vendor in latests containers/common

To include export HostContainersInternal

Signed-off-by: Black-Hole1 <bh@bugs.cc>

vendor/github.com/containers/common/libimage/image.go

@@ -424,14 +424,12 @@ func (i *Image) removeRecursive(ctx context.Context, rmMap map[string]*RemoveIma
 	numNames := len(i.Names())
 
 	// NOTE: the `numNames == 1` check is not only a performance
-	// optimization but also preserves exiting Podman/Docker behaviour.
+	// optimization but also preserves existing Podman/Docker behaviour.
 	// If image "foo" is used by a container and has only this tag/name,
 	// an `rmi foo` will not untag "foo" but instead attempt to remove the
 	// entire image.  If there's a container using "foo", we should get an
 	// error.
-	if referencedBy == "" || numNames == 1 {
-		// DO NOTHING, the image will be removed
-	} else {
+	if !(referencedBy == "" || numNames == 1) {
 		byID := strings.HasPrefix(i.ID(), referencedBy)
 		byDigest := strings.HasPrefix(referencedBy, "sha256:")
 		if !options.Force {
@@ -737,7 +735,7 @@ func (i *Image) RepoDigests() ([]string, error) {
 // Mount the image with the specified mount options and label, both of which
 // are directly passed down to the containers storage.  Returns the fully
 // evaluated path to the mount point.
-func (i *Image) Mount(ctx context.Context, mountOptions []string, mountLabel string) (string, error) {
+func (i *Image) Mount(_ context.Context, mountOptions []string, mountLabel string) (string, error) {
 	if i.runtime.eventChannel != nil {
 		defer i.runtime.writeEvent(&Event{ID: i.ID(), Name: "", Time: time.Now(), Type: EventTypeImageMount})
 	}

vendor/github.com/containers/common/libimage/manifest_list.go

@@ -388,10 +388,7 @@ func (m *ManifestList) AnnotateInstance(d digest.Digest, options *ManifestListAn
 	}
 
 	// Write the changes to disk.
-	if err := m.saveAndReload(); err != nil {
-		return err
-	}
-	return nil
+	return m.saveAndReload()
 }
 
 // RemoveInstance removes the instance specified by `d` from the manifest list.
@@ -402,10 +399,7 @@ func (m *ManifestList) RemoveInstance(d digest.Digest) error {
 	}
 
 	// Write the changes to disk.
-	if err := m.saveAndReload(); err != nil {
-		return err
-	}
-	return nil
+	return m.saveAndReload()
 }
 
 // ManifestListPushOptions allow for customizing pushing a manifest list.

vendor/github.com/containers/common/libimage/manifests/manifests.go

@@ -423,7 +423,7 @@ func (l *list) Remove(instanceDigest digest.Digest) error {
 // then use that list's SaveToImage() method to save a modified version of the
 // list to that image record use this lock to avoid accidentally wiping out
 // changes that another process is also attempting to make.
-func LockerForImage(store storage.Store, image string) (lockfile.Locker, error) {
+func LockerForImage(store storage.Store, image string) (lockfile.Locker, error) { // nolint:staticcheck
 	img, err := store.Image(image)
 	if err != nil {
 		return nil, fmt.Errorf("locating image %q for locating lock: %w", image, err)

vendor/github.com/containers/common/libnetwork/cni/config.go

@@ -15,7 +15,7 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
-func (n *cniNetwork) NetworkUpdate(name string, options types.NetworkUpdateOptions) error {
+func (n *cniNetwork) NetworkUpdate(_ string, _ types.NetworkUpdateOptions) error {
 	return fmt.Errorf("NetworkUpdate is not supported for backend CNI: %w", types.ErrInvalidArg)
 }
 

vendor/github.com/containers/common/libnetwork/etchosts/hosts.go

@@ -13,7 +13,7 @@ import (
 )
 
 const (
-	hostContainersInternal = "host.containers.internal"
+	HostContainersInternal = "host.containers.internal"
 	localhost              = "localhost"
 )
 
@@ -50,7 +50,7 @@ type Params struct {
 // containerIps. The container ip entry is only added when the name was not already
 // added before.
 func New(params *Params) error {
-	if err := new(params); err != nil {
+	if err := newHost(params); err != nil {
 		return fmt.Errorf("failed to create new hosts file: %w", err)
 	}
 	return nil
@@ -97,7 +97,7 @@ func Remove(file string, entries HostEntries) error {
 }
 
 // new see comment on New()
-func new(params *Params) error {
+func newHost(params *Params) error {
 	entries, err := parseExtraHosts(params.ExtraHosts)
 	if err != nil {
 		return err
@@ -118,15 +118,12 @@ func new(params *Params) error {
 	l2 := HostEntry{IP: "::1", Names: lh}
 	containerIPs = append(containerIPs, l1, l2)
 	if params.HostContainersInternalIP != "" {
-		e := HostEntry{IP: params.HostContainersInternalIP, Names: []string{hostContainersInternal}}
+		e := HostEntry{IP: params.HostContainersInternalIP, Names: []string{HostContainersInternal}}
 		containerIPs = append(containerIPs, e)
 	}
 	containerIPs = append(containerIPs, params.ContainerIPs...)
 
-	if err := writeHostFile(params.TargetFile, entries, containerIPs); err != nil {
-		return err
-	}
-	return nil
+	return writeHostFile(params.TargetFile, entries, containerIPs)
 }
 
 // add see comment on Add()

vendor/github.com/containers/common/libnetwork/internal/util/parse.go

@@ -34,3 +34,21 @@ func ParseVlan(vlan string) (int, error) {
 	}
 	return v, nil
 }
+
+// ParseIsolate parses the isolate option
+func ParseIsolate(isolate string) (string, error) {
+	switch isolate {
+	case "":
+		return "false", nil
+	case "strict":
+		return isolate, nil
+	default:
+		// isolate option accepts "strict" and Rust boolean values "true" or "false"
+		optIsolateBool, err := strconv.ParseBool(isolate)
+		if err != nil {
+			return "", fmt.Errorf("failed to parse isolate option: %w", err)
+		}
+		// Rust boolean only support "true" or "false" while go can parse 1 and 0 as well so we need to change it
+		return strconv.FormatBool(optIsolateBool), nil
+	}
+}

vendor/github.com/containers/common/libnetwork/netavark/config.go

@@ -187,12 +187,11 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
 				}
 
 			case types.IsolateOption:
-				val, err := strconv.ParseBool(value)
+				val, err := internalutil.ParseIsolate(value)
 				if err != nil {
 					return nil, err
 				}
-				// rust only support "true" or "false" while go can parse 1 and 0 as well so we need to change it
-				newNetwork.Options[types.IsolateOption] = strconv.FormatBool(val)
+				newNetwork.Options[types.IsolateOption] = val
 			case types.MetricOption:
 				_, err := strconv.ParseUint(value, 10, 32)
 				if err != nil {
@@ -244,7 +243,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
 		return nil, err
 	}
 
-	//validate routes
+	// validate routes
 	err = internalutil.ValidateRoutes(newNetwork.Routes)
 	if err != nil {
 		return nil, err

vendor/github.com/containers/common/libnetwork/netavark/ipam.go

@@ -173,20 +173,23 @@ func getFreeIPFromBucket(bucket *bbolt.Bucket, subnet *types.Subnet) (net.IP, er
 	if rangeStart == nil {
 		// let start with the first ip in subnet
 		rangeStart = util.NextIP(subnet.Subnet.IP)
+	} else if util.Cmp(rangeStart, subnet.Subnet.IP) == 0 {
+		// when we start on the subnet ip we need to inc by one as the subnet ip cannot be assigned
+		rangeStart = util.NextIP(rangeStart)
 	}
 
+	lastIP, err := util.LastIPInSubnet(&subnet.Subnet.IPNet)
+	// this error should never happen but lets check anyways to prevent panics
+	if err != nil {
+		return nil, fmt.Errorf("failed to get lastIP: %w", err)
+	}
 	if rangeEnd == nil {
-		lastIP, err := util.LastIPInSubnet(&subnet.Subnet.IPNet)
-		// this error should never happen but lets check anyways to prevent panics
-		if err != nil {
-			return nil, fmt.Errorf("failed to get lastIP: %w", err)
-		}
-		// ipv4 uses the last ip in a subnet for broadcast so we cannot use it
-		if util.IsIPv4(lastIP) {
-			lastIP = util.PrevIP(lastIP)
-		}
 		rangeEnd = lastIP
 	}
+	// ipv4 uses the last ip in a subnet for broadcast so we cannot use it
+	if util.IsIPv4(rangeEnd) && util.Cmp(rangeEnd, lastIP) == 0 {
+		rangeEnd = util.PrevIP(rangeEnd)
+	}
 
 	lastIPByte := bucket.Get(lastIPKey)
 	curIP := net.IP(lastIPByte)

vendor/github.com/containers/common/pkg/cgroups/cpuset_linux.go

@@ -52,6 +52,6 @@ func (c *linuxCpusetHandler) Destroy(ctr *CgroupControl) error {
 }
 
 // Stat fills a metrics structure with usage stats for the controller
-func (c *linuxCpusetHandler) Stat(ctr *CgroupControl, m *cgroups.Stats) error {
+func (c *linuxCpusetHandler) Stat(_ *CgroupControl, _ *cgroups.Stats) error {
 	return nil
 }

vendor/github.com/containers/common/pkg/completion/completion.go

@@ -23,19 +23,19 @@ func CompleteCommandFlags(cmd *cobra.Command, flags FlagCompletions) {
 /* Autocomplete Functions for cobra ValidArgsFunction */
 
 // AutocompleteNone - Block the default shell completion (no paths)
-func AutocompleteNone(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteNone(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	return nil, cobra.ShellCompDirectiveNoFileComp
 }
 
 // AutocompleteDefault - Use the default shell completion,
 // allows path completion.
-func AutocompleteDefault(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteDefault(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	return nil, cobra.ShellCompDirectiveDefault
 }
 
 // AutocompleteCapabilities - Autocomplete linux capabilities options.
 // Used by --cap-add and --cap-drop.
-func AutocompleteCapabilities(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteCapabilities(_ *cobra.Command, _ []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 	caps := capabilities.AllCapabilities()
 
 	// convertCase will convert a string to lowercase only if the user input is lowercase
@@ -83,17 +83,17 @@ func autocompleteSubIDName(filename string) ([]string, cobra.ShellCompDirective)
 }
 
 // AutocompleteSubgidName - Autocomplete subgidname based on the names in the /etc/subgid file.
-func AutocompleteSubgidName(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteSubgidName(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	return autocompleteSubIDName("/etc/subgid")
 }
 
 // AutocompleteSubuidName - Autocomplete subuidname based on the names in the /etc/subuid file.
-func AutocompleteSubuidName(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteSubuidName(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	return autocompleteSubIDName("/etc/subuid")
 }
 
 // AutocompleteArch - Autocomplete platform supported by container engines
-func AutocompletePlatform(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompletePlatform(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	completions := []string{
 		"linux/386",
 		"linux/amd64",
@@ -115,7 +115,7 @@ func AutocompletePlatform(cmd *cobra.Command, args []string, toComplete string)
 }
 
 // AutocompleteArch - Autocomplete architectures supported by container engines
-func AutocompleteArch(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteArch(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	completions := []string{
 		"386",
 		"amd64",
@@ -135,19 +135,19 @@ func AutocompleteArch(cmd *cobra.Command, args []string, toComplete string) ([]s
 }
 
 // AutocompleteOS - Autocomplete OS supported by container engines
-func AutocompleteOS(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteOS(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	completions := []string{"linux", "windows"}
 	return completions, cobra.ShellCompDirectiveNoFileComp
 }
 
 // AutocompleteJSONFormat - Autocomplete format flag option.
 // -> "json"
-func AutocompleteJSONFormat(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteJSONFormat(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
 	return []string{"json"}, cobra.ShellCompDirectiveNoFileComp
 }
 
 // AutocompleteOneArg - Autocomplete one random arg
-func AutocompleteOneArg(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
+func AutocompleteOneArg(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) {
 	if len(args) == 1 {
 		return nil, cobra.ShellCompDirectiveDefault
 	}

vendor/github.com/containers/common/pkg/config/containers.conf

@@ -374,7 +374,7 @@ default_sysctls = [
 [engine]
 # Index to the active service
 #
-#active_service = production
+#active_service = "production"
 
 # The compression format to use when pushing an image.
 # Valid options are: `gzip`, `zstd` and `zstd:chunked`.
@@ -522,13 +522,13 @@ default_sysctls = [
 # faster "shm" lock type. You may need to run "podman system renumber" after
 # you change the lock type.
 #
-#lock_type** = "shm"
+#lock_type = "shm"
 
 # MultiImageArchive - if true, the container engine allows for storing archives
 # (e.g., of the docker-archive transport) with multiple images.  By default,
 # Podman creates single-image archives.
 #
-#multi_image_archive = "false"
+#multi_image_archive = false
 
 # Default engine namespace
 # If engine is joined to a namespace, it will see only containers and pods
@@ -633,8 +633,8 @@ default_sysctls = [
 
 # map of service destinations
 #
-# [service_destinations]
-#  [service_destinations.production]
+# [engine.service_destinations]
+#  [engine.service_destinations.production]
 #     URI to access the Podman service
 #     Examples:
 #       rootless "unix://run/user/$UID/podman/podman.sock" (Default)

vendor/github.com/containers/common/pkg/hooks/hooks.go

@@ -48,7 +48,7 @@ type namedHook struct {
 // those specified in the OCI Runtime Specification and to control
 // OCI-defined stages instead of delegating to the OCI runtime.  See
 // Hooks() for more information.
-func New(ctx context.Context, directories []string, extensionStages []string) (manager *Manager, err error) {
+func New(_ context.Context, directories []string, extensionStages []string) (manager *Manager, err error) {
 	manager = &Manager{
 		hooks:           map[string]*current.Hook{},
 		directories:     directories,

vendor/github.com/containers/common/pkg/manifests/manifests.go

@@ -73,7 +73,8 @@ func Create() List {
 
 // AddInstance adds an entry for the specified manifest digest, with assorted
 // additional information specified in parameters, to the list or index.
-func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, osName, architecture, osVersion string, osFeatures []string, variant string, features, annotations []string) error {
+func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, osName, architecture, osVersion string, osFeatures []string, variant string, features, annotations []string) error { // nolint:revive
+	// FIXME: the annotations argument is currently ignored
 	if err := l.Remove(manifestDigest); err != nil && !errors.Is(err, os.ErrNotExist) {
 		return err
 	}

vendor/github.com/containers/common/pkg/secrets/secrets.go

@@ -176,9 +176,8 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, opti
 			if errors.Is(err, ErrNoSuchSecret) {
 				secr.ID = newID
 				break
-			} else {
-				return "", err
 			}
+			return "", err
 		}
 	}
 

vendor/github.com/containers/common/pkg/supplemented/supplemented.go

@@ -280,7 +280,7 @@ func (s *supplementedImageReference) NewImageSource(ctx context.Context, sys *ty
 	return iss, nil
 }
 
-func (s *supplementedImageReference) DeleteImage(ctx context.Context, sys *types.SystemContext) error {
+func (s *supplementedImageReference) DeleteImage(_ context.Context, _ *types.SystemContext) error {
 	return fmt.Errorf("deletion of images not implemented")
 }