Vendor c/common

@main Signed-off-by: Ashley Cui <acui@redhat.com>
2025-12-01 10:38:05 +08:00 · 2024-02-05 09:46:40 -05:00
parent daf7a2c069
commit ee923358c3
14 changed files with 240 additions and 144 deletions
--- a/go.mod
+++ b/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/checkpoint-restore/go-criu/v7 v7.0.0
 	github.com/containernetworking/plugins v1.4.0
 	github.com/containers/buildah v1.34.1-0.20240201124221-b850c711ff5c
-	github.com/containers/common v0.57.1-0.20240130143645-b26099256b92
+	github.com/containers/common v0.57.1-0.20240205132223-de5cb00e891c
 	github.com/containers/conmon v2.0.20+incompatible
 	github.com/containers/gvisor-tap-vsock v0.7.2
 	github.com/containers/image/v5 v5.29.2-0.20240130233108-e66a1ade2efc
@@ -25,7 +25,7 @@ require (
 	github.com/cyphar/filepath-securejoin v0.2.4
 	github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e
 	github.com/docker/distribution v2.8.3+incompatible
-	github.com/docker/docker v25.0.1+incompatible
+	github.com/docker/docker v25.0.2+incompatible
 	github.com/docker/go-connections v0.5.0
 	github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651
 	github.com/docker/go-units v0.5.0
@@ -93,7 +93,7 @@ require (
 	github.com/chenzhuoyu/iasm v0.9.0 // indirect
 	github.com/chzyer/readline v1.5.1 // indirect
 	github.com/containerd/cgroups/v3 v3.0.2 // indirect
-	github.com/containerd/containerd v1.7.12 // indirect
+	github.com/containerd/containerd v1.7.13 // indirect
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
 	github.com/containerd/typeurl/v2 v2.1.1 // indirect
--- a/go.sum
+++ b/go.sum
@@ -194,8 +194,8 @@ github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09Zvgq
 github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s=
 github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g=
 github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c=
-github.com/containerd/containerd v1.7.12 h1:+KQsnv4VnzyxWcfO9mlxxELaoztsDEjOuCMPAuPqgU0=
-github.com/containerd/containerd v1.7.12/go.mod h1:/5OMpE1p0ylxtEUGY8kuCYkDRzJm9NO1TFMWjUpdevk=
+github.com/containerd/containerd v1.7.13 h1:wPYKIeGMN8vaggSKuV1X0wZulpMz4CrgEsZdaCyB6Is=
+github.com/containerd/containerd v1.7.13/go.mod h1:zT3up6yTRfEUa6+GsITYIJNgSVL9NQ4x4h1RPzk0Wu4=
 github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
 github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -257,8 +257,8 @@ github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7w
 github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0=
 github.com/containers/buildah v1.34.1-0.20240201124221-b850c711ff5c h1:r+1vFyTAoXptJrsPsnOMI3G0jm4+BCfXAcIyuA33lzo=
 github.com/containers/buildah v1.34.1-0.20240201124221-b850c711ff5c/go.mod h1:Hw4qo2URFpWvZ2tjLstoQMpNC6+gR4PtxQefvV/UKaA=
-github.com/containers/common v0.57.1-0.20240130143645-b26099256b92 h1:Q60+ofGhDjVxY5lvYmmcVN8aeS9gtQ6pAn/pyLh7rRM=
-github.com/containers/common v0.57.1-0.20240130143645-b26099256b92/go.mod h1:Na7hGh5WnmB0RdGkKyb6JQb6DtKrs5qoIGrPucuR8t0=
+github.com/containers/common v0.57.1-0.20240205132223-de5cb00e891c h1:Xzo9t4eIalkeilcmYTz0YEgL7hMrGQ12GK6UlSHrEsU=
+github.com/containers/common v0.57.1-0.20240205132223-de5cb00e891c/go.mod h1:s1gEyucR3ryIex1aDMo1KzbfpvRl0CaGER6s5jqXRkI=
 github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
 github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/gvisor-tap-vsock v0.7.2 h1:6CyU5D85C0/DciRRd7W0bPljK4FAS+DPrrHEQMHfZKY=
@@ -347,8 +347,8 @@ github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4Kfc
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v25.0.1+incompatible h1:k5TYd5rIVQRSqcTwCID+cyVA0yRg86+Pcrz1ls0/frA=
-github.com/docker/docker v25.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v25.0.2+incompatible h1:/OaKeauroa10K4Nqavw4zlhcDq/WBcPMc5DbjOGgozY=
+github.com/docker/docker v25.0.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
 github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo=
 github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
--- a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go
@@ -1,4 +1,4 @@
-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go
@@ -16,7 +16,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
@@ -1,4 +1,4 @@
-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/config.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/config.go
@@ -1,4 +1,4 @@
-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go
@@ -1,4 +1,4 @@
-//go:build freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/config_linux.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/config_linux.go
@@ -1,4 +1,4 @@
-//go:build linux
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/network.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/network.go
@@ -1,4 +1,4 @@
-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/cni/run.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/run.go
@@ -1,4 +1,4 @@
-//go:build linux || freebsd
+//go:build (linux || freebsd) && cni

 package cni

--- a/vendor/github.com/containers/common/libnetwork/network/interface.go
+++ b/vendor/github.com/containers/common/libnetwork/network/interface.go
@@ -8,13 +8,10 @@ import (
 	"os"
 	"path/filepath"

-	"github.com/containers/common/libnetwork/cni"
 	"github.com/containers/common/libnetwork/netavark"
 	"github.com/containers/common/libnetwork/types"
 	"github.com/containers/common/pkg/config"
-	"github.com/containers/common/pkg/machine"
 	"github.com/containers/storage"
-	"github.com/containers/storage/pkg/homedir"
 	"github.com/containers/storage/pkg/ioutils"
 	"github.com/containers/storage/pkg/unshare"
 	"github.com/sirupsen/logrus"
@@ -23,8 +20,6 @@ import (
 const (
 	// defaultNetworkBackendFileName is the file name for sentinel file to store the backend
 	defaultNetworkBackendFileName = "defaultNetworkBackend"
-	// cniConfigDirRootless is the directory in XDG_CONFIG_HOME for cni plugins
-	cniConfigDirRootless = "cni/net.d/"

 	// netavarkBinary is the name of the netavark binary
 	netavarkBinary = "netavark"
@@ -52,146 +47,94 @@ func NetworkBackend(store storage.Store, conf *config.Config, syslog bool) (type
 		}
 	}

-	switch backend {
-	case types.Netavark:
-		netavarkBin, err := conf.FindHelperBinary(netavarkBinary, false)
-		if err != nil {
-			return "", nil, err
-		}
+	return backendFromType(backend, store, conf, syslog)
+}

-		aardvarkBin, _ := conf.FindHelperBinary(aardvarkBinary, false)
-
-		confDir := conf.Network.NetworkConfigDir
-		if confDir == "" {
-			confDir = getDefaultNetavarkConfigDir(store)
-		}
-
-		// We cannot use the runroot for rootful since the network namespace is shared for all
-		// libpod instances they also have to share the same ipam db.
-		// For rootless we have our own network namespace per libpod instances,
-		// so this is not a problem there.
-		runDir := netavarkRunDir
-		if unshare.IsRootless() {
-			runDir = filepath.Join(store.RunRoot(), "networks")
-		}
-
-		netInt, err := netavark.NewNetworkInterface(&netavark.InitConfig{
-			Config:           conf,
-			NetworkConfigDir: confDir,
-			NetworkRunDir:    runDir,
-			NetavarkBinary:   netavarkBin,
-			AardvarkBinary:   aardvarkBin,
-			Syslog:           syslog,
-		})
-		return types.Netavark, netInt, err
-	case types.CNI:
-		netInt, err := getCniInterface(conf)
-		return types.CNI, netInt, err
-
-	default:
-		return "", nil, fmt.Errorf("unsupported network backend %q, check network_backend in containers.conf", backend)
+func netavarkBackendFromConf(store storage.Store, conf *config.Config, syslog bool) (types.ContainerNetwork, error) {
+	netavarkBin, err := conf.FindHelperBinary(netavarkBinary, false)
+	if err != nil {
+		return nil, err
 	}
+
+	aardvarkBin, _ := conf.FindHelperBinary(aardvarkBinary, false)
+
+	confDir := conf.Network.NetworkConfigDir
+	if confDir == "" {
+		confDir = getDefaultNetavarkConfigDir(store)
+	}
+
+	// We cannot use the runroot for rootful since the network namespace is shared for all
+	// libpod instances they also have to share the same ipam db.
+	// For rootless we have our own network namespace per libpod instances,
+	// so this is not a problem there.
+	runDir := netavarkRunDir
+	if unshare.IsRootless() {
+		runDir = filepath.Join(store.RunRoot(), "networks")
+	}
+
+	netInt, err := netavark.NewNetworkInterface(&netavark.InitConfig{
+		Config:           conf,
+		NetworkConfigDir: confDir,
+		NetworkRunDir:    runDir,
+		NetavarkBinary:   netavarkBin,
+		AardvarkBinary:   aardvarkBin,
+		Syslog:           syslog,
+	})
+	return netInt, err
 }

 func defaultNetworkBackend(store storage.Store, conf *config.Config) (backend types.NetworkBackend, err error) {
-	// read defaultNetworkBackend file
+	err = nil
+
 	file := filepath.Join(store.GraphRoot(), defaultNetworkBackendFileName)
+
+	writeBackendToFile := func(backendT types.NetworkBackend) {
+		// only write when there is no error
+		if err == nil {
+			if err := ioutils.AtomicWriteFile(file, []byte(backendT), 0o644); err != nil {
+				logrus.Errorf("could not write network backend to file: %v", err)
+			}
+		}
+	}
+
+	// read defaultNetworkBackend file
 	b, err := os.ReadFile(file)
 	if err == nil {
 		val := string(b)
+
+		// if the network backend has been already set previously,
+		// handle the values depending on whether CNI is supported and
+		// whether the network backend is explicitly configured
 		if val == string(types.Netavark) {
+			// netavark is always good
+			return types.Netavark, nil
+		} else if val == string(types.CNI) {
+			if cniSupported {
+				return types.CNI, nil
+			}
+			// the user has *not* configured a network
+			// backend explicitly but used CNI in the past
+			// => we upgrade them in this case to netavark only
+			writeBackendToFile(types.Netavark)
+			logrus.Info("Migrating network backend to netavark as no backend has been configured previously")
 			return types.Netavark, nil
-		}
-		if val == string(types.CNI) {
-			return types.CNI, nil
 		}
 		return "", fmt.Errorf("unknown network backend value %q in %q", val, file)
 	}
+
 	// fail for all errors except ENOENT
 	if !errors.Is(err, os.ErrNotExist) {
 		return "", fmt.Errorf("could not read network backend value: %w", err)
 	}

+	backend, err = networkBackendFromStore(store, conf)
+	if err != nil {
+		return "", err
+	}
 	// cache the network backend to make sure always the same one will be used
-	defer func() {
-		// only write when there is no error
-		if err == nil {
-			if err := ioutils.AtomicWriteFile(file, []byte(backend), 0o644); err != nil {
-				logrus.Errorf("could not write network backend to file: %v", err)
-			}
-		}
-	}()
+	writeBackendToFile(backend)

-	_, err = conf.FindHelperBinary("netavark", false)
-	if err != nil {
-		// if we cannot find netavark use CNI
-		return types.CNI, nil
-	}
-
-	// If there are any containers then return CNI
-	cons, err := store.Containers()
-	if err != nil {
-		return "", err
-	}
-	if len(cons) != 0 {
-		return types.CNI, nil
-	}
-
-	// If there are any non ReadOnly images then return CNI
-	imgs, err := store.Images()
-	if err != nil {
-		return "", err
-	}
-	for _, i := range imgs {
-		if !i.ReadOnly {
-			return types.CNI, nil
-		}
-	}
-
-	// If there are CNI Networks then return CNI
-	cniInterface, err := getCniInterface(conf)
-	if err == nil {
-		nets, err := cniInterface.NetworkList()
-		// there is always a default network so check > 1
-		if err != nil && !errors.Is(err, os.ErrNotExist) {
-			return "", err
-		}
-
-		if len(nets) > 1 {
-			// we do not have a fresh system so use CNI
-			return types.CNI, nil
-		}
-	}
-	return types.Netavark, nil
-}
-
-func getCniInterface(conf *config.Config) (types.ContainerNetwork, error) {
-	confDir := conf.Network.NetworkConfigDir
-	if confDir == "" {
-		var err error
-		confDir, err = getDefaultCNIConfigDir()
-		if err != nil {
-			return nil, err
-		}
-	}
-	return cni.NewCNINetworkInterface(&cni.InitConfig{
-		Config:       conf,
-		CNIConfigDir: confDir,
-		RunDir:       conf.Engine.TmpDir,
-		IsMachine:    machine.IsGvProxyBased(),
-	})
-}
-
-func getDefaultCNIConfigDir() (string, error) {
-	if !unshare.IsRootless() {
-		return cniConfigDir, nil
-	}
-
-	configHome, err := homedir.GetConfigHome()
-	if err != nil {
-		return "", err
-	}
-	return filepath.Join(configHome, cniConfigDirRootless), nil
+	return backend, nil
 }

 // getDefaultNetavarkConfigDir return the netavark config dir. For rootful it will
--- a/vendor/github.com/containers/common/libnetwork/network/interface_cni.go
+++ b/vendor/github.com/containers/common/libnetwork/network/interface_cni.go
@@ -0,0 +1,121 @@
+//go:build (linux || freebsd) && cni
+// +build linux freebsd
+// +build cni
+
+package network
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/containers/common/libnetwork/cni"
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/pkg/config"
+	"github.com/containers/common/pkg/machine"
+	"github.com/containers/storage"
+	"github.com/containers/storage/pkg/homedir"
+	"github.com/containers/storage/pkg/unshare"
+)
+
+const (
+	// cniConfigDirRootless is the directory in XDG_CONFIG_HOME for cni plugins
+	cniConfigDirRootless = "cni/net.d/"
+
+	cniSupported = true
+)
+
+func getCniInterface(conf *config.Config) (types.ContainerNetwork, error) {
+	confDir := conf.Network.NetworkConfigDir
+	if confDir == "" {
+		var err error
+		confDir, err = getDefaultCNIConfigDir()
+		if err != nil {
+			return nil, err
+		}
+	}
+	return cni.NewCNINetworkInterface(&cni.InitConfig{
+		Config:       conf,
+		CNIConfigDir: confDir,
+		RunDir:       conf.Engine.TmpDir,
+		IsMachine:    machine.IsGvProxyBased(),
+	})
+}
+
+func getDefaultCNIConfigDir() (string, error) {
+	if !unshare.IsRootless() {
+		return cniConfigDir, nil
+	}
+
+	configHome, err := homedir.GetConfigHome()
+	if err != nil {
+		return "", err
+	}
+
+	return filepath.Join(configHome, cniConfigDirRootless), nil
+}
+
+func networkBackendFromStore(store storage.Store, conf *config.Config) (backend types.NetworkBackend, err error) {
+	_, err = conf.FindHelperBinary("netavark", false)
+	if err != nil {
+		// if we cannot find netavark use CNI
+		return types.CNI, nil
+	}
+
+	// If there are any containers then return CNI
+	cons, err := store.Containers()
+	if err != nil {
+		return "", err
+	}
+	if len(cons) != 0 {
+		return types.CNI, nil
+	}
+
+	// If there are any non ReadOnly images then return CNI
+	imgs, err := store.Images()
+	if err != nil {
+		return "", err
+	}
+	for _, i := range imgs {
+		if !i.ReadOnly {
+			return types.CNI, nil
+		}
+	}
+
+	// If there are CNI Networks then return CNI
+	cniInterface, err := getCniInterface(conf)
+	if err == nil {
+		nets, err := cniInterface.NetworkList()
+		// there is always a default network so check > 1
+		if err != nil && !errors.Is(err, os.ErrNotExist) {
+			return "", err
+		}
+
+		if len(nets) > 1 {
+			// we do not have a fresh system so use CNI
+			return types.CNI, nil
+		}
+	}
+	return types.Netavark, nil
+}
+
+func backendFromType(backend types.NetworkBackend, store storage.Store, conf *config.Config, syslog bool) (types.NetworkBackend, types.ContainerNetwork, error) {
+	switch backend {
+	case types.Netavark:
+		netInt, err := netavarkBackendFromConf(store, conf, syslog)
+		if err != nil {
+			return "", nil, err
+		}
+		return types.Netavark, netInt, err
+	case types.CNI:
+		netInt, err := getCniInterface(conf)
+		if err != nil {
+			return "", nil, err
+		}
+		return types.CNI, netInt, err
+
+	default:
+		return "", nil, fmt.Errorf("unsupported network backend %q, check network_backend in containers.conf", backend)
+	}
+}
--- a/vendor/github.com/containers/common/libnetwork/network/interface_cni_unsupported.go
+++ b/vendor/github.com/containers/common/libnetwork/network/interface_cni_unsupported.go
@@ -0,0 +1,32 @@
+//go:build (linux || freebsd) && !cni
+// +build linux freebsd
+// +build !cni
+
+package network
+
+import (
+	"fmt"
+
+	"github.com/containers/common/libnetwork/types"
+	"github.com/containers/common/pkg/config"
+	"github.com/containers/storage"
+)
+
+const (
+	cniSupported = false
+)
+
+func networkBackendFromStore(_store storage.Store, _conf *config.Config) (backend types.NetworkBackend, err error) {
+	return types.Netavark, nil
+}
+
+func backendFromType(backend types.NetworkBackend, store storage.Store, conf *config.Config, syslog bool) (types.NetworkBackend, types.ContainerNetwork, error) {
+	if backend != types.Netavark {
+		return "", nil, fmt.Errorf("cni support is not enabled in this build, only netavark. Got unsupported network backend %q", backend)
+	}
+	cn, err := netavarkBackendFromConf(store, conf, syslog)
+	if err != nil {
+		return "", nil, err
+	}
+	return types.Netavark, cn, err
+}
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -107,7 +107,7 @@ github.com/chzyer/readline
 # github.com/containerd/cgroups/v3 v3.0.2
 ## explicit; go 1.18
 github.com/containerd/cgroups/v3/cgroup1/stats
-# github.com/containerd/containerd v1.7.12
+# github.com/containerd/containerd v1.7.13
 ## explicit; go 1.19
 github.com/containerd/containerd/errdefs
 github.com/containerd/containerd/log
@@ -168,7 +168,7 @@ github.com/containers/buildah/pkg/sshagent
 github.com/containers/buildah/pkg/util
 github.com/containers/buildah/pkg/volumes
 github.com/containers/buildah/util
-# github.com/containers/common v0.57.1-0.20240130143645-b26099256b92
+# github.com/containers/common v0.57.1-0.20240205132223-de5cb00e891c
 ## explicit; go 1.20
 github.com/containers/common/internal/attributedstring
 github.com/containers/common/libimage
@@ -458,7 +458,7 @@ github.com/distribution/reference
 github.com/docker/distribution/registry/api/errcode
 github.com/docker/distribution/registry/api/v2
 github.com/docker/distribution/registry/client/auth/challenge
-# github.com/docker/docker v25.0.1+incompatible
+# github.com/docker/docker v25.0.2+incompatible
 ## explicit
 github.com/docker/docker/api
 github.com/docker/docker/api/types