Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependency to avoid license conflicts #313

Closed
wants to merge 1 commit into from
Closed

Upgrade dependency to avoid license conflicts #313

wants to merge 1 commit into from

Conversation

parkerduckworth
Copy link

Background

Hello containerd team 👋

We are working on adding more resource guardrails into the Weaviate vector database, and in doing so need to read cgroup limits. Your library here is amazing, and exactly what we need. Unfortunately, we are having license compliance issues by depending on it.

Cgroups currently depends directly on ebpf v0.9.1. In this version of ebpf, this extract-vmlinux file was added to the repository, which contains a GPL-2.0-only clause, which is incompatible with our license compliance guidelines.

The good news is, that with v0.11.0, ebpf removed this file, for similar license conflicts (commit message for the change in their repo):

extract-vmlinux is GPL licensed code which makes it harder for
cilium to graduate in the CNCF. Remove the vendored copy and require
the user to provide the binary instead.

Changes

This PR bumps the ebpf version from v0.9.1 -> v0.11.0 to avoid license compliance issues based on a single file in ebpf, which was introduced in v0.9.1, and removed in v0.11.0.

Tests

The patch has been verified by running tests locally on an Ubuntu (20.04 LTS) VM:

parker@containerd-cgroups-test:~/cgroups$ go test ./... -count=1
ok      github.com/containerd/cgroups/v3        0.003s
ok      github.com/containerd/cgroups/v3/cgroup1        0.083s
?       github.com/containerd/cgroups/v3/cgroup1/stats  [no test files]
ok      github.com/containerd/cgroups/v3/cgroup2        0.007s
?       github.com/containerd/cgroups/v3/cgroup2/stats  [no test files]

Contribution Guidelines

I have read your guidelines, and I have done my best to comply with them. If there is still something which needs to be done, I'm happy to do so.

@parkerduckworth
Upgrade dependency to avoid license conflicts
ed6e0d6 
Bumps the ebpf version from v0.9.1 -> v0.11.0 to avoid
a GPL-only clause found in a single file in ebpf, which
was introduced in v0.9.1, and removed in v0.11.0.

Signed-off-by: Parker Duckworth <parkerduckworth@gmail.com>
@parkerduckworth parkerduckworth mentioned this pull request Dec 4, 2023
Closed
4 tasks
@AkihiroSuda
Copy link
Member

In this version of ebpf, this extract-vmlinux file was added to the repository, which contains a GPL-2.0-only clause, which is incompatible with our license compliance guidelines.

Just to confirm, this file is just test data and not consumed by containerd, right?
If so, "license conflict" doesn't seem to be correct words.

@fuweid
Copy link
Member

fuweid commented Dec 14, 2023

Sorry, just saw this pull request. I just merged this one #315

I think there is no license issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@parkerduckworth @AkihiroSuda @fuweid