diff options
Diffstat (limited to 'vendor/github.com/containers')
123 files changed, 409 insertions, 370 deletions
diff --git a/vendor/github.com/containers/common/internal/attributedstring/slice.go b/vendor/github.com/containers/common/internal/attributedstring/slice.go index ad4acc5ec..298d468d5 100644 --- a/vendor/github.com/containers/common/internal/attributedstring/slice.go +++ b/vendor/github.com/containers/common/internal/attributedstring/slice.go @@ -42,8 +42,8 @@ func (a *Slice) Set(values []string) { } // UnmarshalTOML is the custom unmarshal method for Slice. -func (a *Slice) UnmarshalTOML(data interface{}) error { - iFaceSlice, ok := data.([]interface{}) +func (a *Slice) UnmarshalTOML(data any) error { + iFaceSlice, ok := data.([]any) if !ok { return fmt.Errorf("unable to cast to interface array: %v", data) } @@ -53,7 +53,7 @@ func (a *Slice) UnmarshalTOML(data interface{}) error { switch val := x.(type) { case string: // Strings are directly appended to the slice. loadedStrings = append(loadedStrings, val) - case map[string]interface{}: // The attribute struct is represented as a map. + case map[string]any: // The attribute struct is represented as a map. for k, v := range val { // Iterate over all _supported_ keys. switch k { case "append": @@ -81,16 +81,15 @@ func (a *Slice) UnmarshalTOML(data interface{}) error { // MarshalTOML is the custom marshal method for Slice. func (a *Slice) MarshalTOML() ([]byte, error) { - iFaceSlice := make([]interface{}, 0, len(a.Values)) + iFaceSlice := make([]any, 0, len(a.Values)) for _, x := range a.Values { iFaceSlice = append(iFaceSlice, x) } if a.Attributes.Append != nil { - Attributes := make(map[string]any) - Attributes["append"] = *a.Attributes.Append - iFaceSlice = append(iFaceSlice, Attributes) + attributes := map[string]any{"append": *a.Attributes.Append} + iFaceSlice = append(iFaceSlice, attributes) } buf := new(bytes.Buffer) diff --git a/vendor/github.com/containers/common/libimage/copier.go b/vendor/github.com/containers/common/libimage/copier.go index 1edf7d6cb..fe6eb9784 100644 --- a/vendor/github.com/containers/common/libimage/copier.go +++ b/vendor/github.com/containers/common/libimage/copier.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -518,8 +517,8 @@ func checkRegistrySourcesAllows(dest types.ImageReference) (insecure *bool, err return nil, fmt.Errorf("registry %q denied by policy: not in allowed registries list (%s)", reference.Domain(dref), registrySources) } - for _, inseureDomain := range sources.InsecureRegistries { - if inseureDomain == reference.Domain(dref) { + for _, insecureDomain := range sources.InsecureRegistries { + if insecureDomain == reference.Domain(dref) { insecure := true return &insecure, nil } diff --git a/vendor/github.com/containers/common/libimage/disk_usage.go b/vendor/github.com/containers/common/libimage/disk_usage.go index 765b0df86..6264b25ec 100644 --- a/vendor/github.com/containers/common/libimage/disk_usage.go +++ b/vendor/github.com/containers/common/libimage/disk_usage.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -37,7 +36,7 @@ func (r *Runtime) DiskUsage(ctx context.Context) ([]ImageDiskUsage, int64, error return nil, -1, err } - layerTree, err := r.layerTree(images) + layerTree, err := r.layerTree(ctx, images) if err != nil { return nil, -1, err } @@ -80,7 +79,7 @@ func (r *Runtime) DiskUsage(ctx context.Context) ([]ImageDiskUsage, int64, error // diskUsageForImage returns the disk-usage baseistics for the specified image. func diskUsageForImage(ctx context.Context, image *Image, tree *layerTree) ([]ImageDiskUsage, error) { - if err := image.isCorrupted(""); err != nil { + if err := image.isCorrupted(ctx, ""); err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/libimage/events.go b/vendor/github.com/containers/common/libimage/events.go index 5d82efa6a..e43c39d95 100644 --- a/vendor/github.com/containers/common/libimage/events.go +++ b/vendor/github.com/containers/common/libimage/events.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/filters.go b/vendor/github.com/containers/common/libimage/filters.go index b51853af1..369eff94a 100644 --- a/vendor/github.com/containers/common/libimage/filters.go +++ b/vendor/github.com/containers/common/libimage/filters.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -21,33 +20,28 @@ import ( // indicates that the image matches the criteria. type filterFunc func(*Image) (bool, error) -// Apply the specified filters. At least one filter of each key must apply. -func (i *Image) applyFilters(filters map[string][]filterFunc) (bool, error) { - matches := false - for key := range filters { // and - matches = false - for _, filter := range filters[key] { // or - var err error - matches, err = filter(i) +// Apply the specified filters. All filters of each key must apply. +func (i *Image) applyFilters(ctx context.Context, filters map[string][]filterFunc) (bool, error) { + for key := range filters { + for _, filter := range filters[key] { + matches, err := filter(i) if err != nil { // Some images may have been corrupted in the // meantime, so do an extra check and make the // error non-fatal (see containers/podman/issues/12582). - if errCorrupted := i.isCorrupted(""); errCorrupted != nil { + if errCorrupted := i.isCorrupted(ctx, ""); errCorrupted != nil { logrus.Errorf(errCorrupted.Error()) return false, nil } return false, err } - if matches { - break + // If any filter within a group doesn't match, return false + if !matches { + return false, nil } } - if !matches { - return false, nil - } } - return matches, nil + return true, nil } // filterImages returns a slice of images which are passing all specified @@ -63,7 +57,7 @@ func (r *Runtime) filterImages(ctx context.Context, images []*Image, options *Li } result := []*Image{} for i := range images { - match, err := images[i].applyFilters(filters) + match, err := images[i].applyFilters(ctx, filters) if err != nil { return nil, err } @@ -84,7 +78,7 @@ func (r *Runtime) compileImageFilters(ctx context.Context, options *ListImagesOp var tree *layerTree getTree := func() (*layerTree, error) { if tree == nil { - t, err := r.layerTree(nil) + t, err := r.layerTree(ctx, nil) if err != nil { return nil, err } @@ -93,6 +87,7 @@ func (r *Runtime) compileImageFilters(ctx context.Context, options *ListImagesOp return tree, nil } + var wantedReferenceMatches, unwantedReferenceMatches []string filters := map[string][]filterFunc{} duplicate := map[string]string{} for _, f := range options.Filters { @@ -184,7 +179,12 @@ func (r *Runtime) compileImageFilters(ctx context.Context, options *ListImagesOp filter = filterManifest(ctx, manifest) case "reference": - filter = filterReferences(r, value) + if negate { + unwantedReferenceMatches = append(unwantedReferenceMatches, value) + } else { + wantedReferenceMatches = append(wantedReferenceMatches, value) + } + continue case "until": until, err := r.until(value) @@ -202,6 +202,11 @@ func (r *Runtime) compileImageFilters(ctx context.Context, options *ListImagesOp filters[key] = append(filters[key], filter) } + // reference filters is a special case as it does an OR for positive matches + // and an AND logic for negative matches + filter := filterReferences(r, wantedReferenceMatches, unwantedReferenceMatches) + filters["reference"] = append(filters["reference"], filter) + return filters, nil } @@ -273,55 +278,97 @@ func filterManifest(ctx context.Context, value bool) filterFunc { } } -// filterReferences creates a reference filter for matching the specified value. -func filterReferences(r *Runtime, value string) filterFunc { - lookedUp, _, _ := r.LookupImage(value, nil) +// filterReferences creates a reference filter for matching the specified wantedReferenceMatches value (OR logic) +// and for matching the unwantedReferenceMatches values (AND logic) +func filterReferences(r *Runtime, wantedReferenceMatches, unwantedReferenceMatches []string) filterFunc { return func(img *Image) (bool, error) { - if lookedUp != nil { - if lookedUp.ID() == img.ID() { + // Empty reference filters, return true + if len(wantedReferenceMatches) == 0 && len(unwantedReferenceMatches) == 0 { + return true, nil + } + + unwantedMatched := false + // Go through the unwanted matches first + for _, value := range unwantedReferenceMatches { + matches, err := imageMatchesReferenceFilter(r, img, value) + if err != nil { + return false, err + } + if matches { + unwantedMatched = true + } + } + + // If there are no wanted match filters, then return false for the image + // that matched the unwanted value otherwise return true + if len(wantedReferenceMatches) == 0 { + return !unwantedMatched, nil + } + + // Go through the wanted matches + // If an image matches the wanted filter but it also matches the unwanted + // filter, don't add it to the output + for _, value := range wantedReferenceMatches { + matches, err := imageMatchesReferenceFilter(r, img, value) + if err != nil { + return false, err + } + if matches && !unwantedMatched { return true, nil } } - refs, err := img.NamesReferences() - if err != nil { - return false, err + return false, nil + } +} + +// imageMatchesReferenceFilter returns true if an image matches the filter value given +func imageMatchesReferenceFilter(r *Runtime, img *Image, value string) (bool, error) { + lookedUp, _, _ := r.LookupImage(value, nil) + if lookedUp != nil { + if lookedUp.ID() == img.ID() { + return true, nil } + } - for _, ref := range refs { - refString := ref.String() // FQN with tag/digest - candidates := []string{refString} + refs, err := img.NamesReferences() + if err != nil { + return false, err + } - // Split the reference into 3 components (twice if digested/tagged): - // 1) Fully-qualified reference - // 2) Without domain - // 3) Without domain and path - if named, isNamed := ref.(reference.Named); isNamed { + for _, ref := range refs { + refString := ref.String() // FQN with tag/digest + candidates := []string{refString} + + // Split the reference into 3 components (twice if digested/tagged): + // 1) Fully-qualified reference + // 2) Without domain + // 3) Without domain and path + if named, isNamed := ref.(reference.Named); isNamed { + candidates = append(candidates, + reference.Path(named), // path/name without tag/digest (Path() removes it) + refString[strings.LastIndex(refString, "/")+1:]) // name with tag/digest + + trimmedString := reference.TrimNamed(named).String() + if refString != trimmedString { + tagOrDigest := refString[len(trimmedString):] candidates = append(candidates, - reference.Path(named), // path/name without tag/digest (Path() removes it) - refString[strings.LastIndex(refString, "/")+1:]) // name with tag/digest - - trimmedString := reference.TrimNamed(named).String() - if refString != trimmedString { - tagOrDigest := refString[len(trimmedString):] - candidates = append(candidates, - trimmedString, // FQN without tag/digest - reference.Path(named)+tagOrDigest, // path/name with tag/digest - trimmedString[strings.LastIndex(trimmedString, "/")+1:]) // name without tag/digest - } + trimmedString, // FQN without tag/digest + reference.Path(named)+tagOrDigest, // path/name with tag/digest + trimmedString[strings.LastIndex(trimmedString, "/")+1:]) // name without tag/digest } + } - for _, candidate := range candidates { - // path.Match() is also used by Docker's reference.FamiliarMatch(). - matched, _ := path.Match(value, candidate) - if matched { - return true, nil - } + for _, candidate := range candidates { + // path.Match() is also used by Docker's reference.FamiliarMatch(). + matched, _ := path.Match(value, candidate) + if matched { + return true, nil } } - - return false, nil } + + return false, nil } // filterLabel creates a label for matching the specified value. diff --git a/vendor/github.com/containers/common/libimage/history.go b/vendor/github.com/containers/common/libimage/history.go index ccd810962..56f84e37a 100644 --- a/vendor/github.com/containers/common/libimage/history.go +++ b/vendor/github.com/containers/common/libimage/history.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -26,7 +25,7 @@ func (i *Image) History(ctx context.Context) ([]ImageHistory, error) { return nil, err } - layerTree, err := i.runtime.layerTree(nil) + layerTree, err := i.runtime.layerTree(ctx, nil) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/libimage/image.go b/vendor/github.com/containers/common/libimage/image.go index 4d106d42f..9cc77cdb2 100644 --- a/vendor/github.com/containers/common/libimage/image.go +++ b/vendor/github.com/containers/common/libimage/image.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -67,7 +66,7 @@ type Image struct { } } -// reload the image and pessimitically clear all cached data. +// reload the image and pessimistically clear all cached data. func (i *Image) reload() error { logrus.Tracef("Reloading image %s", i.ID()) img, err := i.runtime.store.Image(i.ID()) @@ -85,7 +84,7 @@ func (i *Image) reload() error { } // isCorrupted returns an error if the image may be corrupted. -func (i *Image) isCorrupted(name string) error { +func (i *Image) isCorrupted(ctx context.Context, name string) error { // If it's a manifest list, we're good for now. if _, err := i.getManifestList(); err == nil { return nil @@ -96,7 +95,7 @@ func (i *Image) isCorrupted(name string) error { return err } - img, err := ref.NewImage(context.Background(), nil) + img, err := ref.NewImage(ctx, nil) if err != nil { if name == "" { name = i.ID()[:12] @@ -258,7 +257,7 @@ func (i *Image) TopLayer() string { // Parent returns the parent image or nil if there is none func (i *Image) Parent(ctx context.Context) (*Image, error) { - tree, err := i.runtime.layerTree(nil) + tree, err := i.runtime.layerTree(ctx, nil) if err != nil { return nil, err } @@ -292,7 +291,7 @@ func (i *Image) Children(ctx context.Context) ([]*Image, error) { // created for this invocation only. func (i *Image) getChildren(ctx context.Context, all bool, tree *layerTree) ([]*Image, error) { if tree == nil { - t, err := i.runtime.layerTree(nil) + t, err := i.runtime.layerTree(ctx, nil) if err != nil { return nil, err } @@ -611,7 +610,7 @@ func (i *Image) Untag(name string) error { } // FIXME: this is breaking Podman CI but must be re-enabled once - // c/storage supports alterting the digests of an image. Then, + // c/storage supports altering the digests of an image. Then, // Podman will do the right thing. // // !!! Also make sure to re-enable the tests !!! @@ -1031,7 +1030,7 @@ func getImageID(ctx context.Context, src types.ImageReference, sys *types.System // - 2) a bool indicating whether architecture, os or variant were set (some callers need that to decide whether they need to throw an error) // - 3) a fatal error that occurred prior to check for matches (e.g., storage errors etc.) func (i *Image) matchesPlatform(ctx context.Context, os, arch, variant string) (error, bool, error) { - if err := i.isCorrupted(""); err != nil { + if err := i.isCorrupted(ctx, ""); err != nil { return err, false, nil } inspectInfo, err := i.inspectInfo(ctx) diff --git a/vendor/github.com/containers/common/libimage/image_config.go b/vendor/github.com/containers/common/libimage/image_config.go index 9f5841fe1..cd4ed3c4e 100644 --- a/vendor/github.com/containers/common/libimage/image_config.go +++ b/vendor/github.com/containers/common/libimage/image_config.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/image_tree.go b/vendor/github.com/containers/common/libimage/image_tree.go index 8143d3779..8b9d1f4c4 100644 --- a/vendor/github.com/containers/common/libimage/image_tree.go +++ b/vendor/github.com/containers/common/libimage/image_tree.go @@ -1,9 +1,9 @@ //go:build !remote -// +build !remote package libimage import ( + "context" "fmt" "strings" @@ -38,7 +38,7 @@ func (i *Image) Tree(traverseChildren bool) (string, error) { fmt.Fprintf(sb, "No Image Layers") } - layerTree, err := i.runtime.layerTree(nil) + layerTree, err := i.runtime.layerTree(context.Background(), nil) if err != nil { return "", err } @@ -53,7 +53,7 @@ func (i *Image) Tree(traverseChildren bool) (string, error) { return tree.Print(), nil } - // Walk all layers of the image and assemlbe their data. Note that the + // Walk all layers of the image and assemble their data. Note that the // tree is constructed in reverse order to remain backwards compatible // with Podman. contents := []string{} diff --git a/vendor/github.com/containers/common/libimage/import.go b/vendor/github.com/containers/common/libimage/import.go index 5519f02ba..552c48eae 100644 --- a/vendor/github.com/containers/common/libimage/import.go +++ b/vendor/github.com/containers/common/libimage/import.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/inspect.go b/vendor/github.com/containers/common/libimage/inspect.go index ed1ae719d..0db94708d 100644 --- a/vendor/github.com/containers/common/libimage/inspect.go +++ b/vendor/github.com/containers/common/libimage/inspect.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/layer_tree.go b/vendor/github.com/containers/common/libimage/layer_tree.go index 71eafb0e7..b140e648c 100644 --- a/vendor/github.com/containers/common/libimage/layer_tree.go +++ b/vendor/github.com/containers/common/libimage/layer_tree.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -92,14 +91,14 @@ func (l *layerNode) repoTags() ([]string, error) { // layerTree extracts a layerTree from the layers in the local storage and // relates them to the specified images. -func (r *Runtime) layerTree(images []*Image) (*layerTree, error) { +func (r *Runtime) layerTree(ctx context.Context, images []*Image) (*layerTree, error) { layers, err := r.store.Layers() if err != nil { return nil, err } if images == nil { - images, err = r.ListImages(context.Background(), nil, nil) + images, err = r.ListImages(ctx, nil, nil) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/libimage/load.go b/vendor/github.com/containers/common/libimage/load.go index 36283a99b..c250de626 100644 --- a/vendor/github.com/containers/common/libimage/load.go +++ b/vendor/github.com/containers/common/libimage/load.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/manifest_list.go b/vendor/github.com/containers/common/libimage/manifest_list.go index c36bfda96..8f4d6877f 100644 --- a/vendor/github.com/containers/common/libimage/manifest_list.go +++ b/vendor/github.com/containers/common/libimage/manifest_list.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -314,7 +313,7 @@ func (m *ManifestList) Add(ctx context.Context, name string, options *ManifestLi return newDigest, nil } -// Options for annotationg a manifest list. +// Options for annotating a manifest list. type ManifestListAnnotateOptions struct { // Add the specified annotations to the added image. Annotations map[string]string diff --git a/vendor/github.com/containers/common/libimage/normalize.go b/vendor/github.com/containers/common/libimage/normalize.go index 2b3402861..b00af66a0 100644 --- a/vendor/github.com/containers/common/libimage/normalize.go +++ b/vendor/github.com/containers/common/libimage/normalize.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/oci.go b/vendor/github.com/containers/common/libimage/oci.go index fcbd10ada..80aefc974 100644 --- a/vendor/github.com/containers/common/libimage/oci.go +++ b/vendor/github.com/containers/common/libimage/oci.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/platform.go b/vendor/github.com/containers/common/libimage/platform.go index c378bc27f..bf8b054b1 100644 --- a/vendor/github.com/containers/common/libimage/platform.go +++ b/vendor/github.com/containers/common/libimage/platform.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/pull.go b/vendor/github.com/containers/common/libimage/pull.go index bc8e84981..ea51cd294 100644 --- a/vendor/github.com/containers/common/libimage/pull.go +++ b/vendor/github.com/containers/common/libimage/pull.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -31,7 +30,7 @@ import ( "github.com/sirupsen/logrus" ) -// PullOptions allows for custommizing image pulls. +// PullOptions allows for customizing image pulls. type PullOptions struct { CopyOptions @@ -511,7 +510,7 @@ func (r *Runtime) copySingleImageFromRegistry(ctx context.Context, imageName str // If the local image is corrupted, we need to repull it. if localImage != nil { - if err := localImage.isCorrupted(imageName); err != nil { + if err := localImage.isCorrupted(ctx, imageName); err != nil { logrus.Error(err) localImage = nil } diff --git a/vendor/github.com/containers/common/libimage/push.go b/vendor/github.com/containers/common/libimage/push.go index ed1d90c14..c71f036c8 100644 --- a/vendor/github.com/containers/common/libimage/push.go +++ b/vendor/github.com/containers/common/libimage/push.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -13,7 +12,7 @@ import ( "github.com/sirupsen/logrus" ) -// PushOptions allows for custommizing image pushes. +// PushOptions allows for customizing image pushes. type PushOptions struct { CopyOptions } diff --git a/vendor/github.com/containers/common/libimage/runtime.go b/vendor/github.com/containers/common/libimage/runtime.go index 1948fe0ad..5493a2997 100644 --- a/vendor/github.com/containers/common/libimage/runtime.go +++ b/vendor/github.com/containers/common/libimage/runtime.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage @@ -162,7 +161,7 @@ func (r *Runtime) storageToImage(storageImage *storage.Image, ref types.ImageRef } } -// Exists returns true if the specicifed image exists in the local containers +// Exists returns true if the specified image exists in the local containers // storage. Note that it may return false if an image corrupted. func (r *Runtime) Exists(name string) (bool, error) { image, _, err := r.LookupImage(name, nil) @@ -172,7 +171,7 @@ func (r *Runtime) Exists(name string) (bool, error) { if image == nil { return false, nil } - if err := image.isCorrupted(name); err != nil { + if err := image.isCorrupted(context.Background(), name); err != nil { logrus.Error(err) return false, nil } @@ -235,8 +234,12 @@ func (r *Runtime) LookupImage(name string, options *LookupImageOptions) (*Image, if storageRef.Transport().Name() != storageTransport.Transport.Name() { return nil, "", fmt.Errorf("unsupported transport %q for looking up local images", storageRef.Transport().Name()) } - img, err := storageTransport.Transport.GetStoreImage(r.store, storageRef) + _, img, err := storageTransport.ResolveReference(storageRef) if err != nil { + if errors.Is(err, storageTransport.ErrNoSuchImage) { + // backward compatibility + return nil, "", storage.ErrImageUnknown + } return nil, "", err } logrus.Debugf("Found image %q in local containers storage (%s)", name, storageRef.StringWithinTransport()) @@ -347,9 +350,9 @@ func (r *Runtime) lookupImageInLocalStorage(name, candidate string, namedCandida if err != nil { return nil, err } - img, err = storageTransport.Transport.GetStoreImage(r.store, ref) + _, img, err = storageTransport.ResolveReference(ref) if err != nil { - if errors.Is(err, storage.ErrImageUnknown) { + if errors.Is(err, storageTransport.ErrNoSuchImage) { return nil, nil } return nil, err @@ -605,7 +608,7 @@ func (r *Runtime) ListImages(ctx context.Context, names []string, options *ListI // as the layer tree will computed once for all instead of once for // each individual image (see containers/podman/issues/17828). - tree, err := r.layerTree(images) + tree, err := r.layerTree(ctx, images) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/libimage/save.go b/vendor/github.com/containers/common/libimage/save.go index 47a3a566b..36dbbf95e 100644 --- a/vendor/github.com/containers/common/libimage/save.go +++ b/vendor/github.com/containers/common/libimage/save.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libimage/search.go b/vendor/github.com/containers/common/libimage/search.go index 9ef0e8320..b26ad80d2 100644 --- a/vendor/github.com/containers/common/libimage/search.go +++ b/vendor/github.com/containers/common/libimage/search.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package libimage diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go index 6e4514b99..27bf2c657 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package cni @@ -18,8 +17,8 @@ import ( internalutil "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" "github.com/containers/common/libnetwork/util" - pkgutil "github.com/containers/common/pkg/util" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" "golang.org/x/sys/unix" ) @@ -32,13 +31,13 @@ func createNetworkFromCNIConfigList(conf *libcni.NetworkConfigList, confPath str IPAMOptions: map[string]string{}, } - cniJSON := make(map[string]interface{}) + cniJSON := make(map[string]any) err := json.Unmarshal(conf.Bytes, &cniJSON) if err != nil { return nil, fmt.Errorf("failed to unmarshal network config %s: %w", conf.Name, err) } if args, ok := cniJSON["args"]; ok { - if key, ok := args.(map[string]interface{}); ok { + if key, ok := args.(map[string]any); ok { // read network labels and options from the conf file network.Labels = getNetworkArgsFromConfList(key, podmanLabelKey) network.Options = getNetworkArgsFromConfList(key, podmanOptionsKey) @@ -215,9 +214,9 @@ func convertIPAMConfToNetwork(network *types.Network, ipam *ipamConfig, confPath } // getNetworkArgsFromConfList returns the map of args in a conflist, argType should be labels or options -func getNetworkArgsFromConfList(args map[string]interface{}, argType string) map[string]string { +func getNetworkArgsFromConfList(args map[string]any, argType string) map[string]string { if args, ok := args[argType]; ok { - if labels, ok := args.(map[string]interface{}); ok { + if labels, ok := args.(map[string]any); ok { result := make(map[string]string, len(labels)) for k, v := range labels { if v, ok := v.(string); ok { @@ -299,7 +298,7 @@ func (n *cniNetwork) createCNIConfigListFromNetwork(network *types.Network, writ // the dnsname plugin also needs to be updated for 1.0.0 // TODO change to 1.0.0 when most distros support it ncList := newNcList(network.Name, "0.4.0", network.Labels, network.Options) - var plugins []interface{} + var plugins []any switch network.Driver { case types.BridgeNetworkDriver: @@ -359,7 +358,7 @@ func convertSpecgenPortsToCNIPorts(ports []types.PortMapping) ([]cniPortMapEntry protocols := strings.Split(port.Protocol, ",") for _, protocol := range protocols { - if !pkgutil.StringInSlice(protocol, []string{"tcp", "udp", "sctp"}) { + if !slices.Contains([]string{"tcp", "udp", "sctp"}, protocol) { return nil, fmt.Errorf("unknown port protocol %s", protocol) } cniPort := cniPortMapEntry{ @@ -421,11 +420,11 @@ func parseOptions(networkOptions map[string]string, networkDriver string) (*opti case types.ModeOption: switch networkDriver { case types.MacVLANNetworkDriver: - if !pkgutil.StringInSlice(v, types.ValidMacVLANModes) { + if !slices.Contains(types.ValidMacVLANModes, v) { return nil, fmt.Errorf("unknown macvlan mode %q", v) } case types.IPVLANNetworkDriver: - if !pkgutil.StringInSlice(v, types.ValidIPVLANModes) { + if !slices.Contains(types.ValidIPVLANModes, v) { return nil, fmt.Errorf("unknown ipvlan mode %q", v) } default: diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go index 4b7ed8c6d..f42f9ef99 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go @@ -17,7 +17,6 @@ // limitations under the License. //go:build linux || freebsd -// +build linux freebsd package cni diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go index 1d48d0805..ee1a4735c 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package cni @@ -116,7 +115,7 @@ type dnsNameConfig struct { } // ncList describes a generic map -type ncList map[string]interface{} +type ncList map[string]any // newNcList creates a generic map of values with string // keys and adds in version and network name @@ -139,8 +138,6 @@ func newNcList(name, version string, labels, options map[string]string) ncList { // newHostLocalBridge creates a new LocalBridge for host-local func newHostLocalBridge(name string, isGateWay, ipMasq bool, mtu, vlan int, ipamConf *ipamConfig) *hostLocalBridge { - caps := make(map[string]bool) - caps["ips"] = true bridge := hostLocalBridge{ PluginType: "bridge", BrName: name, @@ -154,7 +151,7 @@ func newHostLocalBridge(name string, isGateWay, ipMasq bool, mtu, vlan int, ipam bridge.IPAM = *ipamConf // if we use host-local set the ips cap to ensure we can set static ips via runtime config if ipamConf.PluginType == types.HostLocalIPAMDriver { - bridge.Capabilities = caps + bridge.Capabilities = map[string]bool{"ips": true} } } return &bridge @@ -216,13 +213,10 @@ func newIPAMDefaultRoute(isIPv6 bool) (ipamRoute, error) { // newPortMapPlugin creates a predefined, default portmapping // configuration func newPortMapPlugin() portMapConfig { - caps := make(map[string]bool) - caps["portMappings"] = true - p := portMapConfig{ + return portMapConfig{ PluginType: "portmap", - Capabilities: caps, + Capabilities: map[string]bool{"portMappings": true}, } - return p } // newFirewallPlugin creates a generic firewall plugin @@ -246,12 +240,10 @@ func newTuningPlugin() tuningConfig { // newDNSNamePlugin creates the dnsname config with a given // domainname func newDNSNamePlugin(domainName string) dnsNameConfig { - caps := make(map[string]bool, 1) - caps["aliases"] = true return dnsNameConfig{ PluginType: "dnsname", DomainName: domainName, - Capabilities: caps, + Capabilities: map[string]bool{"aliases": true}, } } diff --git a/vendor/github.com/containers/common/libnetwork/cni/config.go b/vendor/github.com/containers/common/libnetwork/cni/config.go index a1eeceb72..f28f936c0 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/config.go +++ b/vendor/github.com/containers/common/libnetwork/cni/config.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package cni @@ -11,8 +10,8 @@ import ( internalutil "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" - pkgutil "github.com/containers/common/pkg/util" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) func (n *cniNetwork) NetworkUpdate(_ string, _ types.NetworkUpdateOptions) error { @@ -206,7 +205,7 @@ func createIPMACVLAN(network *types.Network) error { if err != nil { return err } - if !pkgutil.StringInSlice(network.NetworkInterface, interfaceNames) { + if !slices.Contains(interfaceNames, network.NetworkInterface) { return fmt.Errorf("parent interface %s does not exist", network.NetworkInterface) } } diff --git a/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go b/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go index ff95c0e17..b406803d4 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go +++ b/vendor/github.com/containers/common/libnetwork/cni/config_freebsd.go @@ -1,5 +1,4 @@ //go:build freebsd -// +build freebsd package cni diff --git a/vendor/github.com/containers/common/libnetwork/cni/config_linux.go b/vendor/github.com/containers/common/libnetwork/cni/config_linux.go index 836fd73bf..0cbf99e06 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/config_linux.go +++ b/vendor/github.com/containers/common/libnetwork/cni/config_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cni diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go index 7d3369af7..04f267234 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/network.go +++ b/vendor/github.com/containers/common/libnetwork/cni/network.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package cni diff --git a/vendor/github.com/containers/common/libnetwork/cni/run.go b/vendor/github.com/containers/common/libnetwork/cni/run.go index 829c12704..513481f01 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/run.go +++ b/vendor/github.com/containers/common/libnetwork/cni/run.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package cni @@ -70,8 +69,9 @@ func (n *cniNetwork) Setup(namespacePath string, options types.SetupOptions) (ma // If we have more than one static ip we need parse the ips via runtime config, // make sure to add the ips capability to the first plugin otherwise it doesn't get the ips if len(netOpts.StaticIPs) > 0 && !network.cniNet.Plugins[0].Network.Capabilities["ips"] { - caps := make(map[string]interface{}) - caps["capabilities"] = map[string]bool{"ips": true} + caps := map[string]any{ + "capabilities": map[string]bool{"ips": true}, + } network.cniNet.Plugins[0], retErr = libcni.InjectConf(network.cniNet.Plugins[0], caps) if retErr != nil { return retErr @@ -174,7 +174,7 @@ func getRuntimeConfig(netns, conName, conID, networkName string, ports []cniPort // Only K8S_POD_NAME is used by dnsname to get the container name. {"K8S_POD_NAME", conName}, }, - CapabilityArgs: map[string]interface{}{}, + CapabilityArgs: map[string]any{}, } // Propagate environment CNI_ARGS diff --git a/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go index ed65921ce..6bdb34e64 100644 --- a/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go +++ b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go @@ -9,7 +9,7 @@ import ( "strings" "github.com/containers/common/pkg/config" - "github.com/containers/common/pkg/util" + "golang.org/x/exp/slices" ) const ( @@ -220,7 +220,7 @@ func checkIfEntryExists(current HostEntry, entries HostEntries) bool { if current.IP == rm.IP { // it is enough if one of the names match, in this case we remove the full entry for _, name := range current.Names { - if util.StringInSlice(name, rm.Names) { + if slices.Contains(rm.Names, name) { return true } } diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go index 7197a23bf..c511a2df7 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go @@ -7,13 +7,13 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/libnetwork/util" "github.com/containers/common/pkg/config" - pkgutil "github.com/containers/common/pkg/util" + "golang.org/x/exp/slices" ) func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet, subnetPools []config.SubnetPool) error { if network.NetworkInterface != "" { bridges := GetBridgeInterfaceNames(n) - if pkgutil.StringInSlice(network.NetworkInterface, bridges) { + if slices.Contains(bridges, network.NetworkInterface) { return fmt.Errorf("bridge name %s already in use", network.NetworkInterface) } if !types.NameRegex.MatchString(network.NetworkInterface) { diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/interface.go b/vendor/github.com/containers/common/libnetwork/internal/util/interface.go index 650fcb193..9b66e66a3 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/interface.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/interface.go @@ -7,7 +7,7 @@ import "github.com/containers/common/libnetwork/types" // NetUtil is a helper interface which all network interfaces should implement to allow easy code sharing type NetUtil interface { - // ForEach eaxecutes the given function for each network + // ForEach executes the given function for each network ForEach(func(types.Network)) // Len returns the number of networks Len() int diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/util.go b/vendor/github.com/containers/common/libnetwork/internal/util/util.go index 2ab24c563..8405bffd9 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/util.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/util.go @@ -7,8 +7,8 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" - "github.com/containers/common/pkg/util" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) // GetBridgeInterfaceNames returns all bridge interface names @@ -51,7 +51,7 @@ func GetFreeDeviceName(n NetUtil) (string, error) { // Start by 1, 0 is reserved for the default network for i := 1; i < 1000000; i++ { deviceName := fmt.Sprintf("%s%d", n.DefaultInterfaceName(), i) - if !util.StringInSlice(deviceName, names) { + if !slices.Contains(names, deviceName) { logrus.Debugf("found free device name %s", deviceName) return deviceName, nil } diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index de7af9575..27c035a35 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark @@ -16,14 +15,14 @@ import ( internalutil "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" - "github.com/containers/common/pkg/util" "github.com/containers/storage/pkg/stringid" + "golang.org/x/exp/slices" ) func sliceRemoveDuplicates(strList []string) []string { list := make([]string, 0, len(strList)) for _, item := range strList { - if !util.StringInSlice(item, list) { + if !slices.Contains(list, item) { list = append(list, item) } } @@ -71,7 +70,7 @@ func (n *netavarkNetwork) NetworkUpdate(name string, options types.NetworkUpdate networkDNSServersBefore := network.NetworkDNSServers networkDNSServersAfter := []string{} for _, server := range networkDNSServersBefore { - if util.StringInSlice(server, options.RemoveDNSServers) { + if slices.Contains(options.RemoveDNSServers, server) { continue } networkDNSServersAfter = append(networkDNSServersAfter, server) @@ -273,7 +272,7 @@ func createIpvlanOrMacvlan(network *types.Network) error { if err != nil { return err } - if !util.StringInSlice(network.NetworkInterface, interfaceNames) { + if !slices.Contains(interfaceNames, network.NetworkInterface) { return fmt.Errorf("parent interface %s does not exist", network.NetworkInterface) } } @@ -319,11 +318,11 @@ func createIpvlanOrMacvlan(network *types.Network) error { switch key { case types.ModeOption: if isMacVlan { - if !util.StringInSlice(value, types.ValidMacVLANModes) { + if !slices.Contains(types.ValidMacVLANModes, value) { return fmt.Errorf("unknown macvlan mode %q", value) } } else { - if !util.StringInSlice(value, types.ValidIPVLANModes) { + if !slices.Contains(types.ValidIPVLANModes, value) { return fmt.Errorf("unknown ipvlan mode %q", value) } } @@ -473,7 +472,7 @@ func getAllPlugins(dirs []string) []string { if err == nil { for _, entry := range entries { name := entry.Name() - if !util.StringInSlice(name, plugins) { + if !slices.Contains(plugins, name) { plugins = append(plugins, name) } } diff --git a/vendor/github.com/containers/common/libnetwork/netavark/const.go b/vendor/github.com/containers/common/libnetwork/netavark/const.go index 70c50b1a8..fd975a1f8 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/const.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/const.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark diff --git a/vendor/github.com/containers/common/libnetwork/netavark/exec.go b/vendor/github.com/containers/common/libnetwork/netavark/exec.go index e3f904766..2a52a4702 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/exec.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/exec.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark @@ -77,7 +76,7 @@ func getRustLogEnv() string { // used to marshal the netavark output into it. This can be nil. // All errors return by this function should be of the type netavarkError // to provide a helpful error message. -func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, result interface{}) error { +func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, result any) error { // set the netavark log level to the same as the podman env := append(os.Environ(), getRustLogEnv()) // Netavark need access to iptables in $PATH. As it turns out debian doesn't put @@ -102,11 +101,11 @@ func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, re return n.execBinary(n.netavarkBinary, append(n.getCommonNetavarkOptions(needPlugin), args...), stdin, result, env) } -func (n *netavarkNetwork) execPlugin(path string, args []string, stdin, result interface{}) error { +func (n *netavarkNetwork) execPlugin(path string, args []string, stdin, result any) error { return n.execBinary(path, args, stdin, result, nil) } -func (n *netavarkNetwork) execBinary(path string, args []string, stdin, result interface{}, env []string) error { +func (n *netavarkNetwork) execBinary(path string, args []string, stdin, result any, env []string) error { stdinR, stdinW, err := os.Pipe() if err != nil { return newNetavarkError("failed to create stdin pipe", err) diff --git a/vendor/github.com/containers/common/libnetwork/netavark/ipam.go b/vendor/github.com/containers/common/libnetwork/netavark/ipam.go index 65f21c1e3..b9a48d456 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/ipam.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/ipam.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark @@ -48,7 +47,7 @@ func (e *ipamError) Error() string { return msg } -func newIPAMError(cause error, msg string, args ...interface{}) *ipamError { +func newIPAMError(cause error, msg string, args ...any) *ipamError { return &ipamError{ msg: fmt.Sprintf(msg, args...), cause: cause, diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index aad3cc7bd..9f4ee3135 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark diff --git a/vendor/github.com/containers/common/libnetwork/netavark/run.go b/vendor/github.com/containers/common/libnetwork/netavark/run.go index 42c76690c..d13e51ff8 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/run.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/run.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package netavark @@ -11,8 +10,8 @@ import ( "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" - pkgutil "github.com/containers/common/pkg/util" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) type netavarkOptions struct { @@ -175,7 +174,7 @@ func (n *netavarkNetwork) convertNetOpts(opts types.NetworkOptions) (*netavarkOp return nil, false, err } netavarkOptions.Networks[network] = net - if !pkgutil.StringInSlice(net.Driver, builtinDrivers) { + if !slices.Contains(builtinDrivers, net.Driver) { needsPlugin = true } } diff --git a/vendor/github.com/containers/common/libnetwork/network/interface.go b/vendor/github.com/containers/common/libnetwork/network/interface.go index 4a8290ba7..576054079 100644 --- a/vendor/github.com/containers/common/libnetwork/network/interface.go +++ b/vendor/github.com/containers/common/libnetwork/network/interface.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package network diff --git a/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go b/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go index c451d3b49..472fb9452 100644 --- a/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go +++ b/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go @@ -7,9 +7,9 @@ import ( "path/filepath" "strings" - "github.com/containers/common/pkg/util" "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) const ( @@ -111,7 +111,7 @@ func getDefaultResolvConf(params *Params) ([]byte, bool, error) { // unsetSearchDomainsIfNeeded removes the search domain when they contain a single dot as element. func unsetSearchDomainsIfNeeded(searches []string) []string { - if util.StringInSlice(".", searches) { + if slices.Contains(searches, ".") { return nil } return searches @@ -173,7 +173,7 @@ func Remove(path string, nameservers []string) error { oldNameservers := getNameservers(contents) newNameserver := make([]string, 0, len(oldNameservers)) for _, ns := range oldNameservers { - if !util.StringInSlice(ns, nameservers) { + if !slices.Contains(nameservers, ns) { newNameserver = append(newNameserver, ns) } } diff --git a/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go b/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go index 43ca97808..5d91616de 100644 --- a/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go +++ b/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package slirp4netns @@ -706,7 +705,7 @@ func openSlirp4netnsPort(apiSocket, proto, hostip string, hostport, guestport ui } // if there is no 'error' key in the received JSON data, then the operation was // successful. - var y map[string]interface{} + var y map[string]any if err := json.Unmarshal(buf[0:readLength], &y); err != nil { return fmt.Errorf("parsing error status from slirp4netns: %w", err) } diff --git a/vendor/github.com/containers/common/libnetwork/util/filters.go b/vendor/github.com/containers/common/libnetwork/util/filters.go index 70f90918c..faea9c1ad 100644 --- a/vendor/github.com/containers/common/libnetwork/util/filters.go +++ b/vendor/github.com/containers/common/libnetwork/util/filters.go @@ -7,6 +7,7 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/filters" "github.com/containers/common/pkg/util" + "golang.org/x/exp/slices" ) func GenerateNetworkFilters(f map[string][]string) ([]types.FilterFunc, error) { @@ -32,7 +33,7 @@ func createFilterFuncs(key string, filterValues []string) (types.FilterFunc, err case types.Driver: // matches network driver return func(net types.Network) bool { - return util.StringInSlice(net.Driver, filterValues) + return slices.Contains(filterValues, net.Driver) }, nil case "id": diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go index 435422c27..5cbb6ba9f 100644 --- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go +++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go @@ -1,5 +1,4 @@ //go:build linux && apparmor -// +build linux,apparmor package apparmor diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go index 99e0e14e2..b8212542d 100644 --- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go +++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go @@ -1,5 +1,4 @@ //go:build linux && apparmor -// +build linux,apparmor package apparmor diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go index dacfc2f48..6c1ce46d6 100644 --- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go +++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux || !apparmor -// +build !linux !apparmor package apparmor diff --git a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go index 3bf25e086..e0b0ac95e 100644 --- a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go +++ b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go @@ -13,6 +13,7 @@ import ( "sync" "github.com/syndtr/gocapability/capability" + "golang.org/x/exp/slices" ) var ( @@ -54,16 +55,6 @@ func init() { } } -// stringInSlice determines if a string is in a string slice, returns bool -func stringInSlice(s string, sl []string) bool { - for _, i := range sl { - if i == s { - return true - } - } - return false -} - var ( boundingSetOnce sync.Once boundingSetRet []string @@ -115,7 +106,7 @@ func NormalizeCapabilities(caps []string) ([]string, error) { if !strings.HasPrefix(c, "CAP_") { c = "CAP_" + c } - if !stringInSlice(c, capabilityList) { + if !slices.Contains(capabilityList, c) { return nil, fmt.Errorf("%q: %w", c, ErrUnknownCapability) } normalized = append(normalized, c) @@ -127,7 +118,7 @@ func NormalizeCapabilities(caps []string) ([]string, error) { // ValidateCapabilities validates if caps only contains valid capabilities. func ValidateCapabilities(caps []string) error { for _, c := range caps { - if !stringInSlice(c, capabilityList) { + if !slices.Contains(capabilityList, c) { return fmt.Errorf("%q: %w", c, ErrUnknownCapability) } } @@ -159,8 +150,8 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { return nil, err } - if stringInSlice(All, capDrop) { - if stringInSlice(All, capAdd) { + if slices.Contains(capDrop, All) { + if slices.Contains(capAdd, All) { return nil, errors.New("adding all caps and removing all caps not allowed") } // "Drop" all capabilities; return what's in capAdd instead @@ -168,7 +159,7 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { return capAdd, nil } - if stringInSlice(All, capAdd) { + if slices.Contains(capAdd, All) { base, err = BoundingSet() if err != nil { return nil, err @@ -176,14 +167,14 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { capAdd = []string{} } else { for _, add := range capAdd { - if stringInSlice(add, capDrop) { + if slices.Contains(capDrop, add) { return nil, fmt.Errorf("capability %q cannot be dropped and added", add) } } } for _, drop := range capDrop { - if stringInSlice(drop, capAdd) { + if slices.Contains(capAdd, drop) { return nil, fmt.Errorf("capability %q cannot be dropped and added", drop) } } @@ -191,7 +182,7 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { caps := make([]string, 0, len(base)+len(capAdd)) // Drop any capabilities in capDrop that are in base for _, cap := range base { - if stringInSlice(cap, capDrop) { + if slices.Contains(capDrop, cap) { continue } caps = append(caps, cap) @@ -199,7 +190,7 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) { // Add any capabilities in capAdd that are not in base for _, cap := range capAdd { - if stringInSlice(cap, base) { + if slices.Contains(base, cap) { continue } caps = append(caps, cap) diff --git a/vendor/github.com/containers/common/pkg/cgroups/blkio_linux.go b/vendor/github.com/containers/common/pkg/cgroups/blkio_linux.go index dd18ed565..246f2c231 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/blkio_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/blkio_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go index 7605b5006..726324cfe 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups @@ -22,6 +21,7 @@ import ( "github.com/opencontainers/runc/libcontainer/cgroups/fs2" "github.com/opencontainers/runc/libcontainer/configs" "github.com/sirupsen/logrus" + "golang.org/x/exp/maps" ) var ( @@ -73,12 +73,13 @@ const ( var handlers map[string]controllerHandler func init() { - handlers = make(map[string]controllerHandler) - handlers[CPU] = getCPUHandler() - handlers[CPUset] = getCpusetHandler() - handlers[Memory] = getMemoryHandler() - handlers[Pids] = getPidsHandler() - handlers[Blkio] = getBlkioHandler() + handlers = map[string]controllerHandler{ + CPU: getCPUHandler(), + CPUset: getCpusetHandler(), + Memory: getMemoryHandler(), + Pids: getPidsHandler(), + Blkio: getBlkioHandler(), + } } // getAvailableControllers get the available controllers @@ -492,10 +493,7 @@ func (c *CgroupControl) AddPid(pid int) error { return fs2.CreateCgroupPath(path, c.config) } - names := make([]string, 0, len(handlers)) - for n := range handlers { - names = append(names, n) - } + names := maps.Keys(handlers) for _, c := range c.additionalControllers { if !c.symlink { diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go index 5c0cac642..863a14a15 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go index f2558728d..085031a59 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/cpu_linux.go b/vendor/github.com/containers/common/pkg/cgroups/cpu_linux.go index 4931be6ef..c10df7968 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cpu_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cpu_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/cpuset_linux.go b/vendor/github.com/containers/common/pkg/cgroups/cpuset_linux.go index c55c76864..28b46fb25 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cpuset_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cpuset_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/memory_linux.go b/vendor/github.com/containers/common/pkg/cgroups/memory_linux.go index 3335cdffe..b82945c5b 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/memory_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/memory_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/pids_linux.go b/vendor/github.com/containers/common/pkg/cgroups/pids_linux.go index a8163ce46..61ee85394 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/pids_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/pids_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/systemd.go b/vendor/github.com/containers/common/pkg/cgroups/systemd.go index 80a7bde28..b076ead6c 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/systemd.go +++ b/vendor/github.com/containers/common/pkg/cgroups/systemd.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/systemd_linux.go b/vendor/github.com/containers/common/pkg/cgroups/systemd_linux.go index 906c716d1..53458904c 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/systemd_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/systemd_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go index ffdf10aca..be9d11584 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package cgroups diff --git a/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go b/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go index f61bd3bb2..56269aa42 100644 --- a/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go +++ b/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux package cgroupv2 diff --git a/vendor/github.com/containers/common/pkg/chown/chown_unix.go b/vendor/github.com/containers/common/pkg/chown/chown_unix.go index be4b8cfa5..b598ac920 100644 --- a/vendor/github.com/containers/common/pkg/chown/chown_unix.go +++ b/vendor/github.com/containers/common/pkg/chown/chown_unix.go @@ -1,5 +1,4 @@ //go:build !windows -// +build !windows package chown diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index d25dd019a..2e352db44 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -13,12 +13,12 @@ import ( "github.com/containers/common/internal/attributedstring" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/capabilities" - "github.com/containers/common/pkg/util" "github.com/containers/storage/pkg/ioutils" "github.com/containers/storage/pkg/unshare" units "github.com/docker/go-units" selinux "github.com/opencontainers/selinux/go-selinux" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) const ( @@ -918,7 +918,7 @@ func (c *Config) GetDefaultEnvEx(envHost, httpProxy bool) []string { } // Capabilities returns the capabilities parses the Add and Drop capability -// list from the default capabiltiies for the container +// list from the default capabilities for the container func (c *Config) Capabilities(user string, addCapabilities, dropCapabilities []string) ([]string, error) { userNotRoot := func(user string) bool { if user == "" || user == "root" || user == "0" { @@ -1228,7 +1228,7 @@ func ValidateImageVolumeMode(mode string) error { if mode == "" { return nil } - if util.StringInSlice(mode, validImageVolumeModes) { + if slices.Contains(validImageVolumeModes, mode) { return nil } @@ -1245,7 +1245,7 @@ func (c *Config) FindInitBinary() (string, error) { if c.Engine.InitPath != "" { return c.Engine.InitPath, nil } - // keep old default working to guarantee backwards comapt + // keep old default working to guarantee backwards compat if _, err := os.Stat(DefaultInitPath); err == nil { return DefaultInitPath, nil } diff --git a/vendor/github.com/containers/common/pkg/config/config_local.go b/vendor/github.com/containers/common/pkg/config/config_local.go index dae3ea0d9..aac90b299 100644 --- a/vendor/github.com/containers/common/pkg/config/config_local.go +++ b/vendor/github.com/containers/common/pkg/config/config_local.go @@ -1,5 +1,4 @@ //go:build !remote -// +build !remote package config @@ -67,6 +66,13 @@ func (c *ContainersConfig) validateTZ() error { "/etc/zoneinfo", } + // Allow using TZDIR to override the lookupPaths. Ref: + // https://sourceware.org/git/?p=glibc.git;a=blob;f=time/tzfile.c;h=8a923d0cccc927a106dc3e3c641be310893bab4e;hb=HEAD#l149 + tzdir := os.Getenv("TZDIR") + if tzdir != "" { + lookupPaths = []string{tzdir} + } + for _, paths := range lookupPaths { zonePath := filepath.Join(paths, c.TZ) if _, err := os.Stat(zonePath); err == nil { diff --git a/vendor/github.com/containers/common/pkg/config/config_remote.go b/vendor/github.com/containers/common/pkg/config/config_remote.go index bff869efa..7ad7bc233 100644 --- a/vendor/github.com/containers/common/pkg/config/config_remote.go +++ b/vendor/github.com/containers/common/pkg/config/config_remote.go @@ -1,5 +1,4 @@ //go:build remote -// +build remote package config diff --git a/vendor/github.com/containers/common/pkg/config/config_unsupported.go b/vendor/github.com/containers/common/pkg/config/config_unsupported.go index 64e4fcfcd..341225f10 100644 --- a/vendor/github.com/containers/common/pkg/config/config_unsupported.go +++ b/vendor/github.com/containers/common/pkg/config/config_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux package config diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 22c433971..7a21f69ff 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -737,6 +737,15 @@ default_sysctls = [ # "/run/current-system/sw/bin/crun", #] +#crun-vm = [ +# "/usr/bin/crun-vm", +# "/usr/local/bin/crun-vm", +# "/usr/local/sbin/crun-vm", +# "/sbin/crun-vm", +# "/bin/crun-vm", +# "/run/current-system/sw/bin/crun-vm", +#] + #kata = [ # "/usr/bin/kata-runtime", # "/usr/sbin/kata-runtime", diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 9e65d5c20..1d826851a 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -295,9 +295,8 @@ func defaultMachineConfig() MachineConfig { // defaultFarmConfig returns the default farms configuration. func defaultFarmConfig() FarmConfig { - emptyList := make(map[string][]string) return FarmConfig{ - List: emptyList, + List: map[string][]string{}, } } @@ -340,7 +339,7 @@ func defaultEngineConfig() (*EngineConfig, error) { c.HelperBinariesDir.Set(defaultHelperBinariesDir) if additionalHelperBinariesDir != "" { - // Prioritize addtionalHelperBinariesDir over defaults. + // Prioritize additionalHelperBinariesDir over defaults. c.HelperBinariesDir.Set(append([]string{additionalHelperBinariesDir}, c.HelperBinariesDir.Get()...)) } c.HooksDir.Set(DefaultHooksDirs) @@ -365,6 +364,14 @@ func defaultEngineConfig() (*EngineConfig, error) { "/bin/crun", "/run/current-system/sw/bin/crun", }, + "crun-vm": { + "/usr/bin/crun-vm", + "/usr/local/bin/crun-vm", + "/usr/local/sbin/crun-vm", + "/sbin/crun-vm", + "/bin/crun-vm", + "/run/current-system/sw/bin/crun-vm", + }, "crun-wasm": { "/usr/bin/crun-wasm", "/usr/sbin/crun-wasm", @@ -556,7 +563,7 @@ func (c *Config) DNSServers() []string { return c.Containers.DNSServers.Get() } -// DNSSerches returns the default DNS searches to add to resolv.conf in containers. +// DNSSearches returns the default DNS searches to add to resolv.conf in containers. func (c *Config) DNSSearches() []string { return c.Containers.DNSSearches.Get() } diff --git a/vendor/github.com/containers/common/pkg/config/default_common.go b/vendor/github.com/containers/common/pkg/config/default_common.go index f65461043..2caa3f01d 100644 --- a/vendor/github.com/containers/common/pkg/config/default_common.go +++ b/vendor/github.com/containers/common/pkg/config/default_common.go @@ -1,5 +1,4 @@ //go:build !freebsd -// +build !freebsd package config diff --git a/vendor/github.com/containers/common/pkg/config/default_unsupported.go b/vendor/github.com/containers/common/pkg/config/default_unsupported.go index 0d427a054..46653e399 100644 --- a/vendor/github.com/containers/common/pkg/config/default_unsupported.go +++ b/vendor/github.com/containers/common/pkg/config/default_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux && !windows -// +build !linux,!windows package config diff --git a/vendor/github.com/containers/common/pkg/config/nosystemd.go b/vendor/github.com/containers/common/pkg/config/nosystemd.go index 352fddf92..8832d8426 100644 --- a/vendor/github.com/containers/common/pkg/config/nosystemd.go +++ b/vendor/github.com/containers/common/pkg/config/nosystemd.go @@ -1,5 +1,4 @@ //go:build !systemd || !cgo -// +build !systemd !cgo package config diff --git a/vendor/github.com/containers/common/pkg/config/systemd.go b/vendor/github.com/containers/common/pkg/config/systemd.go index 3cd6ff845..506374619 100644 --- a/vendor/github.com/containers/common/pkg/config/systemd.go +++ b/vendor/github.com/containers/common/pkg/config/systemd.go @@ -1,5 +1,4 @@ //go:build systemd && cgo -// +build systemd,cgo package config diff --git a/vendor/github.com/containers/common/pkg/filters/filters.go b/vendor/github.com/containers/common/pkg/filters/filters.go index 3d442a530..3370a7c65 100644 --- a/vendor/github.com/containers/common/pkg/filters/filters.go +++ b/vendor/github.com/containers/common/pkg/filters/filters.go @@ -76,13 +76,10 @@ func FiltersFromRequest(r *http.Request) ([]string, error) { libpodFilters := make([]string, 0, len(filters)) for filterKey, filterSlice := range filters { - f := filterKey for _, filterValue := range filterSlice { - f += "=" + filterValue + libpodFilters = append(libpodFilters, fmt.Sprintf("%s=%s", filterKey, filterValue)) } - libpodFilters = append(libpodFilters, f) } - return libpodFilters, nil } diff --git a/vendor/github.com/containers/common/pkg/manifests/manifests.go b/vendor/github.com/containers/common/pkg/manifests/manifests.go index 8296faa82..c72dc5f5a 100644 --- a/vendor/github.com/containers/common/pkg/manifests/manifests.go +++ b/vendor/github.com/containers/common/pkg/manifests/manifests.go @@ -33,6 +33,10 @@ type List interface { Features(instanceDigest digest.Digest) ([]string, error) SetOSFeatures(instanceDigest digest.Digest, osFeatures []string) error OSFeatures(instanceDigest digest.Digest) ([]string, error) + SetMediaType(instanceDigest digest.Digest, mediaType string) error + MediaType(instanceDigest digest.Digest) (string, error) + SetArtifactType(instanceDigest digest.Digest, artifactType string) error + ArtifactType(instanceDigest digest.Digest) (string, error) Serialize(mimeType string) ([]byte, error) Instances() []digest.Digest OCIv1() *v1.Index @@ -357,6 +361,44 @@ func (l *list) OSFeatures(instanceDigest digest.Digest) ([]string, error) { return append([]string{}, oci.Platform.OSFeatures...), nil } +// SetMediaType sets the MediaType field in the instance with the specified digest. +func (l *list) SetMediaType(instanceDigest digest.Digest, mediaType string) error { + oci, err := l.findOCIv1(instanceDigest) + if err != nil { + return err + } + oci.MediaType = mediaType + return nil +} + +// MediaType retrieves the MediaType field in the instance with the specified digest. +func (l *list) MediaType(instanceDigest digest.Digest) (string, error) { + oci, err := l.findOCIv1(instanceDigest) + if err != nil { + return "", err + } + return oci.MediaType, nil +} + +// SetArtifactType sets the ArtifactType field in the instance with the specified digest. +func (l *list) SetArtifactType(instanceDigest digest.Digest, artifactType string) error { + oci, err := l.findOCIv1(instanceDigest) + if err != nil { + return err + } + oci.ArtifactType = artifactType + return nil +} + +// ArtifactType retrieves the ArtifactType field in the instance with the specified digest. +func (l *list) ArtifactType(instanceDigest digest.Digest) (string, error) { + oci, err := l.findOCIv1(instanceDigest) + if err != nil { + return "", err + } + return oci.ArtifactType, nil +} + // FromBlob builds a list from an encoded manifest list or image index. func FromBlob(manifestBytes []byte) (List, error) { manifestType := manifest.GuessMIMEType(manifestBytes) @@ -421,13 +463,22 @@ func FromBlob(manifestBytes []byte) (List, error) { func (l *list) preferOCI() bool { // If we have any data that's only in the OCI format, use that. + if l.oci.ArtifactType != "" { + return true + } + if l.oci.Subject != nil { + return true + } for _, m := range l.oci.Manifests { - if len(m.URLs) > 0 { + if m.ArtifactType != "" { return true } if len(m.Annotations) > 0 { return true } + if len(m.Data) > 0 { + return true + } } // If we have any data that's only in the Docker format, use that. for _, m := range l.docker.Manifests { diff --git a/vendor/github.com/containers/common/pkg/parse/parse_unix.go b/vendor/github.com/containers/common/pkg/parse/parse_unix.go index 44fe33d9e..86563b3eb 100644 --- a/vendor/github.com/containers/common/pkg/parse/parse_unix.go +++ b/vendor/github.com/containers/common/pkg/parse/parse_unix.go @@ -1,5 +1,4 @@ //go:build linux || darwin || freebsd -// +build linux darwin freebsd package parse diff --git a/vendor/github.com/containers/common/pkg/password/password_supported.go b/vendor/github.com/containers/common/pkg/password/password_supported.go index 56e95b3d5..4761b3ff5 100644 --- a/vendor/github.com/containers/common/pkg/password/password_supported.go +++ b/vendor/github.com/containers/common/pkg/password/password_supported.go @@ -1,5 +1,4 @@ //go:build linux || darwin || freebsd -// +build linux darwin freebsd package password diff --git a/vendor/github.com/containers/common/pkg/password/password_windows.go b/vendor/github.com/containers/common/pkg/password/password_windows.go index 7a0822d01..0a1d9eebd 100644 --- a/vendor/github.com/containers/common/pkg/password/password_windows.go +++ b/vendor/github.com/containers/common/pkg/password/password_windows.go @@ -1,5 +1,4 @@ //go:build windows -// +build windows package password diff --git a/vendor/github.com/containers/common/pkg/report/formatter.go b/vendor/github.com/containers/common/pkg/report/formatter.go index aa8ed6b36..993c425a3 100644 --- a/vendor/github.com/containers/common/pkg/report/formatter.go +++ b/vendor/github.com/containers/common/pkg/report/formatter.go @@ -137,7 +137,7 @@ func (f *Formatter) Init(w io.Writer, minwidth, tabwidth, padding int, padchar b // Execute applies a parsed template to the specified data object, // and writes the output to Formatter.Writer. -func (f *Formatter) Execute(data interface{}) error { +func (f *Formatter) Execute(data any) error { return f.template.Execute(f.writer, data) } diff --git a/vendor/github.com/containers/common/pkg/report/template.go b/vendor/github.com/containers/common/pkg/report/template.go index d9b942ba4..0f7d5e5bf 100644 --- a/vendor/github.com/containers/common/pkg/report/template.go +++ b/vendor/github.com/containers/common/pkg/report/template.go @@ -36,7 +36,7 @@ var escapedReplacer = strings.NewReplacer( var DefaultFuncs = FuncMap{ "join": strings.Join, - "json": func(v interface{}) string { + "json": func(v any) string { buf := new(bytes.Buffer) enc := json.NewEncoder(buf) enc.SetEscapeHTML(false) @@ -93,7 +93,7 @@ func truncateWithLength(source string, length int) string { // 1) unchanged --format includes headers // 2) --format '{{.ID}" # no headers // 3) --format 'table {{.ID}}' # includes headers -func Headers(object interface{}, overrides map[string]string) []map[string]string { +func Headers(object any, overrides map[string]string) []map[string]string { value := reflect.ValueOf(object) if value.Kind() == reflect.Ptr { value = value.Elem() diff --git a/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go b/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go index 901e28a5d..008fe6bcd 100644 --- a/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go +++ b/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux package retry diff --git a/vendor/github.com/containers/common/pkg/rootlessport/rootlessport_linux.go b/vendor/github.com/containers/common/pkg/rootlessport/rootlessport_linux.go index 7ea018a23..dc4c5bf1a 100644 --- a/vendor/github.com/containers/common/pkg/rootlessport/rootlessport_linux.go +++ b/vendor/github.com/containers/common/pkg/rootlessport/rootlessport_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux // Rootlessport Config type for use in podman/cmd/rootlessport. package rootlessport diff --git a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go index 0db77879c..2a59c1496 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go +++ b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go @@ -142,6 +142,7 @@ func DefaultProfile() *Seccomp { "fchdir", "fchmod", "fchmodat", + "fchmodat2", "fchown", "fchown32", "fchownat", diff --git a/vendor/github.com/containers/common/pkg/seccomp/errno_list.go b/vendor/github.com/containers/common/pkg/seccomp/errno_list.go index 87ac2ab77..616cae336 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/errno_list.go +++ b/vendor/github.com/containers/common/pkg/seccomp/errno_list.go @@ -1,5 +1,4 @@ //go:build linux && seccomp -// +build linux,seccomp package seccomp diff --git a/vendor/github.com/containers/common/pkg/seccomp/filter.go b/vendor/github.com/containers/common/pkg/seccomp/filter.go index 72c95734b..1739dcb93 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/filter.go +++ b/vendor/github.com/containers/common/pkg/seccomp/filter.go @@ -1,5 +1,4 @@ //go:build seccomp -// +build seccomp // NOTE: this package has originally been copied from // github.com/opencontainers/runc and modified to work for other use cases diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json index 18674db4d..306e90148 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json +++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json @@ -149,6 +149,7 @@ "fchdir", "fchmod", "fchmodat", + "fchmodat2", "fchown", "fchown32", "fchownat", diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp_linux.go b/vendor/github.com/containers/common/pkg/seccomp/seccomp_linux.go index f7adde8ab..e399f6b28 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/seccomp_linux.go +++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp_linux.go @@ -1,5 +1,4 @@ //go:build seccomp -// +build seccomp // SPDX-License-Identifier: Apache-2.0 diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go b/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go index da5230c56..1bf8155dd 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go +++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux || !seccomp -// +build !linux !seccomp // SPDX-License-Identifier: Apache-2.0 @@ -15,12 +14,12 @@ import ( var errNotSupported = errors.New("seccomp not enabled in this build") -// LoadProfile returns an error on unsuppored systems +// LoadProfile returns an error on unsupported systems func LoadProfile(body string, rs *specs.Spec) (*specs.LinuxSeccomp, error) { return nil, errNotSupported } -// GetDefaultProfile returns an error on unsuppored systems +// GetDefaultProfile returns an error on unsupported systems func GetDefaultProfile(rs *specs.Spec) (*specs.LinuxSeccomp, error) { return nil, errNotSupported } diff --git a/vendor/github.com/containers/common/pkg/seccomp/supported.go b/vendor/github.com/containers/common/pkg/seccomp/supported.go index f8a20e536..5c39979d5 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/supported.go +++ b/vendor/github.com/containers/common/pkg/seccomp/supported.go @@ -1,5 +1,4 @@ //go:build linux && seccomp -// +build linux,seccomp package seccomp diff --git a/vendor/github.com/containers/common/pkg/seccomp/validate.go b/vendor/github.com/containers/common/pkg/seccomp/validate.go index 80558c1f0..81effc767 100644 --- a/vendor/github.com/containers/common/pkg/seccomp/validate.go +++ b/vendor/github.com/containers/common/pkg/seccomp/validate.go @@ -1,5 +1,4 @@ //go:build seccomp -// +build seccomp package seccomp diff --git a/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go b/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go index 3054a2bb5..33bb62dc4 100644 --- a/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go +++ b/vendor/github.com/containers/common/pkg/secrets/filedriver/filedriver.go @@ -10,6 +10,7 @@ import ( "sort" "github.com/containers/storage/pkg/lockfile" + "golang.org/x/exp/maps" ) // secretsDataFile is the file where secrets data/payload will be stored @@ -56,10 +57,7 @@ func (d *Driver) List() ([]string, error) { if err != nil { return nil, err } - allID := make([]string, 0, len(secretData)) - for k := range secretData { - allID = append(allID, k) - } + allID := maps.Keys(secretData) sort.Strings(allID) return allID, err } @@ -79,7 +77,7 @@ func (d *Driver) Lookup(id string) ([]byte, error) { return nil, fmt.Errorf("%s: %w", id, errNoSecretData) } -// Store stores the bytes associated with an ID. An error is returned if the ID arleady exists +// Store stores the bytes associated with an ID. An error is returned if the ID already exists func (d *Driver) Store(id string, data []byte) error { d.lockfile.Lock() defer d.lockfile.Unlock() diff --git a/vendor/github.com/containers/common/pkg/secrets/secrets.go b/vendor/github.com/containers/common/pkg/secrets/secrets.go index 47e688406..7092c8f2b 100644 --- a/vendor/github.com/containers/common/pkg/secrets/secrets.go +++ b/vendor/github.com/containers/common/pkg/secrets/secrets.go @@ -13,6 +13,7 @@ import ( "github.com/containers/storage/pkg/lockfile" "github.com/containers/storage/pkg/regexp" "github.com/containers/storage/pkg/stringid" + "golang.org/x/exp/maps" ) // maxSecretSize is the max size for secret data - 512kB @@ -289,11 +290,7 @@ func (s *SecretsManager) List() ([]Secret, error) { if err != nil { return nil, err } - ls := make([]Secret, 0, len(secrets)) - for _, v := range secrets { - ls = append(ls, v) - } - return ls, nil + return maps.Values(secrets), nil } // LookupSecretData returns secret metadata as well as secret data in bytes. diff --git a/vendor/github.com/containers/common/pkg/servicereaper/service.go b/vendor/github.com/containers/common/pkg/servicereaper/service.go index 11482c59c..12a29669b 100644 --- a/vendor/github.com/containers/common/pkg/servicereaper/service.go +++ b/vendor/github.com/containers/common/pkg/servicereaper/service.go @@ -1,5 +1,4 @@ //go:build linux || freebsd -// +build linux freebsd package servicereaper diff --git a/vendor/github.com/containers/common/pkg/signal/signal_linux.go b/vendor/github.com/containers/common/pkg/signal/signal_linux.go index 21e09c9fe..6800b7d3c 100644 --- a/vendor/github.com/containers/common/pkg/signal/signal_linux.go +++ b/vendor/github.com/containers/common/pkg/signal/signal_linux.go @@ -1,5 +1,4 @@ //go:build linux && !mips && !mipsle && !mips64 && !mips64le -// +build linux,!mips,!mipsle,!mips64,!mips64le // Signal handling for Linux only. package signal diff --git a/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go b/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go index 52b07aaf4..58b353955 100644 --- a/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go +++ b/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go @@ -1,6 +1,4 @@ //go:build linux && (mips || mipsle || mips64 || mips64le) -// +build linux -// +build mips mipsle mips64 mips64le // Special signal handling for mips architecture package signal diff --git a/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go b/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go index 0e8685a7c..36893d059 100644 --- a/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go +++ b/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux -// +build !linux // Signal handling for Linux only. package signal diff --git a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go index 1abb5802c..adc22d94c 100644 --- a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go +++ b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go @@ -23,6 +23,7 @@ import ( "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/agent" "golang.org/x/crypto/ssh/knownhosts" + "golang.org/x/exp/maps" ) func golangConnectionCreate(options ConnectionCreateOptions) error { @@ -262,7 +263,7 @@ func ValidateAndConfigure(uri *url.URL, iden string, insecureIsMachineConnection } } } - var authMethods []ssh.AuthMethod // now we validate and check for the authorization methods, most notaibly public key authorization + var authMethods []ssh.AuthMethod // now we validate and check for the authorization methods, most notably public key authorization if len(signers) > 0 { dedup := make(map[string]ssh.Signer) for _, s := range signers { @@ -273,10 +274,7 @@ func ValidateAndConfigure(uri *url.URL, iden string, insecureIsMachineConnection dedup[fp] = s } - var uniq []ssh.Signer - for _, s := range dedup { - uniq = append(uniq, s) - } + uniq := maps.Values(dedup) authMethods = append(authMethods, ssh.PublicKeysCallback(func() ([]ssh.Signer, error) { return uniq, nil })) diff --git a/vendor/github.com/containers/common/pkg/ssh/types.go b/vendor/github.com/containers/common/pkg/ssh/types.go index 600655931..bc41d78bf 100644 --- a/vendor/github.com/containers/common/pkg/ssh/types.go +++ b/vendor/github.com/containers/common/pkg/ssh/types.go @@ -70,11 +70,11 @@ type ConnectionScpReport struct { // Info is the overall struct that describes the host system // running libpod/podman type Info struct { - Host *HostInfo `json:"host"` - Store *StoreInfo `json:"store"` - Registries map[string]interface{} `json:"registries"` - Plugins Plugins `json:"plugins"` - Version Version `json:"version"` + Host *HostInfo `json:"host"` + Store *StoreInfo `json:"store"` + Registries map[string]any `json:"registries"` + Plugins Plugins `json:"plugins"` + Version Version `json:"version"` } // Version is an output struct for API @@ -121,8 +121,8 @@ type HostInfo struct { OCIRuntime *OCIRuntimeInfo `json:"ociRuntime"` OS string `json:"os"` // RemoteSocket returns the UNIX domain socket the Podman service is listening on - RemoteSocket *RemoteSocket `json:"remoteSocket,omitempty"` - RuntimeInfo map[string]interface{} `json:"runtimeInfo,omitempty"` + RemoteSocket *RemoteSocket `json:"remoteSocket,omitempty"` + RuntimeInfo map[string]any `json:"runtimeInfo,omitempty"` // ServiceIsRemote is true when the podman/libpod service is remote to the client ServiceIsRemote bool `json:"serviceIsRemote"` Security SecurityInfo `json:"security"` @@ -179,11 +179,11 @@ type OCIRuntimeInfo struct { // StoreInfo describes the container storage and its // attributes type StoreInfo struct { - ConfigFile string `json:"configFile"` - ContainerStore ContainerStore `json:"containerStore"` - GraphDriverName string `json:"graphDriverName"` - GraphOptions map[string]interface{} `json:"graphOptions"` - GraphRoot string `json:"graphRoot"` + ConfigFile string `json:"configFile"` + ContainerStore ContainerStore `json:"containerStore"` + GraphDriverName string `json:"graphDriverName"` + GraphOptions map[string]any `json:"graphOptions"` + GraphRoot string `json:"graphRoot"` // GraphRootAllocated is how much space the graphroot has in bytes GraphRootAllocated uint64 `json:"graphRootAllocated"` // GraphRootUsed is how much of graphroot is used in bytes diff --git a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go index 6ba2154a7..6cd7723da 100644 --- a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go +++ b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go @@ -231,7 +231,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerRunDir string fileInfo, err := os.Stat(hostDirOrFile) if err != nil { if errors.Is(err, os.ErrNotExist) { - logrus.Warnf("Path %q from %q doesn't exist, skipping", hostDirOrFile, filePath) + logrus.Infof("Path %q from %q doesn't exist, skipping", hostDirOrFile, filePath) continue } return nil, err diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go index d77e52f60..5e680957b 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_other.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_other.go index 26c543c4a..fdb0586e5 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_other.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_other.go @@ -1,5 +1,4 @@ //go:build !linux && !windows -// +build !linux,!windows package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go index 9f354eb10..13c42d280 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go @@ -1,5 +1,4 @@ //go:build windows -// +build windows package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go b/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go index 018c488be..739a7ffb1 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go @@ -1,5 +1,4 @@ //go:build linux -// +build linux package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go b/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go index c9e4184aa..2b6bbaf2d 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go @@ -1,5 +1,4 @@ //go:build (windows && ignore) || osx -// +build windows,ignore osx package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go index af1c77d60..bf4b3104e 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go @@ -1,5 +1,4 @@ //go:build solaris && cgo -// +build solaris,cgo package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go index 4aa9401f6..ce6ac0232 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go @@ -1,5 +1,4 @@ //go:build !linux && !solaris && !windows -// +build !linux,!solaris,!windows package sysinfo diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go index 455a8892f..e89d18a06 100644 --- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go +++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go @@ -1,5 +1,4 @@ //go:build windows -// +build windows package sysinfo diff --git a/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go b/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go index 02503618f..c1d8ed72e 100644 --- a/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go +++ b/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go @@ -143,7 +143,7 @@ func RunUnderSystemdScope(pid int, slice string, unitName string) error { return nil } -func newProp(name string, units interface{}) systemdDbus.Property { +func newProp(name string, units any) systemdDbus.Property { return systemdDbus.Property{ Name: name, Value: dbus.MakeVariant(units), diff --git a/vendor/github.com/containers/common/pkg/umask/umask_unix.go b/vendor/github.com/containers/common/pkg/umask/umask_unix.go index 4f5527cb6..caa60c8e6 100644 --- a/vendor/github.com/containers/common/pkg/umask/umask_unix.go +++ b/vendor/github.com/containers/common/pkg/umask/umask_unix.go @@ -1,5 +1,4 @@ //go:build linux || darwin -// +build linux darwin package umask diff --git a/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go b/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go index cf76ea1d3..547dea868 100644 --- a/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go +++ b/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go @@ -1,5 +1,4 @@ //go:build !linux && !darwin -// +build !linux,!darwin package umask diff --git a/vendor/github.com/containers/common/pkg/util/util.go b/vendor/github.com/containers/common/pkg/util/util.go index 708472bac..8229296d7 100644 --- a/vendor/github.com/containers/common/pkg/util/util.go +++ b/vendor/github.com/containers/common/pkg/util/util.go @@ -9,16 +9,14 @@ import ( "github.com/fsnotify/fsnotify" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) -// StringInSlice determines if a string is in a string slice, returns bool +// StringInSlice determines if a string is in a string slice, returns bool. +// +// Deprecated: Use [golang.org/x/exp/slices.Contains] instead. func StringInSlice(s string, sl []string) bool { - for _, i := range sl { - if i == s { - return true - } - } - return false + return slices.Contains(sl, s) } // StringMatchRegexSlice determines if a given string matches one of the given regexes, returns bool diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 8773d23d4..2e12a0e7c 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.57.1-dev" +const Version = "0.58.0-dev" diff --git a/vendor/github.com/containers/storage/.cirrus.yml b/vendor/github.com/containers/storage/.cirrus.yml index 7d49c82dc..43cfef280 100644 --- a/vendor/github.com/containers/storage/.cirrus.yml +++ b/vendor/github.com/containers/storage/.cirrus.yml @@ -17,13 +17,13 @@ env: #### #### Cache-image names to test with (double-quotes around names are critical) ### - FEDORA_NAME: "fedora-39ß" + FEDORA_NAME: "fedora-39" DEBIAN_NAME: "debian-13" # GCE project where images live IMAGE_PROJECT: "libpod-218412" # VM Image built in containers/automation_images - IMAGE_SUFFIX: "c20231116t174419z-f39f38d13" + IMAGE_SUFFIX: "c20231208t193858z-f39f38d13" FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" DEBIAN_CACHE_IMAGE_NAME: "debian-${IMAGE_SUFFIX}" diff --git a/vendor/github.com/containers/storage/drivers/overlay/composefs_supported.go b/vendor/github.com/containers/storage/drivers/overlay/composefs.go index 26dd36866..ed9287d6a 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/composefs_supported.go +++ b/vendor/github.com/containers/storage/drivers/overlay/composefs.go @@ -1,5 +1,5 @@ -//go:build linux && composefs && cgo -// +build linux,composefs,cgo +//go:build linux && cgo +// +build linux,cgo package overlay @@ -34,11 +34,6 @@ func getComposeFsHelper() (string, error) { return composeFsHelperPath, composeFsHelperErr } -func composeFsSupported() bool { - _, err := getComposeFsHelper() - return err == nil -} - func enableVerity(description string, fd int) error { enableArg := unix.FsverityEnableArg{ Version: 1, diff --git a/vendor/github.com/containers/storage/drivers/overlay/composefs_notsupported.go b/vendor/github.com/containers/storage/drivers/overlay/composefs_notsupported.go deleted file mode 100644 index 347e4d35c..000000000 --- a/vendor/github.com/containers/storage/drivers/overlay/composefs_notsupported.go +++ /dev/null @@ -1,24 +0,0 @@ -//go:build !linux || !composefs || !cgo -// +build !linux !composefs !cgo - -package overlay - -import ( - "fmt" -) - -func composeFsSupported() bool { - return false -} - -func generateComposeFsBlob(verityDigests map[string]string, toc interface{}, composefsDir string) error { - return fmt.Errorf("composefs is not supported") -} - -func mountComposefsBlob(dataDir, mountPoint string) error { - return fmt.Errorf("composefs is not supported") -} - -func enableVerityRecursive(path string) (map[string]string, error) { - return nil, fmt.Errorf("composefs is not supported") -} diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go index f1c742d0a..8cc33e15f 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go +++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go @@ -105,6 +105,7 @@ type overlayOptions struct { mountOptions string ignoreChownErrors bool forceMask *os.FileMode + useComposefs bool } // Driver contains information about the home directory and the list of active mounts that are created using this driver. @@ -122,6 +123,7 @@ type Driver struct { supportsDType bool supportsVolatile *bool usingMetacopy bool + usingComposefs bool supportsIDMappedMounts *bool } @@ -387,6 +389,22 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error) } } + if opts.useComposefs { + if unshare.IsRootless() { + return nil, fmt.Errorf("composefs is not supported in user namespaces") + } + supportsDataOnly, err := supportsDataOnlyLayersCached(home, runhome) + if err != nil { + return nil, err + } + if !supportsDataOnly { + return nil, fmt.Errorf("composefs is not supported on this kernel: %w", graphdriver.ErrIncompatibleFS) + } + if _, err := getComposeFsHelper(); err != nil { + return nil, fmt.Errorf("composefs helper program not found: %w", err) + } + } + var usingMetacopy bool var supportsDType bool var supportsVolatile *bool @@ -448,6 +466,7 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error) supportsDType: supportsDType, usingMetacopy: usingMetacopy, supportsVolatile: supportsVolatile, + usingComposefs: opts.useComposefs, options: *opts, } @@ -555,6 +574,12 @@ func parseOptions(options []string) (*overlayOptions, error) { withReference: withReference, }) } + case "use_composefs": + logrus.Debugf("overlay: use_composefs=%s", val) + o.useComposefs, err = strconv.ParseBool(val) + if err != nil { + return nil, err + } case "mount_program": logrus.Debugf("overlay: mount_program=%s", val) if val != "" { @@ -782,7 +807,7 @@ func supportsOverlay(home string, homeMagic graphdriver.FsMagic, rootUID, rootGI } func (d *Driver) useNaiveDiff() bool { - if d.useComposeFs() { + if d.usingComposefs { return true } @@ -2002,6 +2027,9 @@ func (d *Driver) getStagingDir() string { // contains files for the layer differences, either for this layer, or one of our // lowers if we're just a template directory. Used for direct access for tar-split. func (d *Driver) DiffGetter(id string) (graphdriver.FileGetCloser, error) { + if d.usingComposefs { + return nil, nil + } p, err := d.getDiffPath(id) if err != nil { return nil, err @@ -2018,9 +2046,9 @@ func (d *Driver) CleanupStagingDirectory(stagingDirectory string) error { return os.RemoveAll(stagingDirectory) } -func (d *Driver) supportsDataOnlyLayers() (bool, error) { +func supportsDataOnlyLayersCached(home, runhome string) (bool, error) { feature := "dataonly-layers" - overlayCacheResult, overlayCacheText, err := cachedFeatureCheck(d.runhome, feature) + overlayCacheResult, overlayCacheText, err := cachedFeatureCheck(runhome, feature) if err == nil { if overlayCacheResult { logrus.Debugf("Cached value indicated that data-only layers for overlay are supported") @@ -2029,25 +2057,13 @@ func (d *Driver) supportsDataOnlyLayers() (bool, error) { logrus.Debugf("Cached value indicated that data-only layers for overlay are not supported") return false, errors.New(overlayCacheText) } - supportsDataOnly, err := supportsDataOnlyLayers(d.home) - if err2 := cachedFeatureRecord(d.runhome, feature, supportsDataOnly, ""); err2 != nil { + supportsDataOnly, err := supportsDataOnlyLayers(home) + if err2 := cachedFeatureRecord(runhome, feature, supportsDataOnly, ""); err2 != nil { return false, fmt.Errorf("recording overlay data-only layers support status: %w", err2) } return supportsDataOnly, err } -func (d *Driver) useComposeFs() bool { - if !composeFsSupported() || unshare.IsRootless() { - return false - } - supportsDataOnlyLayers, err := d.supportsDataOnlyLayers() - if err != nil { - logrus.Debugf("Check for data-only layers failed with: %v", err) - return false - } - return supportsDataOnlyLayers -} - // ApplyDiff applies the changes in the new layer using the specified function func (d *Driver) ApplyDiffWithDiffer(id, parent string, options *graphdriver.ApplyDiffWithDifferOpts, differ graphdriver.Differ) (output graphdriver.DriverWithDifferOutput, err error) { var idMappings *idtools.IDMappings @@ -2083,7 +2099,7 @@ func (d *Driver) ApplyDiffWithDiffer(id, parent string, options *graphdriver.App differOptions := graphdriver.DifferOptions{ Format: graphdriver.DifferOutputFormatDir, } - if d.useComposeFs() { + if d.usingComposefs { differOptions.Format = graphdriver.DifferOutputFormatFlat } out, err := differ.ApplyDiff(applyDir, &archive.TarOptions{ @@ -2105,7 +2121,7 @@ func (d *Driver) ApplyDiffFromStagingDirectory(id, parent, stagingDirectory stri return fmt.Errorf("%q is not a staging directory", stagingDirectory) } - if d.useComposeFs() { + if d.usingComposefs { // FIXME: move this logic into the differ so we don't have to open // the file twice. verityDigests, err := enableVerityRecursive(stagingDirectory) diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go index 130de5444..8dfce5e36 100644 --- a/vendor/github.com/containers/storage/layers.go +++ b/vendor/github.com/containers/storage/layers.go @@ -2034,9 +2034,16 @@ func (s *simpleGetCloser) Close() error { // LOCKING BUG: See the comments in layerStore.Diff func (r *layerStore) newFileGetter(id string) (drivers.FileGetCloser, error) { if getter, ok := r.driver.(drivers.DiffGetterDriver); ok { - return getter.DiffGetter(id) + fgc, err := getter.DiffGetter(id) + if err != nil { + return nil, err + } + if fgc != nil { + return fgc, nil + } } - path, err := r.Mount(id, drivers.MountOpts{}) + + path, err := r.Mount(id, drivers.MountOpts{Options: []string{"ro"}}) if err != nil { return nil, err } diff --git a/vendor/github.com/containers/storage/pkg/archive/archive.go b/vendor/github.com/containers/storage/pkg/archive/archive.go index 85c91690d..51d0a66eb 100644 --- a/vendor/github.com/containers/storage/pkg/archive/archive.go +++ b/vendor/github.com/containers/storage/pkg/archive/archive.go @@ -477,7 +477,7 @@ func (ta *tarAppender) addTarFile(path, name string) error { } } if fi.Mode()&os.ModeSocket != 0 { - logrus.Warnf("archive: skipping %q since it is a socket", path) + logrus.Infof("archive: skipping %q since it is a socket", path) return nil } diff --git a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go index ca7ce30f7..a2fd904ca 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go +++ b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go @@ -420,6 +420,14 @@ func writeZstdChunkedStream(destFile io.Writer, outMetadata map[string]string, r zstdWriter.Close() return err } + + // make sure the entire tarball is flushed to the output as it might contain + // some trailing zeros that affect the checksum. + if _, err := io.Copy(zstdWriter, its); err != nil { + zstdWriter.Close() + return err + } + if err := zstdWriter.Flush(); err != nil { zstdWriter.Close() return err @@ -452,12 +460,12 @@ type zstdChunkedWriter struct { } func (w zstdChunkedWriter) Close() error { - err := <-w.tarSplitErr - if err != nil { - w.tarSplitOut.Close() + errClose := w.tarSplitOut.Close() + + if err := <-w.tarSplitErr; err != nil && err != io.EOF { return err } - return w.tarSplitOut.Close() + return errClose } func (w zstdChunkedWriter) Write(p []byte) (int, error) { diff --git a/vendor/github.com/containers/storage/pkg/chunked/dump/dump.go b/vendor/github.com/containers/storage/pkg/chunked/dump/dump.go index a08928034..5e569682a 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/dump/dump.go +++ b/vendor/github.com/containers/storage/pkg/chunked/dump/dump.go @@ -94,7 +94,7 @@ func getStMode(mode uint32, typ string) (uint32, error) { } func dumpNode(out io.Writer, links map[string]int, verityDigests map[string]string, entry *internal.FileMetadata) error { - path := entry.Name + path := strings.TrimRight(entry.Name, "/") if path == "" { path = "/" } else if path[0] != '/' { diff --git a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go index fe216a2ff..f278628e8 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go @@ -259,10 +259,17 @@ func GetDiffer(ctx context.Context, store storage.Store, blobSize int64, annotat return nil, err } - if _, ok := annotations[internal.ManifestChecksumKey]; ok { + _, hasZstdChunkedTOC := annotations[internal.ManifestChecksumKey] + _, hasEstargzTOC := annotations[estargz.TOCJSONDigestAnnotation] + + if hasZstdChunkedTOC && hasEstargzTOC { + return nil, errors.New("both zstd:chunked and eStargz TOC found") + } + + if hasZstdChunkedTOC { return makeZstdChunkedDiffer(ctx, store, blobSize, annotations, iss, &storeOpts) } - if _, ok := annotations[estargz.TOCJSONDigestAnnotation]; ok { + if hasEstargzTOC { return makeEstargzChunkedDiffer(ctx, store, blobSize, annotations, iss, &storeOpts) } diff --git a/vendor/github.com/containers/storage/pkg/config/config.go b/vendor/github.com/containers/storage/pkg/config/config.go index 20d72ca89..febe8a0c5 100644 --- a/vendor/github.com/containers/storage/pkg/config/config.go +++ b/vendor/github.com/containers/storage/pkg/config/config.go @@ -97,6 +97,8 @@ type OverlayOptionsConfig struct { Inodes string `toml:"inodes,omitempty"` // Do not create a bind mount on the storage home SkipMountHome string `toml:"skip_mount_home,omitempty"` + // Specify whether composefs must be used to mount the data layers + UseComposefs string `toml:"use_composefs,omitempty"` // ForceMask indicates the permissions mask (e.g. "0755") to use for new // files and directories ForceMask string `toml:"force_mask,omitempty"` @@ -147,6 +149,9 @@ type OptionsConfig struct { // ignored when building an image. IgnoreChownErrors string `toml:"ignore_chown_errors,omitempty"` + // Specify whether composefs must be used to mount the data layers + UseComposefs string `toml:"use_composefs,omitempty"` + // ForceMask indicates the permissions mask (e.g. "0755") to use for new // files and directories. ForceMask os.FileMode `toml:"force_mask,omitempty"` @@ -283,6 +288,7 @@ func GetGraphDriverOptions(driverName string, options OptionsConfig) []string { } case "overlay", "overlay2": + // Specify whether composefs must be used to mount the data layers if options.Overlay.IgnoreChownErrors != "" { doptions = append(doptions, fmt.Sprintf("%s.ignore_chown_errors=%s", driverName, options.Overlay.IgnoreChownErrors)) } else if options.IgnoreChownErrors != "" { @@ -316,6 +322,9 @@ func GetGraphDriverOptions(driverName string, options OptionsConfig) []string { } else if options.ForceMask != 0 { doptions = append(doptions, fmt.Sprintf("%s.force_mask=%s", driverName, options.ForceMask)) } + if options.Overlay.UseComposefs != "" { + doptions = append(doptions, fmt.Sprintf("%s.use_composefs=%s", driverName, options.Overlay.UseComposefs)) + } case "vfs": if options.Vfs.IgnoreChownErrors != "" { doptions = append(doptions, fmt.Sprintf("%s.ignore_chown_errors=%s", driverName, options.Vfs.IgnoreChownErrors)) diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go index 83de680c2..e3160d0da 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go @@ -17,7 +17,7 @@ const ( // IsRootless tells us if we are running in rootless mode func IsRootless() bool { - return false + return os.Getuid() != 0 } // GetRootlessUID returns the UID of the user in the parent userNS diff --git a/vendor/github.com/containers/storage/storage.conf b/vendor/github.com/containers/storage/storage.conf index cb4525f27..d91fa98fa 100644 --- a/vendor/github.com/containers/storage/storage.conf +++ b/vendor/github.com/containers/storage/storage.conf @@ -130,6 +130,9 @@ mountopt = "nodev" # Set to skip a PRIVATE bind mount on the storage home directory. # skip_mount_home = "false" +# Set to use composefs to mount data layers with overlay. +# use_composefs = "false" + # Size is used to set a maximum size of the container image. # size = "" diff --git a/vendor/github.com/containers/storage/storage.conf-freebsd b/vendor/github.com/containers/storage/storage.conf-freebsd index c8abee64f..03bbe2461 100644 --- a/vendor/github.com/containers/storage/storage.conf-freebsd +++ b/vendor/github.com/containers/storage/storage.conf-freebsd @@ -96,6 +96,9 @@ mountopt = "nodev" # Set to skip a PRIVATE bind mount on the storage home directory. # skip_mount_home = "false" +# Set to use composefs to mount data layers with overlay. +# use_composefs = "false" + # Size is used to set a maximum size of the container image. # size = "" |