Update containers common package

The new version adds NetworkCreateOptions. For now pass nil [NO NEW TESTS NEEDED] Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
2025-12-01 02:27:13 +08:00 · 2022-12-05 15:39:18 +02:00
parent 68e51834a9
commit 7d16c2b69e
18 changed files with 54 additions and 22 deletions
--- a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
@@ -287,7 +287,7 @@ func newVLANPlugin(pluginType, device, mode string, mtu int, ipam *ipamConfig) V
 	caps := make(map[string]bool)
 	caps["ips"] = true
 	// if we use host-local set the ips cap to ensure we can set static ips via runtime config
-	if ipam.PluginType == types.HostLocalIPAMDriver {
+	if m.IPAM.PluginType == types.HostLocalIPAMDriver {
 		m.Capabilities = caps
 	}
 	return m
--- a/vendor/github.com/containers/common/libnetwork/cni/config.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/config.go
@@ -17,7 +17,7 @@ import (

 // NetworkCreate will take a partial filled Network and fill the
 // missing fields. It creates the Network and returns the full Network.
-func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
+func (n *cniNetwork) NetworkCreate(net types.Network, options *types.NetworkCreateOptions) (types.Network, error) {
 	n.lock.Lock()
 	defer n.lock.Unlock()
 	err := n.loadNetworks()
@@ -26,6 +26,11 @@ func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
 	}
 	network, err := n.networkCreate(&net, false)
 	if err != nil {
+		if options != nil && options.IgnoreIfExists && errors.Is(err, types.ErrNetworkExists) {
+			if network, ok := n.networks[net.Name]; ok {
+				return *network.libpodNet, nil
+			}
+		}
 		return types.Network{}, err
 	}
 	// add the new network to the map
--- a/vendor/github.com/containers/common/libnetwork/cni/network.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/network.go
@@ -82,12 +82,12 @@ type InitConfig struct {
 // Note: The networks are not loaded from disk until a method is called.
 func NewCNINetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
 	// TODO: consider using a shared memory lock
-	lock, err := lockfile.GetLockfile(filepath.Join(conf.CNIConfigDir, "cni.lock"))
+	lock, err := lockfile.GetLockFile(filepath.Join(conf.CNIConfigDir, "cni.lock"))
 	if err != nil {
 		// If we're on a read-only filesystem, there is no risk of
 		// contention. Fall back to a local lockfile.
 		if errors.Is(err, unix.EROFS) {
-			lock, err = lockfile.GetLockfile(filepath.Join(conf.RunDir, "cni.lock"))
+			lock, err = lockfile.GetLockFile(filepath.Join(conf.RunDir, "cni.lock"))
 			if err != nil {
 				return nil, err
 			}
--- a/vendor/github.com/containers/common/libnetwork/netavark/config.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go
@@ -21,7 +21,7 @@ import (

 // NetworkCreate will take a partial filled Network and fill the
 // missing fields. It creates the Network and returns the full Network.
-func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error) {
+func (n *netavarkNetwork) NetworkCreate(net types.Network, options *types.NetworkCreateOptions) (types.Network, error) {
 	n.lock.Lock()
 	defer n.lock.Unlock()
 	err := n.loadNetworks()
@@ -30,6 +30,11 @@ func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error
 	}
 	network, err := n.networkCreate(&net, false)
 	if err != nil {
+		if options != nil && options.IgnoreIfExists && errors.Is(err, types.ErrNetworkExists) {
+			if network, ok := n.networks[net.Name]; ok {
+				return *network, nil
+			}
+		}
 		return types.Network{}, err
 	}
 	// add the new network to the map
--- a/vendor/github.com/containers/common/libnetwork/netavark/network.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go
@@ -95,7 +95,7 @@ type InitConfig struct {
 // Note: The networks are not loaded from disk until a method is called.
 func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
 	// TODO: consider using a shared memory lock
-	lock, err := lockfile.GetLockfile(filepath.Join(conf.NetworkConfigDir, "netavark.lock"))
+	lock, err := lockfile.GetLockFile(filepath.Join(conf.NetworkConfigDir, "netavark.lock"))
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/containers/common/libnetwork/types/network.go
+++ b/vendor/github.com/containers/common/libnetwork/types/network.go
@@ -9,7 +9,7 @@ import (
 type ContainerNetwork interface {
 	// NetworkCreate will take a partial filled Network and fill the
 	// missing fields. It creates the Network and returns the full Network.
-	NetworkCreate(Network) (Network, error)
+	NetworkCreate(Network, *NetworkCreateOptions) (Network, error)
 	// NetworkRemove will remove the Network with the given name or ID.
 	NetworkRemove(nameOrID string) error
 	// NetworkList will return all known Networks. Optionally you can
@@ -289,3 +289,8 @@ type TeardownOptions struct {

 // FilterFunc can be passed to NetworkList to filter the networks.
 type FilterFunc func(Network) bool
+
+type NetworkCreateOptions struct {
+	// IgnoreIfExists if true, do not fail if the network already exists
+	IgnoreIfExists bool
+}
--- a/vendor/github.com/containers/common/pkg/cgroups/cgroups.go
+++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups.go
@@ -431,7 +431,7 @@ func (c *CgroupControl) CreateSystemdUnit(path string) error {
 // GetUserConnection returns an user connection to D-BUS
 func GetUserConnection(uid int) (*systemdDbus.Conn, error) {
 	return systemdDbus.NewConnection(func() (*dbus.Conn, error) {
-		return dbusAuthConnection(uid, dbus.SessionBusPrivate)
+		return dbusAuthConnection(uid, dbus.SessionBusPrivateNoAutoStartup)
 	})
 }

--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -194,6 +194,9 @@ type ContainersConfig struct {
 	// performance implications.
 	PrepareVolumeOnCreate bool `toml:"prepare_volume_on_create,omitempty"`

+	// ReadOnly causes engine to run all containers with root file system mounted read-only
+	ReadOnly bool `toml:"read_only,omitempty"`
+
 	// SeccompProfile is the seccomp.json profile path which is used as the
 	// default for the runtime.
 	SeccompProfile string `toml:"seccomp_profile,omitempty"`
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@@ -216,6 +216,10 @@ default_sysctls = [
 #
 #prepare_volume_on_create = false

+# Run all containers with root file system mounted read-only
+#
+# read_only = false
+
 # Path to the seccomp.json profile which is used as the default seccomp profile
 # for the runtime.
 #
--- a/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go
+++ b/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go
@@ -39,7 +39,7 @@ func NewDriver(rootPath string) (*Driver, error) {
 		return nil, err
 	}

-	lock, err := lockfile.GetLockfile(filepath.Join(rootPath, "secretsdata.lock"))
+	lock, err := lockfile.GetLockFile(filepath.Join(rootPath, "secretsdata.lock"))
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/containers/common/pkg/secrets/secrets.go
+++ b/vendor/github.com/containers/common/pkg/secrets/secrets.go
@@ -127,7 +127,7 @@ func NewManager(rootPath string) (*SecretsManager, error) {
 		return nil, err
 	}

-	lock, err := lockfile.GetLockfile(filepath.Join(rootPath, "secrets.lock"))
+	lock, err := lockfile.GetLockFile(filepath.Join(rootPath, "secrets.lock"))
 	if err != nil {
 		return nil, err
 	}