diff --git a/go.mod b/go.mod index 1903330b4a..6375373214 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ go 1.21 // ***** ATTENTION WARNING CAUTION DANGER ****** require ( github.com/containerd/containerd v1.7.16 github.com/containernetworking/cni v1.1.2 - github.com/containers/common v0.58.1-0.20240509172903-2c88a3f280bb + github.com/containers/common v0.58.3 github.com/containers/image/v5 v5.30.2-0.20240509191815-9318d0eaaf78 github.com/containers/luksy v0.0.0-20240408185936-afd8e7619947 github.com/containers/ocicrypt v1.1.10 diff --git a/go.sum b/go.sum index 9beb654a7d..4c1dd59d65 100644 --- a/go.sum +++ b/go.sum @@ -61,8 +61,8 @@ github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl3 github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= github.com/containernetworking/plugins v1.4.1 h1:+sJRRv8PKhLkXIl6tH1D7RMi+CbbHutDGU+ErLBORWA= github.com/containernetworking/plugins v1.4.1/go.mod h1:n6FFGKcaY4o2o5msgu/UImtoC+fpQXM3076VHfHbj60= -github.com/containers/common v0.58.1-0.20240509172903-2c88a3f280bb h1:mb5e8J/kErkytiM1J5hqdZENBJfSQyQ37Cgx0hinVYs= -github.com/containers/common v0.58.1-0.20240509172903-2c88a3f280bb/go.mod h1:SCOYkp6ul27v6WoNkbgvhAhhSEM6fYKl2My9/WuESdA= +github.com/containers/common v0.58.3 h1:Iy/CdYjluEK926QT+ejonz7YvoRHazeW7BAiLIkmUQ4= +github.com/containers/common v0.58.3/go.mod h1:p4V1SNk+WOISgp01m+axuqCUxaDP3WSZPPzvnJnS/cQ= github.com/containers/image/v5 v5.30.2-0.20240509191815-9318d0eaaf78 h1:1fktdUOKdvMbDbAullFBjslw1VewscLwTjsH2S+6ieM= github.com/containers/image/v5 v5.30.2-0.20240509191815-9318d0eaaf78/go.mod h1:nw5UU0qHFIsg+3cj1u1kP/CmwEioiJrVSDgg1QLhirw= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= diff --git a/vendor/github.com/containers/common/internal/deepcopy.go b/vendor/github.com/containers/common/internal/deepcopy.go index 38c41d7b1e..157f6ee4ce 100644 --- a/vendor/github.com/containers/common/internal/deepcopy.go +++ b/vendor/github.com/containers/common/internal/deepcopy.go @@ -1,10 +1,9 @@ package internal import ( - "slices" - v1 "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/exp/maps" + "golang.org/x/exp/slices" ) // DeepCopyDescriptor copies a Descriptor, deeply copying its contents diff --git a/vendor/github.com/containers/common/libimage/load.go b/vendor/github.com/containers/common/libimage/load.go index 0327cbca38..2be6a1b64d 100644 --- a/vendor/github.com/containers/common/libimage/load.go +++ b/vendor/github.com/containers/common/libimage/load.go @@ -6,15 +6,14 @@ import ( "context" "errors" "fmt" + "os" "time" dirTransport "github.com/containers/image/v5/directory" dockerArchiveTransport "github.com/containers/image/v5/docker/archive" ociArchiveTransport "github.com/containers/image/v5/oci/archive" ociTransport "github.com/containers/image/v5/oci/layout" - "github.com/containers/image/v5/transports" "github.com/containers/image/v5/types" - "github.com/containers/storage/pkg/fileutils" "github.com/sirupsen/logrus" ) @@ -22,30 +21,6 @@ type LoadOptions struct { CopyOptions } -// doLoadReference does the heavy lifting for LoadReference() and Load(), -// without adding debug messages or handling defaults. -func (r *Runtime) doLoadReference(ctx context.Context, ref types.ImageReference, options *LoadOptions) (images []string, transportName string, err error) { - transportName = ref.Transport().Name() - switch transportName { - case dockerArchiveTransport.Transport.Name(): - images, err = r.loadMultiImageDockerArchive(ctx, ref, &options.CopyOptions) - default: - images, err = r.copyFromDefault(ctx, ref, &options.CopyOptions) - } - return images, ref.Transport().Name(), err -} - -// LoadReference loads one or more images from the specified location. -func (r *Runtime) LoadReference(ctx context.Context, ref types.ImageReference, options *LoadOptions) ([]string, error) { - logrus.Debugf("Loading image from %q", transports.ImageName(ref)) - - if options == nil { - options = &LoadOptions{} - } - images, _, err := r.doLoadReference(ctx, ref, options) - return images, err -} - // Load loads one or more images (depending on the transport) from the // specified path. The path may point to an image the following transports: // oci, oci-archive, dir, docker-archive. @@ -66,7 +41,8 @@ func (r *Runtime) Load(ctx context.Context, path string, options *LoadOptions) ( if err != nil { return nil, ociTransport.Transport.Name(), err } - return r.doLoadReference(ctx, ref, options) + images, err := r.copyFromDefault(ctx, ref, &options.CopyOptions) + return images, ociTransport.Transport.Name(), err }, // OCI-ARCHIVE @@ -76,7 +52,8 @@ func (r *Runtime) Load(ctx context.Context, path string, options *LoadOptions) ( if err != nil { return nil, ociArchiveTransport.Transport.Name(), err } - return r.doLoadReference(ctx, ref, options) + images, err := r.copyFromDefault(ctx, ref, &options.CopyOptions) + return images, ociArchiveTransport.Transport.Name(), err }, // DOCKER-ARCHIVE @@ -86,7 +63,8 @@ func (r *Runtime) Load(ctx context.Context, path string, options *LoadOptions) ( if err != nil { return nil, dockerArchiveTransport.Transport.Name(), err } - return r.doLoadReference(ctx, ref, options) + images, err := r.loadMultiImageDockerArchive(ctx, ref, &options.CopyOptions) + return images, dockerArchiveTransport.Transport.Name(), err }, // DIR @@ -96,7 +74,8 @@ func (r *Runtime) Load(ctx context.Context, path string, options *LoadOptions) ( if err != nil { return nil, dirTransport.Transport.Name(), err } - return r.doLoadReference(ctx, ref, options) + images, err := r.copyFromDefault(ctx, ref, &options.CopyOptions) + return images, dirTransport.Transport.Name(), err }, } { loadedImages, transportName, err := f() @@ -141,7 +120,7 @@ func (r *Runtime) loadMultiImageDockerArchive(ctx context.Context, ref types.Ima // syntax to reference an image within the archive was used, so we // should. path := ref.StringWithinTransport() - if err := fileutils.Exists(path); err != nil { + if _, err := os.Stat(path); err != nil { return r.copyFromDockerArchive(ctx, ref, options) } diff --git a/vendor/github.com/containers/common/libimage/manifest_list.go b/vendor/github.com/containers/common/libimage/manifest_list.go index e52d5469ba..d7ee5e6b67 100644 --- a/vendor/github.com/containers/common/libimage/manifest_list.go +++ b/vendor/github.com/containers/common/libimage/manifest_list.go @@ -6,7 +6,6 @@ import ( "context" "errors" "fmt" - "slices" "time" "github.com/containers/common/libimage/define" @@ -21,6 +20,7 @@ import ( "github.com/opencontainers/go-digest" imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/exp/maps" + "golang.org/x/exp/slices" ) // NOTE: the abstractions and APIs here are a first step to further merge @@ -314,29 +314,6 @@ type ManifestListAddOptions struct { Password string } -func (m *ManifestList) parseNameToExtantReference(ctx context.Context, name string, manifestList bool, what string) (types.ImageReference, error) { - ref, err := alltransports.ParseImageName(name) - if err != nil { - withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), name) - ref, err = alltransports.ParseImageName(withDocker) - if err == nil { - var src types.ImageSource - src, err = ref.NewImageSource(ctx, nil) - if err == nil { - src.Close() - } - } - if err != nil { - image, _, lookupErr := m.image.runtime.LookupImage(name, &LookupImageOptions{ManifestList: manifestList}) - if lookupErr != nil { - return nil, fmt.Errorf("locating %s: %q: %w; %q: %w", what, withDocker, err, name, lookupErr) - } - ref, err = image.storageReference, nil - } - } - return ref, err -} - // Add adds one or more manifests to the manifest list and returns the digest // of the added instance. func (m *ManifestList) Add(ctx context.Context, name string, options *ManifestListAddOptions) (digest.Digest, error) { @@ -344,9 +321,13 @@ func (m *ManifestList) Add(ctx context.Context, name string, options *ManifestLi options = &ManifestListAddOptions{} } - ref, err := m.parseNameToExtantReference(ctx, name, false, "image to add to manifest list") + ref, err := alltransports.ParseImageName(name) if err != nil { - return "", err + withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), name) + ref, err = alltransports.ParseImageName(withDocker) + if err != nil { + return "", err + } } // Now massage in the copy-related options into the system context. @@ -447,9 +428,17 @@ func (m *ManifestList) AddArtifact(ctx context.Context, options *ManifestListAdd opts.LayerMediaType = &options.LayerType } if options.Subject != "" { - ref, err := m.parseNameToExtantReference(ctx, options.Subject, true, "subject for artifact manifest") + ref, err := alltransports.ParseImageName(options.Subject) if err != nil { - return "", err + withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), options.Subject) + ref, err = alltransports.ParseImageName(withDocker) + if err != nil { + image, _, err := m.image.runtime.LookupImage(options.Subject, &LookupImageOptions{ManifestList: true}) + if err != nil { + return "", fmt.Errorf("locating subject for artifact manifest: %w", err) + } + ref = image.storageReference + } } opts.SubjectReference = ref } @@ -552,9 +541,17 @@ func (m *ManifestList) AnnotateInstance(d digest.Digest, options *ManifestListAn } } if options.Subject != "" { - ref, err := m.parseNameToExtantReference(ctx, options.Subject, true, "subject for image index") + ref, err := alltransports.ParseImageName(options.Subject) if err != nil { - return err + withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), options.Subject) + ref, err = alltransports.ParseImageName(withDocker) + if err != nil { + image, _, err := m.image.runtime.LookupImage(options.Subject, &LookupImageOptions{ManifestList: true}) + if err != nil { + return fmt.Errorf("locating subject for image index: %w", err) + } + ref = image.storageReference + } } src, err := ref.NewImageSource(ctx, &m.image.runtime.systemContext) if err != nil { diff --git a/vendor/github.com/containers/common/libimage/manifests/manifests.go b/vendor/github.com/containers/common/libimage/manifests/manifests.go index 64f06350f0..78349b5034 100644 --- a/vendor/github.com/containers/common/libimage/manifests/manifests.go +++ b/vendor/github.com/containers/common/libimage/manifests/manifests.go @@ -11,7 +11,6 @@ import ( "net/http" "os" "path/filepath" - "slices" "strconv" "strings" "time" @@ -33,7 +32,6 @@ import ( "github.com/containers/image/v5/transports/alltransports" "github.com/containers/image/v5/types" "github.com/containers/storage" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/ioutils" "github.com/containers/storage/pkg/lockfile" digest "github.com/opencontainers/go-digest" @@ -41,6 +39,7 @@ import ( v1 "github.com/opencontainers/image-spec/specs-go/v1" "github.com/sirupsen/logrus" "golang.org/x/exp/maps" + "golang.org/x/exp/slices" ) const ( @@ -331,7 +330,7 @@ func (l *list) Reference(store storage.Store, multiple cp.ImageListSelection, in return nil, fmt.Errorf(`internal error: no file or blob with artifact "config" or "layer" digest %q recorded`, referencedBlobDigest) } expectedLayerBlobPath := filepath.Join(blobsDir, referencedBlobDigest.Encoded()) - if err := fileutils.Lexists(expectedLayerBlobPath); err == nil { + if _, err := os.Lstat(expectedLayerBlobPath); err == nil { // did this one already continue } else if knownFile { @@ -496,14 +495,6 @@ func prepareAddWithCompression(variants []string) ([]cp.OptionCompressionVariant return res, nil } -func mapToSlice(m map[string]string) []string { - slice := make([]string, 0, len(m)) - for key, value := range m { - slice = append(slice, key+"="+value) - } - return slice -} - // Add adds information about the specified image to the list, computing the // image's manifest's digest, retrieving OS and architecture information from // the image's configuration, and recording the image's reference so that it @@ -525,7 +516,6 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag Size int64 ConfigInfo types.BlobInfo ArtifactType string - URLs []string } var instanceInfos []instanceInfo var manifestDigest digest.Digest @@ -557,8 +547,6 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag OSFeatures: append([]string{}, platform.OSFeatures...), Size: instance.Size, ArtifactType: instance.ArtifactType, - Annotations: mapToSlice(instance.Annotations), - URLs: instance.URLs, } instanceInfos = append(instanceInfos, instanceInfo) } @@ -590,8 +578,6 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag OSFeatures: append([]string{}, platform.OSFeatures...), Size: instance.Size, ArtifactType: instance.ArtifactType, - Annotations: mapToSlice(instance.Annotations), - URLs: instance.URLs, } instanceInfos = append(instanceInfos, instanceInfo) added = true @@ -663,9 +649,6 @@ func (l *list) Add(ctx context.Context, sys *types.SystemContext, ref types.Imag if err != nil { return "", fmt.Errorf("adding instance with digest %q: %w", *instanceInfo.instanceDigest, err) } - if err = l.List.SetURLs(*instanceInfo.instanceDigest, instanceInfo.URLs); err != nil { - return "", fmt.Errorf("setting URLs for instance with digest %q: %w", *instanceInfo.instanceDigest, err) - } if _, ok := l.instances[*instanceInfo.instanceDigest]; !ok { l.instances[*instanceInfo.instanceDigest] = transports.ImageName(ref) } diff --git a/vendor/github.com/containers/common/libimage/pull.go b/vendor/github.com/containers/common/libimage/pull.go index 3db1b2992b..6c8d87c57e 100644 --- a/vendor/github.com/containers/common/libimage/pull.go +++ b/vendor/github.com/containers/common/libimage/pull.go @@ -115,7 +115,7 @@ func (r *Runtime) Pull(ctx context.Context, name string, pullPolicy config.PullP // off and entirely ignored. The digest is the sole source of truth. normalizedName, _, normalizeError := normalizeTaggedDigestedString(name) if normalizeError != nil { - return nil, fmt.Errorf(`parsing reference %q: %w`, name, normalizeError) + return nil, normalizeError } name = normalizedName @@ -240,15 +240,6 @@ func (r *Runtime) copyFromDefault(ctx context.Context, ref types.ImageReference, // Figure out a name for the storage destination. var storageName, imageName string switch ref.Transport().Name() { - case registryTransport.Transport.Name(): - // Normalize to docker.io if needed (see containers/podman/issues/10998). - named, err := reference.ParseNormalizedNamed(strings.TrimLeft(ref.StringWithinTransport(), ":/")) - if err != nil { - return nil, err - } - imageName = named.String() - storageName = imageName - case dockerDaemonTransport.Transport.Name(): // Normalize to docker.io if needed (see containers/podman/issues/10998). named, err := reference.ParseNormalizedNamed(ref.StringWithinTransport()) diff --git a/vendor/github.com/containers/common/libimage/runtime.go b/vendor/github.com/containers/common/libimage/runtime.go index 1baf41d5d2..632f0fccf1 100644 --- a/vendor/github.com/containers/common/libimage/runtime.go +++ b/vendor/github.com/containers/common/libimage/runtime.go @@ -250,7 +250,7 @@ func (r *Runtime) LookupImage(name string, options *LookupImageOptions) (*Image, // off and entirely ignored. The digest is the sole source of truth. normalizedName, possiblyUnqualifiedNamedReference, err := normalizeTaggedDigestedString(name) if err != nil { - return nil, "", fmt.Errorf(`parsing reference %q: %w`, name, err) + return nil, "", err } name = normalizedName diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go index 15fd1bf4e3..ffadae0d2e 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go @@ -9,7 +9,6 @@ import ( "net" "os" "path/filepath" - "slices" "strconv" "strings" "time" @@ -19,6 +18,7 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/libnetwork/util" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" "golang.org/x/sys/unix" ) diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go index 81206acf75..711535ced8 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go @@ -4,10 +4,10 @@ package cni import ( "net" + "os" "path/filepath" "github.com/containers/common/libnetwork/types" - "github.com/containers/storage/pkg/fileutils" ) const ( @@ -250,7 +250,7 @@ func newDNSNamePlugin(domainName string) dnsNameConfig { // hasDNSNamePlugin looks to see if the dnsname cni plugin is present func hasDNSNamePlugin(paths []string) bool { for _, p := range paths { - if err := fileutils.Exists(filepath.Join(p, "dnsname")); err == nil { + if _, err := os.Stat(filepath.Join(p, "dnsname")); err == nil { return true } } diff --git a/vendor/github.com/containers/common/libnetwork/cni/config.go b/vendor/github.com/containers/common/libnetwork/cni/config.go index 43f3bfef46..71b7872f1f 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/config.go +++ b/vendor/github.com/containers/common/libnetwork/cni/config.go @@ -7,11 +7,11 @@ import ( "fmt" "net" "os" - "slices" internalutil "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) func (n *cniNetwork) NetworkUpdate(_ string, _ types.NetworkUpdateOptions) error { diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go index 94d13f7a0f..06b78f6751 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/network.go +++ b/vendor/github.com/containers/common/libnetwork/cni/network.go @@ -19,7 +19,6 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/version" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/lockfile" "github.com/containers/storage/pkg/unshare" "github.com/sirupsen/logrus" @@ -332,7 +331,7 @@ func (n *cniNetwork) NetworkInfo() types.NetworkInfo { if err != nil { logrus.Infof("Failed to get the dnsname plugin version: %v", err) } - if err := fileutils.Exists(dnsPath); err == nil { + if _, err := os.Stat(dnsPath); err == nil { info.DNS = types.DNSNetworkInfo{ Path: dnsPath, Package: dnsPackage, diff --git a/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go index 7ca62137b2..6bdb34e64b 100644 --- a/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go +++ b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go @@ -6,10 +6,10 @@ import ( "fmt" "io" "os" - "slices" "strings" "github.com/containers/common/pkg/config" + "golang.org/x/exp/slices" ) const ( diff --git a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go index 78fe8e3250..44b4d43833 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go +++ b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go @@ -16,7 +16,6 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/netns" "github.com/containers/common/pkg/systemd" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/lockfile" "github.com/hashicorp/go-multierror" @@ -155,7 +154,7 @@ func (n *Netns) getOrCreateNetns() (ns.NetNS, bool, error) { } func (n *Netns) cleanup() error { - if err := fileutils.Exists(n.dir); err != nil { + if _, err := os.Stat(n.dir); err != nil { if errors.Is(err, fs.ErrNotExist) { // dir does not exists no need for cleanup return nil @@ -338,7 +337,7 @@ func (n *Netns) setupMounts() error { // 2. Also keep /run/systemd if it exists. // Many files are symlinked into this dir, for example /dev/log. runSystemd := "/run/systemd" - err = fileutils.Exists(runSystemd) + _, err = os.Stat(runSystemd) if err == nil { newRunSystemd := n.getPath(runSystemd) err = mountAndMkdirDest(runSystemd, newRunSystemd, none, unix.MS_BIND|unix.MS_REC) @@ -477,7 +476,7 @@ func (n *Netns) mountCNIVarDir() error { // while we could always use /var there are cases where a user might store the cni // configs under /var/custom and this would break for { - if err := fileutils.Exists(varTarget); err == nil { + if _, err := os.Stat(varTarget); err == nil { varDir = n.getPath(varTarget) break } diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go index b75e9a57f4..c511a2df75 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go @@ -3,11 +3,11 @@ package util import ( "fmt" "net" - "slices" "github.com/containers/common/libnetwork/types" "github.com/containers/common/libnetwork/util" "github.com/containers/common/pkg/config" + "golang.org/x/exp/slices" ) func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet, subnetPools []config.SubnetPool) error { diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/util.go b/vendor/github.com/containers/common/libnetwork/internal/util/util.go index 96c21e76f6..8405bffd91 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/util.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/util.go @@ -4,11 +4,11 @@ import ( "errors" "fmt" "net" - "slices" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) // GetBridgeInterfaceNames returns all bridge interface names diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 99fba5a0a8..3a77d3ab2f 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -10,13 +10,13 @@ import ( "os" "path/filepath" "reflect" - "slices" "strconv" "time" internalutil "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" "github.com/containers/storage/pkg/stringid" + "golang.org/x/exp/slices" ) func sliceRemoveDuplicates(strList []string) []string { diff --git a/vendor/github.com/containers/common/libnetwork/netavark/run.go b/vendor/github.com/containers/common/libnetwork/netavark/run.go index 9a04120b59..d13e51ff81 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/run.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/run.go @@ -5,13 +5,13 @@ package netavark import ( "encoding/json" "fmt" - "slices" "strconv" "strings" "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) type netavarkOptions struct { diff --git a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go index 2e6dc7d59f..4b31320b5c 100644 --- a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go +++ b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go @@ -15,7 +15,6 @@ import ( "fmt" "net" "os/exec" - "slices" "strings" "github.com/containernetworking/plugins/pkg/ns" @@ -55,16 +54,100 @@ func Setup(opts *SetupOptions) error { // Note that there is no need for any special cleanup logic, the pasta // process will automatically exit when the netns path is deleted. func Setup2(opts *SetupOptions) (*SetupResult, error) { + NoTCPInitPorts := true + NoUDPInitPorts := true + NoTCPNamespacePorts := true + NoUDPNamespacePorts := true + NoMapGW := true + path, err := opts.Config.FindHelperBinary(BinaryName, true) if err != nil { return nil, fmt.Errorf("could not find pasta, the network namespace can't be configured: %w", err) } - cmdArgs, dnsForwardIPs, err := createPastaArgs(opts) - if err != nil { - return nil, err + cmdArgs := []string{} + cmdArgs = append(cmdArgs, "--config-net") + + for _, i := range opts.Ports { + protocols := strings.Split(i.Protocol, ",") + for _, protocol := range protocols { + var addr string + + if i.HostIP != "" { + addr = i.HostIP + "/" + } + + switch protocol { + case "tcp": + cmdArgs = append(cmdArgs, "-t") + case "udp": + cmdArgs = append(cmdArgs, "-u") + default: + return nil, fmt.Errorf("can't forward protocol: %s", protocol) + } + + arg := fmt.Sprintf("%s%d-%d:%d-%d", addr, + i.HostPort, + i.HostPort+i.Range-1, + i.ContainerPort, + i.ContainerPort+i.Range-1) + cmdArgs = append(cmdArgs, arg) + } + } + + // first append options set in the config + cmdArgs = append(cmdArgs, opts.Config.Network.PastaOptions.Get()...) + // then append the ones that were set on the cli + cmdArgs = append(cmdArgs, opts.ExtraOptions...) + + var dnsForwardIPs []string + for i, opt := range cmdArgs { + switch opt { + case "-t", "--tcp-ports": + NoTCPInitPorts = false + case "-u", "--udp-ports": + NoUDPInitPorts = false + case "-T", "--tcp-ns": + NoTCPNamespacePorts = false + case "-U", "--udp-ns": + NoUDPNamespacePorts = false + case "--map-gw": + NoMapGW = false + // not an actual pasta(1) option + cmdArgs = append(cmdArgs[:i], cmdArgs[i+1:]...) + case dnsForwardOpt: + // if there is no arg after it pasta will likely error out anyway due invalid cli args + if len(cmdArgs) > i+1 { + dnsForwardIPs = append(dnsForwardIPs, cmdArgs[i+1]) + } + } } + if len(dnsForwardIPs) == 0 { + // the user did not request custom --dns-forward so add our own. + cmdArgs = append(cmdArgs, dnsForwardOpt, dnsForwardIpv4) + dnsForwardIPs = append(dnsForwardIPs, dnsForwardIpv4) + } + + if NoTCPInitPorts { + cmdArgs = append(cmdArgs, "-t", "none") + } + if NoUDPInitPorts { + cmdArgs = append(cmdArgs, "-u", "none") + } + if NoTCPNamespacePorts { + cmdArgs = append(cmdArgs, "-T", "none") + } + if NoUDPNamespacePorts { + cmdArgs = append(cmdArgs, "-U", "none") + } + if NoMapGW { + cmdArgs = append(cmdArgs, "--no-map-gw") + } + + // always pass --quiet to silence the info output from pasta + cmdArgs = append(cmdArgs, "--quiet", "--netns", opts.Netns) + logrus.Debugf("pasta arguments: %s", strings.Join(cmdArgs, " ")) // pasta forks once ready, and quits once we delete the target namespace @@ -122,103 +205,3 @@ func Setup2(opts *SetupOptions) (*SetupResult, error) { return result, nil } - -// createPastaArgs creates the pasta arguments, it returns the args to be passed to pasta(1) and as second arg the dns forward ips used. -func createPastaArgs(opts *SetupOptions) ([]string, []string, error) { - noTCPInitPorts := true - noUDPInitPorts := true - noTCPNamespacePorts := true - noUDPNamespacePorts := true - noMapGW := true - - cmdArgs := []string{"--config-net"} - // first append options set in the config - cmdArgs = append(cmdArgs, opts.Config.Network.PastaOptions.Get()...) - // then append the ones that were set on the cli - cmdArgs = append(cmdArgs, opts.ExtraOptions...) - - cmdArgs = slices.DeleteFunc(cmdArgs, func(s string) bool { - // --map-gw is not a real pasta(1) option so we must remove it - // and not add --no-map-gw below - if s == "--map-gw" { - noMapGW = false - return true - } - return false - }) - - var dnsForwardIPs []string - for i, opt := range cmdArgs { - switch opt { - case "-t", "--tcp-ports": - noTCPInitPorts = false - case "-u", "--udp-ports": - noUDPInitPorts = false - case "-T", "--tcp-ns": - noTCPNamespacePorts = false - case "-U", "--udp-ns": - noUDPNamespacePorts = false - case dnsForwardOpt: - // if there is no arg after it pasta will likely error out anyway due invalid cli args - if len(cmdArgs) > i+1 { - dnsForwardIPs = append(dnsForwardIPs, cmdArgs[i+1]) - } - } - } - - for _, i := range opts.Ports { - protocols := strings.Split(i.Protocol, ",") - for _, protocol := range protocols { - var addr string - - if i.HostIP != "" { - addr = i.HostIP + "/" - } - - switch protocol { - case "tcp": - noTCPInitPorts = false - cmdArgs = append(cmdArgs, "-t") - case "udp": - noUDPInitPorts = false - cmdArgs = append(cmdArgs, "-u") - default: - return nil, nil, fmt.Errorf("can't forward protocol: %s", protocol) - } - - arg := fmt.Sprintf("%s%d-%d:%d-%d", addr, - i.HostPort, - i.HostPort+i.Range-1, - i.ContainerPort, - i.ContainerPort+i.Range-1) - cmdArgs = append(cmdArgs, arg) - } - } - - if len(dnsForwardIPs) == 0 { - // the user did not request custom --dns-forward so add our own. - cmdArgs = append(cmdArgs, dnsForwardOpt, dnsForwardIpv4) - dnsForwardIPs = append(dnsForwardIPs, dnsForwardIpv4) - } - - if noTCPInitPorts { - cmdArgs = append(cmdArgs, "-t", "none") - } - if noUDPInitPorts { - cmdArgs = append(cmdArgs, "-u", "none") - } - if noTCPNamespacePorts { - cmdArgs = append(cmdArgs, "-T", "none") - } - if noUDPNamespacePorts { - cmdArgs = append(cmdArgs, "-U", "none") - } - if noMapGW { - cmdArgs = append(cmdArgs, "--no-map-gw") - } - - // always pass --quiet to silence the info output from pasta - cmdArgs = append(cmdArgs, "--quiet", "--netns", opts.Netns) - - return cmdArgs, dnsForwardIPs, nil -} diff --git a/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go b/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go index 30b82d8072..472fb9452c 100644 --- a/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go +++ b/vendor/github.com/containers/common/libnetwork/resolvconf/resolv.go @@ -5,12 +5,11 @@ import ( "fmt" "os" "path/filepath" - "slices" "strings" - "github.com/containers/storage/pkg/fileutils" "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) const ( @@ -62,7 +61,7 @@ func getDefaultResolvConf(params *Params) ([]byte, bool, error) { if ns.Path != "" && !strings.HasPrefix(ns.Path, "/proc/") { // check for netns created by "ip netns" path := filepath.Join("/etc/netns", filepath.Base(ns.Path), "resolv.conf") - err := fileutils.Exists(path) + _, err := os.Stat(path) if err == nil { resolveConf = path } diff --git a/vendor/github.com/containers/common/libnetwork/util/filters.go b/vendor/github.com/containers/common/libnetwork/util/filters.go index 41281e7488..faea9c1ad5 100644 --- a/vendor/github.com/containers/common/libnetwork/util/filters.go +++ b/vendor/github.com/containers/common/libnetwork/util/filters.go @@ -2,12 +2,12 @@ package util import ( "fmt" - "slices" "strings" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/filters" "github.com/containers/common/pkg/util" + "golang.org/x/exp/slices" ) func GenerateNetworkFilters(f map[string][]string) ([]types.FilterFunc, error) { diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go index bc97a2804a..5cbb6ba9fc 100644 --- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go +++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go @@ -16,7 +16,6 @@ import ( "text/template" "github.com/containers/common/pkg/apparmor/internal/supported" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/unshare" runcaa "github.com/opencontainers/runc/libcontainer/apparmor" "github.com/sirupsen/logrus" @@ -76,7 +75,7 @@ func (p *profileData) generateDefault(apparmorParserPath string, out io.Writer) // macrosExists checks if the passed macro exists. func macroExists(m string) bool { - err := fileutils.Exists(path.Join(profileDirectory, m)) + _, err := os.Stat(path.Join(profileDirectory, m)) return err == nil } diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go index a3d333a99a..3b6a05f0ab 100644 --- a/vendor/github.com/containers/common/pkg/auth/auth.go +++ b/vendor/github.com/containers/common/pkg/auth/auth.go @@ -16,7 +16,6 @@ import ( "github.com/containers/image/v5/pkg/docker/config" "github.com/containers/image/v5/pkg/sysregistriesv2" "github.com/containers/image/v5/types" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/homedir" "github.com/sirupsen/logrus" ) @@ -70,7 +69,7 @@ func CheckAuthFile(pathOption string) error { if pathOption == "" { return nil } - if err := fileutils.Exists(pathOption); err != nil { + if _, err := os.Stat(pathOption); err != nil { return fmt.Errorf("credential file is not accessible: %w", err) } return nil diff --git a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go index 43fd2c1b58..e0b0ac95e8 100644 --- a/vendor/github.com/containers/common/pkg/capabilities/capabilities.go +++ b/vendor/github.com/containers/common/pkg/capabilities/capabilities.go @@ -8,12 +8,12 @@ package capabilities import ( "errors" "fmt" - "slices" "sort" "strings" "sync" "github.com/syndtr/gocapability/capability" + "golang.org/x/exp/slices" ) var ( diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go index 717685789b..3b55369201 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_linux.go @@ -17,7 +17,6 @@ import ( "syscall" "time" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/unshare" systemdDbus "github.com/coreos/go-systemd/v22/dbus" "github.com/godbus/dbus/v5" @@ -368,7 +367,7 @@ func Load(path string) (*CgroupControl, error) { // check that the cgroup exists at least under one controller for name := range handlers { p := control.getCgroupv1Path(name) - if err := fileutils.Exists(p); err == nil { + if _, err := os.Stat(p); err == nil { oneExists = true break } @@ -576,7 +575,7 @@ func readCgroup2MapFile(ctr *CgroupControl, name string) (map[string][]string, e func (c *CgroupControl) createCgroupDirectory(controller string) (bool, error) { cPath := c.getCgroupv1Path(controller) - err := fileutils.Exists(cPath) + _, err := os.Stat(cPath) if err == nil { return false, nil } diff --git a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go index 8cd4a05290..be9d11584c 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go @@ -13,7 +13,6 @@ import ( "strings" "sync" - "github.com/containers/storage/pkg/fileutils" "github.com/opencontainers/runc/libcontainer/cgroups" "github.com/opencontainers/runc/libcontainer/configs" "github.com/sirupsen/logrus" @@ -236,7 +235,7 @@ func MoveUnderCgroup(cgroup, subtree string, processes []uint32) error { cgroupRoot = filepath.Join(cgroupRoot, "unified") // Ignore the unified mount if it doesn't exist - if err := fileutils.Exists(cgroupRoot); err != nil && os.IsNotExist(err) { + if _, err := os.Stat(cgroupRoot); err != nil && os.IsNotExist(err) { continue } } else if parts[1] != "" { diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index 9a3765c263..15c91860c1 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -7,20 +7,22 @@ import ( "os/exec" "path/filepath" "runtime" - "slices" "strings" "github.com/containers/common/internal/attributedstring" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/capabilities" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/unshare" units "github.com/docker/go-units" selinux "github.com/opencontainers/selinux/go-selinux" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) const ( + // _configPath is the path to the containers/containers.conf + // inside a given config directory. + _configPath = "containers/containers.conf" // UserOverrideContainersConfig holds the containers config path overridden by the rootless user UserOverrideContainersConfig = ".config/" + _configPath // Token prefix for looking for helper binary under $BINDIR @@ -250,6 +252,8 @@ type EngineConfig struct { // and "systemd". CgroupManager string `toml:"cgroup_manager,omitempty"` + // NOTE: when changing this struct, make sure to update (*Config).Merge(). + // ConmonEnvVars are environment variables to pass to the Conmon binary // when it is launched. ConmonEnvVars attributedstring.Slice `toml:"conmon_env_vars,omitempty"` @@ -315,13 +319,6 @@ type EngineConfig struct { // graphRoot internal stores the location of the graphroot graphRoot string - // HealthcheckEvents is set to indicate whenever podman should log healthcheck events. - // With many running healthcheck on short interval Podman will spam the event log a lot. - // Because this event is optional and only useful to external consumers that may want to - // know when a healthcheck is run or failed allow users to turn it off by setting it to false. - // Default is true. - HealthcheckEvents bool `toml:"healthcheck_events,omitempty"` - // HelperBinariesDir is a list of directories which are used to search for // helper binaries. HelperBinariesDir attributedstring.Slice `toml:"helper_binaries_dir,omitempty"` @@ -331,11 +328,6 @@ type EngineConfig struct { // this slice takes precedence. HooksDir attributedstring.Slice `toml:"hooks_dir,omitempty"` - // Location of CDI configuration files. These define mounts devices and - // other configs according to the CDI spec. In particular this is used - // for GPU passthrough. - CdiSpecDirs attributedstring.Slice `toml:"cdi_spec_dirs,omitempty"` - // ImageBuildFormat (DEPRECATED) indicates the default image format to // building container images. Should use ImageDefaultFormat ImageBuildFormat string `toml:"image_build_format,omitempty"` @@ -718,7 +710,7 @@ func (c *Config) CheckCgroupsAndAdjustConfig() { if hasSession { for _, part := range strings.Split(session, ",") { if strings.HasPrefix(part, "unix:path=") { - err := fileutils.Exists(strings.TrimPrefix(part, "unix:path=")) + _, err := os.Stat(strings.TrimPrefix(part, "unix:path=")) hasSession = err == nil break } @@ -780,10 +772,10 @@ func (m *MachineConfig) URI() string { } func (c *EngineConfig) findRuntime() string { - // Search for crun first followed by runc, runj, kata, runsc, ocijail + // Search for crun first followed by runc, kata, runsc for _, name := range []string{"crun", "runc", "runj", "kata", "runsc", "ocijail"} { for _, v := range c.OCIRuntimes[name] { - if err := fileutils.Exists(v); err == nil { + if _, err := os.Stat(v); err == nil { return name } } @@ -1095,10 +1087,10 @@ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) return exec.LookPath(name) } configHint := "To resolve this error, set the helper_binaries_dir key in the `[engine]` section of containers.conf to the directory containing your helper binaries." - if len(dirList) == 0 { + if len(c.Engine.HelperBinariesDir.Get()) == 0 { return "", fmt.Errorf("could not find %q because there are no helper binary directories configured. %s", name, configHint) } - return "", fmt.Errorf("could not find %q in one of %v. %s", name, dirList, configHint) + return "", fmt.Errorf("could not find %q in one of %v. %s", name, c.Engine.HelperBinariesDir, configHint) } // ImageCopyTmpDir default directory to store temporary image files during copy @@ -1192,7 +1184,7 @@ func (c *Config) FindInitBinary() (string, error) { return c.Engine.InitPath, nil } // keep old default working to guarantee backwards compat - if err := fileutils.Exists(DefaultInitPath); err == nil { + if _, err := os.Stat(DefaultInitPath); err == nil { return DefaultInitPath, nil } return c.FindHelperBinary(defaultInitName, true) diff --git a/vendor/github.com/containers/common/pkg/config/config_local.go b/vendor/github.com/containers/common/pkg/config/config_local.go index 3b8979ce2d..e9826d62ca 100644 --- a/vendor/github.com/containers/common/pkg/config/config_local.go +++ b/vendor/github.com/containers/common/pkg/config/config_local.go @@ -9,7 +9,6 @@ import ( "regexp" "strings" - "github.com/containers/storage/pkg/fileutils" units "github.com/docker/go-units" "tags.cncf.io/container-device-interface/pkg/parser" ) @@ -84,7 +83,7 @@ func (c *ContainersConfig) validateTZ() error { for _, paths := range lookupPaths { zonePath := filepath.Join(paths, c.TZ) - if err := fileutils.Exists(zonePath); err == nil { + if _, err := os.Stat(zonePath); err == nil { // found zone information return nil } diff --git a/vendor/github.com/containers/common/pkg/config/config_unix.go b/vendor/github.com/containers/common/pkg/config/config_unix.go index 7de35062da..bd1652787c 100644 --- a/vendor/github.com/containers/common/pkg/config/config_unix.go +++ b/vendor/github.com/containers/common/pkg/config/config_unix.go @@ -9,10 +9,6 @@ import ( "github.com/containers/storage/pkg/unshare" ) -// _configPath is the path to the containers/containers.conf -// inside a given config directory. -const _configPath = "containers/containers.conf" - // userConfigPath returns the path to the users local config that is // not shared with other users. It uses $XDG_CONFIG_HOME/containers... // if set or $HOME/.config/containers... if not. @@ -27,9 +23,3 @@ func userConfigPath() (string, error) { return filepath.Join(home, UserOverrideContainersConfig), nil } - -// overrideContainersConfigPath returns the default config path overridden -// by the root user -func overrideContainersConfigPath() (string, error) { - return OverrideContainersConfig, nil -} diff --git a/vendor/github.com/containers/common/pkg/config/config_windows.go b/vendor/github.com/containers/common/pkg/config/config_windows.go index fbe1bb3f12..9011687e4d 100644 --- a/vendor/github.com/containers/common/pkg/config/config_windows.go +++ b/vendor/github.com/containers/common/pkg/config/config_windows.go @@ -3,12 +3,11 @@ package config import "os" const ( - // _configPath is the path to the containers/containers.conf - // inside a given config directory. - _configPath = "containers\\containers.conf" + // OverrideContainersConfig holds the default config path overridden by the root user + OverrideContainersConfig = "/etc/" + _configPath // DefaultContainersConfig holds the default containers config path - DefaultContainersConfig = "" + DefaultContainersConfig = "/usr/share/" + _configPath // DefaultSignaturePolicyPath is the default value for the // policy.json file. @@ -21,13 +20,7 @@ const ( // userConfigPath returns the path to the users local config that is // not shared with other users. It uses $APPDATA/containers... func userConfigPath() (string, error) { - return os.Getenv("APPDATA") + _configPath, nil -} - -// overrideContainersConfigPath returns the path to the system wide -// containers config folder. It users $PROGRAMDATA/containers... -func overrideContainersConfigPath() (string, error) { - return os.Getenv("ProgramData") + _configPath, nil + return os.Getenv("APPDATA") + "\\containers\\containers.conf", nil } var defaultHelperBinariesDir = []string{ diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 8d39c96601..6e0044f6d9 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -529,15 +529,6 @@ default_sysctls = [ # with detailed information about the container. #events_container_create_inspect_data = false -# Whenever Podman should log healthcheck events. -# With many running healthcheck on short interval Podman will spam the event -# log a lot as it generates a event for each single healthcheck run. Because -# this event is optional and only useful to external consumers that may want -# to know when a healthcheck is run or failed allow users to turn it off by -# setting it to false. The default is true. -# -#healthcheck_events = true - # A is a list of directories which are used to search for helper binaries. # #helper_binaries_dir = [ @@ -553,12 +544,6 @@ default_sysctls = [ # "/usr/share/containers/oci/hooks.d", #] -# Directories to scan for CDI Spec files. -# -#cdi_spec_dirs = [ -# "/etc/cdi", -#] - # Manifest Type (oci, v2s2, or v2s1) to use when pulling, pushing, building # container images. By default image pulled and pushed match the format of the # source image. Building/committing defaults to OCI. diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf-freebsd b/vendor/github.com/containers/common/pkg/config/containers.conf-freebsd index 21753f4f25..f471e30790 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf-freebsd +++ b/vendor/github.com/containers/common/pkg/config/containers.conf-freebsd @@ -399,15 +399,6 @@ default_sysctls = [ # #events_logger = "file" -# Whenever Podman should log healthcheck events. -# With many running healthcheck on short interval Podman will spam the event -# log a lot as it generates a event for each single healthcheck run. Because -# this event is optional and only useful to external consumers that may want -# to know when a healthcheck is run or failed allow users to turn it off by -# setting it to false. The default is true. -# -#healthcheck_events = true - # A is a list of directories which are used to search for helper binaries. # #helper_binaries_dir = [ @@ -423,12 +414,6 @@ default_sysctls = [ # "/usr/local/share/containers/oci/hooks.d", #] -# Directories to scan for CDI Spec files. -# -#cdi_spec_dirs = [ -# "/etc/cdi", -#] - # Manifest Type (oci, v2s2, or v2s1) to use when pulling, pushing, building # container images. By default image pulled and pushed match the format of the # source image. Building/committing defaults to OCI. diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 3a6d804ad1..b08f16592f 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -13,7 +13,6 @@ import ( nettypes "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/apparmor" "github.com/containers/common/pkg/cgroupv2" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/unshare" "github.com/containers/storage/types" @@ -75,8 +74,6 @@ var ( ErrInvalidArg = errors.New("invalid argument") // DefaultHooksDirs defines the default hooks directory. DefaultHooksDirs = []string{"/usr/share/containers/oci/hooks.d"} - // DefaultCdiSpecDirs defines the default cdi spec directories. - DefaultCdiSpecDirs = []string{"/etc/cdi"} // DefaultCapabilities is the default for the default_capabilities option in the containers.conf file. DefaultCapabilities = []string{ "CAP_CHOWN", @@ -207,8 +204,8 @@ func defaultConfig() (*Config, error) { } sigPath := filepath.Join(configHome, DefaultRootlessSignaturePolicyPath) defaultEngineConfig.SignaturePolicyPath = sigPath - if err := fileutils.Exists(sigPath); err != nil { - if err := fileutils.Exists(DefaultSignaturePolicyPath); err == nil { + if _, err := os.Stat(sigPath); err != nil { + if _, err := os.Stat(DefaultSignaturePolicyPath); err == nil { defaultEngineConfig.SignaturePolicyPath = DefaultSignaturePolicyPath } } @@ -344,14 +341,12 @@ func defaultEngineConfig() (*EngineConfig, error) { c.VolumePluginTimeout = DefaultVolumePluginTimeout c.CompressionFormat = "gzip" - c.HealthcheckEvents = true c.HelperBinariesDir.Set(defaultHelperBinariesDir) if additionalHelperBinariesDir != "" { // Prioritize additionalHelperBinariesDir over defaults. c.HelperBinariesDir.Set(append([]string{additionalHelperBinariesDir}, c.HelperBinariesDir.Get()...)) } c.HooksDir.Set(DefaultHooksDirs) - c.CdiSpecDirs.Set(DefaultCdiSpecDirs) c.ImageDefaultTransport = _defaultTransport c.ImageVolumeMode = _defaultImageVolumeMode diff --git a/vendor/github.com/containers/common/pkg/config/modules.go b/vendor/github.com/containers/common/pkg/config/modules.go index 4f23694b77..f21671f6b1 100644 --- a/vendor/github.com/containers/common/pkg/config/modules.go +++ b/vendor/github.com/containers/common/pkg/config/modules.go @@ -2,9 +2,9 @@ package config import ( "fmt" + "os" "path/filepath" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/unshare" "github.com/hashicorp/go-multierror" @@ -76,7 +76,7 @@ func ModuleDirectories() ([]string, error) { // Public API for shell completions // Resolve the specified path to a module. func resolveModule(path string, dirs []string) (string, error) { if filepath.IsAbs(path) { - err := fileutils.Exists(path) + _, err := os.Stat(path) return path, err } @@ -85,7 +85,7 @@ func resolveModule(path string, dirs []string) (string, error) { var multiErr error for _, d := range dirs { candidate := filepath.Join(d, path) - err := fileutils.Exists(candidate) + _, err := os.Stat(candidate) if err == nil { return candidate, nil } diff --git a/vendor/github.com/containers/common/pkg/config/new.go b/vendor/github.com/containers/common/pkg/config/new.go index 407a685df1..fb59473f00 100644 --- a/vendor/github.com/containers/common/pkg/config/new.go +++ b/vendor/github.com/containers/common/pkg/config/new.go @@ -11,7 +11,6 @@ import ( "sync" "github.com/BurntSushi/toml" - "github.com/containers/storage/pkg/fileutils" "github.com/sirupsen/logrus" ) @@ -102,7 +101,7 @@ func newLocked(options *Options) (*Config, error) { // The _OVERRIDE variable _must_ always win. That's a contract we need // to honor (for the Podman CI). if path := os.Getenv(containersConfOverrideEnv); path != "" { - if err := fileutils.Exists(path); err != nil { + if _, err := os.Stat(path); err != nil { return nil, fmt.Errorf("%s file: %w", containersConfOverrideEnv, err) } options.additionalConfigs = append(options.additionalConfigs, path) @@ -153,27 +152,21 @@ func NewConfig(userConfigPath string) (*Config, error) { // file settings. func systemConfigs() (configs []string, finalErr error) { if path := os.Getenv(containersConfEnv); path != "" { - if err := fileutils.Exists(path); err != nil { + if _, err := os.Stat(path); err != nil { return nil, fmt.Errorf("%s file: %w", containersConfEnv, err) } return append(configs, path), nil } - configs = append(configs, DefaultContainersConfig) + configs = append(configs, OverrideContainersConfig) var err error - path, err := overrideContainersConfigPath() - if err != nil { - return nil, err - } - configs = append(configs, path) - - configs, err = addConfigs(path+".d", configs) + configs, err = addConfigs(OverrideContainersConfig+".d", configs) if err != nil { return nil, err } - path, err = userConfigPath() + path, err := userConfigPath() if err != nil { return nil, err } diff --git a/vendor/github.com/containers/common/pkg/config/pull_policy.go b/vendor/github.com/containers/common/pkg/config/pull_policy.go index d85d30ffed..be6030fdb8 100644 --- a/vendor/github.com/containers/common/pkg/config/pull_policy.go +++ b/vendor/github.com/containers/common/pkg/config/pull_policy.go @@ -2,7 +2,6 @@ package config import ( "fmt" - "strings" ) // PullPolicy determines how and which images are being pulled from a container @@ -74,14 +73,14 @@ func (p PullPolicy) Validate() error { // * "newer" <-> PullPolicyNewer (also "ifnewer") // * "never" <-> PullPolicyNever func ParsePullPolicy(s string) (PullPolicy, error) { - switch strings.ToLower(s) { - case "always": + switch s { + case "always", "Always": return PullPolicyAlways, nil - case "missing", "ifmissing", "ifnotpresent", "": + case "missing", "Missing", "ifnotpresent", "IfNotPresent", "": return PullPolicyMissing, nil - case "newer", "ifnewer": + case "newer", "Newer", "ifnewer", "IfNewer": return PullPolicyNewer, nil - case "never": + case "never", "Never": return PullPolicyNever, nil default: return PullPolicyUnsupported, fmt.Errorf("unsupported pull policy %q", s) diff --git a/vendor/github.com/containers/common/pkg/hooks/1.0.0/hook.go b/vendor/github.com/containers/common/pkg/hooks/1.0.0/hook.go index be78b0cfbd..71f940a64c 100644 --- a/vendor/github.com/containers/common/pkg/hooks/1.0.0/hook.go +++ b/vendor/github.com/containers/common/pkg/hooks/1.0.0/hook.go @@ -5,9 +5,9 @@ import ( "encoding/json" "errors" "fmt" + "os" "regexp" - "github.com/containers/storage/pkg/fileutils" rspec "github.com/opencontainers/runtime-spec/specs-go" ) @@ -44,7 +44,7 @@ func (hook *Hook) Validate(extensionStages []string) (err error) { return errors.New("missing required property: hook.path") } - if err := fileutils.Exists(hook.Hook.Path); err != nil { + if _, err := os.Stat(hook.Hook.Path); err != nil { return err } diff --git a/vendor/github.com/containers/common/pkg/manifests/manifests.go b/vendor/github.com/containers/common/pkg/manifests/manifests.go index 58ed0abf7e..30f099a06e 100644 --- a/vendor/github.com/containers/common/pkg/manifests/manifests.go +++ b/vendor/github.com/containers/common/pkg/manifests/manifests.go @@ -5,14 +5,13 @@ import ( "errors" "fmt" "os" - "slices" - "strings" "github.com/containers/common/internal" "github.com/containers/image/v5/manifest" digest "github.com/opencontainers/go-digest" imgspec "github.com/opencontainers/image-spec/specs-go" v1 "github.com/opencontainers/image-spec/specs-go/v1" + "golang.org/x/exp/slices" ) // List is a generic interface for manipulating a manifest list or an image @@ -81,18 +80,10 @@ func Create() List { } } -func sliceToMap(s []string) map[string]string { - m := make(map[string]string, len(s)) - for _, spec := range s { - key, value, _ := strings.Cut(spec, "=") - m[key] = value - } - return m -} - // AddInstance adds an entry for the specified manifest digest, with assorted // additional information specified in parameters, to the list or index. func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, manifestType, osName, architecture, osVersion string, osFeatures []string, variant string, features, annotations []string) error { // nolint:revive + // FIXME: the annotations argument is currently ignored if err := l.Remove(manifestDigest); err != nil && !errors.Is(err, os.ErrNotExist) { return err } @@ -125,11 +116,10 @@ func (l *list) AddInstance(manifestDigest digest.Digest, manifestSize int64, man ociv1platform = nil } l.oci.Manifests = append(l.oci.Manifests, v1.Descriptor{ - MediaType: manifestType, - Size: manifestSize, - Digest: manifestDigest, - Platform: ociv1platform, - Annotations: sliceToMap(annotations), + MediaType: manifestType, + Size: manifestSize, + Digest: manifestDigest, + Platform: ociv1platform, }) return nil diff --git a/vendor/github.com/containers/common/pkg/parse/parse.go b/vendor/github.com/containers/common/pkg/parse/parse.go index e73e7cbf6b..284751e523 100644 --- a/vendor/github.com/containers/common/pkg/parse/parse.go +++ b/vendor/github.com/containers/common/pkg/parse/parse.go @@ -6,11 +6,10 @@ package parse import ( "errors" "fmt" + "os" "path" "path/filepath" "strings" - - "github.com/containers/storage/pkg/fileutils" ) // ValidateVolumeOpts validates a volume's options @@ -176,7 +175,7 @@ func ValidateVolumeHostDir(hostDir string) error { return errors.New("host directory cannot be empty") } if filepath.IsAbs(hostDir) { - if err := fileutils.Exists(hostDir); err != nil { + if _, err := os.Stat(hostDir); err != nil { return err } } diff --git a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go index ded66365bb..6845914aa2 100644 --- a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go +++ b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go @@ -9,7 +9,6 @@ import ( "strings" "github.com/containers/common/pkg/umask" - "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/idtools" rspec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" @@ -183,7 +182,7 @@ func MountsWithUIDGID(mountLabel, containerRunDir, mountFile, mountPoint string, mountFiles = append(mountFiles, mountFile) } for _, file := range mountFiles { - if err := fileutils.Exists(file); err == nil { + if _, err := os.Stat(file); err == nil { mounts, err := addSubscriptionsFromMountsFile(file, mountLabel, containerRunDir, uid, gid) if err != nil { logrus.Warnf("Failed to mount subscriptions, skipping entry in %s: %v", file, err) @@ -198,7 +197,7 @@ func MountsWithUIDGID(mountLabel, containerRunDir, mountFile, mountPoint string, return subscriptionMounts } // Add FIPS mode subscription if /etc/system-fips exists on the host - err := fileutils.Exists("/etc/system-fips") + _, err := os.Stat("/etc/system-fips") switch { case err == nil: if err := addFIPSModeSubscription(&subscriptionMounts, containerRunDir, mountPoint, mountLabel, uid, gid); err != nil { @@ -241,7 +240,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerRunDir string ctrDirOrFileOnHost := filepath.Join(containerRunDir, ctrDirOrFile) // In the event of a restart, don't want to copy subscriptions over again as they already would exist in ctrDirOrFileOnHost - err = fileutils.Exists(ctrDirOrFileOnHost) + _, err = os.Stat(ctrDirOrFileOnHost) if errors.Is(err, os.ErrNotExist) { hostDirOrFile, err = resolveSymbolicLink(hostDirOrFile) if err != nil { @@ -316,7 +315,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerRunDir string func addFIPSModeSubscription(mounts *[]rspec.Mount, containerRunDir, mountPoint, mountLabel string, uid, gid int) error { subscriptionsDir := "/run/secrets" ctrDirOnHost := filepath.Join(containerRunDir, subscriptionsDir) - if err := fileutils.Exists(ctrDirOnHost); errors.Is(err, os.ErrNotExist) { + if _, err := os.Stat(ctrDirOnHost); errors.Is(err, os.ErrNotExist) { if err = idtools.MkdirAllAs(ctrDirOnHost, 0o755, uid, gid); err != nil { //nolint return err } @@ -326,7 +325,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerRunDir, mountPoint, } fipsFile := filepath.Join(ctrDirOnHost, "system-fips") // In the event of restart, it is possible for the FIPS mode file to already exist - if err := fileutils.Exists(fipsFile); errors.Is(err, os.ErrNotExist) { + if _, err := os.Stat(fipsFile); errors.Is(err, os.ErrNotExist) { file, err := os.Create(fipsFile) if err != nil { return fmt.Errorf("creating system-fips file in container for FIPS mode: %w", err) @@ -347,7 +346,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerRunDir, mountPoint, srcBackendDir := "/usr/share/crypto-policies/back-ends/FIPS" destDir := "/etc/crypto-policies/back-ends" srcOnHost := filepath.Join(mountPoint, srcBackendDir) - if err := fileutils.Exists(srcOnHost); err != nil { + if _, err := os.Stat(srcOnHost); err != nil { if errors.Is(err, os.ErrNotExist) { return nil } diff --git a/vendor/github.com/containers/common/pkg/supplemented/supplemented.go b/vendor/github.com/containers/common/pkg/supplemented/supplemented.go index 69e24ad764..c21a6aa522 100644 --- a/vendor/github.com/containers/common/pkg/supplemented/supplemented.go +++ b/vendor/github.com/containers/common/pkg/supplemented/supplemented.go @@ -6,7 +6,6 @@ import ( "errors" "fmt" "io" - "slices" cp "github.com/containers/image/v5/copy" "github.com/containers/image/v5/image" @@ -16,6 +15,7 @@ import ( multierror "github.com/hashicorp/go-multierror" digest "github.com/opencontainers/go-digest" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) // supplementedImageReference groups multiple references together. diff --git a/vendor/github.com/containers/common/pkg/umask/umask.go b/vendor/github.com/containers/common/pkg/umask/umask.go index e63a2d7d11..93f1d2b3c0 100644 --- a/vendor/github.com/containers/common/pkg/umask/umask.go +++ b/vendor/github.com/containers/common/pkg/umask/umask.go @@ -4,8 +4,6 @@ import ( "fmt" "os" "path/filepath" - - "github.com/containers/storage/pkg/fileutils" ) // MkdirAllIgnoreUmask creates a directory by ignoring the currently set umask. @@ -15,7 +13,7 @@ func MkdirAllIgnoreUmask(dir string, mode os.FileMode) error { // Find all parent directories which would have been created by MkdirAll for { - if err := fileutils.Exists(parent); err == nil { + if _, err := os.Stat(parent); err == nil { break } else if !os.IsNotExist(err) { return fmt.Errorf("cannot stat %s: %w", dir, err) diff --git a/vendor/github.com/containers/common/pkg/util/util.go b/vendor/github.com/containers/common/pkg/util/util.go index 1e51670189..8229296d79 100644 --- a/vendor/github.com/containers/common/pkg/util/util.go +++ b/vendor/github.com/containers/common/pkg/util/util.go @@ -5,12 +5,11 @@ import ( "os" "path/filepath" "regexp" - "slices" "time" - "github.com/containers/storage/pkg/fileutils" "github.com/fsnotify/fsnotify" "github.com/sirupsen/logrus" + "golang.org/x/exp/slices" ) // StringInSlice determines if a string is in a string slice, returns bool. @@ -57,7 +56,7 @@ func WaitForFile(path string, chWait chan error, timeout time.Duration) (bool, e case e := <-chWait: return true, e case <-inotifyEvents: - err := fileutils.Exists(path) + _, err := os.Stat(path) if err == nil { return false, nil } @@ -69,7 +68,7 @@ func WaitForFile(path string, chWait chan error, timeout time.Duration) (bool, e // if the inotify watcher could not have been created. It is // also useful when using inotify as if for any reasons we missed // a notification, we won't hang the process. - err := fileutils.Exists(path) + _, err := os.Stat(path) if err == nil { return false, nil } diff --git a/vendor/github.com/containers/common/pkg/version/version.go b/vendor/github.com/containers/common/pkg/version/version.go index 5632ed4195..0d83006011 100644 --- a/vendor/github.com/containers/common/pkg/version/version.go +++ b/vendor/github.com/containers/common/pkg/version/version.go @@ -3,10 +3,9 @@ package version import ( "bytes" "fmt" + "os" "os/exec" "strings" - - "github.com/containers/storage/pkg/fileutils" ) const ( @@ -16,35 +15,21 @@ const ( // Note: This function is copied from containers/podman libpod/util.go // Please see https://github.com/containers/common/pull/1460 func queryPackageVersion(cmdArg ...string) string { - err := fileutils.Exists(cmdArg[0]) - if err != nil { - return "" - } output := UnknownPackage if 1 < len(cmdArg) { cmd := exec.Command(cmdArg[0], cmdArg[1:]...) if outp, err := cmd.Output(); err == nil { output = string(outp) + deb := false if cmdArg[0] == "/usr/bin/dlocate" { // can return multiple matches l := strings.Split(output, "\n") output = l[0] - r := strings.Split(output, ": ") - regexpFormat := `^..\s` + r[0] + `\s` - cmd = exec.Command(cmdArg[0], "-P", regexpFormat, "-l") - cmd.Env = []string{"COLUMNS=160"} // show entire value - // dlocate always returns exit code 1 for list command - if outp, _ = cmd.Output(); len(outp) > 0 { - lines := strings.Split(string(outp), "\n") - if len(lines) > 1 { - line := lines[len(lines)-2] // trailing newline - f := strings.Fields(line) - if len(f) >= 2 { - return f[1] + "_" + f[2] - } - } - } + deb = true } else if cmdArg[0] == "/usr/bin/dpkg" { + deb = true + } + if deb { r := strings.Split(output, ": ") queryFormat := `${Package}_${Version}_${Architecture}` cmd = exec.Command("/usr/bin/dpkg-query", "-f", queryFormat, "-W", r[0]) @@ -64,40 +49,26 @@ func queryPackageVersion(cmdArg ...string) string { // Note: This function is copied from containers/podman libpod/util.go // Please see https://github.com/containers/common/pull/1460 func Package(program string) string { // program is full path - err := fileutils.Exists(program) + _, err := os.Stat(program) if err != nil { return UnknownPackage } - - type Packager struct { - Format string - Command []string - } - packagers := []Packager{ - {"rpm", []string{"/usr/bin/rpm", "-q", "-f"}}, - {"deb", []string{"/usr/bin/dlocate", "-F"}}, // Debian, Ubuntu (quick) - {"deb", []string{"/usr/bin/dpkg", "-S"}}, // Debian, Ubuntu (slow) - {"pacman", []string{"/usr/bin/pacman", "-Qo"}}, // Arch - {"gentoo", []string{"/usr/bin/qfile", "-qv"}}, // Gentoo (quick) - {"gentoo", []string{"/usr/bin/equery", "b"}}, // Gentoo (slow) - {"apk", []string{"/sbin/apk", "info", "-W"}}, // Alpine - {"pkg", []string{"/usr/local/sbin/pkg", "which", "-q"}}, // FreeBSD + packagers := [][]string{ + {"/usr/bin/rpm", "-q", "-f"}, + {"/usr/bin/dlocate", "-F"}, // Debian, Ubuntu (quick) + {"/usr/bin/dpkg", "-S"}, // Debian, Ubuntu (slow) + {"/usr/bin/pacman", "-Qo"}, // Arch + {"/usr/bin/qfile", "-qv"}, // Gentoo (quick) + {"/usr/bin/equery", "b"}, // Gentoo (slow) + {"/sbin/apk", "info", "-W"}, // Alpine + {"/usr/local/sbin/pkg", "which", "-q"}, // FreeBSD } - lastformat := "" - for _, packager := range packagers { - if packager.Format == lastformat { - continue - } - cmd := packager.Command + for _, cmd := range packagers { cmd = append(cmd, program) if out := queryPackageVersion(cmd...); out != UnknownPackage { - if out == "" { - continue - } return out } - lastformat = packager.Format } return UnknownPackage } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 7d7984324a..ddf29b94b3 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.59.0-dev" +const Version = "0.58.3" diff --git a/vendor/modules.txt b/vendor/modules.txt index a1c53ce0e9..4d3366a64c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -108,8 +108,8 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.4.1 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/common v0.58.1-0.20240509172903-2c88a3f280bb -## explicit; go 1.21 +# github.com/containers/common v0.58.3 +## explicit; go 1.20 github.com/containers/common/internal github.com/containers/common/internal/attributedstring github.com/containers/common/libimage