file at the given offset within the file. +// Name must be absolute path or one that is relative to root. +func (r *Reader) ChunkEntryForOffset(name string, offset int64) (e *TOCEntry, ok bool) { + name = cleanEntryName(name) + e, ok = r.Lookup(name) + if !ok || !e.isDataType() { + return nil, false + } + ents := r.chunks[name] + if len(ents) < 2 { + if offset >= e.ChunkSize { + return nil, false + } + return e, true + } + i := sort.Search(len(ents), func(i int) bool { + e := ents[i] + return e.ChunkOffset >= offset || (offset > e.ChunkOffset && offset < e.ChunkOffset+e.ChunkSize) + }) + if i == len(ents) { + return nil, false + } + return ents[i], true +} + +// Lookup returns the Table of Contents entry for the given path. +// +// To get the root directory, use the empty string. +// Path must be absolute path or one that is relative to root. +func (r *Reader) Lookup(path string) (e *TOCEntry, ok bool) { + path = cleanEntryName(path) + if r == nil { + return + } + e, ok = r.m[path] + if ok && e.Type == "hardlink" { + e, ok = r.m[e.LinkName] + } + return +} + +// OpenFile returns the reader of the specified file payload. +// +// Name must be absolute path or one that is relative to root. +func (r *Reader) OpenFile(name string) (*io.SectionReader, error) { + name = cleanEntryName(name) + ent, ok := r.Lookup(name) + if !ok { + // TODO: come up with some error plan. This is lazy: + return nil, &os.PathError{ + Path: name, + Op: "OpenFile", + Err: os.ErrNotExist, + } + } + if ent.Type != "reg" { + return nil, &os.PathError{ + Path: name, + Op: "OpenFile", + Err: errors.New("not a regular file"), + } + } + fr := &fileReader{ + r: r, + size: ent.Size, + ents: r.getChunks(ent), + } + return io.NewSectionReader(fr, 0, fr.size), nil +} + +func (r *Reader) getChunks(ent *TOCEntry) []*TOCEntry { + if ents, ok := r.chunks[ent.Name]; ok { + return ents + } + return []*TOCEntry{ent} +} + +type fileReader struct { + r *Reader + size int64 + ents []*TOCEntry // 1 or more reg/chunk entries +} + +func (fr *fileReader) ReadAt(p []byte, off int64) (n int, err error) { + if off >= fr.size { + return 0, io.EOF + } + if off < 0 { + return 0, errors.New("invalid offset") + } + var i int + if len(fr.ents) > 1 { + i = sort.Search(len(fr.ents), func(i int) bool { + return fr.ents[i].ChunkOffset >= off + }) + if i == len(fr.ents) { + i = len(fr.ents) - 1 + } + } + ent := fr.ents[i] + if ent.ChunkOffset > off { + if i == 0 { + return 0, errors.New("internal error; first chunk offset is non-zero") + } + ent = fr.ents[i-1] + } + + // If ent is a chunk of a large file, adjust the ReadAt + // offset by the chunk's offset. + off -= ent.ChunkOffset + + finalEnt := fr.ents[len(fr.ents)-1] + compressedOff := ent.Offset + // compressedBytesRemain is the number of compressed bytes in this + // file remaining, over 1+ chunks. + compressedBytesRemain := finalEnt.NextOffset() - compressedOff + + sr := io.NewSectionReader(fr.r.sr, compressedOff, compressedBytesRemain) + + const maxRead = 2 << 20 + var bufSize = maxRead + if compressedBytesRemain < maxRead { + bufSize = int(compressedBytesRemain) + } + + br := bufio.NewReaderSize(sr, bufSize) + if _, err := br.Peek(bufSize); err != nil { + return 0, fmt.Errorf("fileReader.ReadAt.peek: %v", err) + } + + dr, err := fr.r.decompressor.Reader(br) + if err != nil { + return 0, fmt.Errorf("fileReader.ReadAt.decompressor.Reader: %v", err) + } + defer dr.Close() + if n, err := io.CopyN(ioutil.Discard, dr, off); n != off || err != nil { + return 0, fmt.Errorf("discard of %d bytes = %v, %v", off, n, err) + } + return io.ReadFull(dr, p) +} + +// A Writer writes stargz files. +// +// Use NewWriter to create a new Writer. +type Writer struct { + bw *bufio.Writer + cw *countWriter + toc *JTOC + diffHash hash.Hash // SHA-256 of uncompressed tar + + closed bool + gz io.WriteCloser + lastUsername map[int]string + lastGroupname map[int]string + compressor Compressor + + // ChunkSize optionally controls the maximum number of bytes + // of data of a regular file that can be written in one gzip + // stream before a new gzip stream is started. + // Zero means to use a default, currently 4 MiB. + ChunkSize int +} + +// currentCompressionWriter writes to the current w.gz field, which can +// change throughout writing a tar entry. +// +// Additionally, it updates w's SHA-256 of the uncompressed bytes +// of the tar file. +type currentCompressionWriter struct{ w *Writer } + +func (ccw currentCompressionWriter) Write(p []byte) (int, error) { + ccw.w.diffHash.Write(p) + return ccw.w.gz.Write(p) +} + +func (w *Writer) chunkSize() int { + if w.ChunkSize <= 0 { + return 4 << 20 + } + return w.ChunkSize +} + +// NewWriter returns a new stargz writer (gzip-based) writing to w. +// +// The writer must be closed to write its trailing table of contents. +func NewWriter(w io.Writer) *Writer { + return NewWriterLevel(w, gzip.BestCompression) +} + +// NewWriterLevel returns a new stargz writer (gzip-based) writing to w. +// The compression level is configurable. +// +// The writer must be closed to write its trailing table of contents. +func NewWriterLevel(w io.Writer, compressionLevel int) *Writer { + return NewWriterWithCompressor(w, NewGzipCompressorWithLevel(compressionLevel)) +} + +// NewWriterLevel returns a new stargz writer writing to w. +// The compression method is configurable. +// +// The writer must be closed to write its trailing table of contents. +func NewWriterWithCompressor(w io.Writer, c Compressor) *Writer { + bw := bufio.NewWriter(w) + cw := &countWriter{w: bw} + return &Writer{ + bw: bw, + cw: cw, + toc: &JTOC{Version: 1}, + diffHash: sha256.New(), + compressor: c, + } +} + +// Close writes the stargz's table of contents and flushes all the +// buffers, returning any error. +func (w *Writer) Close() (digest.Digest, error) { + if w.closed { + return "", nil + } + defer func() { w.closed = true }() + + if err := w.closeGz(); err != nil { + return "", err + } + + // Write the TOC index and footer. + tocDigest, err := w.compressor.WriteTOCAndFooter(w.cw, w.cw.n, w.toc, w.diffHash) + if err != nil { + return "", err + } + if err := w.bw.Flush(); err != nil { + return "", err + } + + return tocDigest, nil +} + +func (w *Writer) closeGz() error { + if w.closed { + return errors.New("write on closed Writer") + } + if w.gz != nil { + if err := w.gz.Close(); err != nil { + return err + } + w.gz = nil + } + return nil +} + +// nameIfChanged returns name, unless it was the already the value of (*mp)[id], +// in which case it returns the empty string. +func (w *Writer) nameIfChanged(mp *map[int]string, id int, name string) string { + if name == "" { + return "" + } + if *mp == nil { + *mp = make(map[int]string) + } + if (*mp)[id] == name { + return "" + } + (*mp)[id] = name + return name +} + +func (w *Writer) condOpenGz() (err error) { + if w.gz == nil { + w.gz, err = w.compressor.Writer(w.cw) + } + return +} + +// AppendTar reads the tar or tar.gz file from r and appends +// each of its contents to w. +// +// The input r can optionally be gzip compressed but the output will +// always be gzip compressed. +func (w *Writer) AppendTar(r io.Reader) error { + br := bufio.NewReader(r) + var tr *tar.Reader + if isGzip(br) { + // NewReader can't fail if isGzip returned true. + zr, _ := gzip.NewReader(br) + tr = tar.NewReader(zr) + } else { + tr = tar.NewReader(br) + } + for { + h, err := tr.Next() + if err == io.EOF { + break + } + if err != nil { + return fmt.Errorf("error reading from source tar: tar.Reader.Next: %v", err) + } + if h.Name == TOCTarName { + // It is possible for a layer to be "stargzified" twice during the + // distribution lifecycle. So we reserve "TOCTarName" here to avoid + // duplicated entries in the resulting layer. + continue + } + + xattrs := make(map[string][]byte) + const xattrPAXRecordsPrefix = "SCHILY.xattr." + if h.PAXRecords != nil { + for k, v := range h.PAXRecords { + if strings.HasPrefix(k, xattrPAXRecordsPrefix) { + xattrs[k[len(xattrPAXRecordsPrefix):]] = []byte(v) + } + } + } + ent := &TOCEntry{ + Name: h.Name, + Mode: h.Mode, + UID: h.Uid, + GID: h.Gid, + Uname: w.nameIfChanged(&w.lastUsername, h.Uid, h.Uname), + Gname: w.nameIfChanged(&w.lastGroupname, h.Gid, h.Gname), + ModTime3339: formatModtime(h.ModTime), + Xattrs: xattrs, + } + if err := w.condOpenGz(); err != nil { + return err + } + tw := tar.NewWriter(currentCompressionWriter{w}) + if err := tw.WriteHeader(h); err != nil { + return err + } + switch h.Typeflag { + case tar.TypeLink: + ent.Type = "hardlink" + ent.LinkName = h.Linkname + case tar.TypeSymlink: + ent.Type = "symlink" + ent.LinkName = h.Linkname + case tar.TypeDir: + ent.Type = "dir" + case tar.TypeReg: + ent.Type = "reg" + ent.Size = h.Size + case tar.TypeChar: + ent.Type = "char" + ent.DevMajor = int(h.Devmajor) + ent.DevMinor = int(h.Devminor) + case tar.TypeBlock: + ent.Type = "block" + ent.DevMajor = int(h.Devmajor) + ent.DevMinor = int(h.Devminor) + case tar.TypeFifo: + ent.Type = "fifo" + default: + return fmt.Errorf("unsupported input tar entry %q", h.Typeflag) + } + + // We need to keep a reference to the TOC entry for regular files, so that we + // can fill the digest later. + var regFileEntry *TOCEntry + var payloadDigest digest.Digester + if h.Typeflag == tar.TypeReg { + regFileEntry = ent + payloadDigest = digest.Canonical.Digester() + } + + if h.Typeflag == tar.TypeReg && ent.Size > 0 { + var written int64 + totalSize := ent.Size // save it before we destroy ent + tee := io.TeeReader(tr, payloadDigest.Hash()) + for written < totalSize { + if err := w.closeGz(); err != nil { + return err + } + + chunkSize := int64(w.chunkSize()) + remain := totalSize - written + if remain < chunkSize { + chunkSize = remain + } else { + ent.ChunkSize = chunkSize + } + ent.Offset = w.cw.n + ent.ChunkOffset = written + chunkDigest := digest.Canonical.Digester() + + if err := w.condOpenGz(); err != nil { + return err + } + + teeChunk := io.TeeReader(tee, chunkDigest.Hash()) + if _, err := io.CopyN(tw, teeChunk, chunkSize); err != nil { + return fmt.Errorf("error copying %q: %v", h.Name, err) + } + ent.ChunkDigest = chunkDigest.Digest().String() + w.toc.Entries = append(w.toc.Entries, ent) + written += chunkSize + ent = &TOCEntry{ + Name: h.Name, + Type: "chunk", + } + } + } else { + w.toc.Entries = append(w.toc.Entries, ent) + } + if payloadDigest != nil { + regFileEntry.Digest = payloadDigest.Digest().String() + } + if err := tw.Flush(); err != nil { + return err + } + } + return nil +} + +// DiffID returns the SHA-256 of the uncompressed tar bytes. +// It is only valid to call DiffID after Close. +func (w *Writer) DiffID() string { + return fmt.Sprintf("sha256:%x", w.diffHash.Sum(nil)) +} + +func maxFooterSize(blobSize int64, decompressors ...Decompressor) (res int64) { + for _, d := range decompressors { + if s := d.FooterSize(); res < s && s <= blobSize { + res = s + } + } + return +} + +func parseTOC(d Decompressor, sr *io.SectionReader, tocOff, tocSize int64, tocBytes []byte, opts openOpts) (*Reader, error) { + if len(tocBytes) > 0 { + start := time.Now() + toc, tocDgst, err := d.ParseTOC(bytes.NewReader(tocBytes)) + if err == nil { + if opts.telemetry != nil && opts.telemetry.DeserializeTocLatency != nil { + opts.telemetry.DeserializeTocLatency(start) + } + return &Reader{ + sr: sr, + toc: toc, + tocDigest: tocDgst, + decompressor: d, + }, nil + } + } + + start := time.Now() + tocBytes = make([]byte, tocSize) + if _, err := sr.ReadAt(tocBytes, tocOff); err != nil { + return nil, fmt.Errorf("error reading %d byte TOC targz: %v", len(tocBytes), err) + } + if opts.telemetry != nil && opts.telemetry.GetTocLatency != nil { + opts.telemetry.GetTocLatency(start) + } + start = time.Now() + toc, tocDgst, err := d.ParseTOC(bytes.NewReader(tocBytes)) + if err != nil { + return nil, err + } + if opts.telemetry != nil && opts.telemetry.DeserializeTocLatency != nil { + opts.telemetry.DeserializeTocLatency(start) + } + return &Reader{ + sr: sr, + toc: toc, + tocDigest: tocDgst, + decompressor: d, + }, nil +} + +func formatModtime(t time.Time) string { + if t.IsZero() || t.Unix() == 0 { + return "" + } + return t.UTC().Round(time.Second).Format(time.RFC3339) +} + +func cleanEntryName(name string) string { + // Use path.Clean to consistently deal with path separators across platforms. + return strings.TrimPrefix(path.Clean("/"+name), "/") +} + +// countWriter counts how many bytes have been written to its wrapped +// io.Writer. +type countWriter struct { + w io.Writer + n int64 +} + +func (cw *countWriter) Write(p []byte) (n int, err error) { + n, err = cw.w.Write(p) + cw.n += int64(n) + return +} + +// isGzip reports whether br is positioned right before an upcoming gzip stream. +// It does not consume any bytes from br. +func isGzip(br *bufio.Reader) bool { + const ( + gzipID1 = 0x1f + gzipID2 = 0x8b + gzipDeflate = 8 + ) + peek, _ := br.Peek(3) + return len(peek) >= 3 && peek[0] == gzipID1 && peek[1] == gzipID2 && peek[2] == gzipDeflate +} + +func positive(n int64) int64 { + if n < 0 { + return 0 + } + return n +} diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/go.mod b/vendor/github.com/containerd/stargz-snapshotter/estargz/go.mod new file mode 100644 index 000000000..ee6b2e17f --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/go.mod @@ -0,0 +1,10 @@ +module github.com/containerd/stargz-snapshotter/estargz + +go 1.16 + +require ( + github.com/klauspost/compress v1.13.5 + github.com/opencontainers/go-digest v1.0.0 + github.com/pkg/errors v0.9.1 + golang.org/x/sync v0.0.0-20201207232520-09787c993a3a +) diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/go.sum b/vendor/github.com/containerd/stargz-snapshotter/estargz/go.sum new file mode 100644 index 000000000..66cd2d69c --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/go.sum @@ -0,0 +1,8 @@ +github.com/klauspost/compress v1.13.5 h1:9O69jUPDcsT9fEm74W92rZL9FQY7rCdaXVneq+yyzl4= +github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/gzip.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/gzip.go new file mode 100644 index 000000000..efc435e09 --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/gzip.go @@ -0,0 +1,216 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/* + Copyright 2019 The Go Authors. All rights reserved. + Use of this source code is governed by a BSD-style + license that can be found in the LICENSE file. +*/ + +package estargz + +import ( + "archive/tar" + "bytes" + "compress/gzip" + "encoding/binary" + "encoding/json" + "fmt" + "hash" + "io" + "strconv" + + digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" +) + +type gzipCompression struct { + *gzipCompressor + *GzipDecompressor +} + +func newGzipCompressionWithLevel(level int) Compression { + return &gzipCompression{ + &gzipCompressor{level}, + &GzipDecompressor{}, + } +} + +func NewGzipCompressorWithLevel(level int) Compressor { + return &gzipCompressor{level} +} + +type gzipCompressor struct { + compressionLevel int +} + +func (gc *gzipCompressor) Writer(w io.Writer) (io.WriteCloser, error) { + return gzip.NewWriterLevel(w, gc.compressionLevel) +} + +func (gc *gzipCompressor) WriteTOCAndFooter(w io.Writer, off int64, toc *JTOC, diffHash hash.Hash) (digest.Digest, error) { + tocJSON, err := json.MarshalIndent(toc, "", "\t") + if err != nil { + return "", err + } + gz, _ := gzip.NewWriterLevel(w, gc.compressionLevel) + gw := io.Writer(gz) + if diffHash != nil { + gw = io.MultiWriter(gz, diffHash) + } + tw := tar.NewWriter(gw) + if err := tw.WriteHeader(&tar.Header{ + Typeflag: tar.TypeReg, + Name: TOCTarName, + Size: int64(len(tocJSON)), + }); err != nil { + return "", err + } + if _, err := tw.Write(tocJSON); err != nil { + return "", err + } + + if err := tw.Close(); err != nil { + return "", err + } + if err := gz.Close(); err != nil { + return "", err + } + if _, err := w.Write(gzipFooterBytes(off)); err != nil { + return "", err + } + return digest.FromBytes(tocJSON), nil +} + +// gzipFooterBytes returns the 51 bytes footer. +func gzipFooterBytes(tocOff int64) []byte { + buf := bytes.NewBuffer(make([]byte, 0, FooterSize)) + gz, _ := gzip.NewWriterLevel(buf, gzip.NoCompression) // MUST be NoCompression to keep 51 bytes + + // Extra header indicating the offset of TOCJSON + // https://tools.ietf.org/html/rfc1952#section-2.3.1.1 + header := make([]byte, 4) + header[0], header[1] = 'S', 'G' + subfield := fmt.Sprintf("%016xSTARGZ", tocOff) + binary.LittleEndian.PutUint16(header[2:4], uint16(len(subfield))) // little-endian per RFC1952 + gz.Header.Extra = append(header, []byte(subfield)...) + gz.Close() + if buf.Len() != FooterSize { + panic(fmt.Sprintf("footer buffer = %d, not %d", buf.Len(), FooterSize)) + } + return buf.Bytes() +} + +type GzipDecompressor struct{} + +func (gz *GzipDecompressor) Reader(r io.Reader) (io.ReadCloser, error) { + return gzip.NewReader(r) +} + +func (gz *GzipDecompressor) ParseTOC(r io.Reader) (toc *JTOC, tocDgst digest.Digest, err error) { + return parseTOCEStargz(r) +} + +func (gz *GzipDecompressor) ParseFooter(p []byte) (tocOffset, tocSize int64, err error) { + if len(p) != FooterSize { + return 0, 0, fmt.Errorf("invalid length %d cannot be parsed", len(p)) + } + zr, err := gzip.NewReader(bytes.NewReader(p)) + if err != nil { + return 0, 0, err + } + defer zr.Close() + extra := zr.Header.Extra + si1, si2, subfieldlen, subfield := extra[0], extra[1], extra[2:4], extra[4:] + if si1 != 'S' || si2 != 'G' { + return 0, 0, fmt.Errorf("invalid subfield IDs: %q, %q; want E, S", si1, si2) + } + if slen := binary.LittleEndian.Uint16(subfieldlen); slen != uint16(16+len("STARGZ")) { + return 0, 0, fmt.Errorf("invalid length of subfield %d; want %d", slen, 16+len("STARGZ")) + } + if string(subfield[16:]) != "STARGZ" { + return 0, 0, fmt.Errorf("STARGZ magic string must be included in the footer subfield") + } + tocOffset, err = strconv.ParseInt(string(subfield[:16]), 16, 64) + if err != nil { + return 0, 0, errors.Wrapf(err, "legacy: failed to parse toc offset") + } + return tocOffset, 0, nil +} + +func (gz *GzipDecompressor) FooterSize() int64 { + return FooterSize +} + +type legacyGzipDecompressor struct{} + +func (gz *legacyGzipDecompressor) Reader(r io.Reader) (io.ReadCloser, error) { + return gzip.NewReader(r) +} + +func (gz *legacyGzipDecompressor) ParseTOC(r io.Reader) (toc *JTOC, tocDgst digest.Digest, err error) { + return parseTOCEStargz(r) +} + +func (gz *legacyGzipDecompressor) ParseFooter(p []byte) (tocOffset, tocSize int64, err error) { + if len(p) != legacyFooterSize { + return 0, 0, fmt.Errorf("legacy: invalid length %d cannot be parsed", len(p)) + } + zr, err := gzip.NewReader(bytes.NewReader(p)) + if err != nil { + return 0, 0, errors.Wrapf(err, "legacy: failed to get footer gzip reader") + } + defer zr.Close() + extra := zr.Header.Extra + if len(extra) != 16+len("STARGZ") { + return 0, 0, fmt.Errorf("legacy: invalid stargz's extra field size") + } + if string(extra[16:]) != "STARGZ" { + return 0, 0, fmt.Errorf("legacy: magic string STARGZ not found") + } + tocOffset, err = strconv.ParseInt(string(extra[:16]), 16, 64) + if err != nil { + return 0, 0, errors.Wrapf(err, "legacy: failed to parse toc offset") + } + return tocOffset, 0, nil +} + +func (gz *legacyGzipDecompressor) FooterSize() int64 { + return legacyFooterSize +} + +func parseTOCEStargz(r io.Reader) (toc *JTOC, tocDgst digest.Digest, err error) { + zr, err := gzip.NewReader(r) + if err != nil { + return nil, "", fmt.Errorf("malformed TOC gzip header: %v", err) + } + defer zr.Close() + zr.Multistream(false) + tr := tar.NewReader(zr) + h, err := tr.Next() + if err != nil { + return nil, "", fmt.Errorf("failed to find tar header in TOC gzip stream: %v", err) + } + if h.Name != TOCTarName { + return nil, "", fmt.Errorf("TOC tar entry had name %q; expected %q", h.Name, TOCTarName) + } + dgstr := digest.Canonical.Digester() + toc = new(JTOC) + if err := json.NewDecoder(io.TeeReader(tr, dgstr.Hash())).Decode(&toc); err != nil { + return nil, "", fmt.Errorf("error decoding TOC JSON: %v", err) + } + return toc, dgstr.Digest(), nil +} diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/testutil.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/testutil.go new file mode 100644 index 000000000..020729b7e --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/testutil.go @@ -0,0 +1,1933 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/* + Copyright 2019 The Go Authors. All rights reserved. + Use of this source code is governed by a BSD-style + license that can be found in the LICENSE file. +*/ + +package estargz + +import ( + "archive/tar" + "bytes" + "compress/gzip" + "crypto/sha256" + "encoding/json" + "fmt" + "io" + "io/ioutil" + "os" + "reflect" + "sort" + "strings" + "testing" + "time" + + "github.com/containerd/stargz-snapshotter/estargz/errorutil" + "github.com/klauspost/compress/zstd" + digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" +) + +// TestingController is Compression with some helper methods necessary for testing. +type TestingController interface { + Compression + CountStreams(*testing.T, []byte) int + DiffIDOf(*testing.T, []byte) string + String() string +} + +// CompressionTestSuite tests this pkg with controllers can build valid eStargz blobs and parse them. +func CompressionTestSuite(t *testing.T, controllers ...TestingController) { + t.Run("testBuild", func(t *testing.T) { t.Parallel(); testBuild(t, controllers...) }) + t.Run("testDigestAndVerify", func(t *testing.T) { t.Parallel(); testDigestAndVerify(t, controllers...) }) + t.Run("testWriteAndOpen", func(t *testing.T) { t.Parallel(); testWriteAndOpen(t, controllers...) }) +} + +const ( + uncompressedType int = iota + gzipType + zstdType +) + +var srcCompressions = []int{ + uncompressedType, + gzipType, + zstdType, +} + +var allowedPrefix = [4]string{"", "./", "/", "../"} + +// testBuild tests the resulting stargz blob built by this pkg has the same +// contents as the normal stargz blob. +func testBuild(t *testing.T, controllers ...TestingController) { + tests := []struct { + name string + chunkSize int + in []tarEntry + }{ + { + name: "regfiles and directories", + chunkSize: 4, + in: tarOf( + file("foo", "test1"), + dir("foo2/"), + file("foo2/bar", "test2", xAttr(map[string]string{"test": "sample"})), + ), + }, + { + name: "empty files", + chunkSize: 4, + in: tarOf( + file("foo", "tttttt"), + file("foo_empty", ""), + file("foo2", "tttttt"), + file("foo_empty2", ""), + file("foo3", "tttttt"), + file("foo_empty3", ""), + file("foo4", "tttttt"), + file("foo_empty4", ""), + file("foo5", "tttttt"), + file("foo_empty5", ""), + file("foo6", "tttttt"), + ), + }, + { + name: "various files", + chunkSize: 4, + in: tarOf( + file("baz.txt", "bazbazbazbazbazbazbaz"), + file("foo.txt", "a"), + symlink("barlink", "test/bar.txt"), + dir("test/"), + dir("dev/"), + blockdev("dev/testblock", 3, 4), + fifo("dev/testfifo"), + chardev("dev/testchar1", 5, 6), + file("test/bar.txt", "testbartestbar", xAttr(map[string]string{"test2": "sample2"})), + dir("test2/"), + link("test2/bazlink", "baz.txt"), + chardev("dev/testchar2", 1, 2), + ), + }, + { + name: "no contents", + chunkSize: 4, + in: tarOf( + file("baz.txt", ""), + symlink("barlink", "test/bar.txt"), + dir("test/"), + dir("dev/"), + blockdev("dev/testblock", 3, 4), + fifo("dev/testfifo"), + chardev("dev/testchar1", 5, 6), + file("test/bar.txt", "", xAttr(map[string]string{"test2": "sample2"})), + dir("test2/"), + link("test2/bazlink", "baz.txt"), + chardev("dev/testchar2", 1, 2), + ), + }, + } + for _, tt := range tests { + for _, srcCompression := range srcCompressions { + srcCompression := srcCompression + for _, cl := range controllers { + cl := cl + for _, prefix := range allowedPrefix { + prefix := prefix + t.Run(tt.name+"-"+fmt.Sprintf("compression=%v-prefix=%q-src=%d", cl, prefix, srcCompression), func(t *testing.T) { + tarBlob := buildTarStatic(t, tt.in, prefix) + // Test divideEntries() + entries, err := sortEntries(tarBlob, nil, nil) // identical order + if err != nil { + t.Fatalf("faield to parse tar: %v", err) + } + var merged []*entry + for _, part := range divideEntries(entries, 4) { + merged = append(merged, part...) + } + if !reflect.DeepEqual(entries, merged) { + for _, e := range entries { + t.Logf("Original: %v", e.header) + } + for _, e := range merged { + t.Logf("Merged: %v", e.header) + } + t.Errorf("divided entries couldn't be merged") + return + } + + // Prepare sample data + wantBuf := new(bytes.Buffer) + sw := NewWriterWithCompressor(wantBuf, cl) + sw.ChunkSize = tt.chunkSize + if err := sw.AppendTar(tarBlob); err != nil { + t.Fatalf("faield to append tar to want stargz: %v", err) + } + if _, err := sw.Close(); err != nil { + t.Fatalf("faield to prepare want stargz: %v", err) + } + wantData := wantBuf.Bytes() + want, err := Open(io.NewSectionReader( + bytes.NewReader(wantData), 0, int64(len(wantData))), + WithDecompressors(cl), + ) + if err != nil { + t.Fatalf("failed to parse the want stargz: %v", err) + } + + // Prepare testing data + rc, err := Build(compressBlob(t, tarBlob, srcCompression), + WithChunkSize(tt.chunkSize), WithCompression(cl)) + if err != nil { + t.Fatalf("faield to build stargz: %v", err) + } + defer rc.Close() + gotBuf := new(bytes.Buffer) + if _, err := io.Copy(gotBuf, rc); err != nil { + t.Fatalf("failed to copy built stargz blob: %v", err) + } + gotData := gotBuf.Bytes() + got, err := Open(io.NewSectionReader( + bytes.NewReader(gotBuf.Bytes()), 0, int64(len(gotData))), + WithDecompressors(cl), + ) + if err != nil { + t.Fatalf("failed to parse the got stargz: %v", err) + } + + // Check DiffID is properly calculated + rc.Close() + diffID := rc.DiffID() + wantDiffID := cl.DiffIDOf(t, gotData) + if diffID.String() != wantDiffID { + t.Errorf("DiffID = %q; want %q", diffID, wantDiffID) + } + + // Compare as stargz + if !isSameVersion(t, cl, wantData, gotData) { + t.Errorf("built stargz hasn't same json") + return + } + if !isSameEntries(t, want, got) { + t.Errorf("built stargz isn't same as the original") + return + } + + // Compare as tar.gz + if !isSameTarGz(t, cl, wantData, gotData) { + t.Errorf("built stargz isn't same tar.gz") + return + } + }) + } + } + } + } +} + +func isSameTarGz(t *testing.T, controller TestingController, a, b []byte) bool { + aGz, err := controller.Reader(bytes.NewReader(a)) + if err != nil { + t.Fatalf("failed to read A") + } + defer aGz.Close() + bGz, err := controller.Reader(bytes.NewReader(b)) + if err != nil { + t.Fatalf("failed to read B") + } + defer bGz.Close() + + // Same as tar's Next() method but ignores landmarks and TOCJSON file + next := func(r *tar.Reader) (h *tar.Header, err error) { + for { + if h, err = r.Next(); err != nil { + return + } + if h.Name != PrefetchLandmark && + h.Name != NoPrefetchLandmark && + h.Name != TOCTarName { + return + } + } + } + + aTar := tar.NewReader(aGz) + bTar := tar.NewReader(bGz) + for { + // Fetch and parse next header. + aH, aErr := next(aTar) + bH, bErr := next(bTar) + if aErr != nil || bErr != nil { + if aErr == io.EOF && bErr == io.EOF { + break + } + t.Fatalf("Failed to parse tar file: A: %v, B: %v", aErr, bErr) + } + if !reflect.DeepEqual(aH, bH) { + t.Logf("different header (A = %v; B = %v)", aH, bH) + return false + + } + aFile, err := ioutil.ReadAll(aTar) + if err != nil { + t.Fatal("failed to read tar payload of A") + } + bFile, err := ioutil.ReadAll(bTar) + if err != nil { + t.Fatal("failed to read tar payload of B") + } + if !bytes.Equal(aFile, bFile) { + t.Logf("different tar payload (A = %q; B = %q)", string(a), string(b)) + return false + } + } + + return true +} + +func isSameVersion(t *testing.T, controller TestingController, a, b []byte) bool { + aJTOC, _, err := parseStargz(io.NewSectionReader(bytes.NewReader(a), 0, int64(len(a))), controller) + if err != nil { + t.Fatalf("failed to parse A: %v", err) + } + bJTOC, _, err := parseStargz(io.NewSectionReader(bytes.NewReader(b), 0, int64(len(b))), controller) + if err != nil { + t.Fatalf("failed to parse B: %v", err) + } + t.Logf("A: TOCJSON: %v", dumpTOCJSON(t, aJTOC)) + t.Logf("B: TOCJSON: %v", dumpTOCJSON(t, bJTOC)) + return aJTOC.Version == bJTOC.Version +} + +func isSameEntries(t *testing.T, a, b *Reader) bool { + aroot, ok := a.Lookup("") + if !ok { + t.Fatalf("failed to get root of A") + } + broot, ok := b.Lookup("") + if !ok { + t.Fatalf("failed to get root of B") + } + aEntry := stargzEntry{aroot, a} + bEntry := stargzEntry{broot, b} + return contains(t, aEntry, bEntry) && contains(t, bEntry, aEntry) +} + +func compressBlob(t *testing.T, src *io.SectionReader, srcCompression int) *io.SectionReader { + buf := new(bytes.Buffer) + var w io.WriteCloser + var err error + if srcCompression == gzipType { + w = gzip.NewWriter(buf) + } else if srcCompression == zstdType { + w, err = zstd.NewWriter(buf) + if err != nil { + t.Fatalf("failed to init zstd writer: %v", err) + } + } else { + return src + } + src.Seek(0, io.SeekStart) + if _, err := io.Copy(w, src); err != nil { + t.Fatalf("failed to compress source") + } + if err := w.Close(); err != nil { + t.Fatalf("failed to finalize compress source") + } + data := buf.Bytes() + return io.NewSectionReader(bytes.NewReader(data), 0, int64(len(data))) + +} + +type stargzEntry struct { + e *TOCEntry + r *Reader +} + +// contains checks if all child entries in "b" are also contained in "a". +// This function also checks if the files/chunks contain the same contents among "a" and "b". +func contains(t *testing.T, a, b stargzEntry) bool { + ae, ar := a.e, a.r + be, br := b.e, b.r + t.Logf("Comparing: %q vs %q", ae.Name, be.Name) + if !equalEntry(ae, be) { + t.Logf("%q != %q: entry: a: %v, b: %v", ae.Name, be.Name, ae, be) + return false + } + if ae.Type == "dir" { + t.Logf("Directory: %q vs %q: %v vs %v", ae.Name, be.Name, + allChildrenName(ae), allChildrenName(be)) + iscontain := true + ae.ForeachChild(func(aBaseName string, aChild *TOCEntry) bool { + // Walk through all files on this stargz file. + + if aChild.Name == PrefetchLandmark || + aChild.Name == NoPrefetchLandmark { + return true // Ignore landmarks + } + + // Ignore a TOCEntry of "./" (formated as "" by stargz lib) on root directory + // because this points to the root directory itself. + if aChild.Name == "" && ae.Name == "" { + return true + } + + bChild, ok := be.LookupChild(aBaseName) + if !ok { + t.Logf("%q (base: %q): not found in b: %v", + ae.Name, aBaseName, allChildrenName(be)) + iscontain = false + return false + } + + childcontain := contains(t, stargzEntry{aChild, a.r}, stargzEntry{bChild, b.r}) + if !childcontain { + t.Logf("%q != %q: non-equal dir", ae.Name, be.Name) + iscontain = false + return false + } + return true + }) + return iscontain + } else if ae.Type == "reg" { + af, err := ar.OpenFile(ae.Name) + if err != nil { + t.Fatalf("failed to open file %q on A: %v", ae.Name, err) + } + bf, err := br.OpenFile(be.Name) + if err != nil { + t.Fatalf("failed to open file %q on B: %v", be.Name, err) + } + + var nr int64 + for nr < ae.Size { + abytes, anext, aok := readOffset(t, af, nr, a) + bbytes, bnext, bok := readOffset(t, bf, nr, b) + if !aok && !bok { + break + } else if !(aok && bok) || anext != bnext { + t.Logf("%q != %q (offset=%d): chunk existence a=%v vs b=%v, anext=%v vs bnext=%v", + ae.Name, be.Name, nr, aok, bok, anext, bnext) + return false + } + nr = anext + if !bytes.Equal(abytes, bbytes) { + t.Logf("%q != %q: different contents %v vs %v", + ae.Name, be.Name, string(abytes), string(bbytes)) + return false + } + } + return true + } + + return true +} + +func allChildrenName(e *TOCEntry) (children []string) { + e.ForeachChild(func(baseName string, _ *TOCEntry) bool { + children = append(children, baseName) + return true + }) + return +} + +func equalEntry(a, b *TOCEntry) bool { + // Here, we selectively compare fileds that we are interested in. + return a.Name == b.Name && + a.Type == b.Type && + a.Size == b.Size && + a.ModTime3339 == b.ModTime3339 && + a.Stat().ModTime().Equal(b.Stat().ModTime()) && // modTime time.Time + a.LinkName == b.LinkName && + a.Mode == b.Mode && + a.UID == b.UID && + a.GID == b.GID && + a.Uname == b.Uname && + a.Gname == b.Gname && + (a.Offset > 0) == (b.Offset > 0) && + (a.NextOffset() > 0) == (b.NextOffset() > 0) && + a.DevMajor == b.DevMajor && + a.DevMinor == b.DevMinor && + a.NumLink == b.NumLink && + reflect.DeepEqual(a.Xattrs, b.Xattrs) && + // chunk-related infomations aren't compared in this function. + // ChunkOffset int64 `json:"chunkOffset,omitempty"` + // ChunkSize int64 `json:"chunkSize,omitempty"` + // children map[string]*TOCEntry + a.Digest == b.Digest +} + +func readOffset(t *testing.T, r *io.SectionReader, offset int64, e stargzEntry) ([]byte, int64, bool) { + ce, ok := e.r.ChunkEntryForOffset(e.e.Name, offset) + if !ok { + return nil, 0, false + } + data := make([]byte, ce.ChunkSize) + t.Logf("Offset: %v, NextOffset: %v", ce.Offset, ce.NextOffset()) + n, err := r.ReadAt(data, ce.ChunkOffset) + if err != nil { + t.Fatalf("failed to read file payload of %q (offset:%d,size:%d): %v", + e.e.Name, ce.ChunkOffset, ce.ChunkSize, err) + } + if int64(n) != ce.ChunkSize { + t.Fatalf("unexpected copied data size %d; want %d", + n, ce.ChunkSize) + } + return data[:n], offset + ce.ChunkSize, true +} + +func dumpTOCJSON(t *testing.T, tocJSON *JTOC) string { + jtocData, err := json.Marshal(*tocJSON) + if err != nil { + t.Fatalf("failed to marshal TOC JSON: %v", err) + } + buf := new(bytes.Buffer) + if _, err := io.Copy(buf, bytes.NewReader(jtocData)); err != nil { + t.Fatalf("failed to read toc json blob: %v", err) + } + return buf.String() +} + +const chunkSize = 3 + +// type check func(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, compressionLevel int) +type check func(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) + +// testDigestAndVerify runs specified checks against sample stargz blobs. +func testDigestAndVerify(t *testing.T, controllers ...TestingController) { + tests := []struct { + name string + tarInit func(t *testing.T, dgstMap map[string]digest.Digest) (blob []tarEntry) + checks []check + }{ + { + name: "no-regfile", + tarInit: func(t *testing.T, dgstMap map[string]digest.Digest) (blob []tarEntry) { + return tarOf( + dir("test/"), + ) + }, + checks: []check{ + checkStargzTOC, + checkVerifyTOC, + checkVerifyInvalidStargzFail(buildTarStatic(t, tarOf( + dir("test2/"), // modified + ), allowedPrefix[0])), + }, + }, + { + name: "small-files", + tarInit: func(t *testing.T, dgstMap map[string]digest.Digest) (blob []tarEntry) { + return tarOf( + regDigest(t, "baz.txt", "", dgstMap), + regDigest(t, "foo.txt", "a", dgstMap), + dir("test/"), + regDigest(t, "test/bar.txt", "bbb", dgstMap), + ) + }, + checks: []check{ + checkStargzTOC, + checkVerifyTOC, + checkVerifyInvalidStargzFail(buildTarStatic(t, tarOf( + file("baz.txt", ""), + file("foo.txt", "M"), // modified + dir("test/"), + file("test/bar.txt", "bbb"), + ), allowedPrefix[0])), + // checkVerifyInvalidTOCEntryFail("foo.txt"), // TODO + checkVerifyBrokenContentFail("foo.txt"), + }, + }, + { + name: "big-files", + tarInit: func(t *testing.T, dgstMap map[string]digest.Digest) (blob []tarEntry) { + return tarOf( + regDigest(t, "baz.txt", "bazbazbazbazbazbazbaz", dgstMap), + regDigest(t, "foo.txt", "a", dgstMap), + dir("test/"), + regDigest(t, "test/bar.txt", "testbartestbar", dgstMap), + ) + }, + checks: []check{ + checkStargzTOC, + checkVerifyTOC, + checkVerifyInvalidStargzFail(buildTarStatic(t, tarOf( + file("baz.txt", "bazbazbazMMMbazbazbaz"), // modified + file("foo.txt", "a"), + dir("test/"), + file("test/bar.txt", "testbartestbar"), + ), allowedPrefix[0])), + checkVerifyInvalidTOCEntryFail("test/bar.txt"), + checkVerifyBrokenContentFail("test/bar.txt"), + }, + }, + { + name: "with-non-regfiles", + tarInit: func(t *testing.T, dgstMap map[string]digest.Digest) (blob []tarEntry) { + return tarOf( + regDigest(t, "baz.txt", "bazbazbazbazbazbazbaz", dgstMap), + regDigest(t, "foo.txt", "a", dgstMap), + symlink("barlink", "test/bar.txt"), + dir("test/"), + regDigest(t, "test/bar.txt", "testbartestbar", dgstMap), + dir("test2/"), + link("test2/bazlink", "baz.txt"), + ) + }, + checks: []check{ + checkStargzTOC, + checkVerifyTOC, + checkVerifyInvalidStargzFail(buildTarStatic(t, tarOf( + file("baz.txt", "bazbazbazbazbazbazbaz"), + file("foo.txt", "a"), + symlink("barlink", "test/bar.txt"), + dir("test/"), + file("test/bar.txt", "testbartestbar"), + dir("test2/"), + link("test2/bazlink", "foo.txt"), // modified + ), allowedPrefix[0])), + checkVerifyInvalidTOCEntryFail("test/bar.txt"), + checkVerifyBrokenContentFail("test/bar.txt"), + }, + }, + } + + for _, tt := range tests { + for _, srcCompression := range srcCompressions { + srcCompression := srcCompression + for _, cl := range controllers { + cl := cl + for _, prefix := range allowedPrefix { + prefix := prefix + t.Run(tt.name+"-"+fmt.Sprintf("compression=%v-prefix=%q", cl, prefix), func(t *testing.T) { + // Get original tar file and chunk digests + dgstMap := make(map[string]digest.Digest) + tarBlob := buildTarStatic(t, tt.tarInit(t, dgstMap), prefix) + + rc, err := Build(compressBlob(t, tarBlob, srcCompression), + WithChunkSize(chunkSize), WithCompression(cl)) + if err != nil { + t.Fatalf("failed to convert stargz: %v", err) + } + tocDigest := rc.TOCDigest() + defer rc.Close() + buf := new(bytes.Buffer) + if _, err := io.Copy(buf, rc); err != nil { + t.Fatalf("failed to copy built stargz blob: %v", err) + } + newStargz := buf.Bytes() + // NoPrefetchLandmark is added during `Bulid`, which is expected behaviour. + dgstMap[chunkID(NoPrefetchLandmark, 0, int64(len([]byte{landmarkContents})))] = digest.FromBytes([]byte{landmarkContents}) + + for _, check := range tt.checks { + check(t, newStargz, tocDigest, dgstMap, cl) + } + }) + } + } + } + } +} + +// checkStargzTOC checks the TOC JSON of the passed stargz has the expected +// digest and contains valid chunks. It walks all entries in the stargz and +// checks all chunk digests stored to the TOC JSON match the actual contents. +func checkStargzTOC(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) { + sgz, err := Open( + io.NewSectionReader(bytes.NewReader(sgzData), 0, int64(len(sgzData))), + WithDecompressors(controller), + ) + if err != nil { + t.Errorf("failed to parse converted stargz: %v", err) + return + } + digestMapTOC, err := listDigests(io.NewSectionReader( + bytes.NewReader(sgzData), 0, int64(len(sgzData))), + controller, + ) + if err != nil { + t.Fatalf("failed to list digest: %v", err) + } + found := make(map[string]bool) + for id := range dgstMap { + found[id] = false + } + zr, err := controller.Reader(bytes.NewReader(sgzData)) + if err != nil { + t.Fatalf("failed to decompress converted stargz: %v", err) + } + defer zr.Close() + tr := tar.NewReader(zr) + for { + h, err := tr.Next() + if err != nil { + if err != io.EOF { + t.Errorf("failed to read tar entry: %v", err) + return + } + break + } + if h.Name == TOCTarName { + // Check the digest of TOC JSON based on the actual contents + // It's sure that TOC JSON exists in this archive because + // Open succeeded. + dgstr := digest.Canonical.Digester() + if _, err := io.Copy(dgstr.Hash(), tr); err != nil { + t.Fatalf("failed to calculate digest of TOC JSON: %v", + err) + } + if dgstr.Digest() != tocDigest { + t.Errorf("invalid TOC JSON %q; want %q", tocDigest, dgstr.Digest()) + } + continue + } + if _, ok := sgz.Lookup(h.Name); !ok { + t.Errorf("lost stargz entry %q in the converted TOC", h.Name) + return + } + var n int64 + for n < h.Size { + ce, ok := sgz.ChunkEntryForOffset(h.Name, n) + if !ok { + t.Errorf("lost chunk %q(offset=%d) in the converted TOC", + h.Name, n) + return + } + + // Get the original digest to make sure the file contents are kept unchanged + // from the original tar, during the whole conversion steps. + id := chunkID(h.Name, n, ce.ChunkSize) + want, ok := dgstMap[id] + if !ok { + t.Errorf("Unexpected chunk %q(offset=%d,size=%d): %v", + h.Name, n, ce.ChunkSize, dgstMap) + return + } + found[id] = true + + // Check the file contents + dgstr := digest.Canonical.Digester() + if _, err := io.CopyN(dgstr.Hash(), tr, ce.ChunkSize); err != nil { + t.Fatalf("failed to calculate digest of %q (offset=%d,size=%d)", + h.Name, n, ce.ChunkSize) + } + if want != dgstr.Digest() { + t.Errorf("Invalid contents in converted stargz %q: %q; want %q", + h.Name, dgstr.Digest(), want) + return + } + + // Check the digest stored in TOC JSON + dgstTOC, ok := digestMapTOC[ce.Offset] + if !ok { + t.Errorf("digest of %q(offset=%d,size=%d,chunkOffset=%d) isn't registered", + h.Name, ce.Offset, ce.ChunkSize, ce.ChunkOffset) + } + if want != dgstTOC { + t.Errorf("Invalid digest in TOCEntry %q: %q; want %q", + h.Name, dgstTOC, want) + return + } + + n += ce.ChunkSize + } + } + + for id, ok := range found { + if !ok { + t.Errorf("required chunk %q not found in the converted stargz: %v", id, found) + } + } +} + +// checkVerifyTOC checks the verification works for the TOC JSON of the passed +// stargz. It walks all entries in the stargz and checks the verifications for +// all chunks work. +func checkVerifyTOC(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) { + sgz, err := Open( + io.NewSectionReader(bytes.NewReader(sgzData), 0, int64(len(sgzData))), + WithDecompressors(controller), + ) + if err != nil { + t.Errorf("failed to parse converted stargz: %v", err) + return + } + ev, err := sgz.VerifyTOC(tocDigest) + if err != nil { + t.Errorf("failed to verify stargz: %v", err) + return + } + + found := make(map[string]bool) + for id := range dgstMap { + found[id] = false + } + zr, err := controller.Reader(bytes.NewReader(sgzData)) + if err != nil { + t.Fatalf("failed to decompress converted stargz: %v", err) + } + defer zr.Close() + tr := tar.NewReader(zr) + for { + h, err := tr.Next() + if err != nil { + if err != io.EOF { + t.Errorf("failed to read tar entry: %v", err) + return + } + break + } + if h.Name == TOCTarName { + continue + } + if _, ok := sgz.Lookup(h.Name); !ok { + t.Errorf("lost stargz entry %q in the converted TOC", h.Name) + return + } + var n int64 + for n < h.Size { + ce, ok := sgz.ChunkEntryForOffset(h.Name, n) + if !ok { + t.Errorf("lost chunk %q(offset=%d) in the converted TOC", + h.Name, n) + return + } + + v, err := ev.Verifier(ce) + if err != nil { + t.Errorf("failed to get verifier for %q(offset=%d)", h.Name, n) + } + + found[chunkID(h.Name, n, ce.ChunkSize)] = true + + // Check the file contents + if _, err := io.CopyN(v, tr, ce.ChunkSize); err != nil { + t.Fatalf("failed to get chunk of %q (offset=%d,size=%d)", + h.Name, n, ce.ChunkSize) + } + if !v.Verified() { + t.Errorf("Invalid contents in converted stargz %q (should be succeeded)", + h.Name) + return + } + n += ce.ChunkSize + } + } + + for id, ok := range found { + if !ok { + t.Errorf("required chunk %q not found in the converted stargz: %v", id, found) + } + } +} + +// checkVerifyInvalidTOCEntryFail checks if misconfigured TOC JSON can be +// detected during the verification and the verification returns an error. +func checkVerifyInvalidTOCEntryFail(filename string) check { + return func(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) { + funcs := map[string]rewriteFunc{ + "lost digest in a entry": func(t *testing.T, toc *JTOC, sgz *io.SectionReader) { + var found bool + for _, e := range toc.Entries { + if cleanEntryName(e.Name) == filename { + if e.Type != "reg" && e.Type != "chunk" { + t.Fatalf("entry %q to break must be regfile or chunk", filename) + } + if e.ChunkDigest == "" { + t.Fatalf("entry %q is already invalid", filename) + } + e.ChunkDigest = "" + found = true + } + } + if !found { + t.Fatalf("rewrite target not found") + } + }, + "duplicated entry offset": func(t *testing.T, toc *JTOC, sgz *io.SectionReader) { + var ( + sampleEntry *TOCEntry + targetEntry *TOCEntry + ) + for _, e := range toc.Entries { + if e.Type == "reg" || e.Type == "chunk" { + if cleanEntryName(e.Name) == filename { + targetEntry = e + } else { + sampleEntry = e + } + } + } + if sampleEntry == nil { + t.Fatalf("TOC must contain at least one regfile or chunk entry other than the rewrite target") + } + if targetEntry == nil { + t.Fatalf("rewrite target not found") + } + targetEntry.Offset = sampleEntry.Offset + }, + } + + for name, rFunc := range funcs { + t.Run(name, func(t *testing.T) { + newSgz, newTocDigest := rewriteTOCJSON(t, io.NewSectionReader(bytes.NewReader(sgzData), 0, int64(len(sgzData))), rFunc, controller) + buf := new(bytes.Buffer) + if _, err := io.Copy(buf, newSgz); err != nil { + t.Fatalf("failed to get converted stargz") + } + isgz := buf.Bytes() + + sgz, err := Open( + io.NewSectionReader(bytes.NewReader(isgz), 0, int64(len(isgz))), + WithDecompressors(controller), + ) + if err != nil { + t.Fatalf("failed to parse converted stargz: %v", err) + return + } + _, err = sgz.VerifyTOC(newTocDigest) + if err == nil { + t.Errorf("must fail for invalid TOC") + return + } + }) + } + } +} + +// checkVerifyInvalidStargzFail checks if the verification detects that the +// given stargz file doesn't match to the expected digest and returns error. +func checkVerifyInvalidStargzFail(invalid *io.SectionReader) check { + return func(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) { + rc, err := Build(invalid, WithChunkSize(chunkSize), WithCompression(controller)) + if err != nil { + t.Fatalf("failed to convert stargz: %v", err) + } + defer rc.Close() + buf := new(bytes.Buffer) + if _, err := io.Copy(buf, rc); err != nil { + t.Fatalf("failed to copy built stargz blob: %v", err) + } + mStargz := buf.Bytes() + + sgz, err := Open( + io.NewSectionReader(bytes.NewReader(mStargz), 0, int64(len(mStargz))), + WithDecompressors(controller), + ) + if err != nil { + t.Fatalf("failed to parse converted stargz: %v", err) + return + } + _, err = sgz.VerifyTOC(tocDigest) + if err == nil { + t.Errorf("must fail for invalid TOC") + return + } + } +} + +// checkVerifyBrokenContentFail checks if the verifier detects broken contents +// that doesn't match to the expected digest and returns error. +func checkVerifyBrokenContentFail(filename string) check { + return func(t *testing.T, sgzData []byte, tocDigest digest.Digest, dgstMap map[string]digest.Digest, controller TestingController) { + // Parse stargz file + sgz, err := Open( + io.NewSectionReader(bytes.NewReader(sgzData), 0, int64(len(sgzData))), + WithDecompressors(controller), + ) + if err != nil { + t.Fatalf("failed to parse converted stargz: %v", err) + return + } + ev, err := sgz.VerifyTOC(tocDigest) + if err != nil { + t.Fatalf("failed to verify stargz: %v", err) + return + } + + // Open the target file + sr, err := sgz.OpenFile(filename) + if err != nil { + t.Fatalf("failed to open file %q", filename) + } + ce, ok := sgz.ChunkEntryForOffset(filename, 0) + if !ok { + t.Fatalf("lost chunk %q(offset=%d) in the converted TOC", filename, 0) + return + } + if ce.ChunkSize == 0 { + t.Fatalf("file mustn't be empty") + return + } + data := make([]byte, ce.ChunkSize) + if _, err := sr.ReadAt(data, ce.ChunkOffset); err != nil { + t.Errorf("failed to get data of a chunk of %q(offset=%q)", + filename, ce.ChunkOffset) + } + + // Check the broken chunk (must fail) + v, err := ev.Verifier(ce) + if err != nil { + t.Fatalf("failed to get verifier for %q", filename) + } + broken := append([]byte{^data[0]}, data[1:]...) + if _, err := io.CopyN(v, bytes.NewReader(broken), ce.ChunkSize); err != nil { + t.Fatalf("failed to get chunk of %q (offset=%d,size=%d)", + filename, ce.ChunkOffset, ce.ChunkSize) + } + if v.Verified() { + t.Errorf("verification must fail for broken file chunk %q(org:%q,broken:%q)", + filename, data, broken) + } + } +} + +func chunkID(name string, offset, size int64) string { + return fmt.Sprintf("%s-%d-%d", cleanEntryName(name), offset, size) +} + +type rewriteFunc func(t *testing.T, toc *JTOC, sgz *io.SectionReader) + +func rewriteTOCJSON(t *testing.T, sgz *io.SectionReader, rewrite rewriteFunc, controller TestingController) (newSgz io.Reader, tocDigest digest.Digest) { + decodedJTOC, jtocOffset, err := parseStargz(sgz, controller) + if err != nil { + t.Fatalf("failed to extract TOC JSON: %v", err) + } + + rewrite(t, decodedJTOC, sgz) + + tocFooter, tocDigest, err := tocAndFooter(controller, decodedJTOC, jtocOffset) + if err != nil { + t.Fatalf("failed to create toc and footer: %v", err) + } + + // Reconstruct stargz file with the modified TOC JSON + if _, err := sgz.Seek(0, io.SeekStart); err != nil { + t.Fatalf("failed to reset the seek position of stargz: %v", err) + } + return io.MultiReader( + io.LimitReader(sgz, jtocOffset), // Original stargz (before TOC JSON) + tocFooter, // Rewritten TOC and footer + ), tocDigest +} + +func listDigests(sgz *io.SectionReader, controller TestingController) (map[int64]digest.Digest, error) { + decodedJTOC, _, err := parseStargz(sgz, controller) + if err != nil { + return nil, err + } + digestMap := make(map[int64]digest.Digest) + for _, e := range decodedJTOC.Entries { + if e.Type == "reg" || e.Type == "chunk" { + if e.Type == "reg" && e.Size == 0 { + continue // ignores empty file + } + if e.ChunkDigest == "" { + return nil, fmt.Errorf("ChunkDigest of %q(off=%d) not found in TOC JSON", + e.Name, e.Offset) + } + d, err := digest.Parse(e.ChunkDigest) + if err != nil { + return nil, err + } + digestMap[e.Offset] = d + } + } + return digestMap, nil +} + +func parseStargz(sgz *io.SectionReader, controller TestingController) (decodedJTOC *JTOC, jtocOffset int64, err error) { + fSize := controller.FooterSize() + footer := make([]byte, fSize) + if _, err := sgz.ReadAt(footer, sgz.Size()-fSize); err != nil { + return nil, 0, errors.Wrap(err, "error reading footer") + } + tocOffset, _, err := controller.ParseFooter(footer[positive(int64(len(footer))-fSize):]) + if err != nil { + return nil, 0, errors.Wrapf(err, "failed to parse footer") + } + + // Decode the TOC JSON + tocReader := io.NewSectionReader(sgz, tocOffset, sgz.Size()-tocOffset-fSize) + decodedJTOC, _, err = controller.ParseTOC(tocReader) + if err != nil { + return nil, 0, errors.Wrap(err, "failed to parse TOC") + } + return decodedJTOC, tocOffset, nil +} + +func testWriteAndOpen(t *testing.T, controllers ...TestingController) { + const content = "Some contents" + invalidUtf8 := "\xff\xfe\xfd" + + xAttrFile := xAttr{"foo": "bar", "invalid-utf8": invalidUtf8} + sampleOwner := owner{uid: 50, gid: 100} + + tests := []struct { + name string + chunkSize int + in []tarEntry + want []stargzCheck + wantNumGz int // expected number of streams + }{ + { + name: "empty", + in: tarOf(), + wantNumGz: 2, // TOC + footer + want: checks( + numTOCEntries(0), + ), + }, + { + name: "1dir_1empty_file", + in: tarOf( + dir("foo/"), + file("foo/bar.txt", ""), + ), + wantNumGz: 3, // dir, TOC, footer + want: checks( + numTOCEntries(2), + hasDir("foo/"), + hasFileLen("foo/bar.txt", 0), + entryHasChildren("foo", "bar.txt"), + hasFileDigest("foo/bar.txt", digestFor("")), + ), + }, + { + name: "1dir_1file", + in: tarOf( + dir("foo/"), + file("foo/bar.txt", content, xAttrFile), + ), + wantNumGz: 4, // var dir, foo.txt alone, TOC, footer + want: checks( + numTOCEntries(2), + hasDir("foo/"), + hasFileLen("foo/bar.txt", len(content)), + hasFileDigest("foo/bar.txt", digestFor(content)), + hasFileContentsRange("foo/bar.txt", 0, content), + hasFileContentsRange("foo/bar.txt", 1, content[1:]), + entryHasChildren("", "foo"), + entryHasChildren("foo", "bar.txt"), + hasFileXattrs("foo/bar.txt", "foo", "bar"), + hasFileXattrs("foo/bar.txt", "invalid-utf8", invalidUtf8), + ), + }, + { + name: "2meta_2file", + in: tarOf( + dir("bar/", sampleOwner), + dir("foo/", sampleOwner), + file("foo/bar.txt", content, sampleOwner), + ), + wantNumGz: 4, // both dirs, foo.txt alone, TOC, footer + want: checks( + numTOCEntries(3), + hasDir("bar/"), + hasDir("foo/"), + hasFileLen("foo/bar.txt", len(content)), + entryHasChildren("", "bar", "foo"), + entryHasChildren("foo", "bar.txt"), + hasChunkEntries("foo/bar.txt", 1), + hasEntryOwner("bar/", sampleOwner), + hasEntryOwner("foo/", sampleOwner), + hasEntryOwner("foo/bar.txt", sampleOwner), + ), + }, + { + name: "3dir", + in: tarOf( + dir("bar/"), + dir("foo/"), + dir("foo/bar/"), + ), + wantNumGz: 3, // 3 dirs, TOC, footer + want: checks( + hasDirLinkCount("bar/", 2), + hasDirLinkCount("foo/", 3), + hasDirLinkCount("foo/bar/", 2), + ), + }, + { + name: "symlink", + in: tarOf( + dir("foo/"), + symlink("foo/bar", "../../x"), + ), + wantNumGz: 3, // metas + TOC + footer + want: checks( + numTOCEntries(2), + hasSymlink("foo/bar", "../../x"), + entryHasChildren("", "foo"), + entryHasChildren("foo", "bar"), + ), + }, + { + name: "chunked_file", + chunkSize: 4, + in: tarOf( + dir("foo/"), + file("foo/big.txt", "This "+"is s"+"uch "+"a bi"+"g fi"+"le"), + ), + wantNumGz: 9, + want: checks( + numTOCEntries(7), // 1 for foo dir, 6 for the foo/big.txt file + hasDir("foo/"), + hasFileLen("foo/big.txt", len("This is such a big file")), + hasFileDigest("foo/big.txt", digestFor("This is such a big file")), + hasFileContentsRange("foo/big.txt", 0, "This is such a big file"), + hasFileContentsRange("foo/big.txt", 1, "his is such a big file"), + hasFileContentsRange("foo/big.txt", 2, "is is such a big file"), + hasFileContentsRange("foo/big.txt", 3, "s is such a big file"), + hasFileContentsRange("foo/big.txt", 4, " is such a big file"), + hasFileContentsRange("foo/big.txt", 5, "is such a big file"), + hasFileContentsRange("foo/big.txt", 6, "s such a big file"), + hasFileContentsRange("foo/big.txt", 7, " such a big file"), + hasFileContentsRange("foo/big.txt", 8, "such a big file"), + hasFileContentsRange("foo/big.txt", 9, "uch a big file"), + hasFileContentsRange("foo/big.txt", 10, "ch a big file"), + hasFileContentsRange("foo/big.txt", 11, "h a big file"), + hasFileContentsRange("foo/big.txt", 12, " a big file"), + hasFileContentsRange("foo/big.txt", len("This is such a big file")-1, ""), + hasChunkEntries("foo/big.txt", 6), + ), + }, + { + name: "recursive", + in: tarOf( + dir("/", sampleOwner), + dir("bar/", sampleOwner), + dir("foo/", sampleOwner), + file("foo/bar.txt", content, sampleOwner), + ), + wantNumGz: 4, // dirs, bar.txt alone, TOC, footer + want: checks( + maxDepth(2), // 0: root directory, 1: "foo/", 2: "bar.txt" + ), + }, + { + name: "block_char_fifo", + in: tarOf( + tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Name: prefix + "b", + Typeflag: tar.TypeBlock, + Devmajor: 123, + Devminor: 456, + }) + }), + tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Name: prefix + "c", + Typeflag: tar.TypeChar, + Devmajor: 111, + Devminor: 222, + }) + }), + tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Name: prefix + "f", + Typeflag: tar.TypeFifo, + }) + }), + ), + wantNumGz: 3, + want: checks( + lookupMatch("b", &TOCEntry{Name: "b", Type: "block", DevMajor: 123, DevMinor: 456, NumLink: 1}), + lookupMatch("c", &TOCEntry{Name: "c", Type: "char", DevMajor: 111, DevMinor: 222, NumLink: 1}), + lookupMatch("f", &TOCEntry{Name: "f", Type: "fifo", NumLink: 1}), + ), + }, + { + name: "modes", + in: tarOf( + dir("foo1/", 0755|os.ModeDir|os.ModeSetgid), + file("foo1/bar1", content, 0700|os.ModeSetuid), + file("foo1/bar2", content, 0755|os.ModeSetgid), + dir("foo2/", 0755|os.ModeDir|os.ModeSticky), + file("foo2/bar3", content, 0755|os.ModeSticky), + dir("foo3/", 0755|os.ModeDir), + file("foo3/bar4", content, os.FileMode(0700)), + file("foo3/bar5", content, os.FileMode(0755)), + ), + wantNumGz: 8, // dir, bar1 alone, bar2 alone + dir, bar3 alone + dir, bar4 alone, bar5 alone, TOC, footer + want: checks( + hasMode("foo1/", 0755|os.ModeDir|os.ModeSetgid), + hasMode("foo1/bar1", 0700|os.ModeSetuid), + hasMode("foo1/bar2", 0755|os.ModeSetgid), + hasMode("foo2/", 0755|os.ModeDir|os.ModeSticky), + hasMode("foo2/bar3", 0755|os.ModeSticky), + hasMode("foo3/", 0755|os.ModeDir), + hasMode("foo3/bar4", os.FileMode(0700)), + hasMode("foo3/bar5", os.FileMode(0755)), + ), + }, + } + + for _, tt := range tests { + for _, cl := range controllers { + cl := cl + for _, prefix := range allowedPrefix { + prefix := prefix + t.Run(tt.name+"-"+fmt.Sprintf("compression=%v-prefix=%q", cl, prefix), func(t *testing.T) { + tr, cancel := buildTar(t, tt.in, prefix) + defer cancel() + var stargzBuf bytes.Buffer + w := NewWriterWithCompressor(&stargzBuf, cl) + w.ChunkSize = tt.chunkSize + if err := w.AppendTar(tr); err != nil { + t.Fatalf("Append: %v", err) + } + if _, err := w.Close(); err != nil { + t.Fatalf("Writer.Close: %v", err) + } + b := stargzBuf.Bytes() + + diffID := w.DiffID() + wantDiffID := cl.DiffIDOf(t, b) + if diffID != wantDiffID { + t.Errorf("DiffID = %q; want %q", diffID, wantDiffID) + } + + got := cl.CountStreams(t, b) + if got != tt.wantNumGz { + t.Errorf("number of streams = %d; want %d", got, tt.wantNumGz) + } + + telemetry, checkCalled := newCalledTelemetry() + r, err := Open( + io.NewSectionReader(bytes.NewReader(b), 0, int64(len(b))), + WithDecompressors(cl), + WithTelemetry(telemetry), + ) + if err != nil { + t.Fatalf("stargz.Open: %v", err) + } + if err := checkCalled(); err != nil { + t.Errorf("telemetry failure: %v", err) + } + for _, want := range tt.want { + want.check(t, r) + } + }) + } + } + } +} + +func newCalledTelemetry() (telemetry *Telemetry, check func() error) { + var getFooterLatencyCalled bool + var getTocLatencyCalled bool + var deserializeTocLatencyCalled bool + return &Telemetry{ + func(time.Time) { getFooterLatencyCalled = true }, + func(time.Time) { getTocLatencyCalled = true }, + func(time.Time) { deserializeTocLatencyCalled = true }, + }, func() error { + var allErr []error + if !getFooterLatencyCalled { + allErr = append(allErr, fmt.Errorf("metrics GetFooterLatency isn't called")) + } + if !getTocLatencyCalled { + allErr = append(allErr, fmt.Errorf("metrics GetTocLatency isn't called")) + } + if !deserializeTocLatencyCalled { + allErr = append(allErr, fmt.Errorf("metrics DeserializeTocLatency isn't called")) + } + return errorutil.Aggregate(allErr) + } +} + +func digestFor(content string) string { + sum := sha256.Sum256([]byte(content)) + return fmt.Sprintf("sha256:%x", sum) +} + +type numTOCEntries int + +func (n numTOCEntries) check(t *testing.T, r *Reader) { + if r.toc == nil { + t.Fatal("nil TOC") + } + if got, want := len(r.toc.Entries), int(n); got != want { + t.Errorf("got %d TOC entries; want %d", got, want) + } + t.Logf("got TOC entries:") + for i, ent := range r.toc.Entries { + entj, _ := json.Marshal(ent) + t.Logf(" [%d]: %s\n", i, entj) + } + if t.Failed() { + t.FailNow() + } +} + +func checks(s ...stargzCheck) []stargzCheck { return s } + +type stargzCheck interface { + check(t *testing.T, r *Reader) +} + +type stargzCheckFn func(*testing.T, *Reader) + +func (f stargzCheckFn) check(t *testing.T, r *Reader) { f(t, r) } + +func maxDepth(max int) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + e, ok := r.Lookup("") + if !ok { + t.Fatal("root directory not found") + } + d, err := getMaxDepth(t, e, 0, 10*max) + if err != nil { + t.Errorf("failed to get max depth (wanted %d): %v", max, err) + return + } + if d != max { + t.Errorf("invalid depth %d; want %d", d, max) + return + } + }) +} + +func getMaxDepth(t *testing.T, e *TOCEntry, current, limit int) (max int, rErr error) { + if current > limit { + return -1, fmt.Errorf("walkMaxDepth: exceeds limit: current:%d > limit:%d", + current, limit) + } + max = current + e.ForeachChild(func(baseName string, ent *TOCEntry) bool { + t.Logf("%q(basename:%q) is child of %q\n", ent.Name, baseName, e.Name) + d, err := getMaxDepth(t, ent, current+1, limit) + if err != nil { + rErr = err + return false + } + if d > max { + max = d + } + return true + }) + return +} + +func hasFileLen(file string, wantLen int) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == file { + if ent.Type != "reg" { + t.Errorf("file type of %q is %q; want \"reg\"", file, ent.Type) + } else if ent.Size != int64(wantLen) { + t.Errorf("file size of %q = %d; want %d", file, ent.Size, wantLen) + } + return + } + } + t.Errorf("file %q not found", file) + }) +} + +func hasFileXattrs(file, name, value string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == file { + if ent.Type != "reg" { + t.Errorf("file type of %q is %q; want \"reg\"", file, ent.Type) + } + if ent.Xattrs == nil { + t.Errorf("file %q has no xattrs", file) + return + } + valueFound, found := ent.Xattrs[name] + if !found { + t.Errorf("file %q has no xattr %q", file, name) + return + } + if string(valueFound) != value { + t.Errorf("file %q has xattr %q with value %q instead of %q", file, name, valueFound, value) + } + + return + } + } + t.Errorf("file %q not found", file) + }) +} + +func hasFileDigest(file string, digest string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + ent, ok := r.Lookup(file) + if !ok { + t.Fatalf("didn't find TOCEntry for file %q", file) + } + if ent.Digest != digest { + t.Fatalf("Digest(%q) = %q, want %q", file, ent.Digest, digest) + } + }) +} + +func hasFileContentsRange(file string, offset int, want string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + f, err := r.OpenFile(file) + if err != nil { + t.Fatal(err) + } + got := make([]byte, len(want)) + n, err := f.ReadAt(got, int64(offset)) + if err != nil { + t.Fatalf("ReadAt(len %d, offset %d) = %v, %v", len(got), offset, n, err) + } + if string(got) != want { + t.Fatalf("ReadAt(len %d, offset %d) = %q, want %q", len(got), offset, got, want) + } + }) +} + +func hasChunkEntries(file string, wantChunks int) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + ent, ok := r.Lookup(file) + if !ok { + t.Fatalf("no file for %q", file) + } + if ent.Type != "reg" { + t.Fatalf("file %q has unexpected type %q; want reg", file, ent.Type) + } + chunks := r.getChunks(ent) + if len(chunks) != wantChunks { + t.Errorf("len(r.getChunks(%q)) = %d; want %d", file, len(chunks), wantChunks) + return + } + f := chunks[0] + + var gotChunks []*TOCEntry + var last *TOCEntry + for off := int64(0); off < f.Size; off++ { + e, ok := r.ChunkEntryForOffset(file, off) + if !ok { + t.Errorf("no ChunkEntryForOffset at %d", off) + return + } + if last != e { + gotChunks = append(gotChunks, e) + last = e + } + } + if !reflect.DeepEqual(chunks, gotChunks) { + t.Errorf("gotChunks=%d, want=%d; contents mismatch", len(gotChunks), wantChunks) + } + + // And verify the NextOffset + for i := 0; i < len(gotChunks)-1; i++ { + ci := gotChunks[i] + cnext := gotChunks[i+1] + if ci.NextOffset() != cnext.Offset { + t.Errorf("chunk %d NextOffset %d != next chunk's Offset of %d", i, ci.NextOffset(), cnext.Offset) + } + } + }) +} + +func entryHasChildren(dir string, want ...string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + want := append([]string(nil), want...) + var got []string + ent, ok := r.Lookup(dir) + if !ok { + t.Fatalf("didn't find TOCEntry for dir node %q", dir) + } + for baseName := range ent.children { + got = append(got, baseName) + } + sort.Strings(got) + sort.Strings(want) + if !reflect.DeepEqual(got, want) { + t.Errorf("children of %q = %q; want %q", dir, got, want) + } + }) +} + +func hasDir(file string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == cleanEntryName(file) { + if ent.Type != "dir" { + t.Errorf("file type of %q is %q; want \"dir\"", file, ent.Type) + } + return + } + } + t.Errorf("directory %q not found", file) + }) +} + +func hasDirLinkCount(file string, count int) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == cleanEntryName(file) { + if ent.Type != "dir" { + t.Errorf("file type of %q is %q; want \"dir\"", file, ent.Type) + return + } + if ent.NumLink != count { + t.Errorf("link count of %q = %d; want %d", file, ent.NumLink, count) + } + return + } + } + t.Errorf("directory %q not found", file) + }) +} + +func hasMode(file string, mode os.FileMode) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == cleanEntryName(file) { + if ent.Stat().Mode() != mode { + t.Errorf("invalid mode: got %v; want %v", ent.Stat().Mode(), mode) + return + } + return + } + } + t.Errorf("file %q not found", file) + }) +} + +func hasSymlink(file, target string) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + for _, ent := range r.toc.Entries { + if ent.Name == file { + if ent.Type != "symlink" { + t.Errorf("file type of %q is %q; want \"symlink\"", file, ent.Type) + } else if ent.LinkName != target { + t.Errorf("link target of symlink %q is %q; want %q", file, ent.LinkName, target) + } + return + } + } + t.Errorf("symlink %q not found", file) + }) +} + +func lookupMatch(name string, want *TOCEntry) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + e, ok := r.Lookup(name) + if !ok { + t.Fatalf("failed to Lookup entry %q", name) + } + if !reflect.DeepEqual(e, want) { + t.Errorf("entry %q mismatch.\n got: %+v\nwant: %+v\n", name, e, want) + } + + }) +} + +func hasEntryOwner(entry string, owner owner) stargzCheck { + return stargzCheckFn(func(t *testing.T, r *Reader) { + ent, ok := r.Lookup(strings.TrimSuffix(entry, "/")) + if !ok { + t.Errorf("entry %q not found", entry) + return + } + if ent.UID != owner.uid || ent.GID != owner.gid { + t.Errorf("entry %q has invalid owner (uid:%d, gid:%d) instead of (uid:%d, gid:%d)", entry, ent.UID, ent.GID, owner.uid, owner.gid) + return + } + }) +} + +func tarOf(s ...tarEntry) []tarEntry { return s } + +type tarEntry interface { + appendTar(tw *tar.Writer, prefix string) error +} + +type tarEntryFunc func(*tar.Writer, string) error + +func (f tarEntryFunc) appendTar(tw *tar.Writer, prefix string) error { return f(tw, prefix) } + +func buildTar(t *testing.T, ents []tarEntry, prefix string) (r io.Reader, cancel func()) { + pr, pw := io.Pipe() + go func() { + tw := tar.NewWriter(pw) + for _, ent := range ents { + if err := ent.appendTar(tw, prefix); err != nil { + t.Errorf("building input tar: %v", err) + pw.Close() + return + } + } + if err := tw.Close(); err != nil { + t.Errorf("closing write of input tar: %v", err) + } + pw.Close() + }() + return pr, func() { go pr.Close(); go pw.Close() } +} + +func buildTarStatic(t *testing.T, ents []tarEntry, prefix string) *io.SectionReader { + buf := new(bytes.Buffer) + tw := tar.NewWriter(buf) + for _, ent := range ents { + if err := ent.appendTar(tw, prefix); err != nil { + t.Fatalf("building input tar: %v", err) + } + } + if err := tw.Close(); err != nil { + t.Errorf("closing write of input tar: %v", err) + } + data := buf.Bytes() + return io.NewSectionReader(bytes.NewReader(data), 0, int64(len(data))) +} + +func dir(name string, opts ...interface{}) tarEntry { + return tarEntryFunc(func(tw *tar.Writer, prefix string) error { + var o owner + mode := os.FileMode(0755) + for _, opt := range opts { + switch v := opt.(type) { + case owner: + o = v + case os.FileMode: + mode = v + default: + return errors.New("unsupported opt") + } + } + if !strings.HasSuffix(name, "/") { + panic(fmt.Sprintf("missing trailing slash in dir %q ", name)) + } + tm, err := fileModeToTarMode(mode) + if err != nil { + return err + } + return tw.WriteHeader(&tar.Header{ + Typeflag: tar.TypeDir, + Name: prefix + name, + Mode: tm, + Uid: o.uid, + Gid: o.gid, + }) + }) +} + +// xAttr are extended attributes to set on test files created with the file func. +type xAttr map[string]string + +// owner is owner ot set on test files and directories with the file and dir functions. +type owner struct { + uid int + gid int +} + +func file(name, contents string, opts ...interface{}) tarEntry { + return tarEntryFunc(func(tw *tar.Writer, prefix string) error { + var xattrs xAttr + var o owner + mode := os.FileMode(0644) + for _, opt := range opts { + switch v := opt.(type) { + case xAttr: + xattrs = v + case owner: + o = v + case os.FileMode: + mode = v + default: + return errors.New("unsupported opt") + } + } + if strings.HasSuffix(name, "/") { + return fmt.Errorf("bogus trailing slash in file %q", name) + } + tm, err := fileModeToTarMode(mode) + if err != nil { + return err + } + if err := tw.WriteHeader(&tar.Header{ + Typeflag: tar.TypeReg, + Name: prefix + name, + Mode: tm, + Xattrs: xattrs, + Size: int64(len(contents)), + Uid: o.uid, + Gid: o.gid, + }); err != nil { + return err + } + _, err = io.WriteString(tw, contents) + return err + }) +} + +func symlink(name, target string) tarEntry { + return tarEntryFunc(func(tw *tar.Writer, prefix string) error { + return tw.WriteHeader(&tar.Header{ + Typeflag: tar.TypeSymlink, + Name: prefix + name, + Linkname: target, + Mode: 0644, + }) + }) +} + +func link(name string, linkname string) tarEntry { + now := time.Now() + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Typeflag: tar.TypeLink, + Name: prefix + name, + Linkname: linkname, + ModTime: now, + AccessTime: now, + ChangeTime: now, + }) + }) +} + +func chardev(name string, major, minor int64) tarEntry { + now := time.Now() + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Typeflag: tar.TypeChar, + Name: prefix + name, + Devmajor: major, + Devminor: minor, + ModTime: now, + AccessTime: now, + ChangeTime: now, + }) + }) +} + +func blockdev(name string, major, minor int64) tarEntry { + now := time.Now() + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Typeflag: tar.TypeBlock, + Name: prefix + name, + Devmajor: major, + Devminor: minor, + ModTime: now, + AccessTime: now, + ChangeTime: now, + }) + }) +} +func fifo(name string) tarEntry { + now := time.Now() + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + return w.WriteHeader(&tar.Header{ + Typeflag: tar.TypeFifo, + Name: prefix + name, + ModTime: now, + AccessTime: now, + ChangeTime: now, + }) + }) +} + +func prefetchLandmark() tarEntry { + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + if err := w.WriteHeader(&tar.Header{ + Name: PrefetchLandmark, + Typeflag: tar.TypeReg, + Size: int64(len([]byte{landmarkContents})), + }); err != nil { + return err + } + contents := []byte{landmarkContents} + if _, err := io.CopyN(w, bytes.NewReader(contents), int64(len(contents))); err != nil { + return err + } + return nil + }) +} + +func noPrefetchLandmark() tarEntry { + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + if err := w.WriteHeader(&tar.Header{ + Name: NoPrefetchLandmark, + Typeflag: tar.TypeReg, + Size: int64(len([]byte{landmarkContents})), + }); err != nil { + return err + } + contents := []byte{landmarkContents} + if _, err := io.CopyN(w, bytes.NewReader(contents), int64(len(contents))); err != nil { + return err + } + return nil + }) +} + +func regDigest(t *testing.T, name string, contentStr string, digestMap map[string]digest.Digest) tarEntry { + if digestMap == nil { + t.Fatalf("digest map mustn't be nil") + } + content := []byte(contentStr) + + var n int64 + for n < int64(len(content)) { + size := int64(chunkSize) + remain := int64(len(content)) - n + if remain < size { + size = remain + } + dgstr := digest.Canonical.Digester() + if _, err := io.CopyN(dgstr.Hash(), bytes.NewReader(content[n:n+size]), size); err != nil { + t.Fatalf("failed to calculate digest of %q (name=%q,offset=%d,size=%d)", + string(content[n:n+size]), name, n, size) + } + digestMap[chunkID(name, n, size)] = dgstr.Digest() + n += size + } + + return tarEntryFunc(func(w *tar.Writer, prefix string) error { + if err := w.WriteHeader(&tar.Header{ + Typeflag: tar.TypeReg, + Name: prefix + name, + Size: int64(len(content)), + }); err != nil { + return err + } + if _, err := io.CopyN(w, bytes.NewReader(content), int64(len(content))); err != nil { + return err + } + return nil + }) +} + +func fileModeToTarMode(mode os.FileMode) (int64, error) { + h, err := tar.FileInfoHeader(fileInfoOnlyMode(mode), "") + if err != nil { + return 0, err + } + return h.Mode, nil +} + +// fileInfoOnlyMode is os.FileMode that populates only file mode. +type fileInfoOnlyMode os.FileMode + +func (f fileInfoOnlyMode) Name() string { return "" } +func (f fileInfoOnlyMode) Size() int64 { return 0 } +func (f fileInfoOnlyMode) Mode() os.FileMode { return os.FileMode(f) } +func (f fileInfoOnlyMode) ModTime() time.Time { return time.Now() } +func (f fileInfoOnlyMode) IsDir() bool { return os.FileMode(f).IsDir() } +func (f fileInfoOnlyMode) Sys() interface{} { return nil } diff --git a/vendor/github.com/containerd/stargz-snapshotter/estargz/types.go b/vendor/github.com/containerd/stargz-snapshotter/estargz/types.go new file mode 100644 index 000000000..1b1075a64 --- /dev/null +++ b/vendor/github.com/containerd/stargz-snapshotter/estargz/types.go @@ -0,0 +1,314 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/* + Copyright 2019 The Go Authors. All rights reserved. + Use of this source code is governed by a BSD-style + license that can be found in the LICENSE file. +*/ + +package estargz + +import ( + "archive/tar" + "hash" + "io" + "os" + "path" + "time" + + digest "github.com/opencontainers/go-digest" +) + +const ( + // TOCTarName is the name of the JSON file in the tar archive in the + // table of contents gzip stream. + TOCTarName = "stargz.index.json" + + // FooterSize is the number of bytes in the footer + // + // The footer is an empty gzip stream with no compression and an Extra + // header of the form "%016xSTARGZ", where the 64 bit hex-encoded + // number is the offset to the gzip stream of JSON TOC. + // + // 51 comes from: + // + // 10 bytes gzip header + // 2 bytes XLEN (length of Extra field) = 26 (4 bytes header + 16 hex digits + len("STARGZ")) + // 2 bytes Extra: SI1 = 'S', SI2 = 'G' + // 2 bytes Extra: LEN = 22 (16 hex digits + len("STARGZ")) + // 22 bytes Extra: subfield = fmt.Sprintf("%016xSTARGZ", offsetOfTOC) + // 5 bytes flate header + // 8 bytes gzip footer + // (End of the eStargz blob) + // + // NOTE: For Extra fields, subfield IDs SI1='S' SI2='G' is used for eStargz. + FooterSize = 51 + + // legacyFooterSize is the number of bytes in the legacy stargz footer. + // + // 47 comes from: + // + // 10 byte gzip header + + // 2 byte (LE16) length of extra, encoding 22 (16 hex digits + len("STARGZ")) == "\x16\x00" + + // 22 bytes of extra (fmt.Sprintf("%016xSTARGZ", tocGzipOffset)) + // 5 byte flate header + // 8 byte gzip footer (two little endian uint32s: digest, size) + legacyFooterSize = 47 + + // TOCJSONDigestAnnotation is an annotation for an image layer. This stores the + // digest of the TOC JSON. + // This annotation is valid only when it is specified in `.[]layers.annotations` + // of an image manifest. + TOCJSONDigestAnnotation = "containerd.io/snapshot/stargz/toc.digest" + + // StoreUncompressedSizeAnnotation is an additional annotation key for eStargz to enable lazy + // pulling on containers/storage. Stargz Store is required to expose the layer's uncompressed size + // to the runtime but current OCI image doesn't ship this information by default. So we store this + // to the special annotation. + StoreUncompressedSizeAnnotation = "io.containers.estargz.uncompressed-size" + + // PrefetchLandmark is a file entry which indicates the end position of + // prefetch in the stargz file. + PrefetchLandmark = ".prefetch.landmark" + + // NoPrefetchLandmark is a file entry which indicates that no prefetch should + // occur in the stargz file. + NoPrefetchLandmark = ".no.prefetch.landmark" + + landmarkContents = 0xf +) + +// JTOC is the JSON-serialized table of contents index of the files in the stargz file. +type JTOC struct { + Version int `json:"version"` + Entries []*TOCEntry `json:"entries"` +} + +// TOCEntry is an entry in the stargz file's TOC (Table of Contents). +type TOCEntry struct { + // Name is the tar entry's name. It is the complete path + // stored in the tar file, not just the base name. + Name string `json:"name"` + + // Type is one of "dir", "reg", "symlink", "hardlink", "char", + // "block", "fifo", or "chunk". + // The "chunk" type is used for regular file data chunks past the first + // TOCEntry; the 2nd chunk and on have only Type ("chunk"), Offset, + // ChunkOffset, and ChunkSize populated. + Type string `json:"type"` + + // Size, for regular files, is the logical size of the file. + Size int64 `json:"size,omitempty"` + + // ModTime3339 is the modification time of the tar entry. Empty + // means zero or unknown. Otherwise it's in UTC RFC3339 + // format. Use the ModTime method to access the time.Time value. + ModTime3339 string `json:"modtime,omitempty"` + modTime time.Time + + // LinkName, for symlinks and hardlinks, is the link target. + LinkName string `json:"linkName,omitempty"` + + // Mode is the permission and mode bits. + Mode int64 `json:"mode,omitempty"` + + // UID is the user ID of the owner. + UID int `json:"uid,omitempty"` + + // GID is the group ID of the owner. + GID int `json:"gid,omitempty"` + + // Uname is the username of the owner. + // + // In the serialized JSON, this field may only be present for + // the first entry with the same UID. + Uname string `json:"userName,omitempty"` + + // Gname is the group name of the owner. + // + // In the serialized JSON, this field may only be present for + // the first entry with the same GID. + Gname string `json:"groupName,omitempty"` + + // Offset, for regular files, provides the offset in the + // stargz file to the file's data bytes. See ChunkOffset and + // ChunkSize. + Offset int64 `json:"offset,omitempty"` + + nextOffset int64 // the Offset of the next entry with a non-zero Offset + + // DevMajor is the major device number for "char" and "block" types. + DevMajor int `json:"devMajor,omitempty"` + + // DevMinor is the major device number for "char" and "block" types. + DevMinor int `json:"devMinor,omitempty"` + + // NumLink is the number of entry names pointing to this entry. + // Zero means one name references this entry. + NumLink int + + // Xattrs are the extended attribute for the entry. + Xattrs map[string][]byte `json:"xattrs,omitempty"` + + // Digest stores the OCI checksum for regular files payload. + // It has the form "sha256:abcdef01234....". + Digest string `json:"digest,omitempty"` + + // ChunkOffset is non-zero if this is a chunk of a large, + // regular file. If so, the Offset is where the gzip header of + // ChunkSize bytes at ChunkOffset in Name begin. + // + // In serialized form, a "chunkSize" JSON field of zero means + // that the chunk goes to the end of the file. After reading + // from the stargz TOC, though, the ChunkSize is initialized + // to a non-zero file for when Type is either "reg" or + // "chunk". + ChunkOffset int64 `json:"chunkOffset,omitempty"` + ChunkSize int64 `json:"chunkSize,omitempty"` + + // ChunkDigest stores an OCI digest of the chunk. This must be formed + // as "sha256:0123abcd...". + ChunkDigest string `json:"chunkDigest,omitempty"` + + children map[string]*TOCEntry +} + +// ModTime returns the entry's modification time. +func (e *TOCEntry) ModTime() time.Time { return e.modTime } + +// NextOffset returns the position (relative to the start of the +// stargz file) of the next gzip boundary after e.Offset. +func (e *TOCEntry) NextOffset() int64 { return e.nextOffset } + +func (e *TOCEntry) addChild(baseName string, child *TOCEntry) { + if e.children == nil { + e.children = make(map[string]*TOCEntry) + } + if child.Type == "dir" { + e.NumLink++ // Entry ".." in the subdirectory links to this directory + } + e.children[baseName] = child +} + +// isDataType reports whether TOCEntry is a regular file or chunk (something that +// contains regular file data). +func (e *TOCEntry) isDataType() bool { return e.Type == "reg" || e.Type == "chunk" } + +// Stat returns a FileInfo value representing e. +func (e *TOCEntry) Stat() os.FileInfo { return fileInfo{e} } + +// ForeachChild calls f for each child item. If f returns false, iteration ends. +// If e is not a directory, f is not called. +func (e *TOCEntry) ForeachChild(f func(baseName string, ent *TOCEntry) bool) { + for name, ent := range e.children { + if !f(name, ent) { + return + } + } +} + +// LookupChild returns the directory e's child by its base name. +func (e *TOCEntry) LookupChild(baseName string) (child *TOCEntry, ok bool) { + child, ok = e.children[baseName] + return +} + +// fileInfo implements os.FileInfo using the wrapped *TOCEntry. +type fileInfo struct{ e *TOCEntry } + +var _ os.FileInfo = fileInfo{} + +func (fi fileInfo) Name() string { return path.Base(fi.e.Name) } +func (fi fileInfo) IsDir() bool { return fi.e.Type == "dir" } +func (fi fileInfo) Size() int64 { return fi.e.Size } +func (fi fileInfo) ModTime() time.Time { return fi.e.ModTime() } +func (fi fileInfo) Sys() interface{} { return fi.e } +func (fi fileInfo) Mode() (m os.FileMode) { + // TOCEntry.Mode is tar.Header.Mode so we can understand the these bits using `tar` pkg. + m = (&tar.Header{Mode: fi.e.Mode}).FileInfo().Mode() & + (os.ModePerm | os.ModeSetuid | os.ModeSetgid | os.ModeSticky) + switch fi.e.Type { + case "dir": + m |= os.ModeDir + case "symlink": + m |= os.ModeSymlink + case "char": + m |= os.ModeDevice | os.ModeCharDevice + case "block": + m |= os.ModeDevice + case "fifo": + m |= os.ModeNamedPipe + } + return m +} + +// TOCEntryVerifier holds verifiers that are usable for verifying chunks contained +// in a eStargz blob. +type TOCEntryVerifier interface { + + // Verifier provides a content verifier that can be used for verifying the + // contents of the specified TOCEntry. + Verifier(ce *TOCEntry) (digest.Verifier, error) +} + +// Compression provides the compression helper to be used creating and parsing eStargz. +// This package provides gzip-based Compression by default, but any compression +// algorithm (e.g. zstd) can be used as long as it implements Compression. +type Compression interface { + Compressor + Decompressor +} + +// Compressor represents the helper mothods to be used for creating eStargz. +type Compressor interface { + // Writer returns WriteCloser to be used for writing a chunk to eStargz. + // Everytime a chunk is written, the WriteCloser is closed and Writer is + // called again for writing the next chunk. + Writer(w io.Writer) (io.WriteCloser, error) + + // WriteTOCAndFooter is called to write JTOC to the passed Writer. + // diffHash calculates the DiffID (uncompressed sha256 hash) of the blob + // WriteTOCAndFooter can optionally write anything that affects DiffID calculation + // (e.g. uncompressed TOC JSON). + // + // This function returns tocDgst that represents the digest of TOC that will be used + // to verify this blob when it's parsed. + WriteTOCAndFooter(w io.Writer, off int64, toc *JTOC, diffHash hash.Hash) (tocDgst digest.Digest, err error) +} + +// Deompressor represents the helper mothods to be used for parsing eStargz. +type Decompressor interface { + // Reader returns ReadCloser to be used for decompressing file payload. + Reader(r io.Reader) (io.ReadCloser, error) + + // FooterSize returns the size of the footer of this blob. + FooterSize() int64 + + // ParseFooter parses the footer and returns the offset and (compressed) size of TOC. + // + // Here, tocSize is optional. If tocSize <= 0, it's by default the size of the range + // from tocOffset until the beginning of the footer (blob size - tocOff - FooterSize). + ParseFooter(p []byte) (tocOffset, tocSize int64, err error) + + // ParseTOC parses TOC from the passed reader. The reader provides the partial contents + // of the underlying blob that has the range specified by ParseFooter method. + // + // This function returns tocDgst that represents the digest of TOC that will be used + // to verify this blob. This must match to the value returned from + // Compressor.WriteTOCAndFooter that is used when creating this blob. + ParseTOC(r io.Reader) (toc *JTOC, tocDgst digest.Digest, err error) +} diff --git a/vendor/github.com/containers/common/libimage/disk_usage.go b/vendor/github.com/containers/common/libimage/disk_usage.go index edfd095a0..2cde09846 100644 --- a/vendor/github.com/containers/common/libimage/disk_usage.go +++ b/vendor/github.com/containers/common/libimage/disk_usage.go @@ -52,6 +52,10 @@ func (r *Runtime) DiskUsage(ctx context.Context) ([]ImageDiskUsage, error) { // diskUsageForImage returns the disk-usage baseistics for the specified image. func diskUsageForImage(ctx context.Context, image *Image, tree *layerTree) ([]ImageDiskUsage, error) { + if err := image.isCorrupted(""); err != nil { + return nil, err + } + base := ImageDiskUsage{ ID: image.ID(), Created: image.Created(), diff --git a/vendor/github.com/containers/common/libimage/image.go b/vendor/github.com/containers/common/libimage/image.go index b4623a870..ff7d546e9 100644 --- a/vendor/github.com/containers/common/libimage/image.go +++ b/vendor/github.com/containers/common/libimage/image.go @@ -74,7 +74,10 @@ func (i *Image) isCorrupted(name string) error { } if _, err := ref.NewImage(context.Background(), nil); err != nil { - return errors.Errorf("Image %s exists in local storage but may be corrupted: %v", name, err) + if name == "" { + name = i.ID()[:12] + } + return errors.Errorf("Image %s exists in local storage but may be corrupted (remove the image to resolve the issue): %v", name, err) } return nil } diff --git a/vendor/github.com/containers/common/libimage/runtime.go b/vendor/github.com/containers/common/libimage/runtime.go index 26a04dad5..42461014d 100644 --- a/vendor/github.com/containers/common/libimage/runtime.go +++ b/vendor/github.com/containers/common/libimage/runtime.go @@ -161,8 +161,14 @@ type LookupImageOptions struct { // If set, do not look for items/instances in the manifest list that // match the current platform but return the manifest list as is. + // only check for manifest list, return ErrNotAManifestList if not found. lookupManifest bool + // If matching images resolves to a manifest list, return manifest list + // instead of resolving to image instance, if manifest list is not found + // try resolving image. + ManifestList bool + // If the image resolves to a manifest list, we usually lookup a // matching instance and error if none could be found. In this case, // just return the manifest list. Required for image removal. @@ -305,11 +311,14 @@ func (r *Runtime) lookupImageInLocalStorage(name, candidate string, options *Loo } return nil, err } - if options.lookupManifest { + if options.lookupManifest || options.ManifestList { if isManifestList { return image, nil } - return nil, errors.Wrapf(ErrNotAManifestList, candidate) + // return ErrNotAManifestList if lookupManifest is set otherwise try resolving image. + if options.lookupManifest { + return nil, errors.Wrapf(ErrNotAManifestList, candidate) + } } if isManifestList { @@ -532,6 +541,11 @@ type RemoveImagesOptions struct { // using a removed image. Use RemoveContainerFunc for a custom logic. // If set, all child images will be removed as well. Force bool + // LookupManifest will expect all specified names to be manifest lists (no instance look up). + // This allows for removing manifest lists. + // By default, RemoveImages will attempt to resolve to a manifest instance matching + // the local platform (i.e., os, architecture, variant). + LookupManifest bool // RemoveContainerFunc allows for a custom logic for removing // containers using a specific image. By default, all containers in // the local containers storage will be removed (if Force is set). @@ -591,13 +605,22 @@ func (r *Runtime) RemoveImages(ctx context.Context, names []string, options *Rem toDelete := []string{} // Look up images in the local containers storage and fill out // toDelete and the deleteMap. + switch { case len(names) > 0: + // prepare lookupOptions + var lookupOptions *LookupImageOptions + if options.LookupManifest { + // LookupManifest configured as true make sure we only remove manifests and no referenced images. + lookupOptions = &LookupImageOptions{lookupManifest: true} + } else { + lookupOptions = &LookupImageOptions{returnManifestIfNoInstance: true} + } // Look up the images one-by-one. That allows for removing // images that have been looked up successfully while reporting // lookup errors at the end. for _, name := range names { - img, resolvedName, err := r.LookupImage(name, &LookupImageOptions{returnManifestIfNoInstance: true}) + img, resolvedName, err := r.LookupImage(name, lookupOptions) if err != nil { appendError(err) continue diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index e554bac70..3a6ce8780 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -167,7 +167,7 @@ type ContainersConfig struct { // RootlessNetworking depicts the "kind" of networking for rootless // containers. Valid options are `slirp4netns` and `cni`. Default is - // `slirp4netns` + // `slirp4netns` on Linux, and `cni` on non-Linux OSes. RootlessNetworking string `toml:"rootless_networking,omitempty"` // SeccompProfile is the seccomp.json profile path which is used as the @@ -234,6 +234,10 @@ type EngineConfig struct { // EventsLogger determines where events should be logged. EventsLogger string `toml:"events_logger,omitempty"` + // HelperBinariesDir is a list of directories which are used to search for + // helper binaries. + HelperBinariesDir []string `toml:"helper_binaries_dir"` + // configuration files. When the same filename is present in in // multiple directories, the file in the directory listed last in // this slice takes precedence. @@ -778,7 +782,7 @@ func (c *NetworkConfig) Validate() error { } } - if stringsEq(c.CNIPluginDirs, cniBinDir) { + if stringsEq(c.CNIPluginDirs, DefaultCNIPluginDirs) { return nil } @@ -1126,3 +1130,21 @@ func (c *Config) ActiveDestination() (uri, identity string, err error) { } return "", "", errors.New("no service destination configured") } + +// FindHelperBinary will search the given binary name in the configured directories. +// If searchPATH is set to true it will also search in $PATH. +func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) { + for _, path := range c.Engine.HelperBinariesDir { + fullpath := filepath.Join(path, name) + if fi, err := os.Stat(fullpath); err == nil && fi.Mode().IsRegular() { + return fullpath, nil + } + } + if searchPATH { + return exec.LookPath(name) + } + if len(c.Engine.HelperBinariesDir) == 0 { + return "", errors.Errorf("could not find %q because there are no helper binary directories configured", name) + } + return "", errors.Errorf("could not find %q in one of %v", name, c.Engine.HelperBinariesDir) +} diff --git a/vendor/github.com/containers/common/pkg/config/config_darwin.go b/vendor/github.com/containers/common/pkg/config/config_darwin.go index c0722ec7f..5abb51f30 100644 --- a/vendor/github.com/containers/common/pkg/config/config_darwin.go +++ b/vendor/github.com/containers/common/pkg/config/config_darwin.go @@ -15,3 +15,16 @@ func customConfigFile() (string, error) { func ifRootlessConfigPath() (string, error) { return rootlessConfigPath() } + +var defaultHelperBinariesDir = []string{ + // Homebrew install paths + "/usr/local/opt/podman/libexec", + "/opt/homebrew/bin", + "/opt/homebrew/opt/podman/libexec", + "/usr/local/bin", + // default paths + "/usr/local/libexec/podman", + "/usr/local/lib/podman", + "/usr/libexec/podman", + "/usr/lib/podman", +} diff --git a/vendor/github.com/containers/common/pkg/config/config_linux.go b/vendor/github.com/containers/common/pkg/config/config_linux.go index fac9e2283..da0ae871a 100644 --- a/vendor/github.com/containers/common/pkg/config/config_linux.go +++ b/vendor/github.com/containers/common/pkg/config/config_linux.go @@ -35,3 +35,10 @@ func ifRootlessConfigPath() (string, error) { } return "", nil } + +var defaultHelperBinariesDir = []string{ + "/usr/local/libexec/podman", + "/usr/local/lib/podman", + "/usr/libexec/podman", + "/usr/lib/podman", +} diff --git a/vendor/github.com/containers/common/pkg/config/config_windows.go b/vendor/github.com/containers/common/pkg/config/config_windows.go index 28e8471f2..dbe7ba00d 100644 --- a/vendor/github.com/containers/common/pkg/config/config_windows.go +++ b/vendor/github.com/containers/common/pkg/config/config_windows.go @@ -13,3 +13,7 @@ func customConfigFile() (string, error) { func ifRootlessConfigPath() (string, error) { return os.Getenv("APPDATA") + "\\containers\\containers.conf", nil } + +var defaultHelperBinariesDir = []string{ + "C:\\Program Files\\RedHat\\Podman", +} diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 0068a9a17..fc61ed709 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -262,7 +262,13 @@ default_sysctls = [ # Path to directory where CNI plugin binaries are located. # -#cni_plugin_dirs = ["/usr/libexec/cni"] +#cni_plugin_dirs = [ +# "/usr/local/libexec/cni", +# "/usr/libexec/cni", +# "/usr/local/lib/cni", +# "/usr/lib/cni", +# "/opt/cni/bin", +#] # The network name of the default CNI network to attach pods to. # @@ -335,6 +341,15 @@ default_sysctls = [ # #events_logger = "journald" +# A is a list of directories which are used to search for helper binaries. +# +#helper_binaries_dir = [ +# "/usr/local/libexec/podman", +# "/usr/local/lib/podman", +# "/usr/libexec/podman", +# "/usr/lib/podman", +#] + # Path to OCI hooks directories for automatically executed hooks. # #hooks_dir = [ diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 66531a2ba..db5ba6936 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -76,16 +76,14 @@ var ( "CAP_SYS_CHROOT", } - cniBinDir = []string{ + // It may seem a bit unconventional, but it is necessary to do so + DefaultCNIPluginDirs = []string{ + "/usr/local/libexec/cni", "/usr/libexec/cni", - "/usr/lib/cni", "/usr/local/lib/cni", + "/usr/lib/cni", "/opt/cni/bin", } - - // DefaultRootlessNetwork is the kind of of rootless networking - // for containers - DefaultRootlessNetwork = "slirp4netns" ) const ( @@ -195,7 +193,7 @@ func DefaultConfig() (*Config, error) { NoHosts: false, PidsLimit: DefaultPidsLimit, PidNS: "private", - RootlessNetworking: DefaultRootlessNetwork, + RootlessNetworking: getDefaultRootlessNetwork(), ShmSize: DefaultShmSize, TZ: "", Umask: "0022", @@ -207,7 +205,7 @@ func DefaultConfig() (*Config, error) { DefaultNetwork: "podman", DefaultSubnet: DefaultSubnet, NetworkConfigDir: cniConfig, - CNIPluginDirs: cniBinDir, + CNIPluginDirs: DefaultCNIPluginDirs, }, Engine: *defaultEngineConfig, Secrets: defaultSecretConfig(), @@ -249,6 +247,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) { c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod") c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes") + c.HelperBinariesDir = defaultHelperBinariesDir c.HooksDir = DefaultHooksDirs c.ImageDefaultTransport = _defaultTransport c.StateType = BoltDBStateStore diff --git a/vendor/github.com/containers/common/pkg/config/default_linux.go b/vendor/github.com/containers/common/pkg/config/default_linux.go index f61d9ba54..c68c0b130 100644 --- a/vendor/github.com/containers/common/pkg/config/default_linux.go +++ b/vendor/github.com/containers/common/pkg/config/default_linux.go @@ -13,6 +13,12 @@ const ( oldMaxSize = uint64(1048576) ) +// getDefaultRootlessNetwork returns the default rootless network configuration. +// It is "slirp4netns" for Linux. +func getDefaultRootlessNetwork() string { + return "slirp4netns" +} + // getDefaultProcessLimits returns the nproc for the current process in ulimits format // Note that nfile sometimes cannot be set to unlimited, and the limit is hardcoded // to (oldMaxSize) 1048576 (2^20), see: http://stackoverflow.com/a/1213069/1811501 diff --git a/vendor/github.com/containers/common/pkg/config/default_unsupported.go b/vendor/github.com/containers/common/pkg/config/default_unsupported.go index 1ae1dd12c..e38fb810d 100644 --- a/vendor/github.com/containers/common/pkg/config/default_unsupported.go +++ b/vendor/github.com/containers/common/pkg/config/default_unsupported.go @@ -2,6 +2,12 @@ package config +// getDefaultRootlessNetwork returns the default rootless network configuration. +// It is "cni" for non-Linux OSes (to better support `podman-machine` usecases). +func getDefaultRootlessNetwork() string { + return "cni" +} + // isCgroup2UnifiedMode returns whether we are running in cgroup2 mode. func isCgroup2UnifiedMode() (isUnified bool, isUnifiedErr error) { return false, nil diff --git a/vendor/github.com/containers/common/pkg/config/util_supported.go b/vendor/github.com/containers/common/pkg/config/util_supported.go index 417e3a375..33e4a9e8f 100644 --- a/vendor/github.com/containers/common/pkg/config/util_supported.go +++ b/vendor/github.com/containers/common/pkg/config/util_supported.go @@ -48,7 +48,7 @@ func getRuntimeDir() (string, error) { } } if runtimeDir == "" { - tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("run-%s", uid)) + tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid)) if err := os.MkdirAll(tmpDir, 0700); err != nil { logrus.Debugf("unable to make temp dir %v", err) } diff --git a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go index 725e0bfc7..cf333744c 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go +++ b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go @@ -236,6 +236,7 @@ func DefaultProfile() *Seccomp { "madvise", "mbind", "memfd_create", + "memfd_secret", "mincore", "mkdir", "mkdirat", diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json index eeb41d5d8..c009134e3 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json +++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json @@ -242,6 +242,7 @@ "madvise", "mbind", "memfd_create", + "memfd_secret", "mincore", "mkdir", "mkdirat", diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 572fe9bbd..f248f0c7a 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.43.2" +const Version = "0.44.0" diff --git a/vendor/github.com/containers/psgo/go.mod b/vendor/github.com/containers/psgo/go.mod index 5f3341aa9..699874cf7 100644 --- a/vendor/github.com/containers/psgo/go.mod +++ b/vendor/github.com/containers/psgo/go.mod @@ -1,11 +1,10 @@ module github.com/containers/psgo -go 1.12 +go 1.13 require ( - github.com/opencontainers/runc v0.0.0-20190425234816-dae70e8efea4 - github.com/pkg/errors v0.0.0-20190227000051-27936f6d90f9 - github.com/sirupsen/logrus v0.0.0-20190403091019-9b3cdde74fbe - github.com/stretchr/testify v1.5.1 - golang.org/x/sys v0.0.0-20190425145619-16072639606e + github.com/opencontainers/runc v1.0.2 + github.com/sirupsen/logrus v1.8.1 + github.com/stretchr/testify v1.7.0 + golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 ) diff --git a/vendor/github.com/containers/psgo/go.sum b/vendor/github.com/containers/psgo/go.sum index 781b26f2b..0ba04956f 100644 --- a/vendor/github.com/containers/psgo/go.sum +++ b/vendor/github.com/containers/psgo/go.sum @@ -1,27 +1,78 @@ +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= +github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= +github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= +github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= +github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/opencontainers/runc v0.0.0-20190425234816-dae70e8efea4 h1:y5PMn9UW9cD5xvjoMs9pJ77zs5DgGkiDv0BI/Qew51o= -github.com/opencontainers/runc v0.0.0-20190425234816-dae70e8efea4/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/pkg/errors v0.0.0-20190227000051-27936f6d90f9 h1:dIsTcVF0w9viTLHXUEkDI7cXITMe+M/MRRM2MwisVow= -github.com/pkg/errors v0.0.0-20190227000051-27936f6d90f9/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= +github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/opencontainers/runc v1.0.2 h1:opHZMaswlyxz1OuGpBE53Dwe4/xF7EZTY0A2L/FpCOg= +github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= +github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/sirupsen/logrus v0.0.0-20190403091019-9b3cdde74fbe h1:PBQLA9wc7FrXiUBnlfs/diNlg3ZdrP21tzcgL3OlVhU= -github.com/sirupsen/logrus v0.0.0-20190403091019-9b3cdde74fbe/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= +github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190425145619-16072639606e h1:4ktJgTV34+N3qOZUc5fAaG3Pb11qzMm3PkAoTAgUZ2I= -golang.org/x/sys v0.0.0-20190425145619-16072639606e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= +github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= +github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 h1:c8PlLMqBbOHoqtjteWm5/kbe6rNY2pbRfbIMVnepueo= +golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/vendor/github.com/containers/psgo/internal/proc/ns.go b/vendor/github.com/containers/psgo/internal/proc/ns.go index 53e5ebda0..4778048f2 100644 --- a/vendor/github.com/containers/psgo/internal/proc/ns.go +++ b/vendor/github.com/containers/psgo/internal/proc/ns.go @@ -19,8 +19,6 @@ import ( "fmt" "io" "os" - - "github.com/pkg/errors" ) type IDMap struct { @@ -51,7 +49,7 @@ func ParseUserNamespace(pid string) (string, error) { func ReadMappings(path string) ([]IDMap, error) { file, err := os.Open(path) if err != nil { - return nil, errors.Wrapf(err, "cannot open %s", path) + return nil, err } defer file.Close() @@ -64,7 +62,7 @@ func ReadMappings(path string) ([]IDMap, error) { if err == io.EOF { return mappings, nil } - return nil, errors.Wrapf(err, "cannot read line from %s", path) + return nil, fmt.Errorf("cannot read line from %s: %w", path, err) } if line == nil { return mappings, nil @@ -72,7 +70,7 @@ func ReadMappings(path string) ([]IDMap, error) { containerID, hostID, size := 0, 0, 0 if _, err := fmt.Sscanf(string(line), "%d %d %d", &containerID, &hostID, &size); err != nil { - return nil, errors.Wrapf(err, "cannot parse %s", string(line)) + return nil, fmt.Errorf("cannot parse %s: %w", string(line), err) } mappings = append(mappings, IDMap{ContainerID: containerID, HostID: hostID, Size: size}) } diff --git a/vendor/github.com/containers/psgo/internal/proc/status.go b/vendor/github.com/containers/psgo/internal/proc/status.go index df31139f8..2753915fd 100644 --- a/vendor/github.com/containers/psgo/internal/proc/status.go +++ b/vendor/github.com/containers/psgo/internal/proc/status.go @@ -20,8 +20,6 @@ import ( "os" "os/exec" "strings" - - "github.com/pkg/errors" ) // Status is a direct translation of a `/proc/[pid]/status`, which provides much @@ -251,12 +249,12 @@ func parseStatus(pid string, lines []string) (*Status, error) { s.TracerPid = fields[1] case "Uid:": if len(fields) != 5 { - return nil, errors.Wrap(errUnexpectedInput, line) + return nil, fmt.Errorf(line+": %w", errUnexpectedInput) } s.Uids = []string{fields[1], fields[2], fields[3], fields[4]} case "Gid:": if len(fields) != 5 { - return nil, errors.Wrap(errUnexpectedInput, line) + return nil, fmt.Errorf(line+": %w", errUnexpectedInput) } s.Gids = []string{fields[1], fields[2], fields[3], fields[4]} case "FDSize:": diff --git a/vendor/github.com/containers/psgo/internal/process/process.go b/vendor/github.com/containers/psgo/internal/process/process.go index a581921d5..8fd49e416 100644 --- a/vendor/github.com/containers/psgo/internal/process/process.go +++ b/vendor/github.com/containers/psgo/internal/process/process.go @@ -15,6 +15,8 @@ package process import ( + "errors" + "fmt" "os" "strconv" "time" @@ -22,7 +24,6 @@ import ( "github.com/containers/psgo/internal/host" "github.com/containers/psgo/internal/proc" "github.com/opencontainers/runc/libcontainer/user" - "github.com/pkg/errors" ) // Process includes process-related from the /proc FS. @@ -50,7 +51,7 @@ type Process struct { func LookupGID(gid string) (string, error) { gidNum, err := strconv.Atoi(gid) if err != nil { - return "", errors.Wrap(err, "error parsing group ID") + return "", fmt.Errorf("error parsing group ID: %w", err) } g, err := user.LookupGid(gidNum) if err != nil { @@ -64,7 +65,7 @@ func LookupGID(gid string) (string, error) { func LookupUID(uid string) (string, error) { uidNum, err := strconv.Atoi(uid) if err != nil { - return "", errors.Wrap(err, "error parsing user ID") + return "", fmt.Errorf("error parsing user ID: %w", err) } u, err := user.LookupUid(uidNum) if err != nil { @@ -107,7 +108,7 @@ func FromPIDs(pids []string, joinUserNS bool) ([]*Process, error) { for _, pid := range pids { p, err := New(pid, joinUserNS) if err != nil { - if os.IsNotExist(errors.Cause(err)) { + if errors.Is(err, os.ErrNotExist) { // proc parsing is racy // Let's ignore "does not exist" errors continue diff --git a/vendor/github.com/containers/psgo/psgo.go b/vendor/github.com/containers/psgo/psgo.go index 7c74fd716..b0569fa1c 100644 --- a/vendor/github.com/containers/psgo/psgo.go +++ b/vendor/github.com/containers/psgo/psgo.go @@ -27,6 +27,7 @@ package psgo import ( + "errors" "fmt" "io/ioutil" "os" @@ -40,7 +41,6 @@ import ( "github.com/containers/psgo/internal/dev" "github.com/containers/psgo/internal/proc" "github.com/containers/psgo/internal/process" - "github.com/pkg/errors" "golang.org/x/sys/unix" ) @@ -109,7 +109,7 @@ func findID(idStr string, mapping []IDMap, lookupFunc func(uid string) (string, id, err := strconv.ParseInt(idStr, 10, 0) if err != nil { - return "", errors.Wrapf(err, "cannot parse %s", idStr) + return "", fmt.Errorf("cannot parse ID: %w", err) } for _, m := range mapping { if int(id) >= m.ContainerID && int(id) < m.ContainerID+m.Size { @@ -122,7 +122,7 @@ func findID(idStr string, mapping []IDMap, lookupFunc func(uid string) (string, // User not found, read the overflow overflow, err := ioutil.ReadFile(overflowFile) if err != nil { - return "", errors.Wrapf(err, "cannot read %s", overflowFile) + return "", err } return string(overflow), nil } @@ -147,7 +147,7 @@ func translateDescriptors(descriptors []string) ([]aixFormatDescriptor, error) { } } if !found { - return nil, errors.Wrapf(ErrUnknownDescriptor, "'%s'", d) + return nil, fmt.Errorf("'%s': %w", d, ErrUnknownDescriptor) } } @@ -412,13 +412,13 @@ func JoinNamespaceAndProcessInfoWithOptions(pid string, descriptors []string, op // extract user namespaces prior to joining the mount namespace currentUserNs, err := proc.ParseUserNamespace("self") if err != nil { - dataErr = errors.Wrapf(err, "error determining user namespace") + dataErr = fmt.Errorf("error determining user namespace: %w", err) return } pidUserNs, err := proc.ParseUserNamespace(pid) if err != nil { - dataErr = errors.Wrapf(err, "error determining user namespace of PID %s", pid) + dataErr = fmt.Errorf("error determining user namespace of PID %s: %w", pid, err) } // join the mount namespace of pid @@ -478,11 +478,11 @@ func JoinNamespaceAndProcessInfoByPidsWithOptions(pids []string, descriptors []s for _, pid := range pids { ns, err := proc.ParsePIDNamespace(pid) if err != nil { - if os.IsNotExist(errors.Cause(err)) { + if errors.Is(err, os.ErrNotExist) { // catch race conditions continue } - return nil, errors.Wrapf(err, "error extracting PID namespace") + return nil, fmt.Errorf("error extracting PID namespace: %w", err) } if _, exists := nsMap[ns]; !exists { nsMap[ns] = true @@ -493,7 +493,7 @@ func JoinNamespaceAndProcessInfoByPidsWithOptions(pids []string, descriptors []s data := [][]string{} for i, pid := range pidList { pidData, err := JoinNamespaceAndProcessInfoWithOptions(pid, descriptors, options) - if os.IsNotExist(errors.Cause(err)) { + if errors.Is(err, os.ErrNotExist) { // catch race conditions continue } diff --git a/vendor/github.com/containers/psgo/vendor.conf b/vendor/github.com/containers/psgo/vendor.conf deleted file mode 100644 index 1fba46ec1..000000000 --- a/vendor/github.com/containers/psgo/vendor.conf +++ /dev/null @@ -1,8 +0,0 @@ -github.com/davecgh/go-spew master -github.com/opencontainers/runc master -github.com/pkg/errors master -github.com/pmezard/go-difflib master -github.com/sirupsen/logrus master -github.com/stretchr/testify master -golang.org/x/crypto master -golang.org/x/sys master diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION index 2aeaa11ee..39fc130ef 100644 --- a/vendor/github.com/containers/storage/VERSION +++ b/vendor/github.com/containers/storage/VERSION @@ -1 +1 @@ -1.35.0 +1.36.0 diff --git a/vendor/github.com/containers/storage/go.mod b/vendor/github.com/containers/storage/go.mod index 10204a12a..911469182 100644 --- a/vendor/github.com/containers/storage/go.mod +++ b/vendor/github.com/containers/storage/go.mod @@ -5,20 +5,25 @@ module github.com/containers/storage require ( github.com/BurntSushi/toml v0.4.1 github.com/Microsoft/go-winio v0.5.0 - github.com/Microsoft/hcsshim v0.8.20 + github.com/Microsoft/hcsshim v0.8.22 + github.com/containerd/stargz-snapshotter/estargz v0.8.0 github.com/docker/go-units v0.4.0 + github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect github.com/google/go-intervals v0.0.2 + github.com/google/uuid v1.2.0 // indirect github.com/hashicorp/go-multierror v1.1.1 github.com/json-iterator/go v1.1.11 - github.com/klauspost/compress v1.13.4 + github.com/klauspost/compress v1.13.5 github.com/klauspost/pgzip v1.2.5 github.com/mattn/go-shellwords v1.0.12 github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible github.com/moby/sys/mountinfo v0.4.1 + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.1 // indirect github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/runc v1.0.2 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 - github.com/opencontainers/selinux v1.8.4 + github.com/opencontainers/selinux v1.8.5 github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.8.1 github.com/stretchr/testify v1.7.0 @@ -28,5 +33,6 @@ require ( github.com/vbatts/tar-split v0.11.2 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect gotest.tools v2.2.0+incompatible ) diff --git a/vendor/github.com/containers/storage/go.sum b/vendor/github.com/containers/storage/go.sum index 1f5be8df5..5cc5da6d3 100644 --- a/vendor/github.com/containers/storage/go.sum +++ b/vendor/github.com/containers/storage/go.sum @@ -1,302 +1,85 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw= github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.0 h1:Elr9Wn+sGKPlkaBvwu4mTrxtmOp3F3yV9qhaHbXGjwU= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= -github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.20 h1:ZTwcx3NS8n07kPf/JZ1qwU6vnjhVPMUWlXBF8r9UxrE= -github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/Microsoft/hcsshim v0.8.22 h1:CulZ3GW8sNJExknToo+RWD+U+6ZM5kkNfuxywSDPd08= +github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bits-and-blooms/bitset v1.2.0 h1:Kn4yilvwNtMACtf1eYDlG8H77R07mZSPbMjLyS07ChA= github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= -github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= -github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1 h1:iJnMvco9XGvKUvNQkv88bE4uJXxRQH18efbKo9w5vHQ= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= -github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= -github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= -github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= -github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= +github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= -github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= -github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= -github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= -github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= -github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= -github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/stargz-snapshotter/estargz v0.8.0 h1:oA1wx8kTFfImfsT5bScbrZd8gK+WtQnn15q82Djvm0Y= +github.com/containerd/stargz-snapshotter/estargz v0.8.0/go.mod h1:mwIwuwb+D8FX2t45Trwi0hmWmZm5VW7zPP/rekwhWQU= github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= -github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= -github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= -github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= @@ -304,131 +87,64 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-intervals v0.0.2 h1:FGrVEiUnTRKR8yE04qzXYaJMtnIYqobR5QbblK3ixcM= github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.13.4 h1:0zhec2I8zGnjWcKyLl6i3gPqKANCCn5e9xmviEEeX6s= -github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.13.5 h1:9O69jUPDcsT9fEm74W92rZL9FQY7rCdaXVneq+yyzl4= +github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebGE2xrk= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible h1:aKW/4cBs+yK6gpqU3K/oIwk9Q/XICqd3zOX/UFuvqmk= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1 h1:1O+1cHA1aujwEwwVMa2Xm2l+gIpUHyd3+D+d7LZh1kM= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -436,391 +152,156 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= github.com/opencontainers/runc v1.0.2 h1:opHZMaswlyxz1OuGpBE53Dwe4/xF7EZTY0A2L/FpCOg= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 h1:3snG66yBm59tKhhSPQrQ/0bCrv1LQbKt40LnUPiUxdc= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.8.4 h1:krlgQ6/j9CkCXT5oW0yVXdQFOME3NjKuuAZXuR6O7P4= -github.com/opencontainers/selinux v1.8.4/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= +github.com/opencontainers/selinux v1.8.5 h1:OkT6bMHOQ1JQQO4ihjQ49sj0+wciDcjziSVTRn8VeTA= +github.com/opencontainers/selinux v1.8.5/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tchap/go-patricia v2.3.0+incompatible h1:GkY4dP3cEfEASBPPkWd+AmjYxhmDkqO9/zg7R0lSQRs= github.com/tchap/go-patricia v2.3.0+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3 h1:8sGtKOrtQqkN1bp2AtX+misvLIlOmsEsNd+9NIcPEm8= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 h1:rw6UNGRMfarCepjI8qOepea/SXwIBVfTKjztZ5gBbq4= golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -828,58 +309,20 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -889,79 +332,22 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= -k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= -k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= -k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= -k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= -k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= -k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/vendor/github.com/containers/storage/pkg/chunked/compression.go b/vendor/github.com/containers/storage/pkg/chunked/compression.go index f2811fb9a..96254bc4e 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/compression.go +++ b/vendor/github.com/containers/storage/pkg/chunked/compression.go @@ -1,14 +1,18 @@ package chunked import ( + archivetar "archive/tar" "bytes" "encoding/binary" "fmt" "io" + "strconv" + "github.com/containerd/stargz-snapshotter/estargz" "github.com/containers/storage/pkg/chunked/compressor" "github.com/containers/storage/pkg/chunked/internal" "github.com/klauspost/compress/zstd" + "github.com/klauspost/pgzip" digest "github.com/opencontainers/go-digest" "github.com/pkg/errors" "github.com/vbatts/tar-split/archive/tar" @@ -50,25 +54,129 @@ func isZstdChunkedFrameMagic(data []byte) bool { return bytes.Equal(internal.ZstdChunkedFrameMagic, data[:8]) } +func readEstargzChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, annotations map[string]string) ([]byte, int64, error) { + // information on the format here https://github.com/containerd/stargz-snapshotter/blob/main/docs/stargz-estargz.md + footerSize := int64(51) + if blobSize <= footerSize { + return nil, 0, errors.New("blob too small") + } + chunk := ImageSourceChunk{ + Offset: uint64(blobSize - footerSize), + Length: uint64(footerSize), + } + parts, errs, err := blobStream.GetBlobAt([]ImageSourceChunk{chunk}) + if err != nil { + return nil, 0, err + } + var reader io.ReadCloser + select { + case r := <-parts: + reader = r + case err := <-errs: + return nil, 0, err + } + defer reader.Close() + footer := make([]byte, footerSize) + if _, err := io.ReadFull(reader, footer); err != nil { + return nil, 0, err + } + + /* Read the ToC offset: + - 10 bytes gzip header + - 2 bytes XLEN (length of Extra field) = 26 (4 bytes header + 16 hex digits + len("STARGZ")) + - 2 bytes Extra: SI1 = 'S', SI2 = 'G' + - 2 bytes Extra: LEN = 22 (16 hex digits + len("STARGZ")) + - 22 bytes Extra: subfield = fmt.Sprintf("%016xSTARGZ", offsetOfTOC) + - 5 bytes flate header: BFINAL = 1(last block), BTYPE = 0(non-compressed block), LEN = 0 + - 8 bytes gzip footer + */ + tocOffset, err := strconv.ParseInt(string(footer[16:16+22-6]), 16, 64) + if err != nil { + return nil, 0, errors.Wrap(err, "parse ToC offset") + } + + size := int64(blobSize - footerSize - tocOffset) + // set a reasonable limit + if size > (1<<20)*50 { + return nil, 0, errors.New("manifest too big") + } + + chunk = ImageSourceChunk{ + Offset: uint64(tocOffset), + Length: uint64(size), + } + parts, errs, err = blobStream.GetBlobAt([]ImageSourceChunk{chunk}) + if err != nil { + return nil, 0, err + } + + var tocReader io.ReadCloser + select { + case r := <-parts: + tocReader = r + case err := <-errs: + return nil, 0, err + } + defer tocReader.Close() + + r, err := pgzip.NewReader(tocReader) + if err != nil { + return nil, 0, err + } + defer r.Close() + + aTar := archivetar.NewReader(r) + + header, err := aTar.Next() + if err != nil { + return nil, 0, err + } + // set a reasonable limit + if header.Size > (1<<20)*50 { + return nil, 0, errors.New("manifest too big") + } + + manifestUncompressed := make([]byte, header.Size) + if _, err := io.ReadFull(aTar, manifestUncompressed); err != nil { + return nil, 0, err + } + + manifestDigester := digest.Canonical.Digester() + manifestChecksum := manifestDigester.Hash() + if _, err := manifestChecksum.Write(manifestUncompressed); err != nil { + return nil, 0, err + } + + d, err := digest.Parse(annotations[estargz.TOCJSONDigestAnnotation]) + if err != nil { + return nil, 0, err + } + if manifestDigester.Digest() != d { + return nil, 0, errors.New("invalid manifest checksum") + } + + return manifestUncompressed, tocOffset, nil +} + // readZstdChunkedManifest reads the zstd:chunked manifest from the seekable stream blobStream. The blob total size must // be specified. // This function uses the io.containers.zstd-chunked. annotations when specified. -func readZstdChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, annotations map[string]string) ([]byte, error) { +func readZstdChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, annotations map[string]string) ([]byte, int64, error) { footerSize := int64(internal.FooterSizeSupported) if blobSize <= footerSize { - return nil, errors.New("blob too small") + return nil, 0, errors.New("blob too small") } manifestChecksumAnnotation := annotations[internal.ManifestChecksumKey] if manifestChecksumAnnotation == "" { - return nil, fmt.Errorf("manifest checksum annotation %q not found", internal.ManifestChecksumKey) + return nil, 0, fmt.Errorf("manifest checksum annotation %q not found", internal.ManifestChecksumKey) } var offset, length, lengthUncompressed, manifestType uint64 if offsetMetadata := annotations[internal.ManifestInfoKey]; offsetMetadata != "" { if _, err := fmt.Sscanf(offsetMetadata, "%d:%d:%d:%d", &offset, &length, &lengthUncompressed, &manifestType); err != nil { - return nil, err + return nil, 0, err } } else { chunk := ImageSourceChunk{ @@ -77,18 +185,18 @@ func readZstdChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, ann } parts, errs, err := blobStream.GetBlobAt([]ImageSourceChunk{chunk}) if err != nil { - return nil, err + return nil, 0, err } var reader io.ReadCloser select { case r := <-parts: reader = r case err := <-errs: - return nil, err + return nil, 0, err } footer := make([]byte, footerSize) if _, err := io.ReadFull(reader, footer); err != nil { - return nil, err + return nil, 0, err } offset = binary.LittleEndian.Uint64(footer[0:8]) @@ -96,20 +204,20 @@ func readZstdChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, ann lengthUncompressed = binary.LittleEndian.Uint64(footer[16:24]) manifestType = binary.LittleEndian.Uint64(footer[24:32]) if !isZstdChunkedFrameMagic(footer[32:40]) { - return nil, errors.New("invalid magic number") + return nil, 0, errors.New("invalid magic number") } } if manifestType != internal.ManifestTypeCRFS { - return nil, errors.New("invalid manifest type") + return nil, 0, errors.New("invalid manifest type") } // set a reasonable limit if length > (1<<20)*50 { - return nil, errors.New("manifest too big") + return nil, 0, errors.New("manifest too big") } if lengthUncompressed > (1<<20)*50 { - return nil, errors.New("manifest too big") + return nil, 0, errors.New("manifest too big") } chunk := ImageSourceChunk{ @@ -119,47 +227,47 @@ func readZstdChunkedManifest(blobStream ImageSourceSeekable, blobSize int64, ann parts, errs, err := blobStream.GetBlobAt([]ImageSourceChunk{chunk}) if err != nil { - return nil, err + return nil, 0, err } var reader io.ReadCloser select { case r := <-parts: reader = r case err := <-errs: - return nil, err + return nil, 0, err } manifest := make([]byte, length) if _, err := io.ReadFull(reader, manifest); err != nil { - return nil, err + return nil, 0, err } manifestDigester := digest.Canonical.Digester() manifestChecksum := manifestDigester.Hash() if _, err := manifestChecksum.Write(manifest); err != nil { - return nil, err + return nil, 0, err } d, err := digest.Parse(manifestChecksumAnnotation) if err != nil { - return nil, err + return nil, 0, err } if manifestDigester.Digest() != d { - return nil, errors.New("invalid manifest checksum") + return nil, 0, errors.New("invalid manifest checksum") } decoder, err := zstd.NewReader(nil) if err != nil { - return nil, err + return nil, 0, err } defer decoder.Close() b := make([]byte, 0, lengthUncompressed) if decoded, err := decoder.DecodeAll(manifest, b); err == nil { - return decoded, nil + return decoded, int64(offset), nil } - return manifest, nil + return manifest, int64(offset), nil } // ZstdCompressor is a CompressorFunc for the zstd compression algorithm. diff --git a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go index a205b73fd..092cf584a 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go +++ b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go @@ -50,7 +50,7 @@ func writeZstdChunkedStream(destFile io.Writer, outMetadata map[string]string, r return offset, nil } - var metadata []internal.ZstdFileMetadata + var metadata []internal.FileMetadata for { hdr, err := tr.Next() if err != nil { @@ -112,7 +112,7 @@ func writeZstdChunkedStream(destFile io.Writer, outMetadata map[string]string, r for k, v := range hdr.Xattrs { xattrs[k] = base64.StdEncoding.EncodeToString([]byte(v)) } - m := internal.ZstdFileMetadata{ + m := internal.FileMetadata{ Type: typ, Name: hdr.Name, Linkname: hdr.Linkname, diff --git a/vendor/github.com/containers/storage/pkg/chunked/internal/compression.go b/vendor/github.com/containers/storage/pkg/chunked/internal/compression.go index af0025c20..c91c43d85 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/internal/compression.go +++ b/vendor/github.com/containers/storage/pkg/chunked/internal/compression.go @@ -17,12 +17,12 @@ import ( "github.com/opencontainers/go-digest" ) -type ZstdTOC struct { - Version int `json:"version"` - Entries []ZstdFileMetadata `json:"entries"` +type TOC struct { + Version int `json:"version"` + Entries []FileMetadata `json:"entries"` } -type ZstdFileMetadata struct { +type FileMetadata struct { Type string `json:"type"` Name string `json:"name"` Linkname string `json:"linkName,omitempty"` @@ -114,11 +114,11 @@ func appendZstdSkippableFrame(dest io.Writer, data []byte) error { return nil } -func WriteZstdChunkedManifest(dest io.Writer, outMetadata map[string]string, offset uint64, metadata []ZstdFileMetadata, level int) error { +func WriteZstdChunkedManifest(dest io.Writer, outMetadata map[string]string, offset uint64, metadata []FileMetadata, level int) error { // 8 is the size of the zstd skippable frame header + the frame size manifestOffset := offset + 8 - toc := ZstdTOC{ + toc := TOC{ Version: 1, Entries: metadata, } diff --git a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go index 3aea77f22..7bd804c44 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go @@ -10,19 +10,23 @@ import ( "io/ioutil" "os" "path/filepath" + "reflect" "sort" "strings" "syscall" "time" + "github.com/containerd/stargz-snapshotter/estargz" storage "github.com/containers/storage" graphdriver "github.com/containers/storage/drivers" driversCopy "github.com/containers/storage/drivers/copy" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/chunked/internal" "github.com/containers/storage/pkg/idtools" + "github.com/containers/storage/pkg/system" "github.com/containers/storage/types" "github.com/klauspost/compress/zstd" + "github.com/klauspost/pgzip" digest "github.com/opencontainers/go-digest" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -35,13 +39,22 @@ const ( newFileFlags = (unix.O_CREAT | unix.O_TRUNC | unix.O_EXCL | unix.O_WRONLY) containersOverrideXattr = "user.containers.override_stat" bigDataKey = "zstd-chunked-manifest" + + fileTypeZstdChunked = iota + fileTypeEstargz = iota ) -type chunkedZstdDiffer struct { +type compressedFileType int + +type chunkedDiffer struct { stream ImageSourceSeekable manifest []byte - layersMetadata map[string][]internal.ZstdFileMetadata + layersMetadata map[string][]internal.FileMetadata layersTarget map[string]string + tocOffset int64 + fileType compressedFileType + + gzipReader *pgzip.Reader } func timeToTimespec(time time.Time) (ts unix.Timespec) { @@ -71,7 +84,10 @@ func copyFileContent(srcFd int, destFile string, dirfd int, mode os.FileMode, us defer destDir.Close() doLink := func() error { - return unix.Linkat(srcFd, "", int(destDir.Fd()), destBase, unix.AT_EMPTY_PATH) + // Using unix.AT_EMPTY_PATH requires CAP_DAC_READ_SEARCH while this variant that uses + // /proc/self/fd doesn't and can be used with rootless. + srcPath := fmt.Sprintf("/proc/self/fd/%d", srcFd) + return unix.Linkat(unix.AT_FDCWD, srcPath, int(destDir.Fd()), destBase, unix.AT_SYMLINK_FOLLOW) } err := doLink() @@ -101,26 +117,28 @@ func copyFileContent(srcFd int, destFile string, dirfd int, mode os.FileMode, us return dstFile, st.Size(), err } -func prepareOtherLayersCache(layersMetadata map[string][]internal.ZstdFileMetadata) map[string]map[string]*internal.ZstdFileMetadata { - maps := make(map[string]map[string]*internal.ZstdFileMetadata) +func prepareOtherLayersCache(layersMetadata map[string][]internal.FileMetadata) map[string]map[string][]*internal.FileMetadata { + maps := make(map[string]map[string][]*internal.FileMetadata) for layerID, v := range layersMetadata { - r := make(map[string]*internal.ZstdFileMetadata) + r := make(map[string][]*internal.FileMetadata) for i := range v { - r[v[i].Digest] = &v[i] + if v[i].Digest != "" { + r[v[i].Digest] = append(r[v[i].Digest], &v[i]) + } } maps[layerID] = r } return maps } -func getLayersCache(store storage.Store) (map[string][]internal.ZstdFileMetadata, map[string]string, error) { +func getLayersCache(store storage.Store) (map[string][]internal.FileMetadata, map[string]string, error) { allLayers, err := store.Layers() if err != nil { return nil, nil, err } - layersMetadata := make(map[string][]internal.ZstdFileMetadata) + layersMetadata := make(map[string][]internal.FileMetadata) layersTarget := make(map[string]string) for _, r := range allLayers { manifestReader, err := store.LayerBigData(r.ID, bigDataKey) @@ -132,7 +150,7 @@ func getLayersCache(store storage.Store) (map[string][]internal.ZstdFileMetadata if err != nil { return nil, nil, err } - var toc internal.ZstdTOC + var toc internal.TOC if err := json.Unmarshal(manifest, &toc); err != nil { continue } @@ -152,11 +170,14 @@ func GetDiffer(ctx context.Context, store storage.Store, blobSize int64, annotat if _, ok := annotations[internal.ManifestChecksumKey]; ok { return makeZstdChunkedDiffer(ctx, store, blobSize, annotations, iss) } + if _, ok := annotations[estargz.TOCJSONDigestAnnotation]; ok { + return makeEstargzChunkedDiffer(ctx, store, blobSize, annotations, iss) + } return nil, errors.New("blob type not supported for partial retrieval") } -func makeZstdChunkedDiffer(ctx context.Context, store storage.Store, blobSize int64, annotations map[string]string, iss ImageSourceSeekable) (*chunkedZstdDiffer, error) { - manifest, err := readZstdChunkedManifest(iss, blobSize, annotations) +func makeZstdChunkedDiffer(ctx context.Context, store storage.Store, blobSize int64, annotations map[string]string, iss ImageSourceSeekable) (*chunkedDiffer, error) { + manifest, tocOffset, err := readZstdChunkedManifest(iss, blobSize, annotations) if err != nil { return nil, err } @@ -165,11 +186,33 @@ func makeZstdChunkedDiffer(ctx context.Context, store storage.Store, blobSize in return nil, err } - return &chunkedZstdDiffer{ + return &chunkedDiffer{ stream: iss, manifest: manifest, layersMetadata: layersMetadata, layersTarget: layersTarget, + tocOffset: tocOffset, + fileType: fileTypeZstdChunked, + }, nil +} + +func makeEstargzChunkedDiffer(ctx context.Context, store storage.Store, blobSize int64, annotations map[string]string, iss ImageSourceSeekable) (*chunkedDiffer, error) { + manifest, tocOffset, err := readEstargzChunkedManifest(iss, blobSize, annotations) + if err != nil { + return nil, err + } + layersMetadata, layersTarget, err := getLayersCache(store) + if err != nil { + return nil, err + } + + return &chunkedDiffer{ + stream: iss, + manifest: manifest, + layersMetadata: layersMetadata, + layersTarget: layersTarget, + tocOffset: tocOffset, + fileType: fileTypeEstargz, }, nil } @@ -179,7 +222,7 @@ func makeZstdChunkedDiffer(ctx context.Context, store storage.Store, blobSize in // otherFile contains the metadata for the file. // dirfd is an open file descriptor to the destination root directory. // useHardLinks defines whether the deduplication can be performed using hard links. -func copyFileFromOtherLayer(file internal.ZstdFileMetadata, source string, otherFile *internal.ZstdFileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) { +func copyFileFromOtherLayer(file *internal.FileMetadata, source string, otherFile *internal.FileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) { srcDirfd, err := unix.Open(source, unix.O_RDONLY, 0) if err != nil { return false, nil, 0, err @@ -199,30 +242,98 @@ func copyFileFromOtherLayer(file internal.ZstdFileMetadata, source string, other return true, dstFile, written, err } +// canDedupMetadataWithHardLink says whether it is possible to deduplicate file with otherFile. +// It checks that the two files have the same UID, GID, file mode and xattrs. +func canDedupMetadataWithHardLink(file *internal.FileMetadata, otherFile *internal.FileMetadata) bool { + if file.UID != otherFile.UID { + return false + } + if file.GID != otherFile.GID { + return false + } + if file.Mode != otherFile.Mode { + return false + } + if !reflect.DeepEqual(file.Xattrs, otherFile.Xattrs) { + return false + } + return true +} + +// canDedupFileWithHardLink checks if the specified file can be deduplicated by an +// open file, given its descriptor and stat data. +func canDedupFileWithHardLink(file *internal.FileMetadata, fd int, s os.FileInfo) bool { + st, ok := s.Sys().(*syscall.Stat_t) + if !ok { + return false + } + + path := fmt.Sprintf("/proc/self/fd/%d", fd) + + listXattrs, err := system.Llistxattr(path) + if err != nil { + return false + } + + xattrsToIgnore := map[string]interface{}{ + "security.selinux": true, + } + + xattrs := make(map[string]string) + for _, x := range listXattrs { + v, err := system.Lgetxattr(path, x) + if err != nil { + return false + } + + if _, found := xattrsToIgnore[x]; found { + continue + } + xattrs[x] = string(v) + } + // fill only the attributes used by canDedupMetadataWithHardLink. + otherFile := internal.FileMetadata{ + UID: int(st.Uid), + GID: int(st.Gid), + Mode: int64(st.Mode), + Xattrs: xattrs, + } + return canDedupMetadataWithHardLink(file, &otherFile) +} + // findFileInOtherLayers finds the specified file in other layers. // file is the file to look for. // dirfd is an open file descriptor to the checkout root directory. // layersMetadata contains the metadata for each layer in the storage. // layersTarget maps each layer to its checkout on disk. // useHardLinks defines whether the deduplication can be performed using hard links. -func findFileInOtherLayers(file internal.ZstdFileMetadata, dirfd int, layersMetadata map[string]map[string]*internal.ZstdFileMetadata, layersTarget map[string]string, useHardLinks bool) (bool, *os.File, int64, error) { +func findFileInOtherLayers(file *internal.FileMetadata, dirfd int, layersMetadata map[string]map[string][]*internal.FileMetadata, layersTarget map[string]string, useHardLinks bool) (bool, *os.File, int64, error) { // this is ugly, needs to be indexed for layerID, checksums := range layersMetadata { - m, found := checksums[file.Digest] - if !found { - continue - } - source, ok := layersTarget[layerID] if !ok { continue } + files, found := checksums[file.Digest] + if !found { + continue + } + for _, candidate := range files { + // check if it is a valid candidate to dedup file + if useHardLinks && !canDedupMetadataWithHardLink(file, candidate) { + continue + } - found, dstFile, written, err := copyFileFromOtherLayer(file, source, m, dirfd, useHardLinks) - if found && err == nil { - return found, dstFile, written, err + found, dstFile, written, err := copyFileFromOtherLayer(file, source, candidate, dirfd, useHardLinks) + if found && err == nil { + return found, dstFile, written, err + } } } + // If hard links deduplication was used and it has failed, try again without hard links. + if useHardLinks { + return findFileInOtherLayers(file, dirfd, layersMetadata, layersTarget, false) + } return false, nil, 0, nil } @@ -240,7 +351,7 @@ func getFileDigest(f *os.File) (digest.Digest, error) { // file is the file to look for. // dirfd is an open fd to the destination checkout. // useHardLinks defines whether the deduplication can be performed using hard links. -func findFileOnTheHost(file internal.ZstdFileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) { +func findFileOnTheHost(file *internal.FileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) { sourceFile := filepath.Clean(filepath.Join("/", file.Name)) if !strings.HasPrefix(sourceFile, "/usr/") { // limit host deduplication to files under /usr. @@ -278,6 +389,9 @@ func findFileOnTheHost(file internal.ZstdFileMetadata, dirfd int, useHardLinks b return false, nil, 0, nil } + // check if the open file can be deduplicated with hard links + useHardLinks = useHardLinks && canDedupFileWithHardLink(file, fd, st) + dstFile, written, err := copyFileContent(fd, file.Name, dirfd, 0, useHardLinks) if err != nil { return false, nil, 0, nil @@ -300,7 +414,7 @@ func findFileOnTheHost(file internal.ZstdFileMetadata, dirfd int, useHardLinks b return true, dstFile, written, nil } -func maybeDoIDRemap(manifest []internal.ZstdFileMetadata, options *archive.TarOptions) error { +func maybeDoIDRemap(manifest []internal.FileMetadata, options *archive.TarOptions) error { if options.ChownOpts == nil && len(options.UIDMaps) == 0 || len(options.GIDMaps) == 0 { return nil } @@ -327,7 +441,7 @@ func maybeDoIDRemap(manifest []internal.ZstdFileMetadata, options *archive.TarOp } type missingFile struct { - File *internal.ZstdFileMetadata + File *internal.FileMetadata Gap int64 } @@ -341,7 +455,7 @@ type missingChunk struct { } // setFileAttrs sets the file attributes for file given metadata -func setFileAttrs(file *os.File, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error { +func setFileAttrs(file *os.File, mode os.FileMode, metadata *internal.FileMetadata, options *archive.TarOptions) error { if file == nil || file.Fd() < 0 { return errors.Errorf("invalid file") } @@ -401,7 +515,7 @@ func openFileUnderRoot(name string, dirfd int, flags uint64, mode os.FileMode) ( return os.NewFile(uintptr(fd), name), nil } -func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) (err error) { +func (c *chunkedDiffer) createFileFromCompressedStream(dest string, dirfd int, reader io.Reader, mode os.FileMode, metadata *internal.FileMetadata, options *archive.TarOptions) (err error) { file, err := openFileUnderRoot(metadata.Name, dirfd, newFileFlags, 0) if err != nil { return err @@ -413,18 +527,48 @@ func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, mode os. } }() - z, err := zstd.NewReader(reader) - if err != nil { - return err - } - defer z.Close() - digester := digest.Canonical.Digester() checksum := digester.Hash() - _, err = z.WriteTo(io.MultiWriter(file, checksum)) - if err != nil { - return err + to := io.MultiWriter(file, checksum) + + switch c.fileType { + case fileTypeZstdChunked: + z, err := zstd.NewReader(reader) + if err != nil { + return err + } + defer z.Close() + + if _, err := io.Copy(to, io.LimitReader(z, metadata.Size)); err != nil { + return err + } + if _, err := io.Copy(ioutil.Discard, reader); err != nil { + return err + } + case fileTypeEstargz: + if c.gzipReader == nil { + r, err := pgzip.NewReader(reader) + if err != nil { + return err + } + c.gzipReader = r + } else { + if err := c.gzipReader.Reset(reader); err != nil { + return err + } + } + defer c.gzipReader.Close() + + if _, err := io.Copy(to, io.LimitReader(c.gzipReader, metadata.Size)); err != nil { + return err + } + if _, err := io.Copy(ioutil.Discard, reader); err != nil { + return err + } + default: + return fmt.Errorf("unknown file type %q", c.fileType) } + manifestChecksum, err := digest.Parse(metadata.Digest) if err != nil { return err @@ -435,7 +579,7 @@ func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, mode os. return setFileAttrs(file, mode, metadata, options) } -func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error { +func (c *chunkedDiffer) storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error { for mc := 0; ; mc++ { var part io.ReadCloser select { @@ -448,9 +592,10 @@ func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, if mc == len(missingChunks) { break } - return errors.Errorf("invalid stream returned %d %d", mc, len(missingChunks)) + return errors.Errorf("invalid stream returned") } if mc == len(missingChunks) { + part.Close() return errors.Errorf("too many chunks returned") } @@ -459,6 +604,7 @@ func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, limitReader := io.LimitReader(part, mf.Gap) _, err := io.Copy(ioutil.Discard, limitReader) if err != nil { + part.Close() return err } continue @@ -466,7 +612,7 @@ func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, limitReader := io.LimitReader(part, mf.Length()) - if err := createFileFromZstdStream(dest, dirfd, limitReader, os.FileMode(mf.File.Mode), mf.File, options); err != nil { + if err := c.createFileFromCompressedStream(dest, dirfd, limitReader, os.FileMode(mf.File.Mode), mf.File, options); err != nil { part.Close() return err } @@ -505,18 +651,20 @@ func mergeMissingChunks(missingChunks []missingChunk, target int) []missingChunk newMissingChunks = append(newMissingChunks, missingChunks[i]) } else { prev := &newMissingChunks[len(newMissingChunks)-1] - gapFile := missingFile{ - Gap: int64(gap), - } prev.RawChunk.Length += uint64(gap) + missingChunks[i].RawChunk.Length - prev.Files = append(append(prev.Files, gapFile), missingChunks[i].Files...) + if gap > 0 { + gapFile := missingFile{ + Gap: int64(gap), + } + prev.Files = append(prev.Files, gapFile) + } + prev.Files = append(prev.Files, missingChunks[i].Files...) } } - return newMissingChunks } -func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error { +func (c *chunkedDiffer) retrieveMissingFiles(dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error { var chunksToRequest []ImageSourceChunk for _, c := range missingChunks { chunksToRequest = append(chunksToRequest, c.RawChunk) @@ -527,7 +675,7 @@ func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, miss var err error var errs chan error for { - streams, errs, err = input.stream.GetBlobAt(chunksToRequest) + streams, errs, err = c.stream.GetBlobAt(chunksToRequest) if err == nil { break } @@ -546,13 +694,13 @@ func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, miss return err } - if err := storeMissingFiles(streams, errs, dest, dirfd, missingChunks, options); err != nil { + if err := c.storeMissingFiles(streams, errs, dest, dirfd, missingChunks, options); err != nil { return err } return nil } -func safeMkdir(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error { +func safeMkdir(dirfd int, mode os.FileMode, metadata *internal.FileMetadata, options *archive.TarOptions) error { parent := filepath.Dir(metadata.Name) base := filepath.Base(metadata.Name) @@ -581,7 +729,7 @@ func safeMkdir(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, return setFileAttrs(file, mode, metadata, options) } -func safeLink(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error { +func safeLink(dirfd int, mode os.FileMode, metadata *internal.FileMetadata, options *archive.TarOptions) error { sourceFile, err := openFileUnderRoot(metadata.Linkname, dirfd, unix.O_RDONLY, 0) if err != nil { return err @@ -613,7 +761,7 @@ func safeLink(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, return setFileAttrs(newFile, mode, metadata, options) } -func safeSymlink(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error { +func safeSymlink(dirfd int, mode os.FileMode, metadata *internal.FileMetadata, options *archive.TarOptions) error { destDir, destBase := filepath.Dir(metadata.Name), filepath.Base(metadata.Name) destDirFd := dirfd if destDir != "." { @@ -691,7 +839,7 @@ type hardLinkToCreate struct { dest string dirfd int mode os.FileMode - metadata *internal.ZstdFileMetadata + metadata *internal.FileMetadata } func parseBooleanPullOption(storeOpts *storage.StoreOptions, name string, def bool) bool { @@ -701,12 +849,12 @@ func parseBooleanPullOption(storeOpts *storage.StoreOptions, name string, def bo return def } -func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) (graphdriver.DriverWithDifferOutput, error) { +func (c *chunkedDiffer) ApplyDiff(dest string, options *archive.TarOptions) (graphdriver.DriverWithDifferOutput, error) { bigData := map[string][]byte{ - bigDataKey: d.manifest, + bigDataKey: c.manifest, } output := graphdriver.DriverWithDifferOutput{ - Differ: d, + Differ: c, BigData: bigData, } @@ -726,30 +874,21 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) useHardLinks := parseBooleanPullOption(&storeOpts, "use_hard_links", false) // Generate the manifest - var toc internal.ZstdTOC - if err := json.Unmarshal(d.manifest, &toc); err != nil { + var toc internal.TOC + if err := json.Unmarshal(c.manifest, &toc); err != nil { return output, err } whiteoutConverter := archive.GetWhiteoutConverter(options.WhiteoutFormat, options.WhiteoutData) var missingChunks []missingChunk - var mergedEntries []internal.ZstdFileMetadata - if err := maybeDoIDRemap(toc.Entries, options); err != nil { + mergedEntries, err := c.mergeTocEntries(c.fileType, toc.Entries) + if err != nil { return output, err } - - for _, e := range toc.Entries { - if e.Type == TypeChunk { - l := len(mergedEntries) - if l == 0 || mergedEntries[l-1].Type != TypeReg { - return output, errors.New("chunk type without a regular file") - } - mergedEntries[l-1].EndOffset = e.EndOffset - continue - } - mergedEntries = append(mergedEntries, e) + if err := maybeDoIDRemap(mergedEntries, options); err != nil { + return output, err } if options.ForceMask != nil { @@ -768,7 +907,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) } defer unix.Close(dirfd) - otherLayersCache := prepareOtherLayersCache(d.layersMetadata) + otherLayersCache := prepareOtherLayersCache(c.layersMetadata) // hardlinks can point to missing files. So create them after all files // are retrieved @@ -870,7 +1009,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) totalChunksSize += r.Size - found, dstFile, _, err := findFileInOtherLayers(r, dirfd, otherLayersCache, d.layersTarget, useHardLinks) + found, dstFile, _, err := findFileInOtherLayers(&r, dirfd, otherLayersCache, c.layersTarget, useHardLinks) if err != nil { return output, err } @@ -886,7 +1025,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) } if enableHostDedup { - found, dstFile, _, err = findFileOnTheHost(r, dirfd, useHardLinks) + found, dstFile, _, err = findFileOnTheHost(&r, dirfd, useHardLinks) if err != nil { return output, err } @@ -908,9 +1047,11 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) Offset: uint64(r.Offset), Length: uint64(r.EndOffset - r.Offset), } + file := missingFile{ - File: &toc.Entries[i], + File: &mergedEntries[i], } + missingChunks = append(missingChunks, missingChunk{ RawChunk: rawChunk, Files: []missingFile{ @@ -922,7 +1063,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) // There are some missing files. Prepare a multirange request for the missing chunks. if len(missingChunks) > 0 { missingChunks = mergeMissingChunks(missingChunks, maxNumberMissingChunks) - if err := retrieveMissingFiles(d, dest, dirfd, missingChunks, options); err != nil { + if err := c.retrieveMissingFiles(dest, dirfd, missingChunks, options); err != nil { return output, err } } @@ -938,3 +1079,37 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) } return output, nil } + +func (c *chunkedDiffer) mergeTocEntries(fileType compressedFileType, entries []internal.FileMetadata) ([]internal.FileMetadata, error) { + var mergedEntries []internal.FileMetadata + var prevEntry *internal.FileMetadata + for _, entry := range entries { + e := entry + + // ignore the metadata files for the estargz format. + if fileType == fileTypeEstargz && (e.Name == estargz.PrefetchLandmark || e.Name == estargz.NoPrefetchLandmark || e.Name == estargz.TOCTarName) { + continue + } + + if e.Type == TypeChunk { + if prevEntry == nil || prevEntry.Type != TypeReg { + return nil, errors.New("chunk type without a regular file") + } + prevEntry.EndOffset = e.EndOffset + continue + } + mergedEntries = append(mergedEntries, e) + prevEntry = &e + } + // stargz/estargz doesn't store EndOffset so let's calculate it here + lastOffset := c.tocOffset + for i := len(mergedEntries) - 1; i >= 0; i-- { + if mergedEntries[i].EndOffset == 0 { + mergedEntries[i].EndOffset = lastOffset + } + if mergedEntries[i].Offset != 0 { + lastOffset = mergedEntries[i].Offset + } + } + return mergedEntries, nil +} diff --git a/vendor/github.com/containers/storage/pkg/config/config.go b/vendor/github.com/containers/storage/pkg/config/config.go index b9e2658a7..e6622cf14 100644 --- a/vendor/github.com/containers/storage/pkg/config/config.go +++ b/vendor/github.com/containers/storage/pkg/config/config.go @@ -93,6 +93,8 @@ type OverlayOptionsConfig struct { MountProgram string `toml:"mount_program"` // Size Size string `toml:"size"` + // Inodes is used to set a maximum inodes of the container image. + Inodes string `toml:"inodes"` // Do not create a bind mount on the storage home SkipMountHome string `toml:"skip_mount_home"` // ForceMask indicates the permissions mask (e.g. "0755") to use for new @@ -296,6 +298,9 @@ func GetGraphDriverOptions(driverName string, options OptionsConfig) []string { } else if options.Size != "" { doptions = append(doptions, fmt.Sprintf("%s.size=%s", driverName, options.Size)) } + if options.Overlay.Inodes != "" { + doptions = append(doptions, fmt.Sprintf("%s.inodes=%s", driverName, options.Overlay.Inodes)) + } if options.Overlay.SkipMountHome != "" { doptions = append(doptions, fmt.Sprintf("%s.skip_mount_home=%s", driverName, options.Overlay.SkipMountHome)) } else if options.SkipMountHome != "" { diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go index 5e16b9e37..8d6f2c4d7 100644 --- a/vendor/github.com/containers/storage/store.go +++ b/vendor/github.com/containers/storage/store.go @@ -3054,10 +3054,15 @@ func (s *store) Layers() ([]Layer, error) { if err != nil { return nil, err } - if err := lstore.LoadLocked(); err != nil { - return nil, err - } - layers, err := lstore.Layers() + + layers, err := func() ([]Layer, error) { + lstore.Lock() + defer lstore.Unlock() + if err := lstore.Load(); err != nil { + return nil, err + } + return lstore.Layers() + }() if err != nil { return nil, err } diff --git a/vendor/github.com/godbus/dbus/v5/README.markdown b/vendor/github.com/godbus/dbus/v5/README.md index 1fb2eacaa..5c2412583 100644 --- a/vendor/github.com/godbus/dbus/v5/README.markdown +++ b/vendor/github.com/godbus/dbus/v5/README.md @@ -14,14 +14,12 @@ D-Bus message bus system. ### Installation -This packages requires Go 1.7. If you installed it and set up your GOPATH, just run: +This packages requires Go 1.12 or later. It can be installed by running the command below: ``` -go get github.com/godbus/dbus +go get github.com/godbus/dbus/v5 ``` -If you want to use the subpackages, you can install them the same way. - ### Usage The complete package documentation and some simple examples are available at @@ -30,10 +28,12 @@ The complete package documentation and some simple examples are available at gives a short overview over the basic usage. #### Projects using godbus -- [notify](https://github.com/esiqveland/notify) provides desktop notifications over dbus into a library. +- [fyne](https://github.com/fyne-io/fyne) a cross platform GUI in Go inspired by Material Design. +- [fynedesk](https://github.com/fyne-io/fynedesk) a full desktop environment for Linux/Unix using Fyne. - [go-bluetooth](https://github.com/muka/go-bluetooth) provides a bluetooth client over bluez dbus API. -- [playerbm](https://github.com/altdesktop/playerbm) a bookmark utility for media players. - [iwd](https://github.com/shibumi/iwd) go bindings for the internet wireless daemon "iwd". +- [notify](https://github.com/esiqveland/notify) provides desktop notifications over dbus into a library. +- [playerbm](https://github.com/altdesktop/playerbm) a bookmark utility for media players. Please note that the API is considered unstable for now and may change without further notice. diff --git a/vendor/github.com/godbus/dbus/v5/auth.go b/vendor/github.com/godbus/dbus/v5/auth.go index 283487a0e..eb0b2f434 100644 --- a/vendor/github.com/godbus/dbus/v5/auth.go +++ b/vendor/github.com/godbus/dbus/v5/auth.go @@ -75,9 +75,9 @@ func (conn *Conn) Auth(methods []Auth) error { s = s[1:] for _, v := range s { for _, m := range methods { - if name, data, status := m.FirstData(); bytes.Equal(v, name) { + if name, _, status := m.FirstData(); bytes.Equal(v, name) { var ok bool - err = authWriteLine(conn.transport, []byte("AUTH"), v, data) + err = authWriteLine(conn.transport, []byte("AUTH"), v) if err != nil { return err } @@ -194,11 +194,14 @@ func (conn *Conn) tryAuth(m Auth, state authState, in *bufio.Reader) (error, boo } conn.uuid = string(s[1]) return nil, true + case state == waitingForOk && string(s[0]) == "DATA": + err = authWriteLine(conn.transport, []byte("DATA")) + if err != nil { + return err, false + } case state == waitingForOk && string(s[0]) == "REJECTED": return nil, false - case state == waitingForOk && (string(s[0]) == "DATA" || - string(s[0]) == "ERROR"): - + case state == waitingForOk && string(s[0]) == "ERROR": err = authWriteLine(conn.transport, []byte("CANCEL")) if err != nil { return err, false diff --git a/vendor/github.com/godbus/dbus/v5/conn.go b/vendor/github.com/godbus/dbus/v5/conn.go index 29fe018ad..cb8966a74 100644 --- a/vendor/github.com/godbus/dbus/v5/conn.go +++ b/vendor/github.com/godbus/dbus/v5/conn.go @@ -478,14 +478,24 @@ func (conn *Conn) sendMessageAndIfClosed(msg *Message, ifClosed func()) { conn.outInt(msg) } err := conn.outHandler.sendAndIfClosed(msg, ifClosed) - conn.calls.handleSendError(msg, err) if err != nil { - conn.serialGen.RetireSerial(msg.serial) + conn.handleSendError(msg, err) } else if msg.Type != TypeMethodCall { conn.serialGen.RetireSerial(msg.serial) } } +func (conn *Conn) handleSendError(msg *Message, err error) { + if msg.Type == TypeMethodCall { + conn.calls.handleSendError(msg, err) + } else if msg.Type == TypeMethodReply { + if _, ok := err.(FormatError); ok { + conn.sendError(err, msg.Headers[FieldDestination].value.(string), msg.Headers[FieldReplySerial].value.(uint32)) + } + } + conn.serialGen.RetireSerial(msg.serial) +} + // Send sends the given message to the message bus. You usually don't need to // use this; use the higher-level equivalents (Call / Go, Emit and Export) // instead. If msg is a method call and NoReplyExpected is not set, a non-nil diff --git a/vendor/github.com/godbus/dbus/v5/decoder.go b/vendor/github.com/godbus/dbus/v5/decoder.go index ede91575b..89bfed9d1 100644 --- a/vendor/github.com/godbus/dbus/v5/decoder.go +++ b/vendor/github.com/godbus/dbus/v5/decoder.go @@ -10,14 +10,16 @@ type decoder struct { in io.Reader order binary.ByteOrder pos int + fds []int } // newDecoder returns a new decoder that reads values from in. The input is // expected to be in the given byte order. -func newDecoder(in io.Reader, order binary.ByteOrder) *decoder { +func newDecoder(in io.Reader, order binary.ByteOrder, fds []int) *decoder { dec := new(decoder) dec.in = in dec.order = order + dec.fds = fds return dec } @@ -53,7 +55,7 @@ func (dec *decoder) Decode(sig Signature) (vs []interface{}, err error) { vs = make([]interface{}, 0) s := sig.str for s != "" { - err, rem := validSingle(s, 0) + err, rem := validSingle(s, &depthCounter{}) if err != nil { return nil, err } @@ -150,7 +152,7 @@ func (dec *decoder) decode(s string, depth int) interface{} { if len(sig.str) == 0 { panic(FormatError("variant signature is empty")) } - err, rem := validSingle(sig.str, 0) + err, rem := validSingle(sig.str, &depthCounter{}) if err != nil { panic(err) } @@ -161,7 +163,11 @@ func (dec *decoder) decode(s string, depth int) interface{} { variant.value = dec.decode(sig.str, depth+1) return variant case 'h': - return UnixFDIndex(dec.decode("u", depth).(uint32)) + idx := dec.decode("u", depth).(uint32) + if int(idx) < len(dec.fds) { + return UnixFD(dec.fds[idx]) + } + return UnixFDIndex(idx) case 'a': if len(s) > 1 && s[1] == '{' { ksig := s[2:3] @@ -219,7 +225,7 @@ func (dec *decoder) decode(s string, depth int) interface{} { v := make([]interface{}, 0) s = s[1 : len(s)-1] for s != "" { - err, rem := validSingle(s, 0) + err, rem := validSingle(s, &depthCounter{}) if err != nil { panic(err) } diff --git a/vendor/github.com/godbus/dbus/v5/encoder.go b/vendor/github.com/godbus/dbus/v5/encoder.go index adfbb75c5..015b26cd5 100644 --- a/vendor/github.com/godbus/dbus/v5/encoder.go +++ b/vendor/github.com/godbus/dbus/v5/encoder.go @@ -5,28 +5,33 @@ import ( "encoding/binary" "io" "reflect" + "strings" + "unicode/utf8" ) // An encoder encodes values to the D-Bus wire format. type encoder struct { out io.Writer + fds []int order binary.ByteOrder pos int } // NewEncoder returns a new encoder that writes to out in the given byte order. -func newEncoder(out io.Writer, order binary.ByteOrder) *encoder { - return newEncoderAtOffset(out, 0, order) +func newEncoder(out io.Writer, order binary.ByteOrder, fds []int) *encoder { + enc := newEncoderAtOffset(out, 0, order, fds) + return enc } // newEncoderAtOffset returns a new encoder that writes to out in the given // byte order. Specify the offset to initialize pos for proper alignment // computation. -func newEncoderAtOffset(out io.Writer, offset int, order binary.ByteOrder) *encoder { +func newEncoderAtOffset(out io.Writer, offset int, order binary.ByteOrder, fds []int) *encoder { enc := new(encoder) enc.out = out enc.order = order enc.pos = offset + enc.fds = fds return enc } @@ -75,6 +80,9 @@ func (enc *encoder) Encode(vs ...interface{}) (err error) { // encode encodes the given value to the writer and panics on error. depth holds // the depth of the container nesting. func (enc *encoder) encode(v reflect.Value, depth int) { + if depth > 64 { + panic(FormatError("input exceeds depth limitation")) + } enc.align(alignment(v.Type())) switch v.Kind() { case reflect.Uint8: @@ -97,7 +105,14 @@ func (enc *encoder) encode(v reflect.Value, depth int) { enc.binwrite(uint16(v.Uint())) enc.pos += 2 case reflect.Int, reflect.Int32: - enc.binwrite(int32(v.Int())) + if v.Type() == unixFDType { + fd := v.Int() + idx := len(enc.fds) + enc.fds = append(enc.fds, int(fd)) + enc.binwrite(uint32(idx)) + } else { + enc.binwrite(int32(v.Int())) + } enc.pos += 4 case reflect.Uint, reflect.Uint32: enc.binwrite(uint32(v.Uint())) @@ -112,9 +127,21 @@ func (enc *encoder) encode(v reflect.Value, depth int) { enc.binwrite(v.Float()) enc.pos += 8 case reflect.String: - enc.encode(reflect.ValueOf(uint32(len(v.String()))), depth) + str := v.String() + if !utf8.ValidString(str) { + panic(FormatError("input has a not-utf8 char in string")) + } + if strings.IndexByte(str, byte(0)) != -1 { + panic(FormatError("input has a null char('\\000') in string")) + } + if v.Type() == objectPathType { + if !ObjectPath(str).IsValid() { + panic(FormatError("invalid object path")) + } + } + enc.encode(reflect.ValueOf(uint32(len(str))), depth) b := make([]byte, v.Len()+1) - copy(b, v.String()) + copy(b, str) b[len(b)-1] = 0 n, err := enc.out.Write(b) if err != nil { @@ -124,20 +151,23 @@ func (enc *encoder) encode(v reflect.Value, depth int) { case reflect.Ptr: enc.encode(v.Elem(), depth) case reflect.Slice, reflect.Array: - if depth >= 64 { - panic(FormatError("input exceeds container depth limit")) - } // Lookahead offset: 4 bytes for uint32 length (with alignment), // plus alignment for elements. n := enc.padding(0, 4) + 4 offset := enc.pos + n + enc.padding(n, alignment(v.Type().Elem())) var buf bytes.Buffer - bufenc := newEncoderAtOffset(&buf, offset, enc.order) + bufenc := newEncoderAtOffset(&buf, offset, enc.order, enc.fds) for i := 0; i < v.Len(); i++ { bufenc.encode(v.Index(i), depth+1) } + + if buf.Len() > 1<<26 { + panic(FormatError("input exceeds array size limitation")) + } + + enc.fds = bufenc.fds enc.encode(reflect.ValueOf(uint32(buf.Len())), depth) length := buf.Len() enc.align(alignment(v.Type().Elem())) @@ -146,13 +176,10 @@ func (enc *encoder) encode(v reflect.Value, depth int) { } enc.pos += length case reflect.Struct: - if depth >= 64 && v.Type() != signatureType { - panic(FormatError("input exceeds container depth limit")) - } switch t := v.Type(); t { case signatureType: str := v.Field(0) - enc.encode(reflect.ValueOf(byte(str.Len())), depth+1) + enc.encode(reflect.ValueOf(byte(str.Len())), depth) b := make([]byte, str.Len()+1) copy(b, str.String()) b[len(b)-1] = 0 @@ -176,9 +203,6 @@ func (enc *encoder) encode(v reflect.Value, depth int) { case reflect.Map: // Maps are arrays of structures, so they actually increase the depth by // 2. - if depth >= 63 { - panic(FormatError("input exceeds container depth limit")) - } if !isKeyType(v.Type().Key()) { panic(InvalidTypeError{v.Type()}) } @@ -189,12 +213,13 @@ func (enc *encoder) encode(v reflect.Value, depth int) { offset := enc.pos + n + enc.padding(n, 8) var buf bytes.Buffer - bufenc := newEncoderAtOffset(&buf, offset, enc.order) + bufenc := newEncoderAtOffset(&buf, offset, enc.order, enc.fds) for _, k := range keys { bufenc.align(8) bufenc.encode(k, depth+2) bufenc.encode(v.MapIndex(k), depth+2) } + enc.fds = bufenc.fds enc.encode(reflect.ValueOf(uint32(buf.Len())), depth) length := buf.Len() enc.align(8) diff --git a/vendor/github.com/godbus/dbus/v5/export.go b/vendor/github.com/godbus/dbus/v5/export.go index 2447b51d4..522334715 100644 --- a/vendor/github.com/godbus/dbus/v5/export.go +++ b/vendor/github.com/godbus/dbus/v5/export.go @@ -26,6 +26,27 @@ var ( } ) +func MakeNoObjectError(path ObjectPath) Error { + return Error{ + "org.freedesktop.DBus.Error.NoSuchObject", + []interface{}{fmt.Sprintf("No such object '%s'", string(path))}, + } +} + +func MakeUnknownMethodError(methodName string) Error { + return Error{ + "org.freedesktop.DBus.Error.UnknownMethod", + []interface{}{fmt.Sprintf("Unknown / invalid method '%s'", methodName)}, + } +} + +func MakeUnknownInterfaceError(ifaceName string) Error { + return Error{ + "org.freedesktop.DBus.Error.UnknownInterface", + []interface{}{fmt.Sprintf("Object does not implement the interface '%s'", ifaceName)}, + } +} + func MakeFailedError(err error) *Error { return &Error{ "org.freedesktop.DBus.Error.Failed", @@ -128,6 +149,11 @@ func (conn *Conn) handleCall(msg *Message) { ifaceName, _ := msg.Headers[FieldInterface].value.(string) sender, hasSender := msg.Headers[FieldSender].value.(string) serial := msg.serial + + if len(name) == 0 { + conn.sendError(ErrMsgUnknownMethod, sender, serial) + } + if ifaceName == "org.freedesktop.DBus.Peer" { switch name { case "Ping": @@ -135,29 +161,26 @@ func (conn *Conn) handleCall(msg *Message) { case "GetMachineId": conn.sendReply(sender, serial, conn.uuid) default: - conn.sendError(ErrMsgUnknownMethod, sender, serial) + conn.sendError(MakeUnknownMethodError(name), sender, serial) } return } - if len(name) == 0 { - conn.sendError(ErrMsgUnknownMethod, sender, serial) - } object, ok := conn.handler.LookupObject(path) if !ok { - conn.sendError(ErrMsgNoObject, sender, serial) + conn.sendError(MakeNoObjectError(path), sender, serial) return } iface, exists := object.LookupInterface(ifaceName) if !exists { - conn.sendError(ErrMsgUnknownInterface, sender, serial) + conn.sendError(MakeUnknownInterfaceError(ifaceName), sender, serial) return } m, exists := iface.LookupMethod(name) if !exists { - conn.sendError(ErrMsgUnknownMethod, sender, serial) + conn.sendError(MakeUnknownMethodError(name), sender, serial) return } args, err := conn.decodeArguments(m, sender, msg) diff --git a/vendor/github.com/godbus/dbus/v5/message.go b/vendor/github.com/godbus/dbus/v5/message.go index 6a925367e..dd86aff4f 100644 --- a/vendor/github.com/godbus/dbus/v5/message.go +++ b/vendor/github.com/godbus/dbus/v5/message.go @@ -118,11 +118,7 @@ type header struct { Variant } -// DecodeMessage tries to decode a single message in the D-Bus wire format -// from the given reader. The byte order is figured out from the first byte. -// The possibly returned error can be an error of the underlying reader, an -// InvalidMessageError or a FormatError. -func DecodeMessage(rd io.Reader) (msg *Message, err error) { +func DecodeMessageWithFDs(rd io.Reader, fds []int) (msg *Message, err error) { var order binary.ByteOrder var hlength, length uint32 var typ, flags, proto byte @@ -142,7 +138,7 @@ func DecodeMessage(rd io.Reader) (msg *Message, err error) { return nil, InvalidMessageError("invalid byte order") } - dec := newDecoder(rd, order) + dec := newDecoder(rd, order, fds) dec.pos = 1 msg = new(Message) @@ -166,7 +162,7 @@ func DecodeMessage(rd io.Reader) (msg *Message, err error) { if hlength+length+16 > 1<<27 { return nil, InvalidMessageError("message is too long") } - dec = newDecoder(io.MultiReader(bytes.NewBuffer(b), rd), order) + dec = newDecoder(io.MultiReader(bytes.NewBuffer(b), rd), order, fds) dec.pos = 12 vs, err = dec.Decode(Signature{"a(yv)"}) if err != nil { @@ -196,7 +192,7 @@ func DecodeMessage(rd io.Reader) (msg *Message, err error) { sig, _ := msg.Headers[FieldSignature].value.(Signature) if sig.str != "" { buf := bytes.NewBuffer(body) - dec = newDecoder(buf, order) + dec = newDecoder(buf, order, fds) vs, err := dec.Decode(sig) if err != nil { return nil, err @@ -207,12 +203,32 @@ func DecodeMessage(rd io.Reader) (msg *Message, err error) { return } -// EncodeTo encodes and sends a message to the given writer. The byte order must -// be either binary.LittleEndian or binary.BigEndian. If the message is not -// valid or an error occurs when writing, an error is returned. -func (msg *Message) EncodeTo(out io.Writer, order binary.ByteOrder) error { +// DecodeMessage tries to decode a single message in the D-Bus wire format +// from the given reader. The byte order is figured out from the first byte. +// The possibly returned error can be an error of the underlying reader, an +// InvalidMessageError or a FormatError. +func DecodeMessage(rd io.Reader) (msg *Message, err error) { + return DecodeMessageWithFDs(rd, make([]int, 0)); +} + +type nullwriter struct{} + +func (nullwriter) Write(p []byte) (cnt int, err error) { + return len(p), nil +} + +func (msg *Message) CountFds() (int, error) { + if len(msg.Body) == 0 { + return 0, nil + } + enc := newEncoder(nullwriter{}, nativeEndian, make([]int, 0)) + err := enc.Encode(msg.Body...) + return len(enc.fds), err +} + +func (msg *Message) EncodeToWithFDs(out io.Writer, order binary.ByteOrder) (fds []int, err error) { if err := msg.IsValid(); err != nil { - return err + return make([]int, 0), err } var vs [7]interface{} switch order { @@ -221,12 +237,16 @@ func (msg *Message) EncodeTo(out io.Writer, order binary.ByteOrder) error { case binary.BigEndian: vs[0] = byte('B') default: - return errors.New("dbus: invalid byte order") + return make([]int, 0), errors.New("dbus: invalid byte order") } body := new(bytes.Buffer) - enc := newEncoder(body, order) + fds = make([]int, 0) + enc := newEncoder(body, order, fds) if len(msg.Body) != 0 { - enc.Encode(msg.Body...) + err = enc.Encode(msg.Body...) + if err != nil { + return + } } vs[1] = msg.Type vs[2] = msg.Flags @@ -239,17 +259,28 @@ func (msg *Message) EncodeTo(out io.Writer, order binary.ByteOrder) error { } vs[6] = headers var buf bytes.Buffer - enc = newEncoder(&buf, order) - enc.Encode(vs[:]...) + enc = newEncoder(&buf, order, enc.fds) + err = enc.Encode(vs[:]...) + if err != nil { + return + } enc.align(8) body.WriteTo(&buf) if buf.Len() > 1<<27 { - return InvalidMessageError("message is too long") + return make([]int, 0), InvalidMessageError("message is too long") } if _, err := buf.WriteTo(out); err != nil { - return err + return make([]int, 0), err } - return nil + return enc.fds, nil +} + +// EncodeTo encodes and sends a message to the given writer. The byte order must +// be either binary.LittleEndian or binary.BigEndian. If the message is not +// valid or an error occurs when writing, an error is returned. +func (msg *Message) EncodeTo(out io.Writer, order binary.ByteOrder) (err error) { + _, err = msg.EncodeToWithFDs(out, order); + return err; } // IsValid checks whether msg is a valid message and returns an diff --git a/vendor/github.com/godbus/dbus/v5/sig.go b/vendor/github.com/godbus/dbus/v5/sig.go index 2d326cebc..41a039812 100644 --- a/vendor/github.com/godbus/dbus/v5/sig.go +++ b/vendor/github.com/godbus/dbus/v5/sig.go @@ -34,7 +34,7 @@ type Signature struct { func SignatureOf(vs ...interface{}) Signature { var s string for _, v := range vs { - s += getSignature(reflect.TypeOf(v)) + s += getSignature(reflect.TypeOf(v), &depthCounter{}) } return Signature{s} } @@ -42,11 +42,19 @@ func SignatureOf(vs ...interface{}) Signature { // SignatureOfType returns the signature of the given type. It panics if the // type is not representable in D-Bus. func SignatureOfType(t reflect.Type) Signature { - return Signature{getSignature(t)} + return Signature{getSignature(t, &depthCounter{})} } // getSignature returns the signature of the given type and panics on unknown types. -func getSignature(t reflect.Type) string { +func getSignature(t reflect.Type, depth *depthCounter) (sig string) { + if !depth.Valid() { + panic("container nesting too deep") + } + defer func() { + if len(sig) > 255 { + panic("signature exceeds the length limitation") + } + }() // handle simple types first switch t.Kind() { case reflect.Uint8: @@ -74,7 +82,7 @@ func getSignature(t reflect.Type) string { case reflect.Float64: return "d" case reflect.Ptr: - return getSignature(t.Elem()) + return getSignature(t.Elem(), depth) case reflect.String: if t == objectPathType { return "o" @@ -90,17 +98,20 @@ func getSignature(t reflect.Type) string { for i := 0; i < t.NumField(); i++ { field := t.Field(i) if field.PkgPath == "" && field.Tag.Get("dbus") != "-" { - s += getSignature(t.Field(i).Type) + s += getSignature(t.Field(i).Type, depth.EnterStruct()) } } + if len(s) == 0 { + panic("empty struct") + } return "(" + s + ")" case reflect.Array, reflect.Slice: - return "a" + getSignature(t.Elem()) + return "a" + getSignature(t.Elem(), depth.EnterArray()) case reflect.Map: if !isKeyType(t.Key()) { panic(InvalidTypeError{t}) } - return "a{" + getSignature(t.Key()) + getSignature(t.Elem()) + "}" + return "a{" + getSignature(t.Key(), depth.EnterArray().EnterDictEntry()) + getSignature(t.Elem(), depth.EnterArray().EnterDictEntry()) + "}" case reflect.Interface: return "v" } @@ -118,7 +129,7 @@ func ParseSignature(s string) (sig Signature, err error) { } sig.str = s for err == nil && len(s) != 0 { - err, s = validSingle(s, 0) + err, s = validSingle(s, &depthCounter{}) } if err != nil { sig = Signature{""} @@ -144,7 +155,7 @@ func (s Signature) Empty() bool { // Single returns whether the signature represents a single, complete type. func (s Signature) Single() bool { - err, r := validSingle(s.str, 0) + err, r := validSingle(s.str, &depthCounter{}) return err != nil && r == "" } @@ -164,15 +175,38 @@ func (e SignatureError) Error() string { return fmt.Sprintf("dbus: invalid signature: %q (%s)", e.Sig, e.Reason) } +type depthCounter struct { + arrayDepth, structDepth, dictEntryDepth int +} + +func (cnt *depthCounter) Valid() bool { + return cnt.arrayDepth <= 32 && cnt.structDepth <= 32 && cnt.dictEntryDepth <= 32 +} + +func (cnt depthCounter) EnterArray() *depthCounter { + cnt.arrayDepth++ + return &cnt +} + +func (cnt depthCounter) EnterStruct() *depthCounter { + cnt.structDepth++ + return &cnt +} + +func (cnt depthCounter) EnterDictEntry() *depthCounter { + cnt.dictEntryDepth++ + return &cnt +} + // Try to read a single type from this string. If it was successful, err is nil // and rem is the remaining unparsed part. Otherwise, err is a non-nil // SignatureError and rem is "". depth is the current recursion depth which may // not be greater than 64 and should be given as 0 on the first call. -func validSingle(s string, depth int) (err error, rem string) { +func validSingle(s string, depth *depthCounter) (err error, rem string) { if s == "" { return SignatureError{Sig: s, Reason: "empty signature"}, "" } - if depth > 64 { + if !depth.Valid() { return SignatureError{Sig: s, Reason: "container nesting too deep"}, "" } switch s[0] { @@ -187,10 +221,10 @@ func validSingle(s string, depth int) (err error, rem string) { i++ rem = s[i+1:] s = s[2:i] - if err, _ = validSingle(s[:1], depth+1); err != nil { + if err, _ = validSingle(s[:1], depth.EnterArray().EnterDictEntry()); err != nil { return err, "" } - err, nr := validSingle(s[1:], depth+1) + err, nr := validSingle(s[1:], depth.EnterArray().EnterDictEntry()) if err != nil { return err, "" } @@ -199,7 +233,7 @@ func validSingle(s string, depth int) (err error, rem string) { } return nil, rem } - return validSingle(s[1:], depth+1) + return validSingle(s[1:], depth.EnterArray()) case '(': i := findMatching(s, '(', ')') if i == -1 { @@ -208,7 +242,7 @@ func validSingle(s string, depth int) (err error, rem string) { rem = s[i+1:] s = s[1:i] for err == nil && s != "" { - err, s = validSingle(s, depth+1) + err, s = validSingle(s, depth.EnterStruct()) } if err != nil { rem = "" @@ -236,7 +270,7 @@ func findMatching(s string, left, right rune) int { // typeFor returns the type of the given signature. It ignores any left over // characters and panics if s doesn't start with a valid type signature. func typeFor(s string) (t reflect.Type) { - err, _ := validSingle(s, 0) + err, _ := validSingle(s, &depthCounter{}) if err != nil { panic(err) } diff --git a/vendor/github.com/godbus/dbus/v5/transport_generic.go b/vendor/github.com/godbus/dbus/v5/transport_generic.go index 718a1ff02..a08e2813c 100644 --- a/vendor/github.com/godbus/dbus/v5/transport_generic.go +++ b/vendor/github.com/godbus/dbus/v5/transport_generic.go @@ -41,10 +41,12 @@ func (t genericTransport) ReadMessage() (*Message, error) { } func (t genericTransport) SendMessage(msg *Message) error { - for _, v := range msg.Body { - if _, ok := v.(UnixFD); ok { - return errors.New("dbus: unix fd passing not enabled") - } + fds, err := msg.CountFds() + if err != nil { + return err + } + if fds != 0 { + return errors.New("dbus: unix fd passing not enabled") } return msg.EncodeTo(t, nativeEndian) } diff --git a/vendor/github.com/godbus/dbus/v5/transport_unix.go b/vendor/github.com/godbus/dbus/v5/transport_unix.go index c7cd02f97..2212e7fa7 100644 --- a/vendor/github.com/godbus/dbus/v5/transport_unix.go +++ b/vendor/github.com/godbus/dbus/v5/transport_unix.go @@ -113,7 +113,7 @@ func (t *unixTransport) ReadMessage() (*Message, error) { if _, err := io.ReadFull(t.rdr, headerdata[4:]); err != nil { return nil, err } - dec := newDecoder(bytes.NewBuffer(headerdata), order) + dec := newDecoder(bytes.NewBuffer(headerdata), order, make([]int, 0)) dec.pos = 12 vs, err := dec.Decode(Signature{"a(yv)"}) if err != nil { @@ -147,7 +147,7 @@ func (t *unixTransport) ReadMessage() (*Message, error) { if err != nil { return nil, err } - msg, err := DecodeMessage(bytes.NewBuffer(all)) + msg, err := DecodeMessageWithFDs(bytes.NewBuffer(all), fds) if err != nil { return nil, err } @@ -179,21 +179,21 @@ func (t *unixTransport) ReadMessage() (*Message, error) { } func (t *unixTransport) SendMessage(msg *Message) error { - fds := make([]int, 0) - for i, v := range msg.Body { - if fd, ok := v.(UnixFD); ok { - msg.Body[i] = UnixFDIndex(len(fds)) - fds = append(fds, int(fd)) - } + fdcnt, err := msg.CountFds() + if err != nil { + return err } - if len(fds) != 0 { + if fdcnt != 0 { if !t.hasUnixFDs { return errors.New("dbus: unix fd passing not enabled") } - msg.Headers[FieldUnixFDs] = MakeVariant(uint32(len(fds))) - oob := syscall.UnixRights(fds...) + msg.Headers[FieldUnixFDs] = MakeVariant(uint32(fdcnt)) buf := new(bytes.Buffer) - msg.EncodeTo(buf, nativeEndian) + fds, err := msg.EncodeToWithFDs(buf, nativeEndian) + if err != nil { + return err + } + oob := syscall.UnixRights(fds...) n, oobn, err := t.UnixConn.WriteMsgUnix(buf.Bytes(), oob, nil) if err != nil { return err diff --git a/vendor/github.com/golang/snappy/.gitignore b/vendor/github.com/golang/snappy/.gitignore deleted file mode 100644 index 042091d9b..000000000 --- a/vendor/github.com/golang/snappy/.gitignore +++ /dev/null @@ -1,16 +0,0 @@ -cmd/snappytool/snappytool -testdata/bench - -# These explicitly listed benchmark data files are for an obsolete version of -# snappy_test.go. -testdata/alice29.txt -testdata/asyoulik.txt -testdata/fireworks.jpeg -testdata/geo.protodata -testdata/html -testdata/html_x_4 -testdata/kppkn.gtb -testdata/lcet10.txt -testdata/paper-100k.pdf -testdata/plrabn12.txt -testdata/urls.10K diff --git a/vendor/github.com/golang/snappy/AUTHORS b/vendor/github.com/golang/snappy/AUTHORS deleted file mode 100644 index 203e84eba..000000000 --- a/vendor/github.com/golang/snappy/AUTHORS +++ /dev/null @@ -1,17 +0,0 @@ -# This is the official list of Snappy-Go authors for copyright purposes. -# This file is distinct from the CONTRIBUTORS files. -# See the latter for an explanation. - -# Names should be added to this file as -# Name or Organization <email address> -# The email address is not required for organizations. - -# Please keep the list sorted. - -Amazon.com, Inc -Damian Gryski <dgryski@gmail.com> -Google Inc. -Jan Mercl <0xjnml@gmail.com> -Klaus Post <klauspost@gmail.com> -Rodolfo Carvalho <rhcarvalho@gmail.com> -Sebastien Binet <seb.binet@gmail.com> diff --git a/vendor/github.com/golang/snappy/CONTRIBUTORS b/vendor/github.com/golang/snappy/CONTRIBUTORS deleted file mode 100644 index d9914732b..000000000 --- a/vendor/github.com/golang/snappy/CONTRIBUTORS +++ /dev/null @@ -1,39 +0,0 @@ -# This is the official list of people who can contribute -# (and typically have contributed) code to the Snappy-Go repository. -# The AUTHORS file lists the copyright holders; this file -# lists people. For example, Google employees are listed here -# but not in AUTHORS, because Google holds the copyright. -# -# The submission process automatically checks to make sure -# that people submitting code are listed in this file (by email address). -# -# Names should be added to this file only after verifying that -# the individual or the individual's organization has agreed to -# the appropriate Contributor License Agreement, found here: -# -# http://code.google.com/legal/individual-cla-v1.0.html -# http://code.google.com/legal/corporate-cla-v1.0.html -# -# The agreement for individuals can be filled out on the web. -# -# When adding J Random Contributor's name to this file, -# either J's name or J's organization's name should be -# added to the AUTHORS file, depending on whether the -# individual or corporate CLA was used. - -# Names should be added to this file like so: -# Name <email address> - -# Please keep the list sorted. - -Damian Gryski <dgryski@gmail.com> -Jan Mercl <0xjnml@gmail.com> -Jonathan Swinney <jswinney@amazon.com> -Kai Backman <kaib@golang.org> -Klaus Post <klauspost@gmail.com> -Marc-Antoine Ruel <maruel@chromium.org> -Nigel Tao <nigeltao@golang.org> -Rob Pike <r@golang.org> -Rodolfo Carvalho <rhcarvalho@gmail.com> -Russ Cox <rsc@golang.org> -Sebastien Binet <seb.binet@gmail.com> diff --git a/vendor/github.com/golang/snappy/README b/vendor/github.com/golang/snappy/README deleted file mode 100644 index cea12879a..000000000 --- a/vendor/github.com/golang/snappy/README +++ /dev/null @@ -1,107 +0,0 @@ -The Snappy compression format in the Go programming language. - -To download and install from source: -$ go get github.com/golang/snappy - -Unless otherwise noted, the Snappy-Go source files are distributed -under the BSD-style license found in the LICENSE file. - - - -Benchmarks. - -The golang/snappy benchmarks include compressing (Z) and decompressing (U) ten -or so files, the same set used by the C++ Snappy code (github.com/google/snappy -and note the "google", not "golang"). On an "Intel(R) Core(TM) i7-3770 CPU @ -3.40GHz", Go's GOARCH=amd64 numbers as of 2016-05-29: - -"go test -test.bench=." - -_UFlat0-8 2.19GB/s ± 0% html -_UFlat1-8 1.41GB/s ± 0% urls -_UFlat2-8 23.5GB/s ± 2% jpg -_UFlat3-8 1.91GB/s ± 0% jpg_200 -_UFlat4-8 14.0GB/s ± 1% pdf -_UFlat5-8 1.97GB/s ± 0% html4 -_UFlat6-8 814MB/s ± 0% txt1 -_UFlat7-8 785MB/s ± 0% txt2 -_UFlat8-8 857MB/s ± 0% txt3 -_UFlat9-8 719MB/s ± 1% txt4 -_UFlat10-8 2.84GB/s ± 0% pb -_UFlat11-8 1.05GB/s ± 0% gaviota - -_ZFlat0-8 1.04GB/s ± 0% html -_ZFlat1-8 534MB/s ± 0% urls -_ZFlat2-8 15.7GB/s ± 1% jpg -_ZFlat3-8 740MB/s ± 3% jpg_200 -_ZFlat4-8 9.20GB/s ± 1% pdf -_ZFlat5-8 991MB/s ± 0% html4 -_ZFlat6-8 379MB/s ± 0% txt1 -_ZFlat7-8 352MB/s ± 0% txt2 -_ZFlat8-8 396MB/s ± 1% txt3 -_ZFlat9-8 327MB/s ± 1% txt4 -_ZFlat10-8 1.33GB/s ± 1% pb -_ZFlat11-8 605MB/s ± 1% gaviota - - - -"go test -test.bench=. -tags=noasm" - -_UFlat0-8 621MB/s ± 2% html -_UFlat1-8 494MB/s ± 1% urls -_UFlat2-8 23.2GB/s ± 1% jpg -_UFlat3-8 1.12GB/s ± 1% jpg_200 -_UFlat4-8 4.35GB/s ± 1% pdf -_UFlat5-8 609MB/s ± 0% html4 -_UFlat6-8 296MB/s ± 0% txt1 -_UFlat7-8 288MB/s ± 0% txt2 -_UFlat8-8 309MB/s ± 1% txt3 -_UFlat9-8 280MB/s ± 1% txt4 -_UFlat10-8 753MB/s ± 0% pb -_UFlat11-8 400MB/s ± 0% gaviota - -_ZFlat0-8 409MB/s ± 1% html -_ZFlat1-8 250MB/s ± 1% urls -_ZFlat2-8 12.3GB/s ± 1% jpg -_ZFlat3-8 132MB/s ± 0% jpg_200 -_ZFlat4-8 2.92GB/s ± 0% pdf -_ZFlat5-8 405MB/s ± 1% html4 -_ZFlat6-8 179MB/s ± 1% txt1 -_ZFlat7-8 170MB/s ± 1% txt2 -_ZFlat8-8 189MB/s ± 1% txt3 -_ZFlat9-8 164MB/s ± 1% txt4 -_ZFlat10-8 479MB/s ± 1% pb -_ZFlat11-8 270MB/s ± 1% gaviota - - - -For comparison (Go's encoded output is byte-for-byte identical to C++'s), here -are the numbers from C++ Snappy's - -make CXXFLAGS="-O2 -DNDEBUG -g" clean snappy_unittest.log && cat snappy_unittest.log - -BM_UFlat/0 2.4GB/s html -BM_UFlat/1 1.4GB/s urls -BM_UFlat/2 21.8GB/s jpg -BM_UFlat/3 1.5GB/s jpg_200 -BM_UFlat/4 13.3GB/s pdf -BM_UFlat/5 2.1GB/s html4 -BM_UFlat/6 1.0GB/s txt1 -BM_UFlat/7 959.4MB/s txt2 -BM_UFlat/8 1.0GB/s txt3 -BM_UFlat/9 864.5MB/s txt4 -BM_UFlat/10 2.9GB/s pb -BM_UFlat/11 1.2GB/s gaviota - -BM_ZFlat/0 944.3MB/s html (22.31 %) -BM_ZFlat/1 501.6MB/s urls (47.78 %) -BM_ZFlat/2 14.3GB/s jpg (99.95 %) -BM_ZFlat/3 538.3MB/s jpg_200 (73.00 %) -BM_ZFlat/4 8.3GB/s pdf (83.30 %) -BM_ZFlat/5 903.5MB/s html4 (22.52 %) -BM_ZFlat/6 336.0MB/s txt1 (57.88 %) -BM_ZFlat/7 312.3MB/s txt2 (61.91 %) -BM_ZFlat/8 353.1MB/s txt3 (54.99 %) -BM_ZFlat/9 289.9MB/s txt4 (66.26 %) -BM_ZFlat/10 1.2GB/s pb (19.68 %) -BM_ZFlat/11 527.4MB/s gaviota (37.72 %) diff --git a/vendor/github.com/golang/snappy/decode_amd64.s b/vendor/github.com/golang/snappy/decode_amd64.s deleted file mode 100644 index e6179f65e..000000000 --- a/vendor/github.com/golang/snappy/decode_amd64.s +++ /dev/null @@ -1,490 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm - -#include "textflag.h" - -// The asm code generally follows the pure Go code in decode_other.go, except -// where marked with a "!!!". - -// func decode(dst, src []byte) int -// -// All local variables fit into registers. The non-zero stack size is only to -// spill registers and push args when issuing a CALL. The register allocation: -// - AX scratch -// - BX scratch -// - CX length or x -// - DX offset -// - SI &src[s] -// - DI &dst[d] -// + R8 dst_base -// + R9 dst_len -// + R10 dst_base + dst_len -// + R11 src_base -// + R12 src_len -// + R13 src_base + src_len -// - R14 used by doCopy -// - R15 used by doCopy -// -// The registers R8-R13 (marked with a "+") are set at the start of the -// function, and after a CALL returns, and are not otherwise modified. -// -// The d variable is implicitly DI - R8, and len(dst)-d is R10 - DI. -// The s variable is implicitly SI - R11, and len(src)-s is R13 - SI. -TEXT ·decode(SB), NOSPLIT, $48-56 - // Initialize SI, DI and R8-R13. - MOVQ dst_base+0(FP), R8 - MOVQ dst_len+8(FP), R9 - MOVQ R8, DI - MOVQ R8, R10 - ADDQ R9, R10 - MOVQ src_base+24(FP), R11 - MOVQ src_len+32(FP), R12 - MOVQ R11, SI - MOVQ R11, R13 - ADDQ R12, R13 - -loop: - // for s < len(src) - CMPQ SI, R13 - JEQ end - - // CX = uint32(src[s]) - // - // switch src[s] & 0x03 - MOVBLZX (SI), CX - MOVL CX, BX - ANDL $3, BX - CMPL BX, $1 - JAE tagCopy - - // ---------------------------------------- - // The code below handles literal tags. - - // case tagLiteral: - // x := uint32(src[s] >> 2) - // switch - SHRL $2, CX - CMPL CX, $60 - JAE tagLit60Plus - - // case x < 60: - // s++ - INCQ SI - -doLit: - // This is the end of the inner "switch", when we have a literal tag. - // - // We assume that CX == x and x fits in a uint32, where x is the variable - // used in the pure Go decode_other.go code. - - // length = int(x) + 1 - // - // Unlike the pure Go code, we don't need to check if length <= 0 because - // CX can hold 64 bits, so the increment cannot overflow. - INCQ CX - - // Prepare to check if copying length bytes will run past the end of dst or - // src. - // - // AX = len(dst) - d - // BX = len(src) - s - MOVQ R10, AX - SUBQ DI, AX - MOVQ R13, BX - SUBQ SI, BX - - // !!! Try a faster technique for short (16 or fewer bytes) copies. - // - // if length > 16 || len(dst)-d < 16 || len(src)-s < 16 { - // goto callMemmove // Fall back on calling runtime·memmove. - // } - // - // The C++ snappy code calls this TryFastAppend. It also checks len(src)-s - // against 21 instead of 16, because it cannot assume that all of its input - // is contiguous in memory and so it needs to leave enough source bytes to - // read the next tag without refilling buffers, but Go's Decode assumes - // contiguousness (the src argument is a []byte). - CMPQ CX, $16 - JGT callMemmove - CMPQ AX, $16 - JLT callMemmove - CMPQ BX, $16 - JLT callMemmove - - // !!! Implement the copy from src to dst as a 16-byte load and store. - // (Decode's documentation says that dst and src must not overlap.) - // - // This always copies 16 bytes, instead of only length bytes, but that's - // OK. If the input is a valid Snappy encoding then subsequent iterations - // will fix up the overrun. Otherwise, Decode returns a nil []byte (and a - // non-nil error), so the overrun will be ignored. - // - // Note that on amd64, it is legal and cheap to issue unaligned 8-byte or - // 16-byte loads and stores. This technique probably wouldn't be as - // effective on architectures that are fussier about alignment. - MOVOU 0(SI), X0 - MOVOU X0, 0(DI) - - // d += length - // s += length - ADDQ CX, DI - ADDQ CX, SI - JMP loop - -callMemmove: - // if length > len(dst)-d || length > len(src)-s { etc } - CMPQ CX, AX - JGT errCorrupt - CMPQ CX, BX - JGT errCorrupt - - // copy(dst[d:], src[s:s+length]) - // - // This means calling runtime·memmove(&dst[d], &src[s], length), so we push - // DI, SI and CX as arguments. Coincidentally, we also need to spill those - // three registers to the stack, to save local variables across the CALL. - MOVQ DI, 0(SP) - MOVQ SI, 8(SP) - MOVQ CX, 16(SP) - MOVQ DI, 24(SP) - MOVQ SI, 32(SP) - MOVQ CX, 40(SP) - CALL runtime·memmove(SB) - - // Restore local variables: unspill registers from the stack and - // re-calculate R8-R13. - MOVQ 24(SP), DI - MOVQ 32(SP), SI - MOVQ 40(SP), CX - MOVQ dst_base+0(FP), R8 - MOVQ dst_len+8(FP), R9 - MOVQ R8, R10 - ADDQ R9, R10 - MOVQ src_base+24(FP), R11 - MOVQ src_len+32(FP), R12 - MOVQ R11, R13 - ADDQ R12, R13 - - // d += length - // s += length - ADDQ CX, DI - ADDQ CX, SI - JMP loop - -tagLit60Plus: - // !!! This fragment does the - // - // s += x - 58; if uint(s) > uint(len(src)) { etc } - // - // checks. In the asm version, we code it once instead of once per switch case. - ADDQ CX, SI - SUBQ $58, SI - MOVQ SI, BX - SUBQ R11, BX - CMPQ BX, R12 - JA errCorrupt - - // case x == 60: - CMPL CX, $61 - JEQ tagLit61 - JA tagLit62Plus - - // x = uint32(src[s-1]) - MOVBLZX -1(SI), CX - JMP doLit - -tagLit61: - // case x == 61: - // x = uint32(src[s-2]) | uint32(src[s-1])<<8 - MOVWLZX -2(SI), CX - JMP doLit - -tagLit62Plus: - CMPL CX, $62 - JA tagLit63 - - // case x == 62: - // x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16 - MOVWLZX -3(SI), CX - MOVBLZX -1(SI), BX - SHLL $16, BX - ORL BX, CX - JMP doLit - -tagLit63: - // case x == 63: - // x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24 - MOVL -4(SI), CX - JMP doLit - -// The code above handles literal tags. -// ---------------------------------------- -// The code below handles copy tags. - -tagCopy4: - // case tagCopy4: - // s += 5 - ADDQ $5, SI - - // if uint(s) > uint(len(src)) { etc } - MOVQ SI, BX - SUBQ R11, BX - CMPQ BX, R12 - JA errCorrupt - - // length = 1 + int(src[s-5])>>2 - SHRQ $2, CX - INCQ CX - - // offset = int(uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24) - MOVLQZX -4(SI), DX - JMP doCopy - -tagCopy2: - // case tagCopy2: - // s += 3 - ADDQ $3, SI - - // if uint(s) > uint(len(src)) { etc } - MOVQ SI, BX - SUBQ R11, BX - CMPQ BX, R12 - JA errCorrupt - - // length = 1 + int(src[s-3])>>2 - SHRQ $2, CX - INCQ CX - - // offset = int(uint32(src[s-2]) | uint32(src[s-1])<<8) - MOVWQZX -2(SI), DX - JMP doCopy - -tagCopy: - // We have a copy tag. We assume that: - // - BX == src[s] & 0x03 - // - CX == src[s] - CMPQ BX, $2 - JEQ tagCopy2 - JA tagCopy4 - - // case tagCopy1: - // s += 2 - ADDQ $2, SI - - // if uint(s) > uint(len(src)) { etc } - MOVQ SI, BX - SUBQ R11, BX - CMPQ BX, R12 - JA errCorrupt - - // offset = int(uint32(src[s-2])&0xe0<<3 | uint32(src[s-1])) - MOVQ CX, DX - ANDQ $0xe0, DX - SHLQ $3, DX - MOVBQZX -1(SI), BX - ORQ BX, DX - - // length = 4 + int(src[s-2])>>2&0x7 - SHRQ $2, CX - ANDQ $7, CX - ADDQ $4, CX - -doCopy: - // This is the end of the outer "switch", when we have a copy tag. - // - // We assume that: - // - CX == length && CX > 0 - // - DX == offset - - // if offset <= 0 { etc } - CMPQ DX, $0 - JLE errCorrupt - - // if d < offset { etc } - MOVQ DI, BX - SUBQ R8, BX - CMPQ BX, DX - JLT errCorrupt - - // if length > len(dst)-d { etc } - MOVQ R10, BX - SUBQ DI, BX - CMPQ CX, BX - JGT errCorrupt - - // forwardCopy(dst[d:d+length], dst[d-offset:]); d += length - // - // Set: - // - R14 = len(dst)-d - // - R15 = &dst[d-offset] - MOVQ R10, R14 - SUBQ DI, R14 - MOVQ DI, R15 - SUBQ DX, R15 - - // !!! Try a faster technique for short (16 or fewer bytes) forward copies. - // - // First, try using two 8-byte load/stores, similar to the doLit technique - // above. Even if dst[d:d+length] and dst[d-offset:] can overlap, this is - // still OK if offset >= 8. Note that this has to be two 8-byte load/stores - // and not one 16-byte load/store, and the first store has to be before the - // second load, due to the overlap if offset is in the range [8, 16). - // - // if length > 16 || offset < 8 || len(dst)-d < 16 { - // goto slowForwardCopy - // } - // copy 16 bytes - // d += length - CMPQ CX, $16 - JGT slowForwardCopy - CMPQ DX, $8 - JLT slowForwardCopy - CMPQ R14, $16 - JLT slowForwardCopy - MOVQ 0(R15), AX - MOVQ AX, 0(DI) - MOVQ 8(R15), BX - MOVQ BX, 8(DI) - ADDQ CX, DI - JMP loop - -slowForwardCopy: - // !!! If the forward copy is longer than 16 bytes, or if offset < 8, we - // can still try 8-byte load stores, provided we can overrun up to 10 extra - // bytes. As above, the overrun will be fixed up by subsequent iterations - // of the outermost loop. - // - // The C++ snappy code calls this technique IncrementalCopyFastPath. Its - // commentary says: - // - // ---- - // - // The main part of this loop is a simple copy of eight bytes at a time - // until we've copied (at least) the requested amount of bytes. However, - // if d and d-offset are less than eight bytes apart (indicating a - // repeating pattern of length < 8), we first need to expand the pattern in - // order to get the correct results. For instance, if the buffer looks like - // this, with the eight-byte <d-offset> and <d> patterns marked as - // intervals: - // - // abxxxxxxxxxxxx - // [------] d-offset - // [------] d - // - // a single eight-byte copy from <d-offset> to <d> will repeat the pattern - // once, after which we can move <d> two bytes without moving <d-offset>: - // - // ababxxxxxxxxxx - // [------] d-offset - // [------] d - // - // and repeat the exercise until the two no longer overlap. - // - // This allows us to do very well in the special case of one single byte - // repeated many times, without taking a big hit for more general cases. - // - // The worst case of extra writing past the end of the match occurs when - // offset == 1 and length == 1; the last copy will read from byte positions - // [0..7] and write to [4..11], whereas it was only supposed to write to - // position 1. Thus, ten excess bytes. - // - // ---- - // - // That "10 byte overrun" worst case is confirmed by Go's - // TestSlowForwardCopyOverrun, which also tests the fixUpSlowForwardCopy - // and finishSlowForwardCopy algorithm. - // - // if length > len(dst)-d-10 { - // goto verySlowForwardCopy - // } - SUBQ $10, R14 - CMPQ CX, R14 - JGT verySlowForwardCopy - -makeOffsetAtLeast8: - // !!! As above, expand the pattern so that offset >= 8 and we can use - // 8-byte load/stores. - // - // for offset < 8 { - // copy 8 bytes from dst[d-offset:] to dst[d:] - // length -= offset - // d += offset - // offset += offset - // // The two previous lines together means that d-offset, and therefore - // // R15, is unchanged. - // } - CMPQ DX, $8 - JGE fixUpSlowForwardCopy - MOVQ (R15), BX - MOVQ BX, (DI) - SUBQ DX, CX - ADDQ DX, DI - ADDQ DX, DX - JMP makeOffsetAtLeast8 - -fixUpSlowForwardCopy: - // !!! Add length (which might be negative now) to d (implied by DI being - // &dst[d]) so that d ends up at the right place when we jump back to the - // top of the loop. Before we do that, though, we save DI to AX so that, if - // length is positive, copying the remaining length bytes will write to the - // right place. - MOVQ DI, AX - ADDQ CX, DI - -finishSlowForwardCopy: - // !!! Repeat 8-byte load/stores until length <= 0. Ending with a negative - // length means that we overrun, but as above, that will be fixed up by - // subsequent iterations of the outermost loop. - CMPQ CX, $0 - JLE loop - MOVQ (R15), BX - MOVQ BX, (AX) - ADDQ $8, R15 - ADDQ $8, AX - SUBQ $8, CX - JMP finishSlowForwardCopy - -verySlowForwardCopy: - // verySlowForwardCopy is a simple implementation of forward copy. In C - // parlance, this is a do/while loop instead of a while loop, since we know - // that length > 0. In Go syntax: - // - // for { - // dst[d] = dst[d - offset] - // d++ - // length-- - // if length == 0 { - // break - // } - // } - MOVB (R15), BX - MOVB BX, (DI) - INCQ R15 - INCQ DI - DECQ CX - JNZ verySlowForwardCopy - JMP loop - -// The code above handles copy tags. -// ---------------------------------------- - -end: - // This is the end of the "for s < len(src)". - // - // if d != len(dst) { etc } - CMPQ DI, R10 - JNE errCorrupt - - // return 0 - MOVQ $0, ret+48(FP) - RET - -errCorrupt: - // return decodeErrCodeCorrupt - MOVQ $1, ret+48(FP) - RET diff --git a/vendor/github.com/golang/snappy/decode_arm64.s b/vendor/github.com/golang/snappy/decode_arm64.s deleted file mode 100644 index 7a3ead17e..000000000 --- a/vendor/github.com/golang/snappy/decode_arm64.s +++ /dev/null @@ -1,494 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm - -#include "textflag.h" - -// The asm code generally follows the pure Go code in decode_other.go, except -// where marked with a "!!!". - -// func decode(dst, src []byte) int -// -// All local variables fit into registers. The non-zero stack size is only to -// spill registers and push args when issuing a CALL. The register allocation: -// - R2 scratch -// - R3 scratch -// - R4 length or x -// - R5 offset -// - R6 &src[s] -// - R7 &dst[d] -// + R8 dst_base -// + R9 dst_len -// + R10 dst_base + dst_len -// + R11 src_base -// + R12 src_len -// + R13 src_base + src_len -// - R14 used by doCopy -// - R15 used by doCopy -// -// The registers R8-R13 (marked with a "+") are set at the start of the -// function, and after a CALL returns, and are not otherwise modified. -// -// The d variable is implicitly R7 - R8, and len(dst)-d is R10 - R7. -// The s variable is implicitly R6 - R11, and len(src)-s is R13 - R6. -TEXT ·decode(SB), NOSPLIT, $56-56 - // Initialize R6, R7 and R8-R13. - MOVD dst_base+0(FP), R8 - MOVD dst_len+8(FP), R9 - MOVD R8, R7 - MOVD R8, R10 - ADD R9, R10, R10 - MOVD src_base+24(FP), R11 - MOVD src_len+32(FP), R12 - MOVD R11, R6 - MOVD R11, R13 - ADD R12, R13, R13 - -loop: - // for s < len(src) - CMP R13, R6 - BEQ end - - // R4 = uint32(src[s]) - // - // switch src[s] & 0x03 - MOVBU (R6), R4 - MOVW R4, R3 - ANDW $3, R3 - MOVW $1, R1 - CMPW R1, R3 - BGE tagCopy - - // ---------------------------------------- - // The code below handles literal tags. - - // case tagLiteral: - // x := uint32(src[s] >> 2) - // switch - MOVW $60, R1 - LSRW $2, R4, R4 - CMPW R4, R1 - BLS tagLit60Plus - - // case x < 60: - // s++ - ADD $1, R6, R6 - -doLit: - // This is the end of the inner "switch", when we have a literal tag. - // - // We assume that R4 == x and x fits in a uint32, where x is the variable - // used in the pure Go decode_other.go code. - - // length = int(x) + 1 - // - // Unlike the pure Go code, we don't need to check if length <= 0 because - // R4 can hold 64 bits, so the increment cannot overflow. - ADD $1, R4, R4 - - // Prepare to check if copying length bytes will run past the end of dst or - // src. - // - // R2 = len(dst) - d - // R3 = len(src) - s - MOVD R10, R2 - SUB R7, R2, R2 - MOVD R13, R3 - SUB R6, R3, R3 - - // !!! Try a faster technique for short (16 or fewer bytes) copies. - // - // if length > 16 || len(dst)-d < 16 || len(src)-s < 16 { - // goto callMemmove // Fall back on calling runtime·memmove. - // } - // - // The C++ snappy code calls this TryFastAppend. It also checks len(src)-s - // against 21 instead of 16, because it cannot assume that all of its input - // is contiguous in memory and so it needs to leave enough source bytes to - // read the next tag without refilling buffers, but Go's Decode assumes - // contiguousness (the src argument is a []byte). - CMP $16, R4 - BGT callMemmove - CMP $16, R2 - BLT callMemmove - CMP $16, R3 - BLT callMemmove - - // !!! Implement the copy from src to dst as a 16-byte load and store. - // (Decode's documentation says that dst and src must not overlap.) - // - // This always copies 16 bytes, instead of only length bytes, but that's - // OK. If the input is a valid Snappy encoding then subsequent iterations - // will fix up the overrun. Otherwise, Decode returns a nil []byte (and a - // non-nil error), so the overrun will be ignored. - // - // Note that on arm64, it is legal and cheap to issue unaligned 8-byte or - // 16-byte loads and stores. This technique probably wouldn't be as - // effective on architectures that are fussier about alignment. - LDP 0(R6), (R14, R15) - STP (R14, R15), 0(R7) - - // d += length - // s += length - ADD R4, R7, R7 - ADD R4, R6, R6 - B loop - -callMemmove: - // if length > len(dst)-d || length > len(src)-s { etc } - CMP R2, R4 - BGT errCorrupt - CMP R3, R4 - BGT errCorrupt - - // copy(dst[d:], src[s:s+length]) - // - // This means calling runtime·memmove(&dst[d], &src[s], length), so we push - // R7, R6 and R4 as arguments. Coincidentally, we also need to spill those - // three registers to the stack, to save local variables across the CALL. - MOVD R7, 8(RSP) - MOVD R6, 16(RSP) - MOVD R4, 24(RSP) - MOVD R7, 32(RSP) - MOVD R6, 40(RSP) - MOVD R4, 48(RSP) - CALL runtime·memmove(SB) - - // Restore local variables: unspill registers from the stack and - // re-calculate R8-R13. - MOVD 32(RSP), R7 - MOVD 40(RSP), R6 - MOVD 48(RSP), R4 - MOVD dst_base+0(FP), R8 - MOVD dst_len+8(FP), R9 - MOVD R8, R10 - ADD R9, R10, R10 - MOVD src_base+24(FP), R11 - MOVD src_len+32(FP), R12 - MOVD R11, R13 - ADD R12, R13, R13 - - // d += length - // s += length - ADD R4, R7, R7 - ADD R4, R6, R6 - B loop - -tagLit60Plus: - // !!! This fragment does the - // - // s += x - 58; if uint(s) > uint(len(src)) { etc } - // - // checks. In the asm version, we code it once instead of once per switch case. - ADD R4, R6, R6 - SUB $58, R6, R6 - MOVD R6, R3 - SUB R11, R3, R3 - CMP R12, R3 - BGT errCorrupt - - // case x == 60: - MOVW $61, R1 - CMPW R1, R4 - BEQ tagLit61 - BGT tagLit62Plus - - // x = uint32(src[s-1]) - MOVBU -1(R6), R4 - B doLit - -tagLit61: - // case x == 61: - // x = uint32(src[s-2]) | uint32(src[s-1])<<8 - MOVHU -2(R6), R4 - B doLit - -tagLit62Plus: - CMPW $62, R4 - BHI tagLit63 - - // case x == 62: - // x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16 - MOVHU -3(R6), R4 - MOVBU -1(R6), R3 - ORR R3<<16, R4 - B doLit - -tagLit63: - // case x == 63: - // x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24 - MOVWU -4(R6), R4 - B doLit - - // The code above handles literal tags. - // ---------------------------------------- - // The code below handles copy tags. - -tagCopy4: - // case tagCopy4: - // s += 5 - ADD $5, R6, R6 - - // if uint(s) > uint(len(src)) { etc } - MOVD R6, R3 - SUB R11, R3, R3 - CMP R12, R3 - BGT errCorrupt - - // length = 1 + int(src[s-5])>>2 - MOVD $1, R1 - ADD R4>>2, R1, R4 - - // offset = int(uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24) - MOVWU -4(R6), R5 - B doCopy - -tagCopy2: - // case tagCopy2: - // s += 3 - ADD $3, R6, R6 - - // if uint(s) > uint(len(src)) { etc } - MOVD R6, R3 - SUB R11, R3, R3 - CMP R12, R3 - BGT errCorrupt - - // length = 1 + int(src[s-3])>>2 - MOVD $1, R1 - ADD R4>>2, R1, R4 - - // offset = int(uint32(src[s-2]) | uint32(src[s-1])<<8) - MOVHU -2(R6), R5 - B doCopy - -tagCopy: - // We have a copy tag. We assume that: - // - R3 == src[s] & 0x03 - // - R4 == src[s] - CMP $2, R3 - BEQ tagCopy2 - BGT tagCopy4 - - // case tagCopy1: - // s += 2 - ADD $2, R6, R6 - - // if uint(s) > uint(len(src)) { etc } - MOVD R6, R3 - SUB R11, R3, R3 - CMP R12, R3 - BGT errCorrupt - - // offset = int(uint32(src[s-2])&0xe0<<3 | uint32(src[s-1])) - MOVD R4, R5 - AND $0xe0, R5 - MOVBU -1(R6), R3 - ORR R5<<3, R3, R5 - - // length = 4 + int(src[s-2])>>2&0x7 - MOVD $7, R1 - AND R4>>2, R1, R4 - ADD $4, R4, R4 - -doCopy: - // This is the end of the outer "switch", when we have a copy tag. - // - // We assume that: - // - R4 == length && R4 > 0 - // - R5 == offset - - // if offset <= 0 { etc } - MOVD $0, R1 - CMP R1, R5 - BLE errCorrupt - - // if d < offset { etc } - MOVD R7, R3 - SUB R8, R3, R3 - CMP R5, R3 - BLT errCorrupt - - // if length > len(dst)-d { etc } - MOVD R10, R3 - SUB R7, R3, R3 - CMP R3, R4 - BGT errCorrupt - - // forwardCopy(dst[d:d+length], dst[d-offset:]); d += length - // - // Set: - // - R14 = len(dst)-d - // - R15 = &dst[d-offset] - MOVD R10, R14 - SUB R7, R14, R14 - MOVD R7, R15 - SUB R5, R15, R15 - - // !!! Try a faster technique for short (16 or fewer bytes) forward copies. - // - // First, try using two 8-byte load/stores, similar to the doLit technique - // above. Even if dst[d:d+length] and dst[d-offset:] can overlap, this is - // still OK if offset >= 8. Note that this has to be two 8-byte load/stores - // and not one 16-byte load/store, and the first store has to be before the - // second load, due to the overlap if offset is in the range [8, 16). - // - // if length > 16 || offset < 8 || len(dst)-d < 16 { - // goto slowForwardCopy - // } - // copy 16 bytes - // d += length - CMP $16, R4 - BGT slowForwardCopy - CMP $8, R5 - BLT slowForwardCopy - CMP $16, R14 - BLT slowForwardCopy - MOVD 0(R15), R2 - MOVD R2, 0(R7) - MOVD 8(R15), R3 - MOVD R3, 8(R7) - ADD R4, R7, R7 - B loop - -slowForwardCopy: - // !!! If the forward copy is longer than 16 bytes, or if offset < 8, we - // can still try 8-byte load stores, provided we can overrun up to 10 extra - // bytes. As above, the overrun will be fixed up by subsequent iterations - // of the outermost loop. - // - // The C++ snappy code calls this technique IncrementalCopyFastPath. Its - // commentary says: - // - // ---- - // - // The main part of this loop is a simple copy of eight bytes at a time - // until we've copied (at least) the requested amount of bytes. However, - // if d and d-offset are less than eight bytes apart (indicating a - // repeating pattern of length < 8), we first need to expand the pattern in - // order to get the correct results. For instance, if the buffer looks like - // this, with the eight-byte <d-offset> and <d> patterns marked as - // intervals: - // - // abxxxxxxxxxxxx - // [------] d-offset - // [------] d - // - // a single eight-byte copy from <d-offset> to <d> will repeat the pattern - // once, after which we can move <d> two bytes without moving <d-offset>: - // - // ababxxxxxxxxxx - // [------] d-offset - // [------] d - // - // and repeat the exercise until the two no longer overlap. - // - // This allows us to do very well in the special case of one single byte - // repeated many times, without taking a big hit for more general cases. - // - // The worst case of extra writing past the end of the match occurs when - // offset == 1 and length == 1; the last copy will read from byte positions - // [0..7] and write to [4..11], whereas it was only supposed to write to - // position 1. Thus, ten excess bytes. - // - // ---- - // - // That "10 byte overrun" worst case is confirmed by Go's - // TestSlowForwardCopyOverrun, which also tests the fixUpSlowForwardCopy - // and finishSlowForwardCopy algorithm. - // - // if length > len(dst)-d-10 { - // goto verySlowForwardCopy - // } - SUB $10, R14, R14 - CMP R14, R4 - BGT verySlowForwardCopy - -makeOffsetAtLeast8: - // !!! As above, expand the pattern so that offset >= 8 and we can use - // 8-byte load/stores. - // - // for offset < 8 { - // copy 8 bytes from dst[d-offset:] to dst[d:] - // length -= offset - // d += offset - // offset += offset - // // The two previous lines together means that d-offset, and therefore - // // R15, is unchanged. - // } - CMP $8, R5 - BGE fixUpSlowForwardCopy - MOVD (R15), R3 - MOVD R3, (R7) - SUB R5, R4, R4 - ADD R5, R7, R7 - ADD R5, R5, R5 - B makeOffsetAtLeast8 - -fixUpSlowForwardCopy: - // !!! Add length (which might be negative now) to d (implied by R7 being - // &dst[d]) so that d ends up at the right place when we jump back to the - // top of the loop. Before we do that, though, we save R7 to R2 so that, if - // length is positive, copying the remaining length bytes will write to the - // right place. - MOVD R7, R2 - ADD R4, R7, R7 - -finishSlowForwardCopy: - // !!! Repeat 8-byte load/stores until length <= 0. Ending with a negative - // length means that we overrun, but as above, that will be fixed up by - // subsequent iterations of the outermost loop. - MOVD $0, R1 - CMP R1, R4 - BLE loop - MOVD (R15), R3 - MOVD R3, (R2) - ADD $8, R15, R15 - ADD $8, R2, R2 - SUB $8, R4, R4 - B finishSlowForwardCopy - -verySlowForwardCopy: - // verySlowForwardCopy is a simple implementation of forward copy. In C - // parlance, this is a do/while loop instead of a while loop, since we know - // that length > 0. In Go syntax: - // - // for { - // dst[d] = dst[d - offset] - // d++ - // length-- - // if length == 0 { - // break - // } - // } - MOVB (R15), R3 - MOVB R3, (R7) - ADD $1, R15, R15 - ADD $1, R7, R7 - SUB $1, R4, R4 - CBNZ R4, verySlowForwardCopy - B loop - - // The code above handles copy tags. - // ---------------------------------------- - -end: - // This is the end of the "for s < len(src)". - // - // if d != len(dst) { etc } - CMP R10, R7 - BNE errCorrupt - - // return 0 - MOVD $0, ret+48(FP) - RET - -errCorrupt: - // return decodeErrCodeCorrupt - MOVD $1, R2 - MOVD R2, ret+48(FP) - RET diff --git a/vendor/github.com/golang/snappy/decode_asm.go b/vendor/github.com/golang/snappy/decode_asm.go deleted file mode 100644 index 7082b3491..000000000 --- a/vendor/github.com/golang/snappy/decode_asm.go +++ /dev/null @@ -1,15 +0,0 @@ -// Copyright 2016 The Snappy-Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm -// +build amd64 arm64 - -package snappy - -// decode has the same semantics as in decode_other.go. -// -//go:noescape -func decode(dst, src []byte) int diff --git a/vendor/github.com/golang/snappy/encode_amd64.s b/vendor/github.com/golang/snappy/encode_amd64.s deleted file mode 100644 index adfd979fe..000000000 --- a/vendor/github.com/golang/snappy/encode_amd64.s +++ /dev/null @@ -1,730 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm - -#include "textflag.h" - -// The XXX lines assemble on Go 1.4, 1.5 and 1.7, but not 1.6, due to a -// Go toolchain regression. See https://github.com/golang/go/issues/15426 and -// https://github.com/golang/snappy/issues/29 -// -// As a workaround, the package was built with a known good assembler, and -// those instructions were disassembled by "objdump -d" to yield the -// 4e 0f b7 7c 5c 78 movzwq 0x78(%rsp,%r11,2),%r15 -// style comments, in AT&T asm syntax. Note that rsp here is a physical -// register, not Go/asm's SP pseudo-register (see https://golang.org/doc/asm). -// The instructions were then encoded as "BYTE $0x.." sequences, which assemble -// fine on Go 1.6. - -// The asm code generally follows the pure Go code in encode_other.go, except -// where marked with a "!!!". - -// ---------------------------------------------------------------------------- - -// func emitLiteral(dst, lit []byte) int -// -// All local variables fit into registers. The register allocation: -// - AX len(lit) -// - BX n -// - DX return value -// - DI &dst[i] -// - R10 &lit[0] -// -// The 24 bytes of stack space is to call runtime·memmove. -// -// The unusual register allocation of local variables, such as R10 for the -// source pointer, matches the allocation used at the call site in encodeBlock, -// which makes it easier to manually inline this function. -TEXT ·emitLiteral(SB), NOSPLIT, $24-56 - MOVQ dst_base+0(FP), DI - MOVQ lit_base+24(FP), R10 - MOVQ lit_len+32(FP), AX - MOVQ AX, DX - MOVL AX, BX - SUBL $1, BX - - CMPL BX, $60 - JLT oneByte - CMPL BX, $256 - JLT twoBytes - -threeBytes: - MOVB $0xf4, 0(DI) - MOVW BX, 1(DI) - ADDQ $3, DI - ADDQ $3, DX - JMP memmove - -twoBytes: - MOVB $0xf0, 0(DI) - MOVB BX, 1(DI) - ADDQ $2, DI - ADDQ $2, DX - JMP memmove - -oneByte: - SHLB $2, BX - MOVB BX, 0(DI) - ADDQ $1, DI - ADDQ $1, DX - -memmove: - MOVQ DX, ret+48(FP) - - // copy(dst[i:], lit) - // - // This means calling runtime·memmove(&dst[i], &lit[0], len(lit)), so we push - // DI, R10 and AX as arguments. - MOVQ DI, 0(SP) - MOVQ R10, 8(SP) - MOVQ AX, 16(SP) - CALL runtime·memmove(SB) - RET - -// ---------------------------------------------------------------------------- - -// func emitCopy(dst []byte, offset, length int) int -// -// All local variables fit into registers. The register allocation: -// - AX length -// - SI &dst[0] -// - DI &dst[i] -// - R11 offset -// -// The unusual register allocation of local variables, such as R11 for the -// offset, matches the allocation used at the call site in encodeBlock, which -// makes it easier to manually inline this function. -TEXT ·emitCopy(SB), NOSPLIT, $0-48 - MOVQ dst_base+0(FP), DI - MOVQ DI, SI - MOVQ offset+24(FP), R11 - MOVQ length+32(FP), AX - -loop0: - // for length >= 68 { etc } - CMPL AX, $68 - JLT step1 - - // Emit a length 64 copy, encoded as 3 bytes. - MOVB $0xfe, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - SUBL $64, AX - JMP loop0 - -step1: - // if length > 64 { etc } - CMPL AX, $64 - JLE step2 - - // Emit a length 60 copy, encoded as 3 bytes. - MOVB $0xee, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - SUBL $60, AX - -step2: - // if length >= 12 || offset >= 2048 { goto step3 } - CMPL AX, $12 - JGE step3 - CMPL R11, $2048 - JGE step3 - - // Emit the remaining copy, encoded as 2 bytes. - MOVB R11, 1(DI) - SHRL $8, R11 - SHLB $5, R11 - SUBB $4, AX - SHLB $2, AX - ORB AX, R11 - ORB $1, R11 - MOVB R11, 0(DI) - ADDQ $2, DI - - // Return the number of bytes written. - SUBQ SI, DI - MOVQ DI, ret+40(FP) - RET - -step3: - // Emit the remaining copy, encoded as 3 bytes. - SUBL $1, AX - SHLB $2, AX - ORB $2, AX - MOVB AX, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - - // Return the number of bytes written. - SUBQ SI, DI - MOVQ DI, ret+40(FP) - RET - -// ---------------------------------------------------------------------------- - -// func extendMatch(src []byte, i, j int) int -// -// All local variables fit into registers. The register allocation: -// - DX &src[0] -// - SI &src[j] -// - R13 &src[len(src) - 8] -// - R14 &src[len(src)] -// - R15 &src[i] -// -// The unusual register allocation of local variables, such as R15 for a source -// pointer, matches the allocation used at the call site in encodeBlock, which -// makes it easier to manually inline this function. -TEXT ·extendMatch(SB), NOSPLIT, $0-48 - MOVQ src_base+0(FP), DX - MOVQ src_len+8(FP), R14 - MOVQ i+24(FP), R15 - MOVQ j+32(FP), SI - ADDQ DX, R14 - ADDQ DX, R15 - ADDQ DX, SI - MOVQ R14, R13 - SUBQ $8, R13 - -cmp8: - // As long as we are 8 or more bytes before the end of src, we can load and - // compare 8 bytes at a time. If those 8 bytes are equal, repeat. - CMPQ SI, R13 - JA cmp1 - MOVQ (R15), AX - MOVQ (SI), BX - CMPQ AX, BX - JNE bsf - ADDQ $8, R15 - ADDQ $8, SI - JMP cmp8 - -bsf: - // If those 8 bytes were not equal, XOR the two 8 byte values, and return - // the index of the first byte that differs. The BSF instruction finds the - // least significant 1 bit, the amd64 architecture is little-endian, and - // the shift by 3 converts a bit index to a byte index. - XORQ AX, BX - BSFQ BX, BX - SHRQ $3, BX - ADDQ BX, SI - - // Convert from &src[ret] to ret. - SUBQ DX, SI - MOVQ SI, ret+40(FP) - RET - -cmp1: - // In src's tail, compare 1 byte at a time. - CMPQ SI, R14 - JAE extendMatchEnd - MOVB (R15), AX - MOVB (SI), BX - CMPB AX, BX - JNE extendMatchEnd - ADDQ $1, R15 - ADDQ $1, SI - JMP cmp1 - -extendMatchEnd: - // Convert from &src[ret] to ret. - SUBQ DX, SI - MOVQ SI, ret+40(FP) - RET - -// ---------------------------------------------------------------------------- - -// func encodeBlock(dst, src []byte) (d int) -// -// All local variables fit into registers, other than "var table". The register -// allocation: -// - AX . . -// - BX . . -// - CX 56 shift (note that amd64 shifts by non-immediates must use CX). -// - DX 64 &src[0], tableSize -// - SI 72 &src[s] -// - DI 80 &dst[d] -// - R9 88 sLimit -// - R10 . &src[nextEmit] -// - R11 96 prevHash, currHash, nextHash, offset -// - R12 104 &src[base], skip -// - R13 . &src[nextS], &src[len(src) - 8] -// - R14 . len(src), bytesBetweenHashLookups, &src[len(src)], x -// - R15 112 candidate -// -// The second column (56, 64, etc) is the stack offset to spill the registers -// when calling other functions. We could pack this slightly tighter, but it's -// simpler to have a dedicated spill map independent of the function called. -// -// "var table [maxTableSize]uint16" takes up 32768 bytes of stack space. An -// extra 56 bytes, to call other functions, and an extra 64 bytes, to spill -// local variables (registers) during calls gives 32768 + 56 + 64 = 32888. -TEXT ·encodeBlock(SB), 0, $32888-56 - MOVQ dst_base+0(FP), DI - MOVQ src_base+24(FP), SI - MOVQ src_len+32(FP), R14 - - // shift, tableSize := uint32(32-8), 1<<8 - MOVQ $24, CX - MOVQ $256, DX - -calcShift: - // for ; tableSize < maxTableSize && tableSize < len(src); tableSize *= 2 { - // shift-- - // } - CMPQ DX, $16384 - JGE varTable - CMPQ DX, R14 - JGE varTable - SUBQ $1, CX - SHLQ $1, DX - JMP calcShift - -varTable: - // var table [maxTableSize]uint16 - // - // In the asm code, unlike the Go code, we can zero-initialize only the - // first tableSize elements. Each uint16 element is 2 bytes and each MOVOU - // writes 16 bytes, so we can do only tableSize/8 writes instead of the - // 2048 writes that would zero-initialize all of table's 32768 bytes. - SHRQ $3, DX - LEAQ table-32768(SP), BX - PXOR X0, X0 - -memclr: - MOVOU X0, 0(BX) - ADDQ $16, BX - SUBQ $1, DX - JNZ memclr - - // !!! DX = &src[0] - MOVQ SI, DX - - // sLimit := len(src) - inputMargin - MOVQ R14, R9 - SUBQ $15, R9 - - // !!! Pre-emptively spill CX, DX and R9 to the stack. Their values don't - // change for the rest of the function. - MOVQ CX, 56(SP) - MOVQ DX, 64(SP) - MOVQ R9, 88(SP) - - // nextEmit := 0 - MOVQ DX, R10 - - // s := 1 - ADDQ $1, SI - - // nextHash := hash(load32(src, s), shift) - MOVL 0(SI), R11 - IMULL $0x1e35a7bd, R11 - SHRL CX, R11 - -outer: - // for { etc } - - // skip := 32 - MOVQ $32, R12 - - // nextS := s - MOVQ SI, R13 - - // candidate := 0 - MOVQ $0, R15 - -inner0: - // for { etc } - - // s := nextS - MOVQ R13, SI - - // bytesBetweenHashLookups := skip >> 5 - MOVQ R12, R14 - SHRQ $5, R14 - - // nextS = s + bytesBetweenHashLookups - ADDQ R14, R13 - - // skip += bytesBetweenHashLookups - ADDQ R14, R12 - - // if nextS > sLimit { goto emitRemainder } - MOVQ R13, AX - SUBQ DX, AX - CMPQ AX, R9 - JA emitRemainder - - // candidate = int(table[nextHash]) - // XXX: MOVWQZX table-32768(SP)(R11*2), R15 - // XXX: 4e 0f b7 7c 5c 78 movzwq 0x78(%rsp,%r11,2),%r15 - BYTE $0x4e - BYTE $0x0f - BYTE $0xb7 - BYTE $0x7c - BYTE $0x5c - BYTE $0x78 - - // table[nextHash] = uint16(s) - MOVQ SI, AX - SUBQ DX, AX - - // XXX: MOVW AX, table-32768(SP)(R11*2) - // XXX: 66 42 89 44 5c 78 mov %ax,0x78(%rsp,%r11,2) - BYTE $0x66 - BYTE $0x42 - BYTE $0x89 - BYTE $0x44 - BYTE $0x5c - BYTE $0x78 - - // nextHash = hash(load32(src, nextS), shift) - MOVL 0(R13), R11 - IMULL $0x1e35a7bd, R11 - SHRL CX, R11 - - // if load32(src, s) != load32(src, candidate) { continue } break - MOVL 0(SI), AX - MOVL (DX)(R15*1), BX - CMPL AX, BX - JNE inner0 - -fourByteMatch: - // As per the encode_other.go code: - // - // A 4-byte match has been found. We'll later see etc. - - // !!! Jump to a fast path for short (<= 16 byte) literals. See the comment - // on inputMargin in encode.go. - MOVQ SI, AX - SUBQ R10, AX - CMPQ AX, $16 - JLE emitLiteralFastPath - - // ---------------------------------------- - // Begin inline of the emitLiteral call. - // - // d += emitLiteral(dst[d:], src[nextEmit:s]) - - MOVL AX, BX - SUBL $1, BX - - CMPL BX, $60 - JLT inlineEmitLiteralOneByte - CMPL BX, $256 - JLT inlineEmitLiteralTwoBytes - -inlineEmitLiteralThreeBytes: - MOVB $0xf4, 0(DI) - MOVW BX, 1(DI) - ADDQ $3, DI - JMP inlineEmitLiteralMemmove - -inlineEmitLiteralTwoBytes: - MOVB $0xf0, 0(DI) - MOVB BX, 1(DI) - ADDQ $2, DI - JMP inlineEmitLiteralMemmove - -inlineEmitLiteralOneByte: - SHLB $2, BX - MOVB BX, 0(DI) - ADDQ $1, DI - -inlineEmitLiteralMemmove: - // Spill local variables (registers) onto the stack; call; unspill. - // - // copy(dst[i:], lit) - // - // This means calling runtime·memmove(&dst[i], &lit[0], len(lit)), so we push - // DI, R10 and AX as arguments. - MOVQ DI, 0(SP) - MOVQ R10, 8(SP) - MOVQ AX, 16(SP) - ADDQ AX, DI // Finish the "d +=" part of "d += emitLiteral(etc)". - MOVQ SI, 72(SP) - MOVQ DI, 80(SP) - MOVQ R15, 112(SP) - CALL runtime·memmove(SB) - MOVQ 56(SP), CX - MOVQ 64(SP), DX - MOVQ 72(SP), SI - MOVQ 80(SP), DI - MOVQ 88(SP), R9 - MOVQ 112(SP), R15 - JMP inner1 - -inlineEmitLiteralEnd: - // End inline of the emitLiteral call. - // ---------------------------------------- - -emitLiteralFastPath: - // !!! Emit the 1-byte encoding "uint8(len(lit)-1)<<2". - MOVB AX, BX - SUBB $1, BX - SHLB $2, BX - MOVB BX, (DI) - ADDQ $1, DI - - // !!! Implement the copy from lit to dst as a 16-byte load and store. - // (Encode's documentation says that dst and src must not overlap.) - // - // This always copies 16 bytes, instead of only len(lit) bytes, but that's - // OK. Subsequent iterations will fix up the overrun. - // - // Note that on amd64, it is legal and cheap to issue unaligned 8-byte or - // 16-byte loads and stores. This technique probably wouldn't be as - // effective on architectures that are fussier about alignment. - MOVOU 0(R10), X0 - MOVOU X0, 0(DI) - ADDQ AX, DI - -inner1: - // for { etc } - - // base := s - MOVQ SI, R12 - - // !!! offset := base - candidate - MOVQ R12, R11 - SUBQ R15, R11 - SUBQ DX, R11 - - // ---------------------------------------- - // Begin inline of the extendMatch call. - // - // s = extendMatch(src, candidate+4, s+4) - - // !!! R14 = &src[len(src)] - MOVQ src_len+32(FP), R14 - ADDQ DX, R14 - - // !!! R13 = &src[len(src) - 8] - MOVQ R14, R13 - SUBQ $8, R13 - - // !!! R15 = &src[candidate + 4] - ADDQ $4, R15 - ADDQ DX, R15 - - // !!! s += 4 - ADDQ $4, SI - -inlineExtendMatchCmp8: - // As long as we are 8 or more bytes before the end of src, we can load and - // compare 8 bytes at a time. If those 8 bytes are equal, repeat. - CMPQ SI, R13 - JA inlineExtendMatchCmp1 - MOVQ (R15), AX - MOVQ (SI), BX - CMPQ AX, BX - JNE inlineExtendMatchBSF - ADDQ $8, R15 - ADDQ $8, SI - JMP inlineExtendMatchCmp8 - -inlineExtendMatchBSF: - // If those 8 bytes were not equal, XOR the two 8 byte values, and return - // the index of the first byte that differs. The BSF instruction finds the - // least significant 1 bit, the amd64 architecture is little-endian, and - // the shift by 3 converts a bit index to a byte index. - XORQ AX, BX - BSFQ BX, BX - SHRQ $3, BX - ADDQ BX, SI - JMP inlineExtendMatchEnd - -inlineExtendMatchCmp1: - // In src's tail, compare 1 byte at a time. - CMPQ SI, R14 - JAE inlineExtendMatchEnd - MOVB (R15), AX - MOVB (SI), BX - CMPB AX, BX - JNE inlineExtendMatchEnd - ADDQ $1, R15 - ADDQ $1, SI - JMP inlineExtendMatchCmp1 - -inlineExtendMatchEnd: - // End inline of the extendMatch call. - // ---------------------------------------- - - // ---------------------------------------- - // Begin inline of the emitCopy call. - // - // d += emitCopy(dst[d:], base-candidate, s-base) - - // !!! length := s - base - MOVQ SI, AX - SUBQ R12, AX - -inlineEmitCopyLoop0: - // for length >= 68 { etc } - CMPL AX, $68 - JLT inlineEmitCopyStep1 - - // Emit a length 64 copy, encoded as 3 bytes. - MOVB $0xfe, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - SUBL $64, AX - JMP inlineEmitCopyLoop0 - -inlineEmitCopyStep1: - // if length > 64 { etc } - CMPL AX, $64 - JLE inlineEmitCopyStep2 - - // Emit a length 60 copy, encoded as 3 bytes. - MOVB $0xee, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - SUBL $60, AX - -inlineEmitCopyStep2: - // if length >= 12 || offset >= 2048 { goto inlineEmitCopyStep3 } - CMPL AX, $12 - JGE inlineEmitCopyStep3 - CMPL R11, $2048 - JGE inlineEmitCopyStep3 - - // Emit the remaining copy, encoded as 2 bytes. - MOVB R11, 1(DI) - SHRL $8, R11 - SHLB $5, R11 - SUBB $4, AX - SHLB $2, AX - ORB AX, R11 - ORB $1, R11 - MOVB R11, 0(DI) - ADDQ $2, DI - JMP inlineEmitCopyEnd - -inlineEmitCopyStep3: - // Emit the remaining copy, encoded as 3 bytes. - SUBL $1, AX - SHLB $2, AX - ORB $2, AX - MOVB AX, 0(DI) - MOVW R11, 1(DI) - ADDQ $3, DI - -inlineEmitCopyEnd: - // End inline of the emitCopy call. - // ---------------------------------------- - - // nextEmit = s - MOVQ SI, R10 - - // if s >= sLimit { goto emitRemainder } - MOVQ SI, AX - SUBQ DX, AX - CMPQ AX, R9 - JAE emitRemainder - - // As per the encode_other.go code: - // - // We could immediately etc. - - // x := load64(src, s-1) - MOVQ -1(SI), R14 - - // prevHash := hash(uint32(x>>0), shift) - MOVL R14, R11 - IMULL $0x1e35a7bd, R11 - SHRL CX, R11 - - // table[prevHash] = uint16(s-1) - MOVQ SI, AX - SUBQ DX, AX - SUBQ $1, AX - - // XXX: MOVW AX, table-32768(SP)(R11*2) - // XXX: 66 42 89 44 5c 78 mov %ax,0x78(%rsp,%r11,2) - BYTE $0x66 - BYTE $0x42 - BYTE $0x89 - BYTE $0x44 - BYTE $0x5c - BYTE $0x78 - - // currHash := hash(uint32(x>>8), shift) - SHRQ $8, R14 - MOVL R14, R11 - IMULL $0x1e35a7bd, R11 - SHRL CX, R11 - - // candidate = int(table[currHash]) - // XXX: MOVWQZX table-32768(SP)(R11*2), R15 - // XXX: 4e 0f b7 7c 5c 78 movzwq 0x78(%rsp,%r11,2),%r15 - BYTE $0x4e - BYTE $0x0f - BYTE $0xb7 - BYTE $0x7c - BYTE $0x5c - BYTE $0x78 - - // table[currHash] = uint16(s) - ADDQ $1, AX - - // XXX: MOVW AX, table-32768(SP)(R11*2) - // XXX: 66 42 89 44 5c 78 mov %ax,0x78(%rsp,%r11,2) - BYTE $0x66 - BYTE $0x42 - BYTE $0x89 - BYTE $0x44 - BYTE $0x5c - BYTE $0x78 - - // if uint32(x>>8) == load32(src, candidate) { continue } - MOVL (DX)(R15*1), BX - CMPL R14, BX - JEQ inner1 - - // nextHash = hash(uint32(x>>16), shift) - SHRQ $8, R14 - MOVL R14, R11 - IMULL $0x1e35a7bd, R11 - SHRL CX, R11 - - // s++ - ADDQ $1, SI - - // break out of the inner1 for loop, i.e. continue the outer loop. - JMP outer - -emitRemainder: - // if nextEmit < len(src) { etc } - MOVQ src_len+32(FP), AX - ADDQ DX, AX - CMPQ R10, AX - JEQ encodeBlockEnd - - // d += emitLiteral(dst[d:], src[nextEmit:]) - // - // Push args. - MOVQ DI, 0(SP) - MOVQ $0, 8(SP) // Unnecessary, as the callee ignores it, but conservative. - MOVQ $0, 16(SP) // Unnecessary, as the callee ignores it, but conservative. - MOVQ R10, 24(SP) - SUBQ R10, AX - MOVQ AX, 32(SP) - MOVQ AX, 40(SP) // Unnecessary, as the callee ignores it, but conservative. - - // Spill local variables (registers) onto the stack; call; unspill. - MOVQ DI, 80(SP) - CALL ·emitLiteral(SB) - MOVQ 80(SP), DI - - // Finish the "d +=" part of "d += emitLiteral(etc)". - ADDQ 48(SP), DI - -encodeBlockEnd: - MOVQ dst_base+0(FP), AX - SUBQ AX, DI - MOVQ DI, d+48(FP) - RET diff --git a/vendor/github.com/golang/snappy/encode_arm64.s b/vendor/github.com/golang/snappy/encode_arm64.s deleted file mode 100644 index bf83667d7..000000000 --- a/vendor/github.com/golang/snappy/encode_arm64.s +++ /dev/null @@ -1,722 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm - -#include "textflag.h" - -// The asm code generally follows the pure Go code in encode_other.go, except -// where marked with a "!!!". - -// ---------------------------------------------------------------------------- - -// func emitLiteral(dst, lit []byte) int -// -// All local variables fit into registers. The register allocation: -// - R3 len(lit) -// - R4 n -// - R6 return value -// - R8 &dst[i] -// - R10 &lit[0] -// -// The 32 bytes of stack space is to call runtime·memmove. -// -// The unusual register allocation of local variables, such as R10 for the -// source pointer, matches the allocation used at the call site in encodeBlock, -// which makes it easier to manually inline this function. -TEXT ·emitLiteral(SB), NOSPLIT, $32-56 - MOVD dst_base+0(FP), R8 - MOVD lit_base+24(FP), R10 - MOVD lit_len+32(FP), R3 - MOVD R3, R6 - MOVW R3, R4 - SUBW $1, R4, R4 - - CMPW $60, R4 - BLT oneByte - CMPW $256, R4 - BLT twoBytes - -threeBytes: - MOVD $0xf4, R2 - MOVB R2, 0(R8) - MOVW R4, 1(R8) - ADD $3, R8, R8 - ADD $3, R6, R6 - B memmove - -twoBytes: - MOVD $0xf0, R2 - MOVB R2, 0(R8) - MOVB R4, 1(R8) - ADD $2, R8, R8 - ADD $2, R6, R6 - B memmove - -oneByte: - LSLW $2, R4, R4 - MOVB R4, 0(R8) - ADD $1, R8, R8 - ADD $1, R6, R6 - -memmove: - MOVD R6, ret+48(FP) - - // copy(dst[i:], lit) - // - // This means calling runtime·memmove(&dst[i], &lit[0], len(lit)), so we push - // R8, R10 and R3 as arguments. - MOVD R8, 8(RSP) - MOVD R10, 16(RSP) - MOVD R3, 24(RSP) - CALL runtime·memmove(SB) - RET - -// ---------------------------------------------------------------------------- - -// func emitCopy(dst []byte, offset, length int) int -// -// All local variables fit into registers. The register allocation: -// - R3 length -// - R7 &dst[0] -// - R8 &dst[i] -// - R11 offset -// -// The unusual register allocation of local variables, such as R11 for the -// offset, matches the allocation used at the call site in encodeBlock, which -// makes it easier to manually inline this function. -TEXT ·emitCopy(SB), NOSPLIT, $0-48 - MOVD dst_base+0(FP), R8 - MOVD R8, R7 - MOVD offset+24(FP), R11 - MOVD length+32(FP), R3 - -loop0: - // for length >= 68 { etc } - CMPW $68, R3 - BLT step1 - - // Emit a length 64 copy, encoded as 3 bytes. - MOVD $0xfe, R2 - MOVB R2, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - SUB $64, R3, R3 - B loop0 - -step1: - // if length > 64 { etc } - CMP $64, R3 - BLE step2 - - // Emit a length 60 copy, encoded as 3 bytes. - MOVD $0xee, R2 - MOVB R2, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - SUB $60, R3, R3 - -step2: - // if length >= 12 || offset >= 2048 { goto step3 } - CMP $12, R3 - BGE step3 - CMPW $2048, R11 - BGE step3 - - // Emit the remaining copy, encoded as 2 bytes. - MOVB R11, 1(R8) - LSRW $3, R11, R11 - AND $0xe0, R11, R11 - SUB $4, R3, R3 - LSLW $2, R3 - AND $0xff, R3, R3 - ORRW R3, R11, R11 - ORRW $1, R11, R11 - MOVB R11, 0(R8) - ADD $2, R8, R8 - - // Return the number of bytes written. - SUB R7, R8, R8 - MOVD R8, ret+40(FP) - RET - -step3: - // Emit the remaining copy, encoded as 3 bytes. - SUB $1, R3, R3 - AND $0xff, R3, R3 - LSLW $2, R3, R3 - ORRW $2, R3, R3 - MOVB R3, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - - // Return the number of bytes written. - SUB R7, R8, R8 - MOVD R8, ret+40(FP) - RET - -// ---------------------------------------------------------------------------- - -// func extendMatch(src []byte, i, j int) int -// -// All local variables fit into registers. The register allocation: -// - R6 &src[0] -// - R7 &src[j] -// - R13 &src[len(src) - 8] -// - R14 &src[len(src)] -// - R15 &src[i] -// -// The unusual register allocation of local variables, such as R15 for a source -// pointer, matches the allocation used at the call site in encodeBlock, which -// makes it easier to manually inline this function. -TEXT ·extendMatch(SB), NOSPLIT, $0-48 - MOVD src_base+0(FP), R6 - MOVD src_len+8(FP), R14 - MOVD i+24(FP), R15 - MOVD j+32(FP), R7 - ADD R6, R14, R14 - ADD R6, R15, R15 - ADD R6, R7, R7 - MOVD R14, R13 - SUB $8, R13, R13 - -cmp8: - // As long as we are 8 or more bytes before the end of src, we can load and - // compare 8 bytes at a time. If those 8 bytes are equal, repeat. - CMP R13, R7 - BHI cmp1 - MOVD (R15), R3 - MOVD (R7), R4 - CMP R4, R3 - BNE bsf - ADD $8, R15, R15 - ADD $8, R7, R7 - B cmp8 - -bsf: - // If those 8 bytes were not equal, XOR the two 8 byte values, and return - // the index of the first byte that differs. - // RBIT reverses the bit order, then CLZ counts the leading zeros, the - // combination of which finds the least significant bit which is set. - // The arm64 architecture is little-endian, and the shift by 3 converts - // a bit index to a byte index. - EOR R3, R4, R4 - RBIT R4, R4 - CLZ R4, R4 - ADD R4>>3, R7, R7 - - // Convert from &src[ret] to ret. - SUB R6, R7, R7 - MOVD R7, ret+40(FP) - RET - -cmp1: - // In src's tail, compare 1 byte at a time. - CMP R7, R14 - BLS extendMatchEnd - MOVB (R15), R3 - MOVB (R7), R4 - CMP R4, R3 - BNE extendMatchEnd - ADD $1, R15, R15 - ADD $1, R7, R7 - B cmp1 - -extendMatchEnd: - // Convert from &src[ret] to ret. - SUB R6, R7, R7 - MOVD R7, ret+40(FP) - RET - -// ---------------------------------------------------------------------------- - -// func encodeBlock(dst, src []byte) (d int) -// -// All local variables fit into registers, other than "var table". The register -// allocation: -// - R3 . . -// - R4 . . -// - R5 64 shift -// - R6 72 &src[0], tableSize -// - R7 80 &src[s] -// - R8 88 &dst[d] -// - R9 96 sLimit -// - R10 . &src[nextEmit] -// - R11 104 prevHash, currHash, nextHash, offset -// - R12 112 &src[base], skip -// - R13 . &src[nextS], &src[len(src) - 8] -// - R14 . len(src), bytesBetweenHashLookups, &src[len(src)], x -// - R15 120 candidate -// - R16 . hash constant, 0x1e35a7bd -// - R17 . &table -// - . 128 table -// -// The second column (64, 72, etc) is the stack offset to spill the registers -// when calling other functions. We could pack this slightly tighter, but it's -// simpler to have a dedicated spill map independent of the function called. -// -// "var table [maxTableSize]uint16" takes up 32768 bytes of stack space. An -// extra 64 bytes, to call other functions, and an extra 64 bytes, to spill -// local variables (registers) during calls gives 32768 + 64 + 64 = 32896. -TEXT ·encodeBlock(SB), 0, $32896-56 - MOVD dst_base+0(FP), R8 - MOVD src_base+24(FP), R7 - MOVD src_len+32(FP), R14 - - // shift, tableSize := uint32(32-8), 1<<8 - MOVD $24, R5 - MOVD $256, R6 - MOVW $0xa7bd, R16 - MOVKW $(0x1e35<<16), R16 - -calcShift: - // for ; tableSize < maxTableSize && tableSize < len(src); tableSize *= 2 { - // shift-- - // } - MOVD $16384, R2 - CMP R2, R6 - BGE varTable - CMP R14, R6 - BGE varTable - SUB $1, R5, R5 - LSL $1, R6, R6 - B calcShift - -varTable: - // var table [maxTableSize]uint16 - // - // In the asm code, unlike the Go code, we can zero-initialize only the - // first tableSize elements. Each uint16 element is 2 bytes and each - // iterations writes 64 bytes, so we can do only tableSize/32 writes - // instead of the 2048 writes that would zero-initialize all of table's - // 32768 bytes. This clear could overrun the first tableSize elements, but - // it won't overrun the allocated stack size. - ADD $128, RSP, R17 - MOVD R17, R4 - - // !!! R6 = &src[tableSize] - ADD R6<<1, R17, R6 - -memclr: - STP.P (ZR, ZR), 64(R4) - STP (ZR, ZR), -48(R4) - STP (ZR, ZR), -32(R4) - STP (ZR, ZR), -16(R4) - CMP R4, R6 - BHI memclr - - // !!! R6 = &src[0] - MOVD R7, R6 - - // sLimit := len(src) - inputMargin - MOVD R14, R9 - SUB $15, R9, R9 - - // !!! Pre-emptively spill R5, R6 and R9 to the stack. Their values don't - // change for the rest of the function. - MOVD R5, 64(RSP) - MOVD R6, 72(RSP) - MOVD R9, 96(RSP) - - // nextEmit := 0 - MOVD R6, R10 - - // s := 1 - ADD $1, R7, R7 - - // nextHash := hash(load32(src, s), shift) - MOVW 0(R7), R11 - MULW R16, R11, R11 - LSRW R5, R11, R11 - -outer: - // for { etc } - - // skip := 32 - MOVD $32, R12 - - // nextS := s - MOVD R7, R13 - - // candidate := 0 - MOVD $0, R15 - -inner0: - // for { etc } - - // s := nextS - MOVD R13, R7 - - // bytesBetweenHashLookups := skip >> 5 - MOVD R12, R14 - LSR $5, R14, R14 - - // nextS = s + bytesBetweenHashLookups - ADD R14, R13, R13 - - // skip += bytesBetweenHashLookups - ADD R14, R12, R12 - - // if nextS > sLimit { goto emitRemainder } - MOVD R13, R3 - SUB R6, R3, R3 - CMP R9, R3 - BHI emitRemainder - - // candidate = int(table[nextHash]) - MOVHU 0(R17)(R11<<1), R15 - - // table[nextHash] = uint16(s) - MOVD R7, R3 - SUB R6, R3, R3 - - MOVH R3, 0(R17)(R11<<1) - - // nextHash = hash(load32(src, nextS), shift) - MOVW 0(R13), R11 - MULW R16, R11 - LSRW R5, R11, R11 - - // if load32(src, s) != load32(src, candidate) { continue } break - MOVW 0(R7), R3 - MOVW (R6)(R15*1), R4 - CMPW R4, R3 - BNE inner0 - -fourByteMatch: - // As per the encode_other.go code: - // - // A 4-byte match has been found. We'll later see etc. - - // !!! Jump to a fast path for short (<= 16 byte) literals. See the comment - // on inputMargin in encode.go. - MOVD R7, R3 - SUB R10, R3, R3 - CMP $16, R3 - BLE emitLiteralFastPath - - // ---------------------------------------- - // Begin inline of the emitLiteral call. - // - // d += emitLiteral(dst[d:], src[nextEmit:s]) - - MOVW R3, R4 - SUBW $1, R4, R4 - - MOVW $60, R2 - CMPW R2, R4 - BLT inlineEmitLiteralOneByte - MOVW $256, R2 - CMPW R2, R4 - BLT inlineEmitLiteralTwoBytes - -inlineEmitLiteralThreeBytes: - MOVD $0xf4, R1 - MOVB R1, 0(R8) - MOVW R4, 1(R8) - ADD $3, R8, R8 - B inlineEmitLiteralMemmove - -inlineEmitLiteralTwoBytes: - MOVD $0xf0, R1 - MOVB R1, 0(R8) - MOVB R4, 1(R8) - ADD $2, R8, R8 - B inlineEmitLiteralMemmove - -inlineEmitLiteralOneByte: - LSLW $2, R4, R4 - MOVB R4, 0(R8) - ADD $1, R8, R8 - -inlineEmitLiteralMemmove: - // Spill local variables (registers) onto the stack; call; unspill. - // - // copy(dst[i:], lit) - // - // This means calling runtime·memmove(&dst[i], &lit[0], len(lit)), so we push - // R8, R10 and R3 as arguments. - MOVD R8, 8(RSP) - MOVD R10, 16(RSP) - MOVD R3, 24(RSP) - - // Finish the "d +=" part of "d += emitLiteral(etc)". - ADD R3, R8, R8 - MOVD R7, 80(RSP) - MOVD R8, 88(RSP) - MOVD R15, 120(RSP) - CALL runtime·memmove(SB) - MOVD 64(RSP), R5 - MOVD 72(RSP), R6 - MOVD 80(RSP), R7 - MOVD 88(RSP), R8 - MOVD 96(RSP), R9 - MOVD 120(RSP), R15 - ADD $128, RSP, R17 - MOVW $0xa7bd, R16 - MOVKW $(0x1e35<<16), R16 - B inner1 - -inlineEmitLiteralEnd: - // End inline of the emitLiteral call. - // ---------------------------------------- - -emitLiteralFastPath: - // !!! Emit the 1-byte encoding "uint8(len(lit)-1)<<2". - MOVB R3, R4 - SUBW $1, R4, R4 - AND $0xff, R4, R4 - LSLW $2, R4, R4 - MOVB R4, (R8) - ADD $1, R8, R8 - - // !!! Implement the copy from lit to dst as a 16-byte load and store. - // (Encode's documentation says that dst and src must not overlap.) - // - // This always copies 16 bytes, instead of only len(lit) bytes, but that's - // OK. Subsequent iterations will fix up the overrun. - // - // Note that on arm64, it is legal and cheap to issue unaligned 8-byte or - // 16-byte loads and stores. This technique probably wouldn't be as - // effective on architectures that are fussier about alignment. - LDP 0(R10), (R0, R1) - STP (R0, R1), 0(R8) - ADD R3, R8, R8 - -inner1: - // for { etc } - - // base := s - MOVD R7, R12 - - // !!! offset := base - candidate - MOVD R12, R11 - SUB R15, R11, R11 - SUB R6, R11, R11 - - // ---------------------------------------- - // Begin inline of the extendMatch call. - // - // s = extendMatch(src, candidate+4, s+4) - - // !!! R14 = &src[len(src)] - MOVD src_len+32(FP), R14 - ADD R6, R14, R14 - - // !!! R13 = &src[len(src) - 8] - MOVD R14, R13 - SUB $8, R13, R13 - - // !!! R15 = &src[candidate + 4] - ADD $4, R15, R15 - ADD R6, R15, R15 - - // !!! s += 4 - ADD $4, R7, R7 - -inlineExtendMatchCmp8: - // As long as we are 8 or more bytes before the end of src, we can load and - // compare 8 bytes at a time. If those 8 bytes are equal, repeat. - CMP R13, R7 - BHI inlineExtendMatchCmp1 - MOVD (R15), R3 - MOVD (R7), R4 - CMP R4, R3 - BNE inlineExtendMatchBSF - ADD $8, R15, R15 - ADD $8, R7, R7 - B inlineExtendMatchCmp8 - -inlineExtendMatchBSF: - // If those 8 bytes were not equal, XOR the two 8 byte values, and return - // the index of the first byte that differs. - // RBIT reverses the bit order, then CLZ counts the leading zeros, the - // combination of which finds the least significant bit which is set. - // The arm64 architecture is little-endian, and the shift by 3 converts - // a bit index to a byte index. - EOR R3, R4, R4 - RBIT R4, R4 - CLZ R4, R4 - ADD R4>>3, R7, R7 - B inlineExtendMatchEnd - -inlineExtendMatchCmp1: - // In src's tail, compare 1 byte at a time. - CMP R7, R14 - BLS inlineExtendMatchEnd - MOVB (R15), R3 - MOVB (R7), R4 - CMP R4, R3 - BNE inlineExtendMatchEnd - ADD $1, R15, R15 - ADD $1, R7, R7 - B inlineExtendMatchCmp1 - -inlineExtendMatchEnd: - // End inline of the extendMatch call. - // ---------------------------------------- - - // ---------------------------------------- - // Begin inline of the emitCopy call. - // - // d += emitCopy(dst[d:], base-candidate, s-base) - - // !!! length := s - base - MOVD R7, R3 - SUB R12, R3, R3 - -inlineEmitCopyLoop0: - // for length >= 68 { etc } - MOVW $68, R2 - CMPW R2, R3 - BLT inlineEmitCopyStep1 - - // Emit a length 64 copy, encoded as 3 bytes. - MOVD $0xfe, R1 - MOVB R1, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - SUBW $64, R3, R3 - B inlineEmitCopyLoop0 - -inlineEmitCopyStep1: - // if length > 64 { etc } - MOVW $64, R2 - CMPW R2, R3 - BLE inlineEmitCopyStep2 - - // Emit a length 60 copy, encoded as 3 bytes. - MOVD $0xee, R1 - MOVB R1, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - SUBW $60, R3, R3 - -inlineEmitCopyStep2: - // if length >= 12 || offset >= 2048 { goto inlineEmitCopyStep3 } - MOVW $12, R2 - CMPW R2, R3 - BGE inlineEmitCopyStep3 - MOVW $2048, R2 - CMPW R2, R11 - BGE inlineEmitCopyStep3 - - // Emit the remaining copy, encoded as 2 bytes. - MOVB R11, 1(R8) - LSRW $8, R11, R11 - LSLW $5, R11, R11 - SUBW $4, R3, R3 - AND $0xff, R3, R3 - LSLW $2, R3, R3 - ORRW R3, R11, R11 - ORRW $1, R11, R11 - MOVB R11, 0(R8) - ADD $2, R8, R8 - B inlineEmitCopyEnd - -inlineEmitCopyStep3: - // Emit the remaining copy, encoded as 3 bytes. - SUBW $1, R3, R3 - LSLW $2, R3, R3 - ORRW $2, R3, R3 - MOVB R3, 0(R8) - MOVW R11, 1(R8) - ADD $3, R8, R8 - -inlineEmitCopyEnd: - // End inline of the emitCopy call. - // ---------------------------------------- - - // nextEmit = s - MOVD R7, R10 - - // if s >= sLimit { goto emitRemainder } - MOVD R7, R3 - SUB R6, R3, R3 - CMP R3, R9 - BLS emitRemainder - - // As per the encode_other.go code: - // - // We could immediately etc. - - // x := load64(src, s-1) - MOVD -1(R7), R14 - - // prevHash := hash(uint32(x>>0), shift) - MOVW R14, R11 - MULW R16, R11, R11 - LSRW R5, R11, R11 - - // table[prevHash] = uint16(s-1) - MOVD R7, R3 - SUB R6, R3, R3 - SUB $1, R3, R3 - - MOVHU R3, 0(R17)(R11<<1) - - // currHash := hash(uint32(x>>8), shift) - LSR $8, R14, R14 - MOVW R14, R11 - MULW R16, R11, R11 - LSRW R5, R11, R11 - - // candidate = int(table[currHash]) - MOVHU 0(R17)(R11<<1), R15 - - // table[currHash] = uint16(s) - ADD $1, R3, R3 - MOVHU R3, 0(R17)(R11<<1) - - // if uint32(x>>8) == load32(src, candidate) { continue } - MOVW (R6)(R15*1), R4 - CMPW R4, R14 - BEQ inner1 - - // nextHash = hash(uint32(x>>16), shift) - LSR $8, R14, R14 - MOVW R14, R11 - MULW R16, R11, R11 - LSRW R5, R11, R11 - - // s++ - ADD $1, R7, R7 - - // break out of the inner1 for loop, i.e. continue the outer loop. - B outer - -emitRemainder: - // if nextEmit < len(src) { etc } - MOVD src_len+32(FP), R3 - ADD R6, R3, R3 - CMP R3, R10 - BEQ encodeBlockEnd - - // d += emitLiteral(dst[d:], src[nextEmit:]) - // - // Push args. - MOVD R8, 8(RSP) - MOVD $0, 16(RSP) // Unnecessary, as the callee ignores it, but conservative. - MOVD $0, 24(RSP) // Unnecessary, as the callee ignores it, but conservative. - MOVD R10, 32(RSP) - SUB R10, R3, R3 - MOVD R3, 40(RSP) - MOVD R3, 48(RSP) // Unnecessary, as the callee ignores it, but conservative. - - // Spill local variables (registers) onto the stack; call; unspill. - MOVD R8, 88(RSP) - CALL ·emitLiteral(SB) - MOVD 88(RSP), R8 - - // Finish the "d +=" part of "d += emitLiteral(etc)". - MOVD 56(RSP), R1 - ADD R1, R8, R8 - -encodeBlockEnd: - MOVD dst_base+0(FP), R3 - SUB R3, R8, R8 - MOVD R8, d+48(FP) - RET diff --git a/vendor/github.com/golang/snappy/encode_asm.go b/vendor/github.com/golang/snappy/encode_asm.go deleted file mode 100644 index 107c1e714..000000000 --- a/vendor/github.com/golang/snappy/encode_asm.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2016 The Snappy-Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !appengine -// +build gc -// +build !noasm -// +build amd64 arm64 - -package snappy - -// emitLiteral has the same semantics as in encode_other.go. -// -//go:noescape -func emitLiteral(dst, lit []byte) int - -// emitCopy has the same semantics as in encode_other.go. -// -//go:noescape -func emitCopy(dst []byte, offset, length int) int - -// extendMatch has the same semantics as in encode_other.go. -// -//go:noescape -func extendMatch(src []byte, i, j int) int - -// encodeBlock has the same semantics as in encode_other.go. -// -//go:noescape -func encodeBlock(dst, src []byte) (d int) diff --git a/vendor/github.com/golang/snappy/go.mod b/vendor/github.com/golang/snappy/go.mod deleted file mode 100644 index f6406bb2c..000000000 --- a/vendor/github.com/golang/snappy/go.mod +++ /dev/null @@ -1 +0,0 @@ -module github.com/golang/snappy diff --git a/vendor/github.com/gorilla/handlers/.travis.yml b/vendor/github.com/gorilla/handlers/.travis.yml new file mode 100644 index 000000000..354b7f8b2 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/.travis.yml @@ -0,0 +1,8 @@ +language: go + +go: + - 1.1 + - 1.2 + - 1.3 + - 1.4 + - tip diff --git a/vendor/github.com/gorilla/handlers/LICENSE b/vendor/github.com/gorilla/handlers/LICENSE new file mode 100644 index 000000000..66ea3c8ae --- /dev/null +++ b/vendor/github.com/gorilla/handlers/LICENSE @@ -0,0 +1,22 @@ +Copyright (c) 2013 The Gorilla Handlers Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/gorilla/handlers/README.md b/vendor/github.com/gorilla/handlers/README.md new file mode 100644 index 000000000..a340abe08 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/README.md @@ -0,0 +1,52 @@ +gorilla/handlers +================ +[](https://godoc.org/github.com/gorilla/handlers) [](https://travis-ci.org/gorilla/handlers) + +Package handlers is a collection of handlers (aka "HTTP middleware") for use +with Go's `net/http` package (or any framework supporting `http.Handler`), including: + +* `LoggingHandler` for logging HTTP requests in the Apache [Common Log + Format](http://httpd.apache.org/docs/2.2/logs.html#common). +* `CombinedLoggingHandler` for logging HTTP requests in the Apache [Combined Log + Format](http://httpd.apache.org/docs/2.2/logs.html#combined) commonly used by + both Apache and nginx. +* `CompressHandler` for gzipping responses. +* `ContentTypeHandler` for validating requests against a list of accepted + content types. +* `MethodHandler` for matching HTTP methods against handlers in a + `map[string]http.Handler` +* `ProxyHeaders` for populating `r.RemoteAddr` and `r.URL.Scheme` based on the + `X-Forwarded-For`, `X-Real-IP`, `X-Forwarded-Proto` and RFC7239 `Forwarded` + headers when running a Go server behind a HTTP reverse proxy. +* `CanonicalHost` for re-directing to the preferred host when handling multiple + domains (i.e. multiple CNAME aliases). + +Other handlers are documented [on the Gorilla +website](http://www.gorillatoolkit.org/pkg/handlers). + +## Example + +A simple example using `handlers.LoggingHandler` and `handlers.CompressHandler`: + +```go +import ( + "net/http" + "github.com/gorilla/handlers" +) + +func main() { + r := http.NewServeMux() + + // Only log requests to our admin dashboard to stdout + r.Handle("/admin", handlers.LoggingHandler(os.Stdout, http.HandlerFunc(ShowAdminDashboard))) + r.HandleFunc("/", ShowIndex) + + // Wrap our server with our gzip handler to gzip compress all responses. + http.ListenAndServe(":8000", handlers.CompressHandler(r)) +} +``` + +## License + +BSD licensed. See the included LICENSE file for details. + diff --git a/vendor/github.com/gorilla/handlers/canonical.go b/vendor/github.com/gorilla/handlers/canonical.go new file mode 100644 index 000000000..3961695c4 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/canonical.go @@ -0,0 +1,71 @@ +package handlers + +import ( + "net/http" + "net/url" + "strings" +) + +type canonical struct { + h http.Handler + domain string + code int +} + +// CanonicalHost is HTTP middleware that re-directs requests to the canonical +// domain. It accepts a domain and a status code (e.g. 301 or 302) and +// re-directs clients to this domain. The existing request path is maintained. +// +// Note: If the provided domain is considered invalid by url.Parse or otherwise +// returns an empty scheme or host, clients are not re-directed. +// not re-directed. +// +// Example: +// +// r := mux.NewRouter() +// canonical := handlers.CanonicalHost("http://www.gorillatoolkit.org", 302) +// r.HandleFunc("/route", YourHandler) +// +// log.Fatal(http.ListenAndServe(":7000", canonical(r))) +// +func CanonicalHost(domain string, code int) func(h http.Handler) http.Handler { + fn := func(h http.Handler) http.Handler { + return canonical{h, domain, code} + } + + return fn +} + +func (c canonical) ServeHTTP(w http.ResponseWriter, r *http.Request) { + dest, err := url.Parse(c.domain) + if err != nil { + // Call the next handler if the provided domain fails to parse. + c.h.ServeHTTP(w, r) + return + } + + if dest.Scheme == "" || dest.Host == "" { + // Call the next handler if the scheme or host are empty. + // Note that url.Parse won't fail on in this case. + c.h.ServeHTTP(w, r) + return + } + + if !strings.EqualFold(cleanHost(r.Host), dest.Host) { + // Re-build the destination URL + dest := dest.Scheme + "://" + dest.Host + r.URL.Path + http.Redirect(w, r, dest, c.code) + } + + c.h.ServeHTTP(w, r) +} + +// cleanHost cleans invalid Host headers by stripping anything after '/' or ' '. +// This is backported from Go 1.5 (in response to issue #11206) and attempts to +// mitigate malformed Host headers that do not match the format in RFC7230. +func cleanHost(in string) string { + if i := strings.IndexAny(in, " /"); i != -1 { + return in[:i] + } + return in +} diff --git a/vendor/github.com/gorilla/handlers/compress.go b/vendor/github.com/gorilla/handlers/compress.go new file mode 100644 index 000000000..3d90e1914 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/compress.go @@ -0,0 +1,84 @@ +// Copyright 2013 The Gorilla Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package handlers + +import ( + "compress/flate" + "compress/gzip" + "io" + "net/http" + "strings" +) + +type compressResponseWriter struct { + io.Writer + http.ResponseWriter + http.Hijacker +} + +func (w *compressResponseWriter) Header() http.Header { + return w.ResponseWriter.Header() +} + +func (w *compressResponseWriter) Write(b []byte) (int, error) { + h := w.ResponseWriter.Header() + if h.Get("Content-Type") == "" { + h.Set("Content-Type", http.DetectContentType(b)) + } + + return w.Writer.Write(b) +} + +// CompressHandler gzip compresses HTTP responses for clients that support it +// via the 'Accept-Encoding' header. +func CompressHandler(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + L: + for _, enc := range strings.Split(r.Header.Get("Accept-Encoding"), ",") { + switch strings.TrimSpace(enc) { + case "gzip": + w.Header().Set("Content-Encoding", "gzip") + w.Header().Add("Vary", "Accept-Encoding") + + gw := gzip.NewWriter(w) + defer gw.Close() + + h, hok := w.(http.Hijacker) + if !hok { /* w is not Hijacker... oh well... */ + h = nil + } + + w = &compressResponseWriter{ + Writer: gw, + ResponseWriter: w, + Hijacker: h, + } + + break L + case "deflate": + w.Header().Set("Content-Encoding", "deflate") + w.Header().Add("Vary", "Accept-Encoding") + + fw, _ := flate.NewWriter(w, flate.DefaultCompression) + defer fw.Close() + + h, hok := w.(http.Hijacker) + if !hok { /* w is not Hijacker... oh well... */ + h = nil + } + + w = &compressResponseWriter{ + Writer: fw, + ResponseWriter: w, + Hijacker: h, + } + + break L + } + } + + h.ServeHTTP(w, r) + }) +} diff --git a/vendor/github.com/gorilla/handlers/doc.go b/vendor/github.com/gorilla/handlers/doc.go new file mode 100644 index 000000000..944e5a8ae --- /dev/null +++ b/vendor/github.com/gorilla/handlers/doc.go @@ -0,0 +1,9 @@ +/* +Package handlers is a collection of handlers (aka "HTTP middleware") for use +with Go's net/http package (or any framework supporting http.Handler). + +The package includes handlers for logging in standardised formats, compressing +HTTP responses, validating content types and other useful tools for manipulating +requests and responses. +*/ +package handlers diff --git a/vendor/github.com/gorilla/handlers/handlers.go b/vendor/github.com/gorilla/handlers/handlers.go new file mode 100644 index 000000000..c3c20e5b9 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/handlers.go @@ -0,0 +1,378 @@ +// Copyright 2013 The Gorilla Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package handlers + +import ( + "bufio" + "fmt" + "io" + "net" + "net/http" + "net/url" + "sort" + "strconv" + "strings" + "time" + "unicode/utf8" +) + +// MethodHandler is an http.Handler that dispatches to a handler whose key in the MethodHandler's +// map matches the name of the HTTP request's method, eg: GET +// +// If the request's method is OPTIONS and OPTIONS is not a key in the map then the handler +// responds with a status of 200 and sets the Allow header to a comma-separated list of +// available methods. +// +// If the request's method doesn't match any of its keys the handler responds with +// a status of 405, Method not allowed and sets the Allow header to a comma-separated list +// of available methods. +type MethodHandler map[string]http.Handler + +func (h MethodHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { + if handler, ok := h[req.Method]; ok { + handler.ServeHTTP(w, req) + } else { + allow := []string{} + for k := range h { + allow = append(allow, k) + } + sort.Strings(allow) + w.Header().Set("Allow", strings.Join(allow, ", ")) + if req.Method == "OPTIONS" { + w.WriteHeader(http.StatusOK) + } else { + http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) + } + } +} + +// loggingHandler is the http.Handler implementation for LoggingHandlerTo and its friends +type loggingHandler struct { + writer io.Writer + handler http.Handler +} + +// combinedLoggingHandler is the http.Handler implementation for LoggingHandlerTo and its friends +type combinedLoggingHandler struct { + writer io.Writer + handler http.Handler +} + +func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { + t := time.Now() + logger := makeLogger(w) + url := *req.URL + h.handler.ServeHTTP(logger, req) + writeLog(h.writer, req, url, t, logger.Status(), logger.Size()) +} + +func (h combinedLoggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { + t := time.Now() + logger := makeLogger(w) + url := *req.URL + h.handler.ServeHTTP(logger, req) + writeCombinedLog(h.writer, req, url, t, logger.Status(), logger.Size()) +} + +func makeLogger(w http.ResponseWriter) loggingResponseWriter { + var logger loggingResponseWriter = &responseLogger{w: w} + if _, ok := w.(http.Hijacker); ok { + logger = &hijackLogger{responseLogger{w: w}} + } + h, ok1 := logger.(http.Hijacker) + c, ok2 := w.(http.CloseNotifier) + if ok1 && ok2 { + return hijackCloseNotifier{logger, h, c} + } + if ok2 { + return &closeNotifyWriter{logger, c} + } + return logger +} + +type loggingResponseWriter interface { + http.ResponseWriter + http.Flusher + Status() int + Size() int +} + +// responseLogger is wrapper of http.ResponseWriter that keeps track of its HTTP status +// code and body size +type responseLogger struct { + w http.ResponseWriter + status int + size int +} + +func (l *responseLogger) Header() http.Header { + return l.w.Header() +} + +func (l *responseLogger) Write(b []byte) (int, error) { + if l.status == 0 { + // The status will be StatusOK if WriteHeader has not been called yet + l.status = http.StatusOK + } + size, err := l.w.Write(b) + l.size += size + return size, err +} + +func (l *responseLogger) WriteHeader(s int) { + l.w.WriteHeader(s) + l.status = s +} + +func (l *responseLogger) Status() int { + return l.status +} + +func (l *responseLogger) Size() int { + return l.size +} + +func (l *responseLogger) Flush() { + f, ok := l.w.(http.Flusher) + if ok { + f.Flush() + } +} + +type hijackLogger struct { + responseLogger +} + +func (l *hijackLogger) Hijack() (net.Conn, *bufio.ReadWriter, error) { + h := l.responseLogger.w.(http.Hijacker) + conn, rw, err := h.Hijack() + if err == nil && l.responseLogger.status == 0 { + // The status will be StatusSwitchingProtocols if there was no error and WriteHeader has not been called yet + l.responseLogger.status = http.StatusSwitchingProtocols + } + return conn, rw, err +} + +type closeNotifyWriter struct { + loggingResponseWriter + http.CloseNotifier +} + +type hijackCloseNotifier struct { + loggingResponseWriter + http.Hijacker + http.CloseNotifier +} + +const lowerhex = "0123456789abcdef" + +func appendQuoted(buf []byte, s string) []byte { + var runeTmp [utf8.UTFMax]byte + for width := 0; len(s) > 0; s = s[width:] { + r := rune(s[0]) + width = 1 + if r >= utf8.RuneSelf { + r, width = utf8.DecodeRuneInString(s) + } + if width == 1 && r == utf8.RuneError { + buf = append(buf, `\x`...) + buf = append(buf, lowerhex[s[0]>>4]) + buf = append(buf, lowerhex[s[0]&0xF]) + continue + } + if r == rune('"') || r == '\\' { // always backslashed + buf = append(buf, '\\') + buf = append(buf, byte(r)) + continue + } + if strconv.IsPrint(r) { + n := utf8.EncodeRune(runeTmp[:], r) + buf = append(buf, runeTmp[:n]...) + continue + } + switch r { + case '\a': + buf = append(buf, `\a`...) + case '\b': + buf = append(buf, `\b`...) + case '\f': + buf = append(buf, `\f`...) + case '\n': + buf = append(buf, `\n`...) + case '\r': + buf = append(buf, `\r`...) + case '\t': + buf = append(buf, `\t`...) + case '\v': + buf = append(buf, `\v`...) + default: + switch { + case r < ' ': + buf = append(buf, `\x`...) + buf = append(buf, lowerhex[s[0]>>4]) + buf = append(buf, lowerhex[s[0]&0xF]) + case r > utf8.MaxRune: + r = 0xFFFD + fallthrough + case r < 0x10000: + buf = append(buf, `\u`...) + for s := 12; s >= 0; s -= 4 { + buf = append(buf, lowerhex[r>>uint(s)&0xF]) + } + default: + buf = append(buf, `\U`...) + for s := 28; s >= 0; s -= 4 { + buf = append(buf, lowerhex[r>>uint(s)&0xF]) + } + } + } + } + return buf + +} + +// buildCommonLogLine builds a log entry for req in Apache Common Log Format. +// ts is the timestamp with which the entry should be logged. +// status and size are used to provide the response HTTP status and size. +func buildCommonLogLine(req *http.Request, url url.URL, ts time.Time, status int, size int) []byte { + username := "-" + if url.User != nil { + if name := url.User.Username(); name != "" { + username = name + } + } + + host, _, err := net.SplitHostPort(req.RemoteAddr) + + if err != nil { + host = req.RemoteAddr + } + + uri := url.RequestURI() + + buf := make([]byte, 0, 3*(len(host)+len(username)+len(req.Method)+len(uri)+len(req.Proto)+50)/2) + buf = append(buf, host...) + buf = append(buf, " - "...) + buf = append(buf, username...) + buf = append(buf, " ["...) + buf = append(buf, ts.Format("02/Jan/2006:15:04:05 -0700")...) + buf = append(buf, `] "`...) + buf = append(buf, req.Method...) + buf = append(buf, " "...) + buf = appendQuoted(buf, uri) + buf = append(buf, " "...) + buf = append(buf, req.Proto...) + buf = append(buf, `" `...) + buf = append(buf, strconv.Itoa(status)...) + buf = append(buf, " "...) + buf = append(buf, strconv.Itoa(size)...) + return buf +} + +// writeLog writes a log entry for req to w in Apache Common Log Format. +// ts is the timestamp with which the entry should be logged. +// status and size are used to provide the response HTTP status and size. +func writeLog(w io.Writer, req *http.Request, url url.URL, ts time.Time, status, size int) { + buf := buildCommonLogLine(req, url, ts, status, size) + buf = append(buf, '\n') + w.Write(buf) +} + +// writeCombinedLog writes a log entry for req to w in Apache Combined Log Format. +// ts is the timestamp with which the entry should be logged. +// status and size are used to provide the response HTTP status and size. +func writeCombinedLog(w io.Writer, req *http.Request, url url.URL, ts time.Time, status, size int) { + buf := buildCommonLogLine(req, url, ts, status, size) + buf = append(buf, ` "`...) + buf = appendQuoted(buf, req.Referer()) + buf = append(buf, `" "`...) + buf = appendQuoted(buf, req.UserAgent()) + buf = append(buf, '"', '\n') + w.Write(buf) +} + +// CombinedLoggingHandler return a http.Handler that wraps h and logs requests to out in +// Apache Combined Log Format. +// +// See http://httpd.apache.org/docs/2.2/logs.html#combined for a description of this format. +// +// LoggingHandler always sets the ident field of the log to - +func CombinedLoggingHandler(out io.Writer, h http.Handler) http.Handler { + return combinedLoggingHandler{out, h} +} + +// LoggingHandler return a http.Handler that wraps h and logs requests to out in +// Apache Common Log Format (CLF). +// +// See http://httpd.apache.org/docs/2.2/logs.html#common for a description of this format. +// +// LoggingHandler always sets the ident field of the log to - +func LoggingHandler(out io.Writer, h http.Handler) http.Handler { + return loggingHandler{out, h} +} + +// isContentType validates the Content-Type header +// is contentType. That is, its type and subtype match. +func isContentType(h http.Header, contentType string) bool { + ct := h.Get("Content-Type") + if i := strings.IndexRune(ct, ';'); i != -1 { + ct = ct[0:i] + } + return ct == contentType +} + +// ContentTypeHandler wraps and returns a http.Handler, validating the request content type +// is acompatible with the contentTypes list. +// It writes a HTTP 415 error if that fails. +// +// Only PUT, POST, and PATCH requests are considered. +func ContentTypeHandler(h http.Handler, contentTypes ...string) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if !(r.Method == "PUT" || r.Method == "POST" || r.Method == "PATCH") { + h.ServeHTTP(w, r) + return + } + + for _, ct := range contentTypes { + if isContentType(r.Header, ct) { + h.ServeHTTP(w, r) + return + } + } + http.Error(w, fmt.Sprintf("Unsupported content type %q; expected one of %q", r.Header.Get("Content-Type"), contentTypes), http.StatusUnsupportedMediaType) + }) +} + +const ( + // HTTPMethodOverrideHeader is a commonly used + // http header to override a request method. + HTTPMethodOverrideHeader = "X-HTTP-Method-Override" + // HTTPMethodOverrideFormKey is a commonly used + // HTML form key to override a request method. + HTTPMethodOverrideFormKey = "_method" +) + +// HTTPMethodOverrideHandler wraps and returns a http.Handler which checks for the X-HTTP-Method-Override header +// or the _method form key, and overrides (if valid) request.Method with its value. +// +// This is especially useful for http clients that don't support many http verbs. +// It isn't secure to override e.g a GET to a POST, so only POST requests are considered. +// Likewise, the override method can only be a "write" method: PUT, PATCH or DELETE. +// +// Form method takes precedence over header method. +func HTTPMethodOverrideHandler(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method == "POST" { + om := r.FormValue(HTTPMethodOverrideFormKey) + if om == "" { + om = r.Header.Get(HTTPMethodOverrideHeader) + } + if om == "PUT" || om == "PATCH" || om == "DELETE" { + r.Method = om + } + } + h.ServeHTTP(w, r) + }) +} diff --git a/vendor/github.com/gorilla/handlers/proxy_headers.go b/vendor/github.com/gorilla/handlers/proxy_headers.go new file mode 100644 index 000000000..268de9c6a --- /dev/null +++ b/vendor/github.com/gorilla/handlers/proxy_headers.go @@ -0,0 +1,113 @@ +package handlers + +import ( + "net/http" + "regexp" + "strings" +) + +var ( + // De-facto standard header keys. + xForwardedFor = http.CanonicalHeaderKey("X-Forwarded-For") + xRealIP = http.CanonicalHeaderKey("X-Real-IP") + xForwardedProto = http.CanonicalHeaderKey("X-Forwarded-Scheme") +) + +var ( + // RFC7239 defines a new "Forwarded: " header designed to replace the + // existing use of X-Forwarded-* headers. + // e.g. Forwarded: for=192.0.2.60;proto=https;by=203.0.113.43 + forwarded = http.CanonicalHeaderKey("Forwarded") + // Allows for a sub-match of the first value after 'for=' to the next + // comma, semi-colon or space. The match is case-insensitive. + forRegex = regexp.MustCompile(`(?i)(?:for=)([^(;|,| )]+)`) + // Allows for a sub-match for the first instance of scheme (http|https) + // prefixed by 'proto='. The match is case-insensitive. + protoRegex = regexp.MustCompile(`(?i)(?:proto=)(https|http)`) +) + +// ProxyHeaders inspects common reverse proxy headers and sets the corresponding +// fields in the HTTP request struct. These are X-Forwarded-For and X-Real-IP +// for the remote (client) IP address, X-Forwarded-Proto for the scheme +// (http|https) and the RFC7239 Forwarded header, which may include both client +// IPs and schemes. +// +// NOTE: This middleware should only be used when behind a reverse +// proxy like nginx, HAProxy or Apache. Reverse proxies that don't (or are +// configured not to) strip these headers from client requests, or where these +// headers are accepted "as is" from a remote client (e.g. when Go is not behind +// a proxy), can manifest as a vulnerability if your application uses these +// headers for validating the 'trustworthiness' of a request. +func ProxyHeaders(h http.Handler) http.Handler { + fn := func(w http.ResponseWriter, r *http.Request) { + // Set the remote IP with the value passed from the proxy. + if fwd := getIP(r); fwd != "" { + r.RemoteAddr = fwd + } + + // Set the scheme (proto) with the value passed from the proxy. + if scheme := getScheme(r); scheme != "" { + r.URL.Scheme = scheme + } + + // Call the next handler in the chain. + h.ServeHTTP(w, r) + } + + return http.HandlerFunc(fn) +} + +// getIP retrieves the IP from the X-Forwarded-For, X-Real-IP and RFC7239 +// Forwarded headers (in that order). +func getIP(r *http.Request) string { + var addr string + + if fwd := r.Header.Get(xForwardedFor); fwd != "" { + // Only grab the first (client) address. Note that '192.168.0.1, + // 10.1.1.1' is a valid key for X-Forwarded-For where addresses after + // the first may represent forwarding proxies earlier in the chain. + s := strings.Index(fwd, ", ") + if s == -1 { + s = len(fwd) + } + addr = fwd[:s] + } else if fwd := r.Header.Get(xRealIP); fwd != "" { + // X-Real-IP should only contain one IP address (the client making the + // request). + addr = fwd + } else if fwd := r.Header.Get(forwarded); fwd != "" { + // match should contain at least two elements if the protocol was + // specified in the Forwarded header. The first element will always be + // the 'for=' capture, which we ignore. In the case of multiple IP + // addresses (for=8.8.8.8, 8.8.4.4,172.16.1.20 is valid) we only + // extract the first, which should be the client IP. + if match := forRegex.FindStringSubmatch(fwd); len(match) > 1 { + // IPv6 addresses in Forwarded headers are quoted-strings. We strip + // these quotes. + addr = strings.Trim(match[1], `"`) + } + } + + return addr +} + +// getScheme retrieves the scheme from the X-Forwarded-Proto and RFC7239 +// Forwarded headers (in that order). +func getScheme(r *http.Request) string { + var scheme string + + // Retrieve the scheme from X-Forwarded-Proto. + if proto := r.Header.Get(xForwardedProto); proto != "" { + scheme = strings.ToLower(proto) + } else if proto := r.Header.Get(forwarded); proto != "" { + // match should contain at least two elements if the protocol was + // specified in the Forwarded header. The first element will always be + // the 'proto=' capture, which we ignore. In the case of multiple proto + // parameters (invalid) we only extract the first. + if match := protoRegex.FindStringSubmatch(proto); len(match) > 1 { + scheme = strings.ToLower(match[1]) + } + } + + return scheme +} diff --git a/vendor/github.com/klauspost/compress/LICENSE b/vendor/github.com/klauspost/compress/LICENSE index 1eb75ef68..6cd1e9627 100644 --- a/vendor/github.com/klauspost/compress/LICENSE +++ b/vendor/github.com/klauspost/compress/LICENSE @@ -26,3 +26,267 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +------------------ + +Files: gzhttp/* + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2016-2017 The New York Times Company + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +------------------ + +Files: s2/cmd/internal/readahead/* + +The MIT License (MIT) + +Copyright (c) 2015 Klaus Post + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +--------------------- +Files: snappy/* +Files: internal/snapref/* + +Copyright (c) 2011 The Snappy-Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md index d6a26466c..235dc7cc6 100644 --- a/vendor/github.com/klauspost/compress/README.md +++ b/vendor/github.com/klauspost/compress/README.md @@ -17,6 +17,10 @@ This package provides various compression algorithms. # changelog
+* Aug 12, 2021 (v1.13.4)
+ * Add [snappy replacement package](https://github.com/klauspost/compress/tree/master/snappy).
+ * zstd: Fix incorrect encoding in "best" mode [#415](https://github.com/klauspost/compress/pull/415)
+
* Aug 3, 2021 (v1.13.3)
* zstd: Improve Best compression [#404](https://github.com/klauspost/compress/pull/404)
diff --git a/vendor/github.com/klauspost/compress/flate/inflate.go b/vendor/github.com/klauspost/compress/flate/inflate.go index 16bc51408..d1edb356c 100644 --- a/vendor/github.com/klauspost/compress/flate/inflate.go +++ b/vendor/github.com/klauspost/compress/flate/inflate.go @@ -9,10 +9,10 @@ package flate import ( "bufio" + "compress/flate" "fmt" "io" "math/bits" - "strconv" "sync" ) @@ -41,11 +41,7 @@ var fixedOnce sync.Once var fixedHuffmanDecoder huffmanDecoder // A CorruptInputError reports the presence of corrupt input at a given offset. -type CorruptInputError int64 - -func (e CorruptInputError) Error() string { - return "flate: corrupt input before offset " + strconv.FormatInt(int64(e), 10) -} +type CorruptInputError = flate.CorruptInputError // An InternalError reports an error in the flate code itself. type InternalError string @@ -55,26 +51,12 @@ func (e InternalError) Error() string { return "flate: internal error: " + strin // A ReadError reports an error encountered while reading input. // // Deprecated: No longer returned. -type ReadError struct { - Offset int64 // byte offset where error occurred - Err error // error returned by underlying Read -} - -func (e *ReadError) Error() string { - return "flate: read error at offset " + strconv.FormatInt(e.Offset, 10) + ": " + e.Err.Error() -} +type ReadError = flate.ReadError // A WriteError reports an error encountered while writing output. // // Deprecated: No longer returned. -type WriteError struct { - Offset int64 // byte offset where error occurred - Err error // error returned by underlying Write -} - -func (e *WriteError) Error() string { - return "flate: write error at offset " + strconv.FormatInt(e.Offset, 10) + ": " + e.Err.Error() -} +type WriteError = flate.WriteError // Resetter resets a ReadCloser returned by NewReader or NewReaderDict to // to switch to a new underlying Reader. This permits reusing a ReadCloser diff --git a/vendor/github.com/klauspost/compress/flate/regmask_other.go b/vendor/github.com/klauspost/compress/flate/regmask_other.go index f477a5d6e..1b7a2cbd7 100644 --- a/vendor/github.com/klauspost/compress/flate/regmask_other.go +++ b/vendor/github.com/klauspost/compress/flate/regmask_other.go @@ -1,4 +1,5 @@ -//+build !amd64 +//go:build !amd64 +// +build !amd64 package flate diff --git a/vendor/github.com/klauspost/compress/go.mod b/vendor/github.com/klauspost/compress/go.mod index 2a4f0a41f..5aa64a436 100644 --- a/vendor/github.com/klauspost/compress/go.mod +++ b/vendor/github.com/klauspost/compress/go.mod @@ -1,5 +1,3 @@ module github.com/klauspost/compress -go 1.13 - -require github.com/golang/snappy v0.0.3 // indirect +go 1.15 diff --git a/vendor/github.com/klauspost/compress/go.sum b/vendor/github.com/klauspost/compress/go.sum index 73204cafa..e69de29bb 100644 --- a/vendor/github.com/klauspost/compress/go.sum +++ b/vendor/github.com/klauspost/compress/go.sum @@ -1,2 +0,0 @@ -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= diff --git a/vendor/github.com/golang/snappy/LICENSE b/vendor/github.com/klauspost/compress/internal/snapref/LICENSE index 6050c10f4..6050c10f4 100644 --- a/vendor/github.com/golang/snappy/LICENSE +++ b/vendor/github.com/klauspost/compress/internal/snapref/LICENSE diff --git a/vendor/github.com/golang/snappy/decode.go b/vendor/github.com/klauspost/compress/internal/snapref/decode.go index f1e04b172..40796a49d 100644 --- a/vendor/github.com/golang/snappy/decode.go +++ b/vendor/github.com/klauspost/compress/internal/snapref/decode.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package snappy +package snapref import ( "encoding/binary" @@ -118,32 +118,23 @@ func (r *Reader) readFull(p []byte, allowEOF bool) (ok bool) { return true } -// Read satisfies the io.Reader interface. -func (r *Reader) Read(p []byte) (int, error) { - if r.err != nil { - return 0, r.err - } - for { - if r.i < r.j { - n := copy(p, r.decoded[r.i:r.j]) - r.i += n - return n, nil - } +func (r *Reader) fill() error { + for r.i >= r.j { if !r.readFull(r.buf[:4], true) { - return 0, r.err + return r.err } chunkType := r.buf[0] if !r.readHeader { if chunkType != chunkTypeStreamIdentifier { r.err = ErrCorrupt - return 0, r.err + return r.err } r.readHeader = true } chunkLen := int(r.buf[1]) | int(r.buf[2])<<8 | int(r.buf[3])<<16 if chunkLen > len(r.buf) { r.err = ErrUnsupported - return 0, r.err + return r.err } // The chunk types are specified at @@ -153,11 +144,11 @@ func (r *Reader) Read(p []byte) (int, error) { // Section 4.2. Compressed data (chunk type 0x00). if chunkLen < checksumSize { r.err = ErrCorrupt - return 0, r.err + return r.err } buf := r.buf[:chunkLen] if !r.readFull(buf, false) { - return 0, r.err + return r.err } checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24 buf = buf[checksumSize:] @@ -165,19 +156,19 @@ func (r *Reader) Read(p []byte) (int, error) { n, err := DecodedLen(buf) if err != nil { r.err = err - return 0, r.err + return r.err } if n > len(r.decoded) { r.err = ErrCorrupt - return 0, r.err + return r.err } if _, err := Decode(r.decoded, buf); err != nil { r.err = err - return 0, r.err + return r.err } if crc(r.decoded[:n]) != checksum { r.err = ErrCorrupt - return 0, r.err + return r.err } r.i, r.j = 0, n continue @@ -186,25 +177,25 @@ func (r *Reader) Read(p []byte) (int, error) { // Section 4.3. Uncompressed data (chunk type 0x01). if chunkLen < checksumSize { r.err = ErrCorrupt - return 0, r.err + return r.err } buf := r.buf[:checksumSize] if !r.readFull(buf, false) { - return 0, r.err + return r.err } checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24 // Read directly into r.decoded instead of via r.buf. n := chunkLen - checksumSize if n > len(r.decoded) { r.err = ErrCorrupt - return 0, r.err + return r.err } if !r.readFull(r.decoded[:n], false) { - return 0, r.err + return r.err } if crc(r.decoded[:n]) != checksum { r.err = ErrCorrupt - return 0, r.err + return r.err } r.i, r.j = 0, n continue @@ -213,15 +204,15 @@ func (r *Reader) Read(p []byte) (int, error) { // Section 4.1. Stream identifier (chunk type 0xff). if chunkLen != len(magicBody) { r.err = ErrCorrupt - return 0, r.err + return r.err } if !r.readFull(r.buf[:len(magicBody)], false) { - return 0, r.err + return r.err } for i := 0; i < len(magicBody); i++ { if r.buf[i] != magicBody[i] { r.err = ErrCorrupt - return 0, r.err + return r.err } } continue @@ -230,12 +221,44 @@ func (r *Reader) Read(p []byte) (int, error) { if chunkType <= 0x7f { // Section 4.5. Reserved unskippable chunks (chunk types 0x02-0x7f). r.err = ErrUnsupported - return 0, r.err + return r.err } // Section 4.4 Padding (chunk type 0xfe). // Section 4.6. Reserved skippable chunks (chunk types 0x80-0xfd). if !r.readFull(r.buf[:chunkLen], false) { - return 0, r.err + return r.err } } + + return nil +} + +// Read satisfies the io.Reader interface. +func (r *Reader) Read(p []byte) (int, error) { + if r.err != nil { + return 0, r.err + } + + if err := r.fill(); err != nil { + return 0, err + } + + n := copy(p, r.decoded[r.i:r.j]) + r.i += n + return n, nil +} + +// ReadByte satisfies the io.ByteReader interface. +func (r *Reader) ReadByte() (byte, error) { + if r.err != nil { + return 0, r.err + } + + if err := r.fill(); err != nil { + return 0, err + } + + c := r.decoded[r.i] + r.i++ + return c, nil } diff --git a/vendor/github.com/golang/snappy/decode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go index 2f672be55..77395a6b8 100644 --- a/vendor/github.com/golang/snappy/decode_other.go +++ b/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go @@ -2,9 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !amd64,!arm64 appengine !gc noasm - -package snappy +package snapref // decode writes the decoding of src to dst. It assumes that the varint-encoded // length of the decompressed bytes has already been read, and that len(dst) diff --git a/vendor/github.com/golang/snappy/encode.go b/vendor/github.com/klauspost/compress/internal/snapref/encode.go index 7f2365707..13c6040a5 100644 --- a/vendor/github.com/golang/snappy/encode.go +++ b/vendor/github.com/klauspost/compress/internal/snapref/encode.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package snappy +package snapref import ( "encoding/binary" diff --git a/vendor/github.com/golang/snappy/encode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go index 296d7f0be..511bba65d 100644 --- a/vendor/github.com/golang/snappy/encode_other.go +++ b/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go @@ -2,9 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !amd64,!arm64 appengine !gc noasm - -package snappy +package snapref func load32(b []byte, i int) uint32 { b = b[i : i+4 : len(b)] // Help the compiler eliminate bounds checks on the next line. diff --git a/vendor/github.com/golang/snappy/snappy.go b/vendor/github.com/klauspost/compress/internal/snapref/snappy.go index ece692ea4..34d01f4aa 100644 --- a/vendor/github.com/golang/snappy/snappy.go +++ b/vendor/github.com/klauspost/compress/internal/snapref/snappy.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// Package snappy implements the Snappy compression format. It aims for very +// Package snapref implements the Snappy compression format. It aims for very // high speeds and reasonable compression. // // There are actually two Snappy formats: block and stream. They are related, @@ -17,7 +17,7 @@ // // The canonical, C++ implementation is at https://github.com/google/snappy and // it only implements the block format. -package snappy // import "github.com/golang/snappy" +package snapref import ( "hash/crc32" diff --git a/vendor/github.com/klauspost/compress/s2sx.mod b/vendor/github.com/klauspost/compress/s2sx.mod index a9faf7a02..2263853fc 100644 --- a/vendor/github.com/klauspost/compress/s2sx.mod +++ b/vendor/github.com/klauspost/compress/s2sx.mod @@ -2,4 +2,3 @@ module github.com/klauspost/compress go 1.16 -require github.com/golang/snappy v0.0.3 // indirect diff --git a/vendor/github.com/klauspost/compress/s2sx.sum b/vendor/github.com/klauspost/compress/s2sx.sum index 73204cafa..e69de29bb 100644 --- a/vendor/github.com/klauspost/compress/s2sx.sum +++ b/vendor/github.com/klauspost/compress/s2sx.sum @@ -1,2 +0,0 @@ -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go index 35318d7c4..3ddbd5c0b 100644 --- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go @@ -1,6 +1,5 @@ -// +build !appengine -// +build gc -// +build !purego +//go:build !appengine && gc && !purego +// +build !appengine,gc,!purego package xxhash diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go index 4a5a82160..1f52f296e 100644 --- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go @@ -1,3 +1,4 @@ +//go:build !amd64 || appengine || !gc || purego // +build !amd64 appengine !gc purego package xxhash diff --git a/vendor/github.com/klauspost/compress/zstd/snappy.go b/vendor/github.com/klauspost/compress/zstd/snappy.go index 0372b1714..9e1baad73 100644 --- a/vendor/github.com/klauspost/compress/zstd/snappy.go +++ b/vendor/github.com/klauspost/compress/zstd/snappy.go @@ -10,8 +10,8 @@ import ( "hash/crc32" "io" - "github.com/golang/snappy" "github.com/klauspost/compress/huff0" + snappy "github.com/klauspost/compress/internal/snapref" ) const ( diff --git a/vendor/github.com/klauspost/compress/zstd/zip.go b/vendor/github.com/klauspost/compress/zstd/zip.go index 9325b928a..967f29b31 100644 --- a/vendor/github.com/klauspost/compress/zstd/zip.go +++ b/vendor/github.com/klauspost/compress/zstd/zip.go @@ -64,8 +64,9 @@ func (r *pooledZipReader) Close() error { } type pooledZipWriter struct { - mu sync.Mutex // guards Close and Read - enc *Encoder + mu sync.Mutex // guards Close and Read + enc *Encoder + pool *sync.Pool } func (w *pooledZipWriter) Write(p []byte) (n int, err error) { @@ -83,7 +84,7 @@ func (w *pooledZipWriter) Close() error { var err error if w.enc != nil { err = w.enc.Close() - zipReaderPool.Put(w.enc) + w.pool.Put(w.enc) w.enc = nil } return err @@ -104,7 +105,7 @@ func ZipCompressor(opts ...EOption) func(w io.Writer) (io.WriteCloser, error) { return nil, err } } - return &pooledZipWriter{enc: enc}, nil + return &pooledZipWriter{enc: enc, pool: &pool}, nil } } diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go index 9ffd77afa..0eedcaa78 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go @@ -38,6 +38,8 @@ var ( // CategoryRange allows the upper bound on the category range to be adjusted CategoryRange = DefaultCategoryRange + + privContainerMountLabel string ) // Context is a representation of the SELinux label broken into 4 parts @@ -280,5 +282,7 @@ func GetDefaultContextWithLevel(user, level, scon string) (string, error) { // PrivContainerMountLabel returns mount label for privileged containers func PrivContainerMountLabel() string { + // Make sure label is initialized. + _ = label("") return privContainerMountLabel } diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go index a804473e4..295b2bc4e 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go @@ -12,7 +12,6 @@ import ( "os" "path" "path/filepath" - "regexp" "strconv" "strings" "sync" @@ -34,8 +33,6 @@ const ( xattrNameSelinux = "security.selinux" ) -var policyRoot = filepath.Join(selinuxDir, readConfig(selinuxTypeTag)) - type selinuxState struct { enabledSet bool enabled bool @@ -70,7 +67,6 @@ const ( ) var ( - assignRegex = regexp.MustCompile(`^([^=]+)=(.*)$`) readOnlyFileLabel string state = selinuxState{ mcsList: make(map[string]bool), @@ -79,8 +75,24 @@ var ( // for attrPath() attrPathOnce sync.Once haveThreadSelf bool + + // for policyRoot() + policyRootOnce sync.Once + policyRootVal string + + // for label() + loadLabelsOnce sync.Once + labels map[string]string ) +func policyRoot() string { + policyRootOnce.Do(func() { + policyRootVal = filepath.Join(selinuxDir, readConfig(selinuxTypeTag)) + }) + + return policyRootVal +} + func (s *selinuxState) setEnable(enabled bool) bool { s.Lock() defer s.Unlock() @@ -222,7 +234,7 @@ func readConfig(target string) string { scanner := bufio.NewScanner(in) for scanner.Scan() { - line := strings.TrimSpace(scanner.Text()) + line := bytes.TrimSpace(scanner.Bytes()) if len(line) == 0 { // Skip blank lines continue @@ -231,11 +243,12 @@ func readConfig(target string) string { // Skip comments continue } - if groups := assignRegex.FindStringSubmatch(line); groups != nil { - key, val := strings.TrimSpace(groups[1]), strings.TrimSpace(groups[2]) - if key == target { - return strings.Trim(val, "\"") - } + fields := bytes.SplitN(line, []byte{'='}, 2) + if len(fields) != 2 { + continue + } + if bytes.Equal(fields[0], []byte(target)) { + return string(bytes.Trim(fields[1], `"`)) } } return "" @@ -274,12 +287,15 @@ func readCon(fpath string) (string, error) { if err := isProcHandle(in); err != nil { return "", err } + return readConFd(in) +} - var retval string - if _, err := fmt.Fscanf(in, "%s", &retval); err != nil { +func readConFd(in *os.File) (string, error) { + data, err := ioutil.ReadAll(in) + if err != nil { return "", err } - return strings.Trim(retval, "\x00"), nil + return string(bytes.TrimSuffix(data, []byte{0})), nil } // classIndex returns the int index for an object class in the loaded policy, @@ -389,7 +405,7 @@ func writeCon(fpath, val string) error { _, err = out.Write(nil) } if err != nil { - return &os.PathError{Op: "write", Path: fpath, Err: err} + return err } return nil } @@ -664,11 +680,7 @@ func readWriteCon(fpath string, val string) (string, error) { return "", err } - var retval string - if _, err := fmt.Fscanf(f, "%s", &retval); err != nil { - return "", err - } - return strings.Trim(retval, "\x00"), nil + return readConFd(f) } // setExecLabel sets the SELinux label that the kernel will use for any programs @@ -723,10 +735,10 @@ func keyLabel() (string, error) { // get returns the Context as a string func (c Context) get() string { - if c["level"] != "" { - return fmt.Sprintf("%s:%s:%s:%s", c["user"], c["role"], c["type"], c["level"]) + if level := c["level"]; level != "" { + return c["user"] + ":" + c["role"] + ":" + c["type"] + ":" + level } - return fmt.Sprintf("%s:%s:%s", c["user"], c["role"], c["type"]) + return c["user"] + ":" + c["role"] + ":" + c["type"] } // newContext creates a new Context struct from the specified label @@ -891,24 +903,21 @@ func openContextFile() (*os.File, error) { if f, err := os.Open(contextFile); err == nil { return f, nil } - lxcPath := filepath.Join(policyRoot, "/contexts/lxc_contexts") - return os.Open(lxcPath) + return os.Open(filepath.Join(policyRoot(), "/contexts/lxc_contexts")) } -var labels, privContainerMountLabel = loadLabels() - -func loadLabels() (map[string]string, string) { - labels := make(map[string]string) +func loadLabels() { + labels = make(map[string]string) in, err := openContextFile() if err != nil { - return labels, "" + return } defer in.Close() scanner := bufio.NewScanner(in) for scanner.Scan() { - line := strings.TrimSpace(scanner.Text()) + line := bytes.TrimSpace(scanner.Bytes()) if len(line) == 0 { // Skip blank lines continue @@ -917,38 +926,47 @@ func loadLabels() (map[string]string, string) { // Skip comments continue } - if groups := assignRegex.FindStringSubmatch(line); groups != nil { - key, val := strings.TrimSpace(groups[1]), strings.TrimSpace(groups[2]) - labels[key] = strings.Trim(val, "\"") + fields := bytes.SplitN(line, []byte{'='}, 2) + if len(fields) != 2 { + continue } + key, val := bytes.TrimSpace(fields[0]), bytes.TrimSpace(fields[1]) + labels[string(key)] = string(bytes.Trim(val, `"`)) } con, _ := NewContext(labels["file"]) con["level"] = fmt.Sprintf("s0:c%d,c%d", maxCategory-2, maxCategory-1) - reserveLabel(con.get()) - return labels, con.get() + privContainerMountLabel = con.get() + reserveLabel(privContainerMountLabel) +} + +func label(key string) string { + loadLabelsOnce.Do(func() { + loadLabels() + }) + return labels[key] } // kvmContainerLabels returns the default processLabel and mountLabel to be used // for kvm containers by the calling process. func kvmContainerLabels() (string, string) { - processLabel := labels["kvm_process"] + processLabel := label("kvm_process") if processLabel == "" { - processLabel = labels["process"] + processLabel = label("process") } - return addMcs(processLabel, labels["file"]) + return addMcs(processLabel, label("file")) } // initContainerLabels returns the default processLabel and file labels to be // used for containers running an init system like systemd by the calling process. func initContainerLabels() (string, string) { - processLabel := labels["init_process"] + processLabel := label("init_process") if processLabel == "" { - processLabel = labels["process"] + processLabel = label("process") } - return addMcs(processLabel, labels["file"]) + return addMcs(processLabel, label("file")) } // containerLabels returns an allocated processLabel and fileLabel to be used for @@ -958,9 +976,9 @@ func containerLabels() (processLabel string, fileLabel string) { return "", "" } - processLabel = labels["process"] - fileLabel = labels["file"] - readOnlyFileLabel = labels["ro_file"] + processLabel = label("process") + fileLabel = label("file") + readOnlyFileLabel = label("ro_file") if processLabel == "" || fileLabel == "" { return "", fileLabel @@ -1180,15 +1198,14 @@ func getDefaultContextFromReaders(c *defaultSECtx) (string, error) { } func getDefaultContextWithLevel(user, level, scon string) (string, error) { - userPath := filepath.Join(policyRoot, selinuxUsersDir, user) - defaultPath := filepath.Join(policyRoot, defaultContexts) - + userPath := filepath.Join(policyRoot(), selinuxUsersDir, user) fu, err := os.Open(userPath) if err != nil { return "", err } defer fu.Close() + defaultPath := filepath.Join(policyRoot(), defaultContexts) fd, err := os.Open(defaultPath) if err != nil { return "", err diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go index b7218a0b6..42657759c 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_stub.go @@ -2,8 +2,6 @@ package selinux -const privContainerMountLabel = "" - func setDisabled() { } @@ -152,3 +150,7 @@ func disableSecOpt() []string { func getDefaultContextWithLevel(user, level, scon string) (string, error) { return "", nil } + +func label(_ string) string { + return "" +} diff --git a/vendor/github.com/vbauerster/mpb/v7/bar.go b/vendor/github.com/vbauerster/mpb/v7/bar.go index 95d4439f8..22f608317 100644 --- a/vendor/github.com/vbauerster/mpb/v7/bar.go +++ b/vendor/github.com/vbauerster/mpb/v7/bar.go @@ -268,32 +268,32 @@ func (b *Bar) SetPriority(priority int) { // if bar is already in complete state. If drop is true bar will be // removed as well. func (b *Bar) Abort(drop bool) { - if drop { - b.container.dropBar(b) // It is safe to call this multiple times with the same bar - } select { case b.operateState <- func(s *bState) { if s.completed == true { return } if drop { - b.cancel() - return - } - go func() { - var uncompleted int - b.container.traverseBars(func(bar *Bar) bool { - if b != bar && !bar.Completed() { - uncompleted++ - return false + go b.container.dropBar(b) + } else { + go func() { + var uncompleted int + b.container.traverseBars(func(bar *Bar) bool { + if b != bar && !bar.Completed() { + uncompleted++ + return false + } + return true + }) + if uncompleted == 0 { + select { + case b.container.refreshCh <- time.Now(): + case <-b.container.done: + } } - return true - }) - if uncompleted == 0 { - b.container.refreshCh <- time.Now() - } - b.cancel() - }() + }() + } + b.cancel() }: <-b.done case <-b.done: diff --git a/vendor/github.com/vbauerster/mpb/v7/go.mod b/vendor/github.com/vbauerster/mpb/v7/go.mod index 7b177d0db..1ecbbe062 100644 --- a/vendor/github.com/vbauerster/mpb/v7/go.mod +++ b/vendor/github.com/vbauerster/mpb/v7/go.mod @@ -4,7 +4,7 @@ require ( github.com/VividCortex/ewma v1.2.0 github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d github.com/mattn/go-runewidth v0.0.13 - golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e + golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34 ) go 1.14 diff --git a/vendor/github.com/vbauerster/mpb/v7/go.sum b/vendor/github.com/vbauerster/mpb/v7/go.sum index 45584e0bf..a964dcccd 100644 --- a/vendor/github.com/vbauerster/mpb/v7/go.sum +++ b/vendor/github.com/vbauerster/mpb/v7/go.sum @@ -6,5 +6,5 @@ github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4 github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e h1:WUoyKPm6nCo1BnNUvPGnFG3T5DUVem42yDJZZ4CNxMA= -golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34 h1:GkvMjFtXUmahfDtashnc1mnrCtuBVcwse5QV2lUk/tI= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/vendor/golang.org/x/sync/errgroup/errgroup.go b/vendor/golang.org/x/sync/errgroup/errgroup.go new file mode 100644 index 000000000..9857fe53d --- /dev/null +++ b/vendor/golang.org/x/sync/errgroup/errgroup.go @@ -0,0 +1,66 @@ +// Copyright 2016 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package errgroup provides synchronization, error propagation, and Context +// cancelation for groups of goroutines working on subtasks of a common task. +package errgroup + +import ( + "context" + "sync" +) + +// A Group is a collection of goroutines working on subtasks that are part of +// the same overall task. +// +// A zero Group is valid and does not cancel on error. +type Group struct { + cancel func() + + wg sync.WaitGroup + + errOnce sync.Once + err error +} + +// WithContext returns a new Group and an associated Context derived from ctx. +// +// The derived Context is canceled the first time a function passed to Go +// returns a non-nil error or the first time Wait returns, whichever occurs +// first. +func WithContext(ctx context.Context) (*Group, context.Context) { + ctx, cancel := context.WithCancel(ctx) + return &Group{cancel: cancel}, ctx +} + +// Wait blocks until all function calls from the Go method have returned, then +// returns the first non-nil error (if any) from them. +func (g *Group) Wait() error { + g.wg.Wait() + if g.cancel != nil { + g.cancel() + } + return g.err +} + +// Go calls the given function in a new goroutine. +// +// The first call to return a non-nil error cancels the group; its error will be +// returned by Wait. +func (g *Group) Go(f func() error) { + g.wg.Add(1) + + go func() { + defer g.wg.Done() + + if err := f(); err != nil { + g.errOnce.Do(func() { + g.err = err + if g.cancel != nil { + g.cancel() + } + }) + } + }() +} diff --git a/vendor/golang.org/x/sys/cpu/cpu.go b/vendor/golang.org/x/sys/cpu/cpu.go index abbec2d44..b56886f26 100644 --- a/vendor/golang.org/x/sys/cpu/cpu.go +++ b/vendor/golang.org/x/sys/cpu/cpu.go @@ -56,6 +56,7 @@ var X86 struct { HasAVX512BF16 bool // Advanced vector extension 512 BFloat16 Instructions HasBMI1 bool // Bit manipulation instruction set 1 HasBMI2 bool // Bit manipulation instruction set 2 + HasCX16 bool // Compare and exchange 16 Bytes HasERMS bool // Enhanced REP for MOVSB and STOSB HasFMA bool // Fused-multiply-add instructions HasOSXSAVE bool // OS supports XSAVE/XRESTOR for saving/restoring XMM registers. diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go index 54ca4667f..5ea287b7e 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_x86.go +++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go @@ -39,6 +39,7 @@ func initOptions() { {Name: "avx512bf16", Feature: &X86.HasAVX512BF16}, {Name: "bmi1", Feature: &X86.HasBMI1}, {Name: "bmi2", Feature: &X86.HasBMI2}, + {Name: "cx16", Feature: &X86.HasCX16}, {Name: "erms", Feature: &X86.HasERMS}, {Name: "fma", Feature: &X86.HasFMA}, {Name: "osxsave", Feature: &X86.HasOSXSAVE}, @@ -73,6 +74,7 @@ func archInit() { X86.HasPCLMULQDQ = isSet(1, ecx1) X86.HasSSSE3 = isSet(9, ecx1) X86.HasFMA = isSet(12, ecx1) + X86.HasCX16 = isSet(13, ecx1) X86.HasSSE41 = isSet(19, ecx1) X86.HasSSE42 = isSet(20, ecx1) X86.HasPOPCNT = isSet(23, ecx1) diff --git a/vendor/golang.org/x/sys/unix/syscall_illumos.go b/vendor/golang.org/x/sys/unix/syscall_illumos.go index 8c5357683..8d5f294c4 100644 --- a/vendor/golang.org/x/sys/unix/syscall_illumos.go +++ b/vendor/golang.org/x/sys/unix/syscall_illumos.go @@ -162,6 +162,14 @@ func (l *Lifreq) GetLifruInt() int { return *(*int)(unsafe.Pointer(&l.Lifru[0])) } +func (l *Lifreq) SetLifruUint(d uint) { + *(*uint)(unsafe.Pointer(&l.Lifru[0])) = d +} + +func (l *Lifreq) GetLifruUint() uint { + return *(*uint)(unsafe.Pointer(&l.Lifru[0])) +} + func IoctlLifreq(fd int, req uint, l *Lifreq) error { return ioctl(fd, req, uintptr(unsafe.Pointer(l))) } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 2839435e3..df8628e57 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -66,6 +66,10 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { return fchmodat(dirfd, path, mode) } +func InotifyInit() (fd int, err error) { + return InotifyInit1(0) +} + //sys ioctl(fd int, req uint, arg uintptr) (err error) = SYS_IOCTL //sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL @@ -168,27 +172,7 @@ func Utimes(path string, tv []Timeval) error { //sys utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) func UtimesNano(path string, ts []Timespec) error { - if ts == nil { - err := utimensat(AT_FDCWD, path, nil, 0) - if err != ENOSYS { - return err - } - return utimes(path, nil) - } - if len(ts) != 2 { - return EINVAL - } - err := utimensat(AT_FDCWD, path, (*[2]Timespec)(unsafe.Pointer(&ts[0])), 0) - if err != ENOSYS { - return err - } - // If the utimensat syscall isn't available (utimensat was added to Linux - // in 2.6.22, Released, 8 July 2007) then fall back to utimes - var tv [2]Timeval - for i := 0; i < 2; i++ { - tv[i] = NsecToTimeval(TimespecToNsec(ts[i])) - } - return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0]))) + return UtimesNanoAt(AT_FDCWD, path, ts, 0) } func UtimesNanoAt(dirfd int, path string, ts []Timespec, flags int) error { @@ -1229,11 +1213,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { func Accept(fd int) (nfd int, sa Sockaddr, err error) { var rsa RawSockaddrAny var len _Socklen = SizeofSockaddrAny - // Try accept4 first for Android, then try accept for kernel older than 2.6.28 nfd, err = accept4(fd, &rsa, &len, 0) - if err == ENOSYS { - nfd, err = accept(fd, &rsa, &len) - } if err != nil { return } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_386.go index 91317d749..2df04e398 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_386.go @@ -59,7 +59,6 @@ func Pipe2(p []int, flags int) (err error) { //sysnb Geteuid() (euid int) = SYS_GETEUID32 //sysnb Getgid() (gid int) = SYS_GETGID32 //sysnb Getuid() (uid int) = SYS_GETUID32 -//sysnb InotifyInit() (fd int, err error) //sys Ioperm(from int, num int, on int) (err error) //sys Iopl(level int) (err error) //sys Lchown(path string, uid int, gid int) (err error) = SYS_LCHOWN32 diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go index 85cd97da0..ff0acde69 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go @@ -21,17 +21,6 @@ package unix //sysnb Getgid() (gid int) //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) //sysnb Getuid() (uid int) -//sysnb inotifyInit() (fd int, err error) - -func InotifyInit() (fd int, err error) { - // First try inotify_init1, because Android's seccomp policy blocks the latter. - fd, err = InotifyInit1(0) - if err == ENOSYS { - fd, err = inotifyInit() - } - return -} - //sys Ioperm(from int, num int, on int) (err error) //sys Iopl(level int) (err error) //sys Lchown(path string, uid int, gid int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go index b961a620e..094aaaddc 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go @@ -26,11 +26,7 @@ func Pipe(p []int) (err error) { return EINVAL } var pp [2]_C_int - // Try pipe2 first for Android O, then try pipe for kernel 2.6.23. err = pipe2(&pp, 0) - if err == ENOSYS { - err = pipe(&pp) - } p[0] = int(pp[0]) p[1] = int(pp[1]) return @@ -86,7 +82,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { //sysnb Geteuid() (euid int) = SYS_GETEUID32 //sysnb Getgid() (gid int) = SYS_GETGID32 //sysnb Getuid() (uid int) = SYS_GETUID32 -//sysnb InotifyInit() (fd int, err error) //sys Lchown(path string, uid int, gid int) (err error) = SYS_LCHOWN32 //sys Listen(s int, n int) (err error) //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go index 4b977ba44..3fb41f95d 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go @@ -211,10 +211,6 @@ func (rsa *RawSockaddrNFCLLCP) SetServiceNameLen(length int) { rsa.Service_name_len = uint64(length) } -func InotifyInit() (fd int, err error) { - return InotifyInit1(0) -} - // dup2 exists because func Dup3 in syscall_linux.go references // it in an unreachable path. dup2 isn't available on arm64. func dup2(oldfd int, newfd int) error diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go index 27aee81d9..7079b435d 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go @@ -221,10 +221,6 @@ func (rsa *RawSockaddrNFCLLCP) SetServiceNameLen(length int) { rsa.Service_name_len = uint64(length) } -func InotifyInit() (fd int, err error) { - return InotifyInit1(0) -} - //sys poll(fds *PollFd, nfds int, timeout int) (n int, err error) func Poll(fds []PollFd, timeout int) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go index 21d74e2fb..5bc171e62 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go @@ -60,7 +60,6 @@ func Syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys recvmsg(s int, msg *Msghdr, flags int) (n int, err error) //sys sendmsg(s int, msg *Msghdr, flags int) (n int, err error) -//sysnb InotifyInit() (fd int, err error) //sys Ioperm(from int, num int, on int) (err error) //sys Iopl(level int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go index 6f1fc581e..1810a7279 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go @@ -23,7 +23,6 @@ import ( //sysnb Geteuid() (euid int) //sysnb Getgid() (gid int) //sysnb Getuid() (uid int) -//sysnb InotifyInit() (fd int, err error) //sys Ioperm(from int, num int, on int) (err error) //sys Iopl(level int) (err error) //sys Lchown(path string, uid int, gid int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go index 5259a5fea..b7662dea7 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go @@ -22,7 +22,6 @@ package unix //sysnb Getgid() (gid int) //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) = SYS_UGETRLIMIT //sysnb Getuid() (uid int) -//sysnb InotifyInit() (fd int, err error) //sys Ioperm(from int, num int, on int) (err error) //sys Iopl(level int) (err error) //sys Lchown(path string, uid int, gid int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go index 8ef821e5d..e2ae1ec8b 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go @@ -192,10 +192,6 @@ func (rsa *RawSockaddrNFCLLCP) SetServiceNameLen(length int) { rsa.Service_name_len = uint64(length) } -func InotifyInit() (fd int, err error) { - return InotifyInit1(0) -} - func Pause() error { _, err := ppoll(nil, 0, nil, nil) return err diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go index a1c0574b5..646fde8e2 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go @@ -25,7 +25,6 @@ import ( //sysnb Getgid() (gid int) //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) //sysnb Getuid() (uid int) -//sysnb InotifyInit() (fd int, err error) //sys Lchown(path string, uid int, gid int) (err error) //sys Lstat(path string, stat *Stat_t) (err error) //sys Pause() (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go index de14b8898..b9a250902 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go @@ -20,7 +20,6 @@ package unix //sysnb Getgid() (gid int) //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) //sysnb Getuid() (uid int) -//sysnb InotifyInit() (fd int, err error) //sys Lchown(path string, uid int, gid int) (err error) //sys Listen(s int, n int) (err error) //sys Lstat(path string, stat *Stat_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 135e3a47a..8894c4af4 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -231,6 +231,8 @@ const ( BPF_PSEUDO_FUNC = 0x4 BPF_PSEUDO_KFUNC_CALL = 0x2 BPF_PSEUDO_MAP_FD = 0x1 + BPF_PSEUDO_MAP_IDX = 0x5 + BPF_PSEUDO_MAP_IDX_VALUE = 0x6 BPF_PSEUDO_MAP_VALUE = 0x2 BPF_RET = 0x6 BPF_RSH = 0x70 @@ -1635,11 +1637,12 @@ const ( NFNL_MSG_BATCH_END = 0x11 NFNL_NFA_NEST = 0x8000 NFNL_SUBSYS_ACCT = 0x7 - NFNL_SUBSYS_COUNT = 0xc + NFNL_SUBSYS_COUNT = 0xd NFNL_SUBSYS_CTHELPER = 0x9 NFNL_SUBSYS_CTNETLINK = 0x1 NFNL_SUBSYS_CTNETLINK_EXP = 0x2 NFNL_SUBSYS_CTNETLINK_TIMEOUT = 0x8 + NFNL_SUBSYS_HOOK = 0xc NFNL_SUBSYS_IPSET = 0x6 NFNL_SUBSYS_NFTABLES = 0xa NFNL_SUBSYS_NFT_COMPAT = 0xb @@ -1929,6 +1932,12 @@ const ( PR_PAC_GET_ENABLED_KEYS = 0x3d PR_PAC_RESET_KEYS = 0x36 PR_PAC_SET_ENABLED_KEYS = 0x3c + PR_SCHED_CORE = 0x3e + PR_SCHED_CORE_CREATE = 0x1 + PR_SCHED_CORE_GET = 0x0 + PR_SCHED_CORE_MAX = 0x4 + PR_SCHED_CORE_SHARE_FROM = 0x3 + PR_SCHED_CORE_SHARE_TO = 0x2 PR_SET_CHILD_SUBREAPER = 0x24 PR_SET_DUMPABLE = 0x4 PR_SET_ENDIAN = 0x14 @@ -2295,6 +2304,7 @@ const ( SECCOMP_MODE_DISABLED = 0x0 SECCOMP_MODE_FILTER = 0x2 SECCOMP_MODE_STRICT = 0x1 + SECRETMEM_MAGIC = 0x5345434d SECURITYFS_MAGIC = 0x73636673 SEEK_CUR = 0x1 SEEK_DATA = 0x3 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go index cca248d1d..697811a46 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go @@ -309,6 +309,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go index 9521a4804..7d8d93bfc 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go @@ -310,6 +310,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go index ddb40a40d..f707d5089 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go @@ -316,6 +316,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go index 3df31e0d4..3a67a9c85 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go @@ -306,6 +306,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go index 179c7d68d..a7ccef56c 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go @@ -309,6 +309,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0x100 SO_PASSCRED = 0x11 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go index 84ab15a85..f7b7cec91 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go @@ -309,6 +309,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0x100 SO_PASSCRED = 0x11 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go index 6aa064da5..4fcacf958 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go @@ -309,6 +309,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0x100 SO_PASSCRED = 0x11 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go index 960650f2b..6f6c223a2 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go @@ -309,6 +309,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0x100 SO_PASSCRED = 0x11 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go index 7365221d0..59e522bcf 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go @@ -364,6 +364,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x14 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go index 5967db35c..d4264a0f7 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go @@ -368,6 +368,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x14 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go index f88869849..21cbec1dd 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go @@ -368,6 +368,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x14 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go index 8048706f3..9b05bf12f 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go @@ -297,6 +297,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go index fb7859417..bd82ace09 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go @@ -372,6 +372,7 @@ const ( SO_MARK = 0x24 SO_MAX_PACING_RATE = 0x2f SO_MEMINFO = 0x37 + SO_NETNS_COOKIE = 0x47 SO_NOFCS = 0x2b SO_OOBINLINE = 0xa SO_PASSCRED = 0x10 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go index 81e18d23f..1f8bded56 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go @@ -363,6 +363,7 @@ const ( SO_MARK = 0x22 SO_MAX_PACING_RATE = 0x31 SO_MEMINFO = 0x39 + SO_NETNS_COOKIE = 0x50 SO_NOFCS = 0x27 SO_OOBINLINE = 0x100 SO_PASSCRED = 0x2 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go index e37096e4d..716ce2958 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go @@ -181,17 +181,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go index 9919d8486..c62e1d0f2 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go @@ -191,17 +191,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func inotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go index 076754d48..e336dcf8c 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go @@ -340,17 +340,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Lchown(path string, uid int, gid int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go index 4703cf3c3..a8aa7963e 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go @@ -544,17 +544,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go index d13d6da01..92ab46bc5 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go @@ -544,17 +544,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go index 927cf1a00..01520b5fb 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go @@ -161,17 +161,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go index da8ec0396..a289e993b 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go @@ -191,17 +191,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go index 083f493bb..1072c7220 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go @@ -191,17 +191,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Ioperm(from int, num int, on int) (err error) { _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go index bb347407d..6875a51b6 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go @@ -191,17 +191,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Lchown(path string, uid int, gid int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go index 8edc517e1..5657375bd 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go @@ -180,17 +180,6 @@ func Getuid() (uid int) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func InotifyInit() (fd int, err error) { - r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) - fd = int(r0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Lchown(path string, uid int, gid int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go index eb3afe678..aa7ce85d1 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go @@ -439,7 +439,9 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 + SYS_MEMFD_SECRET = 447 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go index 8e7e3aedc..b83032638 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go @@ -361,7 +361,9 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 + SYS_MEMFD_SECRET = 447 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go index 0e6ebfef0..d75f65a0a 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go @@ -403,6 +403,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go index cd2a3ef41..8b02f09e9 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go @@ -306,7 +306,9 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 + SYS_MEMFD_SECRET = 447 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go index 773640b83..026695abb 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go @@ -424,6 +424,7 @@ const ( SYS_PROCESS_MADVISE = 4440 SYS_EPOLL_PWAIT2 = 4441 SYS_MOUNT_SETATTR = 4442 + SYS_QUOTACTL_FD = 4443 SYS_LANDLOCK_CREATE_RULESET = 4444 SYS_LANDLOCK_ADD_RULE = 4445 SYS_LANDLOCK_RESTRICT_SELF = 4446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go index 86a41e568..7320ba958 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go @@ -354,6 +354,7 @@ const ( SYS_PROCESS_MADVISE = 5440 SYS_EPOLL_PWAIT2 = 5441 SYS_MOUNT_SETATTR = 5442 + SYS_QUOTACTL_FD = 5443 SYS_LANDLOCK_CREATE_RULESET = 5444 SYS_LANDLOCK_ADD_RULE = 5445 SYS_LANDLOCK_RESTRICT_SELF = 5446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go index 77f5728da..45082dd67 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go @@ -354,6 +354,7 @@ const ( SYS_PROCESS_MADVISE = 5440 SYS_EPOLL_PWAIT2 = 5441 SYS_MOUNT_SETATTR = 5442 + SYS_QUOTACTL_FD = 5443 SYS_LANDLOCK_CREATE_RULESET = 5444 SYS_LANDLOCK_ADD_RULE = 5445 SYS_LANDLOCK_RESTRICT_SELF = 5446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go index dcd926513..570a857a5 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go @@ -424,6 +424,7 @@ const ( SYS_PROCESS_MADVISE = 4440 SYS_EPOLL_PWAIT2 = 4441 SYS_MOUNT_SETATTR = 4442 + SYS_QUOTACTL_FD = 4443 SYS_LANDLOCK_CREATE_RULESET = 4444 SYS_LANDLOCK_ADD_RULE = 4445 SYS_LANDLOCK_RESTRICT_SELF = 4446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go index d5ee2c935..638498d62 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go @@ -431,6 +431,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go index fec32207c..702beebfe 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go @@ -403,6 +403,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go index 53a89b206..bfc87ea44 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go @@ -403,6 +403,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go index 0db9fbba5..a390e147d 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go @@ -305,6 +305,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go index 378e6ec8b..3e791e6cd 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go @@ -368,6 +368,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go index 58e72b0cb..78802a5cf 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go @@ -382,6 +382,7 @@ const ( SYS_PROCESS_MADVISE = 440 SYS_EPOLL_PWAIT2 = 441 SYS_MOUNT_SETATTR = 442 + SYS_QUOTACTL_FD = 443 SYS_LANDLOCK_CREATE_RULESET = 444 SYS_LANDLOCK_ADD_RULE = 445 SYS_LANDLOCK_RESTRICT_SELF = 446 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 878141d6d..4b73bb3b6 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -2356,8 +2356,8 @@ const ( SOF_TIMESTAMPING_OPT_PKTINFO = 0x2000 SOF_TIMESTAMPING_OPT_TX_SWHW = 0x4000 - SOF_TIMESTAMPING_LAST = 0x4000 - SOF_TIMESTAMPING_MASK = 0x7fff + SOF_TIMESTAMPING_LAST = 0x8000 + SOF_TIMESTAMPING_MASK = 0xffff SCM_TSTAMP_SND = 0x0 SCM_TSTAMP_SCHED = 0x1 @@ -2933,7 +2933,7 @@ const ( DEVLINK_CMD_TRAP_POLICER_NEW = 0x47 DEVLINK_CMD_TRAP_POLICER_DEL = 0x48 DEVLINK_CMD_HEALTH_REPORTER_TEST = 0x49 - DEVLINK_CMD_MAX = 0x49 + DEVLINK_CMD_MAX = 0x4d DEVLINK_PORT_TYPE_NOTSET = 0x0 DEVLINK_PORT_TYPE_AUTO = 0x1 DEVLINK_PORT_TYPE_ETH = 0x2 @@ -3156,7 +3156,7 @@ const ( DEVLINK_ATTR_RELOAD_ACTION_INFO = 0xa2 DEVLINK_ATTR_RELOAD_ACTION_STATS = 0xa3 DEVLINK_ATTR_PORT_PCI_SF_NUMBER = 0xa4 - DEVLINK_ATTR_MAX = 0xa4 + DEVLINK_ATTR_MAX = 0xa9 DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 @@ -3452,7 +3452,7 @@ const ( ETHTOOL_MSG_CABLE_TEST_ACT = 0x1a ETHTOOL_MSG_CABLE_TEST_TDR_ACT = 0x1b ETHTOOL_MSG_TUNNEL_INFO_GET = 0x1c - ETHTOOL_MSG_USER_MAX = 0x20 + ETHTOOL_MSG_USER_MAX = 0x21 ETHTOOL_MSG_KERNEL_NONE = 0x0 ETHTOOL_MSG_STRSET_GET_REPLY = 0x1 ETHTOOL_MSG_LINKINFO_GET_REPLY = 0x2 @@ -3483,7 +3483,7 @@ const ( ETHTOOL_MSG_CABLE_TEST_NTF = 0x1b ETHTOOL_MSG_CABLE_TEST_TDR_NTF = 0x1c ETHTOOL_MSG_TUNNEL_INFO_GET_REPLY = 0x1d - ETHTOOL_MSG_KERNEL_MAX = 0x21 + ETHTOOL_MSG_KERNEL_MAX = 0x22 ETHTOOL_A_HEADER_UNSPEC = 0x0 ETHTOOL_A_HEADER_DEV_INDEX = 0x1 ETHTOOL_A_HEADER_DEV_NAME = 0x2 diff --git a/vendor/modules.txt b/vendor/modules.txt index 3666ff40b..e3bdd32f8 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -10,7 +10,7 @@ github.com/Microsoft/go-winio/backuptar github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/pkg/security github.com/Microsoft/go-winio/vhd -# github.com/Microsoft/hcsshim v0.8.20 +# github.com/Microsoft/hcsshim v0.8.22 github.com/Microsoft/hcsshim github.com/Microsoft/hcsshim/computestorage github.com/Microsoft/hcsshim/internal/cow @@ -63,6 +63,9 @@ github.com/containerd/containerd/log github.com/containerd/containerd/pkg/userns github.com/containerd/containerd/platforms github.com/containerd/containerd/sys +# github.com/containerd/stargz-snapshotter/estargz v0.8.0 +github.com/containerd/stargz-snapshotter/estargz +github.com/containerd/stargz-snapshotter/estargz/errorutil # github.com/containernetworking/cni v0.8.1 github.com/containernetworking/cni/libcni github.com/containernetworking/cni/pkg/invoke @@ -94,7 +97,7 @@ github.com/containers/buildah/pkg/overlay github.com/containers/buildah/pkg/parse github.com/containers/buildah/pkg/rusage github.com/containers/buildah/util -# github.com/containers/common v0.43.2 +# github.com/containers/common v0.44.0 github.com/containers/common/libimage github.com/containers/common/libimage/manifests github.com/containers/common/pkg/apparmor @@ -191,7 +194,7 @@ github.com/containers/ocicrypt/keywrap/pkcs7 github.com/containers/ocicrypt/spec github.com/containers/ocicrypt/utils github.com/containers/ocicrypt/utils/keyprovider -# github.com/containers/psgo v1.5.2 +# github.com/containers/psgo v1.6.0 github.com/containers/psgo github.com/containers/psgo/internal/capabilities github.com/containers/psgo/internal/cgroups @@ -199,7 +202,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.35.0 +# github.com/containers/storage v1.36.0 github.com/containers/storage github.com/containers/storage/drivers github.com/containers/storage/drivers/aufs @@ -348,7 +351,7 @@ github.com/ghodss/yaml github.com/go-logr/logr # github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 github.com/go-task/slim-sprig -# github.com/godbus/dbus/v5 v5.0.4 +# github.com/godbus/dbus/v5 v5.0.5 github.com/godbus/dbus/v5 # github.com/gogo/protobuf v1.3.2 github.com/gogo/protobuf/gogoproto @@ -363,8 +366,6 @@ github.com/golang/protobuf/ptypes github.com/golang/protobuf/ptypes/any github.com/golang/protobuf/ptypes/duration github.com/golang/protobuf/ptypes/timestamp -# github.com/golang/snappy v0.0.3 -github.com/golang/snappy # github.com/google/go-cmp v0.5.6 github.com/google/go-cmp/cmp github.com/google/go-cmp/cmp/internal/diff @@ -379,6 +380,8 @@ github.com/google/gofuzz github.com/google/shlex # github.com/google/uuid v1.3.0 github.com/google/uuid +# github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33 +github.com/gorilla/handlers # github.com/gorilla/mux v1.8.0 github.com/gorilla/mux # github.com/gorilla/schema v1.2.0 @@ -406,11 +409,12 @@ github.com/json-iterator/go # github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a github.com/juju/ansiterm github.com/juju/ansiterm/tabwriter -# github.com/klauspost/compress v1.13.4 +# github.com/klauspost/compress v1.13.5 github.com/klauspost/compress github.com/klauspost/compress/flate github.com/klauspost/compress/fse github.com/klauspost/compress/huff0 +github.com/klauspost/compress/internal/snapref github.com/klauspost/compress/zstd github.com/klauspost/compress/zstd/internal/xxhash # github.com/klauspost/pgzip v1.2.5 @@ -524,7 +528,7 @@ github.com/opencontainers/runtime-tools/generate github.com/opencontainers/runtime-tools/generate/seccomp github.com/opencontainers/runtime-tools/specerror github.com/opencontainers/runtime-tools/validate -# github.com/opencontainers/selinux v1.8.4 +# github.com/opencontainers/selinux v1.8.5 github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk @@ -612,7 +616,7 @@ github.com/vbauerster/mpb/v6 github.com/vbauerster/mpb/v6/cwriter github.com/vbauerster/mpb/v6/decor github.com/vbauerster/mpb/v6/internal -# github.com/vbauerster/mpb/v7 v7.1.3 => github.com/mtrmac/mpb/v7 v7.0.5-0.20210831125917-6bcc64f93d02 +# github.com/vbauerster/mpb/v7 v7.1.4 github.com/vbauerster/mpb/v7 github.com/vbauerster/mpb/v7/cwriter github.com/vbauerster/mpb/v7/decor @@ -674,8 +678,9 @@ golang.org/x/net/internal/timeseries golang.org/x/net/proxy golang.org/x/net/trace # golang.org/x/sync v0.0.0-20210220032951-036812b2e83c +golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 +# golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34 golang.org/x/sys/cpu golang.org/x/sys/execabs golang.org/x/sys/internal/unsafeheader |