From 6c9f378a9bae73e7a05842275fab6791313a7f45 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 18:19:46 +0000 Subject: [PATCH] fix(deps): update module github.com/opencontainers/cgroups to v0.0.2 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +- .../cgroups/.golangci-extra.yml | 21 ++++ .../opencontainers/cgroups/.golangci.yml | 31 ++++++ .../opencontainers/cgroups/RELEASES.md | 2 +- .../opencontainers/cgroups/config_linux.go | 104 +++++++++--------- .../cgroups/devices/config/device.go | 4 +- .../opencontainers/cgroups/fs/freezer.go | 2 +- .../opencontainers/cgroups/fs2/cpu.go | 6 + .../opencontainers/cgroups/fs2/memory.go | 19 ++-- .../opencontainers/cgroups/fscommon/rdma.go | 2 +- .../opencontainers/cgroups/stats.go | 9 ++ .../opencontainers/cgroups/utils.go | 4 +- .../opencontainers/cgroups/v1_utils.go | 7 +- vendor/modules.txt | 2 +- 15 files changed, 141 insertions(+), 78 deletions(-) create mode 100644 vendor/github.com/opencontainers/cgroups/.golangci-extra.yml create mode 100644 vendor/github.com/opencontainers/cgroups/.golangci.yml diff --git a/go.mod b/go.mod index 90b63c2bfd..42a1ec7a04 100644 --- a/go.mod +++ b/go.mod @@ -52,7 +52,7 @@ require ( github.com/nxadm/tail v1.4.11 github.com/onsi/ginkgo/v2 v2.23.4 github.com/onsi/gomega v1.37.0 - github.com/opencontainers/cgroups v0.0.1 + github.com/opencontainers/cgroups v0.0.2 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 github.com/opencontainers/runtime-spec v1.2.1 diff --git a/go.sum b/go.sum index 3a3cbbff27..2305f1f382 100644 --- a/go.sum +++ b/go.sum @@ -357,8 +357,8 @@ github.com/onsi/ginkgo/v2 v2.23.4 h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus github.com/onsi/ginkgo/v2 v2.23.4/go.mod h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8= github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y= github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= -github.com/opencontainers/cgroups v0.0.1 h1:MXjMkkFpKv6kpuirUa4USFBas573sSAY082B4CiHEVA= -github.com/opencontainers/cgroups v0.0.1/go.mod h1:s8lktyhlGUqM7OSRL5P7eAW6Wb+kWPNvt4qvVfzA5vs= +github.com/opencontainers/cgroups v0.0.2 h1:A+mAPPMfgKNCEZUUtibESFx06uvhAmvo8sSz3Abwk7o= +github.com/opencontainers/cgroups v0.0.2/go.mod h1:s8lktyhlGUqM7OSRL5P7eAW6Wb+kWPNvt4qvVfzA5vs= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040= diff --git a/vendor/github.com/opencontainers/cgroups/.golangci-extra.yml b/vendor/github.com/opencontainers/cgroups/.golangci-extra.yml new file mode 100644 index 0000000000..b98dba1ba1 --- /dev/null +++ b/vendor/github.com/opencontainers/cgroups/.golangci-extra.yml @@ -0,0 +1,21 @@ +# This is golangci-lint config file which is used to check NEW code in +# github PRs only (see lint-extra in .github/workflows/validate.yml). +# +# For the default linter config, see .golangci.yml. This config should +# only enable additional linters and/or linter settings not enabled +# in the default config. +version: "2" + +linters: + default: none + enable: + - godot + - revive + - staticcheck + settings: + staticcheck: + checks: + - all + - -QF1008 # https://staticcheck.dev/docs/checks/#QF1008 Omit embedded fields from selector expression. + exclusions: + generated: strict diff --git a/vendor/github.com/opencontainers/cgroups/.golangci.yml b/vendor/github.com/opencontainers/cgroups/.golangci.yml new file mode 100644 index 0000000000..90799883ca --- /dev/null +++ b/vendor/github.com/opencontainers/cgroups/.golangci.yml @@ -0,0 +1,31 @@ +# For documentation, see https://golangci-lint.run/usage/configuration/ +version: "2" + +formatters: + enable: + - gofumpt + exclusions: + generated: strict + +linters: + enable: + - errorlint + - nolintlint + - unconvert + - unparam + settings: + govet: + enable: + - nilness + staticcheck: + checks: + - all + - -ST1000 # https://staticcheck.dev/docs/checks/#ST1000 Incorrect or missing package comment. + - -ST1003 # https://staticcheck.dev/docs/checks/#ST1003 Poorly chosen identifier. + - -ST1005 # https://staticcheck.dev/docs/checks/#ST1005 Incorrectly formatted error string. + - -QF1008 # https://staticcheck.dev/docs/checks/#QF1008 Omit embedded fields from selector expression. + exclusions: + generated: strict + presets: + - comments + - std-error-handling diff --git a/vendor/github.com/opencontainers/cgroups/RELEASES.md b/vendor/github.com/opencontainers/cgroups/RELEASES.md index 028ec265df..e3802706f5 100644 --- a/vendor/github.com/opencontainers/cgroups/RELEASES.md +++ b/vendor/github.com/opencontainers/cgroups/RELEASES.md @@ -23,7 +23,7 @@ However, specification releases have special restrictions in the [OCI charter][c * They are the target of backwards compatibility (§7.g), and * They are subject to the OFWa patent grant (§8.d and e). -To avoid unfortunate side effects (onerous backwards compatibity requirements or Member resignations), the following additional procedures apply to specification releases: +To avoid unfortunate side effects (onerous backwards compatibility requirements or Member resignations), the following additional procedures apply to specification releases: ### Planning a release diff --git a/vendor/github.com/opencontainers/cgroups/config_linux.go b/vendor/github.com/opencontainers/cgroups/config_linux.go index ce98b3d784..9f1d44537b 100644 --- a/vendor/github.com/opencontainers/cgroups/config_linux.go +++ b/vendor/github.com/opencontainers/cgroups/config_linux.go @@ -23,16 +23,16 @@ type Cgroup struct { // Path specifies the path to cgroups that are created and/or joined by the container. // The path is assumed to be relative to the host system cgroup mountpoint. - Path string `json:"path"` + Path string `json:"path,omitempty"` - // ScopePrefix describes prefix for the scope name - ScopePrefix string `json:"scope_prefix"` + // ScopePrefix describes prefix for the scope name. + ScopePrefix string `json:"scope_prefix,omitempty"` - // Resources contains various cgroups settings to apply - *Resources + // Resources contains various cgroups settings to apply. + *Resources `json:"Resources,omitempty"` // Systemd tells if systemd should be used to manage cgroups. - Systemd bool + Systemd bool `json:"Systemd,omitempty"` // SystemdProps are any additional properties for systemd, // derived from org.systemd.property.xxx annotations. @@ -40,7 +40,7 @@ type Cgroup struct { SystemdProps []systemdDbus.Property `json:"-"` // Rootless tells if rootless cgroups should be used. - Rootless bool + Rootless bool `json:"Rootless,omitempty"` // The host UID that should own the cgroup, or nil to accept // the default ownership. This should only be set when the @@ -52,96 +52,96 @@ type Cgroup struct { type Resources struct { // Devices is the set of access rules for devices in the container. - Devices []*devices.Rule `json:"devices"` + Devices []*devices.Rule `json:"devices,omitempty"` - // Memory limit (in bytes) - Memory int64 `json:"memory"` + // Memory limit (in bytes). + Memory int64 `json:"memory,omitempty"` - // Memory reservation or soft_limit (in bytes) - MemoryReservation int64 `json:"memory_reservation"` + // Memory reservation or soft_limit (in bytes). + MemoryReservation int64 `json:"memory_reservation,omitempty"` - // Total memory usage (memory + swap); set `-1` to enable unlimited swap - MemorySwap int64 `json:"memory_swap"` + // Total memory usage (memory+swap); use -1 for unlimited swap. + MemorySwap int64 `json:"memory_swap,omitempty"` - // CPU shares (relative weight vs. other containers) - CpuShares uint64 `json:"cpu_shares"` + // CPU shares (relative weight vs. other containers). + CpuShares uint64 `json:"cpu_shares,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuShares should be CPUShares". // CPU hardcap limit (in usecs). Allowed cpu time in a given period. - CpuQuota int64 `json:"cpu_quota"` + CpuQuota int64 `json:"cpu_quota,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuQuota should be CPUQuota". // CPU hardcap burst limit (in usecs). Allowed accumulated cpu time additionally for burst in a given period. - CpuBurst *uint64 `json:"cpu_burst"` //nolint:revive + CpuBurst *uint64 `json:"cpu_burst,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuBurst should be CPUBurst". // CPU period to be used for hardcapping (in usecs). 0 to use system default. - CpuPeriod uint64 `json:"cpu_period"` + CpuPeriod uint64 `json:"cpu_period,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuPeriod should be CPUPeriod". // How many time CPU will use in realtime scheduling (in usecs). - CpuRtRuntime int64 `json:"cpu_rt_quota"` + CpuRtRuntime int64 `json:"cpu_rt_quota,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuRtRuntime should be CPURtRuntime". // CPU period to be used for realtime scheduling (in usecs). - CpuRtPeriod uint64 `json:"cpu_rt_period"` + CpuRtPeriod uint64 `json:"cpu_rt_period,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuQuota should be CPUQuota". - // CPU to use - CpusetCpus string `json:"cpuset_cpus"` + // Cpuset CPUs to use. + CpusetCpus string `json:"cpuset_cpus,omitempty"` - // MEM to use - CpusetMems string `json:"cpuset_mems"` + // Cpuset memory nodes to use. + CpusetMems string `json:"cpuset_mems,omitempty"` - // cgroup SCHED_IDLE + // Cgroup's SCHED_IDLE value. CPUIdle *int64 `json:"cpu_idle,omitempty"` // Process limit; set <= `0' to disable limit. - PidsLimit int64 `json:"pids_limit"` + PidsLimit int64 `json:"pids_limit,omitempty"` // Specifies per cgroup weight, range is from 10 to 1000. - BlkioWeight uint16 `json:"blkio_weight"` + BlkioWeight uint16 `json:"blkio_weight,omitempty"` - // Specifies tasks' weight in the given cgroup while competing with the cgroup's child cgroups, range is from 10 to 1000, cfq scheduler only - BlkioLeafWeight uint16 `json:"blkio_leaf_weight"` + // Tasks' weight in the given cgroup while competing with the cgroup's child cgroups, range is from 10 to 1000, cfq scheduler only. + BlkioLeafWeight uint16 `json:"blkio_leaf_weight,omitempty"` // Weight per cgroup per device, can override BlkioWeight. - BlkioWeightDevice []*WeightDevice `json:"blkio_weight_device"` + BlkioWeightDevice []*WeightDevice `json:"blkio_weight_device,omitempty"` // IO read rate limit per cgroup per device, bytes per second. - BlkioThrottleReadBpsDevice []*ThrottleDevice `json:"blkio_throttle_read_bps_device"` + BlkioThrottleReadBpsDevice []*ThrottleDevice `json:"blkio_throttle_read_bps_device,omitempty"` // IO write rate limit per cgroup per device, bytes per second. - BlkioThrottleWriteBpsDevice []*ThrottleDevice `json:"blkio_throttle_write_bps_device"` + BlkioThrottleWriteBpsDevice []*ThrottleDevice `json:"blkio_throttle_write_bps_device,omitempty"` // IO read rate limit per cgroup per device, IO per second. - BlkioThrottleReadIOPSDevice []*ThrottleDevice `json:"blkio_throttle_read_iops_device"` + BlkioThrottleReadIOPSDevice []*ThrottleDevice `json:"blkio_throttle_read_iops_device,omitempty"` // IO write rate limit per cgroup per device, IO per second. - BlkioThrottleWriteIOPSDevice []*ThrottleDevice `json:"blkio_throttle_write_iops_device"` + BlkioThrottleWriteIOPSDevice []*ThrottleDevice `json:"blkio_throttle_write_iops_device,omitempty"` - // set the freeze value for the process - Freezer FreezerState `json:"freezer"` + // Freeze value for the process. + Freezer FreezerState `json:"freezer,omitempty"` - // Hugetlb limit (in bytes) - HugetlbLimit []*HugepageLimit `json:"hugetlb_limit"` + // Hugetlb limit (in bytes). + HugetlbLimit []*HugepageLimit `json:"hugetlb_limit,omitempty"` - // Whether to disable OOM Killer - OomKillDisable bool `json:"oom_kill_disable"` + // Whether to disable OOM killer. + OomKillDisable bool `json:"oom_kill_disable,omitempty"` - // Tuning swappiness behaviour per cgroup - MemorySwappiness *uint64 `json:"memory_swappiness"` + // Tuning swappiness behaviour per cgroup. + MemorySwappiness *uint64 `json:"memory_swappiness,omitempty"` - // Set priority of network traffic for container - NetPrioIfpriomap []*IfPrioMap `json:"net_prio_ifpriomap"` + // Set priority of network traffic for container. + NetPrioIfpriomap []*IfPrioMap `json:"net_prio_ifpriomap,omitempty"` - // Set class identifier for container's network packets - NetClsClassid uint32 `json:"net_cls_classid_u"` + // Set class identifier for container's network packets. + NetClsClassid uint32 `json:"net_cls_classid_u,omitempty"` - // Rdma resource restriction configuration - Rdma map[string]LinuxRdma `json:"rdma"` + // Rdma resource restriction configuration. + Rdma map[string]LinuxRdma `json:"rdma,omitempty"` // Used on cgroups v2: // CpuWeight sets a proportional bandwidth limit. - CpuWeight uint64 `json:"cpu_weight"` + CpuWeight uint64 `json:"cpu_weight,omitempty"` //nolint:revive // Suppress "var-naming: struct field CpuWeight should be CPUWeight". // Unified is cgroupv2-only key-value map. - Unified map[string]string `json:"unified"` + Unified map[string]string `json:"unified,omitempty"` // SkipDevices allows to skip configuring device permissions. // Used by e.g. kubelet while creating a parent cgroup (kubepods) @@ -165,5 +165,5 @@ type Resources struct { // MemoryCheckBeforeUpdate is a flag for cgroup v2 managers to check // if the new memory limits (Memory and MemorySwap) being set are lower // than the current memory usage, and reject if so. - MemoryCheckBeforeUpdate bool `json:"memory_check_before_update"` + MemoryCheckBeforeUpdate bool `json:"memory_check_before_update,omitempty"` } diff --git a/vendor/github.com/opencontainers/cgroups/devices/config/device.go b/vendor/github.com/opencontainers/cgroups/devices/config/device.go index 05ad3ef8ca..295575cbfa 100644 --- a/vendor/github.com/opencontainers/cgroups/devices/config/device.go +++ b/vendor/github.com/opencontainers/cgroups/devices/config/device.go @@ -20,10 +20,10 @@ type Device struct { FileMode os.FileMode `json:"file_mode"` // Uid of the device. - Uid uint32 `json:"uid"` + Uid uint32 `json:"uid,omitempty"` //nolint:revive // Suppress "var-naming: struct field Uid should be UID". // Gid of the device. - Gid uint32 `json:"gid"` + Gid uint32 `json:"gid,omitempty"` //nolint:revive // Suppress "var-naming: struct field Gid should be GID". } // Permissions is a cgroupv1-style string to represent device access. It diff --git a/vendor/github.com/opencontainers/cgroups/fs/freezer.go b/vendor/github.com/opencontainers/cgroups/fs/freezer.go index dae4a60589..fe0f0dde48 100644 --- a/vendor/github.com/opencontainers/cgroups/fs/freezer.go +++ b/vendor/github.com/opencontainers/cgroups/fs/freezer.go @@ -57,7 +57,7 @@ func (s *FreezerGroup) Set(path string, r *cgroups.Resources) (Err error) { // Alas, this is still a game of chances, since the real fix // belong to the kernel (cgroup v2 do not have this bug). - for i := 0; i < 1000; i++ { + for i := range 1000 { if i%50 == 49 { // Occasional thaw and sleep improves // the chances to succeed in freezing diff --git a/vendor/github.com/opencontainers/cgroups/fs2/cpu.go b/vendor/github.com/opencontainers/cgroups/fs2/cpu.go index 8eae67351c..8a22a32c45 100644 --- a/vendor/github.com/opencontainers/cgroups/fs2/cpu.go +++ b/vendor/github.com/opencontainers/cgroups/fs2/cpu.go @@ -108,6 +108,12 @@ func statCpu(dirPath string, stats *cgroups.Stats) error { case "throttled_usec": stats.CpuStats.ThrottlingData.ThrottledTime = v * 1000 + + case "nr_bursts": + stats.CpuStats.BurstData.BurstsPeriods = v + + case "burst_usec": + stats.CpuStats.BurstData.BurstTime = v * 1000 } } if err := sc.Err(); err != nil { diff --git a/vendor/github.com/opencontainers/cgroups/fs2/memory.go b/vendor/github.com/opencontainers/cgroups/fs2/memory.go index d67fd8aba5..761330756f 100644 --- a/vendor/github.com/opencontainers/cgroups/fs2/memory.go +++ b/vendor/github.com/opencontainers/cgroups/fs2/memory.go @@ -18,17 +18,14 @@ import ( // cgroupv2 files with .min, .max, .low, or .high suffix. // The value of -1 is converted to "max" for cgroupv1 compatibility // (which used to write -1 to remove the limit). -func numToStr(value int64) (ret string) { - switch { - case value == 0: - ret = "" - case value == -1: - ret = "max" - default: - ret = strconv.FormatInt(value, 10) +func numToStr(value int64) string { + switch value { + case 0: + return "" + case -1: + return "max" } - - return ret + return strconv.FormatInt(value, 10) } func isMemorySet(r *cgroups.Resources) bool { @@ -57,7 +54,7 @@ func setMemory(dirPath string, r *cgroups.Resources) error { if swapStr != "" { if err := cgroups.WriteFile(dirPath, "memory.swap.max", swapStr); err != nil { // If swap is not enabled, silently ignore setting to max or disabling it. - if !(errors.Is(err, os.ErrNotExist) && (swapStr == "max" || swapStr == "0")) { + if !(errors.Is(err, os.ErrNotExist) && (swapStr == "max" || swapStr == "0")) { //nolint:staticcheck // Ignore "QF1001: could apply De Morgan's law". return err } } diff --git a/vendor/github.com/opencontainers/cgroups/fscommon/rdma.go b/vendor/github.com/opencontainers/cgroups/fscommon/rdma.go index 86e38fdcba..960126ce7c 100644 --- a/vendor/github.com/opencontainers/cgroups/fscommon/rdma.go +++ b/vendor/github.com/opencontainers/cgroups/fscommon/rdma.go @@ -50,7 +50,7 @@ func readRdmaEntries(dir, file string) ([]cgroups.RdmaEntry, error) { if err != nil { return nil, err } - defer fd.Close() //nolint:errorlint + defer fd.Close() scanner := bufio.NewScanner(fd) for scanner.Scan() { parts := strings.SplitN(scanner.Text(), " ", 4) diff --git a/vendor/github.com/opencontainers/cgroups/stats.go b/vendor/github.com/opencontainers/cgroups/stats.go index b475567d82..6cd6253ee0 100644 --- a/vendor/github.com/opencontainers/cgroups/stats.go +++ b/vendor/github.com/opencontainers/cgroups/stats.go @@ -9,6 +9,14 @@ type ThrottlingData struct { ThrottledTime uint64 `json:"throttled_time,omitempty"` } +type BurstData struct { + // Number of periods bandwidth burst occurs + BurstsPeriods uint64 `json:"bursts_periods,omitempty"` + // Cumulative wall-time that any cpus has used above quota in respective periods + // Units: nanoseconds. + BurstTime uint64 `json:"burst_time,omitempty"` +} + // CpuUsage denotes the usage of a CPU. // All CPU stats are aggregate since container inception. type CpuUsage struct { @@ -48,6 +56,7 @@ type CpuStats struct { CpuUsage CpuUsage `json:"cpu_usage,omitempty"` ThrottlingData ThrottlingData `json:"throttling_data,omitempty"` PSI *PSIStats `json:"psi,omitempty"` + BurstData BurstData `json:"burst_data,omitempty"` } type CPUSetStats struct { diff --git a/vendor/github.com/opencontainers/cgroups/utils.go b/vendor/github.com/opencontainers/cgroups/utils.go index 9ef24b1ac6..98b6a07fab 100644 --- a/vendor/github.com/opencontainers/cgroups/utils.go +++ b/vendor/github.com/opencontainers/cgroups/utils.go @@ -231,7 +231,7 @@ func rmdir(path string, retry bool) error { again: err := unix.Rmdir(path) - switch err { // nolint:errorlint // unix errors are bare + switch err { case nil, unix.ENOENT: return nil case unix.EINTR: @@ -395,7 +395,7 @@ func WriteCgroupProc(dir string, pid int) error { } defer file.Close() - for i := 0; i < 5; i++ { + for range 5 { _, err = file.WriteString(strconv.Itoa(pid)) if err == nil { return nil diff --git a/vendor/github.com/opencontainers/cgroups/v1_utils.go b/vendor/github.com/opencontainers/cgroups/v1_utils.go index 81193e2098..19b8af1344 100644 --- a/vendor/github.com/opencontainers/cgroups/v1_utils.go +++ b/vendor/github.com/opencontainers/cgroups/v1_utils.go @@ -5,6 +5,7 @@ import ( "fmt" "os" "path/filepath" + "slices" "strings" "sync" "syscall" @@ -144,10 +145,8 @@ func FindCgroupMountpointAndRoot(cgroupPath, subsystem string) (string, string, func findCgroupMountpointAndRootFromMI(mounts []*mountinfo.Info, cgroupPath, subsystem string) (string, string, error) { for _, mi := range mounts { if strings.HasPrefix(mi.Mountpoint, cgroupPath) { - for _, opt := range strings.Split(mi.VFSOptions, ",") { - if opt == subsystem { - return mi.Mountpoint, mi.Root, nil - } + if slices.Contains(strings.Split(mi.VFSOptions, ","), subsystem) { + return mi.Mountpoint, mi.Root, nil } } } diff --git a/vendor/modules.txt b/vendor/modules.txt index 100bfe26bb..8c84e00771 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -800,7 +800,7 @@ github.com/onsi/gomega/matchers/support/goraph/edge github.com/onsi/gomega/matchers/support/goraph/node github.com/onsi/gomega/matchers/support/goraph/util github.com/onsi/gomega/types -# github.com/opencontainers/cgroups v0.0.1 +# github.com/opencontainers/cgroups v0.0.2 ## explicit; go 1.23.0 github.com/opencontainers/cgroups github.com/opencontainers/cgroups/devices/config