Merge pull request #6423 from rhatdan/VENDOR

Vendor in containers/common v0.12.0

Makefile

@@ -22,7 +22,7 @@ ETCDIR ?= /etc
 TMPFILESDIR ?= ${PREFIX}/lib/tmpfiles.d
 SYSTEMDDIR ?= ${PREFIX}/lib/systemd/system
 USERSYSTEMDDIR ?= ${PREFIX}/lib/systemd/user
-REMOTETAGS ?= !ABISupport remoteclient exclude_graphdriver_btrfs btrfs_noversion  exclude_graphdriver_devicemapper containers_image_openpgp
+REMOTETAGS ?= !ABISupport remote exclude_graphdriver_btrfs btrfs_noversion  exclude_graphdriver_devicemapper containers_image_openpgp
 BUILDTAGS ?= \
 	$(shell hack/apparmor_tag.sh) \
 	$(shell hack/btrfs_installed_tag.sh) \

go.mod

@@ -11,7 +11,7 @@ require (
 	github.com/containernetworking/cni v0.7.2-0.20200304161608-4fae32b84921
 	github.com/containernetworking/plugins v0.8.6
 	github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224
-	github.com/containers/common v0.11.4
+	github.com/containers/common v0.12.0
 	github.com/containers/conmon v2.0.16+incompatible
 	github.com/containers/image/v5 v5.4.4
 	github.com/containers/psgo v1.5.0

go.sum

@@ -69,8 +69,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV
 github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224 h1:EqwBZRqyUYvU7JOmmSSPviSaAoUP1wN0cefXXDZ9ATo=
 github.com/containers/buildah v1.14.9-0.20200523094741-de0f541d9224/go.mod h1:5ZkWjOuK90yl55L5R+purJNLfUo0VUr8pstJazNtYck=
 github.com/containers/common v0.11.2/go.mod h1:2w3QE6VUmhltGYW4wV00h4okq1Crs7hNI1ZD2I0QRUY=
-github.com/containers/common v0.11.4 h1:M7lmjaVY+29g+YiaWH/UP4YeHjT/pZMxvRgmsWsQn74=
-github.com/containers/common v0.11.4/go.mod h1:AOxw4U5TJJrR/J1QPRvWbjHNdwU13wMy79rjK+7+aJE=
+github.com/containers/common v0.12.0 h1:LR/sYyzFa22rFhfu6J9dEYhVkrWjagUigz/ewHhHL9s=
+github.com/containers/common v0.12.0/go.mod h1:PKlahPDnQQYcXuIw5qq8mq6yNuCHBtgABphzy6pN0iI=
 github.com/containers/conmon v2.0.16+incompatible h1:QFOlb9Id4WoJ24BelCFWwDSPTquwKMp3L3g2iGmRTq4=
 github.com/containers/conmon v2.0.16+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/image/v5 v5.4.3/go.mod h1:pN0tvp3YbDd7BWavK2aE0mvJUqVd2HmhPjekyWSFm0U=

vendor/github.com/containers/common/pkg/config/config.go

@@ -7,7 +7,6 @@ import (
 	"path/filepath"
 	"strings"
 	"sync"
-	"syscall"
 
 	"github.com/BurntSushi/toml"
 	"github.com/containers/common/pkg/capabilities"
@@ -263,6 +262,13 @@ type EngineConfig struct {
 	// PullPolicy determines whether to pull image before creating or running a container
 	// default is "missing"
 	PullPolicy string `toml:"pull_policy"`
+
+	// Indicates whether the application should be running in Remote mode
+	Remote bool `toml:"_"`
+
+	// RemoteURI containers connection information used to connect to remote system.
+	RemoteURI string `toml:"remote_uri,omitempty"`
+
 	// RuntimePath is the path to OCI runtime binary for launching containers.
 	// The first path pointing to a valid file will be used This is used only
 	// when there are no OCIRuntime/OCIRuntimes defined.  It is used only to be
@@ -540,17 +546,8 @@ func (c *Config) Validate() error {
 // It returns an `error` on validation failure, otherwise
 // `nil`.
 func (c *EngineConfig) Validate() error {
-	// Relative paths can cause nasty bugs, because core paths we use could
-	// shift between runs (or even parts of the program - the OCI runtime
-	// uses a different working directory than we do, for example.
-	if c.StaticDir != "" && !filepath.IsAbs(c.StaticDir) {
-		return fmt.Errorf("static directory must be an absolute path - instead got %q", c.StaticDir)
-	}
-	if c.TmpDir != "" && !filepath.IsAbs(c.TmpDir) {
-		return fmt.Errorf("temporary directory must be an absolute path - instead got %q", c.TmpDir)
-	}
-	if c.VolumePath != "" && !filepath.IsAbs(c.VolumePath) {
-		return fmt.Errorf("volume path must be an absolute path - instead got %q", c.VolumePath)
+	if err := c.validatePaths(); err != nil {
+		return err
 	}
 
 	// Check if the pullPolicy from containers.conf is valid
@@ -566,22 +563,13 @@ func (c *EngineConfig) Validate() error {
 // It returns an `error` on validation failure, otherwise
 // `nil`.
 func (c *ContainersConfig) Validate() error {
-	for _, u := range c.DefaultUlimits {
-		ul, err := units.ParseUlimit(u)
-		if err != nil {
-			return fmt.Errorf("unrecognized ulimit %s: %v", u, err)
-		}
-		_, err = ul.GetRlimit()
-		if err != nil {
-			return err
-		}
+
+	if err := c.validateUlimits(); err != nil {
+		return err
 	}
 
-	for _, d := range c.Devices {
-		_, _, _, err := Device(d)
-		if err != nil {
-			return err
-		}
+	if err := c.validateDevices(); err != nil {
+		return err
 	}
 
 	if c.LogSizeMax >= 0 && c.LogSizeMax < OCIBufSize {
@@ -600,8 +588,7 @@ func (c *ContainersConfig) Validate() error {
 // execution checks. It returns an `error` on validation failure, otherwise
 // `nil`.
 func (c *NetworkConfig) Validate() error {
-
-	if c.NetworkConfigDir != cniConfigDir {
+	if c.NetworkConfigDir != _cniConfigDir {
 		err := isDirectory(c.NetworkConfigDir)
 		if err != nil {
 			return errors.Wrapf(err, "invalid network_config_dir: %s", c.NetworkConfigDir)
@@ -803,31 +790,6 @@ func resolveHomeDir(path string) (string, error) {
 	return strings.Replace(path, "~", home, 1), nil
 }
 
-// isDirectory tests whether the given path exists and is a directory. It
-// follows symlinks.
-func isDirectory(path string) error {
-	path, err := resolveHomeDir(path)
-	if err != nil {
-		return err
-	}
-
-	info, err := os.Stat(path)
-	if err != nil {
-		return err
-	}
-
-	if !info.Mode().IsDir() {
-		// Return a PathError to be consistent with os.Stat().
-		return &os.PathError{
-			Op:   "stat",
-			Path: path,
-			Err:  syscall.ENOTDIR,
-		}
-	}
-
-	return nil
-}
-
 func rootlessConfigPath() (string, error) {
 	if configHome := os.Getenv("XDG_CONFIG_HOME"); configHome != "" {
 		return filepath.Join(configHome, _configPath), nil
@@ -878,3 +840,16 @@ func Default() (*Config, error) {
 	})
 	return config, err
 }
+
+func Path() string {
+	if path := os.Getenv("CONTAINERS_CONF"); path != "" {
+		return path
+	}
+	if unshare.IsRootless() {
+		if rpath, err := rootlessConfigPath(); err == nil {
+			return rpath
+		}
+		return "$HOME/" + UserOverrideContainersConfig
+	}
+	return OverrideContainersConfig
+}

vendor/github.com/containers/common/pkg/config/config_local.go

@@ -0,0 +1,81 @@
+// +build !remote
+
+package config
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"syscall"
+
+	units "github.com/docker/go-units"
+)
+
+// isDirectory tests whether the given path exists and is a directory. It
+// follows symlinks.
+func isDirectory(path string) error {
+	path, err := resolveHomeDir(path)
+	if err != nil {
+		return err
+	}
+
+	info, err := os.Stat(path)
+	if err != nil {
+		return err
+	}
+
+	if !info.Mode().IsDir() {
+		// Return a PathError to be consistent with os.Stat().
+		return &os.PathError{
+			Op:   "stat",
+			Path: path,
+			Err:  syscall.ENOTDIR,
+		}
+	}
+
+	return nil
+}
+
+func (c *EngineConfig) validatePaths() error {
+	// Relative paths can cause nasty bugs, because core paths we use could
+	// shift between runs or even parts of the program. - The OCI runtime
+	// uses a different working directory than we do, for example.
+	if c.StaticDir != "" && !filepath.IsAbs(c.StaticDir) {
+		return fmt.Errorf("static directory must be an absolute path - instead got %q", c.StaticDir)
+	}
+	if c.TmpDir != "" && !filepath.IsAbs(c.TmpDir) {
+		return fmt.Errorf("temporary directory must be an absolute path - instead got %q", c.TmpDir)
+	}
+	if c.VolumePath != "" && !filepath.IsAbs(c.VolumePath) {
+		return fmt.Errorf("volume path must be an absolute path - instead got %q", c.VolumePath)
+	}
+	return nil
+}
+
+func (c *ContainersConfig) validateDevices() error {
+	for _, d := range c.Devices {
+		_, _, _, err := Device(d)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (c *ContainersConfig) validateUlimits() error {
+	for _, u := range c.DefaultUlimits {
+		ul, err := units.ParseUlimit(u)
+		if err != nil {
+			return fmt.Errorf("unrecognized ulimit %s: %v", u, err)
+		}
+		_, err = ul.GetRlimit()
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func isRemote() bool {
+	return false
+}

vendor/github.com/containers/common/pkg/config/config_remote.go

@@ -0,0 +1,25 @@
+// +build remote
+
+package config
+
+// isDirectory tests whether the given path exists and is a directory. It
+// follows symlinks.
+func isDirectory(path string) error {
+	return nil
+}
+
+func isRemote() bool {
+	return true
+}
+
+func (c *EngineConfig) validatePaths() error {
+	return nil
+}
+
+func (c *ContainersConfig) validateDevices() error {
+	return nil
+}
+
+func (c *ContainersConfig) validateUlimits() error {
+	return nil
+}

vendor/github.com/containers/common/pkg/config/config_unix.go

@@ -1,15 +0,0 @@
-// +build !windows
-
-package config
-
-// Defaults for linux/unix if none are specified
-const (
-	cniConfigDir = "/etc/cni/net.d/"
-)
-
-var cniBinDir = []string{
-	"/usr/libexec/cni",
-	"/usr/lib/cni",
-	"/usr/local/lib/cni",
-	"/opt/cni/bin",
-}

vendor/github.com/containers/common/pkg/config/config_windows.go

@@ -1,10 +0,0 @@
-// +build windows
-
-package config
-
-// Defaults for linux/unix if none are specified
-const (
-	cniConfigDir = "C:\\cni\\etc\\net.d\\"
-)
-
-var cniBinDir = []string{"C:\\cni\\bin\\"}

vendor/github.com/containers/common/pkg/config/default.go

@@ -53,9 +53,6 @@ var (
 	// DefaultDetachKeys is the default keys sequence for detaching a
 	// container
 	DefaultDetachKeys = "ctrl-p,ctrl-q"
-)
-
-var (
 	// ErrConmonOutdated indicates the version of conmon found (whether via the configuration or $PATH)
 	// is out of date for the current podman version
 	ErrConmonOutdated = errors.New("outdated conmon version")
@@ -80,15 +77,24 @@ var (
 		"CAP_SETUID",
 		"CAP_SYS_CHROOT",
 	}
+
+	cniBinDir = []string{
+		"/usr/libexec/cni",
+		"/usr/lib/cni",
+		"/usr/local/lib/cni",
+		"/opt/cni/bin",
+	}
 )
 
 const (
-	// EtcDir is the sysconfdir where podman should look for system config files.
+	// _etcDir is the sysconfdir where podman should look for system config files.
 	// It can be overridden at build time.
 	_etcDir = "/etc"
 	// InstallPrefix is the prefix where podman will be installed.
 	// It can be overridden at build time.
 	_installPrefix = "/usr"
+	// _cniConfigDir is the directory where cni plugins are found
+	_cniConfigDir = "/etc/cni/net.d/"
 	// CgroupfsCgroupsManager represents cgroupfs native cgroup manager
 	CgroupfsCgroupsManager = "cgroupfs"
 	// DefaultApparmorProfile  specifies the default apparmor profile for the container.
@@ -191,7 +197,7 @@ func DefaultConfig() (*Config, error) {
 		},
 		Network: NetworkConfig{
 			DefaultNetwork:   "podman",
-			NetworkConfigDir: cniConfigDir,
+			NetworkConfigDir: _cniConfigDir,
 			CNIPluginDirs:    cniBinDir,
 		},
 		Engine: *defaultEngineConfig,
@@ -233,6 +239,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 	c.CgroupManager = defaultCgroupManager()
 	c.StopTimeout = uint(10)
 
+	c.Remote = isRemote()
 	c.OCIRuntimes = map[string][]string{
 		"runc": {
 			"/usr/bin/runc",

vendor/github.com/containers/common/pkg/config/libpodConfig.go

@@ -226,7 +226,7 @@ func newLibpodConfig(c *Config) error {
 
 	// hard code EventsLogger to "file" to match older podman versions.
 	if config.EventsLogger != "file" {
-		logrus.Debugf("Ignoring lipod.conf EventsLogger setting %q. Use containers.conf if you want to change this setting and remove libpod.conf files.", config.EventsLogger)
+		logrus.Debugf("Ignoring libpod.conf EventsLogger setting %q. Use %q if you want to change this setting and remove libpod.conf files.", Path(), config.EventsLogger)
 		config.EventsLogger = "file"
 	}
 
@@ -262,7 +262,7 @@ func systemLibpodConfigs() ([]string, error) {
 			}
 			// TODO: Raise to Warnf, when Podman is updated to
 			// remove libpod.conf by default
-			logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", path, containersConfPath)
+			logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", Path(), containersConfPath)
 			return []string{path}, nil
 		}
 		return nil, err

vendor/github.com/containers/common/pkg/sysinfo/sysinfo_linux.go

@@ -40,7 +40,7 @@ func New(quiet bool) *SysInfo {
 		sysInfo.cgroupCPUInfo = checkCgroupCPU(cgMounts, quiet)
 		sysInfo.cgroupBlkioInfo = checkCgroupBlkioInfo(cgMounts, quiet)
 		sysInfo.cgroupCpusetInfo = checkCgroupCpusetInfo(cgMounts, quiet)
-		sysInfo.cgroupPids = checkCgroupPids(quiet)
+		sysInfo.cgroupPids = checkCgroupPids(cgMounts, quiet)
 	}
 
 	_, ok := cgMounts["devices"]
@@ -227,16 +227,17 @@ func checkCgroupCpusetInfo(cgMounts map[string]string, quiet bool) cgroupCpusetI
 }
 
 // checkCgroupPids reads the pids information from the pids cgroup mount point.
-func checkCgroupPids(quiet bool) cgroupPids {
+func checkCgroupPids(cgMounts map[string]string, quiet bool) cgroupPids {
 	cgroup2, err := cgroupv2.Enabled()
 	if err != nil {
 		logrus.Errorf("Failed to check cgroups version: %v", err)
+		return cgroupPids{}
 	}
 	if !cgroup2 {
-		_, err := cgroups.FindCgroupMountpoint("", "pids")
-		if err != nil {
+		_, ok := cgMounts["pids"]
+		if !ok {
 			if !quiet {
-				logrus.Warn(err)
+				logrus.Warn("unable to find pids cgroup in mounts")
 			}
 			return cgroupPids{}
 		}

vendor/modules.txt

@@ -84,7 +84,7 @@ github.com/containers/buildah/pkg/secrets
 github.com/containers/buildah/pkg/supplemented
 github.com/containers/buildah/pkg/umask
 github.com/containers/buildah/util
-# github.com/containers/common v0.11.4
+# github.com/containers/common v0.12.0
 github.com/containers/common/pkg/apparmor
 github.com/containers/common/pkg/auth
 github.com/containers/common/pkg/capabilities