opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-07-02 00:30:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

vendor c/common

Browse Source 
Update the recent events-log changes to fix the build error.

[NO NEW TESTS NEEDED] since there's no functional change.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This commit is contained in:
Valentin Rothberg
2022-04-21 11:01:48 +02:00
parent 9c36d8458c
commit ff2e6291a5
43 changed files with 153 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@ -12,7 +12,7 @@ require (
github.com/containernetworking/cni v1.0.1
github.com/containernetworking/plugins v1.1.1
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057
github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b
github.com/containers/common v0.47.5-0.20220421072908-49f1a40067b2
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.21.1-0.20220405081457-d1b64686e1d0
github.com/containers/ocicrypt v1.1.3

4
go.sum
View File

@ -356,8 +356,8 @@ github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057 h1:lKSxhMBpcHyyQrj2QJYzcm56uiSeibRdSL2KoppF6rg=
github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057/go.mod h1:iSoopbYRb6K4b5c3hXgXNkGTI/T085t2+XiGjceud94=
github.com/containers/common v0.47.5-0.20220331143923-5f14ec785c18/go.mod h1:Vr2Fn6EdzD6JNAbz8L8bTv3uWLv2p31Ih2O3EAK6Hyc=
github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b h1:HVOojcjTGPke7oOh1T/Wj67DK74LBJOR6qU5uW+33zk=
github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b/go.mod h1:nRW9288gdZqIGoRwoV23i3qO7Zznbd34sdDOBnq2GjY=
github.com/containers/common v0.47.5-0.20220421072908-49f1a40067b2 h1:NadhQUF7FRaZkDeW7xDcU3nxk7kV6b2yRmwGWDp+BNY=
github.com/containers/common v0.47.5-0.20220421072908-49f1a40067b2/go.mod h1:BBq6jdyjXvJh69YzQPvIuZjBho0MRdA0XGaqBnsO+1Y=
github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.19.2-0.20220224100137-1045fb70b094/go.mod h1:XoYK6kE0dpazFNcuS+a8lra+QfbC6s8tzv+cUuCrZpE=

2
libpod/events.go
View File

@ -15,7 +15,7 @@ func (r *Runtime) newEventer() (events.Eventer, error) {
options := events.EventerOptions{
EventerType: r.config.Engine.EventsLogger,
LogFilePath: r.config.Engine.EventsLogFilePath,
LogFileMaxSize: r.config.Engine.EventsLogFileMaxSize,
LogFileMaxSize: r.config.Engine.EventsLogMaxSize(),
}
return events.NewEventer(options)
}

4
libpod/events/logfile.go
View File

@ -158,6 +158,10 @@ func rotateLog(logfile string, content string, limit uint64) (bool, error) {
}
file, err := os.Stat(logfile)
if err != nil {
if errors.Is(err, os.ErrNotExist) {
// The logfile does not exist yet.
return false, nil
}
return false, err
}
var filesize = uint64(file.Size())

16
vendor/github.com/containers/common/libimage/copier.go generated vendored
View File

@ -147,15 +147,13 @@ type copier struct {
destinationLookup LookupReferenceFunc
}
var (
// storageAllowedPolicyScopes overrides the policy for local storage
// to ensure that we can read images from it.
storageAllowedPolicyScopes = signature.PolicyTransportScopes{
"": []signature.PolicyRequirement{
signature.NewPRInsecureAcceptAnything(),
},
}
)
// storageAllowedPolicyScopes overrides the policy for local storage
// to ensure that we can read images from it.
var storageAllowedPolicyScopes = signature.PolicyTransportScopes{
"": []signature.PolicyRequirement{
signature.NewPRInsecureAcceptAnything(),
},
}
// getDockerAuthConfig extracts a docker auth config from the CopyOptions. Returns
// nil if no credentials are set.

4
vendor/github.com/containers/common/libimage/image_config.go generated vendored
View File

@ -95,9 +95,7 @@ func ImageConfigFromChanges(changes []string) (*ImageConfig, error) { // nolint:
// For now: we only support key=value
// We will attempt to strip quotation marks if present.
var (
key, val string
)
var key, val string
splitEnv := strings.SplitN(value, "=", 2)
key = splitEnv[0]

1
vendor/github.com/containers/common/libimage/inspect.go generated vendored
View File

@ -213,7 +213,6 @@ func (i *Image) inspectInfo(ctx context.Context) (*types.ImageInspectInfo, error
ref, err := i.StorageReference()
if err != nil {
return nil, err
}

16
vendor/github.com/containers/common/libimage/manifests/copy.go generated vendored
View File

@ -4,12 +4,10 @@ import (
"github.com/containers/image/v5/signature"
)
var (
// storageAllowedPolicyScopes overrides the policy for local storage
// to ensure that we can read images from it.
storageAllowedPolicyScopes = signature.PolicyTransportScopes{
"": []signature.PolicyRequirement{
signature.NewPRInsecureAcceptAnything(),
},
}
)
// storageAllowedPolicyScopes overrides the policy for local storage
// to ensure that we can read images from it.
var storageAllowedPolicyScopes = signature.PolicyTransportScopes{
"": []signature.PolicyRequirement{
signature.NewPRInsecureAcceptAnything(),
},
}

10
vendor/github.com/containers/common/libimage/manifests/manifests.go generated vendored
View File

@ -384,10 +384,8 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag
}
instanceInfo.instanceDigest = &manifestDigest
instanceInfo.Size = int64(len(manifestBytes))
} else {
if manifestDigest == "" {
manifestDigest = *instanceInfo.instanceDigest
}
} else if manifestDigest == "" {
manifestDigest = *instanceInfo.instanceDigest
}
err = l.List.AddInstance(*instanceInfo.instanceDigest, instanceInfo.Size, manifestType, instanceInfo.OS, instanceInfo.Architecture, instanceInfo.OSVersion, instanceInfo.OSFeatures, instanceInfo.Variant, instanceInfo.Features, instanceInfo.Annotations)
if err != nil {
@ -405,9 +403,7 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag
func (l *list) Remove(instanceDigest digest.Digest) error {
err := l.List.Remove(instanceDigest)
if err == nil {
if _, needToDelete := l.instances[instanceDigest]; needToDelete {
delete(l.instances, instanceDigest)
}
delete(l.instances, instanceDigest)
}
return err
}

2
vendor/github.com/containers/common/libimage/runtime.go generated vendored
View File

@ -74,7 +74,7 @@ func (r *Runtime) SystemContext() *types.SystemContext {
// Returns a copy of the runtime's system context.
func (r *Runtime) systemContextCopy() *types.SystemContext {
var sys types.SystemContext
deepcopy.Copy(&sys, &r.systemContext)
_ = deepcopy.Copy(&sys, &r.systemContext)
return &sys
}

1
vendor/github.com/containers/common/libimage/save.go generated vendored
View File

@ -68,7 +68,6 @@ func (r *Runtime) Save(ctx context.Context, names []string, format, path string,
}
return errors.Errorf("unsupported format %q for saving images", format)
}
// saveSingleImage saves the specified image name to the specified path.

28
vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go generated vendored
View File

@ -11,7 +11,6 @@ import (
"path/filepath"
"strconv"
"strings"
"syscall"
"time"
"github.com/containernetworking/cni/libcni"
@ -21,6 +20,7 @@ import (
pkgutil "github.com/containers/common/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
)
func createNetworkFromCNIConfigList(conf *libcni.NetworkConfigList, confPath string) (*types.Network, error) {
@ -45,12 +45,11 @@ func createNetworkFromCNIConfigList(conf *libcni.NetworkConfigList, confPath str
}
}
f, err := os.Stat(confPath)
t, err := fileTime(confPath)
if err != nil {
return nil, err
}
stat := f.Sys().(*syscall.Stat_t)
network.Created = time.Unix(int64(stat.Ctim.Sec), int64(stat.Ctim.Nsec))
network.Created = t
firstPlugin := conf.Plugins[0]
network.Driver = firstPlugin.Network.Type
@ -316,16 +315,15 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ
cniPathName := ""
if writeToDisk {
cniPathName = filepath.Join(n.cniConfigDir, network.Name+".conflist")
err = ioutil.WriteFile(cniPathName, b, 0644)
err = ioutil.WriteFile(cniPathName, b, 0o644)
if err != nil {
return nil, "", err
}
f, err := os.Stat(cniPathName)
t, err := fileTime(cniPathName)
if err != nil {
return nil, "", err
}
stat := f.Sys().(*syscall.Stat_t)
network.Created = time.Unix(int64(stat.Ctim.Sec), int64(stat.Ctim.Nsec))
network.Created = t
} else {
network.Created = time.Now()
}
@ -424,3 +422,17 @@ func parseOptions(networkOptions map[string]string, networkDriver string) (*opti
}
return opt, nil
}
func fileTime(file string) (time.Time, error) {
var st unix.Stat_t
for {
err := unix.Stat(file, &st)
if err == nil {
break
}
if err != unix.EINTR { //nolint:errorlint // unix errors are bare
return time.Time{}, &os.PathError{Path: file, Op: "stat", Err: err}
}
}
return time.Unix(int64(st.Ctim.Sec), int64(st.Ctim.Nsec)), nil //nolint:unconvert // On some platforms Sec and Nsec are int32.
}

1
vendor/github.com/containers/common/libnetwork/cni/config.go generated vendored
View File

@ -17,7 +17,6 @@ import (
// NetworkCreate will take a partial filled Network and fill the
// missing fields. It creates the Network and returns the full Network.
// nolint:gocritic
func (n *cniNetwork) NetworkCreate(net types.Network) (types.Network, error) {
n.lock.Lock()
defer n.lock.Unlock()

1
vendor/github.com/containers/common/libnetwork/internal/util/util.go generated vendored
View File

@ -109,7 +109,6 @@ func GetFreeIPv4NetworkSubnet(usedNetworks []*net.IPNet, subnetPools []config.Su
return nil, err
}
return nil, errors.New("could not find free subnet from subnet pools")
}
// GetFreeIPv6NetworkSubnet returns a unused ipv6 subnet

1
vendor/github.com/containers/common/libnetwork/netavark/config.go generated vendored
View File

@ -19,7 +19,6 @@ import (
// NetworkCreate will take a partial filled Network and fill the
// missing fields. It creates the Network and returns the full Network.
// nolint:gocritic
func (n *netavarkNetwork) NetworkCreate(net types.Network) (types.Network, error) {
n.lock.Lock()
defer n.lock.Unlock()

4
vendor/github.com/containers/common/libnetwork/netavark/ipam.go generated vendored
View File

@ -59,9 +59,7 @@ func newIPAMError(cause error, msg string, args ...interface{}) *ipamError {
// openDB will open the ipam database
// Note that the caller has to Close it.
func (n *netavarkNetwork) openDB() (*bbolt.DB, error) {
// linter complains about the octal value
// nolint:gocritic
db, err := bbolt.Open(n.ipamDBPath, 0600, nil)
db, err := bbolt.Open(n.ipamDBPath, 0o600, nil)
if err != nil {
return nil, newIPAMError(err, "failed to open database %s", n.ipamDBPath)
}

4
vendor/github.com/containers/common/libnetwork/netavark/network.go generated vendored
View File

@ -108,11 +108,11 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) {
return nil, errors.Wrap(err, "failed to parse default subnet")
}
if err := os.MkdirAll(conf.NetworkConfigDir, 0755); err != nil {
if err := os.MkdirAll(conf.NetworkConfigDir, 0o755); err != nil {
return nil, err
}
if err := os.MkdirAll(conf.NetworkRunDir, 0755); err != nil {
if err := os.MkdirAll(conf.NetworkRunDir, 0o755); err != nil {
return nil, err
}

3
vendor/github.com/containers/common/libnetwork/network/interface.go generated vendored
View File

@ -121,8 +121,7 @@ func defaultNetworkBackend(store storage.Store, conf *config.Config) (backend ty
defer func() {
// only write when there is no error
if err == nil {
// nolint:gocritic
if err := ioutils.AtomicWriteFile(file, []byte(backend), 0644); err != nil {
if err := ioutils.AtomicWriteFile(file, []byte(backend), 0o644); err != nil {
logrus.Errorf("could not write network backend to file: %v", err)
}
}

1
vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go generated vendored
View File

@ -233,7 +233,6 @@ func parseAAParserVersion(output string) (int, error) {
// major*10^5 + minor*10^3 + patch*10^0
numericVersion := majorVersion*1e5 + minorVersion*1e3 + patchLevel
return numericVersion, nil
}
// CheckProfileAndLoadDefault checks if the specified profile is loaded and

3
vendor/github.com/containers/common/pkg/cgroups/blkio.go generated vendored
View File

@ -12,8 +12,7 @@ import (
"github.com/pkg/errors"
)
type blkioHandler struct {
}
type blkioHandler struct{}
func getBlkioHandler() *blkioHandler {
return &blkioHandler{}

12
vendor/github.com/containers/common/pkg/cgroups/cgroups.go generated vendored
View File

@ -265,7 +265,7 @@ func createCgroupv2Path(path string) (deferredError error) {
for i, e := range elements[3:] {
current = filepath.Join(current, e)
if i > 0 {
if err := os.Mkdir(current, 0755); err != nil {
if err := os.Mkdir(current, 0o755); err != nil {
if !os.IsExist(err) {
return err
}
@ -281,7 +281,7 @@ func createCgroupv2Path(path string) (deferredError error) {
// We enable the controllers for all the path components except the last one. It is not allowed to add
// PIDs if there are already enabled controllers.
if i < len(elements[3:])-1 {
if err := ioutil.WriteFile(filepath.Join(current, "cgroup.subtree_control"), res, 0755); err != nil {
if err := ioutil.WriteFile(filepath.Join(current, "cgroup.subtree_control"), res, 0o755); err != nil {
return err
}
}
@ -323,7 +323,7 @@ func (c *CgroupControl) initialize() (err error) {
continue
}
path := c.getCgroupv1Path(ctr.name)
if err := os.MkdirAll(path, 0755); err != nil {
if err := os.MkdirAll(path, 0o755); err != nil {
return errors.Wrapf(err, "error creating cgroup path for %s", ctr.name)
}
}
@ -343,7 +343,7 @@ func (c *CgroupControl) createCgroupDirectory(controller string) (bool, error) {
return false, err
}
if err := os.MkdirAll(cPath, 0755); err != nil {
if err := os.MkdirAll(cPath, 0o755); err != nil {
return false, errors.Wrapf(err, "error creating cgroup for %s", controller)
}
return true, nil
@ -589,7 +589,7 @@ func (c *CgroupControl) AddPid(pid int) error {
if c.cgroup2 {
p := filepath.Join(cgroupRoot, c.path, "cgroup.procs")
if err := ioutil.WriteFile(p, pidString, 0644); err != nil {
if err := ioutil.WriteFile(p, pidString, 0o644); err != nil {
return errors.Wrapf(err, "write %s", p)
}
return nil
@ -612,7 +612,7 @@ func (c *CgroupControl) AddPid(pid int) error {
continue
}
p := filepath.Join(c.getCgroupv1Path(n), "tasks")
if err := ioutil.WriteFile(p, pidString, 0644); err != nil {
if err := ioutil.WriteFile(p, pidString, 0o644); err != nil {
return errors.Wrapf(err, "write %s", p)
}
}

3
vendor/github.com/containers/common/pkg/cgroups/cpu.go generated vendored
View File

@ -12,8 +12,7 @@ import (
"github.com/pkg/errors"
)
type cpuHandler struct {
}
type cpuHandler struct{}
func getCPUHandler() *cpuHandler {
return &cpuHandler{}

5
vendor/github.com/containers/common/pkg/cgroups/cpuset.go generated vendored
View File

@ -10,8 +10,7 @@ import (
"github.com/pkg/errors"
)
type cpusetHandler struct {
}
type cpusetHandler struct{}
func cpusetCopyFileFromParent(dir, file string, cgroupv2 bool) ([]byte, error) {
if dir == cgroupRoot {
@ -33,7 +32,7 @@ func cpusetCopyFileFromParent(dir, file string, cgroupv2 bool) ([]byte, error) {
if err != nil {
return nil, err
}
if err := ioutil.WriteFile(path, data, 0644); err != nil {
if err := ioutil.WriteFile(path, data, 0o644); err != nil {
return nil, errors.Wrapf(err, "write %s", path)
}
return data, nil

5
vendor/github.com/containers/common/pkg/cgroups/pids.go generated vendored
View File

@ -8,8 +8,7 @@ import (
spec "github.com/opencontainers/runtime-spec/specs-go"
)
type pidHandler struct {
}
type pidHandler struct{}
func getPidsHandler() *pidHandler {
return &pidHandler{}
@ -29,7 +28,7 @@ func (c *pidHandler) Apply(ctr *CgroupControl, res *spec.LinuxResources) error {
}
p := filepath.Join(PIDRoot, "pids.max")
return ioutil.WriteFile(p, []byte(fmt.Sprintf("%d\n", res.Pids.Limit)), 0644)
return ioutil.WriteFile(p, []byte(fmt.Sprintf("%d\n", res.Pids.Limit)), 0o644)
}
// Create the cgroup

1
vendor/github.com/containers/common/pkg/chown/chown_unix.go generated vendored
View File

@ -41,7 +41,6 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
return nil
})
if err != nil {
return errors.Wrap(err, "failed to chown recursively host path")
}

43
vendor/github.com/containers/common/pkg/config/config.go generated vendored
View File

@ -252,7 +252,7 @@ type EngineConfig struct {
// EventsLogFileMaxSize sets the maximum size for the events log. When the limit is exceeded,
// the logfile is rotated and the old one is deleted.
EventsLogFileMaxSize uint64 `toml:"events_logfile_max_size,omitempty,omitzero"`
EventsLogFileMaxSize eventsLogMaxSize `toml:"events_logfile_max_size,omitzero"`
// EventsLogger determines where events should be logged.
EventsLogger string `toml:"events_logger,omitempty"`
@ -581,7 +581,6 @@ type Destination struct {
// with cgroupv2v2. Other OCI runtimes are not yet supporting cgroupv2v2. This
// might change in the future.
func NewConfig(userConfigPath string) (*Config, error) {
// Generate the default config for the system
config, err := DefaultConfig()
if err != nil {
@ -765,7 +764,6 @@ func (c *Config) addCAPPrefix() {
// Validate is the main entry point for library configuration validation.
func (c *Config) Validate() error {
if err := c.Containers.Validate(); err != nil {
return errors.Wrap(err, "validating containers config")
}
@ -822,7 +820,6 @@ func (c *EngineConfig) Validate() error {
// It returns an `error` on validation failure, otherwise
// `nil`.
func (c *ContainersConfig) Validate() error {
if err := c.validateUlimits(); err != nil {
return err
}
@ -954,7 +951,6 @@ func (c *Config) GetDefaultEnvEx(envHost, httpProxy bool) []string {
// Capabilities returns the capabilities parses the Add and Drop capability
// list from the default capabiltiies for the container
func (c *Config) Capabilities(user string, addCapabilities, dropCapabilities []string) ([]string, error) {
userNotRoot := func(user string) bool {
if user == "" || user == "root" || user == "0" {
return false
@ -1014,7 +1010,7 @@ func Device(device string) (src, dst, permissions string, err error) {
// IsValidDeviceMode checks if the mode for device is valid or not.
// IsValid mode is a composition of r (read), w (write), and m (mknod).
func IsValidDeviceMode(mode string) bool {
var legalDeviceMode = map[rune]bool{
legalDeviceMode := map[rune]bool{
'r': true,
'w': true,
'm': true,
@ -1065,7 +1061,6 @@ func rootlessConfigPath() (string, error) {
}
func stringsEq(a, b []string) bool {
if len(a) != len(b) {
return false
}
@ -1150,10 +1145,10 @@ func (c *Config) Write() error {
if err != nil {
return err
}
if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
if err := os.MkdirAll(filepath.Dir(path), 0o755); err != nil {
return err
}
configFile, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0644)
configFile, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0o644)
if err != nil {
return err
}
@ -1266,3 +1261,33 @@ func (c *Config) setupEnv() error {
}
return nil
}
// eventsLogMaxSize is the type used by EventsLogFileMaxSize
type eventsLogMaxSize uint64
// UnmarshalText parses the JSON encoding of eventsLogMaxSize and
// stores it in a value.
func (e *eventsLogMaxSize) UnmarshalText(text []byte) error {
// REMOVE once writing works
if string(text) == "" {
return nil
}
val, err := units.FromHumanSize((string(text)))
if err != nil {
return err
}
if val < 0 {
return fmt.Errorf("events log file max size cannot be negative: %s", string(text))
}
*e = eventsLogMaxSize(uint64(val))
return nil
}
// MarshalText returns the JSON encoding of eventsLogMaxSize.
func (e eventsLogMaxSize) MarshalText() ([]byte, error) {
if uint64(e) == DefaultEventsLogSizeMax || e == 0 {
v := []byte{}
return v, nil
}
return []byte(fmt.Sprintf("%d", e)), nil
}

12
vendor/github.com/containers/common/pkg/config/containers.conf generated vendored
View File

@ -373,11 +373,14 @@ default_sysctls = [
# Define where event logs will be stored, when events_logger is "file".
#events_logfile_path=""
# Sets the maximum size for events_logfile_path in bytes. When the limit is exceeded,
# the logfile will be rotated and the old one will be deleted.
# Sets the maximum size for events_logfile_path.
# The size can be b (bytes), k (kilobytes), m (megabytes), or g (gigabytes).
# The format for the size is `<number><unit>`, e.g., `1b` or `3g`.
# If no unit is included then the size will be read in bytes.
# When the limit is exceeded, the logfile will be rotated and the old one will be deleted.
# If the maximum size is set to 0, then no limit will be applied,
# and the logfile will not be rotated.
#events_logfile_max_size = 0
#events_logfile_max_size = "1m"
# Selects which logging mechanism to use for container engine events.
# Valid values are `journald`, `file` and `none`.
@ -629,7 +632,7 @@ default_sysctls = [
# Host directories to be mounted as volumes into the VM by default.
# Environment variables like $HOME as well as complete paths are supported for
# the source and destination. An optional third field `:ro` can be used to
# the source and destination. An optional third field `:ro` can be used to
# tell the container engines to mount the volume readonly.
#
# volumes = [
@ -641,3 +644,4 @@ default_sysctls = [
# TOML does not provide a way to end a table other than a further table being
# defined, so every key hereafter will be part of [machine] and not the
# main config.

15
vendor/github.com/containers/common/pkg/config/default.go generated vendored
View File

@ -109,7 +109,6 @@ func parseSubnetPool(subnet string, size int) SubnetPool {
Base: &nettypes.IPNet{IPNet: *n},
Size: size,
}
}
const (
@ -128,6 +127,9 @@ const (
// DefaultLogSizeMax is the default value for the maximum log size
// allowed for a container. Negative values mean that no limit is imposed.
DefaultLogSizeMax = -1
// DefaultEventsLogSize is the default value for the maximum events log size
// before rotation.
DefaultEventsLogSizeMax = uint64(1000000)
// DefaultPidsLimit is the default value for maximum number of processes
// allowed inside a container
DefaultPidsLimit = 2048
@ -156,7 +158,6 @@ const (
// DefaultConfig defines the default values from containers.conf
func DefaultConfig() (*Config, error) {
defaultEngineConfig, err := defaultConfigFromMemory()
if err != nil {
return nil, err
@ -263,6 +264,8 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log")
c.EventsLogFileMaxSize = eventsLogMaxSize(DefaultEventsLogSizeMax)
c.CompatAPIEnforceDockerHub = true
if path, ok := os.LookupEnv("CONTAINERS_STORAGE_CONF"); ok {
@ -399,10 +402,10 @@ func defaultTmpDir() (string, error) {
}
libpodRuntimeDir := filepath.Join(runtimeDir, "libpod")
if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
if err := os.Mkdir(libpodRuntimeDir, 0o700|os.ModeSticky); err != nil {
if !os.IsExist(err) {
return "", err
} else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
} else if err := os.Chmod(libpodRuntimeDir, 0o700|os.ModeSticky); err != nil {
// The directory already exist, just set the sticky bit
return "", errors.Wrap(err, "set sticky bit on")
}
@ -466,6 +469,10 @@ func (c *Config) NetNS() string {
return c.Containers.NetNS
}
func (c EngineConfig) EventsLogMaxSize() uint64 {
return uint64(c.EventsLogFileMaxSize)
}
// SecurityOptions returns the default security options
func (c *Config) SecurityOptions() []string {
securityOpts := []string{}

2
vendor/github.com/containers/common/pkg/config/systemd.go generated vendored
View File

@ -58,7 +58,6 @@ func useSystemd() bool {
val := strings.TrimSuffix(string(dat), "\n")
usesSystemd = (val == "systemd")
}
return
})
return usesSystemd
}
@ -82,7 +81,6 @@ func useJournald() bool {
}
}
}
return
})
return usesJournald
}

30
vendor/github.com/containers/common/pkg/manifests/manifests.go generated vendored
View File

@ -16,31 +16,22 @@ import (
type List interface {
AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, os, architecture, osVersion string, osFeatures []string, variant string, features []string, annotations []string) error
Remove(instanceDigest digest.Digest) error
SetURLs(instanceDigest digest.Digest, urls []string) error
URLs(instanceDigest digest.Digest) ([]string, error)
SetAnnotations(instanceDigest *digest.Digest, annotations map[string]string) error
Annotations(instanceDigest *digest.Digest) (map[string]string, error)
SetOS(instanceDigest digest.Digest, os string) error
OS(instanceDigest digest.Digest) (string, error)
SetArchitecture(instanceDigest digest.Digest, arch string) error
Architecture(instanceDigest digest.Digest) (string, error)
SetOSVersion(instanceDigest digest.Digest, osVersion string) error
OSVersion(instanceDigest digest.Digest) (string, error)
SetVariant(instanceDigest digest.Digest, variant string) error
Variant(instanceDigest digest.Digest) (string, error)
SetFeatures(instanceDigest digest.Digest, features []string) error
Features(instanceDigest digest.Digest) ([]string, error)
SetOSFeatures(instanceDigest digest.Digest, osFeatures []string) error
OSFeatures(instanceDigest digest.Digest) ([]string, error)
Serialize(mimeType string) ([]byte, error)
Instances() []digest.Digest
OCIv1() *v1.Index
@ -81,7 +72,7 @@ func Create() List {
// AddInstance adds an entry for the specified manifest digest, with assorted
// additional information specified in parameters, to the list or index.
func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, osName, architecture, osVersion string, osFeatures []string, variant string, features []string, annotations []string) error {
func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, osName, architecture, osVersion string, osFeatures []string, variant string, features, annotations []string) error {
if err := l.Remove(manifestDigest); err != nil && !os.IsNotExist(errors.Cause(err)) {
return err
}
@ -451,38 +442,37 @@ func (l *list) preferOCI() bool {
// Serialize encodes the list using the specified format, or by selecting one
// which it thinks is appropriate.
func (l *list) Serialize(mimeType string) ([]byte, error) {
var manifestBytes []byte
var (
res []byte
err error
)
switch mimeType {
case "":
if l.preferOCI() {
manifest, err := json.Marshal(&l.oci)
res, err = json.Marshal(&l.oci)
if err != nil {
return nil, errors.Wrapf(err, "error marshalling OCI image index")
}
manifestBytes = manifest
} else {
manifest, err := json.Marshal(&l.docker)
res, err = json.Marshal(&l.docker)
if err != nil {
return nil, errors.Wrapf(err, "error marshalling Docker manifest list")
}
manifestBytes = manifest
}
case v1.MediaTypeImageIndex:
manifest, err := json.Marshal(&l.oci)
res, err = json.Marshal(&l.oci)
if err != nil {
return nil, errors.Wrapf(err, "error marshalling OCI image index")
}
manifestBytes = manifest
case manifest.DockerV2ListMediaType:
manifest, err := json.Marshal(&l.docker)
res, err = json.Marshal(&l.docker)
if err != nil {
return nil, errors.Wrapf(err, "error marshalling Docker manifest list")
}
manifestBytes = manifest
default:
return nil, errors.Wrapf(ErrManifestTypeNotSupported, "serializing list to type %q not implemented", mimeType)
}
return manifestBytes, nil
return res, nil
}
// Instances returns the list of image instances mentioned in this list.

2
vendor/github.com/containers/common/pkg/netns/netns_linux.go generated vendored
View File

@ -71,7 +71,7 @@ func NewNSWithName(name string) (ns.NetNS, error) {
// Create the directory for mounting network namespaces
// This needs to be a shared mountpoint in case it is mounted in to
// other namespaces (containers)
err = os.MkdirAll(nsRunDir, 0755)
err = os.MkdirAll(nsRunDir, 0o755)
if err != nil {
return nil, err
}

2
vendor/github.com/containers/common/pkg/parse/parse.go generated vendored
View File

@ -141,7 +141,7 @@ func Device(device string) (src, dest, permissions string, err error) {
// isValidDeviceMode checks if the mode for device is valid or not.
// isValid mode is a composition of r (read), w (write), and m (mknod).
func isValidDeviceMode(mode string) bool {
var legalDeviceMode = map[rune]bool{
legalDeviceMode := map[rune]bool{
'r': true,
'w': true,
'm': true,

4
vendor/github.com/containers/common/pkg/report/template.go generated vendored
View File

@ -40,14 +40,14 @@ var DefaultFuncs = FuncMap{
buf := new(bytes.Buffer)
enc := json.NewEncoder(buf)
enc.SetEscapeHTML(false)
enc.Encode(v)
_ = enc.Encode(v)
// Remove the trailing new line added by the encoder
return strings.TrimSpace(buf.String())
},
"lower": strings.ToLower,
"pad": padWithSpace,
"split": strings.Split,
"title": strings.Title,
"title": strings.Title, //nolint:staticcheck
"truncate": truncateWithLength,
"upper": strings.ToUpper,
}

2
vendor/github.com/containers/common/pkg/seccomp/seccomp_linux.go generated vendored
View File

@ -112,7 +112,7 @@ func setupSeccomp(config *Seccomp, rs *specs.Spec) (*specs.LinuxSeccomp, error)
newConfig := &specs.LinuxSeccomp{}
var arch string
var native, err = libseccomp.GetNativeArch()
native, err := libseccomp.GetNativeArch()
if err == nil {
arch = native.String()
}

6
vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go generated vendored
View File

@ -34,7 +34,7 @@ func NewDriver(rootPath string) (*Driver, error) {
fileDriver := new(Driver)
fileDriver.secretsDataFilePath = filepath.Join(rootPath, secretsDataFile)
// the lockfile functions require that the rootPath dir is executable
if err := os.MkdirAll(rootPath, 0700); err != nil {
if err := os.MkdirAll(rootPath, 0o700); err != nil {
return nil, err
}
@ -95,7 +95,7 @@ func (d *Driver) Store(id string, data []byte) error {
if err != nil {
return err
}
err = ioutil.WriteFile(d.secretsDataFilePath, marshalled, 0600)
err = ioutil.WriteFile(d.secretsDataFilePath, marshalled, 0o600)
if err != nil {
return err
}
@ -119,7 +119,7 @@ func (d *Driver) Delete(id string) error {
if err != nil {
return err
}
err = ioutil.WriteFile(d.secretsDataFilePath, marshalled, 0600)
err = ioutil.WriteFile(d.secretsDataFilePath, marshalled, 0o600)
if err != nil {
return err
}

3
vendor/github.com/containers/common/pkg/secrets/secrets.go generated vendored
View File

@ -102,7 +102,7 @@ func NewManager(rootPath string) (*SecretsManager, error) {
return nil, errors.Wrapf(errInvalidPath, "path must be absolute: %s", rootPath)
}
// the lockfile functions require that the rootPath dir is executable
if err := os.MkdirAll(rootPath, 0700); err != nil {
if err := os.MkdirAll(rootPath, 0o700); err != nil {
return nil, err
}
@ -237,7 +237,6 @@ func (s *SecretsManager) List() ([]Secret, error) {
var ls []Secret
for _, v := range secrets {
ls = append(ls, v)
}
return ls, nil
}

4
vendor/github.com/containers/common/pkg/secrets/secretsdb.go generated vendored
View File

@ -177,7 +177,7 @@ func (s *SecretsManager) store(entry *Secret) error {
if err != nil {
return err
}
err = ioutil.WriteFile(s.secretsDBPath, marshalled, 0600)
err = ioutil.WriteFile(s.secretsDBPath, marshalled, 0o600)
if err != nil {
return err
}
@ -203,7 +203,7 @@ func (s *SecretsManager) delete(nameOrID string) error {
if err != nil {
return err
}
err = ioutil.WriteFile(s.secretsDBPath, marshalled, 0600)
err = ioutil.WriteFile(s.secretsDBPath, marshalled, 0o600)
if err != nil {
return err
}

3
vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go generated vendored
View File

@ -262,7 +262,6 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerRunDir string
data, err := readFileOrDir("", hostDirOrFile, mode.Perm())
if err != nil {
return nil, err
}
for _, s := range data {
if err := os.MkdirAll(filepath.Dir(ctrDirOrFileOnHost), s.dirMode); err != nil {
@ -313,7 +312,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerRunDir, mountPoint,
subscriptionsDir := "/run/secrets"
ctrDirOnHost := filepath.Join(containerRunDir, subscriptionsDir)
if _, err := os.Stat(ctrDirOnHost); os.IsNotExist(err) {
if err = idtools.MkdirAllAs(ctrDirOnHost, 0755, uid, gid); err != nil { //nolint
if err = idtools.MkdirAllAs(ctrDirOnHost, 0o755, uid, gid); err != nil { //nolint
return err
}
if err = label.Relabel(ctrDirOnHost, mountLabel, false); err != nil {

6
vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go generated vendored
View File

@ -46,7 +46,7 @@ func IsCPUSharesAvailable() bool {
// New returns a new SysInfo, using the filesystem to detect which features
// the kernel supports.
//NOTE Solaris: If we change the below capabilities be sure
// NOTE Solaris: If we change the below capabilities be sure
// to update verifyPlatformContainerSettings() in daemon_solaris.go
func New(quiet bool) *SysInfo {
sysInfo := &SysInfo{}
@ -64,7 +64,6 @@ func New(quiet bool) *SysInfo {
// setCgroupMem reads the memory information for Solaris.
func setCgroupMem(quiet bool) cgroupMemInfo {
return cgroupMemInfo{
MemoryLimit: true,
SwapLimit: true,
@ -77,7 +76,6 @@ func setCgroupMem(quiet bool) cgroupMemInfo {
// setCgroupCPU reads the cpu information for Solaris.
func setCgroupCPU(quiet bool) cgroupCPUInfo {
return cgroupCPUInfo{
CPUShares: true,
CPUCfsPeriod: false,
@ -89,7 +87,6 @@ func setCgroupCPU(quiet bool) cgroupCPUInfo {
// blkio switches are not supported in Solaris.
func setCgroupBlkioInfo(quiet bool) cgroupBlkioInfo {
return cgroupBlkioInfo{
BlkioWeight: false,
BlkioWeightDevice: false,
@ -98,7 +95,6 @@ func setCgroupBlkioInfo(quiet bool) cgroupBlkioInfo {
// setCgroupCPUsetInfo reads the cpuset information for Solaris.
func setCgroupCPUsetInfo(quiet bool) cgroupCpusetInfo {
return cgroupCpusetInfo{
Cpuset: true,
Cpus: getCPUCount(),

11
vendor/github.com/containers/common/pkg/timetype/timestamp.go generated vendored
View File

@ -34,13 +34,14 @@ func GetTimestamp(value string, reference time.Time) (string, error) {
// if the string has a Z or a + or three dashes use parse otherwise use parseinlocation
parseInLocation := !(strings.ContainsAny(value, "zZ+") || strings.Count(value, "-") == 3)
if strings.Contains(value, ".") { // nolint:gocritic
switch {
case strings.Contains(value, "."):
if parseInLocation {
format = rFC3339NanoLocal
} else {
format = time.RFC3339Nano
}
} else if strings.Contains(value, "T") {
case strings.Contains(value, "T"):
// we want the number of colons in the T portion of the timestamp
tcolons := strings.Count(value, ":")
// if parseInLocation is off and we have a +/- zone offset (not Z) then
@ -68,9 +69,9 @@ func GetTimestamp(value string, reference time.Time) (string, error) {
format = time.RFC3339
}
}
} else if parseInLocation {
case parseInLocation:
format = dateLocal
} else {
default:
format = dateWithZone
}
@ -112,7 +113,7 @@ func ParseTimestamps(value string, def int64) (secs, nanoSecs int64, err error)
return parseTimestamp(value)
}
func parseTimestamp(value string) (int64, int64, error) { // nolint:gocritic
func parseTimestamp(value string) (int64, int64, error) {
sa := strings.SplitN(value, ".", 2)
s, err := strconv.ParseInt(sa[0], 10, 64)
if err != nil {

4
vendor/github.com/containers/common/pkg/umask/umask_unix.go generated vendored
View File

@ -10,8 +10,8 @@ import (
)
func Check() {
oldUmask := syscall.Umask(0022) //nolint
if (oldUmask & ^0022) != 0 {
oldUmask := syscall.Umask(0o022) //nolint
if (oldUmask & ^0o022) != 0 {
logrus.Debugf("umask value too restrictive. Forcing it to 022")
}
}

10
vendor/github.com/containers/common/pkg/util/util_supported.go generated vendored
View File

@ -1,5 +1,5 @@
//go:build linux || darwin
// +build linux darwin
//go:build linux || darwin || freebsd
// +build linux darwin freebsd
package util
@ -23,7 +23,7 @@ var (
// isWriteableOnlyByOwner checks that the specified permission mask allows write
// access only to the owner.
func isWriteableOnlyByOwner(perm os.FileMode) bool {
return (perm & 0722) == 0700
return (perm & 0o722) == 0o700
}
// GetRuntimeDir returns the runtime directory
@ -46,7 +46,7 @@ func GetRuntimeDir() (string, error) {
uid := fmt.Sprintf("%d", unshare.GetRootlessUID())
if runtimeDir == "" {
tmpDir := filepath.Join("/run", "user", uid)
if err := os.MkdirAll(tmpDir, 0700); err != nil {
if err := os.MkdirAll(tmpDir, 0o700); err != nil {
logrus.Debugf("unable to make temp dir: %v", err)
}
st, err := os.Stat(tmpDir)
@ -56,7 +56,7 @@ func GetRuntimeDir() (string, error) {
}
if runtimeDir == "" {
tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid))
if err := os.MkdirAll(tmpDir, 0700); err != nil {
if err := os.MkdirAll(tmpDir, 0o700); err != nil {
logrus.Debugf("unable to make temp dir %v", err)
}
st, err := os.Stat(tmpDir)

2
vendor/modules.txt vendored
View File

@ -109,7 +109,7 @@ github.com/containers/buildah/pkg/rusage
github.com/containers/buildah/pkg/sshagent
github.com/containers/buildah/pkg/util
github.com/containers/buildah/util
# github.com/containers/common v0.47.5-0.20220413182852-c23a4e11f91b
# github.com/containers/common v0.47.5-0.20220421072908-49f1a40067b2
## explicit
github.com/containers/common/libimage
github.com/containers/common/libimage/manifests