From 4c249a219e986ebbd6ece732bf9567e7e55a2e4b Mon Sep 17 00:00:00 2001 From: Arthur Sengileyev Date: Fri, 4 Aug 2023 22:26:04 +0300 Subject: [PATCH 001/170] Change default QEMU CPU level to `qemu64` on Windows amd64 Signed-off-by: Arthur Sengileyev --- pkg/machine/qemu/options_windows_amd64.go | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkg/machine/qemu/options_windows_amd64.go b/pkg/machine/qemu/options_windows_amd64.go index 081ee9ccd548..24cd8775c41c 100644 --- a/pkg/machine/qemu/options_windows_amd64.go +++ b/pkg/machine/qemu/options_windows_amd64.go @@ -5,11 +5,9 @@ var ( ) func (v *MachineVM) addArchOptions(_ *setNewMachineCMDOpts) []string { - // "max" level is used, because "host" is not supported with "whpx" acceleration - // "vmx=off" disabled nested virtualization (not needed for podman) - // QEMU issue to track nested virtualization: https://gitlab.com/qemu-project/qemu/-/issues/628 - // "monitor=off" needed to support hosts, which have mwait calls disabled in BIOS/UEFI - opts := []string{"-machine", "q35,accel=whpx:tcg", "-cpu", "max,vmx=off,monitor=off"} + // "qemu64" level is used, because "host" is not supported with "whpx" acceleration. + // It is a stable choice for running on bare metal and inside Hyper-V machine with nested virtualization. + opts := []string{"-machine", "q35,accel=whpx:tcg", "-cpu", "qemu64"} return opts } From 18d6bb40d52fe1444181decd57088a6b65357bb5 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 8 Sep 2023 07:03:49 -0400 Subject: [PATCH 002/170] Support passing of Ulimits as -1 to mean max Docker allows the passing of -1 to indicate the maximum limit allowed for the current process. Fixes: https://github.com/containers/podman/issues/19319 Signed-off-by: Daniel J Walsh --- docs/source/markdown/options/ulimit.md | 3 +++ libpod/container_internal_common.go | 3 ++- libpod/oci_conmon_linux.go | 1 - pkg/specgen/generate/oci.go | 1 + pkg/specgen/generate/oci_freebsd.go | 5 ++++ pkg/specgen/generate/oci_linux.go | 36 ++++++++++++++++++++++++++ test/e2e/inspect_test.go | 2 +- test/system/030-run.bats | 17 ++++++++++++ 8 files changed, 65 insertions(+), 3 deletions(-) diff --git a/docs/source/markdown/options/ulimit.md b/docs/source/markdown/options/ulimit.md index b018cf5cb6a2..be5bdaecb612 100644 --- a/docs/source/markdown/options/ulimit.md +++ b/docs/source/markdown/options/ulimit.md @@ -11,6 +11,9 @@ Ulimit options. Sets the ulimits values inside of the container. $ podman run --ulimit nofile=1024:1024 --rm ubi9 ulimit -n 1024 +Set -1 for the soft or hard limit to set the limit to the maximum limit of the current +process. In rootful mode this is often unlimited. + Use **host** to copy the current configuration from the host. Don't use nproc with the ulimit flag as Linux uses nproc to set the diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index 83749ec0f1e8..d78a583400cd 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -644,7 +644,8 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc for _, rlimit := range c.config.Spec.Process.Rlimits { if rlimit.Type == "RLIMIT_NOFILE" { nofileSet = true - } else if rlimit.Type == "RLIMIT_NPROC" { + } + if rlimit.Type == "RLIMIT_NPROC" { nprocSet = true } } diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 527dea8370a3..d68a303331fe 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -324,6 +324,5 @@ func GetLimits(resource *spec.LinuxResources) (runcconfig.Resources, error) { // Unified state final.Unified = resource.Unified - return *final, nil } diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index fdeebe333e58..c5f643308b9d 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -18,6 +18,7 @@ func addRlimits(s *specgen.SpecGenerator, g *generate.Generator) { for _, u := range s.Rlimits { name := "RLIMIT_" + strings.ToUpper(u.Type) + u = subNegativeOne(u) g.AddProcessRlimits(name, u.Hard, u.Soft) } } diff --git a/pkg/specgen/generate/oci_freebsd.go b/pkg/specgen/generate/oci_freebsd.go index 4546e37d73df..bccb4619340e 100644 --- a/pkg/specgen/generate/oci_freebsd.go +++ b/pkg/specgen/generate/oci_freebsd.go @@ -13,6 +13,7 @@ import ( "github.com/containers/podman/v4/libpod" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/specgen" + "github.com/opencontainers/runtime-spec/specs-go" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" ) @@ -172,3 +173,7 @@ func WeightDevices(wtDevices map[string]spec.LinuxWeightDevice) ([]spec.LinuxWei devs := []spec.LinuxWeightDevice{} return devs, nil } + +func subNegativeOne(u specs.POSIXRlimit) specs.POSIXRlimit { + return u +} diff --git a/pkg/specgen/generate/oci_linux.go b/pkg/specgen/generate/oci_linux.go index aa8f77e761be..7ea22e9f7165 100644 --- a/pkg/specgen/generate/oci_linux.go +++ b/pkg/specgen/generate/oci_linux.go @@ -17,8 +17,10 @@ import ( "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/specgen" + "github.com/docker/go-units" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" + "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) @@ -357,3 +359,37 @@ func WeightDevices(wtDevices map[string]spec.LinuxWeightDevice) ([]spec.LinuxWei } return devs, nil } + +// subNegativeOne translates Hard or soft limits of -1 to the current +// processes Max limit +func subNegativeOne(u spec.POSIXRlimit) spec.POSIXRlimit { + if !rootless.IsRootless() || + (int64(u.Hard) != -1 && int64(u.Soft) != -1) { + return u + } + + ul, err := units.ParseUlimit(fmt.Sprintf("%s=%d:%d", u.Type, int64(u.Soft), int64(u.Hard))) + if err != nil { + logrus.Warnf("Failed to check %s ulimit %q", u.Type, err) + return u + } + rl, err := ul.GetRlimit() + if err != nil { + logrus.Warnf("Failed to check %s ulimit %q", u.Type, err) + return u + } + + var rlimit unix.Rlimit + + if err := unix.Getrlimit(rl.Type, &rlimit); err != nil { + logrus.Warnf("Failed to return RLIMIT_NOFILE ulimit %q", err) + return u + } + if int64(u.Hard) == -1 { + u.Hard = rlimit.Max + } + if int64(u.Soft) == -1 { + u.Soft = rlimit.Max + } + return u +} diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 20e226574233..1f0e7efb3fbc 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -465,7 +465,7 @@ var _ = Describe("Podman inspect", func() { Expect(inspect[0].NetworkSettings.Networks).To(HaveLen(1)) }) - It("Container inspect with unlimited uilimits should be -1", func() { + It("Container inspect with unlimited ulimits should be -1", func() { ctrName := "testctr" session := podmanTest.Podman([]string{"run", "-d", "--ulimit", "core=-1:-1", "--name", ctrName, ALPINE, "top"}) session.WaitWithDefaultTimeout() diff --git a/test/system/030-run.bats b/test/system/030-run.bats index e688e8e83383..2a1cdcf9ced7 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -1149,6 +1149,23 @@ EOF assert "$output" =~ " ${nofile2} * ${nofile2} * files" } +@test "podman run ulimit with -1" { + max=unlimited + if is_rootless; then + run ulimit -c -H + max=$output + fi + + run_podman run --ulimit core=-1:-1 --rm $IMAGE grep core /proc/self/limits + assert "$output" =~ " ${max} * ${max} * bytes" + + run_podman run --ulimit core=1000:-1 --rm $IMAGE grep core /proc/self/limits + assert "$output" =~ " 1000 * ${max} * bytes" + + run_podman 125 run --ulimit core=-1:1000 --rm $IMAGE grep core /proc/self/limits + is "$output" "Error: ulimit option \"core=-1:1000\" requires name=SOFT:HARD, failed to be parsed: ulimit soft limit must be less than or equal to hard limit: soft: -1 (unlimited), hard: 1000" +} + @test "podman run bad --name" { randomname=$(random_string 30) run_podman 125 create --name "$randomname/bad" $IMAGE From c23963d7a89ddcfea3ef2ba6bdc457e20f131b0a Mon Sep 17 00:00:00 2001 From: Victor Toso Date: Wed, 8 Nov 2023 23:38:53 +0100 Subject: [PATCH 003/170] machine: qemu: add usb host passthrough QEMU usb-host driver which is the one for passthrough, supports two options for selecting an USB devices in the host to provide it to the VM: - Bus and Device number the device is plugged - Vendor and Product information of the USB devices https://qemu-project.gitlab.io/qemu/system/devices/usb.html This commit allows a user to configure podman machine with either of options, with new --usb command line option for podman machine init. Examples podman machine init tosovm4 --usb vendor=13d3,product=5406 podman machine init tosovm3 --usb bus=1,devnum=4 --usb bus=1,devnum=3 This commit also allows a user to change the USBs configured with --usb command line option for podman machine set. Note that this commit does not handle host device permissions nor verify that the USB devices exists. Signed-off-by: Victor Toso --- cmd/podman/machine/init.go | 5 ++ cmd/podman/machine/set.go | 11 +++ .../markdown/podman-machine-init.1.md.in | 16 ++++ .../markdown/podman-machine-set.1.md.in | 14 ++++ pkg/machine/applehv/config.go | 4 + pkg/machine/applehv/machine.go | 3 + pkg/machine/config.go | 11 +++ pkg/machine/hyperv/config.go | 3 + pkg/machine/hyperv/machine.go | 4 + pkg/machine/qemu/command.go | 19 +++++ pkg/machine/qemu/config.go | 76 ++++++++++++++++++ pkg/machine/qemu/config_test.go | 79 +++++++++++++++++++ pkg/machine/qemu/machine.go | 8 ++ pkg/machine/wsl/config.go | 4 + pkg/machine/wsl/machine.go | 3 + 15 files changed, 260 insertions(+) create mode 100644 pkg/machine/qemu/config_test.go diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go index f9ee9704e6a8..62c1c9be446b 100644 --- a/cmd/podman/machine/init.go +++ b/cmd/podman/machine/init.go @@ -107,6 +107,11 @@ func init() { flags.StringArrayVarP(&initOpts.Volumes, VolumeFlagName, "v", cfg.ContainersConfDefaultsRO.Machine.Volumes.Get(), "Volumes to mount, source:target") _ = initCmd.RegisterFlagCompletionFunc(VolumeFlagName, completion.AutocompleteDefault) + USBFlagName := "usb" + flags.StringArrayVarP(&initOpts.USBs, USBFlagName, "", []string{}, + "USB Host passthrough: bus=$1,devnum=$2 or vendor=$1,product=$2") + _ = initCmd.RegisterFlagCompletionFunc(USBFlagName, completion.AutocompleteDefault) + VolumeDriverFlagName := "volume-driver" flags.StringVar(&initOpts.VolumeDriver, VolumeDriverFlagName, "", "Optional volume driver") _ = initCmd.RegisterFlagCompletionFunc(VolumeDriverFlagName, completion.AutocompleteDefault) diff --git a/cmd/podman/machine/set.go b/cmd/podman/machine/set.go index df73486c04a5..0682d4f87a47 100644 --- a/cmd/podman/machine/set.go +++ b/cmd/podman/machine/set.go @@ -37,6 +37,7 @@ type SetFlags struct { Memory uint64 Rootful bool UserModeNetworking bool + USBs []string } func init() { @@ -74,6 +75,13 @@ func init() { ) _ = setCmd.RegisterFlagCompletionFunc(memoryFlagName, completion.AutocompleteNone) + usbFlagName := "usb" + flags.StringArrayVarP( + &setFlags.USBs, + usbFlagName, "", []string{}, + "USBs bus=$1,devnum=$2 or vendor=$1,product=$2") + _ = setCmd.RegisterFlagCompletionFunc(usbFlagName, completion.AutocompleteNone) + userModeNetFlagName := "user-mode-networking" flags.BoolVar(&setFlags.UserModeNetworking, userModeNetFlagName, false, // defaults not-relevant due to use of Changed() "Whether this machine should use user-mode networking, routing traffic through a host user-space process") @@ -110,6 +118,9 @@ func setMachine(cmd *cobra.Command, args []string) error { if cmd.Flags().Changed("user-mode-networking") { setOpts.UserModeNetworking = &setFlags.UserModeNetworking } + if cmd.Flags().Changed("usb") { + setOpts.USBs = &setFlags.USBs + } setErrs, lasterr := vm.Set(vmName, setOpts) for _, err := range setErrs { diff --git a/docs/source/markdown/podman-machine-init.1.md.in b/docs/source/markdown/podman-machine-init.1.md.in index f3d0c2cff5bf..3a3d0230048c 100644 --- a/docs/source/markdown/podman-machine-init.1.md.in +++ b/docs/source/markdown/podman-machine-init.1.md.in @@ -104,6 +104,20 @@ means to use the timezone of the machine host. The timezone setting is not used with WSL. WSL automatically sets the timezone to the same as the host Windows operating system. +#### **--usb**=*bus=number,devnum=number* or *vendor=hexadecimal,product=hexadecimal* + +Assign a USB device from the host to the VM via USB passthrough. +Only supported for QEMU Machines. + +The device needs to have proper permissions in order to be passed to the machine. This +means the device needs to be under your user group. + +Note that using bus and device number are simpler but the values can change every boot +or when the device is unplugged. + +When specifying a USB using vendor and product ID's, if more than one device has the +same vendor and product ID, the first available device is assigned. + @@option user-mode-networking #### **--username** @@ -160,6 +174,8 @@ $ podman machine init --rootful $ podman machine init --disk-size 50 $ podman machine init --memory=1024 myvm $ podman machine init -v /Users:/mnt/Users +$ podman machine init --usb vendor=13d3,product=5406 +$ podman machine init --usb bus=1,devnum=3 ``` ## SEE ALSO diff --git a/docs/source/markdown/podman-machine-set.1.md.in b/docs/source/markdown/podman-machine-set.1.md.in index 1471ab35216c..1f0e41647987 100644 --- a/docs/source/markdown/podman-machine-set.1.md.in +++ b/docs/source/markdown/podman-machine-set.1.md.in @@ -52,6 +52,20 @@ are no longer visible with the default connection/socket. This is because the ro users in the VM are completely separated and do not share any storage. The data however is not lost and you can always change this option back or use the other connection to access it. +#### **--usb**=*bus=number,devnum=number* or *vendor=hexadecimal,product=hexadecimal* or *""* + +Assign a USB device from the host to the VM. +Only supported for QEMU Machines. + +The device needs to be present when the VM starts. +The device needs to have proper permissions in order to be assign to podman machine. + +Use an empty string to remove all previously set USB devices. + +Note that using bus and device number are simpler but the values can change every boot or when the +device is unplugged. Using vendor and product might lead to collision in the case of multiple +devices with the same vendor product value, the first available device is assigned. + @@option user-mode-networking ## EXAMPLES diff --git a/pkg/machine/applehv/config.go b/pkg/machine/applehv/config.go index be4dfabbe998..671df990b72f 100644 --- a/pkg/machine/applehv/config.go +++ b/pkg/machine/applehv/config.go @@ -113,6 +113,10 @@ func (v AppleHVVirtualization) LoadVMByName(name string) (machine.VM, error) { func (v AppleHVVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, error) { m := MacMachine{Name: opts.Name} + if len(opts.USBs) > 0 { + return nil, fmt.Errorf("USB host passtrough not supported for applehv machines") + } + configDir, err := machine.GetConfDir(machine.AppleHvVirt) if err != nil { return nil, err diff --git a/pkg/machine/applehv/machine.go b/pkg/machine/applehv/machine.go index 8da6f3f74c96..e7518ed8fa0c 100644 --- a/pkg/machine/applehv/machine.go +++ b/pkg/machine/applehv/machine.go @@ -458,6 +458,9 @@ func (m *MacMachine) Set(name string, opts machine.SetOptions) ([]error, error) } } } + if opts.USBs != nil { + setErrors = append(setErrors, errors.New("changing USBs not supported for applehv machines")) + } // Write the machine config to the filesystem err = m.writeConfig() diff --git a/pkg/machine/config.go b/pkg/machine/config.go index 96c283b7cc57..b97cda77c3c8 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -39,6 +39,7 @@ type InitOptions struct { Rootful bool UID string // uid of the user that called machine UserModeNetworking *bool // nil = use backend/system default, false = disable, true = enable + USBs []string } type Status = string @@ -106,6 +107,7 @@ type SetOptions struct { Memory *uint64 Rootful *bool UserModeNetworking *bool + USBs *[]string } type SSHOptions struct { @@ -271,6 +273,13 @@ func ConfDirPrefix() (string, error) { return confDir, nil } +type USBConfig struct { + Bus string + DevNumber string + Vendor int + Product int +} + // ResourceConfig describes physical attributes of the machine type ResourceConfig struct { // CPUs to be assigned to the VM @@ -279,6 +288,8 @@ type ResourceConfig struct { DiskSize uint64 // Memory in megabytes assigned to the vm Memory uint64 + // Usbs + USBs []USBConfig } type Mount struct { diff --git a/pkg/machine/hyperv/config.go b/pkg/machine/hyperv/config.go index 223241d9f484..5d0fad405a05 100644 --- a/pkg/machine/hyperv/config.go +++ b/pkg/machine/hyperv/config.go @@ -111,6 +111,9 @@ func (v HyperVVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, if len(opts.ImagePath) < 1 { return nil, errors.New("must define --image-path for hyperv support") } + if len(opts.USBs) > 0 { + return nil, fmt.Errorf("USB host passtrough not supported for hyperv machines") + } m.RemoteUsername = opts.Username diff --git a/pkg/machine/hyperv/machine.go b/pkg/machine/hyperv/machine.go index ffacfa4ebb97..257dc3d5bc0a 100644 --- a/pkg/machine/hyperv/machine.go +++ b/pkg/machine/hyperv/machine.go @@ -518,6 +518,10 @@ func (m *HyperVMachine) Set(name string, opts machine.SetOptions) ([]error, erro memoryChanged = true } + if opts.USBs != nil { + setErrors = append(setErrors, errors.New("changing USBs not supported for hyperv machines")) + } + if cpuChanged || memoryChanged { err := vm.UpdateProcessorMemSettings(func(ps *hypervctl.ProcessorSettings) { if cpuChanged { diff --git a/pkg/machine/qemu/command.go b/pkg/machine/qemu/command.go index 6e6c8f31bedb..c8dc3151063c 100644 --- a/pkg/machine/qemu/command.go +++ b/pkg/machine/qemu/command.go @@ -4,6 +4,7 @@ import ( "fmt" "strconv" + "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/define" ) @@ -46,6 +47,24 @@ func (q *QemuCmd) SetNetwork() { *q = append(*q, "-netdev", "socket,id=vlan,fd=3", "-device", "virtio-net-pci,netdev=vlan,mac=5a:94:ef:e4:0c:ee") } +// SetNetwork adds a network device to the machine +func (q *QemuCmd) SetUSBHostPassthrough(usbs []machine.USBConfig) { + if len(usbs) == 0 { + return + } + // Add xhci usb emulation first and then each usb device + *q = append(*q, "-device", "qemu-xhci") + for _, usb := range usbs { + var dev string + if usb.Bus != "" && usb.DevNumber != "" { + dev = fmt.Sprintf("usb-host,hostbus=%s,hostaddr=%s", usb.Bus, usb.DevNumber) + } else { + dev = fmt.Sprintf("usb-host,vendorid=%d,productid=%d", usb.Vendor, usb.Product) + } + *q = append(*q, "-device", dev) + } +} + // SetSerialPort adds a serial port to the machine for readiness func (q *QemuCmd) SetSerialPort(readySocket, vmPidFile define.VMFile, name string) { *q = append(*q, diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index eb776097f273..8afe6498b03e 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -6,6 +6,7 @@ import ( "io/fs" "os" "path/filepath" + "strconv" "strings" "time" @@ -59,6 +60,78 @@ func (v *MachineVM) setNewMachineCMD(qemuBinary string, cmdOpts *setNewMachineCM v.CmdLine.SetQmpMonitor(v.QMPMonitor) v.CmdLine.SetNetwork() v.CmdLine.SetSerialPort(v.ReadySocket, v.VMPidFilePath, v.Name) + v.CmdLine.SetUSBHostPassthrough(v.USBs) +} + +func parseUSBs(usbs []string) ([]machine.USBConfig, error) { + configs := []machine.USBConfig{} + for _, str := range usbs { + if str == "" { + // Ignore --usb="" as it can be used to reset USBConfigs + continue + } + + vals := strings.Split(str, ",") + if len(vals) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing ',': %s", str) + } + + left := strings.Split(vals[0], "=") + if len(left) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) + } + + right := strings.Split(vals[1], "=") + if len(right) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) + } + + option := "" + if (left[0] == "bus" && right[0] == "devnum") || + (right[0] == "bus" && left[0] == "devnum") { + option = "bus_devnum" + } + if (left[0] == "vendor" && right[0] == "product") || + (right[0] == "vendor" && left[0] == "product") { + option = "vendor_product" + } + + switch option { + case "bus_devnum": + bus, devnumber := left[1], right[1] + if right[0] == "bus" { + bus, devnumber = devnumber, bus + } + + configs = append(configs, machine.USBConfig{ + Bus: bus, + DevNumber: devnumber, + }) + case "vendor_product": + vendorStr, productStr := left[1], right[1] + if right[0] == "vendor" { + vendorStr, productStr = productStr, vendorStr + } + + vendor, err := strconv.ParseInt(vendorStr, 16, 0) + if err != nil { + return configs, fmt.Errorf("fail to convert vendor of %s: %s", str, err) + } + + product, err := strconv.ParseInt(productStr, 16, 0) + if err != nil { + return configs, fmt.Errorf("fail to convert product of %s: %s", str, err) + } + + configs = append(configs, machine.USBConfig{ + Vendor: int(vendor), + Product: int(product), + }) + default: + return configs, fmt.Errorf("usb: fail to parse: %s", str) + } + } + return configs, nil } // NewMachine initializes an instance of a virtual machine based on the qemu @@ -104,6 +177,9 @@ func (p *QEMUVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, e vm.CPUs = opts.CPUS vm.Memory = opts.Memory vm.DiskSize = opts.DiskSize + if vm.USBs, err = parseUSBs(opts.USBs); err != nil { + return nil, err + } vm.Created = time.Now() diff --git a/pkg/machine/qemu/config_test.go b/pkg/machine/qemu/config_test.go new file mode 100644 index 000000000000..d1bd0f291ee7 --- /dev/null +++ b/pkg/machine/qemu/config_test.go @@ -0,0 +1,79 @@ +package qemu + +import ( + "reflect" + "testing" + + "github.com/containers/podman/v4/pkg/machine" +) + +func TestUSBParsing(t *testing.T) { + tests := []struct { + name string + args []string + result []machine.USBConfig + wantErr bool + }{ + { + name: "Good vendor and product", + args: []string{"vendor=13d3,product=5406", "vendor=08ec,product=0016"}, + result: []machine.USBConfig{ + { + Vendor: 5075, + Product: 21510, + }, + { + Vendor: 2284, + Product: 22, + }, + }, + wantErr: false, + }, + { + name: "Good bus and device number", + args: []string{"bus=1,devnum=4", "bus=1,devnum=3"}, + result: []machine.USBConfig{ + { + Bus: "1", + DevNumber: "4", + }, + { + Bus: "1", + DevNumber: "3", + }, + }, + wantErr: false, + }, + { + name: "Bad vendor and product, not hexa", + args: []string{"vendor=13dk,product=5406"}, + result: []machine.USBConfig{}, + wantErr: true, + }, + { + name: "Bad vendor and product, bad separator", + args: []string{"vendor=13d3:product=5406"}, + result: []machine.USBConfig{}, + wantErr: true, + }, + { + name: "Bad vendor and product, missing equal", + args: []string{"vendor=13d3:product-5406"}, + result: []machine.USBConfig{}, + wantErr: true, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + got, err := parseUSBs(test.args) + if (err != nil) != test.wantErr { + t.Errorf("parseUUBs error = %v, wantErr %v", err, test.wantErr) + return + } + if !reflect.DeepEqual(got, test.result) { + t.Errorf("parseUUBs got %v, want %v", got, test.result) + } + }) + } +} diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index f7fd7ef38b6c..ad22527b8049 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -401,6 +401,14 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) ([]error, error) { } } + if opts.USBs != nil { + if usbConfigs, err := parseUSBs(*opts.USBs); err != nil { + setErrors = append(setErrors, fmt.Errorf("failed to set usb: %w", err)) + } else { + v.USBs = usbConfigs + } + } + err = v.writeConfig() if err != nil { setErrors = append(setErrors, err) diff --git a/pkg/machine/wsl/config.go b/pkg/machine/wsl/config.go index 001d7c675a80..d46a0959f18f 100644 --- a/pkg/machine/wsl/config.go +++ b/pkg/machine/wsl/config.go @@ -4,6 +4,7 @@ package wsl import ( + "fmt" "io/fs" "path/filepath" "strings" @@ -29,6 +30,9 @@ func VirtualizationProvider() machine.VirtProvider { // NewMachine initializes an instance of a wsl machine func (p *WSLVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, error) { vm := new(MachineVM) + if len(opts.USBs) > 0 { + return nil, fmt.Errorf("USB host passtrough not supported for WSL machines") + } if len(opts.Name) > 0 { vm.Name = opts.Name } diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go index 51d96e74342b..bd6b391cf4cb 100644 --- a/pkg/machine/wsl/machine.go +++ b/pkg/machine/wsl/machine.go @@ -1135,7 +1135,10 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) ([]error, error) { if opts.Memory != nil { setErrors = append(setErrors, errors.New("changing memory not supported for WSL machines")) + } + if opts.USBs != nil { + setErrors = append(setErrors, errors.New("changing USBs not supported for WSL machines")) } if opts.DiskSize != nil { From b8d59030cf495b700beb590f4bfd7eee1ce062e4 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 6 Nov 2023 09:21:26 -0600 Subject: [PATCH 004/170] Document --userns=auto behaviour for rootless users Signed-off-by: Daniel J Walsh --- docs/source/markdown/options/userns.container.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/source/markdown/options/userns.container.md b/docs/source/markdown/options/userns.container.md index e0c0c95c89c5..ff975ccf2b8d 100644 --- a/docs/source/markdown/options/userns.container.md +++ b/docs/source/markdown/options/userns.container.md @@ -30,9 +30,11 @@ Valid _mode_ values are: **auto**[:_OPTIONS,..._]: automatically create a unique user namespace. -The `--userns=auto` flag requires that the user name __containers__ be specified in the /etc/subuid and /etc/subgid files, with an unused range of subordinate user IDs that Podman containers are allowed to allocate. See subuid(5). +* `rootful mode`: The `--userns=auto` flag requires that the user name __containers__ be specified in the /etc/subuid and /etc/subgid files, with an unused range of subordinate user IDs that Podman containers are allowed to allocate. -Example: `containers:2147483647:2147483648`. + Example: `containers:2147483647:2147483648`. + +* `rootless mode`: The users range from the /etc/subuid and /etc/subgid files will be used. Note running a single container without using --userns=auto will use the entire range of UIDs and not allow further subdividing. See subuid(5). Podman allocates unique ranges of UIDs and GIDs from the `containers` subordinate user IDs. The size of the ranges is based on the number of UIDs required in the image. The number of UIDs and GIDs can be overridden with the `size` option. From 9cd975d59e39bd42b4106f931f3b92a75b86fd36 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 9 Nov 2023 01:32:29 +0000 Subject: [PATCH 005/170] [skip-ci] Update github/issue-labeler action to v3.3 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/issue-labeler.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/issue-labeler.yml b/.github/workflows/issue-labeler.yml index 0e41f876f3b4..e03ea242578a 100644 --- a/.github/workflows/issue-labeler.yml +++ b/.github/workflows/issue-labeler.yml @@ -13,7 +13,7 @@ jobs: issues: write # for github/issue-labeler to create or remove labels runs-on: ubuntu-latest steps: - - uses: github/issue-labeler@v3.2 + - uses: github/issue-labeler@v3.3 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" configuration-path: .github/issue-labeler.yml From 60f67eec7565770e037365cf195fec100499cc80 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 9 Nov 2023 02:15:20 +0000 Subject: [PATCH 006/170] fix(deps): update github.com/containers/libhvee digest to 9651e31 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- vendor/github.com/containers/libhvee/pkg/wmiext/instance.go | 6 +----- vendor/modules.txt | 2 +- 4 files changed, 5 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index a5f8ef849d8a..f459798076d1 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f - github.com/containers/libhvee v0.4.1-0.20231012183749-e51be96b4854 + github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 github.com/containers/storage v1.50.3-0.20231101112703-6e72f11598fb diff --git a/go.sum b/go.sum index e5999af509b1..72d2a374118a 100644 --- a/go.sum +++ b/go.sum @@ -262,8 +262,8 @@ github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIq github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f h1:x79xiC/Zs7yRzCWCT/fuf8J8LALTzVHzGT9T0HEx9FQ= github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f/go.mod h1:7+h9aIQgB6YzWxFzKAAYQ0CQZS0ks/bc+FMZQTJFoN8= -github.com/containers/libhvee v0.4.1-0.20231012183749-e51be96b4854 h1:9pHtBDAO1ZE0Cwhn3rfp7CfqpfeaYllG2o6wuDdxsa8= -github.com/containers/libhvee v0.4.1-0.20231012183749-e51be96b4854/go.mod h1:3lTcwI2g7qe8Ekgk9hdDxQeT9KrqXPilQvxJfIJp8TQ= +github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 h1:R6e4nMpxUWRTn+QoiS1dnWL3qa0hpFb2+8/ltKtSnWE= +github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734/go.mod h1:3lTcwI2g7qe8Ekgk9hdDxQeT9KrqXPilQvxJfIJp8TQ= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd h1:NbQ782+jynau+ySnK8qBGyLstgiaLOAjoJWrwSLovGc= diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go b/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go index 64fe257b4c30..fdd18dda6556 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go @@ -497,11 +497,7 @@ func (i *Instance) NextAsVariant() (bool, string, *ole.VARIANT, CIMTYPE_ENUMERAT return true, "", nil, cimType, flavor, nil } - defer func() { - if err := ole.SysFreeString((*int16)(unsafe.Pointer(strName))); err != nil { - logrus.Error(err) - } - }() + defer ole.SysFreeString((*int16)(unsafe.Pointer(strName))) //nolint:errcheck name := ole.BstrToString(strName) return false, name, &variant, cimType, flavor, nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 414bfdcc8495..ce2c6cd46dc1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -302,7 +302,7 @@ github.com/containers/image/v5/transports github.com/containers/image/v5/transports/alltransports github.com/containers/image/v5/types github.com/containers/image/v5/version -# github.com/containers/libhvee v0.4.1-0.20231012183749-e51be96b4854 +# github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 ## explicit; go 1.18 github.com/containers/libhvee/pkg/hypervctl github.com/containers/libhvee/pkg/kvp/ginsu From 5388836c11049496dd3267ce225d1105a3075e1e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 9 Nov 2023 02:16:55 +0000 Subject: [PATCH 007/170] fix(deps): update module golang.org/x/tools to v0.15.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- test/tools/go.mod | 6 +- test/tools/go.sum | 14 +- .../golang.org/x/sys/execabs/execabs_go118.go | 1 - .../golang.org/x/sys/execabs/execabs_go119.go | 1 - .../vendor/golang.org/x/sys/unix/aliases.go | 2 - .../golang.org/x/sys/unix/asm_aix_ppc64.s | 1 - .../golang.org/x/sys/unix/asm_bsd_386.s | 2 - .../golang.org/x/sys/unix/asm_bsd_amd64.s | 2 - .../golang.org/x/sys/unix/asm_bsd_arm.s | 2 - .../golang.org/x/sys/unix/asm_bsd_arm64.s | 2 - .../golang.org/x/sys/unix/asm_bsd_ppc64.s | 2 - .../golang.org/x/sys/unix/asm_bsd_riscv64.s | 2 - .../golang.org/x/sys/unix/asm_linux_386.s | 1 - .../golang.org/x/sys/unix/asm_linux_amd64.s | 1 - .../golang.org/x/sys/unix/asm_linux_arm.s | 1 - .../golang.org/x/sys/unix/asm_linux_arm64.s | 3 - .../golang.org/x/sys/unix/asm_linux_loong64.s | 3 - .../golang.org/x/sys/unix/asm_linux_mips64x.s | 3 - .../golang.org/x/sys/unix/asm_linux_mipsx.s | 3 - .../golang.org/x/sys/unix/asm_linux_ppc64x.s | 3 - .../golang.org/x/sys/unix/asm_linux_riscv64.s | 2 - .../golang.org/x/sys/unix/asm_linux_s390x.s | 3 - .../x/sys/unix/asm_openbsd_mips64.s | 1 - .../golang.org/x/sys/unix/asm_solaris_amd64.s | 1 - .../golang.org/x/sys/unix/asm_zos_s390x.s | 3 - .../golang.org/x/sys/unix/cap_freebsd.go | 1 - .../vendor/golang.org/x/sys/unix/constants.go | 1 - .../golang.org/x/sys/unix/dev_aix_ppc.go | 1 - .../golang.org/x/sys/unix/dev_aix_ppc64.go | 1 - .../vendor/golang.org/x/sys/unix/dev_zos.go | 1 - .../vendor/golang.org/x/sys/unix/dirent.go | 1 - .../golang.org/x/sys/unix/endian_big.go | 1 - .../golang.org/x/sys/unix/endian_little.go | 1 - .../vendor/golang.org/x/sys/unix/env_unix.go | 1 - .../vendor/golang.org/x/sys/unix/epoll_zos.go | 1 - .../vendor/golang.org/x/sys/unix/fcntl.go | 1 - .../x/sys/unix/fcntl_linux_32bit.go | 1 - .../vendor/golang.org/x/sys/unix/fdset.go | 1 - .../golang.org/x/sys/unix/fstatfs_zos.go | 1 - .../vendor/golang.org/x/sys/unix/gccgo.go | 1 - .../vendor/golang.org/x/sys/unix/gccgo_c.c | 1 - .../x/sys/unix/gccgo_linux_amd64.go | 1 - .../golang.org/x/sys/unix/ifreq_linux.go | 1 - .../golang.org/x/sys/unix/ioctl_signed.go | 1 - .../golang.org/x/sys/unix/ioctl_unsigned.go | 1 - .../vendor/golang.org/x/sys/unix/ioctl_zos.go | 1 - .../vendor/golang.org/x/sys/unix/mkerrors.sh | 1 - .../golang.org/x/sys/unix/mmap_nomremap.go | 1 - .../vendor/golang.org/x/sys/unix/mremap.go | 1 - .../golang.org/x/sys/unix/pagesize_unix.go | 1 - .../golang.org/x/sys/unix/pledge_openbsd.go | 92 ++------ .../golang.org/x/sys/unix/ptrace_darwin.go | 1 - .../golang.org/x/sys/unix/ptrace_ios.go | 1 - .../vendor/golang.org/x/sys/unix/race.go | 1 - .../vendor/golang.org/x/sys/unix/race0.go | 1 - .../x/sys/unix/readdirent_getdents.go | 1 - .../x/sys/unix/readdirent_getdirentries.go | 1 - .../golang.org/x/sys/unix/sockcmsg_unix.go | 1 - .../x/sys/unix/sockcmsg_unix_other.go | 1 - .../vendor/golang.org/x/sys/unix/syscall.go | 1 - .../golang.org/x/sys/unix/syscall_aix.go | 4 +- .../golang.org/x/sys/unix/syscall_aix_ppc.go | 1 - .../x/sys/unix/syscall_aix_ppc64.go | 1 - .../golang.org/x/sys/unix/syscall_bsd.go | 1 - .../x/sys/unix/syscall_darwin_amd64.go | 1 - .../x/sys/unix/syscall_darwin_arm64.go | 1 - .../x/sys/unix/syscall_darwin_libSystem.go | 1 - .../x/sys/unix/syscall_dragonfly_amd64.go | 1 - .../x/sys/unix/syscall_freebsd_386.go | 1 - .../x/sys/unix/syscall_freebsd_amd64.go | 1 - .../x/sys/unix/syscall_freebsd_arm.go | 1 - .../x/sys/unix/syscall_freebsd_arm64.go | 1 - .../x/sys/unix/syscall_freebsd_riscv64.go | 1 - .../golang.org/x/sys/unix/syscall_hurd.go | 1 - .../golang.org/x/sys/unix/syscall_hurd_386.go | 1 - .../golang.org/x/sys/unix/syscall_illumos.go | 1 - .../golang.org/x/sys/unix/syscall_linux.go | 5 +- .../x/sys/unix/syscall_linux_386.go | 1 - .../x/sys/unix/syscall_linux_alarm.go | 2 - .../x/sys/unix/syscall_linux_amd64.go | 1 - .../x/sys/unix/syscall_linux_amd64_gc.go | 1 - .../x/sys/unix/syscall_linux_arm.go | 1 - .../x/sys/unix/syscall_linux_arm64.go | 1 - .../golang.org/x/sys/unix/syscall_linux_gc.go | 1 - .../x/sys/unix/syscall_linux_gc_386.go | 1 - .../x/sys/unix/syscall_linux_gc_arm.go | 1 - .../x/sys/unix/syscall_linux_gccgo_386.go | 1 - .../x/sys/unix/syscall_linux_gccgo_arm.go | 1 - .../x/sys/unix/syscall_linux_loong64.go | 1 - .../x/sys/unix/syscall_linux_mips64x.go | 2 - .../x/sys/unix/syscall_linux_mipsx.go | 2 - .../x/sys/unix/syscall_linux_ppc.go | 1 - .../x/sys/unix/syscall_linux_ppc64x.go | 2 - .../x/sys/unix/syscall_linux_riscv64.go | 1 - .../x/sys/unix/syscall_linux_s390x.go | 1 - .../x/sys/unix/syscall_linux_sparc64.go | 1 - .../x/sys/unix/syscall_netbsd_386.go | 1 - .../x/sys/unix/syscall_netbsd_amd64.go | 1 - .../x/sys/unix/syscall_netbsd_arm.go | 1 - .../x/sys/unix/syscall_netbsd_arm64.go | 1 - .../golang.org/x/sys/unix/syscall_openbsd.go | 14 +- .../x/sys/unix/syscall_openbsd_386.go | 1 - .../x/sys/unix/syscall_openbsd_amd64.go | 1 - .../x/sys/unix/syscall_openbsd_arm.go | 1 - .../x/sys/unix/syscall_openbsd_arm64.go | 1 - .../x/sys/unix/syscall_openbsd_libc.go | 1 - .../x/sys/unix/syscall_openbsd_ppc64.go | 1 - .../x/sys/unix/syscall_openbsd_riscv64.go | 1 - .../golang.org/x/sys/unix/syscall_solaris.go | 3 +- .../x/sys/unix/syscall_solaris_amd64.go | 1 - .../golang.org/x/sys/unix/syscall_unix.go | 1 - .../golang.org/x/sys/unix/syscall_unix_gc.go | 2 - .../x/sys/unix/syscall_unix_gc_ppc64x.go | 3 - .../x/sys/unix/syscall_zos_s390x.go | 1 - .../golang.org/x/sys/unix/sysvshm_linux.go | 1 - .../golang.org/x/sys/unix/sysvshm_unix.go | 1 - .../x/sys/unix/sysvshm_unix_other.go | 1 - .../golang.org/x/sys/unix/timestruct.go | 1 - .../golang.org/x/sys/unix/unveil_openbsd.go | 41 ++-- .../vendor/golang.org/x/sys/unix/xattr_bsd.go | 1 - .../golang.org/x/sys/unix/zerrors_aix_ppc.go | 1 - .../x/sys/unix/zerrors_aix_ppc64.go | 1 - .../x/sys/unix/zerrors_darwin_amd64.go | 1 - .../x/sys/unix/zerrors_darwin_arm64.go | 1 - .../x/sys/unix/zerrors_dragonfly_amd64.go | 1 - .../x/sys/unix/zerrors_freebsd_386.go | 1 - .../x/sys/unix/zerrors_freebsd_amd64.go | 1 - .../x/sys/unix/zerrors_freebsd_arm.go | 1 - .../x/sys/unix/zerrors_freebsd_arm64.go | 1 - .../x/sys/unix/zerrors_freebsd_riscv64.go | 1 - .../golang.org/x/sys/unix/zerrors_linux.go | 14 +- .../x/sys/unix/zerrors_linux_386.go | 1 - .../x/sys/unix/zerrors_linux_amd64.go | 1 - .../x/sys/unix/zerrors_linux_arm.go | 1 - .../x/sys/unix/zerrors_linux_arm64.go | 1 - .../x/sys/unix/zerrors_linux_loong64.go | 2 +- .../x/sys/unix/zerrors_linux_mips.go | 1 - .../x/sys/unix/zerrors_linux_mips64.go | 1 - .../x/sys/unix/zerrors_linux_mips64le.go | 1 - .../x/sys/unix/zerrors_linux_mipsle.go | 1 - .../x/sys/unix/zerrors_linux_ppc.go | 1 - .../x/sys/unix/zerrors_linux_ppc64.go | 1 - .../x/sys/unix/zerrors_linux_ppc64le.go | 1 - .../x/sys/unix/zerrors_linux_riscv64.go | 4 +- .../x/sys/unix/zerrors_linux_s390x.go | 1 - .../x/sys/unix/zerrors_linux_sparc64.go | 1 - .../x/sys/unix/zerrors_netbsd_386.go | 1 - .../x/sys/unix/zerrors_netbsd_amd64.go | 1 - .../x/sys/unix/zerrors_netbsd_arm.go | 1 - .../x/sys/unix/zerrors_netbsd_arm64.go | 1 - .../x/sys/unix/zerrors_openbsd_386.go | 1 - .../x/sys/unix/zerrors_openbsd_amd64.go | 1 - .../x/sys/unix/zerrors_openbsd_arm.go | 1 - .../x/sys/unix/zerrors_openbsd_arm64.go | 1 - .../x/sys/unix/zerrors_openbsd_mips64.go | 1 - .../x/sys/unix/zerrors_openbsd_ppc64.go | 1 - .../x/sys/unix/zerrors_openbsd_riscv64.go | 1 - .../x/sys/unix/zerrors_solaris_amd64.go | 1 - .../x/sys/unix/zerrors_zos_s390x.go | 1 - .../x/sys/unix/zptrace_armnn_linux.go | 2 - .../x/sys/unix/zptrace_mipsnn_linux.go | 2 - .../x/sys/unix/zptrace_mipsnnle_linux.go | 2 - .../x/sys/unix/zptrace_x86_linux.go | 2 - .../golang.org/x/sys/unix/zsyscall_aix_ppc.go | 1 - .../x/sys/unix/zsyscall_aix_ppc64.go | 1 - .../x/sys/unix/zsyscall_aix_ppc64_gc.go | 1 - .../x/sys/unix/zsyscall_aix_ppc64_gccgo.go | 1 - .../x/sys/unix/zsyscall_darwin_amd64.go | 1 - .../x/sys/unix/zsyscall_darwin_arm64.go | 1 - .../x/sys/unix/zsyscall_dragonfly_amd64.go | 1 - .../x/sys/unix/zsyscall_freebsd_386.go | 1 - .../x/sys/unix/zsyscall_freebsd_amd64.go | 1 - .../x/sys/unix/zsyscall_freebsd_arm.go | 1 - .../x/sys/unix/zsyscall_freebsd_arm64.go | 1 - .../x/sys/unix/zsyscall_freebsd_riscv64.go | 1 - .../x/sys/unix/zsyscall_illumos_amd64.go | 1 - .../golang.org/x/sys/unix/zsyscall_linux.go | 11 +- .../x/sys/unix/zsyscall_linux_386.go | 1 - .../x/sys/unix/zsyscall_linux_amd64.go | 1 - .../x/sys/unix/zsyscall_linux_arm.go | 1 - .../x/sys/unix/zsyscall_linux_arm64.go | 1 - .../x/sys/unix/zsyscall_linux_loong64.go | 1 - .../x/sys/unix/zsyscall_linux_mips.go | 1 - .../x/sys/unix/zsyscall_linux_mips64.go | 1 - .../x/sys/unix/zsyscall_linux_mips64le.go | 1 - .../x/sys/unix/zsyscall_linux_mipsle.go | 1 - .../x/sys/unix/zsyscall_linux_ppc.go | 1 - .../x/sys/unix/zsyscall_linux_ppc64.go | 1 - .../x/sys/unix/zsyscall_linux_ppc64le.go | 1 - .../x/sys/unix/zsyscall_linux_riscv64.go | 1 - .../x/sys/unix/zsyscall_linux_s390x.go | 1 - .../x/sys/unix/zsyscall_linux_sparc64.go | 1 - .../x/sys/unix/zsyscall_netbsd_386.go | 1 - .../x/sys/unix/zsyscall_netbsd_amd64.go | 1 - .../x/sys/unix/zsyscall_netbsd_arm.go | 1 - .../x/sys/unix/zsyscall_netbsd_arm64.go | 1 - .../x/sys/unix/zsyscall_openbsd_386.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_386.s | 15 ++ .../x/sys/unix/zsyscall_openbsd_amd64.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_amd64.s | 15 ++ .../x/sys/unix/zsyscall_openbsd_arm.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_arm.s | 15 ++ .../x/sys/unix/zsyscall_openbsd_arm64.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_arm64.s | 15 ++ .../x/sys/unix/zsyscall_openbsd_mips64.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_mips64.s | 15 ++ .../x/sys/unix/zsyscall_openbsd_ppc64.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_ppc64.s | 18 ++ .../x/sys/unix/zsyscall_openbsd_riscv64.go | 46 +++- .../x/sys/unix/zsyscall_openbsd_riscv64.s | 15 ++ .../x/sys/unix/zsyscall_solaris_amd64.go | 1 - .../x/sys/unix/zsyscall_zos_s390x.go | 1 - .../x/sys/unix/zsysctl_openbsd_386.go | 1 - .../x/sys/unix/zsysctl_openbsd_amd64.go | 1 - .../x/sys/unix/zsysctl_openbsd_arm.go | 1 - .../x/sys/unix/zsysctl_openbsd_arm64.go | 1 - .../x/sys/unix/zsysctl_openbsd_mips64.go | 1 - .../x/sys/unix/zsysctl_openbsd_ppc64.go | 1 - .../x/sys/unix/zsysctl_openbsd_riscv64.go | 1 - .../x/sys/unix/zsysnum_darwin_amd64.go | 1 - .../x/sys/unix/zsysnum_darwin_arm64.go | 1 - .../x/sys/unix/zsysnum_dragonfly_amd64.go | 1 - .../x/sys/unix/zsysnum_freebsd_386.go | 1 - .../x/sys/unix/zsysnum_freebsd_amd64.go | 1 - .../x/sys/unix/zsysnum_freebsd_arm.go | 1 - .../x/sys/unix/zsysnum_freebsd_arm64.go | 1 - .../x/sys/unix/zsysnum_freebsd_riscv64.go | 1 - .../x/sys/unix/zsysnum_linux_386.go | 2 +- .../x/sys/unix/zsysnum_linux_amd64.go | 3 +- .../x/sys/unix/zsysnum_linux_arm.go | 2 +- .../x/sys/unix/zsysnum_linux_arm64.go | 2 +- .../x/sys/unix/zsysnum_linux_loong64.go | 2 +- .../x/sys/unix/zsysnum_linux_mips.go | 2 +- .../x/sys/unix/zsysnum_linux_mips64.go | 2 +- .../x/sys/unix/zsysnum_linux_mips64le.go | 2 +- .../x/sys/unix/zsysnum_linux_mipsle.go | 2 +- .../x/sys/unix/zsysnum_linux_ppc.go | 2 +- .../x/sys/unix/zsysnum_linux_ppc64.go | 2 +- .../x/sys/unix/zsysnum_linux_ppc64le.go | 2 +- .../x/sys/unix/zsysnum_linux_riscv64.go | 2 +- .../x/sys/unix/zsysnum_linux_s390x.go | 2 +- .../x/sys/unix/zsysnum_linux_sparc64.go | 2 +- .../x/sys/unix/zsysnum_netbsd_386.go | 1 - .../x/sys/unix/zsysnum_netbsd_amd64.go | 1 - .../x/sys/unix/zsysnum_netbsd_arm.go | 1 - .../x/sys/unix/zsysnum_netbsd_arm64.go | 1 - .../x/sys/unix/zsysnum_openbsd_386.go | 1 - .../x/sys/unix/zsysnum_openbsd_amd64.go | 1 - .../x/sys/unix/zsysnum_openbsd_arm.go | 1 - .../x/sys/unix/zsysnum_openbsd_arm64.go | 1 - .../x/sys/unix/zsysnum_openbsd_mips64.go | 1 - .../x/sys/unix/zsysnum_openbsd_ppc64.go | 1 - .../x/sys/unix/zsysnum_openbsd_riscv64.go | 1 - .../x/sys/unix/zsysnum_zos_s390x.go | 1 - .../golang.org/x/sys/unix/ztypes_aix_ppc.go | 1 - .../golang.org/x/sys/unix/ztypes_aix_ppc64.go | 1 - .../x/sys/unix/ztypes_darwin_amd64.go | 1 - .../x/sys/unix/ztypes_darwin_arm64.go | 1 - .../x/sys/unix/ztypes_dragonfly_amd64.go | 1 - .../x/sys/unix/ztypes_freebsd_386.go | 1 - .../x/sys/unix/ztypes_freebsd_amd64.go | 1 - .../x/sys/unix/ztypes_freebsd_arm.go | 1 - .../x/sys/unix/ztypes_freebsd_arm64.go | 1 - .../x/sys/unix/ztypes_freebsd_riscv64.go | 1 - .../golang.org/x/sys/unix/ztypes_linux.go | 13 +- .../golang.org/x/sys/unix/ztypes_linux_386.go | 1 - .../x/sys/unix/ztypes_linux_amd64.go | 1 - .../golang.org/x/sys/unix/ztypes_linux_arm.go | 1 - .../x/sys/unix/ztypes_linux_arm64.go | 1 - .../x/sys/unix/ztypes_linux_loong64.go | 1 - .../x/sys/unix/ztypes_linux_mips.go | 1 - .../x/sys/unix/ztypes_linux_mips64.go | 1 - .../x/sys/unix/ztypes_linux_mips64le.go | 1 - .../x/sys/unix/ztypes_linux_mipsle.go | 1 - .../golang.org/x/sys/unix/ztypes_linux_ppc.go | 1 - .../x/sys/unix/ztypes_linux_ppc64.go | 1 - .../x/sys/unix/ztypes_linux_ppc64le.go | 1 - .../x/sys/unix/ztypes_linux_riscv64.go | 1 - .../x/sys/unix/ztypes_linux_s390x.go | 1 - .../x/sys/unix/ztypes_linux_sparc64.go | 1 - .../x/sys/unix/ztypes_netbsd_386.go | 1 - .../x/sys/unix/ztypes_netbsd_amd64.go | 1 - .../x/sys/unix/ztypes_netbsd_arm.go | 1 - .../x/sys/unix/ztypes_netbsd_arm64.go | 1 - .../x/sys/unix/ztypes_openbsd_386.go | 1 - .../x/sys/unix/ztypes_openbsd_amd64.go | 1 - .../x/sys/unix/ztypes_openbsd_arm.go | 1 - .../x/sys/unix/ztypes_openbsd_arm64.go | 1 - .../x/sys/unix/ztypes_openbsd_mips64.go | 1 - .../x/sys/unix/ztypes_openbsd_ppc64.go | 1 - .../x/sys/unix/ztypes_openbsd_riscv64.go | 1 - .../x/sys/unix/ztypes_solaris_amd64.go | 1 - .../golang.org/x/sys/unix/ztypes_zos_s390x.go | 1 - .../golang.org/x/sys/windows/aliases.go | 1 - .../vendor/golang.org/x/sys/windows/empty.s | 1 - .../golang.org/x/sys/windows/eventlog.go | 1 - .../golang.org/x/sys/windows/mksyscall.go | 1 - .../vendor/golang.org/x/sys/windows/race.go | 1 - .../vendor/golang.org/x/sys/windows/race0.go | 1 - .../golang.org/x/sys/windows/service.go | 1 - .../vendor/golang.org/x/sys/windows/str.go | 1 - .../golang.org/x/sys/windows/syscall.go | 1 - .../x/sys/windows/syscall_windows.go | 4 +- .../golang.org/x/sys/windows/types_windows.go | 28 ++- .../x/sys/windows/zsyscall_windows.go | 9 + .../x/tools/internal/fastwalk/fastwalk.go | 196 ------------------ .../internal/fastwalk/fastwalk_darwin.go | 119 ----------- .../fastwalk/fastwalk_dirent_fileno.go | 14 -- .../internal/fastwalk/fastwalk_dirent_ino.go | 15 -- .../fastwalk/fastwalk_dirent_namlen_bsd.go | 14 -- .../fastwalk/fastwalk_dirent_namlen_linux.go | 29 --- .../internal/fastwalk/fastwalk_portable.go | 41 ---- .../tools/internal/fastwalk/fastwalk_unix.go | 153 -------------- .../x/tools/internal/gocommand/invoke.go | 24 ++- .../x/tools/internal/gopathwalk/walk.go | 121 ++++++++--- test/tools/vendor/modules.txt | 9 +- 316 files changed, 694 insertions(+), 1059 deletions(-) delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_darwin.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_fileno.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_ino.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_bsd.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_linux.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_portable.go delete mode 100644 test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_unix.go diff --git a/test/tools/go.mod b/test/tools/go.mod index fe1f6c40a3e9..2f9a589eb4a0 100644 --- a/test/tools/go.mod +++ b/test/tools/go.mod @@ -6,7 +6,7 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.3 github.com/onsi/ginkgo/v2 v2.13.0 github.com/vbatts/git-validation v1.2.1 - golang.org/x/tools v0.14.0 + golang.org/x/tools v0.15.0 ) require ( @@ -19,6 +19,6 @@ require ( github.com/mattn/go-isatty v0.0.17 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sirupsen/logrus v1.8.1 // indirect - golang.org/x/mod v0.13.0 // indirect - golang.org/x/sys v0.13.0 // indirect + golang.org/x/mod v0.14.0 // indirect + golang.org/x/sys v0.14.0 // indirect ) diff --git a/test/tools/go.sum b/test/tools/go.sum index 592430301be4..0b585f824fc3 100644 --- a/test/tools/go.sum +++ b/test/tools/go.sum @@ -40,18 +40,18 @@ github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/vbatts/git-validation v1.2.1 h1:O26LKWEtBOfnxKT/SAiFCAcQglKwyuZEKSq6AevpWJ4= github.com/vbatts/git-validation v1.2.1/go.mod h1:isqpXnI2IUKUhoYIsHg5tDmtiEXoA7KJRVsAc4+XoYw= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.16.0 h1:7eBu7KsSvFDtSXUIDbh3aqlK4DPsZ1rByC8PFfBThos= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= +golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go index 2000064a8124..5627d70e3985 100644 --- a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go +++ b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build !go1.19 -// +build !go1.19 package execabs diff --git a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go index f364b3418926..d60ab1b41951 100644 --- a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go +++ b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build go1.19 -// +build go1.19 package execabs diff --git a/test/tools/vendor/golang.org/x/sys/unix/aliases.go b/test/tools/vendor/golang.org/x/sys/unix/aliases.go index abc89c104a8e..e7d3df4bd360 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/aliases.go +++ b/test/tools/vendor/golang.org/x/sys/unix/aliases.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) && go1.9 -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos -// +build go1.9 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s index db9171c2e491..269e173ca469 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_386.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_386.s index e0fcd9b3deec..a4fcef0e0d7a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_386.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_386.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (freebsd || netbsd || openbsd) && gc -// +build freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s index 2b99c349a2d3..1e63615c5703 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin || dragonfly || freebsd || netbsd || openbsd) && gc -// +build darwin dragonfly freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm.s index d702d4adc77d..6496c310087d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (freebsd || netbsd || openbsd) && gc -// +build freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s index fe36a7391a64..4fd1f54daaab 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin || freebsd || netbsd || openbsd) && gc -// +build darwin freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s index e5b9a84899ac..42f7eb9e4747 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin || freebsd || netbsd || openbsd) && gc -// +build darwin freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s index d560019ea29e..f8902667e975 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin || freebsd || netbsd || openbsd) && gc -// +build darwin freebsd netbsd openbsd -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_386.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_386.s index 8fd101d0716d..3b4734870d97 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_386.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_386.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_amd64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_amd64.s index 7ed38e43c673..67e29f3178b0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_amd64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_amd64.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm.s index 8ef1d51402ae..d6ae269ce166 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm64.s index 98ae02760da1..01e5e253c68e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_arm64.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && arm64 && gc -// +build linux -// +build arm64 -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_loong64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_loong64.s index 565357288a81..2abf12f6e871 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_loong64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_loong64.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && loong64 && gc -// +build linux -// +build loong64 -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s index 21231d2ce13f..f84bae7120e7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (mips64 || mips64le) && gc -// +build linux -// +build mips64 mips64le -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s index 6783b26c606a..f08f62807723 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (mips || mipsle) && gc -// +build linux -// +build mips mipsle -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s index 19d4989344df..bdfc024d2d3b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (ppc64 || ppc64le) && gc -// +build linux -// +build ppc64 ppc64le -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s index e42eb81d583d..2e8c99612038 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build riscv64 && gc -// +build riscv64 -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_s390x.s b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_s390x.s index c46aab339594..2c394b11ebd6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_linux_s390x.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_linux_s390x.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && s390x && gc -// +build linux -// +build s390x -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s index 5e7a1169c05d..fab586a2c419 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s b/test/tools/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s index f8c5394c1a72..f949ec5476d2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gc -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/asm_zos_s390x.s b/test/tools/vendor/golang.org/x/sys/unix/asm_zos_s390x.s index 3b54e1858131..2f67ba86d574 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/asm_zos_s390x.s +++ b/test/tools/vendor/golang.org/x/sys/unix/asm_zos_s390x.s @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x && gc -// +build zos -// +build s390x -// +build gc #include "textflag.h" diff --git a/test/tools/vendor/golang.org/x/sys/unix/cap_freebsd.go b/test/tools/vendor/golang.org/x/sys/unix/cap_freebsd.go index 0b7c6adb8661..a08657890f39 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/cap_freebsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/cap_freebsd.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build freebsd -// +build freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/constants.go b/test/tools/vendor/golang.org/x/sys/unix/constants.go index 394a3965b68d..6fb7cb77d0a3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/constants.go +++ b/test/tools/vendor/golang.org/x/sys/unix/constants.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc.go index 65a998508db4..d78513461777 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix && ppc -// +build aix,ppc // Functions to access/create device major and minor numbers matching the // encoding used by AIX. diff --git a/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go index 8fc08ad0aae2..623a5e6973a0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix && ppc64 -// +build aix,ppc64 // Functions to access/create device major and minor numbers matching the // encoding used AIX. diff --git a/test/tools/vendor/golang.org/x/sys/unix/dev_zos.go b/test/tools/vendor/golang.org/x/sys/unix/dev_zos.go index a388e59a0e0f..bb6a64fe92d2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/dev_zos.go +++ b/test/tools/vendor/golang.org/x/sys/unix/dev_zos.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x // Functions to access/create device major and minor numbers matching the // encoding used by z/OS. diff --git a/test/tools/vendor/golang.org/x/sys/unix/dirent.go b/test/tools/vendor/golang.org/x/sys/unix/dirent.go index 2499f977b070..1ebf1178269f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/dirent.go +++ b/test/tools/vendor/golang.org/x/sys/unix/dirent.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/endian_big.go b/test/tools/vendor/golang.org/x/sys/unix/endian_big.go index a52026557681..1095fd31d685 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/endian_big.go +++ b/test/tools/vendor/golang.org/x/sys/unix/endian_big.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. // //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64 -// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/endian_little.go b/test/tools/vendor/golang.org/x/sys/unix/endian_little.go index b0f2bc4ae3b2..b9f0e277b149 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/endian_little.go +++ b/test/tools/vendor/golang.org/x/sys/unix/endian_little.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. // //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh -// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/env_unix.go b/test/tools/vendor/golang.org/x/sys/unix/env_unix.go index 29ccc4d1334c..a96da71f4736 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/env_unix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/env_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos // Unix environment variables. diff --git a/test/tools/vendor/golang.org/x/sys/unix/epoll_zos.go b/test/tools/vendor/golang.org/x/sys/unix/epoll_zos.go index cedaf7e024b4..7753fddea817 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/epoll_zos.go +++ b/test/tools/vendor/golang.org/x/sys/unix/epoll_zos.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/fcntl.go b/test/tools/vendor/golang.org/x/sys/unix/fcntl.go index e9b991258c18..58c6bfc70f6e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/fcntl.go +++ b/test/tools/vendor/golang.org/x/sys/unix/fcntl.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build dragonfly || freebsd || linux || netbsd || openbsd -// +build dragonfly freebsd linux netbsd openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go b/test/tools/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go index 29d44808b1d0..13b4acd5c691 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go +++ b/test/tools/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc) -// +build linux,386 linux,arm linux,mips linux,mipsle linux,ppc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/fdset.go b/test/tools/vendor/golang.org/x/sys/unix/fdset.go index a8068f94f290..9e83d18cd042 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/fdset.go +++ b/test/tools/vendor/golang.org/x/sys/unix/fdset.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/fstatfs_zos.go b/test/tools/vendor/golang.org/x/sys/unix/fstatfs_zos.go index e377cc9f49c3..c8bde601e772 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/fstatfs_zos.go +++ b/test/tools/vendor/golang.org/x/sys/unix/fstatfs_zos.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/gccgo.go b/test/tools/vendor/golang.org/x/sys/unix/gccgo.go index b06f52d748f6..aca5721ddccd 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/gccgo.go +++ b/test/tools/vendor/golang.org/x/sys/unix/gccgo.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gccgo && !aix && !hurd -// +build gccgo,!aix,!hurd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/gccgo_c.c b/test/tools/vendor/golang.org/x/sys/unix/gccgo_c.c index f98a1c542f05..d468b7b47f14 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/gccgo_c.c +++ b/test/tools/vendor/golang.org/x/sys/unix/gccgo_c.c @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gccgo && !aix && !hurd -// +build gccgo,!aix,!hurd #include #include diff --git a/test/tools/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go index e60e49a3d9c0..972d61bd7549 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build gccgo && linux && amd64 -// +build gccgo,linux,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ifreq_linux.go b/test/tools/vendor/golang.org/x/sys/unix/ifreq_linux.go index 15721a5104e4..848840ae4c75 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ifreq_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ifreq_linux.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux -// +build linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ioctl_signed.go b/test/tools/vendor/golang.org/x/sys/unix/ioctl_signed.go index 7def9580e6f8..5b0759bd8652 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ioctl_signed.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ioctl_signed.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || solaris -// +build aix solaris package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ioctl_unsigned.go b/test/tools/vendor/golang.org/x/sys/unix/ioctl_unsigned.go index 649913d1ea71..20f470b9d09e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ioctl_unsigned.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ioctl_unsigned.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin || dragonfly || freebsd || hurd || linux || netbsd || openbsd -// +build darwin dragonfly freebsd hurd linux netbsd openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ioctl_zos.go b/test/tools/vendor/golang.org/x/sys/unix/ioctl_zos.go index cdc21bf76dcb..c8b2a750f8cd 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ioctl_zos.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ioctl_zos.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/mkerrors.sh b/test/tools/vendor/golang.org/x/sys/unix/mkerrors.sh index 47fa6a7ebd45..cbe24150a7a8 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/test/tools/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -663,7 +663,6 @@ echo '// mkerrors.sh' "$@" echo '// Code generated by the command above; see README.md. DO NOT EDIT.' echo echo "//go:build ${GOARCH} && ${GOOS}" -echo "// +build ${GOARCH},${GOOS}" echo go tool cgo -godefs -- "$@" _const.go >_error.out cat _error.out | grep -vf _error.grep | grep -vf _signal.grep diff --git a/test/tools/vendor/golang.org/x/sys/unix/mmap_nomremap.go b/test/tools/vendor/golang.org/x/sys/unix/mmap_nomremap.go index ca0513632ee3..4b68e59780a2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/mmap_nomremap.go +++ b/test/tools/vendor/golang.org/x/sys/unix/mmap_nomremap.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || openbsd || solaris -// +build aix darwin dragonfly freebsd openbsd solaris package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/mremap.go b/test/tools/vendor/golang.org/x/sys/unix/mremap.go index fa93d0aa9045..fd45fe529da5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/mremap.go +++ b/test/tools/vendor/golang.org/x/sys/unix/mremap.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux || netbsd -// +build linux netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/pagesize_unix.go b/test/tools/vendor/golang.org/x/sys/unix/pagesize_unix.go index 53f1b4c5b81e..4d0a3430edc5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/pagesize_unix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/pagesize_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris // For Unix, get the pagesize from the runtime. diff --git a/test/tools/vendor/golang.org/x/sys/unix/pledge_openbsd.go b/test/tools/vendor/golang.org/x/sys/unix/pledge_openbsd.go index eb48294b2742..6a09af53e6bb 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/pledge_openbsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/pledge_openbsd.go @@ -8,54 +8,31 @@ import ( "errors" "fmt" "strconv" - "syscall" - "unsafe" ) // Pledge implements the pledge syscall. // -// The pledge syscall does not accept execpromises on OpenBSD releases -// before 6.3. -// -// execpromises must be empty when Pledge is called on OpenBSD -// releases predating 6.3, otherwise an error will be returned. +// This changes both the promises and execpromises; use PledgePromises or +// PledgeExecpromises to only change the promises or execpromises +// respectively. // // For more information see pledge(2). func Pledge(promises, execpromises string) error { - maj, min, err := majmin() - if err != nil { + if err := pledgeAvailable(); err != nil { return err } - err = pledgeAvailable(maj, min, execpromises) + pptr, err := BytePtrFromString(promises) if err != nil { return err } - pptr, err := syscall.BytePtrFromString(promises) + exptr, err := BytePtrFromString(execpromises) if err != nil { return err } - // This variable will hold either a nil unsafe.Pointer or - // an unsafe.Pointer to a string (execpromises). - var expr unsafe.Pointer - - // If we're running on OpenBSD > 6.2, pass execpromises to the syscall. - if maj > 6 || (maj == 6 && min > 2) { - exptr, err := syscall.BytePtrFromString(execpromises) - if err != nil { - return err - } - expr = unsafe.Pointer(exptr) - } - - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0) - if e != 0 { - return e - } - - return nil + return pledge(pptr, exptr) } // PledgePromises implements the pledge syscall. @@ -64,30 +41,16 @@ func Pledge(promises, execpromises string) error { // // For more information see pledge(2). func PledgePromises(promises string) error { - maj, min, err := majmin() - if err != nil { - return err - } - - err = pledgeAvailable(maj, min, "") - if err != nil { + if err := pledgeAvailable(); err != nil { return err } - // This variable holds the execpromises and is always nil. - var expr unsafe.Pointer - - pptr, err := syscall.BytePtrFromString(promises) + pptr, err := BytePtrFromString(promises) if err != nil { return err } - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0) - if e != 0 { - return e - } - - return nil + return pledge(pptr, nil) } // PledgeExecpromises implements the pledge syscall. @@ -96,30 +59,16 @@ func PledgePromises(promises string) error { // // For more information see pledge(2). func PledgeExecpromises(execpromises string) error { - maj, min, err := majmin() - if err != nil { + if err := pledgeAvailable(); err != nil { return err } - err = pledgeAvailable(maj, min, execpromises) + exptr, err := BytePtrFromString(execpromises) if err != nil { return err } - // This variable holds the promises and is always nil. - var pptr unsafe.Pointer - - exptr, err := syscall.BytePtrFromString(execpromises) - if err != nil { - return err - } - - _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(pptr), uintptr(unsafe.Pointer(exptr)), 0) - if e != 0 { - return e - } - - return nil + return pledge(nil, exptr) } // majmin returns major and minor version number for an OpenBSD system. @@ -147,16 +96,15 @@ func majmin() (major int, minor int, err error) { // pledgeAvailable checks for availability of the pledge(2) syscall // based on the running OpenBSD version. -func pledgeAvailable(maj, min int, execpromises string) error { - // If OpenBSD <= 5.9, pledge is not available. - if (maj == 5 && min != 9) || maj < 5 { - return fmt.Errorf("pledge syscall is not available on OpenBSD %d.%d", maj, min) +func pledgeAvailable() error { + maj, min, err := majmin() + if err != nil { + return err } - // If OpenBSD <= 6.2 and execpromises is not empty, - // return an error - execpromises is not available before 6.3 - if (maj < 6 || (maj == 6 && min <= 2)) && execpromises != "" { - return fmt.Errorf("cannot use execpromises on OpenBSD %d.%d", maj, min) + // Require OpenBSD 6.4 as a minimum. + if maj < 6 || (maj == 6 && min <= 3) { + return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, min) } return nil diff --git a/test/tools/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/test/tools/vendor/golang.org/x/sys/unix/ptrace_darwin.go index 463c3eff7fd2..3f0975f3de76 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ptrace_darwin.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ptrace_darwin.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin && !ios -// +build darwin,!ios package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ptrace_ios.go b/test/tools/vendor/golang.org/x/sys/unix/ptrace_ios.go index ed0509a0117c..a4d35db5dc28 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ptrace_ios.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ptrace_ios.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build ios -// +build ios package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/race.go b/test/tools/vendor/golang.org/x/sys/unix/race.go index 6f6c5fec5ae3..714d2aae7c09 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/race.go +++ b/test/tools/vendor/golang.org/x/sys/unix/race.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin && race) || (linux && race) || (freebsd && race) -// +build darwin,race linux,race freebsd,race package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/race0.go b/test/tools/vendor/golang.org/x/sys/unix/race0.go index 706e1322ae41..4a9f6634c980 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/race0.go +++ b/test/tools/vendor/golang.org/x/sys/unix/race0.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || (darwin && !race) || (linux && !race) || (freebsd && !race) || netbsd || openbsd || solaris || dragonfly || zos -// +build aix darwin,!race linux,!race freebsd,!race netbsd openbsd solaris dragonfly zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdents.go b/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdents.go index 4d6257569ea8..dbd2b6ccb1b3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdents.go +++ b/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdents.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || dragonfly || freebsd || linux || netbsd || openbsd -// +build aix dragonfly freebsd linux netbsd openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go b/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go index 2a4ba47c45b4..130398b6b767 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go +++ b/test/tools/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin -// +build darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix.go b/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix.go index 3865943f6e27..c3a62dbb1b6c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos // Socket control messages diff --git a/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go b/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go index 0840fe4a5749..4a1eab37ec08 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go +++ b/test/tools/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin freebsd linux netbsd openbsd solaris zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall.go b/test/tools/vendor/golang.org/x/sys/unix/syscall.go index 63e8c838317f..5ea74da98204 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos // Package unix contains an interface to the low-level operating system // primitives. OS details vary depending on the underlying system, and diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix.go index e94e6cdac882..67ce6cef2d5c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix -// +build aix // Aix system calls. // This file is compiled as ordinary Go code, @@ -107,7 +106,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) { if n > 0 { sl += _Socklen(n) + 1 } - if sa.raw.Path[0] == '@' { + if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) { + // Check sl > 3 so we don't change unnamed socket behavior. sa.raw.Path[0] = 0 // Don't count trailing NUL for abstract address. sl-- diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go index f2871fa95351..1fdaa476005f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix && ppc -// +build aix,ppc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go index 75718ec0f19b..c87f9a9f4568 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix && ppc64 -// +build aix,ppc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_bsd.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_bsd.go index 4217de518bc8..6f328e3a5541 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin || dragonfly || freebsd || netbsd || openbsd -// +build darwin dragonfly freebsd netbsd openbsd // BSD system call wrappers shared by *BSD based systems // including OS X (Darwin) and FreeBSD. Like the other diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go index b37310ce9b40..0eaecf5fc32f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && darwin -// +build amd64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go index d51ec996304e..f36c6707cfb1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm64 && darwin -// +build arm64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go index 53c96641f813..16dc6993799f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin && go1.12 -// +build darwin,go1.12 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go index 4e2d32120a89..14bab6b2de50 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && dragonfly -// +build amd64,dragonfly package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go index b8da510043cb..3967bca772de 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build 386 && freebsd -// +build 386,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go index 47155c48390b..eff19ada2359 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && freebsd -// +build amd64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go index 08932093fa24..4f24b517a673 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm && freebsd -// +build arm,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go index d151a0d0e53a..ac30759ece1a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm64 && freebsd -// +build arm64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go index d5cd64b37874..aab725ca77fb 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build riscv64 && freebsd -// +build riscv64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd.go index 381fd4673bec..ba46651f8e38 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build hurd -// +build hurd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd_386.go index 7cf54a3e4f10..df89f9e6b476 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_hurd_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build 386 && hurd -// +build 386,hurd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_illumos.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_illumos.go index 87db5a6a8ccc..a863f7052c72 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_illumos.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_illumos.go @@ -5,7 +5,6 @@ // illumos system calls not present on Solaris. //go:build amd64 && illumos -// +build amd64,illumos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux.go index fb4e50224c9b..a5e1c10e341b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -417,7 +417,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) { if n > 0 { sl += _Socklen(n) + 1 } - if sa.raw.Path[0] == '@' { + if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) { + // Check sl > 3 so we don't change unnamed socket behavior. sa.raw.Path[0] = 0 // Don't count trailing NUL for abstract address. sl-- @@ -2482,3 +2483,5 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) { } return attr, nil } + +//sys Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error) diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_386.go index c7d9945ea19a..506dafa7b4c6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build 386 && linux -// +build 386,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go index 08086ac6a4c4..38d55641b52b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (386 || amd64 || mips || mipsle || mips64 || mipsle || ppc64 || ppc64le || ppc || s390x || sparc64) -// +build linux -// +build 386 amd64 mips mipsle mips64 mipsle ppc64 ppc64le ppc s390x sparc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go index 70601ce3692c..d557cf8de3f2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && linux -// +build amd64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go index 8b0f0f3aa568..facdb83b23b7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && linux && gc -// +build amd64,linux,gc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm.go index da2986415ae2..cd2dd797fd6c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm && linux -// +build arm,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go index f5266689af0e..cf2ee6c75ef3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm64 && linux -// +build arm64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc.go index 2b1168d7d19f..ffc4c2b635d0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && gc -// +build linux,gc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go index 9843fb489601..9ebfdcf4478f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && gc && 386 -// +build linux,gc,386 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go index a6008fccd59d..5f2b57c4c277 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm && gc && linux -// +build arm,gc,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go index 7740af2428be..d1a3ad826334 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && gccgo && 386 -// +build linux,gccgo,386 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go index e16a12299aea..f2f67423e981 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && gccgo && arm -// +build linux,gccgo,arm package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go index f6ab02ec1501..3d0e98451f8a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build loong64 && linux -// +build loong64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go index 93fe59d25d9f..70963a95abf3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (mips64 || mips64le) -// +build linux -// +build mips64 mips64le package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go index aae7f0ffd3fc..c218ebd28016 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (mips || mipsle) -// +build linux -// +build mips mipsle package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go index 66eff19a320b..e6c48500ca94 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && ppc -// +build linux,ppc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go index 806aa2574d8d..7286a9aa882b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (ppc64 || ppc64le) -// +build linux -// +build ppc64 ppc64le package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go index 5e6ceee129fb..6f5a288944df 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build riscv64 && linux -// +build riscv64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go index 2f89e8f5defe..66f31210d083 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build s390x && linux -// +build s390x,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go index 7ca064ae7649..11d1f1698665 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build sparc64 && linux -// +build sparc64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go index 5199d282fd0d..7a5eb57432fa 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build 386 && netbsd -// +build 386,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go index 70a9c52e9801..62d8957ae6e2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && netbsd -// +build amd64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go index 3eb5942f93ff..ce6a0688512f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm && netbsd -// +build arm,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go index fc6ccfd810d9..d46d689d1b64 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm64 && netbsd -// +build arm64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd.go index 6f34479b5973..d2882ee04f74 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -137,18 +137,13 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e } func Getfsstat(buf []Statfs_t, flags int) (n int, err error) { - var _p0 unsafe.Pointer + var bufptr *Statfs_t var bufsize uintptr if len(buf) > 0 { - _p0 = unsafe.Pointer(&buf[0]) + bufptr = &buf[0] bufsize = unsafe.Sizeof(Statfs_t{}) * uintptr(len(buf)) } - r0, _, e1 := Syscall(SYS_GETFSSTAT, uintptr(_p0), bufsize, uintptr(flags)) - n = int(r0) - if e1 != 0 { - err = e1 - } - return + return getfsstat(bufptr, bufsize, flags) } //sysnb getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) @@ -326,4 +321,7 @@ func Uname(uname *Utsname) error { //sys write(fd int, p []byte) (n int, err error) //sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) //sys munmap(addr uintptr, length uintptr) (err error) +//sys getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) //sys utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) +//sys pledge(promises *byte, execpromises *byte) (err error) +//sys unveil(path *byte, flags *byte) (err error) diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go index 6baabcdcb069..9ddc89f4fcd7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build 386 && openbsd -// +build 386,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go index bab25360eae3..70a3c96eea17 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && openbsd -// +build amd64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go index 8eed3c4d4e7c..265caa87f76e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm && openbsd -// +build arm,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go index 483dde99d4c6..ac4fda1715ae 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build arm64 && openbsd -// +build arm64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go index 04aa43f41b25..0a451e6dd40a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build openbsd -// +build openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go index c2796139c013..30a308cbb4b8 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build ppc64 && openbsd -// +build ppc64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go index 23199a7ff624..ea954330fac0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build riscv64 && openbsd -// +build riscv64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris.go index b99cfa1342f0..60c8142d49ef 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -128,7 +128,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) { if n > 0 { sl += _Socklen(n) + 1 } - if sa.raw.Path[0] == '@' { + if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) { + // Check sl > 3 so we don't change unnamed socket behavior. sa.raw.Path[0] = 0 // Don't count trailing NUL for abstract address. sl-- diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go index 0bd25ef81f20..e02d8ceae37e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build amd64 && solaris -// +build amd64,solaris package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix.go index f6eda27050da..77081de8c7de 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc.go index b6919ca580e7..05c95bccfab4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc.go @@ -3,8 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin || dragonfly || freebsd || (linux && !ppc64 && !ppc64le) || netbsd || openbsd || solaris) && gc -// +build darwin dragonfly freebsd linux,!ppc64,!ppc64le netbsd openbsd solaris -// +build gc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go index f6f707acf2c3..23f39b7af7e6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go @@ -3,9 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux && (ppc64le || ppc64) && gc -// +build linux -// +build ppc64le ppc64 -// +build gc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go index 4596d041ce37..d99d05f1bc14 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_linux.go b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_linux.go index 2c3a4437f0f0..4fcd38de2762 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_linux.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build linux -// +build linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix.go b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix.go index 5bb41d17bc47..79a84f18b46d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix.go +++ b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build (darwin && !ios) || linux -// +build darwin,!ios linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go index 71bddefdb87d..9eb0db664cbf 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go +++ b/test/tools/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build darwin && !ios -// +build darwin,!ios package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/timestruct.go b/test/tools/vendor/golang.org/x/sys/unix/timestruct.go index 616b1b284858..7997b1902269 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/timestruct.go +++ b/test/tools/vendor/golang.org/x/sys/unix/timestruct.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/unveil_openbsd.go b/test/tools/vendor/golang.org/x/sys/unix/unveil_openbsd.go index 168d5ae77914..cb7e598cef9d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/unveil_openbsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/unveil_openbsd.go @@ -4,39 +4,48 @@ package unix -import ( - "syscall" - "unsafe" -) +import "fmt" // Unveil implements the unveil syscall. // For more information see unveil(2). // Note that the special case of blocking further // unveil calls is handled by UnveilBlock. func Unveil(path string, flags string) error { - pathPtr, err := syscall.BytePtrFromString(path) - if err != nil { + if err := supportsUnveil(); err != nil { return err } - flagsPtr, err := syscall.BytePtrFromString(flags) + pathPtr, err := BytePtrFromString(path) if err != nil { return err } - _, _, e := syscall.Syscall(SYS_UNVEIL, uintptr(unsafe.Pointer(pathPtr)), uintptr(unsafe.Pointer(flagsPtr)), 0) - if e != 0 { - return e + flagsPtr, err := BytePtrFromString(flags) + if err != nil { + return err } - return nil + return unveil(pathPtr, flagsPtr) } // UnveilBlock blocks future unveil calls. // For more information see unveil(2). func UnveilBlock() error { - // Both pointers must be nil. - var pathUnsafe, flagsUnsafe unsafe.Pointer - _, _, e := syscall.Syscall(SYS_UNVEIL, uintptr(pathUnsafe), uintptr(flagsUnsafe), 0) - if e != 0 { - return e + if err := supportsUnveil(); err != nil { + return err } + return unveil(nil, nil) +} + +// supportsUnveil checks for availability of the unveil(2) system call based +// on the running OpenBSD version. +func supportsUnveil() error { + maj, min, err := majmin() + if err != nil { + return err + } + + // unveil is not available before 6.4 + if maj < 6 || (maj == 6 && min <= 3) { + return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min) + } + return nil } diff --git a/test/tools/vendor/golang.org/x/sys/unix/xattr_bsd.go b/test/tools/vendor/golang.org/x/sys/unix/xattr_bsd.go index f5f8e9f3665e..e1687939618c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/xattr_bsd.go +++ b/test/tools/vendor/golang.org/x/sys/unix/xattr_bsd.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build freebsd || netbsd -// +build freebsd netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go index ca9799b79ef9..2fb219d78763 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc && aix -// +build ppc,aix // Created by cgo -godefs - DO NOT EDIT // cgo -godefs -- -maix32 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go index 200c8c26fe65..b0e6f5c85c7d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && aix -// +build ppc64,aix // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -maix64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go index 143007627150..e40fa85245f4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && darwin -// +build amd64,darwin // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go index ab044a74274f..bb02aa6c0564 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && darwin -// +build arm64,darwin // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go index 17bba0e44f9e..c0e0f8694c1e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && dragonfly -// +build amd64,dragonfly // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go index f8c2c5138748..6c6923906f4e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && freebsd -// +build 386,freebsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m32 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go index 96310c3be1b0..dd9163f8e885 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && freebsd -// +build amd64,freebsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go index 777b69defa04..493a2a793c02 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && freebsd -// +build arm,freebsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go index c557ac2db317..8b437b307d56 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && freebsd -// +build arm64,freebsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go index 341b4d96265b..67c02dd57950 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && freebsd -// +build riscv64,freebsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux.go index f9c7f479b038..9c00cbf512c4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -1,7 +1,6 @@ // Code generated by mkmerge; DO NOT EDIT. //go:build linux -// +build linux package unix @@ -481,10 +480,14 @@ const ( BPF_FROM_BE = 0x8 BPF_FROM_LE = 0x0 BPF_FS_MAGIC = 0xcafe4a11 + BPF_F_AFTER = 0x10 BPF_F_ALLOW_MULTI = 0x2 BPF_F_ALLOW_OVERRIDE = 0x1 BPF_F_ANY_ALIGNMENT = 0x2 - BPF_F_KPROBE_MULTI_RETURN = 0x1 + BPF_F_BEFORE = 0x8 + BPF_F_ID = 0x20 + BPF_F_LINK = 0x2000 + BPF_F_NETFILTER_IP_DEFRAG = 0x1 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 BPF_F_SLEEPABLE = 0x10 @@ -521,6 +524,7 @@ const ( BPF_MAJOR_VERSION = 0x1 BPF_MAXINSNS = 0x1000 BPF_MEM = 0x60 + BPF_MEMSX = 0x80 BPF_MEMWORDS = 0x10 BPF_MINOR_VERSION = 0x1 BPF_MISC = 0x7 @@ -776,6 +780,8 @@ const ( DEVLINK_GENL_MCGRP_CONFIG_NAME = "config" DEVLINK_GENL_NAME = "devlink" DEVLINK_GENL_VERSION = 0x1 + DEVLINK_PORT_FN_CAP_IPSEC_CRYPTO = 0x4 + DEVLINK_PORT_FN_CAP_IPSEC_PACKET = 0x8 DEVLINK_PORT_FN_CAP_MIGRATABLE = 0x2 DEVLINK_PORT_FN_CAP_ROCE = 0x1 DEVLINK_SB_THRESHOLD_TO_ALPHA_MAX = 0x14 @@ -1698,6 +1704,7 @@ const ( KEXEC_ON_CRASH = 0x1 KEXEC_PRESERVE_CONTEXT = 0x2 KEXEC_SEGMENT_MAX = 0x10 + KEXEC_UPDATE_ELFCOREHDR = 0x4 KEYCTL_ASSUME_AUTHORITY = 0x10 KEYCTL_CAPABILITIES = 0x1f KEYCTL_CAPS0_BIG_KEY = 0x10 @@ -2275,6 +2282,7 @@ const ( PERF_MEM_LVLNUM_PMEM = 0xe PERF_MEM_LVLNUM_RAM = 0xd PERF_MEM_LVLNUM_SHIFT = 0x21 + PERF_MEM_LVLNUM_UNC = 0x8 PERF_MEM_LVL_HIT = 0x2 PERF_MEM_LVL_IO = 0x1000 PERF_MEM_LVL_L1 = 0x8 @@ -3461,6 +3469,7 @@ const ( XDP_PACKET_HEADROOM = 0x100 XDP_PGOFF_RX_RING = 0x0 XDP_PGOFF_TX_RING = 0x80000000 + XDP_PKT_CONTD = 0x1 XDP_RING_NEED_WAKEUP = 0x1 XDP_RX_RING = 0x2 XDP_SHARED_UMEM = 0x1 @@ -3473,6 +3482,7 @@ const ( XDP_UMEM_REG = 0x4 XDP_UMEM_UNALIGNED_CHUNK_FLAG = 0x1 XDP_USE_NEED_WAKEUP = 0x8 + XDP_USE_SG = 0x10 XDP_ZEROCOPY = 0x4 XENFS_SUPER_MAGIC = 0xabba1974 XFS_SUPER_MAGIC = 0x58465342 diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_386.go index 30aee00a5373..4920821cf3b2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && linux -// +build 386,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/386/include -m32 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go index 8ebfa5127857..a0c1e411275c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && linux -// +build amd64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/amd64/include -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go index 271a21cdc7ec..c63985560f61 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && linux -// +build arm,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/arm/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go index 910c330a39c5..47cc62e25c14 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && linux -// +build arm64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/arm64/include -fsigned-char _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go index a640798c9331..27ac4a09e22a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build loong64 && linux -// +build loong64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/loong64/include _const.go @@ -119,6 +118,7 @@ const ( IXOFF = 0x1000 IXON = 0x400 LASX_CTX_MAGIC = 0x41535801 + LBT_CTX_MAGIC = 0x42540001 LSX_CTX_MAGIC = 0x53580001 MAP_ANON = 0x20 MAP_ANONYMOUS = 0x20 diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go index 0d5925d34074..54694642a5de 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips && linux -// +build mips,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/mips/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go index d72a00e0b638..3adb81d75822 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && linux -// +build mips64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/mips64/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go index 02ba129f857e..2dfe98f0d1b1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64le && linux -// +build mips64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/mips64le/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go index 8daa6dd96888..f5398f84f041 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mipsle && linux -// +build mipsle,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/mipsle/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go index 63c8fa2f7f0b..c54f152d68fd 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc && linux -// +build ppc,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go index 930799ec1b3b..76057dc72fb5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && linux -// +build ppc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc64/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go index 8605a7dd7efc..e0c3725e2b89 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64le && linux -// +build ppc64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc64le/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go index 95a016f1c01f..18f2813ed54b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && linux -// +build riscv64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/riscv64/include _const.go @@ -228,6 +227,9 @@ const ( PPPIOCUNBRIDGECHAN = 0x7434 PPPIOCXFERUNIT = 0x744e PR_SET_PTRACER_ANY = 0xffffffffffffffff + PTRACE_GETFDPIC = 0x21 + PTRACE_GETFDPIC_EXEC = 0x0 + PTRACE_GETFDPIC_INTERP = 0x1 RLIMIT_AS = 0x9 RLIMIT_MEMLOCK = 0x8 RLIMIT_NOFILE = 0x7 diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go index 1ae0108f5767..11619d4ec88f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build s390x && linux -// +build s390x,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/s390x/include -fsigned-char _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go index 1bb7c6333b42..396d994da79c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build sparc64 && linux -// +build sparc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -Wall -Werror -static -I/tmp/sparc64/include _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go index 72f7420d20a1..130085df407c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && netbsd -// +build 386,netbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m32 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go index 8d4eb0c0804e..84769a1a386e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && netbsd -// +build amd64,netbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go index 9eef9749f6aa..602ded003332 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && netbsd -// +build arm,netbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -marm _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go index 3b62ba192c35..efc0406ee1d8 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && netbsd -// +build arm64,netbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go index af20e474b388..5a6500f83775 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && openbsd -// +build 386,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m32 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go index 6015fcb2bf69..a5aeeb979de0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && openbsd -// +build amd64,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go index 8d44955e44d8..0e9748a72295 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && openbsd -// +build arm,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go index ae16fe7542ae..4f4449abc17d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && openbsd -// +build arm64,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go index 03d90fe35501..76a363f0fe03 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && openbsd -// +build mips64,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go index 8e2c51b1eec0..43ca0cdfdcf4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && openbsd -// +build ppc64,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go index 13d403031ed6..b1b8bb2005c9 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && openbsd -// +build riscv64,openbsd // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go index 1afee6a08905..d2ddd3176e39 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && solaris -// +build amd64,solaris // Code generated by cmd/cgo -godefs; DO NOT EDIT. // cgo -godefs -- -m64 _const.go diff --git a/test/tools/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go index fc7d0506f6c0..4dfd2e051d35 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x // Hand edited based on zerrors_linux_s390x.go // TODO: auto-generate. diff --git a/test/tools/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go index 97f20ca282f5..586317c78e71 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go @@ -1,8 +1,6 @@ // Code generated by linux/mkall.go generatePtracePair("arm", "arm64"). DO NOT EDIT. //go:build linux && (arm || arm64) -// +build linux -// +build arm arm64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go index 0b5f7943054b..d7c881be77d8 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go @@ -1,8 +1,6 @@ // Code generated by linux/mkall.go generatePtracePair("mips", "mips64"). DO NOT EDIT. //go:build linux && (mips || mips64) -// +build linux -// +build mips mips64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go index 2807f7e64602..2d2de5d29226 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go @@ -1,8 +1,6 @@ // Code generated by linux/mkall.go generatePtracePair("mipsle", "mips64le"). DO NOT EDIT. //go:build linux && (mipsle || mips64le) -// +build linux -// +build mipsle mips64le package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go index 281ea64e34ac..5adc79fb5eab 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go @@ -1,8 +1,6 @@ // Code generated by linux/mkall.go generatePtracePair("386", "amd64"). DO NOT EDIT. //go:build linux && (386 || amd64) -// +build linux -// +build 386 amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go index d1d1d23311dc..6ea64a3c0c35 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build aix && ppc -// +build aix,ppc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go index f99a18adc330..99ee4399a3a3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build aix && ppc64 -// +build aix,ppc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go index c4d50ae5005c..b68a78362b2c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build aix && ppc64 && gc -// +build aix,ppc64,gc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go index 6903d3b09e3d..0a87450bf8ee 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build aix && ppc64 && gccgo -// +build aix,ppc64,gccgo package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go index 1cad561e9839..ccb02f240a4f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build darwin && amd64 -// +build darwin,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go index b18edbd0e31f..1b40b997b526 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build darwin && arm64 -// +build darwin,arm64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go index 0c67df64a503..aad65fc7932f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build dragonfly && amd64 -// +build dragonfly,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go index e6e05d145bf7..c0096391af99 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build freebsd && 386 -// +build freebsd,386 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go index 7508accac92f..7664df749600 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build freebsd && amd64 -// +build freebsd,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go index 7b56aead469d..ae099182c9f5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build freebsd && arm -// +build freebsd,arm package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go index cc623dcaae5d..11fd5d45bbb8 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build freebsd && arm64 -// +build freebsd,arm64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go index 581849197404..c3d2d6530728 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build freebsd && riscv64 -// +build freebsd,riscv64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go index 6be25cd19014..c698cbc01a53 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build illumos && amd64 -// +build illumos,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux.go index 1ff3aec74c5e..faca7a557b10 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -1,7 +1,6 @@ // Code generated by mkmerge; DO NOT EDIT. //go:build linux -// +build linux package unix @@ -2195,3 +2194,13 @@ func schedGetattr(pid int, attr *SchedAttr, size uint, flags uint) (err error) { } return } + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error) { + _, _, e1 := Syscall6(SYS_CACHESTAT, uintptr(fd), uintptr(unsafe.Pointer(crange)), uintptr(unsafe.Pointer(cstat)), uintptr(flags), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go index 07b549cc25e8..4def3e9fcb0d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && 386 -// +build linux,386 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go index 5f481bf83f46..fef2bc8ba9c9 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && amd64 -// +build linux,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go index 824cd52c7fae..a9fd76a88411 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && arm -// +build linux,arm package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go index e77aecfe9853..4600650280aa 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && arm64 -// +build linux,arm64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go index 806ffd1e125e..c8987d264650 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && loong64 -// +build linux,loong64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go index 961a3afb7b71..921f43061106 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && mips -// +build linux,mips package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go index ed05005e91b6..44f067829c4d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && mips64 -// +build linux,mips64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go index d365b718f301..e7fa0abf0d19 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && mips64le -// +build linux,mips64le package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go index c3f1b8bbde01..8c5125675e83 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && mipsle -// +build linux,mipsle package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go index a6574cf98b16..7392fd45e433 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && ppc -// +build linux,ppc package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go index f40990264f49..41180434e609 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && ppc64 -// +build linux,ppc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go index 9dfcc29974f4..40c6ce7ae543 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && ppc64le -// +build linux,ppc64le package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go index 0ab4f2ed7206..2cfe34adb123 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && riscv64 -// +build linux,riscv64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go index 6cde32237dc8..61e6f070971b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && s390x -// +build linux,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go index 5253d65bf1b9..834b84204283 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build linux && sparc64 -// +build linux,sparc64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go index 2df3c5bac6d1..e91ebc14a199 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build netbsd && 386 -// +build netbsd,386 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go index a60556babbff..be28babbcd68 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build netbsd && amd64 -// +build netbsd,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go index 9f788917a44b..fb587e8261f7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build netbsd && arm -// +build netbsd,arm package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go index 82a4cb2dc43d..d576438bb088 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build netbsd && arm64 -// +build netbsd,arm64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index 66b3b6456339..88bfc2885782 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && 386 -// +build openbsd,386 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s index 3dcacd30d7e4..4cbeff171b2b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $4 DATA ·libc_munmap_trampoline_addr(SB)/4, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $4 +DATA ·libc_getfsstat_trampoline_addr(SB)/4, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $4 DATA ·libc_utimensat_trampoline_addr(SB)/4, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $4 +DATA ·libc_pledge_trampoline_addr(SB)/4, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $4 +DATA ·libc_unveil_trampoline_addr(SB)/4, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index c5c4cc112ede..b8a67b99af8d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && amd64 -// +build openbsd,amd64 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s index 2763620b01ad..1123f27571e5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8 DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8 +DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $8 DATA ·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $8 +DATA ·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $8 +DATA ·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index 93bfbb328748..af50a65c0cd0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && arm -// +build openbsd,arm package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s index c922314048f6..82badae39fe6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $4 DATA ·libc_munmap_trampoline_addr(SB)/4, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $4 +DATA ·libc_getfsstat_trampoline_addr(SB)/4, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $4 DATA ·libc_utimensat_trampoline_addr(SB)/4, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $4 +DATA ·libc_pledge_trampoline_addr(SB)/4, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $4 +DATA ·libc_unveil_trampoline_addr(SB)/4, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index a107b8fda5ff..8fb4ff36a7dd 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && arm64 -// +build openbsd,arm64 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s index a6bc32c92204..24d7eecb93ba 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8 DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8 +DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $8 DATA ·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $8 +DATA ·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $8 +DATA ·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index c427de509e32..f469a83ee6ed 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && mips64 -// +build openbsd,mips64 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s index b4e7bceabf35..9a498a067733 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8 DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8 +DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $8 DATA ·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $8 +DATA ·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $8 +DATA ·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index 60c1a99ae490..c26ca2e1aa22 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && ppc64 -// +build openbsd,ppc64 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s index ca3f766009c3..1f224aa4162f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s @@ -801,8 +801,26 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8 DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_getfsstat(SB) + RET +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8 +DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 CALL libc_utimensat(SB) RET GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $8 DATA ·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_pledge(SB) + RET +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $8 +DATA ·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_unveil(SB) + RET +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $8 +DATA ·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index 52eba360f81d..bcc920dd2599 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build openbsd && riscv64 -// +build openbsd,riscv64 package unix @@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_getfsstat_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) @@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error var libc_utimensat_trampoline_addr uintptr //go:cgo_import_dynamic libc_utimensat utimensat "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pledge(promises *byte, execpromises *byte) (err error) { + _, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_pledge_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_pledge pledge "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func unveil(path *byte, flags *byte) (err error) { + _, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_unveil_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_unveil unveil "libc.so" + + diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s index 477a7d5b21e9..87a79c7095a6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s @@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8 DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB) +TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_getfsstat(SB) +GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8 +DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB) + TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_utimensat(SB) GLOBL ·libc_utimensat_trampoline_addr(SB), RODATA, $8 DATA ·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB) + +TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_pledge(SB) +GLOBL ·libc_pledge_trampoline_addr(SB), RODATA, $8 +DATA ·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB) + +TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_unveil(SB) +GLOBL ·libc_unveil_trampoline_addr(SB), RODATA, $8 +DATA ·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index b401894644ff..829b87feb8da 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build solaris && amd64 -// +build solaris,amd64 package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go index 1d8fe1d4b218..94f011238319 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go index 55e0484719c4..3a58ae819ad9 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build 386 && openbsd -// +build 386,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go index d2243cf83f5b..dcb7a0eb729a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build amd64 && openbsd -// +build amd64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go index 82dc51bd8b57..db5a7bf13c6f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build arm && openbsd -// +build arm,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go index cbdda1a4ae24..7be575a77703 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build arm64 && openbsd -// +build arm64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go index f55eae1a8211..d6e3174c6962 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build mips64 && openbsd -// +build mips64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go index e44054470b7e..ee97157d013c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build ppc64 && openbsd -// +build ppc64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go index a0db82fce206..35c3b91d0f4b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build riscv64 && openbsd -// +build riscv64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go index f8298ff9b58a..5edda76870be 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && darwin -// +build amd64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go index 5eb433bbf010..0dc9e8b4d950 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && darwin -// +build arm64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go index 703675c0c4a5..308ddf3a1f41 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && dragonfly -// +build amd64,dragonfly package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go index 4e0d96107b9e..418664e3dc2c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && freebsd -// +build 386,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go index 01636b838d30..34d0b86d7ccd 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && freebsd -// +build amd64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go index ad99bc106a86..b71cf45e2ea3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && freebsd -// +build arm,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go index 89dcc4274765..e32df1c1ee37 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && freebsd -// +build arm64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go index ee37aaa0c906..15ad6111f359 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && freebsd -// +build riscv64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go index 9862853d3411..fcf3ecbddee1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && linux -// +build 386,linux package unix @@ -448,4 +447,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go index 8901f0f4e51d..f56dc2504ae1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && linux -// +build amd64,linux package unix @@ -370,4 +369,6 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 + SYS_MAP_SHADOW_STACK = 453 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go index 6902c37eed7f..974bf246767e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && linux -// +build arm,linux package unix @@ -412,4 +411,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go index a6d3dff811f9..39a2739e2310 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && linux -// +build arm64,linux package unix @@ -315,4 +314,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go index b18f3f71079a..cf9c9d77e10f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build loong64 && linux -// +build loong64,linux package unix @@ -309,4 +308,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go index 0302e5e3de12..10b7362ef442 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips && linux -// +build mips,linux package unix @@ -432,4 +431,5 @@ const ( SYS_FUTEX_WAITV = 4449 SYS_SET_MEMPOLICY_HOME_NODE = 4450 SYS_CACHESTAT = 4451 + SYS_FCHMODAT2 = 4452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go index 6693ba4a0f8b..cd4d8b4fd35e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && linux -// +build mips64,linux package unix @@ -362,4 +361,5 @@ const ( SYS_FUTEX_WAITV = 5449 SYS_SET_MEMPOLICY_HOME_NODE = 5450 SYS_CACHESTAT = 5451 + SYS_FCHMODAT2 = 5452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go index fd93f4987c9e..2c0efca818b3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64le && linux -// +build mips64le,linux package unix @@ -362,4 +361,5 @@ const ( SYS_FUTEX_WAITV = 5449 SYS_SET_MEMPOLICY_HOME_NODE = 5450 SYS_CACHESTAT = 5451 + SYS_FCHMODAT2 = 5452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go index 760ddcadc2ac..a72e31d391d5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mipsle && linux -// +build mipsle,linux package unix @@ -432,4 +431,5 @@ const ( SYS_FUTEX_WAITV = 4449 SYS_SET_MEMPOLICY_HOME_NODE = 4450 SYS_CACHESTAT = 4451 + SYS_FCHMODAT2 = 4452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go index cff2b2555b73..c7d1e374713c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc && linux -// +build ppc,linux package unix @@ -439,4 +438,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go index a4b2405d09d8..f4d4838c870d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && linux -// +build ppc64,linux package unix @@ -411,4 +410,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go index aca54b4e3a1a..b64f0e59114d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64le && linux -// +build ppc64le,linux package unix @@ -411,4 +410,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go index 9d1738d641f7..95711195a064 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && linux -// +build riscv64,linux package unix @@ -316,4 +315,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go index 022878dc8df4..f94e943bc4f5 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build s390x && linux -// +build s390x,linux package unix @@ -377,4 +376,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go index 4100a761c20f..ba0c2bc5154a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build sparc64 && linux -// +build sparc64,linux package unix @@ -390,4 +389,5 @@ const ( SYS_FUTEX_WAITV = 449 SYS_SET_MEMPOLICY_HOME_NODE = 450 SYS_CACHESTAT = 451 + SYS_FCHMODAT2 = 452 ) diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go index 3a6699eba982..b2aa8cd495e1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && netbsd -// +build 386,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go index 5677cd4f1584..524a1b1c9a7b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && netbsd -// +build amd64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go index e784cb6db1c2..d59b943ac22a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && netbsd -// +build arm,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go index bd4952efa5bd..31e771d53e69 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; DO NOT EDIT. //go:build arm64 && netbsd -// +build arm64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go index 597733813e37..9fd77c6cb464 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && openbsd -// +build 386,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go index 16af29189940..af10af28cbe1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && openbsd -// +build amd64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go index f59b18a97795..cc2028af4bae 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && openbsd -// +build arm,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go index 721ef5910321..c06dd4415a39 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && openbsd -// +build arm64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go index 01c43a01fda7..9ddbf3e08fd4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && openbsd -// +build mips64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go index f258cfa24ed4..19a6ee41340a 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && openbsd -// +build ppc64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go index 07919e0eccd9..05192a782d8d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && openbsd -// +build riscv64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go index 073daad43b7a..b2e308581990 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go index 7a8161c1d1ca..3e6d57cae7f1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc && aix -// +build ppc,aix package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go index 07ed733c51b5..3a219bdce7ee 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && aix -// +build ppc64,aix package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go index 690cefc3d06f..091d107f3a5c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && darwin -// +build amd64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go index 5bffc10eac09..28ff4ef74d0d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && darwin -// +build arm64,darwin package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go index d0ba8e9b86a3..30e405bb4cd2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && dragonfly -// +build amd64,dragonfly package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go index 29dc483378ae..6cbd094a3aa1 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && freebsd -// +build 386,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go index 0a89b28906a6..7c03b6ee77fa 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && freebsd -// +build amd64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go index c8666bb15288..422107ee8b13 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && freebsd -// +build arm,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go index 88fb48a887b1..505a12acfd9d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && freebsd -// +build arm64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go index 698dc975e92b..cc986c790066 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && freebsd -// +build riscv64,freebsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux.go index 18aa70b42623..997bcd55ae9f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -1,7 +1,6 @@ // Code generated by mkmerge; DO NOT EDIT. //go:build linux -// +build linux package unix @@ -5883,3 +5882,15 @@ type SchedAttr struct { } const SizeofSchedAttr = 0x38 + +type Cachestat_t struct { + Cache uint64 + Dirty uint64 + Writeback uint64 + Evicted uint64 + Recently_evicted uint64 +} +type CachestatRange struct { + Off uint64 + Len uint64 +} diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_386.go index 6d8acbcc5708..438a30affadc 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && linux -// +build 386,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go index 59293c688412..adceca3553b6 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && linux -// +build amd64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go index 40cfa38c29f6..eeaa00a37d69 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && linux -// +build arm,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go index 055bc4216d4b..6739aa91d4e2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && linux -// +build arm64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go index f28affbc6078..9920ef6317d0 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build loong64 && linux -// +build loong64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go index 9d71e7ccd8b0..2923b799a48c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips && linux -// +build mips,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go index fd5ccd332a16..ce2750ee415d 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && linux -// +build mips64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go index 7704de77a2f6..3038811d70bb 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64le && linux -// +build mips64le,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go index df00b87571ae..efc6fed18c1f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mipsle && linux -// +build mipsle,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go index 0942840db6ed..9a654b75a90f 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc && linux -// +build ppc,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go index 034874395081..40d358e33e31 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && linux -// +build ppc64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go index bad06704757b..148c6ceb869c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64le && linux -// +build ppc64le,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go index 1b4c97c32a62..72ba81543ef7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && linux -// +build riscv64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go index aa268d025cf9..71e765508e26 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build s390x && linux -// +build s390x,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go index 444045b6c585..4abbdb9de932 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build sparc64 && linux -// +build sparc64,linux package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go index 9bc4c8f9d889..f22e7947d94c 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && netbsd -// +build 386,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go index bb05f655d225..066a7d83d29e 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && netbsd -// +build amd64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go index db40e3a19c66..439548ec9ad4 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && netbsd -// +build arm,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go index 11121151ccf0..16085d3bbcc7 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && netbsd -// +build arm64,netbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go index 26eba23b729f..afd13a3af7b2 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build 386 && openbsd -// +build 386,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go index 5a5479886989..5d97f1f9b652 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && openbsd -// +build amd64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go index be58c4e1ff8b..34871cdc1590 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm && openbsd -// +build arm,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go index 52338266cb3e..5911bceb3193 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build arm64 && openbsd -// +build arm64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go index 605cfdb12b1d..e4f24f3bc9a3 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build mips64 && openbsd -// +build mips64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go index d6724c0102c8..ca50a793035b 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build ppc64 && openbsd -// +build ppc64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go index ddfd27a434a1..d7d7f79023f9 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build riscv64 && openbsd -// +build riscv64,openbsd package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go index 0400747c67d4..14160576d285 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go @@ -2,7 +2,6 @@ // Code generated by the command above; see README.md. DO NOT EDIT. //go:build amd64 && solaris -// +build amd64,solaris package unix diff --git a/test/tools/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/test/tools/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go index aec1efcb306a..54f31be63737 100644 --- a/test/tools/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go +++ b/test/tools/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build zos && s390x -// +build zos,s390x // Hand edited based on ztypes_linux_s390x.go // TODO: auto-generate. diff --git a/test/tools/vendor/golang.org/x/sys/windows/aliases.go b/test/tools/vendor/golang.org/x/sys/windows/aliases.go index a20ebea63312..ce2d713d62e4 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/aliases.go +++ b/test/tools/vendor/golang.org/x/sys/windows/aliases.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows && go1.9 -// +build windows,go1.9 package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/empty.s b/test/tools/vendor/golang.org/x/sys/windows/empty.s index fdbbbcd31717..ba64caca5d35 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/empty.s +++ b/test/tools/vendor/golang.org/x/sys/windows/empty.s @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build !go1.12 -// +build !go1.12 // This file is here to allow bodyless functions with go:linkname for Go 1.11 // and earlier (see https://golang.org/issue/23311). diff --git a/test/tools/vendor/golang.org/x/sys/windows/eventlog.go b/test/tools/vendor/golang.org/x/sys/windows/eventlog.go index 2cd60645ee7d..6c366955d979 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/eventlog.go +++ b/test/tools/vendor/golang.org/x/sys/windows/eventlog.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows -// +build windows package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/mksyscall.go b/test/tools/vendor/golang.org/x/sys/windows/mksyscall.go index 8563f79c57f8..dbcdb090c0cf 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/mksyscall.go +++ b/test/tools/vendor/golang.org/x/sys/windows/mksyscall.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build generate -// +build generate package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/race.go b/test/tools/vendor/golang.org/x/sys/windows/race.go index 9196b089ca14..0f1bdc3860fb 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/race.go +++ b/test/tools/vendor/golang.org/x/sys/windows/race.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows && race -// +build windows,race package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/race0.go b/test/tools/vendor/golang.org/x/sys/windows/race0.go index 7bae4817a06c..0c78da78b13f 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/race0.go +++ b/test/tools/vendor/golang.org/x/sys/windows/race0.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows && !race -// +build windows,!race package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/service.go b/test/tools/vendor/golang.org/x/sys/windows/service.go index c44a1b963601..a9dc6308d68c 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/service.go +++ b/test/tools/vendor/golang.org/x/sys/windows/service.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows -// +build windows package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/str.go b/test/tools/vendor/golang.org/x/sys/windows/str.go index 4fc01434e4a2..6a4f9ce6aa0f 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/str.go +++ b/test/tools/vendor/golang.org/x/sys/windows/str.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows -// +build windows package windows diff --git a/test/tools/vendor/golang.org/x/sys/windows/syscall.go b/test/tools/vendor/golang.org/x/sys/windows/syscall.go index 8732cdb957f3..e85ed6b9c84b 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/syscall.go +++ b/test/tools/vendor/golang.org/x/sys/windows/syscall.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build windows -// +build windows // Package windows contains an interface to the low-level operating system // primitives. OS details vary depending on the underlying system, and diff --git a/test/tools/vendor/golang.org/x/sys/windows/syscall_windows.go b/test/tools/vendor/golang.org/x/sys/windows/syscall_windows.go index 35cfc57ca89b..fb6cfd0462b4 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/test/tools/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -233,6 +233,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) = userenv.CreateEnvironmentBlock //sys DestroyEnvironmentBlock(block *uint16) (err error) = userenv.DestroyEnvironmentBlock //sys getTickCount64() (ms uint64) = kernel32.GetTickCount64 +//sys GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) //sys SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) //sys GetFileAttributes(name *uint16) (attrs uint32, err error) [failretval==INVALID_FILE_ATTRIBUTES] = kernel32.GetFileAttributesW //sys SetFileAttributes(name *uint16, attrs uint32) (err error) = kernel32.SetFileAttributesW @@ -969,7 +970,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, int32, error) { if n > 0 { sl += int32(n) + 1 } - if sa.raw.Path[0] == '@' { + if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) { + // Check sl > 3 so we don't change unnamed socket behavior. sa.raw.Path[0] = 0 // Don't count trailing NUL for abstract address. sl-- diff --git a/test/tools/vendor/golang.org/x/sys/windows/types_windows.go b/test/tools/vendor/golang.org/x/sys/windows/types_windows.go index b88dc7c85e4e..359780f6ace5 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/types_windows.go +++ b/test/tools/vendor/golang.org/x/sys/windows/types_windows.go @@ -1094,7 +1094,33 @@ const ( SOMAXCONN = 0x7fffffff - TCP_NODELAY = 1 + TCP_NODELAY = 1 + TCP_EXPEDITED_1122 = 2 + TCP_KEEPALIVE = 3 + TCP_MAXSEG = 4 + TCP_MAXRT = 5 + TCP_STDURG = 6 + TCP_NOURG = 7 + TCP_ATMARK = 8 + TCP_NOSYNRETRIES = 9 + TCP_TIMESTAMPS = 10 + TCP_OFFLOAD_PREFERENCE = 11 + TCP_CONGESTION_ALGORITHM = 12 + TCP_DELAY_FIN_ACK = 13 + TCP_MAXRTMS = 14 + TCP_FASTOPEN = 15 + TCP_KEEPCNT = 16 + TCP_KEEPIDLE = TCP_KEEPALIVE + TCP_KEEPINTVL = 17 + TCP_FAIL_CONNECT_ON_ICMP_ERROR = 18 + TCP_ICMP_ERROR_INFO = 19 + + UDP_NOCHECKSUM = 1 + UDP_SEND_MSG_SIZE = 2 + UDP_RECV_MAX_COALESCED_SIZE = 3 + UDP_CHECKSUM_COVERAGE = 20 + + UDP_COALESCED_INFO = 3 SHUT_RD = 0 SHUT_WR = 1 diff --git a/test/tools/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/test/tools/vendor/golang.org/x/sys/windows/zsyscall_windows.go index 8b1688de4cd1..db6282e00a58 100644 --- a/test/tools/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/test/tools/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -253,6 +253,7 @@ var ( procGetFileAttributesW = modkernel32.NewProc("GetFileAttributesW") procGetFileInformationByHandle = modkernel32.NewProc("GetFileInformationByHandle") procGetFileInformationByHandleEx = modkernel32.NewProc("GetFileInformationByHandleEx") + procGetFileTime = modkernel32.NewProc("GetFileTime") procGetFileType = modkernel32.NewProc("GetFileType") procGetFinalPathNameByHandleW = modkernel32.NewProc("GetFinalPathNameByHandleW") procGetFullPathNameW = modkernel32.NewProc("GetFullPathNameW") @@ -2185,6 +2186,14 @@ func GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte, return } +func GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) { + r1, _, e1 := syscall.Syscall6(procGetFileTime.Addr(), 4, uintptr(handle), uintptr(unsafe.Pointer(ctime)), uintptr(unsafe.Pointer(atime)), uintptr(unsafe.Pointer(wtime)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func GetFileType(filehandle Handle) (n uint32, err error) { r0, _, e1 := syscall.Syscall(procGetFileType.Addr(), 1, uintptr(filehandle), 0, 0) n = uint32(r0) diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk.go deleted file mode 100644 index c40c7e931066..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk.go +++ /dev/null @@ -1,196 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package fastwalk provides a faster version of [filepath.Walk] for file system -// scanning tools. -package fastwalk - -import ( - "errors" - "os" - "path/filepath" - "runtime" - "sync" -) - -// ErrTraverseLink is used as a return value from WalkFuncs to indicate that the -// symlink named in the call may be traversed. -var ErrTraverseLink = errors.New("fastwalk: traverse symlink, assuming target is a directory") - -// ErrSkipFiles is a used as a return value from WalkFuncs to indicate that the -// callback should not be called for any other files in the current directory. -// Child directories will still be traversed. -var ErrSkipFiles = errors.New("fastwalk: skip remaining files in directory") - -// Walk is a faster implementation of [filepath.Walk]. -// -// [filepath.Walk]'s design necessarily calls [os.Lstat] on each file, -// even if the caller needs less info. -// Many tools need only the type of each file. -// On some platforms, this information is provided directly by the readdir -// system call, avoiding the need to stat each file individually. -// fastwalk_unix.go contains a fork of the syscall routines. -// -// See golang.org/issue/16399. -// -// Walk walks the file tree rooted at root, calling walkFn for -// each file or directory in the tree, including root. -// -// If Walk returns [filepath.SkipDir], the directory is skipped. -// -// Unlike [filepath.Walk]: -// - file stat calls must be done by the user. -// The only provided metadata is the file type, which does not include -// any permission bits. -// - multiple goroutines stat the filesystem concurrently. The provided -// walkFn must be safe for concurrent use. -// - Walk can follow symlinks if walkFn returns the TraverseLink -// sentinel error. It is the walkFn's responsibility to prevent -// Walk from going into symlink cycles. -func Walk(root string, walkFn func(path string, typ os.FileMode) error) error { - // TODO(bradfitz): make numWorkers configurable? We used a - // minimum of 4 to give the kernel more info about multiple - // things we want, in hopes its I/O scheduling can take - // advantage of that. Hopefully most are in cache. Maybe 4 is - // even too low of a minimum. Profile more. - numWorkers := 4 - if n := runtime.NumCPU(); n > numWorkers { - numWorkers = n - } - - // Make sure to wait for all workers to finish, otherwise - // walkFn could still be called after returning. This Wait call - // runs after close(e.donec) below. - var wg sync.WaitGroup - defer wg.Wait() - - w := &walker{ - fn: walkFn, - enqueuec: make(chan walkItem, numWorkers), // buffered for performance - workc: make(chan walkItem, numWorkers), // buffered for performance - donec: make(chan struct{}), - - // buffered for correctness & not leaking goroutines: - resc: make(chan error, numWorkers), - } - defer close(w.donec) - - for i := 0; i < numWorkers; i++ { - wg.Add(1) - go w.doWork(&wg) - } - todo := []walkItem{{dir: root}} - out := 0 - for { - workc := w.workc - var workItem walkItem - if len(todo) == 0 { - workc = nil - } else { - workItem = todo[len(todo)-1] - } - select { - case workc <- workItem: - todo = todo[:len(todo)-1] - out++ - case it := <-w.enqueuec: - todo = append(todo, it) - case err := <-w.resc: - out-- - if err != nil { - return err - } - if out == 0 && len(todo) == 0 { - // It's safe to quit here, as long as the buffered - // enqueue channel isn't also readable, which might - // happen if the worker sends both another unit of - // work and its result before the other select was - // scheduled and both w.resc and w.enqueuec were - // readable. - select { - case it := <-w.enqueuec: - todo = append(todo, it) - default: - return nil - } - } - } - } -} - -// doWork reads directories as instructed (via workc) and runs the -// user's callback function. -func (w *walker) doWork(wg *sync.WaitGroup) { - defer wg.Done() - for { - select { - case <-w.donec: - return - case it := <-w.workc: - select { - case <-w.donec: - return - case w.resc <- w.walk(it.dir, !it.callbackDone): - } - } - } -} - -type walker struct { - fn func(path string, typ os.FileMode) error - - donec chan struct{} // closed on fastWalk's return - workc chan walkItem // to workers - enqueuec chan walkItem // from workers - resc chan error // from workers -} - -type walkItem struct { - dir string - callbackDone bool // callback already called; don't do it again -} - -func (w *walker) enqueue(it walkItem) { - select { - case w.enqueuec <- it: - case <-w.donec: - } -} - -func (w *walker) onDirEnt(dirName, baseName string, typ os.FileMode) error { - joined := dirName + string(os.PathSeparator) + baseName - if typ == os.ModeDir { - w.enqueue(walkItem{dir: joined}) - return nil - } - - err := w.fn(joined, typ) - if typ == os.ModeSymlink { - if err == ErrTraverseLink { - // Set callbackDone so we don't call it twice for both the - // symlink-as-symlink and the symlink-as-directory later: - w.enqueue(walkItem{dir: joined, callbackDone: true}) - return nil - } - if err == filepath.SkipDir { - // Permit SkipDir on symlinks too. - return nil - } - } - return err -} - -func (w *walker) walk(root string, runUserCallback bool) error { - if runUserCallback { - err := w.fn(root, os.ModeDir) - if err == filepath.SkipDir { - return nil - } - if err != nil { - return err - } - } - - return readDir(root, w.onDirEnt) -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_darwin.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_darwin.go deleted file mode 100644 index 0ca55e0d56f2..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_darwin.go +++ /dev/null @@ -1,119 +0,0 @@ -// Copyright 2022 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build darwin && cgo -// +build darwin,cgo - -package fastwalk - -/* -#include - -// fastwalk_readdir_r wraps readdir_r so that we don't have to pass a dirent** -// result pointer which triggers CGO's "Go pointer to Go pointer" check unless -// we allocat the result dirent* with malloc. -// -// fastwalk_readdir_r returns 0 on success, -1 upon reaching the end of the -// directory, or a positive error number to indicate failure. -static int fastwalk_readdir_r(DIR *fd, struct dirent *entry) { - struct dirent *result; - int ret = readdir_r(fd, entry, &result); - if (ret == 0 && result == NULL) { - ret = -1; // EOF - } - return ret; -} -*/ -import "C" - -import ( - "os" - "syscall" - "unsafe" -) - -func readDir(dirName string, fn func(dirName, entName string, typ os.FileMode) error) error { - fd, err := openDir(dirName) - if err != nil { - return &os.PathError{Op: "opendir", Path: dirName, Err: err} - } - defer C.closedir(fd) - - skipFiles := false - var dirent syscall.Dirent - for { - ret := int(C.fastwalk_readdir_r(fd, (*C.struct_dirent)(unsafe.Pointer(&dirent)))) - if ret != 0 { - if ret == -1 { - break // EOF - } - if ret == int(syscall.EINTR) { - continue - } - return &os.PathError{Op: "readdir", Path: dirName, Err: syscall.Errno(ret)} - } - if dirent.Ino == 0 { - continue - } - typ := dtToType(dirent.Type) - if skipFiles && typ.IsRegular() { - continue - } - name := (*[len(syscall.Dirent{}.Name)]byte)(unsafe.Pointer(&dirent.Name))[:] - name = name[:dirent.Namlen] - for i, c := range name { - if c == 0 { - name = name[:i] - break - } - } - // Check for useless names before allocating a string. - if string(name) == "." || string(name) == ".." { - continue - } - if err := fn(dirName, string(name), typ); err != nil { - if err != ErrSkipFiles { - return err - } - skipFiles = true - } - } - - return nil -} - -func dtToType(typ uint8) os.FileMode { - switch typ { - case syscall.DT_BLK: - return os.ModeDevice - case syscall.DT_CHR: - return os.ModeDevice | os.ModeCharDevice - case syscall.DT_DIR: - return os.ModeDir - case syscall.DT_FIFO: - return os.ModeNamedPipe - case syscall.DT_LNK: - return os.ModeSymlink - case syscall.DT_REG: - return 0 - case syscall.DT_SOCK: - return os.ModeSocket - } - return ^os.FileMode(0) -} - -// openDir wraps opendir(3) and handles any EINTR errors. The returned *DIR -// needs to be closed with closedir(3). -func openDir(path string) (*C.DIR, error) { - name, err := syscall.BytePtrFromString(path) - if err != nil { - return nil, err - } - for { - fd, err := C.opendir((*C.char)(unsafe.Pointer(name))) - if err != syscall.EINTR { - return fd, err - } - } -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_fileno.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_fileno.go deleted file mode 100644 index d58595dbd3f6..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_fileno.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build freebsd || openbsd || netbsd -// +build freebsd openbsd netbsd - -package fastwalk - -import "syscall" - -func direntInode(dirent *syscall.Dirent) uint64 { - return uint64(dirent.Fileno) -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_ino.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_ino.go deleted file mode 100644 index d3922890b0b1..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_ino.go +++ /dev/null @@ -1,15 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build (linux || (darwin && !cgo)) && !appengine -// +build linux darwin,!cgo -// +build !appengine - -package fastwalk - -import "syscall" - -func direntInode(dirent *syscall.Dirent) uint64 { - return dirent.Ino -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_bsd.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_bsd.go deleted file mode 100644 index 38a4db6af3ae..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_bsd.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build (darwin && !cgo) || freebsd || openbsd || netbsd -// +build darwin,!cgo freebsd openbsd netbsd - -package fastwalk - -import "syscall" - -func direntNamlen(dirent *syscall.Dirent) uint64 { - return uint64(dirent.Namlen) -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_linux.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_linux.go deleted file mode 100644 index c82e57df85ef..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_dirent_namlen_linux.go +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build linux && !appengine -// +build linux,!appengine - -package fastwalk - -import ( - "bytes" - "syscall" - "unsafe" -) - -func direntNamlen(dirent *syscall.Dirent) uint64 { - const fixedHdr = uint16(unsafe.Offsetof(syscall.Dirent{}.Name)) - nameBuf := (*[unsafe.Sizeof(dirent.Name)]byte)(unsafe.Pointer(&dirent.Name[0])) - const nameBufLen = uint16(len(nameBuf)) - limit := dirent.Reclen - fixedHdr - if limit > nameBufLen { - limit = nameBufLen - } - nameLen := bytes.IndexByte(nameBuf[:limit], 0) - if nameLen < 0 { - panic("failed to find terminating 0 byte in dirent") - } - return uint64(nameLen) -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_portable.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_portable.go deleted file mode 100644 index 27e860243e11..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_portable.go +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build appengine || (!linux && !darwin && !freebsd && !openbsd && !netbsd) -// +build appengine !linux,!darwin,!freebsd,!openbsd,!netbsd - -package fastwalk - -import ( - "os" -) - -// readDir calls fn for each directory entry in dirName. -// It does not descend into directories or follow symlinks. -// If fn returns a non-nil error, readDir returns with that error -// immediately. -func readDir(dirName string, fn func(dirName, entName string, typ os.FileMode) error) error { - fis, err := os.ReadDir(dirName) - if err != nil { - return err - } - skipFiles := false - for _, fi := range fis { - info, err := fi.Info() - if err != nil { - return err - } - if info.Mode().IsRegular() && skipFiles { - continue - } - if err := fn(dirName, fi.Name(), info.Mode()&os.ModeType); err != nil { - if err == ErrSkipFiles { - skipFiles = true - continue - } - return err - } - } - return nil -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_unix.go b/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_unix.go deleted file mode 100644 index f12f1a734cc9..000000000000 --- a/test/tools/vendor/golang.org/x/tools/internal/fastwalk/fastwalk_unix.go +++ /dev/null @@ -1,153 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build (linux || freebsd || openbsd || netbsd || (darwin && !cgo)) && !appengine -// +build linux freebsd openbsd netbsd darwin,!cgo -// +build !appengine - -package fastwalk - -import ( - "fmt" - "os" - "syscall" - "unsafe" -) - -const blockSize = 8 << 10 - -// unknownFileMode is a sentinel (and bogus) os.FileMode -// value used to represent a syscall.DT_UNKNOWN Dirent.Type. -const unknownFileMode os.FileMode = os.ModeNamedPipe | os.ModeSocket | os.ModeDevice - -func readDir(dirName string, fn func(dirName, entName string, typ os.FileMode) error) error { - fd, err := open(dirName, 0, 0) - if err != nil { - return &os.PathError{Op: "open", Path: dirName, Err: err} - } - defer syscall.Close(fd) - - // The buffer must be at least a block long. - buf := make([]byte, blockSize) // stack-allocated; doesn't escape - bufp := 0 // starting read position in buf - nbuf := 0 // end valid data in buf - skipFiles := false - for { - if bufp >= nbuf { - bufp = 0 - nbuf, err = readDirent(fd, buf) - if err != nil { - return os.NewSyscallError("readdirent", err) - } - if nbuf <= 0 { - return nil - } - } - consumed, name, typ := parseDirEnt(buf[bufp:nbuf]) - bufp += consumed - if name == "" || name == "." || name == ".." { - continue - } - // Fallback for filesystems (like old XFS) that don't - // support Dirent.Type and have DT_UNKNOWN (0) there - // instead. - if typ == unknownFileMode { - fi, err := os.Lstat(dirName + "/" + name) - if err != nil { - // It got deleted in the meantime. - if os.IsNotExist(err) { - continue - } - return err - } - typ = fi.Mode() & os.ModeType - } - if skipFiles && typ.IsRegular() { - continue - } - if err := fn(dirName, name, typ); err != nil { - if err == ErrSkipFiles { - skipFiles = true - continue - } - return err - } - } -} - -func parseDirEnt(buf []byte) (consumed int, name string, typ os.FileMode) { - // golang.org/issue/37269 - dirent := &syscall.Dirent{} - copy((*[unsafe.Sizeof(syscall.Dirent{})]byte)(unsafe.Pointer(dirent))[:], buf) - if v := unsafe.Offsetof(dirent.Reclen) + unsafe.Sizeof(dirent.Reclen); uintptr(len(buf)) < v { - panic(fmt.Sprintf("buf size of %d smaller than dirent header size %d", len(buf), v)) - } - if len(buf) < int(dirent.Reclen) { - panic(fmt.Sprintf("buf size %d < record length %d", len(buf), dirent.Reclen)) - } - consumed = int(dirent.Reclen) - if direntInode(dirent) == 0 { // File absent in directory. - return - } - switch dirent.Type { - case syscall.DT_REG: - typ = 0 - case syscall.DT_DIR: - typ = os.ModeDir - case syscall.DT_LNK: - typ = os.ModeSymlink - case syscall.DT_BLK: - typ = os.ModeDevice - case syscall.DT_FIFO: - typ = os.ModeNamedPipe - case syscall.DT_SOCK: - typ = os.ModeSocket - case syscall.DT_UNKNOWN: - typ = unknownFileMode - default: - // Skip weird things. - // It's probably a DT_WHT (http://lwn.net/Articles/325369/) - // or something. Revisit if/when this package is moved outside - // of goimports. goimports only cares about regular files, - // symlinks, and directories. - return - } - - nameBuf := (*[unsafe.Sizeof(dirent.Name)]byte)(unsafe.Pointer(&dirent.Name[0])) - nameLen := direntNamlen(dirent) - - // Special cases for common things: - if nameLen == 1 && nameBuf[0] == '.' { - name = "." - } else if nameLen == 2 && nameBuf[0] == '.' && nameBuf[1] == '.' { - name = ".." - } else { - name = string(nameBuf[:nameLen]) - } - return -} - -// According to https://golang.org/doc/go1.14#runtime -// A consequence of the implementation of preemption is that on Unix systems, including Linux and macOS -// systems, programs built with Go 1.14 will receive more signals than programs built with earlier releases. -// -// This causes syscall.Open and syscall.ReadDirent sometimes fail with EINTR errors. -// We need to retry in this case. -func open(path string, mode int, perm uint32) (fd int, err error) { - for { - fd, err := syscall.Open(path, mode, perm) - if err != syscall.EINTR { - return fd, err - } - } -} - -func readDirent(fd int, buf []byte) (n int, err error) { - for { - nbuf, err := syscall.ReadDirent(fd, buf) - if err != syscall.EINTR { - return nbuf, err - } - } -} diff --git a/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go b/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go index 53cf66da0193..c27b91f8c7e6 100644 --- a/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go +++ b/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go @@ -85,6 +85,7 @@ func (runner *Runner) RunPiped(ctx context.Context, inv Invocation, stdout, stde // RunRaw runs the invocation, serializing requests only if they fight over // go.mod changes. +// Postcondition: both error results have same nilness. func (runner *Runner) RunRaw(ctx context.Context, inv Invocation) (*bytes.Buffer, *bytes.Buffer, error, error) { ctx, done := event.Start(ctx, "gocommand.Runner.RunRaw", invLabels(inv)...) defer done() @@ -95,23 +96,24 @@ func (runner *Runner) RunRaw(ctx context.Context, inv Invocation) (*bytes.Buffer stdout, stderr, friendlyErr, err := runner.runConcurrent(ctx, inv) // If we encounter a load concurrency error, we need to retry serially. - if friendlyErr == nil || !modConcurrencyError.MatchString(friendlyErr.Error()) { - return stdout, stderr, friendlyErr, err + if friendlyErr != nil && modConcurrencyError.MatchString(friendlyErr.Error()) { + event.Error(ctx, "Load concurrency error, will retry serially", err) + + // Run serially by calling runPiped. + stdout.Reset() + stderr.Reset() + friendlyErr, err = runner.runPiped(ctx, inv, stdout, stderr) } - event.Error(ctx, "Load concurrency error, will retry serially", err) - // Run serially by calling runPiped. - stdout.Reset() - stderr.Reset() - friendlyErr, err = runner.runPiped(ctx, inv, stdout, stderr) return stdout, stderr, friendlyErr, err } +// Postcondition: both error results have same nilness. func (runner *Runner) runConcurrent(ctx context.Context, inv Invocation) (*bytes.Buffer, *bytes.Buffer, error, error) { // Wait for 1 worker to become available. select { case <-ctx.Done(): - return nil, nil, nil, ctx.Err() + return nil, nil, ctx.Err(), ctx.Err() case runner.inFlight <- struct{}{}: defer func() { <-runner.inFlight }() } @@ -121,6 +123,7 @@ func (runner *Runner) runConcurrent(ctx context.Context, inv Invocation) (*bytes return stdout, stderr, friendlyErr, err } +// Postcondition: both error results have same nilness. func (runner *Runner) runPiped(ctx context.Context, inv Invocation, stdout, stderr io.Writer) (error, error) { // Make sure the runner is always initialized. runner.initialize() @@ -129,7 +132,7 @@ func (runner *Runner) runPiped(ctx context.Context, inv Invocation, stdout, stde // runPiped commands. select { case <-ctx.Done(): - return nil, ctx.Err() + return ctx.Err(), ctx.Err() case runner.serialized <- struct{}{}: defer func() { <-runner.serialized }() } @@ -139,7 +142,7 @@ func (runner *Runner) runPiped(ctx context.Context, inv Invocation, stdout, stde for i := 0; i < maxInFlight; i++ { select { case <-ctx.Done(): - return nil, ctx.Err() + return ctx.Err(), ctx.Err() case runner.inFlight <- struct{}{}: // Make sure we always "return" any workers we took. defer func() { <-runner.inFlight }() @@ -172,6 +175,7 @@ type Invocation struct { Logf func(format string, args ...interface{}) } +// Postcondition: both error results have same nilness. func (i *Invocation) runWithFriendlyError(ctx context.Context, stdout, stderr io.Writer) (friendlyError error, rawError error) { rawError = i.run(ctx, stdout, stderr) if rawError != nil { diff --git a/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go b/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go index 452e342c559c..f79dd8cc3f59 100644 --- a/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go +++ b/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go @@ -9,13 +9,12 @@ package gopathwalk import ( "bufio" "bytes" + "io/fs" "log" "os" "path/filepath" "strings" "time" - - "golang.org/x/tools/internal/fastwalk" ) // Options controls the behavior of a Walk call. @@ -78,14 +77,25 @@ func walkDir(root Root, add func(Root, string), skip func(root Root, dir string) if opts.Logf != nil { opts.Logf("scanning %s", root.Path) } + w := &walker{ - root: root, - add: add, - skip: skip, - opts: opts, + root: root, + add: add, + skip: skip, + opts: opts, + added: make(map[string]bool), } w.init() - if err := fastwalk.Walk(root.Path, w.walk); err != nil { + + // Add a trailing path separator to cause filepath.WalkDir to traverse symlinks. + path := root.Path + if len(path) == 0 { + path = "." + string(filepath.Separator) + } else if !os.IsPathSeparator(path[len(path)-1]) { + path = path + string(filepath.Separator) + } + + if err := filepath.WalkDir(path, w.walk); err != nil { logf := opts.Logf if logf == nil { logf = log.Printf @@ -105,7 +115,9 @@ type walker struct { skip func(Root, string) bool // The callback that will be invoked for every dir. dir is skipped if it returns true. opts Options // Options passed to Walk by the user. - ignoredDirs []os.FileInfo // The ignored directories, loaded from .goimportsignore files. + ignoredDirs []string + + added map[string]bool } // init initializes the walker based on its Options @@ -121,13 +133,9 @@ func (w *walker) init() { for _, p := range ignoredPaths { full := filepath.Join(w.root.Path, p) - if fi, err := os.Stat(full); err == nil { - w.ignoredDirs = append(w.ignoredDirs, fi) - if w.opts.Logf != nil { - w.opts.Logf("Directory added to ignore list: %s", full) - } - } else if w.opts.Logf != nil { - w.opts.Logf("Error statting ignored directory: %v", err) + w.ignoredDirs = append(w.ignoredDirs, full) + if w.opts.Logf != nil { + w.opts.Logf("Directory added to ignore list: %s", full) } } } @@ -162,9 +170,9 @@ func (w *walker) getIgnoredDirs(path string) []string { } // shouldSkipDir reports whether the file should be skipped or not. -func (w *walker) shouldSkipDir(fi os.FileInfo, dir string) bool { +func (w *walker) shouldSkipDir(dir string) bool { for _, ignoredDir := range w.ignoredDirs { - if os.SameFile(fi, ignoredDir) { + if dir == ignoredDir { return true } } @@ -176,20 +184,25 @@ func (w *walker) shouldSkipDir(fi os.FileInfo, dir string) bool { } // walk walks through the given path. -func (w *walker) walk(path string, typ os.FileMode) error { +func (w *walker) walk(path string, d fs.DirEntry, err error) error { + typ := d.Type() if typ.IsRegular() { + if !strings.HasSuffix(path, ".go") { + return nil + } + dir := filepath.Dir(path) if dir == w.root.Path && (w.root.Type == RootGOROOT || w.root.Type == RootGOPATH) { // Doesn't make sense to have regular files // directly in your $GOPATH/src or $GOROOT/src. - return fastwalk.ErrSkipFiles - } - if !strings.HasSuffix(path, ".go") { return nil } - w.add(w.root, dir) - return fastwalk.ErrSkipFiles + if !w.added[dir] { + w.add(w.root, dir) + w.added[dir] = true + } + return nil } if typ == os.ModeDir { base := filepath.Base(path) @@ -199,20 +212,66 @@ func (w *walker) walk(path string, typ os.FileMode) error { (!w.opts.ModulesEnabled && base == "node_modules") { return filepath.SkipDir } - fi, err := os.Lstat(path) - if err == nil && w.shouldSkipDir(fi, path) { + if w.shouldSkipDir(path) { return filepath.SkipDir } return nil } - if typ == os.ModeSymlink { + if typ == os.ModeSymlink && err == nil { + // TODO(bcmills): 'go list all' itself ignores symlinks within GOROOT/src + // and GOPATH/src. Do we really need to traverse them here? If so, why? + + if os.IsPathSeparator(path[len(path)-1]) { + // The OS was supposed to resolve a directory symlink but didn't. + // + // On macOS this may be caused by a known libc/kernel bug; + // see https://go.dev/issue/59586. + // + // On Windows before Go 1.21, this may be caused by a bug in + // os.Lstat (fixed in https://go.dev/cl/463177). + // + // In either case, we can work around the bug by walking this level + // explicitly: first the symlink target itself, then its contents. + + fi, err := os.Stat(path) + if err != nil || !fi.IsDir() { + return nil + } + err = w.walk(path, fs.FileInfoToDirEntry(fi), nil) + if err == filepath.SkipDir { + return nil + } else if err != nil { + return err + } + + ents, _ := os.ReadDir(path) // ignore error if unreadable + for _, d := range ents { + nextPath := filepath.Join(path, d.Name()) + var err error + if d.IsDir() { + err = filepath.WalkDir(nextPath, w.walk) + } else { + err = w.walk(nextPath, d, nil) + if err == filepath.SkipDir { + break + } + } + if err != nil { + return err + } + } + return nil + } + base := filepath.Base(path) if strings.HasPrefix(base, ".#") { // Emacs noise. return nil } if w.shouldTraverse(path) { - return fastwalk.ErrTraverseLink + // Add a trailing separator to traverse the symlink. + nextPath := path + string(filepath.Separator) + return filepath.WalkDir(nextPath, w.walk) } } return nil @@ -222,6 +281,10 @@ func (w *walker) walk(path string, typ os.FileMode) error { // should be followed. It makes sure symlinks were never visited // before to avoid symlink loops. func (w *walker) shouldTraverse(path string) bool { + if w.shouldSkipDir(path) { + return false + } + ts, err := os.Stat(path) if err != nil { logf := w.opts.Logf @@ -234,9 +297,7 @@ func (w *walker) shouldTraverse(path string) bool { if !ts.IsDir() { return false } - if w.shouldSkipDir(ts, filepath.Dir(path)) { - return false - } + // Check for symlink loops by statting each directory component // and seeing if any are the same file as ts. for { diff --git a/test/tools/vendor/modules.txt b/test/tools/vendor/modules.txt index 5f0590c636bf..7bd5a486dca2 100644 --- a/test/tools/vendor/modules.txt +++ b/test/tools/vendor/modules.txt @@ -56,17 +56,17 @@ github.com/vbatts/git-validation/rules/dco github.com/vbatts/git-validation/rules/messageregexp github.com/vbatts/git-validation/rules/shortsubject github.com/vbatts/git-validation/validate -# golang.org/x/mod v0.13.0 +# golang.org/x/mod v0.14.0 ## explicit; go 1.18 golang.org/x/mod/internal/lazyregexp golang.org/x/mod/module golang.org/x/mod/semver -# golang.org/x/sys v0.13.0 -## explicit; go 1.17 +# golang.org/x/sys v0.14.0 +## explicit; go 1.18 golang.org/x/sys/execabs golang.org/x/sys/unix golang.org/x/sys/windows -# golang.org/x/tools v0.14.0 +# golang.org/x/tools v0.15.0 ## explicit; go 1.18 golang.org/x/tools/cmd/goimports golang.org/x/tools/go/ast/astutil @@ -76,7 +76,6 @@ golang.org/x/tools/internal/event/core golang.org/x/tools/internal/event/keys golang.org/x/tools/internal/event/label golang.org/x/tools/internal/event/tag -golang.org/x/tools/internal/fastwalk golang.org/x/tools/internal/gocommand golang.org/x/tools/internal/gopathwalk golang.org/x/tools/internal/imports From 956c0d6ec55966fd25080cb3fc08141c316a3d98 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 10 Nov 2023 05:37:04 -0600 Subject: [PATCH 008/170] Improve the documentation of quadlet Users fail to realize that they can use other systemd options within the quadlet files, like ExecStartPre. This change should make it clearer to the users. https://github.com/containers/podman/discussions/20642 Signed-off-by: Daniel J Walsh --- docs/source/markdown/podman-systemd.unit.5.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 1e7364a02351..a18bfa23a3c3 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -25,6 +25,9 @@ Podman supports starting containers (and creating volumes) via systemd by using [systemd generator](https://www.freedesktop.org/software/systemd/man/systemd.generator.html). These files are read during boot (and when `systemctl daemon-reload` is run) and generate corresponding regular systemd service unit files. Both system and user systemd units are supported. +All options and tables available in standard systemd unit files are supported. For example, options defined in +the [Service] table and [Install] tables pass directly to systemd and are handled by it. +See systemd.unit(5) man page for more information. The Podman generator reads the search paths above and reads files with the extensions `.container` `.volume` and `*.kube`, and for each file generates a similarly named `.service` file. Be aware that @@ -1219,6 +1222,8 @@ Exec=sleep 60 Restart=always # Extend Timeout to allow time to pull the image TimeoutStartSec=900 +# ExecStartPre flag and other systemd commands can go here, see systemd.unit(5) man page. +ExecStartPre=/usr/share/mincontainer/setup.sh [Install] # Start by default on boot @@ -1263,3 +1268,4 @@ Label=org.test.Key=value **[podman-run(1)](podman-run.1.md)**, **[podman-network-create(1)](podman-network-create.1.md)**, **[podman-auto-update(1)](podman-auto-update.1.md)** +**[systemd.unit(5)]** From fbd1ba68f67701f26c8505db84801cd8270d2491 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 9 Nov 2023 09:55:21 +0100 Subject: [PATCH 009/170] vendor: update c/storage Signed-off-by: Giuseppe Scrivano --- go.mod | 6 +- go.sum | 11 +-- .../Microsoft/hcsshim/internal/hcs/process.go | 68 ++++++------------- .../internal/hcs/schema2/close_handle.go | 4 +- .../internal/hcs/schema2/console_size.go | 7 +- .../hcs/schema2/process_modify_request.go | 6 +- .../internal/hcs/schema2/process_status.go | 9 ++- .../Microsoft/hcsshim/internal/hcs/system.go | 31 +++++++-- .../Microsoft/hcsshim/internal/log/format.go | 7 +- .../Microsoft/hcsshim/internal/log/hook.go | 5 +- .../hcsshim/internal/log/nopformatter.go | 12 ++++ .../internal/protocol/guestrequest/types.go | 22 +++++- .../hcsshim/internal/wclayer/layerutils.go | 24 +++++++ vendor/github.com/Microsoft/hcsshim/layer.go | 1 + .../storage/pkg/unshare/unshare_darwin.go | 5 ++ .../storage/pkg/unshare/unshare_linux.go | 10 +++ .../pkg/unshare/unshare_unsupported.go | 5 ++ .../moby/sys/mountinfo/mountinfo_linux.go | 50 ++++++++++++-- vendor/modules.txt | 6 +- 19 files changed, 202 insertions(+), 87 deletions(-) create mode 100644 vendor/github.com/Microsoft/hcsshim/internal/log/nopformatter.go diff --git a/go.mod b/go.mod index 9ea48d15f419..9126f8a57ff5 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/containers/libhvee v0.4.1-0.20231012183749-e51be96b4854 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 - github.com/containers/storage v1.50.3-0.20231101112703-6e72f11598fb + github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 @@ -83,7 +83,7 @@ require ( require ( dario.cat/mergo v1.0.0 // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect - github.com/Microsoft/hcsshim v0.12.0-rc.0 // indirect + github.com/Microsoft/hcsshim v0.12.0-rc.1 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect github.com/aead/serpent v0.0.0-20160714141033-fba169763ea6 // indirect @@ -160,7 +160,7 @@ require ( github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/patternmatcher v0.5.0 // indirect - github.com/moby/sys/mountinfo v0.6.2 // indirect + github.com/moby/sys/mountinfo v0.7.1 // indirect github.com/moby/sys/sequential v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect diff --git a/go.sum b/go.sum index 89431c0e2283..392117bf113f 100644 --- a/go.sum +++ b/go.sum @@ -67,8 +67,8 @@ github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.9.4/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= -github.com/Microsoft/hcsshim v0.12.0-rc.0 h1:wX/F5huJxH9APBkhKSEAqaiZsuBvbbDnyBROZAqsSaY= -github.com/Microsoft/hcsshim v0.12.0-rc.0/go.mod h1:rvOnw3YlfoNnEp45wReUngvsXbwRW+AFQ10GVjG1kMU= +github.com/Microsoft/hcsshim v0.12.0-rc.1 h1:Hy+xzYujv7urO5wrgcG58SPMOXNLrj4WCJbySs2XX/A= +github.com/Microsoft/hcsshim v0.12.0-rc.1/go.mod h1:Y1a1S0QlYp1mBpyvGiuEdOfZqnao+0uX5AWHXQ5NhZU= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -276,8 +276,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= -github.com/containers/storage v1.50.3-0.20231101112703-6e72f11598fb h1:g1IJUHmHZuHa1YPvIiYjWrhysb+qEiiImA8p8mENhiE= -github.com/containers/storage v1.50.3-0.20231101112703-6e72f11598fb/go.mod h1:LpKczONfqahkVHFdZGPUg/xYZVjd/qqisRu0TkO4u8k= +github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd h1:IidA+YID5VdlNNJ0xcRdOcaPWs+fP0IFJqFRVuwtPjo= +github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -784,8 +784,9 @@ github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M github.com/moby/patternmatcher v0.5.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= +github.com/moby/sys/mountinfo v0.7.1 h1:/tTvQaSJRr2FshkhXiIpux6fQ2Zvc4j7tAhMTStAG2g= +github.com/moby/sys/mountinfo v0.7.1/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc= github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go index e437e297c0d9..37afbf6917af 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go @@ -12,14 +12,16 @@ import ( "syscall" "time" + "go.opencensus.io/trace" + "github.com/Microsoft/hcsshim/internal/cow" + hcsschema "github.com/Microsoft/hcsshim/internal/hcs/schema2" "github.com/Microsoft/hcsshim/internal/log" "github.com/Microsoft/hcsshim/internal/oc" + "github.com/Microsoft/hcsshim/internal/protocol/guestrequest" "github.com/Microsoft/hcsshim/internal/vmcompute" - "go.opencensus.io/trace" ) -// ContainerError is an error encountered in HCS type Process struct { handleLock sync.RWMutex handle vmcompute.HcsProcess @@ -50,35 +52,6 @@ func newProcess(process vmcompute.HcsProcess, processID int, computeSystem *Syst } } -type processModifyRequest struct { - Operation string - ConsoleSize *consoleSize `json:",omitempty"` - CloseHandle *closeHandle `json:",omitempty"` -} - -type consoleSize struct { - Height uint16 - Width uint16 -} - -type closeHandle struct { - Handle string -} - -type processStatus struct { - ProcessID uint32 - Exited bool - ExitCode uint32 - LastWaitResult int32 -} - -const stdIn string = "StdIn" - -const ( - modifyConsoleSize string = "ConsoleSize" - modifyCloseHandle string = "CloseHandle" -) - // Pid returns the process ID of the process within the container. func (process *Process) Pid() int { return process.processID @@ -260,14 +233,14 @@ func (process *Process) waitBackground() { process.handleLock.RLock() defer process.handleLock.RUnlock() - // Make sure we didnt race with Close() here + // Make sure we didn't race with Close() here if process.handle != 0 { propertiesJSON, resultJSON, err = vmcompute.HcsGetProcessProperties(ctx, process.handle) events := processHcsResult(ctx, resultJSON) if err != nil { err = makeProcessError(process, operation, err, events) } else { - properties := &processStatus{} + properties := &hcsschema.ProcessStatus{} err = json.Unmarshal([]byte(propertiesJSON), properties) if err != nil { err = makeProcessError(process, operation, err, nil) @@ -318,10 +291,9 @@ func (process *Process) ResizeConsole(ctx context.Context, width, height uint16) if process.handle == 0 { return makeProcessError(process, operation, ErrAlreadyClosed, nil) } - - modifyRequest := processModifyRequest{ - Operation: modifyConsoleSize, - ConsoleSize: &consoleSize{ + modifyRequest := hcsschema.ProcessModifyRequest{ + Operation: guestrequest.ModifyProcessConsoleSize, + ConsoleSize: &hcsschema.ConsoleSize{ Height: height, Width: width, }, @@ -421,18 +393,12 @@ func (process *Process) CloseStdin(ctx context.Context) (err error) { return makeProcessError(process, operation, ErrAlreadyClosed, nil) } - process.stdioLock.Lock() - defer process.stdioLock.Unlock() - if process.stdin == nil { - return nil - } - //HcsModifyProcess request to close stdin will fail if the process has already exited if !process.stopped() { - modifyRequest := processModifyRequest{ - Operation: modifyCloseHandle, - CloseHandle: &closeHandle{ - Handle: stdIn, + modifyRequest := hcsschema.ProcessModifyRequest{ + Operation: guestrequest.CloseProcessHandle, + CloseHandle: &hcsschema.CloseHandle{ + Handle: guestrequest.STDInHandle, }, } @@ -448,8 +414,12 @@ func (process *Process) CloseStdin(ctx context.Context) (err error) { } } - process.stdin.Close() - process.stdin = nil + process.stdioLock.Lock() + defer process.stdioLock.Unlock() + if process.stdin != nil { + process.stdin.Close() + process.stdin = nil + } return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/close_handle.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/close_handle.go index b4f9c315b05b..bb36777b821c 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/close_handle.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/close_handle.go @@ -9,6 +9,8 @@ package hcsschema +import "github.com/Microsoft/hcsshim/internal/protocol/guestrequest" + type CloseHandle struct { - Handle string `json:"Handle,omitempty"` + Handle guestrequest.STDIOHandle `json:"Handle,omitempty"` // NOTE: Swagger generated as string. Locally updated. } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/console_size.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/console_size.go index 68aa04a573e7..347da50e86c4 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/console_size.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/console_size.go @@ -9,8 +9,11 @@ package hcsschema +// NOTE: Swagger generated fields as int32. Locally updated to uint16 to match documentation. +// https://learn.microsoft.com/en-us/virtualization/api/hcs/schemareference#ConsoleSize + type ConsoleSize struct { - Height int32 `json:"Height,omitempty"` + Height uint16 `json:"Height,omitempty"` - Width int32 `json:"Width,omitempty"` + Width uint16 `json:"Width,omitempty"` } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_modify_request.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_modify_request.go index e4ed095c7bec..862b7911e2d5 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_modify_request.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_modify_request.go @@ -9,9 +9,11 @@ package hcsschema -// Passed to HcsRpc_ModifyProcess +import "github.com/Microsoft/hcsshim/internal/protocol/guestrequest" + +// Passed to HcsRpc_ModifyProcess type ProcessModifyRequest struct { - Operation string `json:"Operation,omitempty"` + Operation guestrequest.ProcessModifyOperation `json:"Operation,omitempty"` // NOTE: Swagger generated as string. Locally updated. ConsoleSize *ConsoleSize `json:"ConsoleSize,omitempty"` diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_status.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_status.go index ad9a4fa9ad6d..3c371d4650a8 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_status.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/process_status.go @@ -9,13 +9,16 @@ package hcsschema -// Status of a process running in a container +// NOTE: Swagger generated fields as int32. Locally updated to uint16 to match documentation. +// https://learn.microsoft.com/en-us/virtualization/api/hcs/schemareference#ConsoleSize + +// Status of a process running in a container type ProcessStatus struct { - ProcessId int32 `json:"ProcessId,omitempty"` + ProcessId uint32 `json:"ProcessId,omitempty"` // NOTE: Swagger generated as int32. Locally updated to match documentation. Exited bool `json:"Exited,omitempty"` - ExitCode int32 `json:"ExitCode,omitempty"` + ExitCode uint32 `json:"ExitCode,omitempty"` // NOTE: Swagger generated as int32. Locally updated to match documentation. LastWaitResult int32 `json:"LastWaitResult,omitempty"` } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go index cf20adefc93e..cf1db7da9a9b 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go @@ -304,11 +304,22 @@ func (computeSystem *System) WaitError() error { return computeSystem.waitError } -// Wait synchronously waits for the compute system to shutdown or terminate. If -// the compute system has already exited returns the previous error (if any). +// Wait synchronously waits for the compute system to shutdown or terminate. +// If the compute system has already exited returns the previous error (if any). func (computeSystem *System) Wait() error { - <-computeSystem.WaitChannel() - return computeSystem.WaitError() + return computeSystem.WaitCtx(context.Background()) +} + +// WaitCtx synchronously waits for the compute system to shutdown or terminate, or the context to be cancelled. +// +// See [System.Wait] for more information. +func (computeSystem *System) WaitCtx(ctx context.Context) error { + select { + case <-computeSystem.WaitChannel(): + return computeSystem.WaitError() + case <-ctx.Done(): + return ctx.Err() + } } // stopped returns true if the compute system stopped. @@ -735,9 +746,17 @@ func (computeSystem *System) OpenProcess(ctx context.Context, pid int) (*Process } // Close cleans up any state associated with the compute system but does not terminate or wait for it. -func (computeSystem *System) Close() (err error) { +func (computeSystem *System) Close() error { + return computeSystem.CloseCtx(context.Background()) +} + +// CloseCtx is similar to [System.Close], but accepts a context. +// +// The context is used for all operations, including waits, so timeouts/cancellations may prevent +// proper system cleanup. +func (computeSystem *System) CloseCtx(ctx context.Context) (err error) { operation := "hcs::System::Close" - ctx, span := oc.StartSpan(context.Background(), operation) + ctx, span := oc.StartSpan(ctx, operation) defer span.End() defer func() { oc.SetSpanStatus(span, err) }() span.AddAttributes(trace.StringAttribute("cid", computeSystem.id)) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/log/format.go b/vendor/github.com/Microsoft/hcsshim/internal/log/format.go index d35efa016128..6d69c15b97df 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/log/format.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/log/format.go @@ -9,13 +9,16 @@ import ( "reflect" "time" - "github.com/containerd/containerd/log" "github.com/sirupsen/logrus" "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/proto" ) -const TimeFormat = log.RFC3339NanoFixed +// TimeFormat is [time.RFC3339Nano] with nanoseconds padded using +// zeros to ensure the formatted time is always the same number of +// characters. +// Based on RFC3339NanoFixed from github.com/containerd/log +const TimeFormat = "2006-01-02T15:04:05.000000000Z07:00" func FormatTime(t time.Time) string { return t.Format(TimeFormat) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/log/hook.go b/vendor/github.com/Microsoft/hcsshim/internal/log/hook.go index 94c6d0918f99..bb547a329f6e 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/log/hook.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/log/hook.go @@ -6,7 +6,6 @@ import ( "time" "github.com/Microsoft/hcsshim/internal/logfields" - "github.com/containerd/containerd/log" "github.com/sirupsen/logrus" "go.opencensus.io/trace" ) @@ -30,7 +29,7 @@ type Hook struct { // An empty string disables formatting. // When disabled, the fall back will the JSON encoding, if enabled. // - // Default is [github.com/containerd/containerd/log.RFC3339NanoFixed]. + // Default is [TimeFormat]. TimeFormat string // Duration format converts a [time.Duration] fields to an appropriate encoding. @@ -49,7 +48,7 @@ var _ logrus.Hook = &Hook{} func NewHook() *Hook { return &Hook{ - TimeFormat: log.RFC3339NanoFixed, + TimeFormat: TimeFormat, DurationFormat: DurationFormatString, AddSpanContext: true, } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/log/nopformatter.go b/vendor/github.com/Microsoft/hcsshim/internal/log/nopformatter.go new file mode 100644 index 000000000000..909ba68b28f1 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/log/nopformatter.go @@ -0,0 +1,12 @@ +package log + +import ( + "github.com/sirupsen/logrus" +) + +type NopFormatter struct{} + +var _ logrus.Formatter = NopFormatter{} + +// Format does nothing and returns a nil slice. +func (NopFormatter) Format(*logrus.Entry) ([]byte, error) { return nil, nil } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/protocol/guestrequest/types.go b/vendor/github.com/Microsoft/hcsshim/internal/protocol/guestrequest/types.go index d8d0c20b1036..4f441803b7a2 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/protocol/guestrequest/types.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/protocol/guestrequest/types.go @@ -5,7 +5,7 @@ package guestrequest type RequestType string type ResourceType string -// RequestType const +// RequestType const. const ( RequestTypeAdd RequestType = "Add" RequestTypeRemove RequestType = "Remove" @@ -54,3 +54,23 @@ var ( "305891a9-b251-5dfe-91a2-c25d9212275b", } ) + +// constants for v2 schema ProcessModifyRequest + +// Operation type for [hcsschema.ProcessModifyRequest]. +type ProcessModifyOperation string + +const ( + ModifyProcessConsoleSize ProcessModifyOperation = "ConsoleSize" + CloseProcessHandle ProcessModifyOperation = "CloseHandle" +) + +// Standard IO handle(s) to close for [hcsschema.CloseHandle] in [hcsschema.ProcessModifyRequest]. +type STDIOHandle string + +const ( + STDInHandle STDIOHandle = "StdIn" + STDOutHandle STDIOHandle = "StdOut" + STDErrHandle STDIOHandle = "StdErr" + AllHandles STDIOHandle = "All" +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go index d5d2cb137a8d..ee17dd3d1a59 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go @@ -7,6 +7,10 @@ package wclayer import ( "context" + "fmt" + "os" + "path/filepath" + "strconv" "syscall" "github.com/Microsoft/go-winio/pkg/guid" @@ -101,3 +105,23 @@ func layerPathsToDescriptors(ctx context.Context, parentLayerPaths []string) ([] return layers, nil } + +// GetLayerUvmBuild looks for a file named `uvmbuildversion` at `layerPath\uvmbuildversion` and returns the +// build number of the UVM from that file. +func GetLayerUvmBuild(layerPath string) (uint16, error) { + data, err := os.ReadFile(filepath.Join(layerPath, UvmBuildFileName)) + if err != nil { + return 0, err + } + ver, err := strconv.ParseUint(string(data), 10, 16) + if err != nil { + return 0, err + } + return uint16(ver), nil +} + +// WriteLayerUvmBuildFile writes a file at path `layerPath\uvmbuildversion` that contains the given `build` +// version for future reference. +func WriteLayerUvmBuildFile(layerPath string, build uint16) error { + return os.WriteFile(filepath.Join(layerPath, UvmBuildFileName), []byte(fmt.Sprintf("%d", build)), 0777) +} diff --git a/vendor/github.com/Microsoft/hcsshim/layer.go b/vendor/github.com/Microsoft/hcsshim/layer.go index afd1ddd0aee6..7e9c9fbbe809 100644 --- a/vendor/github.com/Microsoft/hcsshim/layer.go +++ b/vendor/github.com/Microsoft/hcsshim/layer.go @@ -32,6 +32,7 @@ func CreateScratchLayer(info DriverInfo, layerId, parentId string, parentLayerPa func DeactivateLayer(info DriverInfo, id string) error { return wclayer.DeactivateLayer(context.Background(), layerPath(&info, id)) } + func DestroyLayer(info DriverInfo, id string) error { return wclayer.DestroyLayer(context.Background(), layerPath(&info, id)) } diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_darwin.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_darwin.go index 86ac12ecab2c..480e2fcb09ed 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_darwin.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_darwin.go @@ -25,6 +25,11 @@ func GetRootlessUID() int { return os.Getuid() } +// GetRootlessGID returns the GID of the user in the parent userNS +func GetRootlessGID() int { + return os.Getgid() +} + // RootlessEnv returns the environment settings for the rootless containers func RootlessEnv() []string { return append(os.Environ(), UsernsEnvName+"=") diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go index e169633d05c1..a8dc1ba0387a 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go @@ -441,6 +441,16 @@ func GetRootlessUID() int { return os.Getuid() } +// GetRootlessGID returns the GID of the user in the parent userNS +func GetRootlessGID() int { + gidEnv := getenv("_CONTAINERS_ROOTLESS_GID") + if gidEnv != "" { + u, _ := strconv.Atoi(gidEnv) + return u + } + return os.Getgid() +} + // RootlessEnv returns the environment settings for the rootless containers func RootlessEnv() []string { return append(os.Environ(), UsernsEnvName+"=done") diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go index 66dd545966ea..83de680c207f 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_unsupported.go @@ -25,6 +25,11 @@ func GetRootlessUID() int { return os.Getuid() } +// GetRootlessGID returns the GID of the user in the parent userNS +func GetRootlessGID() int { + return os.Getgid() +} + // RootlessEnv returns the environment settings for the rootless containers func RootlessEnv() []string { return append(os.Environ(), UsernsEnvName+"=") diff --git a/vendor/github.com/moby/sys/mountinfo/mountinfo_linux.go b/vendor/github.com/moby/sys/mountinfo/mountinfo_linux.go index 59332b07bf4b..b32b5c9b1507 100644 --- a/vendor/github.com/moby/sys/mountinfo/mountinfo_linux.go +++ b/vendor/github.com/moby/sys/mountinfo/mountinfo_linux.go @@ -5,15 +5,19 @@ import ( "fmt" "io" "os" + "runtime" "strconv" "strings" + "sync" + + "golang.org/x/sys/unix" ) // GetMountsFromReader retrieves a list of mounts from the // reader provided, with an optional filter applied (use nil // for no filter). This can be useful in tests or benchmarks // that provide fake mountinfo data, or when a source other -// than /proc/self/mountinfo needs to be read from. +// than /proc/thread-self/mountinfo needs to be read from. // // This function is Linux-specific. func GetMountsFromReader(r io.Reader, filter FilterFunc) ([]*Info, error) { @@ -127,8 +131,40 @@ func GetMountsFromReader(r io.Reader, filter FilterFunc) ([]*Info, error) { return out, nil } -func parseMountTable(filter FilterFunc) ([]*Info, error) { - f, err := os.Open("/proc/self/mountinfo") +var ( + haveProcThreadSelf bool + haveProcThreadSelfOnce sync.Once +) + +func parseMountTable(filter FilterFunc) (_ []*Info, err error) { + haveProcThreadSelfOnce.Do(func() { + _, err := os.Stat("/proc/thread-self/mountinfo") + haveProcThreadSelf = err == nil + }) + + // We need to lock ourselves to the current OS thread in order to make sure + // that the thread referenced by /proc/thread-self stays alive until we + // finish parsing the file. + runtime.LockOSThread() + defer runtime.UnlockOSThread() + + var f *os.File + if haveProcThreadSelf { + f, err = os.Open("/proc/thread-self/mountinfo") + } else { + // On pre-3.17 kernels (such as CentOS 7), we don't have + // /proc/thread-self/ so we need to manually construct + // /proc/self/task// as a fallback. + f, err = os.Open("/proc/self/task/" + strconv.Itoa(unix.Gettid()) + "/mountinfo") + if os.IsNotExist(err) { + // If /proc/self/task/... failed, it means that our active pid + // namespace doesn't match the pid namespace of the /proc mount. In + // this case we just have to make do with /proc/self, since there + // is no other way of figuring out our tid in a parent pid + // namespace on pre-3.17 kernels. + f, err = os.Open("/proc/self/mountinfo") + } + } if err != nil { return nil, err } @@ -158,10 +194,10 @@ func PidMountInfo(pid int) ([]*Info, error) { // A few specific characters in mountinfo path entries (root and mountpoint) // are escaped using a backslash followed by a character's ascii code in octal. // -// space -- as \040 -// tab (aka \t) -- as \011 -// newline (aka \n) -- as \012 -// backslash (aka \\) -- as \134 +// space -- as \040 +// tab (aka \t) -- as \011 +// newline (aka \n) -- as \012 +// backslash (aka \\) -- as \134 // // This function converts path from mountinfo back, i.e. it unescapes the above sequences. func unescape(path string) (string, error) { diff --git a/vendor/modules.txt b/vendor/modules.txt index c04aa54c3074..f26bb4fd7f14 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -18,7 +18,7 @@ github.com/Microsoft/go-winio/internal/socket github.com/Microsoft/go-winio/internal/stringbuffer github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/vhd -# github.com/Microsoft/hcsshim v0.12.0-rc.0 +# github.com/Microsoft/hcsshim v0.12.0-rc.1 ## explicit; go 1.18 github.com/Microsoft/hcsshim github.com/Microsoft/hcsshim/computestorage @@ -340,7 +340,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.50.3-0.20231101112703-6e72f11598fb +# github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd ## explicit; go 1.19 github.com/containers/storage github.com/containers/storage/drivers @@ -772,7 +772,7 @@ github.com/mitchellh/mapstructure # github.com/moby/patternmatcher v0.5.0 ## explicit; go 1.19 github.com/moby/patternmatcher -# github.com/moby/sys/mountinfo v0.6.2 +# github.com/moby/sys/mountinfo v0.7.1 ## explicit; go 1.16 github.com/moby/sys/mountinfo # github.com/moby/sys/sequential v0.5.0 From d07263f348f6b5f0cacb3fcd55bd120705874517 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Nov 2023 18:31:35 +0000 Subject: [PATCH 010/170] fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.1 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 4 +- go.sum | 8 +- test/tools/go.mod | 2 +- test/tools/go.sum | 12 +- .../ginkgo/v2/ginkgo/internal/test_suite.go | 3 +- .../onsi/ginkgo/v2/types/version.go | 2 +- test/tools/vendor/modules.txt | 2 +- vendor/github.com/go-logr/logr/README.md | 113 +++++++++++++++++- vendor/github.com/go-logr/logr/SECURITY.md | 18 +++ vendor/github.com/go-logr/logr/funcr/funcr.go | 48 ++++---- vendor/github.com/go-logr/logr/logr.go | 35 ++++-- vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md | 12 ++ .../ginkgo/v2/ginkgo/internal/test_suite.go | 3 +- .../onsi/ginkgo/v2/types/version.go | 2 +- vendor/modules.txt | 6 +- 15 files changed, 213 insertions(+), 57 deletions(-) create mode 100644 vendor/github.com/go-logr/logr/SECURITY.md diff --git a/go.mod b/go.mod index 4bdccb2f2f91..e42f4e7b0874 100644 --- a/go.mod +++ b/go.mod @@ -46,7 +46,7 @@ require ( github.com/mdlayher/vsock v1.2.1 github.com/moby/term v0.5.0 github.com/nxadm/tail v1.4.11 - github.com/onsi/ginkgo/v2 v2.13.0 + github.com/onsi/ginkgo/v2 v2.13.1 github.com/onsi/gomega v1.30.0 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0-rc5 @@ -113,7 +113,7 @@ require ( github.com/gin-contrib/sse v0.1.0 // indirect github.com/gin-gonic/gin v1.9.1 // indirect github.com/go-jose/go-jose/v3 v3.0.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/go-openapi/analysis v0.21.4 // indirect diff --git a/go.sum b/go.sum index badba4b1a585..3f8b0cf9757a 100644 --- a/go.sum +++ b/go.sum @@ -416,8 +416,8 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= @@ -827,8 +827,8 @@ github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= +github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= +github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= diff --git a/test/tools/go.mod b/test/tools/go.mod index 2f9a589eb4a0..cc136d419d72 100644 --- a/test/tools/go.mod +++ b/test/tools/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/cpuguy83/go-md2man/v2 v2.0.3 - github.com/onsi/ginkgo/v2 v2.13.0 + github.com/onsi/ginkgo/v2 v2.13.1 github.com/vbatts/git-validation v1.2.1 golang.org/x/tools v0.15.0 ) diff --git a/test/tools/go.sum b/test/tools/go.sum index 0b585f824fc3..3c23ef1dbe3a 100644 --- a/test/tools/go.sum +++ b/test/tools/go.sum @@ -8,11 +8,11 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/hashicorp/go-version v1.3.0 h1:McDWVJIU/y+u1BRV06dPaLfLCaT7fUTJLp5r04x7iNw= @@ -25,9 +25,9 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= +github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= +github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= @@ -49,7 +49,7 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go index 64dcb1b78c6e..f3ae13bb144c 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go @@ -7,6 +7,7 @@ import ( "path" "path/filepath" "regexp" + "runtime" "strings" "github.com/onsi/ginkgo/v2/types" @@ -192,7 +193,7 @@ func precompiledTestSuite(path string) (TestSuite, error) { return TestSuite{}, errors.New("this is not a .test binary") } - if filepath.Ext(path) == ".test" && info.Mode()&0111 == 0 { + if filepath.Ext(path) == ".test" && runtime.GOOS != "windows" && info.Mode()&0111 == 0 { return TestSuite{}, errors.New("this is not executable") } diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go index a37f308286b7..7a794d87a1e1 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.13.0" +const VERSION = "2.13.1" diff --git a/test/tools/vendor/modules.txt b/test/tools/vendor/modules.txt index 7bd5a486dca2..e73ecd3ed9d4 100644 --- a/test/tools/vendor/modules.txt +++ b/test/tools/vendor/modules.txt @@ -23,7 +23,7 @@ github.com/mattn/go-colorable # github.com/mattn/go-isatty v0.0.17 ## explicit; go 1.15 github.com/mattn/go-isatty -# github.com/onsi/ginkgo/v2 v2.13.0 +# github.com/onsi/ginkgo/v2 v2.13.1 ## explicit; go 1.18 github.com/onsi/ginkgo/v2/config github.com/onsi/ginkgo/v2/formatter diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md index ab5931181317..a8c29bfbd530 100644 --- a/vendor/github.com/go-logr/logr/README.md +++ b/vendor/github.com/go-logr/logr/README.md @@ -1,6 +1,7 @@ # A minimal logging API for Go [![Go Reference](https://pkg.go.dev/badge/github.com/go-logr/logr.svg)](https://pkg.go.dev/github.com/go-logr/logr) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/go-logr/logr/badge)](https://securityscorecards.dev/viewer/?platform=github.com&org=go-logr&repo=logr) logr offers an(other) opinion on how Go programs and libraries can do logging without becoming coupled to a particular logging implementation. This is not @@ -73,6 +74,29 @@ received: If the Go standard library had defined an interface for logging, this project probably would not be needed. Alas, here we are. +When the Go developers started developing such an interface with +[slog](https://github.com/golang/go/issues/56345), they adopted some of the +logr design but also left out some parts and changed others: + +| Feature | logr | slog | +|---------|------|------| +| High-level API | `Logger` (passed by value) | `Logger` (passed by [pointer](https://github.com/golang/go/issues/59126)) | +| Low-level API | `LogSink` | `Handler` | +| Stack unwinding | done by `LogSink` | done by `Logger` | +| Skipping helper functions | `WithCallDepth`, `WithCallStackHelper` | [not supported by Logger](https://github.com/golang/go/issues/59145) | +| Generating a value for logging on demand | `Marshaler` | `LogValuer` | +| Log levels | >= 0, higher meaning "less important" | positive and negative, with 0 for "info" and higher meaning "more important" | +| Error log entries | always logged, don't have a verbosity level | normal log entries with level >= `LevelError` | +| Passing logger via context | `NewContext`, `FromContext` | no API | +| Adding a name to a logger | `WithName` | no API | +| Modify verbosity of log entries in a call chain | `V` | no API | +| Grouping of key/value pairs | not supported | `WithGroup`, `GroupValue` | + +The high-level slog API is explicitly meant to be one of many different APIs +that can be layered on top of a shared `slog.Handler`. logr is one such +alternative API, with [interoperability](#slog-interoperability) provided by the [`slogr`](slogr) +package. + ### Inspiration Before you consider this package, please read [this blog post by the @@ -118,6 +142,91 @@ There are implementations for the following logging libraries: - **github.com/go-kit/log**: [gokitlogr](https://github.com/tonglil/gokitlogr) (also compatible with github.com/go-kit/kit/log since v0.12.0) - **bytes.Buffer** (writing to a buffer): [bufrlogr](https://github.com/tonglil/buflogr) (useful for ensuring values were logged, like during testing) +## slog interoperability + +Interoperability goes both ways, using the `logr.Logger` API with a `slog.Handler` +and using the `slog.Logger` API with a `logr.LogSink`. [slogr](./slogr) provides `NewLogr` and +`NewSlogHandler` API calls to convert between a `logr.Logger` and a `slog.Handler`. +As usual, `slog.New` can be used to wrap such a `slog.Handler` in the high-level +slog API. `slogr` itself leaves that to the caller. + +## Using a `logr.Sink` as backend for slog + +Ideally, a logr sink implementation should support both logr and slog by +implementing both the normal logr interface(s) and `slogr.SlogSink`. Because +of a conflict in the parameters of the common `Enabled` method, it is [not +possible to implement both slog.Handler and logr.Sink in the same +type](https://github.com/golang/go/issues/59110). + +If both are supported, log calls can go from the high-level APIs to the backend +without the need to convert parameters. `NewLogr` and `NewSlogHandler` can +convert back and forth without adding additional wrappers, with one exception: +when `Logger.V` was used to adjust the verbosity for a `slog.Handler`, then +`NewSlogHandler` has to use a wrapper which adjusts the verbosity for future +log calls. + +Such an implementation should also support values that implement specific +interfaces from both packages for logging (`logr.Marshaler`, `slog.LogValuer`, +`slog.GroupValue`). logr does not convert those. + +Not supporting slog has several drawbacks: +- Recording source code locations works correctly if the handler gets called + through `slog.Logger`, but may be wrong in other cases. That's because a + `logr.Sink` does its own stack unwinding instead of using the program counter + provided by the high-level API. +- slog levels <= 0 can be mapped to logr levels by negating the level without a + loss of information. But all slog levels > 0 (e.g. `slog.LevelWarning` as + used by `slog.Logger.Warn`) must be mapped to 0 before calling the sink + because logr does not support "more important than info" levels. +- The slog group concept is supported by prefixing each key in a key/value + pair with the group names, separated by a dot. For structured output like + JSON it would be better to group the key/value pairs inside an object. +- Special slog values and interfaces don't work as expected. +- The overhead is likely to be higher. + +These drawbacks are severe enough that applications using a mixture of slog and +logr should switch to a different backend. + +## Using a `slog.Handler` as backend for logr + +Using a plain `slog.Handler` without support for logr works better than the +other direction: +- All logr verbosity levels can be mapped 1:1 to their corresponding slog level + by negating them. +- Stack unwinding is done by the `slogr.SlogSink` and the resulting program + counter is passed to the `slog.Handler`. +- Names added via `Logger.WithName` are gathered and recorded in an additional + attribute with `logger` as key and the names separated by slash as value. +- `Logger.Error` is turned into a log record with `slog.LevelError` as level + and an additional attribute with `err` as key, if an error was provided. + +The main drawback is that `logr.Marshaler` will not be supported. Types should +ideally support both `logr.Marshaler` and `slog.Valuer`. If compatibility +with logr implementations without slog support is not important, then +`slog.Valuer` is sufficient. + +## Context support for slog + +Storing a logger in a `context.Context` is not supported by +slog. `logr.NewContext` and `logr.FromContext` can be used with slog like this +to fill this gap: + + func HandlerFromContext(ctx context.Context) slog.Handler { + logger, err := logr.FromContext(ctx) + if err == nil { + return slogr.NewSlogHandler(logger) + } + return slog.Default().Handler() + } + + func ContextWithHandler(ctx context.Context, handler slog.Handler) context.Context { + return logr.NewContext(ctx, slogr.NewLogr(handler)) + } + +The downside is that storing and retrieving a `slog.Handler` needs more +allocations compared to using a `logr.Logger`. Therefore the recommendation is +to use the `logr.Logger` API in code which uses contextual logging. + ## FAQ ### Conceptual @@ -241,7 +350,9 @@ Otherwise, you can start out with `0` as "you always want to see this", Then gradually choose levels in between as you need them, working your way down from 10 (for debug and trace style logs) and up from 1 (for chattier -info-type logs.) +info-type logs). For reference, slog pre-defines -4 for debug logs +(corresponds to 4 in logr), which matches what is +[recommended for Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md#what-method-to-use). #### How do I choose my keys? diff --git a/vendor/github.com/go-logr/logr/SECURITY.md b/vendor/github.com/go-logr/logr/SECURITY.md new file mode 100644 index 000000000000..1ca756fc7b36 --- /dev/null +++ b/vendor/github.com/go-logr/logr/SECURITY.md @@ -0,0 +1,18 @@ +# Security Policy + +If you have discovered a security vulnerability in this project, please report it +privately. **Do not disclose it as a public issue.** This gives us time to work with you +to fix the issue before public exposure, reducing the chance that the exploit will be +used before a patch is released. + +You may submit the report in the following ways: + +- send an email to go-logr-security@googlegroups.com +- send us a [private vulnerability report](https://github.com/go-logr/logr/security/advisories/new) + +Please provide the following information in your report: + +- A description of the vulnerability and its impact +- How to reproduce the issue + +We ask that you give us 90 days to work on a fix before public exposure. diff --git a/vendor/github.com/go-logr/logr/funcr/funcr.go b/vendor/github.com/go-logr/logr/funcr/funcr.go index e52f0cd01e2e..12e5807cc5c3 100644 --- a/vendor/github.com/go-logr/logr/funcr/funcr.go +++ b/vendor/github.com/go-logr/logr/funcr/funcr.go @@ -116,17 +116,17 @@ type Options struct { // Equivalent hooks are offered for key-value pairs saved via // logr.Logger.WithValues or Formatter.AddValues (see RenderValuesHook) and // for user-provided pairs (see RenderArgsHook). - RenderBuiltinsHook func(kvList []interface{}) []interface{} + RenderBuiltinsHook func(kvList []any) []any // RenderValuesHook is the same as RenderBuiltinsHook, except that it is // only called for key-value pairs saved via logr.Logger.WithValues. See // RenderBuiltinsHook for more details. - RenderValuesHook func(kvList []interface{}) []interface{} + RenderValuesHook func(kvList []any) []any // RenderArgsHook is the same as RenderBuiltinsHook, except that it is only // called for key-value pairs passed directly to Info and Error. See // RenderBuiltinsHook for more details. - RenderArgsHook func(kvList []interface{}) []interface{} + RenderArgsHook func(kvList []any) []any // MaxLogDepth tells funcr how many levels of nested fields (e.g. a struct // that contains a struct, etc.) it may log. Every time it finds a struct, @@ -163,7 +163,7 @@ func (l fnlogger) WithName(name string) logr.LogSink { return &l } -func (l fnlogger) WithValues(kvList ...interface{}) logr.LogSink { +func (l fnlogger) WithValues(kvList ...any) logr.LogSink { l.Formatter.AddValues(kvList) return &l } @@ -173,12 +173,12 @@ func (l fnlogger) WithCallDepth(depth int) logr.LogSink { return &l } -func (l fnlogger) Info(level int, msg string, kvList ...interface{}) { +func (l fnlogger) Info(level int, msg string, kvList ...any) { prefix, args := l.FormatInfo(level, msg, kvList) l.write(prefix, args) } -func (l fnlogger) Error(err error, msg string, kvList ...interface{}) { +func (l fnlogger) Error(err error, msg string, kvList ...any) { prefix, args := l.FormatError(err, msg, kvList) l.write(prefix, args) } @@ -229,7 +229,7 @@ func newFormatter(opts Options, outfmt outputFormat) Formatter { type Formatter struct { outputFormat outputFormat prefix string - values []interface{} + values []any valuesStr string depth int opts *Options @@ -246,10 +246,10 @@ const ( ) // PseudoStruct is a list of key-value pairs that gets logged as a struct. -type PseudoStruct []interface{} +type PseudoStruct []any // render produces a log line, ready to use. -func (f Formatter) render(builtins, args []interface{}) string { +func (f Formatter) render(builtins, args []any) string { // Empirically bytes.Buffer is faster than strings.Builder for this. buf := bytes.NewBuffer(make([]byte, 0, 1024)) if f.outputFormat == outputJSON { @@ -292,7 +292,7 @@ func (f Formatter) render(builtins, args []interface{}) string { // This function returns a potentially modified version of kvList, which // ensures that there is a value for every key (adding a value if needed) and // that each key is a string (substituting a key if needed). -func (f Formatter) flatten(buf *bytes.Buffer, kvList []interface{}, continuing bool, escapeKeys bool) []interface{} { +func (f Formatter) flatten(buf *bytes.Buffer, kvList []any, continuing bool, escapeKeys bool) []any { // This logic overlaps with sanitize() but saves one type-cast per key, // which can be measurable. if len(kvList)%2 != 0 { @@ -334,7 +334,7 @@ func (f Formatter) flatten(buf *bytes.Buffer, kvList []interface{}, continuing b return kvList } -func (f Formatter) pretty(value interface{}) string { +func (f Formatter) pretty(value any) string { return f.prettyWithFlags(value, 0, 0) } @@ -343,7 +343,7 @@ const ( ) // TODO: This is not fast. Most of the overhead goes here. -func (f Formatter) prettyWithFlags(value interface{}, flags uint32, depth int) string { +func (f Formatter) prettyWithFlags(value any, flags uint32, depth int) string { if depth > f.opts.MaxLogDepth { return `""` } @@ -614,7 +614,7 @@ func isEmpty(v reflect.Value) bool { return false } -func invokeMarshaler(m logr.Marshaler) (ret interface{}) { +func invokeMarshaler(m logr.Marshaler) (ret any) { defer func() { if r := recover(); r != nil { ret = fmt.Sprintf("", r) @@ -675,12 +675,12 @@ func (f Formatter) caller() Caller { const noValue = "" -func (f Formatter) nonStringKey(v interface{}) string { +func (f Formatter) nonStringKey(v any) string { return fmt.Sprintf("", f.snippet(v)) } // snippet produces a short snippet string of an arbitrary value. -func (f Formatter) snippet(v interface{}) string { +func (f Formatter) snippet(v any) string { const snipLen = 16 snip := f.pretty(v) @@ -693,7 +693,7 @@ func (f Formatter) snippet(v interface{}) string { // sanitize ensures that a list of key-value pairs has a value for every key // (adding a value if needed) and that each key is a string (substituting a key // if needed). -func (f Formatter) sanitize(kvList []interface{}) []interface{} { +func (f Formatter) sanitize(kvList []any) []any { if len(kvList)%2 != 0 { kvList = append(kvList, noValue) } @@ -727,8 +727,8 @@ func (f Formatter) GetDepth() int { // FormatInfo renders an Info log message into strings. The prefix will be // empty when no names were set (via AddNames), or when the output is // configured for JSON. -func (f Formatter) FormatInfo(level int, msg string, kvList []interface{}) (prefix, argsStr string) { - args := make([]interface{}, 0, 64) // using a constant here impacts perf +func (f Formatter) FormatInfo(level int, msg string, kvList []any) (prefix, argsStr string) { + args := make([]any, 0, 64) // using a constant here impacts perf prefix = f.prefix if f.outputFormat == outputJSON { args = append(args, "logger", prefix) @@ -745,10 +745,10 @@ func (f Formatter) FormatInfo(level int, msg string, kvList []interface{}) (pref } // FormatError renders an Error log message into strings. The prefix will be -// empty when no names were set (via AddNames), or when the output is +// empty when no names were set (via AddNames), or when the output is // configured for JSON. -func (f Formatter) FormatError(err error, msg string, kvList []interface{}) (prefix, argsStr string) { - args := make([]interface{}, 0, 64) // using a constant here impacts perf +func (f Formatter) FormatError(err error, msg string, kvList []any) (prefix, argsStr string) { + args := make([]any, 0, 64) // using a constant here impacts perf prefix = f.prefix if f.outputFormat == outputJSON { args = append(args, "logger", prefix) @@ -761,12 +761,12 @@ func (f Formatter) FormatError(err error, msg string, kvList []interface{}) (pre args = append(args, "caller", f.caller()) } args = append(args, "msg", msg) - var loggableErr interface{} + var loggableErr any if err != nil { loggableErr = err.Error() } args = append(args, "error", loggableErr) - return f.prefix, f.render(args, kvList) + return prefix, f.render(args, kvList) } // AddName appends the specified name. funcr uses '/' characters to separate @@ -781,7 +781,7 @@ func (f *Formatter) AddName(name string) { // AddValues adds key-value pairs to the set of saved values to be logged with // each log line. -func (f *Formatter) AddValues(kvList []interface{}) { +func (f *Formatter) AddValues(kvList []any) { // Three slice args forces a copy. n := len(f.values) f.values = append(f.values[:n:n], kvList...) diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go index e027aea3fd38..2a5075a180f4 100644 --- a/vendor/github.com/go-logr/logr/logr.go +++ b/vendor/github.com/go-logr/logr/logr.go @@ -127,9 +127,9 @@ limitations under the License. // such a value can call its methods without having to check whether the // instance is ready for use. // -// Calling methods with the null logger (Logger{}) as instance will crash -// because it has no LogSink. Therefore this null logger should never be passed -// around. For cases where passing a logger is optional, a pointer to Logger +// The zero logger (= Logger{}) is identical to Discard() and discards all log +// entries. Code that receives a Logger by value can simply call it, the methods +// will never crash. For cases where passing a logger is optional, a pointer to Logger // should be used. // // # Key Naming Conventions @@ -258,6 +258,12 @@ type Logger struct { // Enabled tests whether this Logger is enabled. For example, commandline // flags might be used to set the logging verbosity and disable some info logs. func (l Logger) Enabled() bool { + // Some implementations of LogSink look at the caller in Enabled (e.g. + // different verbosity levels per package or file), but we only pass one + // CallDepth in (via Init). This means that all calls from Logger to the + // LogSink's Enabled, Info, and Error methods must have the same number of + // frames. In other words, Logger methods can't call other Logger methods + // which call these LogSink methods unless we do it the same in all paths. return l.sink != nil && l.sink.Enabled(l.level) } @@ -267,11 +273,11 @@ func (l Logger) Enabled() bool { // line. The key/value pairs can then be used to add additional variable // information. The key/value pairs must alternate string keys and arbitrary // values. -func (l Logger) Info(msg string, keysAndValues ...interface{}) { +func (l Logger) Info(msg string, keysAndValues ...any) { if l.sink == nil { return } - if l.Enabled() { + if l.sink.Enabled(l.level) { // see comment in Enabled if withHelper, ok := l.sink.(CallStackHelperLogSink); ok { withHelper.GetCallStackHelper()() } @@ -289,7 +295,7 @@ func (l Logger) Info(msg string, keysAndValues ...interface{}) { // while the err argument should be used to attach the actual error that // triggered this log line, if present. The err parameter is optional // and nil may be passed instead of an error instance. -func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) { +func (l Logger) Error(err error, msg string, keysAndValues ...any) { if l.sink == nil { return } @@ -314,9 +320,16 @@ func (l Logger) V(level int) Logger { return l } +// GetV returns the verbosity level of the logger. If the logger's LogSink is +// nil as in the Discard logger, this will always return 0. +func (l Logger) GetV() int { + // 0 if l.sink nil because of the if check in V above. + return l.level +} + // WithValues returns a new Logger instance with additional key/value pairs. // See Info for documentation on how key/value pairs work. -func (l Logger) WithValues(keysAndValues ...interface{}) Logger { +func (l Logger) WithValues(keysAndValues ...any) Logger { if l.sink == nil { return l } @@ -467,15 +480,15 @@ type LogSink interface { // The level argument is provided for optional logging. This method will // only be called when Enabled(level) is true. See Logger.Info for more // details. - Info(level int, msg string, keysAndValues ...interface{}) + Info(level int, msg string, keysAndValues ...any) // Error logs an error, with the given message and key/value pairs as // context. See Logger.Error for more details. - Error(err error, msg string, keysAndValues ...interface{}) + Error(err error, msg string, keysAndValues ...any) // WithValues returns a new LogSink with additional key/value pairs. See // Logger.WithValues for more details. - WithValues(keysAndValues ...interface{}) LogSink + WithValues(keysAndValues ...any) LogSink // WithName returns a new LogSink with the specified name appended. See // Logger.WithName for more details. @@ -546,5 +559,5 @@ type Marshaler interface { // with exported fields // // It may return any value of any type. - MarshalLog() interface{} + MarshalLog() any } diff --git a/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md b/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md index fea67526e058..102bb529fd5b 100644 --- a/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md +++ b/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md @@ -1,3 +1,15 @@ +## 2.13.1 + +### Fixes +- # 1296 fix(precompiled test guite): exec bit check omitted on Windows (#1301) [26eea01] + +### Maintenance +- Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#1291) [7161a9d] +- Bump golang.org/x/sys from 0.13.0 to 0.14.0 (#1295) [7fc7b10] +- Bump golang.org/x/tools from 0.12.0 to 0.14.0 (#1282) [74bbd65] +- Bump github.com/onsi/gomega from 1.27.10 to 1.29.0 (#1290) [9373633] +- Bump golang.org/x/net in /integration/_fixtures/version_mismatch_fixture (#1286) [6e3cf65] + ## 2.13.0 ### Features diff --git a/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go b/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go index 64dcb1b78c6e..f3ae13bb144c 100644 --- a/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go +++ b/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go @@ -7,6 +7,7 @@ import ( "path" "path/filepath" "regexp" + "runtime" "strings" "github.com/onsi/ginkgo/v2/types" @@ -192,7 +193,7 @@ func precompiledTestSuite(path string) (TestSuite, error) { return TestSuite{}, errors.New("this is not a .test binary") } - if filepath.Ext(path) == ".test" && info.Mode()&0111 == 0 { + if filepath.Ext(path) == ".test" && runtime.GOOS != "windows" && info.Mode()&0111 == 0 { return TestSuite{}, errors.New("this is not executable") } diff --git a/vendor/github.com/onsi/ginkgo/v2/types/version.go b/vendor/github.com/onsi/ginkgo/v2/types/version.go index a37f308286b7..7a794d87a1e1 100644 --- a/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.13.0" +const VERSION = "2.13.1" diff --git a/vendor/modules.txt b/vendor/modules.txt index bbc39112eed4..3c8a8e0f6dca 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -529,8 +529,8 @@ github.com/gin-gonic/gin/render github.com/go-jose/go-jose/v3 github.com/go-jose/go-jose/v3/cipher github.com/go-jose/go-jose/v3/json -# github.com/go-logr/logr v1.2.4 -## explicit; go 1.16 +# github.com/go-logr/logr v1.3.0 +## explicit; go 1.18 github.com/go-logr/logr github.com/go-logr/logr/funcr # github.com/go-logr/stdr v1.2.2 @@ -801,7 +801,7 @@ github.com/nxadm/tail/winfile # github.com/oklog/ulid v1.3.1 ## explicit github.com/oklog/ulid -# github.com/onsi/ginkgo/v2 v2.13.0 +# github.com/onsi/ginkgo/v2 v2.13.1 ## explicit; go 1.18 github.com/onsi/ginkgo/v2 github.com/onsi/ginkgo/v2/config From 6b5b3991214d480ecbd37c5b025c8e7a66cb6ab7 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 9 Nov 2023 07:51:44 -0700 Subject: [PATCH 011/170] CI: e2e: fix a smattering of test bugs that slipped in ...while Ed was napping: - create/run based on remote image: was not actually testing anything - create/run --tls-verify: ditto - run --decryption-key: sort of testing but not really - Fail(), not Skip(), if we can't start registry. - never Skip() halfway through a test: emit a message, and return The Skip-in-the-middle thing deserves to be shouted from the rooftops. Let's please never do that again. Skip() says "this entire test was skipped", which can be misleading to a spelunker trying to track down a problem related to those tests. Also, more minor: - reduce use of port 5000 - rename a confusingly-named test Ref: #11205, #12009 Signed-off-by: Ed Santiago --- test/e2e/create_test.go | 38 ++++++++++++------ test/e2e/run_test.go | 89 +++++++++++++++++++++++++---------------- 2 files changed, 79 insertions(+), 48 deletions(-) diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index b03d12cd4b5a..f9aa0f8bbdbf 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -31,31 +31,43 @@ var _ = Describe("Podman create", func() { }) It("podman create container based on a remote image", func() { - session := podmanTest.Podman([]string{"create", "-q", BB_GLIBC, "ls"}) + session := podmanTest.Podman([]string{"create", BB_GLIBC, "ls"}) session.WaitWithDefaultTimeout() - Expect(session).Should(ExitCleanly()) + Expect(session).Should(Exit(0)) + Expect(session.ErrorToString()).To(ContainSubstring("Trying to pull " + BB_GLIBC)) + Expect(session.ErrorToString()).To(ContainSubstring("Writing manifest to image destination")) + Expect(podmanTest.NumberOfContainers()).To(Equal(1)) }) - It("podman container create container based on a remote image", func() { - containerCreate := podmanTest.Podman([]string{"container", "create", "-q", BB_GLIBC, "ls"}) - containerCreate.WaitWithDefaultTimeout() - Expect(containerCreate).Should(ExitCleanly()) - - lock := GetPortLock("5000") + It("podman container create --tls-verify", func() { + port := "5040" + lock := GetPortLock(port) defer lock.Unlock() - session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", REGISTRY_IMAGE, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", port + ":5000", REGISTRY_IMAGE, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) if !WaitContainerReady(podmanTest, "registry", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry.") } - create := podmanTest.Podman([]string{"container", "create", "--tls-verify=false", ALPINE}) + pushedImage := "localhost:" + port + "/pushed" + strings.ToLower(RandomString(5)) + ":" + RandomString(8) + push := podmanTest.Podman([]string{"push", "--tls-verify=false", ALPINE, pushedImage}) + push.WaitWithDefaultTimeout() + Expect(push).To(Exit(0)) + Expect(push.ErrorToString()).To(ContainSubstring("Writing manifest to image destination")) + + create := podmanTest.Podman([]string{"container", "create", pushedImage}) create.WaitWithDefaultTimeout() - Expect(create).Should(ExitCleanly()) - Expect(podmanTest.NumberOfContainers()).To(Equal(3)) + Expect(create).Should(Exit(125)) + Expect(create.ErrorToString()).To(ContainSubstring("pinging container registry localhost:" + port)) + Expect(create.ErrorToString()).To(ContainSubstring("http: server gave HTTP response to HTTPS client")) + + create = podmanTest.Podman([]string{"create", "--tls-verify=false", pushedImage, "echo", "got here"}) + create.WaitWithDefaultTimeout() + Expect(create).Should(Exit(0)) + Expect(create.ErrorToString()).To(ContainSubstring("Trying to pull " + pushedImage)) }) It("podman create using short options", func() { diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 75f40f422776..713e61829d71 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -4,7 +4,6 @@ import ( "fmt" "net" "os" - "os/exec" "path/filepath" "strconv" "strings" @@ -190,7 +189,7 @@ var _ = Describe("Podman run", func() { Expect(session.OutputToString()).To(ContainSubstring("/etc/hosts")) }) - It("podman create pod with name in /etc/hosts", func() { + It("podman run --name X --hostname Y, both X and Y in /etc/hosts", func() { name := "test_container" hostname := "test_hostname" session := podmanTest.Podman([]string{"run", "--rm", "--name", name, "--hostname", hostname, ALPINE, "cat", "/etc/hosts"}) @@ -201,31 +200,46 @@ var _ = Describe("Podman run", func() { }) It("podman run a container based on remote image", func() { - // Changing session to rsession - rsession := podmanTest.Podman([]string{"run", "-dt", ALPINE, "ls"}) - rsession.WaitWithDefaultTimeout() - Expect(rsession).Should(ExitCleanly()) + // Pick any image that is not in our cache + session := podmanTest.Podman([]string{"run", "-dt", BB_GLIBC, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.ErrorToString()).To(ContainSubstring("Trying to pull " + BB_GLIBC)) + Expect(session.ErrorToString()).To(ContainSubstring("Writing manifest to image destination")) - lock := GetPortLock("5000") + }) + + It("podman run --tls-verify", func() { + // 5000 is marked insecure in registries.conf, so --tls-verify=false + // is a NOP. Pick any other port. + port := "5050" + lock := GetPortLock(port) defer lock.Unlock() - session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", REGISTRY_IMAGE, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", port + ":5000", REGISTRY_IMAGE, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) if !WaitContainerReady(podmanTest, "registry", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry.") } - run := podmanTest.Podman([]string{"run", "--tls-verify=false", ALPINE}) + pushedImage := "localhost:" + port + "/pushed" + strings.ToLower(RandomString(5)) + ":" + RandomString(8) + push := podmanTest.Podman([]string{"push", "--tls-verify=false", ALPINE, pushedImage}) + push.WaitWithDefaultTimeout() + Expect(push).To(Exit(0)) + Expect(push.ErrorToString()).To(ContainSubstring("Writing manifest to image destination")) + + run := podmanTest.Podman([]string{"run", pushedImage, "date"}) run.WaitWithDefaultTimeout() - Expect(run).Should(ExitCleanly()) - Expect(podmanTest.NumberOfContainers()).To(Equal(3)) + Expect(run).Should(Exit(125)) + Expect(run.ErrorToString()).To(ContainSubstring("pinging container registry localhost:" + port)) + Expect(run.ErrorToString()).To(ContainSubstring("http: server gave HTTP response to HTTPS client")) - // Now registries.conf will be consulted where localhost:5000 - // is set to be insecure. - run = podmanTest.Podman([]string{"run", ALPINE}) + run = podmanTest.Podman([]string{"run", "--tls-verify=false", pushedImage, "echo", "got here"}) run.WaitWithDefaultTimeout() - Expect(run).Should(ExitCleanly()) + Expect(run).Should(Exit(0)) + Expect(run.OutputToString()).To(Equal("got here")) + Expect(run.ErrorToString()).To(ContainSubstring("Trying to pull " + pushedImage)) }) It("podman run a container with a --rootfs", func() { @@ -267,14 +281,10 @@ var _ = Describe("Podman run", func() { Expect(stdoutLines).Should(HaveLen(1)) Expect(stdoutLines[0]).Should(Equal(uniqueString)) - SkipIfRemote("External overlay only work locally") - if os.Getenv("container") != "" { - Skip("Overlay mounts not supported when running in a container") - } - if isRootless() { - if _, err := exec.LookPath("fuse-overlayfs"); err != nil { - Skip("Fuse-Overlayfs required for rootless overlay mount test") - } + // The rest of these tests only work locally and not containerized + if IsRemote() || os.Getenv("container") != "" { + GinkgoWriter.Println("Bypassing subsequent tests due to remote or container environment") + return } // Test --rootfs with an external overlay // use --rm to remove container and confirm if we did not leak anything @@ -282,12 +292,14 @@ var _ = Describe("Podman run", func() { "--rootfs", rootfs + ":O", "cat", testFilePath}) osession.WaitWithDefaultTimeout() Expect(osession).Should(ExitCleanly()) + Expect(osession.OutputToString()).To(Equal(uniqueString)) // Test podman start stop with overlay osession = podmanTest.Podman([]string{"run", "--name", "overlay-foo", "--security-opt", "label=disable", "--rootfs", rootfs + ":O", "echo", "hello"}) osession.WaitWithDefaultTimeout() Expect(osession).Should(ExitCleanly()) + Expect(osession.OutputToString()).To(Equal("hello")) osession = podmanTest.Podman([]string{"stop", "overlay-foo"}) osession.WaitWithDefaultTimeout() @@ -304,11 +316,11 @@ var _ = Describe("Podman run", func() { Expect(osession).Should(ExitCleanly()) // Test --rootfs with an external overlay with --uidmap - osession = podmanTest.Podman([]string{"run", "--uidmap", "0:1000:1000", "--rm", "--security-opt", "label=disable", - "--rootfs", rootfs + ":O", "echo", "hello"}) + osession = podmanTest.Podman([]string{"run", "--uidmap", "0:1234:5678", "--rm", "--security-opt", "label=disable", + "--rootfs", rootfs + ":O", "cat", "/proc/self/uid_map"}) osession.WaitWithDefaultTimeout() Expect(osession).Should(ExitCleanly()) - Expect(osession.OutputToString()).To(Equal("hello")) + Expect(osession.OutputToString()).To(Equal("0 1234 5678")) }) It("podman run a container with --init", func() { @@ -597,10 +609,12 @@ var _ = Describe("Podman run", func() { if isRootless() { if os.Getenv("SKIP_USERNS") != "" { - Skip("Skip userns tests.") + GinkgoWriter.Println("Bypassing subsequent tests due to $SKIP_USERNS") + return } if _, err := os.Stat("/proc/self/uid_map"); err != nil { - Skip("User namespaces not supported.") + GinkgoWriter.Println("Bypassing subsequent tests due to no /proc/self/uid_map") + return } session = podmanTest.Podman([]string{"run", "--userns=keep-id", "--cap-add=DAC_OVERRIDE", "--rm", ALPINE, "grep", "CapAmb", "/proc/self/status"}) session.WaitWithDefaultTimeout() @@ -2092,10 +2106,6 @@ WORKDIR /madethis`, BB) podmanTest.AddImageToRWStore(ALPINE) - if isRootless() { - err := podmanTest.RestoreArtifact(REGISTRY_IMAGE) - Expect(err).ToNot(HaveOccurred()) - } lock := GetPortLock("5000") defer lock.Unlock() session := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", REGISTRY_IMAGE, "/entrypoint.sh", "/etc/docker/registry/config.yml"}) @@ -2103,7 +2113,7 @@ WORKDIR /madethis`, BB) Expect(session).Should(ExitCleanly()) if !WaitContainerReady(podmanTest, "registry", "listening on", 20, 1) { - Skip("Cannot start docker registry.") + Fail("Cannot start docker registry.") } bitSize := 1024 @@ -2119,10 +2129,19 @@ WORKDIR /madethis`, BB) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) + // Must fail without --decryption-key + // NOTE: --tls-verify=false not needed, because localhost:5000 is in registries.conf + session = podmanTest.Podman([]string{"run", imgPath}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(125)) + Expect(session.ErrorToString()).To(ContainSubstring("Trying to pull " + imgPath)) + Expect(session.ErrorToString()).To(ContainSubstring("invalid tar header")) + + // With session = podmanTest.Podman([]string{"run", "--decryption-key", privateKeyFileName, imgPath}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - Expect(session.ErrorToString()).To(ContainSubstring("Trying to pull")) + Expect(session.ErrorToString()).To(ContainSubstring("Trying to pull " + imgPath)) }) It("podman run --shm-size-systemd", func() { From d636ce8d7697cee6b4b7d2f81f30b0d42a1f1a71 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 10 Nov 2023 21:57:50 +0100 Subject: [PATCH 012/170] rootless: use functionalities from c/storage Signed-off-by: Giuseppe Scrivano --- pkg/rootless/rootless_linux.go | 70 ++++++++++++---------------------- 1 file changed, 24 insertions(+), 46 deletions(-) diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go index 7b69cf5bf355..d303c8bd0ee5 100644 --- a/pkg/rootless/rootless_linux.go +++ b/pkg/rootless/rootless_linux.go @@ -45,6 +45,23 @@ const ( numSig = 65 // max number of signals ) +func init() { + rootlessUIDInit := int(C.rootless_uid()) + rootlessGIDInit := int(C.rootless_gid()) + if rootlessUIDInit != 0 { + // we need this if we joined the user+mount namespace from the C code. + if err := os.Setenv("_CONTAINERS_USERNS_CONFIGURED", "done"); err != nil { + logrus.Errorf("Failed to set environment variable %s as %s", "_CONTAINERS_USERNS_CONFIGURED", "done") + } + if err := os.Setenv("_CONTAINERS_ROOTLESS_UID", strconv.Itoa(rootlessUIDInit)); err != nil { + logrus.Errorf("Failed to set environment variable %s as %d", "_CONTAINERS_ROOTLESS_UID", rootlessUIDInit) + } + if err := os.Setenv("_CONTAINERS_ROOTLESS_GID", strconv.Itoa(rootlessGIDInit)); err != nil { + logrus.Errorf("Failed to set environment variable %s as %d", "_CONTAINERS_ROOTLESS_GID", rootlessGIDInit) + } + } +} + func runInUser() error { return os.Setenv("_CONTAINERS_USERNS_CONFIGURED", "done") } @@ -56,60 +73,21 @@ var ( // IsRootless tells us if we are running in rootless mode func IsRootless() bool { - isRootlessOnce.Do(func() { - rootlessUIDInit := int(C.rootless_uid()) - rootlessGIDInit := int(C.rootless_gid()) - if rootlessUIDInit != 0 { - // This happens if we joined the user+mount namespace as part of - if err := os.Setenv("_CONTAINERS_USERNS_CONFIGURED", "done"); err != nil { - logrus.Errorf("Failed to set environment variable %s as %s", "_CONTAINERS_USERNS_CONFIGURED", "done") - } - if err := os.Setenv("_CONTAINERS_ROOTLESS_UID", strconv.Itoa(rootlessUIDInit)); err != nil { - logrus.Errorf("Failed to set environment variable %s as %d", "_CONTAINERS_ROOTLESS_UID", rootlessUIDInit) - } - if err := os.Setenv("_CONTAINERS_ROOTLESS_GID", strconv.Itoa(rootlessGIDInit)); err != nil { - logrus.Errorf("Failed to set environment variable %s as %d", "_CONTAINERS_ROOTLESS_GID", rootlessGIDInit) - } - } - isRootless = os.Geteuid() != 0 || os.Getenv("_CONTAINERS_USERNS_CONFIGURED") != "" - if !isRootless { - hasCapSysAdmin, err := unshare.HasCapSysAdmin() - if err != nil { - logrus.Warnf("Failed to read CAP_SYS_ADMIN presence for the current process") - } - if err == nil && !hasCapSysAdmin { - isRootless = true - } - } - }) - return isRootless + // unshare.IsRootless() is used to check if a user namespace is required. + // Here we need to make sure that nested podman instances act + // as if they have root privileges and pick paths on the host + // that would normally be used for root. + return unshare.IsRootless() && unshare.GetRootlessUID() > 0 } // GetRootlessUID returns the UID of the user in the parent userNS func GetRootlessUID() int { - uidEnv := os.Getenv("_CONTAINERS_ROOTLESS_UID") - if uidEnv != "" { - u, _ := strconv.Atoi(uidEnv) - return u - } - return os.Geteuid() + return unshare.GetRootlessUID() } // GetRootlessGID returns the GID of the user in the parent userNS func GetRootlessGID() int { - gidEnv := os.Getenv("_CONTAINERS_ROOTLESS_GID") - if gidEnv != "" { - u, _ := strconv.Atoi(gidEnv) - return u - } - - /* If the _CONTAINERS_ROOTLESS_UID is set, assume the gid==uid. */ - uidEnv := os.Getenv("_CONTAINERS_ROOTLESS_UID") - if uidEnv != "" { - u, _ := strconv.Atoi(uidEnv) - return u - } - return os.Getegid() + return unshare.GetRootlessGID() } func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) error { From 5e0471ba7f7b6e2c4da3d5f2fea96e27f82bc10c Mon Sep 17 00:00:00 2001 From: Sam Peterson Date: Fri, 10 Nov 2023 15:35:35 -0600 Subject: [PATCH 013/170] set RLIMIT_NOFILE soft limit to match the hard limit on mac [NO NEW TESTS NEEDED] Signed-off-by: Sam Peterson --- cmd/podman/early_init_darwin.go | 28 ++++++++++++++++++++++++++++ cmd/podman/early_init_unsupported.go | 4 ++-- 2 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 cmd/podman/early_init_darwin.go diff --git a/cmd/podman/early_init_darwin.go b/cmd/podman/early_init_darwin.go new file mode 100644 index 000000000000..b21c23e182a3 --- /dev/null +++ b/cmd/podman/early_init_darwin.go @@ -0,0 +1,28 @@ +package main + +import ( + "fmt" + "os" + "syscall" +) + +func setRLimitsNoFile() error { + var rLimitNoFile syscall.Rlimit + if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rLimitNoFile); err != nil { + return fmt.Errorf("getting RLIMITS_NOFILE: %w", err) + } + err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &syscall.Rlimit{ + Max: rLimitNoFile.Max, + Cur: rLimitNoFile.Max, + }) + if err != nil { + return fmt.Errorf("setting new RLIMITS_NOFILE: %w", err) + } + return nil +} + +func earlyInitHook() { + if err := setRLimitsNoFile(); err != nil { + fmt.Fprintf(os.Stderr, "Failed to set RLIMITS_NOFILE: %s\n", err.Error()) + } +} diff --git a/cmd/podman/early_init_unsupported.go b/cmd/podman/early_init_unsupported.go index 55bb0906f938..2af3157b40e1 100644 --- a/cmd/podman/early_init_unsupported.go +++ b/cmd/podman/early_init_unsupported.go @@ -1,5 +1,5 @@ -//go:build !linux -// +build !linux +//go:build !linux && !darwin +// +build !linux,!darwin package main From bd375058cf03f11750f598465920f84a08812bf5 Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Sun, 12 Nov 2023 10:10:42 +0200 Subject: [PATCH 014/170] Quadlet test - add case for multi = sign in mount Signed-off-by: Ygal Blum --- test/e2e/quadlet/mount.container | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/e2e/quadlet/mount.container b/test/e2e/quadlet/mount.container index aaf149812331..5e16aebc99f7 100644 --- a/test/e2e/quadlet/mount.container +++ b/test/e2e/quadlet/mount.container @@ -24,3 +24,5 @@ Mount=type=bind,source=./path/on/host,destination=/path/in/container Mount=type=volume,source=vol1,destination=/path/in/container,ro ## assert-podman-args-key-val "--mount" "," "type=bind,source=/tmp,\"dst=/path,1\"" Mount=type=bind,src=/tmp,\"dst=/path,1\" +## assert-podman-args-key-val-regex "--mount" "," "type=bind,source=.*/podman_test.*/quadlet/src,destination=/dst/,idmap=uids=12-34-1;gids=56-78-1" +Mount=type=bind,source=./src/,destination=/dst/,idmap=uids=12-34-1;gids=56-78-1 From 6fa4a975c6eefd6e87dda051e90554a5aa799525 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 13 Nov 2023 17:05:28 +0530 Subject: [PATCH 015/170] [CI:BUILD] packit: handle builds for RC releases The `version_no_tilde` rpm macro correctly handles both `vX.Y.Z` and `vX.Y.Z-rcN` git tags. Using this macro instead of `version` will soon allow Packit to handle RC builds correctly. Accompanying change in Packit to land soon: https://github.com/packit/packit/pull/2149 [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar --- rpm/podman.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rpm/podman.spec b/rpm/podman.spec index 3d2f8904ef67..be99d282c680 100644 --- a/rpm/podman.spec +++ b/rpm/podman.spec @@ -75,7 +75,7 @@ ExclusiveArch: aarch64 ppc64le s390x x86_64 Summary: Manage Pods, Containers and Container Images URL: https://%{name}.io/ # All SourceN files fetched from upstream -Source0: %{git0}/archive/v%{version}.tar.gz +Source0: %{git0}/archive/v%{version_no_tilde}.tar.gz Source1: %{git_plugins}/archive/%{commit_plugins}/%{repo_plugins}-%{commit_plugins}.tar.gz Provides: %{name}-manpages = %{epoch}:%{version}-%{release} BuildRequires: %{_bindir}/envsubst @@ -208,7 +208,7 @@ It is a symlink to %{_bindir}/%{name} and execs into the `%{name}sh` container when `%{_bindir}/%{name}sh` is set as a login shell or set as os.Args[0]. %prep -%autosetup -Sgit -n %{name}-%{version} +%autosetup -Sgit -n %{name}-%{version_no_tilde} sed -i 's;@@PODMAN@@\;$(BINDIR);@@PODMAN@@\;%{_bindir};' Makefile # These changes are only meant for copr builds From e1f3ae0d8d8e3b56137e92c2a40ea243de59cc22 Mon Sep 17 00:00:00 2001 From: Joshua Beighton <83010264+JoshuaBeighton@users.noreply.github.com> Date: Mon, 13 Nov 2023 13:34:44 +0000 Subject: [PATCH 016/170] Update podman-stats.1.md.in Signed-off-by: Joshua Beighton <83010264+JoshuaBeighton@users.noreply.github.com> --- docs/source/markdown/podman-stats.1.md.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/markdown/podman-stats.1.md.in b/docs/source/markdown/podman-stats.1.md.in index 5bd470f7b77c..fab3a161924b 100644 --- a/docs/source/markdown/podman-stats.1.md.in +++ b/docs/source/markdown/podman-stats.1.md.in @@ -58,7 +58,7 @@ Valid placeholders for the Go template are listed below: | .PIDS | Number of PIDs (yes, we know it's a dup) | | .SystemNano | Current system datetime, nanoseconds since epoch | | .Up | Duration (CPUNano), in human-readable form | -| .UpTime | Same as UpTime | +| .UpTime | Same as Up | [1] Cgroups V1 only From 047da19b5f6ce5237cbc0272c47431027dfd8c13 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Mon, 13 Nov 2023 06:27:34 -0700 Subject: [PATCH 017/170] (Temporary) Emergency CI fix: quay search is broken Someone please revert this once quay search is fixed. Signed-off-by: Ed Santiago --- pkg/bindings/test/images_test.go | 2 +- test/e2e/search_test.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/bindings/test/images_test.go b/pkg/bindings/test/images_test.go index 43496bfa9774..e607f71dfd92 100644 --- a/pkg/bindings/test/images_test.go +++ b/pkg/bindings/test/images_test.go @@ -350,7 +350,7 @@ var _ = Describe("Podman images", func() { } // Search with a fqdn - reports, err = images.Search(bt.conn, "quay.io/libpod/alpine_nginx", nil) + reports, err = images.Search(bt.conn, "quay.io/podman/stable", nil) Expect(err).ToNot(HaveOccurred(), "Error in images.Search()") Expect(reports).ToNot(BeEmpty()) }) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 981e1adc4bd0..0c9afd500f2b 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -58,16 +58,16 @@ registries = []` }) It("podman search image with description", func() { - search := podmanTest.Podman([]string{"search", "quay.io/libpod/whalesay"}) + search := podmanTest.Podman([]string{"search", "quay.io/podman/stable"}) search.WaitWithDefaultTimeout() Expect(search).Should(ExitCleanly()) output := string(search.Out.Contents()) Expect(output).To(MatchRegexp(`(?m)NAME\s+DESCRIPTION$`)) - Expect(output).To(MatchRegexp(`(?m)quay.io/libpod/whalesay\s+Static image used for automated testing.+$`)) + Expect(output).To(MatchRegexp(`(?m)quay.io/podman/stable\s+.*PODMAN logo`)) }) It("podman search image with --compatible", func() { - search := podmanTest.Podman([]string{"search", "--compatible", "quay.io/libpod/whalesay"}) + search := podmanTest.Podman([]string{"search", "--compatible", "quay.io/podman/stable"}) search.WaitWithDefaultTimeout() Expect(search).Should(ExitCleanly()) output := string(search.Out.Contents()) From 5dc807487f7c356967269def7e3f39a64fbb143b Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Sat, 11 Nov 2023 06:26:18 -0500 Subject: [PATCH 018/170] Pass secrets from the host down to internal podman containers This change will allow RHEL subscriptions from the host to flow to internal containers. Fixes: https://github.com/containers/common/issues/1735 Signed-off-by: Daniel J Walsh --- contrib/podmanimage/stable/Containerfile | 3 +++ contrib/podmanimage/testing/Containerfile | 3 +++ contrib/podmanimage/upstream/Containerfile | 3 +++ 3 files changed, 9 insertions(+) diff --git a/contrib/podmanimage/stable/Containerfile b/contrib/podmanimage/stable/Containerfile index eef779256148..fa776ead1785 100644 --- a/contrib/podmanimage/stable/Containerfile +++ b/contrib/podmanimage/stable/Containerfile @@ -41,6 +41,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \ /usr/share/containers/storage.conf \ > /etc/containers/storage.conf +# Setup internal Podman to pass subscriptions down from host to internal container +RUN printf '/run/secrets/etc-pki-entitlement:/run/secrets/etc-pki-entitlement\n/run/secrets/rhsm:/run/secrets/rhsm\n' > /etc/containers/mounts.conf + # Note VOLUME options must always happen after the chown call above # RUN commands can not modify existing volumes VOLUME /var/lib/containers diff --git a/contrib/podmanimage/testing/Containerfile b/contrib/podmanimage/testing/Containerfile index 14b141a330e9..da9f74020304 100644 --- a/contrib/podmanimage/testing/Containerfile +++ b/contrib/podmanimage/testing/Containerfile @@ -40,6 +40,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \ /usr/share/containers/storage.conf \ > /etc/containers/storage.conf +# Setup internal Podman to pass secrets/subscriptions down from host to internal container +RUN printf '/run/secrets/etc-pki-entitlement:/run/secrets/etc-pki-entitlement\n/run/secrets/rhsm:/run/secrets/rhsm\n' > /etc/containers/mounts.conf + # Note VOLUME options must always happen after the chown call above # RUN commands can not modify existing volumes VOLUME /var/lib/containers diff --git a/contrib/podmanimage/upstream/Containerfile b/contrib/podmanimage/upstream/Containerfile index 6490d242f0db..d5ddef106e3a 100644 --- a/contrib/podmanimage/upstream/Containerfile +++ b/contrib/podmanimage/upstream/Containerfile @@ -47,6 +47,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \ /usr/share/containers/storage.conf \ > /etc/containers/storage.conf +# Setup internal Podman to pass secrets/subscriptions down from host to internal container +RUN printf '/run/secrets/etc-pki-entitlement:/run/secrets/etc-pki-entitlement\n/run/secrets/rhsm:/run/secrets/rhsm\n' > /etc/containers/mounts.conf + # Note VOLUME options must always happen after the chown call above # RUN commands can not modify existing volumes VOLUME /var/lib/containers From 49b152f4988ff139270e0a29ae480f91b733aabf Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Mon, 13 Nov 2023 17:15:26 +0100 Subject: [PATCH 019/170] docs: fix relabeling command Signed-off-by: Andreas Gerstmayr --- docs/source/markdown/options/volume.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/markdown/options/volume.md b/docs/source/markdown/options/volume.md index 90588ae92e92..fa1dea70b838 100644 --- a/docs/source/markdown/options/volume.md +++ b/docs/source/markdown/options/volume.md @@ -86,7 +86,7 @@ on each file, if the volume has thousands of inodes, this process takes a long time, delaying the start of the <>. If the volume was previously relabeled with the `z` option, Podman is optimized to not relabel a second time. If files are moved into the volume, then the labels can be -manually change with the `chcon -R container_file_t PATH` command. +manually change with the `chcon -Rt container_file_t PATH` command. Note: Do not relabel system files and directories. Relabeling system content might cause other confined services on the machine to fail. For these types From 669829447a8dccf33a9fa2141ce8c0bf5daec824 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 13 Nov 2023 17:03:40 +0000 Subject: [PATCH 020/170] fix(deps): update module github.com/gorilla/handlers to v1.5.2 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 5 +-- .../github.com/gorilla/handlers/.editorconfig | 20 +++++++++ vendor/github.com/gorilla/handlers/.gitignore | 2 + vendor/github.com/gorilla/handlers/LICENSE | 39 ++++++++++-------- vendor/github.com/gorilla/handlers/Makefile | 34 +++++++++++++++ vendor/github.com/gorilla/handlers/README.md | 8 ++-- .../github.com/gorilla/handlers/canonical.go | 9 ++-- .../github.com/gorilla/handlers/compress.go | 8 ++-- vendor/github.com/gorilla/handlers/cors.go | 41 +++++++++---------- .../github.com/gorilla/handlers/handlers.go | 15 ++++--- vendor/github.com/gorilla/handlers/logging.go | 32 ++++++++------- .../gorilla/handlers/proxy_headers.go | 16 ++++---- .../github.com/gorilla/handlers/recovery.go | 22 +++++----- vendor/modules.txt | 4 +- 15 files changed, 160 insertions(+), 97 deletions(-) create mode 100644 vendor/github.com/gorilla/handlers/.editorconfig create mode 100644 vendor/github.com/gorilla/handlers/.gitignore create mode 100644 vendor/github.com/gorilla/handlers/Makefile diff --git a/go.mod b/go.mod index 7009f0db3d80..3ac4dab1e4f8 100644 --- a/go.mod +++ b/go.mod @@ -34,7 +34,7 @@ require ( github.com/google/gofuzz v1.2.0 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 github.com/google/uuid v1.4.0 - github.com/gorilla/handlers v1.5.1 + github.com/gorilla/handlers v1.5.2 github.com/gorilla/mux v1.8.1 github.com/gorilla/schema v1.2.0 github.com/hashicorp/go-multierror v1.1.1 diff --git a/go.sum b/go.sum index cda822d20441..719bec5c36fb 100644 --- a/go.sum +++ b/go.sum @@ -380,7 +380,6 @@ github.com/facebookgo/clock v0.0.0-20150410010913-600d898af40a h1:yDWHCSQ40h88yi github.com/facebookgo/limitgroup v0.0.0-20150612190941-6abd8d71ec01 h1:IeaD1VDVBPlx3viJT9Md8if8IxxJnO+x0JCGb054heg= github.com/facebookgo/muster v0.0.0-20150708232844-fd3d7953fd52 h1:a4DFiKFJiDRGFD1qIcqGLX/WlUMD9dyLSLDt+9QZgt8= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= @@ -610,8 +609,8 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= -github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= +github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= +github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= diff --git a/vendor/github.com/gorilla/handlers/.editorconfig b/vendor/github.com/gorilla/handlers/.editorconfig new file mode 100644 index 000000000000..c6b74c3e0d0c --- /dev/null +++ b/vendor/github.com/gorilla/handlers/.editorconfig @@ -0,0 +1,20 @@ +; https://editorconfig.org/ + +root = true + +[*] +insert_final_newline = true +charset = utf-8 +trim_trailing_whitespace = true +indent_style = space +indent_size = 2 + +[{Makefile,go.mod,go.sum,*.go,.gitmodules}] +indent_style = tab +indent_size = 4 + +[*.md] +indent_size = 4 +trim_trailing_whitespace = false + +eclint_indent_style = unset \ No newline at end of file diff --git a/vendor/github.com/gorilla/handlers/.gitignore b/vendor/github.com/gorilla/handlers/.gitignore new file mode 100644 index 000000000000..577a89e81383 --- /dev/null +++ b/vendor/github.com/gorilla/handlers/.gitignore @@ -0,0 +1,2 @@ +# Output of the go test coverage tool +coverage.coverprofile diff --git a/vendor/github.com/gorilla/handlers/LICENSE b/vendor/github.com/gorilla/handlers/LICENSE index 66ea3c8ae714..bb9d80bc9b6b 100644 --- a/vendor/github.com/gorilla/handlers/LICENSE +++ b/vendor/github.com/gorilla/handlers/LICENSE @@ -1,22 +1,27 @@ -Copyright (c) 2013 The Gorilla Handlers Authors. All rights reserved. +Copyright (c) 2023 The Gorilla Authors. All rights reserved. Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: +modification, are permitted provided that the following conditions are +met: - Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. - Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/gorilla/handlers/Makefile b/vendor/github.com/gorilla/handlers/Makefile new file mode 100644 index 000000000000..003b784f7edb --- /dev/null +++ b/vendor/github.com/gorilla/handlers/Makefile @@ -0,0 +1,34 @@ +GO_LINT=$(shell which golangci-lint 2> /dev/null || echo '') +GO_LINT_URI=github.com/golangci/golangci-lint/cmd/golangci-lint@latest + +GO_SEC=$(shell which gosec 2> /dev/null || echo '') +GO_SEC_URI=github.com/securego/gosec/v2/cmd/gosec@latest + +GO_VULNCHECK=$(shell which govulncheck 2> /dev/null || echo '') +GO_VULNCHECK_URI=golang.org/x/vuln/cmd/govulncheck@latest + +.PHONY: verify +verify: sec govulncheck lint test + +.PHONY: lint +lint: + $(if $(GO_LINT), ,go install $(GO_LINT_URI)) + @echo "##### Running golangci-lint #####" + golangci-lint run -v + +.PHONY: sec +sec: + $(if $(GO_SEC), ,go install $(GO_SEC_URI)) + @echo "##### Running gosec #####" + gosec ./... + +.PHONY: govulncheck +govulncheck: + $(if $(GO_VULNCHECK), ,go install $(GO_VULNCHECK_URI)) + @echo "##### Running govulncheck #####" + govulncheck ./... + +.PHONY: test +test: + @echo "##### Running tests #####" + go test -race -cover -coverprofile=coverage.coverprofile -covermode=atomic -v ./... diff --git a/vendor/github.com/gorilla/handlers/README.md b/vendor/github.com/gorilla/handlers/README.md index 6eba66bf3027..02555b2642c5 100644 --- a/vendor/github.com/gorilla/handlers/README.md +++ b/vendor/github.com/gorilla/handlers/README.md @@ -1,10 +1,10 @@ -gorilla/handlers -================ +# gorilla/handlers + +![Testing](https://github.com/gorilla/handlers/actions/workflows/test.yml/badge.svg) +[![Codecov](https://codecov.io/github/gorilla/handlers/branch/main/graph/badge.svg)](https://codecov.io/github/gorilla/handlers) [![GoDoc](https://godoc.org/github.com/gorilla/handlers?status.svg)](https://godoc.org/github.com/gorilla/handlers) -[![CircleCI](https://circleci.com/gh/gorilla/handlers.svg?style=svg)](https://circleci.com/gh/gorilla/handlers) [![Sourcegraph](https://sourcegraph.com/github.com/gorilla/handlers/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/handlers?badge) - Package handlers is a collection of handlers (aka "HTTP middleware") for use with Go's `net/http` package (or any framework supporting `http.Handler`), including: diff --git a/vendor/github.com/gorilla/handlers/canonical.go b/vendor/github.com/gorilla/handlers/canonical.go index 8437fefc1ef6..7121f5307bec 100644 --- a/vendor/github.com/gorilla/handlers/canonical.go +++ b/vendor/github.com/gorilla/handlers/canonical.go @@ -21,12 +21,11 @@ type canonical struct { // // Example: // -// r := mux.NewRouter() -// canonical := handlers.CanonicalHost("http://www.gorillatoolkit.org", 302) -// r.HandleFunc("/route", YourHandler) -// -// log.Fatal(http.ListenAndServe(":7000", canonical(r))) +// r := mux.NewRouter() +// canonical := handlers.CanonicalHost("http://www.gorillatoolkit.org", 302) +// r.HandleFunc("/route", YourHandler) // +// log.Fatal(http.ListenAndServe(":7000", canonical(r))) func CanonicalHost(domain string, code int) func(h http.Handler) http.Handler { fn := func(h http.Handler) http.Handler { return canonical{h, domain, code} diff --git a/vendor/github.com/gorilla/handlers/compress.go b/vendor/github.com/gorilla/handlers/compress.go index 1e95f1ccbfa5..d6f589503b5e 100644 --- a/vendor/github.com/gorilla/handlers/compress.go +++ b/vendor/github.com/gorilla/handlers/compress.go @@ -44,13 +44,13 @@ type flusher interface { Flush() error } -func (w *compressResponseWriter) Flush() { +func (cw *compressResponseWriter) Flush() { // Flush compressed data if compressor supports it. - if f, ok := w.compressor.(flusher); ok { - f.Flush() + if f, ok := cw.compressor.(flusher); ok { + _ = f.Flush() } // Flush HTTP response. - if f, ok := w.w.(http.Flusher); ok { + if f, ok := cw.w.(http.Flusher); ok { f.Flush() } } diff --git a/vendor/github.com/gorilla/handlers/cors.go b/vendor/github.com/gorilla/handlers/cors.go index 0dcdffb3d32e..8af9c096e5e4 100644 --- a/vendor/github.com/gorilla/handlers/cors.go +++ b/vendor/github.com/gorilla/handlers/cors.go @@ -26,14 +26,14 @@ type cors struct { type OriginValidator func(string) bool var ( - defaultCorsOptionStatusCode = 200 - defaultCorsMethods = []string{"GET", "HEAD", "POST"} + defaultCorsOptionStatusCode = http.StatusOK + defaultCorsMethods = []string{http.MethodGet, http.MethodHead, http.MethodPost} defaultCorsHeaders = []string{"Accept", "Accept-Language", "Content-Language", "Origin"} - // (WebKit/Safari v9 sends the Origin header by default in AJAX requests) + // (WebKit/Safari v9 sends the Origin header by default in AJAX requests). ) const ( - corsOptionMethod string = "OPTIONS" + corsOptionMethod string = http.MethodOptions corsAllowOriginHeader string = "Access-Control-Allow-Origin" corsExposeHeadersHeader string = "Access-Control-Expose-Headers" corsMaxAgeHeader string = "Access-Control-Max-Age" @@ -101,10 +101,8 @@ func (ch *cors) ServeHTTP(w http.ResponseWriter, r *http.Request) { if !ch.isMatch(method, defaultCorsMethods) { w.Header().Set(corsAllowMethodsHeader, method) } - } else { - if len(ch.exposedHeaders) > 0 { - w.Header().Set(corsExposeHeadersHeader, strings.Join(ch.exposedHeaders, ",")) - } + } else if len(ch.exposedHeaders) > 0 { + w.Header().Set(corsExposeHeadersHeader, strings.Join(ch.exposedHeaders, ",")) } if ch.allowCredentials { @@ -141,22 +139,21 @@ func (ch *cors) ServeHTTP(w http.ResponseWriter, r *http.Request) { // CORS provides Cross-Origin Resource Sharing middleware. // Example: // -// import ( -// "net/http" -// -// "github.com/gorilla/handlers" -// "github.com/gorilla/mux" -// ) +// import ( +// "net/http" // -// func main() { -// r := mux.NewRouter() -// r.HandleFunc("/users", UserEndpoint) -// r.HandleFunc("/projects", ProjectEndpoint) +// "github.com/gorilla/handlers" +// "github.com/gorilla/mux" +// ) // -// // Apply the CORS middleware to our top-level router, with the defaults. -// http.ListenAndServe(":8000", handlers.CORS()(r)) -// } +// func main() { +// r := mux.NewRouter() +// r.HandleFunc("/users", UserEndpoint) +// r.HandleFunc("/projects", ProjectEndpoint) // +// // Apply the CORS middleware to our top-level router, with the defaults. +// http.ListenAndServe(":8000", handlers.CORS()(r)) +// } func CORS(opts ...CORSOption) func(http.Handler) http.Handler { return func(h http.Handler) http.Handler { ch := parseCORSOptions(opts...) @@ -174,7 +171,7 @@ func parseCORSOptions(opts ...CORSOption) *cors { } for _, option := range opts { - option(ch) + _ = option(ch) //TODO: @bharat-rajani, return error to caller if not nil? } return ch diff --git a/vendor/github.com/gorilla/handlers/handlers.go b/vendor/github.com/gorilla/handlers/handlers.go index 0509482ad7a3..9b92fce3333e 100644 --- a/vendor/github.com/gorilla/handlers/handlers.go +++ b/vendor/github.com/gorilla/handlers/handlers.go @@ -35,7 +35,7 @@ func (h MethodHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { } sort.Strings(allow) w.Header().Set("Allow", strings.Join(allow, ", ")) - if req.Method == "OPTIONS" { + if req.Method == http.MethodOptions { w.WriteHeader(http.StatusOK) } else { http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) @@ -44,7 +44,7 @@ func (h MethodHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { } // responseLogger is wrapper of http.ResponseWriter that keeps track of its HTTP -// status code and body size +// status code and body size. type responseLogger struct { w http.ResponseWriter status int @@ -97,7 +97,7 @@ func isContentType(h http.Header, contentType string) bool { // Only PUT, POST, and PATCH requests are considered. func ContentTypeHandler(h http.Handler, contentTypes ...string) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if !(r.Method == "PUT" || r.Method == "POST" || r.Method == "PATCH") { + if !(r.Method == http.MethodPut || r.Method == http.MethodPost || r.Method == http.MethodPatch) { h.ServeHTTP(w, r) return } @@ -108,7 +108,10 @@ func ContentTypeHandler(h http.Handler, contentTypes ...string) http.Handler { return } } - http.Error(w, fmt.Sprintf("Unsupported content type %q; expected one of %q", r.Header.Get("Content-Type"), contentTypes), http.StatusUnsupportedMediaType) + http.Error(w, fmt.Sprintf("Unsupported content type %q; expected one of %q", + r.Header.Get("Content-Type"), + contentTypes), + http.StatusUnsupportedMediaType) }) } @@ -133,12 +136,12 @@ const ( // Form method takes precedence over header method. func HTTPMethodOverrideHandler(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { + if r.Method == http.MethodPost { om := r.FormValue(HTTPMethodOverrideFormKey) if om == "" { om = r.Header.Get(HTTPMethodOverrideHeader) } - if om == "PUT" || om == "PATCH" || om == "DELETE" { + if om == http.MethodPut || om == http.MethodPatch || om == http.MethodDelete { r.Method = om } } diff --git a/vendor/github.com/gorilla/handlers/logging.go b/vendor/github.com/gorilla/handlers/logging.go index 228465eba003..2badb6fbff84 100644 --- a/vendor/github.com/gorilla/handlers/logging.go +++ b/vendor/github.com/gorilla/handlers/logging.go @@ -18,7 +18,7 @@ import ( // Logging -// LogFormatterParams is the structure any formatter will be handed when time to log comes +// LogFormatterParams is the structure any formatter will be handed when time to log comes. type LogFormatterParams struct { Request *http.Request URL url.URL @@ -27,7 +27,7 @@ type LogFormatterParams struct { Size int } -// LogFormatter gives the signature of the formatter function passed to CustomLoggingHandler +// LogFormatter gives the signature of the formatter function passed to CustomLoggingHandler. type LogFormatter func(writer io.Writer, params LogFormatterParams) // loggingHandler is the http.Handler implementation for LoggingHandlerTo and its @@ -46,7 +46,10 @@ func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { h.handler.ServeHTTP(w, req) if req.MultipartForm != nil { - req.MultipartForm.RemoveAll() + err := req.MultipartForm.RemoveAll() + if err != nil { + return + } } params := LogFormatterParams{ @@ -76,7 +79,7 @@ const lowerhex = "0123456789abcdef" func appendQuoted(buf []byte, s string) []byte { var runeTmp [utf8.UTFMax]byte - for width := 0; len(s) > 0; s = s[width:] { + for width := 0; len(s) > 0; s = s[width:] { //nolint: wastedassign //TODO: why width starts from 0and reassigned as 1 r := rune(s[0]) width = 1 if r >= utf8.RuneSelf { @@ -191,7 +194,7 @@ func buildCommonLogLine(req *http.Request, url url.URL, ts time.Time, status int func writeLog(writer io.Writer, params LogFormatterParams) { buf := buildCommonLogLine(params.Request, params.URL, params.TimeStamp, params.StatusCode, params.Size) buf = append(buf, '\n') - writer.Write(buf) + _, _ = writer.Write(buf) } // writeCombinedLog writes a log entry for req to w in Apache Combined Log Format. @@ -204,7 +207,7 @@ func writeCombinedLog(writer io.Writer, params LogFormatterParams) { buf = append(buf, `" "`...) buf = appendQuoted(buf, params.Request.UserAgent()) buf = append(buf, '"', '\n') - writer.Write(buf) + _, _ = writer.Write(buf) } // CombinedLoggingHandler return a http.Handler that wraps h and logs requests to out in @@ -212,7 +215,7 @@ func writeCombinedLog(writer io.Writer, params LogFormatterParams) { // // See http://httpd.apache.org/docs/2.2/logs.html#combined for a description of this format. // -// LoggingHandler always sets the ident field of the log to - +// LoggingHandler always sets the ident field of the log to -. func CombinedLoggingHandler(out io.Writer, h http.Handler) http.Handler { return loggingHandler{out, h, writeCombinedLog} } @@ -226,19 +229,18 @@ func CombinedLoggingHandler(out io.Writer, h http.Handler) http.Handler { // // Example: // -// r := mux.NewRouter() -// r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { -// w.Write([]byte("This is a catch-all route")) -// }) -// loggedRouter := handlers.LoggingHandler(os.Stdout, r) -// http.ListenAndServe(":1123", loggedRouter) -// +// r := mux.NewRouter() +// r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { +// w.Write([]byte("This is a catch-all route")) +// }) +// loggedRouter := handlers.LoggingHandler(os.Stdout, r) +// http.ListenAndServe(":1123", loggedRouter) func LoggingHandler(out io.Writer, h http.Handler) http.Handler { return loggingHandler{out, h, writeLog} } // CustomLoggingHandler provides a way to supply a custom log formatter -// while taking advantage of the mechanisms in this package +// while taking advantage of the mechanisms in this package. func CustomLoggingHandler(out io.Writer, h http.Handler, f LogFormatter) http.Handler { return loggingHandler{out, h, f} } diff --git a/vendor/github.com/gorilla/handlers/proxy_headers.go b/vendor/github.com/gorilla/handlers/proxy_headers.go index ed939dcef5d2..281d753e95a2 100644 --- a/vendor/github.com/gorilla/handlers/proxy_headers.go +++ b/vendor/github.com/gorilla/handlers/proxy_headers.go @@ -18,7 +18,7 @@ var ( var ( // RFC7239 defines a new "Forwarded: " header designed to replace the // existing use of X-Forwarded-* headers. - // e.g. Forwarded: for=192.0.2.60;proto=https;by=203.0.113.43 + // e.g. Forwarded: for=192.0.2.60;proto=https;by=203.0.113.43. forwarded = http.CanonicalHeaderKey("Forwarded") // Allows for a sub-match of the first value after 'for=' to the next // comma, semi-colon or space. The match is case-insensitive. @@ -67,7 +67,9 @@ func ProxyHeaders(h http.Handler) http.Handler { func getIP(r *http.Request) string { var addr string - if fwd := r.Header.Get(xForwardedFor); fwd != "" { + switch { + case r.Header.Get(xForwardedFor) != "": + fwd := r.Header.Get(xForwardedFor) // Only grab the first (client) address. Note that '192.168.0.1, // 10.1.1.1' is a valid key for X-Forwarded-For where addresses after // the first may represent forwarding proxies earlier in the chain. @@ -76,17 +78,15 @@ func getIP(r *http.Request) string { s = len(fwd) } addr = fwd[:s] - } else if fwd := r.Header.Get(xRealIP); fwd != "" { - // X-Real-IP should only contain one IP address (the client making the - // request). - addr = fwd - } else if fwd := r.Header.Get(forwarded); fwd != "" { + case r.Header.Get(xRealIP) != "": + addr = r.Header.Get(xRealIP) + case r.Header.Get(forwarded) != "": // match should contain at least two elements if the protocol was // specified in the Forwarded header. The first element will always be // the 'for=' capture, which we ignore. In the case of multiple IP // addresses (for=8.8.8.8, 8.8.4.4,172.16.1.20 is valid) we only // extract the first, which should be the client IP. - if match := forRegex.FindStringSubmatch(fwd); len(match) > 1 { + if match := forRegex.FindStringSubmatch(r.Header.Get(forwarded)); len(match) > 1 { // IPv6 addresses in Forwarded headers are quoted-strings. We strip // these quotes. addr = strings.Trim(match[1], `"`) diff --git a/vendor/github.com/gorilla/handlers/recovery.go b/vendor/github.com/gorilla/handlers/recovery.go index 4c4c1d9c6cef..0d4f955ecbda 100644 --- a/vendor/github.com/gorilla/handlers/recovery.go +++ b/vendor/github.com/gorilla/handlers/recovery.go @@ -36,12 +36,12 @@ func parseRecoveryOptions(h http.Handler, opts ...RecoveryOption) http.Handler { // // Example: // -// r := mux.NewRouter() -// r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { -// panic("Unexpected error!") -// }) +// r := mux.NewRouter() +// r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { +// panic("Unexpected error!") +// }) // -// http.ListenAndServe(":1123", handlers.RecoveryHandler()(r)) +// http.ListenAndServe(":1123", handlers.RecoveryHandler()(r)) func RecoveryHandler(opts ...RecoveryOption) func(h http.Handler) http.Handler { return func(h http.Handler) http.Handler { r := &recoveryHandler{handler: h} @@ -50,20 +50,22 @@ func RecoveryHandler(opts ...RecoveryOption) func(h http.Handler) http.Handler { } // RecoveryLogger is a functional option to override -// the default logger +// the default logger. func RecoveryLogger(logger RecoveryHandlerLogger) RecoveryOption { return func(h http.Handler) { - r := h.(*recoveryHandler) + r := h.(*recoveryHandler) //nolint:errcheck //TODO: + // @bharat-rajani should return type-assertion error but would break the API? r.logger = logger } } // PrintRecoveryStack is a functional option to enable // or disable printing stack traces on panic. -func PrintRecoveryStack(print bool) RecoveryOption { +func PrintRecoveryStack(shouldPrint bool) RecoveryOption { return func(h http.Handler) { - r := h.(*recoveryHandler) - r.printStack = print + r := h.(*recoveryHandler) //nolint:errcheck //TODO: + // @bharat-rajani should return type-assertion error but would break the API? + r.printStack = shouldPrint } } diff --git a/vendor/modules.txt b/vendor/modules.txt index 8decb39f946d..6511b5e4281d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -654,8 +654,8 @@ github.com/google/shlex # github.com/google/uuid v1.4.0 ## explicit github.com/google/uuid -# github.com/gorilla/handlers v1.5.1 -## explicit; go 1.14 +# github.com/gorilla/handlers v1.5.2 +## explicit; go 1.20 github.com/gorilla/handlers # github.com/gorilla/mux v1.8.1 ## explicit; go 1.20 From 33ddd79e26f9b9c30675780263744cb22bb2fdd9 Mon Sep 17 00:00:00 2001 From: Aditya R Date: Mon, 13 Nov 2023 21:48:09 +0530 Subject: [PATCH 021/170] qemu,parseUSB: minor refactor Some comments from https://github.com/containers/podman/pull/20540 [NO NEW TESTS NEEDED] Signed-off-by: Aditya R --- pkg/machine/qemu/config.go | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 1bdfe82a614c..eef46537027e 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -86,18 +86,10 @@ func parseUSBs(usbs []string) ([]machine.USBConfig, error) { return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) } - option := "" - if (left[0] == "bus" && right[0] == "devnum") || - (right[0] == "bus" && left[0] == "devnum") { - option = "bus_devnum" - } - if (left[0] == "vendor" && right[0] == "product") || - (right[0] == "vendor" && left[0] == "product") { - option = "vendor_product" - } + option := left[0] + "_" + right[0] switch option { - case "bus_devnum": + case "bus_devnum", "devnum_bus": bus, devnumber := left[1], right[1] if right[0] == "bus" { bus, devnumber = devnumber, bus @@ -107,7 +99,7 @@ func parseUSBs(usbs []string) ([]machine.USBConfig, error) { Bus: bus, DevNumber: devnumber, }) - case "vendor_product": + case "vendor_product", "product_vendor": vendorStr, productStr := left[1], right[1] if right[0] == "vendor" { vendorStr, productStr = productStr, vendorStr @@ -115,12 +107,12 @@ func parseUSBs(usbs []string) ([]machine.USBConfig, error) { vendor, err := strconv.ParseInt(vendorStr, 16, 0) if err != nil { - return configs, fmt.Errorf("fail to convert vendor of %s: %s", str, err) + return configs, fmt.Errorf("usb: fail to convert vendor of %s: %s", str, err) } product, err := strconv.ParseInt(productStr, 16, 0) if err != nil { - return configs, fmt.Errorf("fail to convert product of %s: %s", str, err) + return configs, fmt.Errorf("usb: fail to convert product of %s: %s", str, err) } configs = append(configs, machine.USBConfig{ From ea89eaa1c149a33e92dd0e8316826819384da6e0 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Mon, 13 Nov 2023 13:07:35 -0600 Subject: [PATCH 022/170] Avoid empty SSH keys on applehv [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude --- pkg/machine/applehv/machine.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/pkg/machine/applehv/machine.go b/pkg/machine/applehv/machine.go index 0b00faea3151..45737296f3ef 100644 --- a/pkg/machine/applehv/machine.go +++ b/pkg/machine/applehv/machine.go @@ -251,6 +251,14 @@ func (m *MacMachine) Init(opts machine.InitOptions) (bool, error) { return false, err } + if len(opts.IgnitionPath) < 1 { + key, err = machine.CreateSSHKeys(m.IdentityPath) + if err != nil { + return false, err + } + callbackFuncs.Add(m.removeSSHKeys) + } + builder := machine.NewIgnitionBuilder(machine.DynamicIgnition{ Name: opts.Username, Key: key, @@ -262,14 +270,6 @@ func (m *MacMachine) Init(opts machine.InitOptions) (bool, error) { Rootful: m.Rootful, }) - if len(opts.IgnitionPath) < 1 { - key, err = machine.CreateSSHKeys(m.IdentityPath) - if err != nil { - return false, err - } - callbackFuncs.Add(m.removeSSHKeys) - } - if len(opts.IgnitionPath) > 0 { return false, builder.BuildWithIgnitionFile(opts.IgnitionPath) } From 7b826b23066386760e50c13dbcda1838533172ee Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Nov 2023 06:24:16 +0000 Subject: [PATCH 023/170] [skip-ci] Update dessant/lock-threads action to v5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/discussion_lock.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/discussion_lock.yml b/.github/workflows/discussion_lock.yml index 973eedcd5d95..9a4f3a698c0f 100644 --- a/.github/workflows/discussion_lock.yml +++ b/.github/workflows/discussion_lock.yml @@ -46,7 +46,7 @@ jobs: pull-requests: write steps: # Ref: https://github.com/dessant/lock-threads#usage - - uses: dessant/lock-threads@v4 + - uses: dessant/lock-threads@v5 with: issue-inactive-days: '${{env.CLOSED_DAYS}}' pr-inactive-days: '${{env.CLOSED_DAYS}}' From dc709e4d7645b0327a6b15c48870caaa7b8529c0 Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Tue, 14 Nov 2023 14:55:22 +0200 Subject: [PATCH 024/170] Quadlet - Allow using symlink on the base search paths Signed-off-by: Ygal Blum --- cmd/quadlet/main.go | 11 ++++++++++- cmd/quadlet/main_test.go | 18 ++++++++++++++++++ docs/source/markdown/podman-systemd.unit.5.md | 7 ++++++- test/e2e/quadlet_test.go | 9 ++++++++- 4 files changed, 42 insertions(+), 3 deletions(-) diff --git a/cmd/quadlet/main.go b/cmd/quadlet/main.go index c85f2e245e3d..b36997b32a73 100644 --- a/cmd/quadlet/main.go +++ b/cmd/quadlet/main.go @@ -146,7 +146,16 @@ func getUnitDirs(rootless bool) []string { } func appendSubPaths(dirs []string, path string, isUserFlag bool, filterPtr func(string, bool) bool) []string { - err := filepath.WalkDir(path, func(_path string, info os.DirEntry, err error) error { + resolvedPath, err := filepath.EvalSymlinks(path) + if err != nil { + Debugf("Error occurred resolving path %q: %s", path, err) + // Despite the failure add the path to the list for logging purposes + // This is the equivalent of adding the path when info==nil below + dirs = append(dirs, path) + return dirs + } + + err = filepath.WalkDir(resolvedPath, func(_path string, info os.DirEntry, err error) error { if info == nil || info.IsDir() { if filterPtr == nil || filterPtr(_path, isUserFlag) { dirs = append(dirs, _path) diff --git a/cmd/quadlet/main_test.go b/cmd/quadlet/main_test.go index 9ee2ea00cd3c..1f29b74a13e1 100644 --- a/cmd/quadlet/main_test.go +++ b/cmd/quadlet/main_test.go @@ -79,4 +79,22 @@ func TestUnitDirs(t *testing.T) { unitDirs = getUnitDirs(true) assert.Equal(t, unitDirs, []string{name}, "rootless should use environment variable") + + symLinkTestBaseDir, err := os.MkdirTemp("", "podman-symlinktest") + assert.Nil(t, err) + // remove the temporary directory at the end of the program + defer os.RemoveAll(symLinkTestBaseDir) + + actualDir := filepath.Join(symLinkTestBaseDir, "actual") + err = os.Mkdir(actualDir, 0755) + assert.Nil(t, err) + innerDir := filepath.Join(actualDir, "inner") + err = os.Mkdir(innerDir, 0755) + assert.Nil(t, err) + symlink := filepath.Join(symLinkTestBaseDir, "symlink") + err = os.Symlink(actualDir, symlink) + assert.Nil(t, err) + t.Setenv("QUADLET_UNIT_DIRS", actualDir) + unitDirs = getUnitDirs(true) + assert.Equal(t, unitDirs, []string{actualDir, innerDir}, "directory resolution should follow symlink") } diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index a18bfa23a3c3..fece812e97bb 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -6,7 +6,7 @@ podman\-systemd.unit - systemd units using Podman Quadlet ## SYNOPSIS -*name*.container, *name*.volume, *name*.network, `*.kube` +*name*.container, *name*.volume, *name*.network, *name*.kube *name*.image ### Podman unit search path @@ -19,6 +19,11 @@ podman\-systemd.unit - systemd units using Podman Quadlet * /etc/containers/systemd/users/$(UID) * /etc/containers/systemd/users/ +### Using symbolic links + +Quadlet supports using symbolic links for the base of the search paths. +Symbolic links below the search paths are not supported. + ## DESCRIPTION Podman supports starting containers (and creating volumes) via systemd by using a diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index f2a00b971fe5..7bb376bb59d3 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -554,7 +554,14 @@ var _ = Describe("quadlet system generator", func() { current := session.ErrorToStringArray() expected := "No files parsed from [/something]" - Expect(current[0]).To(ContainSubstring(expected)) + found := false + for _, line := range current { + if strings.Contains(line, expected) { + found = true + break + } + } + Expect(found).To(BeTrue()) }) It("Should fail on bad quadlet", func() { From e35fc92c02404e6880bcb9782b9307682624a1db Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Mon, 13 Nov 2023 11:30:23 +0200 Subject: [PATCH 025/170] Quadlet - add support for UID and GID Mapping Support UIDMap, GIDMap, SubUIDMap and SubGIDMap If any of them are set disregard the deprecated Remap keys Add tests and man Signed-off-by: Ygal Blum --- docs/source/markdown/podman-systemd.unit.5.md | 28 ++++++++ pkg/systemd/quadlet/quadlet.go | 64 +++++++++++++++---- .../quadlet/idmapping-with-remap.container | 10 +++ test/e2e/quadlet/idmapping.container | 11 ++++ .../quadlet/subidmapping-with-remap.container | 8 +++ test/e2e/quadlet/subidmapping.container | 7 ++ test/e2e/quadlet/userns-with-remap.container | 7 ++ test/e2e/quadlet/userns.container | 5 ++ test/e2e/quadlet_test.go | 6 ++ 9 files changed, 132 insertions(+), 14 deletions(-) create mode 100644 test/e2e/quadlet/idmapping-with-remap.container create mode 100644 test/e2e/quadlet/idmapping.container create mode 100644 test/e2e/quadlet/subidmapping-with-remap.container create mode 100644 test/e2e/quadlet/subidmapping.container create mode 100644 test/e2e/quadlet/userns-with-remap.container create mode 100644 test/e2e/quadlet/userns.container diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index a18bfa23a3c3..38e8d48a543f 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -159,6 +159,7 @@ Valid options for `[Container]` are listed below: | EnvironmentHost=true | --env-host | | Exec=/usr/bin/command | Command after image specification - /usr/bin/command | | ExposeHostPort=50-59 | --expose 50-59 | +| GIDMap=0:10000:10 | --gidmap=0:10000:10 | | Group=1234 | --user UID:1234 | | GlobalArgs=--log-level=debug | --log-level=debug | | HealthCmd="/usr/bin/command" | --health-cmd="/usr/bin/command" | @@ -197,9 +198,12 @@ Valid options for `[Container]` are listed below: | SecurityLabelNested=true | --security-opt label=nested | | SecurityLabelType=spc_t | --security-opt label=type:spc_t | | ShmSize=100m | --shm-size=100m | +| SubGIDMap=gtest | --subgidname=gtest | +| SubUIDMap=utest | --subuidname=utest | | Sysctl=name=value | --sysctl=name=value | | Timezone=local | --tz local | | Tmpfs=/work | --tmpfs /work | +| UIDMap=0:10000:10 | --uidmap=0:10000:10 | | Ulimit=nofile:1000:10000 | --ulimit nofile:1000:10000 | | User=bin | --user bin | | UserNS=keep-id:uid=200,gid=210 | --userns keep-id:uid=200,gid=210 | @@ -315,6 +319,13 @@ to the Podman `--expose` option. This key can be listed multiple times. +### `GIDMap=` + +Run the container in a new user namespace using the supplied GID mapping. +Equivalent to the Podman `--gidmap` option. + +This key can be listed multiple times. + ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `run` @@ -569,6 +580,16 @@ Size of /dev/shm. This is equivalent to the Podman `--shm-size` option and generally has the form `number[unit]` +### `SubGIDMap=` + +Run the container in a new user namespace using the map with name in the /etc/subgid file. +Equivalent to the Podman `--subgidname` option. + +### `SubUIDMap=` + +Run the container in a new user namespace using the map with name in the /etc/subuid file. +Equivalent to the Podman `--subuidname` option. + ### `Sysctl=` Configures namespaced kernel parameters for the container. The format is `Sysctl=name=value`. @@ -591,6 +612,13 @@ This key can be listed multiple times. The timezone to run the container in. +### `UIDMap=` + +Run the container in a new user namespace using the supplied UID mapping. +Equivalent to the Podman `--uidmap` option. + +This key can be listed multiple times. + ### `Ulimit=` Ulimit options. Sets the ulimits values inside of the container. diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index c2841abf5c07..26e1745b1e98 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -73,6 +73,7 @@ const ( KeyExec = "Exec" KeyExitCodePropagation = "ExitCodePropagation" KeyExposeHostPort = "ExposeHostPort" + KeyGIDMap = "GIDMap" KeyGlobalArgs = "GlobalArgs" KeyGroup = "Group" KeyHealthCmd = "HealthCmd" @@ -132,11 +133,14 @@ const ( KeySecurityLabelType = "SecurityLabelType" KeySetWorkingDirectory = "SetWorkingDirectory" KeyShmSize = "ShmSize" + KeySubGIDMap = "SubGIDMap" + KeySubUIDMap = "SubUIDMap" KeySysctl = "Sysctl" KeyTimezone = "Timezone" KeyTLSVerify = "TLSVerify" KeyTmpfs = "Tmpfs" KeyType = "Type" + KeyUIDMap = "UIDMap" KeyUlimit = "Ulimit" KeyUnmask = "Unmask" KeyUser = "User" @@ -169,6 +173,7 @@ var ( KeyEnvironmentHost: true, KeyExec: true, KeyExposeHostPort: true, + KeyGIDMap: true, KeyGlobalArgs: true, KeyGroup: true, KeyHealthCmd: true, @@ -213,9 +218,12 @@ var ( KeySecurityLabelNested: true, KeySecurityLabelType: true, KeyShmSize: true, + KeySubGIDMap: true, + KeySubUIDMap: true, KeySysctl: true, KeyTimezone: true, KeyTmpfs: true, + KeyUIDMap: true, KeyUlimit: true, KeyUnmask: true, KeyUser: true, @@ -625,12 +633,10 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse podman.addf("-w=%s", workdir) } - if err := handleUserRemap(container, ContainerGroup, podman, isUser, true); err != nil { + if err := handleUserMappings(container, ContainerGroup, podman, isUser, true); err != nil { return nil, err } - handleUserNS(container, ContainerGroup, podman) - tmpfsValues := container.LookupAll(ContainerGroup, KeyTmpfs) for _, tmpfs := range tmpfsValues { if strings.Count(tmpfs, ":") > 1 { @@ -1091,12 +1097,10 @@ func ConvertKube(kube *parser.UnitFile, names map[string]string, isUser bool) (* handleLogDriver(kube, KubeGroup, execStart) - if err := handleUserRemap(kube, KubeGroup, execStart, isUser, false); err != nil { + if err := handleUserMappings(kube, KubeGroup, execStart, isUser, false); err != nil { return nil, err } - handleUserNS(kube, KubeGroup, execStart) - addNetworks(kube, KubeGroup, service, names, execStart) updateMaps := kube.LookupAllStrv(KubeGroup, KeyAutoUpdate) @@ -1245,12 +1249,50 @@ func handleUser(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdli return nil } -func handleUserRemap(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdline, isUser, supportManual bool) error { - // ignore Remap keys if UserNS is set +func handleUserMappings(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdline, isUser, supportManual bool) error { + mappingsDefined := false + if userns, ok := unitFile.Lookup(groupName, KeyUserNS); ok && len(userns) > 0 { + podman.add("--userns", userns) + mappingsDefined = true + } + + uidMaps := unitFile.LookupAllStrv(groupName, KeyUIDMap) + mappingsDefined = mappingsDefined || len(uidMaps) > 0 + for _, uidMap := range uidMaps { + podman.addf("--uidmap=%s", uidMap) + } + + gidMaps := unitFile.LookupAllStrv(groupName, KeyGIDMap) + mappingsDefined = mappingsDefined || len(gidMaps) > 0 + for _, gidMap := range gidMaps { + podman.addf("--gidmap=%s", gidMap) + } + + if subUIDMap, ok := unitFile.Lookup(groupName, KeySubUIDMap); ok && len(subUIDMap) > 0 { + podman.add("--subuidname", subUIDMap) + mappingsDefined = true + } + + if subGIDMap, ok := unitFile.Lookup(groupName, KeySubGIDMap); ok && len(subGIDMap) > 0 { + podman.add("--subgidname", subGIDMap) + mappingsDefined = true + } + + if mappingsDefined { + _, hasRemapUID := unitFile.Lookup(groupName, KeyRemapUID) + _, hasRemapGID := unitFile.Lookup(groupName, KeyRemapGID) + _, RemapUsers := unitFile.LookupLast(groupName, KeyRemapUsers) + if hasRemapUID || hasRemapGID || RemapUsers { + return fmt.Errorf("deprecated Remap keys are set along with explicit mapping keys") + } return nil } + return handleUserRemap(unitFile, groupName, podman, isUser, supportManual) +} + +func handleUserRemap(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdline, isUser, supportManual bool) error { uidMaps := unitFile.LookupAllStrv(groupName, KeyRemapUID) gidMaps := unitFile.LookupAllStrv(groupName, KeyRemapGID) remapUsers, _ := unitFile.LookupLast(groupName, KeyRemapUsers) @@ -1315,12 +1357,6 @@ func handleUserRemap(unitFile *parser.UnitFile, groupName string, podman *Podman return nil } -func handleUserNS(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdline) { - if userns, ok := unitFile.Lookup(groupName, KeyUserNS); ok && len(userns) > 0 { - podman.add("--userns", userns) - } -} - func addNetworks(quadletUnitFile *parser.UnitFile, groupName string, serviceUnitFile *parser.UnitFile, names map[string]string, podman *PodmanCmdline) { networks := quadletUnitFile.LookupAll(groupName, KeyNetwork) for _, network := range networks { diff --git a/test/e2e/quadlet/idmapping-with-remap.container b/test/e2e/quadlet/idmapping-with-remap.container new file mode 100644 index 000000000000..36d435fb0d8e --- /dev/null +++ b/test/e2e/quadlet/idmapping-with-remap.container @@ -0,0 +1,10 @@ +## assert-failed +## assert-stderr-contains "deprecated Remap keys are set along with explicit mapping keys" + +[Container] +Image=localhost/imagename +UIDMap=0:10000:10 +UIDMap=10:20000:10 +GIDMap=0:10000:10 +GIDMap=10:20000:10 +RemapUsers=auto diff --git a/test/e2e/quadlet/idmapping.container b/test/e2e/quadlet/idmapping.container new file mode 100644 index 000000000000..5ea2e38a454f --- /dev/null +++ b/test/e2e/quadlet/idmapping.container @@ -0,0 +1,11 @@ +## assert-podman-args "--uidmap=0:10000:10" +## assert-podman-args "--uidmap=10:20000:10" +## assert-podman-args "--gidmap=0:10000:10" +## assert-podman-args "--gidmap=10:20000:10" + +[Container] +Image=localhost/imagename +UIDMap=0:10000:10 +UIDMap=10:20000:10 +GIDMap=0:10000:10 +GIDMap=10:20000:10 diff --git a/test/e2e/quadlet/subidmapping-with-remap.container b/test/e2e/quadlet/subidmapping-with-remap.container new file mode 100644 index 000000000000..143f88295e7a --- /dev/null +++ b/test/e2e/quadlet/subidmapping-with-remap.container @@ -0,0 +1,8 @@ +## assert-failed +## assert-stderr-contains "deprecated Remap keys are set along with explicit mapping keys" + +[Container] +Image=localhost/imagename +SubUIDMap=utest +SubGIDMap=gtest +RemapUsers=auto diff --git a/test/e2e/quadlet/subidmapping.container b/test/e2e/quadlet/subidmapping.container new file mode 100644 index 000000000000..b102850b301c --- /dev/null +++ b/test/e2e/quadlet/subidmapping.container @@ -0,0 +1,7 @@ +## assert-podman-args "--subuidname" "utest" +## assert-podman-args "--subgidname" "gtest" + +[Container] +Image=localhost/imagename +SubUIDMap=utest +SubGIDMap=gtest diff --git a/test/e2e/quadlet/userns-with-remap.container b/test/e2e/quadlet/userns-with-remap.container new file mode 100644 index 000000000000..3e1e8185aaf3 --- /dev/null +++ b/test/e2e/quadlet/userns-with-remap.container @@ -0,0 +1,7 @@ +## assert-failed +## assert-stderr-contains "deprecated Remap keys are set along with explicit mapping keys" + +[Container] +Image=localhost/imagename +RemapUsers=auto +UserNS=keep-id diff --git a/test/e2e/quadlet/userns.container b/test/e2e/quadlet/userns.container new file mode 100644 index 000000000000..f2bc0b7bdb01 --- /dev/null +++ b/test/e2e/quadlet/userns.container @@ -0,0 +1,5 @@ +## assert-podman-args "--userns" "keep-id" + +[Container] +Image=localhost/imagename +UserNS=keep-id diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index f2a00b971fe5..3e8faa71a5ea 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -690,6 +690,8 @@ BOGUS=foo Entry("exec.container", "exec.container", 0, ""), Entry("health.container", "health.container", 0, ""), Entry("hostname.container", "hostname.container", 0, ""), + Entry("idmapping.container", "idmapping.container", 0, ""), + Entry("idmapping-with-remap.container", "idmapping-with-remap.container", 1, "converting \"idmapping-with-remap.container\": deprecated Remap keys are set along with explicit mapping keys"), Entry("image.container", "image.container", 0, ""), Entry("install.container", "install.container", 0, ""), Entry("ip.container", "ip.container", 0, ""), @@ -726,10 +728,14 @@ BOGUS=foo Entry("selinux.container", "selinux.container", 0, ""), Entry("shmsize.container", "shmsize.container", 0, ""), Entry("shortname.container", "shortname.container", 0, "Warning: shortname.container specifies the image \"shortname\" which not a fully qualified image name. This is not ideal for performance and security reasons. See the podman-pull manpage discussion of short-name-aliases.conf for details."), + Entry("subidmapping.container", "subidmapping.container", 0, ""), + Entry("subidmapping-with-remap.container", "subidmapping-with-remap.container", 1, "converting \"subidmapping-with-remap.container\": deprecated Remap keys are set along with explicit mapping keys"), Entry("sysctl.container", "sysctl.container", 0, ""), Entry("timezone.container", "timezone.container", 0, ""), Entry("unmask.container", "unmask.container", 0, ""), Entry("user.container", "user.container", 0, ""), + Entry("userns.container", "userns.container", 0, ""), + Entry("userns-with-remap.container", "userns-with-remap.container", 1, "converting \"userns-with-remap.container\": deprecated Remap keys are set along with explicit mapping keys"), Entry("volume.container", "volume.container", 0, ""), Entry("workingdir.container", "workingdir.container", 0, ""), Entry("Container - global args", "globalargs.container", 0, ""), From 3d88f614f7ffb24417af6ce4776e96887f3c772c Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Wed, 15 Nov 2023 15:58:11 -0500 Subject: [PATCH 026/170] [CI:DOCS] Machine test timeout env var Introduce MACHINE_TEST_TIMEOUT, which sets the timeout for machine tests, in seconds. Signed-off-by: Ashley Cui --- pkg/machine/e2e/config_test.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkg/machine/e2e/config_test.go b/pkg/machine/e2e/config_test.go index a77c22652e2d..60e9187a5aca 100644 --- a/pkg/machine/e2e/config_test.go +++ b/pkg/machine/e2e/config_test.go @@ -6,6 +6,7 @@ import ( "os" "os/exec" "path/filepath" + "strconv" "strings" "time" @@ -100,6 +101,13 @@ func newMB() (*machineTestBuilder, error) { if os.Getenv("PODMAN_BINARY") != "" { mb.podmanBinary = os.Getenv("PODMAN_BINARY") } + if os.Getenv("MACHINE_TEST_TIMEOUT") != "" { + seconds, err := strconv.Atoi(os.Getenv("MACHINE_TEST_TIMEOUT")) + if err != nil { + return nil, err + } + mb.timeout = time.Duration(seconds) * time.Second + } return &mb, nil } From 5f3f8a3caf47bee5f79885e6a6a070ab3b7c80fe Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 15 Nov 2023 21:42:59 +0000 Subject: [PATCH 027/170] fix(deps): update module k8s.io/kubernetes to v1.28.4 [security] Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- vendor/modules.txt | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 3ac4dab1e4f8..e41470a02dac 100644 --- a/go.mod +++ b/go.mod @@ -75,7 +75,7 @@ require ( google.golang.org/protobuf v1.31.0 gopkg.in/inf.v0 v0.9.1 gopkg.in/yaml.v3 v3.0.1 - k8s.io/kubernetes v1.28.3 + k8s.io/kubernetes v1.28.4 sigs.k8s.io/yaml v1.4.0 tags.cncf.io/container-device-interface v0.6.2 ) diff --git a/go.sum b/go.sum index 719bec5c36fb..1442c43a164c 100644 --- a/go.sum +++ b/go.sum @@ -1634,8 +1634,8 @@ k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/kubernetes v1.28.3 h1:XTci6gzk+JR51UZuZQCFJ4CsyUkfivSjLI4O1P9z6LY= -k8s.io/kubernetes v1.28.3/go.mod h1:NhAysZWvHtNcJFFHic87ofxQN7loylCQwg3ZvXVDbag= +k8s.io/kubernetes v1.28.4 h1:aRNxs5jb8FVTtlnxeA4FSDBVKuFwA8Gw40/U2zReBYA= +k8s.io/kubernetes v1.28.4/go.mod h1:BTzDCKYAlu6LL9ITbfjwgwIrJ30hlTgbv0eXDoA/WoA= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50= diff --git a/vendor/modules.txt b/vendor/modules.txt index 6511b5e4281d..eb18eb31c579 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1338,7 +1338,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/kubernetes v1.28.3 +# k8s.io/kubernetes v1.28.4 ## explicit; go 1.20 k8s.io/kubernetes/third_party/forked/golang/expansion # sigs.k8s.io/yaml v1.4.0 From d711c3f46531376c8a7db848f52066f1a6f52b1b Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Mon, 6 Nov 2023 10:26:33 -0700 Subject: [PATCH 028/170] VM images: bump to 2023-11-16 F39 released. Hoping for newer crun and pasta. Signed-off-by: Ed Santiago --- .cirrus.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 9275b10a019b..ec251aff20db 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -26,14 +26,14 @@ env: #### #### Cache-image names to test with (double-quotes around names are critical) #### - FEDORA_NAME: "fedora-39β" + FEDORA_NAME: "fedora-39" FEDORA_AARCH64_NAME: "${FEDORA_NAME}-aarch64" PRIOR_FEDORA_NAME: "fedora-38" RAWHIDE_NAME: "rawhide" DEBIAN_NAME: "debian-13" # Image identifiers - IMAGE_SUFFIX: "c20231004t194547z-f39f38d13" + IMAGE_SUFFIX: "c20231116t174419z-f39f38d13" # EC2 images FEDORA_AMI: "fedora-aws-${IMAGE_SUFFIX}" From 23ead49dee1d32fa946b5c8e626050bbeb3e1856 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 15 Nov 2023 19:08:02 -0700 Subject: [PATCH 029/170] pasta tests: remove some skips Signed-off-by: Ed Santiago --- test/system/505-networking-pasta.bats | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/test/system/505-networking-pasta.bats b/test/system/505-networking-pasta.bats index 4b7fe4f08527..af342ddc8433 100644 --- a/test/system/505-networking-pasta.bats +++ b/test/system/505-networking-pasta.bats @@ -448,10 +448,6 @@ function teardown() { } @test "Local forwarder, IPv4" { - if [[ "$CIRRUS_CI" == "true" ]] && [[ "$DISTRO_NV" == "debian-13" ]]; then - skip "FIXME: Needs passt 0.0~git20230625.32660ce-1 or later in debian SID, unavailable 8-2023." - fi - skip_if_no_ipv4 "IPv4 not routable on the host" run_podman run --dns 198.51.100.1 \ @@ -697,7 +693,7 @@ function teardown() { } @test "TCP/IPv4 large transfer, tap" { - skip "FIXME: #20170 - test hangs" + skip "FIXME: #20170 - needs passt >= 2023-11-10" pasta_test_do } From d2a4ec867d7622f7aeba696bb7824170c8b7baa4 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 16 Nov 2023 10:53:48 -0700 Subject: [PATCH 030/170] Test fixes for debian Signed-off-by: Ed Santiago --- test/e2e/run_test.go | 8 ++++++-- test/system/005-info.bats | 5 +++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 713e61829d71..b923fd5fbe7e 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -1545,14 +1545,18 @@ VOLUME %s`, ALPINE, volPath, volPath) container.WaitWithDefaultTimeout() Expect(container).Should(Exit(0)) checkLines(container.OutputToStringArray()) - Expect(container.ErrorToString()).To(ContainSubstring("Running scope as unit: ")) + Expect(container.ErrorToString()).To(Or( + ContainSubstring("Running scope as unit: "), // systemd < 255 + ContainSubstring("Running as unit: "))) // systemd >= 255 // check that --cgroups=split is honored also when a container runs in a pod container = podmanTest.PodmanSystemdScope([]string{"run", "--rm", "--pod", "new:split-test-pod", "--cgroups=split", ALPINE, "cat", "/proc/self/cgroup"}) container.WaitWithDefaultTimeout() Expect(container).Should(Exit(0)) checkLines(container.OutputToStringArray()) - Expect(container.ErrorToString()).To(ContainSubstring("Running scope as unit: ")) + Expect(container.ErrorToString()).To(Or( + ContainSubstring("Running scope as unit: "), // systemd < 255 + ContainSubstring("Running as unit: "))) // systemd >= 255 }) It("podman run with cgroups=disabled runs without cgroups", func() { diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 68f434f353eb..bdbbda04001c 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -178,8 +178,13 @@ host.slirp4netns.executable | $expr_path @test "CONTAINERS_CONF_OVERRIDE" { skip_if_remote "remote does not support CONTAINERS_CONF*" + # Need to include runtime because it's runc in debian CI, + # and crun 1.11.1 barfs with "read from sync socket" containersConf=$PODMAN_TMPDIR/containers.conf cat >$containersConf < Date: Fri, 17 Nov 2023 07:18:38 -0500 Subject: [PATCH 031/170] [CI:DOCS] Add link to podman py docs Signed-off-by: Urvashi Mohnani --- docs/source/index.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/source/index.rst b/docs/source/index.rst index 3f3fa10d547e..96f6c87652aa 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -22,3 +22,4 @@ If you are completely new to containers, we recommend that you check out the :do Reference Tutorials Search + Podman Python From a10b88cb2fe8efd9283d782ad9e5189d2d763ccb Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Tue, 26 Sep 2023 12:22:25 -0600 Subject: [PATCH 032/170] CI: test overlay and vfs We're only testing vfs in CI. That's bad. #18822 tried to remedy that but that only worked on system tests, not e2e. Here we introduce CI_DESIRED_STORAGE, to be set in .cirrus.yml in the same vein as all the other CI_DESIRED_X. Since it's 2023 we default to overlay, testing vfs only in priorfedora. Fixes required: - e2e tests: - in cleanup, umount ROOT/overlay to avoid leaking mounts - system tests: - fix a few badly-written tests that assumed/hardcoded overlay - buildx test: add weird exception to device-number test - mount tests: add special case code for vfs - unprivileged test: disable one section that is N/A on vfs Signed-off-by: Ed Santiago --- .cirrus.yml | 2 ++ contrib/cirrus/lib.sh | 2 +- contrib/cirrus/setup_environment.sh | 36 +++++++++++++----------- test/e2e/common_test.go | 13 ++++++++- test/e2e/config_amd64.go | 8 +++--- test/e2e/config_arm64.go | 8 +++--- test/e2e/config_ppc64le.go | 4 +-- test/e2e/info_test.go | 15 ++++++++++ test/system/001-basic.bats | 1 + test/system/005-info.bats | 18 +++++++++++- test/system/010-images.bats | 18 ++++++++---- test/system/060-mount.bats | 19 +++++++++++-- test/system/070-build.bats | 11 ++++++-- test/system/400-unprivileged-access.bats | 12 +++++++- test/system/helpers.bash | 12 ++++++++ 15 files changed, 137 insertions(+), 42 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index ec251aff20db..ae58bc18f584 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -59,6 +59,7 @@ env: VM_IMAGE_NAME: # One of the "Google-cloud VM Images" (above) CTR_FQIN: # One of the "Container FQIN's" (above) CI_DESIRED_DATABASE: sqlite # 'sqlite' or 'boltdb' + CI_DESIRED_STORAGE: overlay # overlay or vfs # Curl-command prefix for downloading task artifacts, simply add the # the url-encoded task name, artifact name, and path as a suffix. @@ -111,6 +112,7 @@ build_task: CI_DESIRED_RUNTIME: crun CI_DESIRED_NETWORK: cni CI_DESIRED_DATABASE: boltdb + CI_DESIRED_STORAGE: vfs # Catch invalid "TMPDIR == /tmp" assumptions; PR #19281 TMPDIR: /var/tmp - env: diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 469b855ffa5c..7d4e8c4052b1 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -95,7 +95,7 @@ EPOCH_TEST_COMMIT="$CIRRUS_BASE_SHA" # contexts, such as host->container or root->rootless user # # List of envariables which must be EXACT matches -PASSTHROUGH_ENV_EXACT='CGROUP_MANAGER|DEST_BRANCH|DISTRO_NV|GOCACHE|GOPATH|GOSRC|NETWORK_BACKEND|OCI_RUNTIME|ROOTLESS_USER|SCRIPT_BASE|SKIP_USERNS|EC2_INST_TYPE|PODMAN_DB' +PASSTHROUGH_ENV_EXACT='CGROUP_MANAGER|DEST_BRANCH|DISTRO_NV|GOCACHE|GOPATH|GOSRC|NETWORK_BACKEND|OCI_RUNTIME|ROOTLESS_USER|SCRIPT_BASE|SKIP_USERNS|EC2_INST_TYPE|PODMAN_DB|STORAGE_FS' # List of envariable patterns which must match AT THE BEGINNING of the name. PASSTHROUGH_ENV_ATSTART='CI|LANG|LC_|TEST' diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 6d5764564383..bc88bbc22451 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -109,22 +109,6 @@ esac #if [[ "${CI_DESIRED_DATABASE:-sqlite}" != "sqlite" ]]; then printf "[engine]\ndatabase_backend=\"$CI_DESIRED_DATABASE\"\n" > /etc/containers/containers.conf.d/92-db.conf -# For debian envs pre-configure storage driver as overlay. -# See: Discussion here https://github.com/containers/podman/pull/18510#discussion_r1189812306 -# for more details. -# TODO: remove this once all CI VM have newer buildah version. (i.e where buildah -# does not defaults to using `vfs` as storage driver) -# shellcheck disable=SC2154 -if [[ "$OS_RELEASE_ID" == "debian" ]]; then - showrun echo "conditional setup for debian" - conf=/etc/containers/storage.conf - if [[ -e $conf ]]; then - die "FATAL! INTERNAL ERROR! Cannot override $conf" - fi - msg "Overriding $conf, setting overlay (was: $buildah_storage)" - printf '[storage]\ndriver = "overlay"\nrunroot = "/run/containers/storage"\ngraphroot = "/var/lib/containers/storage"\n' >$conf -fi - if ((CONTAINER==0)); then # Not yet running inside a container showrun echo "conditional setup for CONTAINER == 0" # Discovered reemergence of BFQ scheduler bug in kernel 5.8.12-200 @@ -205,6 +189,26 @@ case "$CI_DESIRED_DATABASE" in ;; esac +# Force the requested storage driver for both system and e2e tests. +# This is (sigh) different because e2e tests have their own special way +# of ignoring system defaults. +# shellcheck disable=SC2154 +showrun echo "Setting CI_DESIRED_STORAGE [=$CI_DESIRED_STORAGE] for *system* tests" +conf=/etc/containers/storage.conf +if [[ -e $conf ]]; then + die "FATAL! INTERNAL ERROR! Cannot override $conf" +fi +cat <$conf +[storage] +driver = "$CI_DESIRED_STORAGE" +runroot = "/run/containers/storage" +graphroot = "/var/lib/containers/storage" +EOF + +# shellcheck disable=SC2154 +showrun echo "Setting CI_DESIRED_STORAGE [=$CI_DESIRED_STORAGE] for *e2e* tests" +echo "STORAGE_FS=$CI_DESIRED_STORAGE" >>/etc/ci_environment + # Required to be defined by caller: The environment where primary testing happens # shellcheck disable=SC2154 showrun echo "about to set up for TEST_ENVIRON [=$TEST_ENVIRON]" diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index acb1d3ba1081..dd6af3f40d44 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -33,6 +33,7 @@ import ( . "github.com/onsi/gomega" . "github.com/onsi/gomega/gexec" "github.com/sirupsen/logrus" + "golang.org/x/sys/unix" ) var ( @@ -993,7 +994,17 @@ func rmAll(podmanBin string, path string) { GinkgoWriter.Printf("%v\n", err) } } else { - if err := os.RemoveAll(path); err != nil { + // When using overlay as root, podman leaves a stray mount behind. + // This leak causes remote tests to take a loooooong time, which + // then causes Cirrus to time out. Unmount that stray. + overlayPath := path + "/root/overlay" + if _, err := os.Stat(overlayPath); err == nil { + if err = unix.Unmount(overlayPath, unix.MNT_DETACH); err != nil { + GinkgoWriter.Printf("Error unmounting %s: %v\n", overlayPath, err) + } + } + + if err = os.RemoveAll(path); err != nil { GinkgoWriter.Printf("%q\n", err) } } diff --git a/test/e2e/config_amd64.go b/test/e2e/config_amd64.go index 64b27e830da1..248a1a9f00e8 100644 --- a/test/e2e/config_amd64.go +++ b/test/e2e/config_amd64.go @@ -1,10 +1,10 @@ package integration var ( - STORAGE_FS = "vfs" //nolint:revive,stylecheck - STORAGE_OPTIONS = "--storage-driver vfs" //nolint:revive,stylecheck - ROOTLESS_STORAGE_FS = "vfs" //nolint:revive,stylecheck - ROOTLESS_STORAGE_OPTIONS = "--storage-driver vfs" //nolint:revive,stylecheck + STORAGE_FS = "overlay" //nolint:revive,stylecheck + STORAGE_OPTIONS = "--storage-driver overlay" //nolint:revive,stylecheck + ROOTLESS_STORAGE_FS = "overlay" //nolint:revive,stylecheck + ROOTLESS_STORAGE_OPTIONS = "--storage-driver overlay" //nolint:revive,stylecheck CACHE_IMAGES = []string{ALPINE, BB, fedoraMinimal, NGINX_IMAGE, REDIS_IMAGE, REGISTRY_IMAGE, INFRA_IMAGE, CITEST_IMAGE, HEALTHCHECK_IMAGE, SYSTEMD_IMAGE, fedoraToolbox} //nolint:revive,stylecheck NGINX_IMAGE = "quay.io/libpod/alpine_nginx:latest" //nolint:revive,stylecheck BB_GLIBC = "docker.io/library/busybox:glibc" //nolint:revive,stylecheck diff --git a/test/e2e/config_arm64.go b/test/e2e/config_arm64.go index 8dc0ebe12a32..952cee9e43b0 100644 --- a/test/e2e/config_arm64.go +++ b/test/e2e/config_arm64.go @@ -1,10 +1,10 @@ package integration var ( - STORAGE_FS = "vfs" //nolint:revive,stylecheck - STORAGE_OPTIONS = "--storage-driver vfs" //nolint:revive,stylecheck - ROOTLESS_STORAGE_FS = "vfs" //nolint:revive,stylecheck - ROOTLESS_STORAGE_OPTIONS = "--storage-driver vfs" //nolint:revive,stylecheck + STORAGE_FS = "overlay" //nolint:revive,stylecheck + STORAGE_OPTIONS = "--storage-driver overlay" //nolint:revive,stylecheck + ROOTLESS_STORAGE_FS = "overlay" //nolint:revive,stylecheck + ROOTLESS_STORAGE_OPTIONS = "--storage-driver overlay" //nolint:revive,stylecheck CACHE_IMAGES = []string{ALPINE, BB, fedoraMinimal, NGINX_IMAGE, REDIS_IMAGE, REGISTRY_IMAGE, INFRA_IMAGE, CITEST_IMAGE, HEALTHCHECK_IMAGE, SYSTEMD_IMAGE, fedoraToolbox} //nolint:revive,stylecheck NGINX_IMAGE = "quay.io/lsm5/alpine_nginx-aarch64:latest" //nolint:revive,stylecheck BB_GLIBC = "docker.io/library/busybox:glibc" //nolint:revive,stylecheck diff --git a/test/e2e/config_ppc64le.go b/test/e2e/config_ppc64le.go index 63d8a5049857..4b708ce1e4ab 100644 --- a/test/e2e/config_ppc64le.go +++ b/test/e2e/config_ppc64le.go @@ -3,8 +3,8 @@ package integration var ( STORAGE_FS = "overlay" STORAGE_OPTIONS = "--storage-driver overlay" - ROOTLESS_STORAGE_FS = "vfs" - ROOTLESS_STORAGE_OPTIONS = "--storage-driver vfs" + ROOTLESS_STORAGE_FS = "overlay" + ROOTLESS_STORAGE_OPTIONS = "--storage-driver overlay" CACHE_IMAGES = []string{ALPINE, BB, fedoraMinimal, NGINX_IMAGE, REDIS_IMAGE, INFRA_IMAGE, CITEST_IMAGE} NGINX_IMAGE = "quay.io/libpod/alpine_nginx-ppc64le:latest" BB_GLIBC = "docker.io/ppc64le/busybox:glibc" diff --git a/test/e2e/info_test.go b/test/e2e/info_test.go index 165e618cb7a3..b204ebbd3e8e 100644 --- a/test/e2e/info_test.go +++ b/test/e2e/info_test.go @@ -216,6 +216,21 @@ var _ = Describe("Podman Info", func() { Expect(session.ErrorToString()).To(Equal("Error: unsupported database backend: \"bogus\"")) }) + It("Podman info: check desired storage driver", func() { + // defined in .cirrus.yml + want := os.Getenv("CI_DESIRED_STORAGE") + if want == "" { + if os.Getenv("CIRRUS_CI") == "" { + Skip("CI_DESIRED_STORAGE is not set--this is OK because we're not running under Cirrus") + } + Fail("CIRRUS_CI is set, but CI_DESIRED_STORAGE is not! See #20161") + } + session := podmanTest.Podman([]string{"info", "--format", "{{.Store.GraphDriverName}}"}) + session.WaitWithDefaultTimeout() + Expect(session).To(ExitCleanly()) + Expect(session.OutputToString()).To(Equal(want), ".Store.GraphDriverName from podman info") + }) + It("Podman info: check lock count", Serial, func() { // This should not run on architectures and OSes that use the file locks backend. // Which, for now, is Linux + RISCV and FreeBSD, neither of which are in CI - so diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats index 3688d8ef216e..0512accba921 100644 --- a/test/system/001-basic.bats +++ b/test/system/001-basic.bats @@ -54,6 +54,7 @@ function setup() { 'Cgroups:{{.Host.CgroupsVersion}}+{{.Host.CgroupManager}}' 'Net:{{.Host.NetworkBackend}}' 'DB:{{.Host.DatabaseBackend}}' + 'Store:{{.Store.GraphDriverName}}' ) run_podman info --format "$(IFS='/' echo ${want[@]})" echo "# $output" >&3 diff --git a/test/system/005-info.bats b/test/system/005-info.bats index bdbbda04001c..c5fcc3b85c12 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -117,6 +117,22 @@ host.slirp4netns.executable | $expr_path is "$db_backend" "$CI_DESIRED_DATABASE" "CI_DESIRED_DATABASE (from .cirrus.yml)" } +@test "podman info - confirm desired storage driver" { + if [[ -z "$CI_DESIRED_STORAGE" ]]; then + # When running in Cirrus, CI_DESIRED_STORAGE *must* be defined + # in .cirrus.yml so we can double-check that all CI VMs are + # using overlay or vfs as desired. + if [[ -n "$CIRRUS_CI" ]]; then + die "CIRRUS_CI is set, but CI_DESIRED_STORAGE is not! See #20161" + fi + + # Not running under Cirrus (e.g., gating tests, or dev laptop). + # Totally OK to skip this test. + skip "CI_DESIRED_STORAGE is unset--OK, because we're not in Cirrus" + fi + + is "$(podman_storage_driver)" "$CI_DESIRED_STORAGE" "podman storage driver is not CI_DESIRED_STORAGE (from .cirrus.yml)" +} # 2021-04-06 discussed in watercooler: RHEL must never use crun, even if # using cgroups v2. @@ -163,7 +179,7 @@ host.slirp4netns.executable | $expr_path @test "podman --root PATH info - basic output" { if ! is_remote; then run_podman --storage-driver=vfs --root ${PODMAN_TMPDIR}/nothing-here-move-along info --format '{{ .Store.GraphOptions }}' - is "$output" "map\[\]" "'podman --root should reset Graphoptions to []" + is "$output" "map\[\]" "'podman --root should reset GraphOptions to []" fi } diff --git a/test/system/010-images.bats b/test/system/010-images.bats index fafab6aa8e60..655f98cb69ff 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -337,28 +337,34 @@ Deleted: $pauseID" @test "podman pull image with additional store" { skip_if_remote "only works on local" + # overlay or vfs + local storagedriver="$(podman_storage_driver)" + local imstore=$PODMAN_TMPDIR/imagestore local sconf=$PODMAN_TMPDIR/storage.conf cat >$sconf <>$test_script </dev/null; then die "Able to run 'ls $path' without error" @@ -67,8 +76,9 @@ else fi fi -exit 0 EOF + fi + echo "exit 0" >>$test_script chmod 755 $PODMAN_TMPDIR $test_script # get podman image and container storage directories diff --git a/test/system/helpers.bash b/test/system/helpers.bash index b6c8785dced5..69b24e219471 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -553,6 +553,18 @@ function podman_runtime() { basename "${output:-[null]}" } +# Returns the storage driver: 'overlay' or 'vfs' +function podman_storage_driver() { + run_podman info --format '{{.Store.GraphDriverName}}' >/dev/null + # Should there ever be a new driver + case "$output" in + overlay) ;; + vfs) ;; + *) die "Unknown storage driver '$output'; if this is a new driver, please review uses of this function in tests." ;; + esac + echo "$output" +} + # rhbz#1895105: rootless journald is unavailable except to users in # certain magic groups; which our testuser account does not belong to # (intentional: that is the RHEL default, so that's the setup we test). From ced07a55f43ee7552024d32867f4afb797be2b2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Tue, 7 Nov 2023 20:25:12 +0100 Subject: [PATCH 033/170] Update c/image and c/common to latest, c/buildah to main MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... to include https://github.com/containers/image/pull/2173, https://github.com/containers/common/pull/1731 and https://github.com/containers/buildah/pull/5143 . Signed-off-by: Miloslav Trmač --- go.mod | 30 +- go.sum | 66 ++-- .../github.com/containers/buildah/.cirrus.yml | 6 +- vendor/github.com/containers/buildah/Makefile | 4 +- vendor/github.com/containers/buildah/add.go | 32 +- .../github.com/containers/buildah/commit.go | 20 +- .../containers/buildah/define/types.go | 8 +- vendor/github.com/containers/buildah/image.go | 23 +- .../containers/buildah/imagebuildah/build.go | 6 +- .../buildah/imagebuildah/executor.go | 6 +- .../buildah/imagebuildah/stage_executor.go | 73 ++--- .../buildah/internal/mkcw/embed/entrypoint.gz | Bin 405 -> 405 bytes .../buildah/internal/tmpdir/tmpdir.go | 2 +- vendor/github.com/containers/buildah/new.go | 2 +- .../containers/buildah/pkg/cli/common.go | 6 +- .../containers/buildah/pkg/parse/parse.go | 16 +- .../containers/buildah/pkg/util/util.go | 7 +- .../containers/buildah/run_linux.go | 37 +-- .../containers/buildah/util/types.go | 12 +- .../containers/common/pkg/auth/auth.go | 83 ++++-- .../containers/common/pkg/auth/cli.go | 32 +- .../containers/common/version/version.go | 2 +- .../containers/image/v5/copy/compression.go | 17 +- .../containers/image/v5/docker/errors.go | 2 +- .../internal/imagedestination/impl/helpers.go | 5 + .../image/v5/pkg/docker/config/config.go | 281 +++++++++++++----- .../image/v5/storage/storage_reference.go | 4 + .../image/v5/storage/storage_transport.go | 12 +- .../containers/image/v5/types/types.go | 4 + .../containers/image/v5/version/version.go | 6 +- .../github.com/containers/luksy/.cirrus.yml | 17 +- vendor/github.com/containers/luksy/tune.go | 2 +- vendor/github.com/containers/storage/VERSION | 2 +- .../go-jose/go-jose/v3/CHANGELOG.md | 8 + .../go-jose/go-jose/v3/symmetric.go | 5 + .../hashicorp/go-retryablehttp/CHANGELOG.md | 6 + .../hashicorp/go-retryablehttp/client.go | 25 +- .../github.com/klauspost/compress/README.md | 8 + .../klauspost/compress/fse/compress.go | 2 +- .../klauspost/compress/zstd/enc_best.go | 44 +-- .../klauspost/compress/zstd/enc_better.go | 17 +- .../openshift/imagebuilder/builder.go | 7 +- .../openshift/imagebuilder/dispatchers.go | 13 +- .../imagebuilder/dockerfile/parser/parser.go | 8 + .../openshift/imagebuilder/imagebuilder.spec | 2 +- vendor/go.opentelemetry.io/otel/.gitignore | 1 + vendor/go.opentelemetry.io/otel/.golangci.yml | 79 +++-- vendor/go.opentelemetry.io/otel/CHANGELOG.md | 172 ++++++++++- vendor/go.opentelemetry.io/otel/CODEOWNERS | 2 +- .../go.opentelemetry.io/otel/CONTRIBUTING.md | 90 +++++- vendor/go.opentelemetry.io/otel/Makefile | 62 ++-- vendor/go.opentelemetry.io/otel/README.md | 42 +-- vendor/go.opentelemetry.io/otel/RELEASING.md | 31 +- .../otel/attribute/filter.go | 60 ++++ .../go.opentelemetry.io/otel/attribute/set.go | 7 - .../otel/baggage/baggage.go | 14 +- .../go.opentelemetry.io/otel/internal/gen.go | 29 ++ .../otel/internal/global/handler.go | 7 +- .../otel/internal/global/internal_logging.go | 7 +- .../otel/metric/instrument.go | 2 + .../go.opentelemetry.io/otel/metric/meter.go | 2 + .../go.opentelemetry.io/otel/requirements.txt | 2 +- vendor/go.opentelemetry.io/otel/version.go | 2 +- vendor/go.opentelemetry.io/otel/versions.yaml | 18 +- vendor/modules.txt | 40 +-- 65 files changed, 1136 insertions(+), 503 deletions(-) create mode 100644 vendor/github.com/go-jose/go-jose/v3/CHANGELOG.md create mode 100644 vendor/go.opentelemetry.io/otel/attribute/filter.go create mode 100644 vendor/go.opentelemetry.io/otel/internal/gen.go diff --git a/go.mod b/go.mod index e41470a02dac..37624d783e26 100644 --- a/go.mod +++ b/go.mod @@ -11,15 +11,15 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.0.0 github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 - github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 - github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce + github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 + github.com/containers/common v0.57.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 - github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f + github.com/containers/image/v5 v5.29.0 github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 - github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd + github.com/containers/storage v1.51.0 github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 @@ -54,7 +54,7 @@ require ( github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 - github.com/openshift/imagebuilder v1.2.5 + github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc github.com/rootless-containers/rootlesskit v1.1.1 github.com/shirou/gopsutil/v3 v3.23.10 github.com/sirupsen/logrus v1.9.3 @@ -93,14 +93,14 @@ require ( github.com/chenzhuoyu/iasm v0.9.0 // indirect github.com/chzyer/readline v1.5.1 // indirect github.com/containerd/cgroups/v3 v3.0.2 // indirect - github.com/containerd/containerd v1.7.8 // indirect + github.com/containerd/containerd v1.7.9 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect - github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd // indirect + github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b // indirect github.com/coreos/go-oidc/v3 v3.7.0 // indirect github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f // indirect - github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd // indirect + github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/digitalocean/go-libvirt v0.0.0-20220804181439-8648fbde413e // indirect github.com/disiqueira/gotree/v3 v3.0.2 // indirect @@ -112,7 +112,7 @@ require ( github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/gin-gonic/gin v1.9.1 // indirect - github.com/go-jose/go-jose/v3 v3.0.0 // indirect + github.com/go-jose/go-jose/v3 v3.0.1 // indirect github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.6 // indirect @@ -140,11 +140,11 @@ require ( github.com/google/pprof v0.0.0-20230323073829-e72429f035bd // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-retryablehttp v0.7.4 // indirect + github.com/hashicorp/go-retryablehttp v0.7.5 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect - github.com/klauspost/compress v1.17.2 // indirect + github.com/klauspost/compress v1.17.3 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/klauspost/pgzip v1.2.6 // indirect github.com/kr/fs v0.1.0 // indirect @@ -198,13 +198,13 @@ require ( go.mongodb.org/mongo-driver v1.11.3 // indirect go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/otel v1.16.0 // indirect - go.opentelemetry.io/otel/metric v1.16.0 // indirect - go.opentelemetry.io/otel/trace v1.16.0 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect + go.opentelemetry.io/otel/trace v1.19.0 // indirect golang.org/x/arch v0.5.0 // indirect golang.org/x/crypto v0.15.0 // indirect golang.org/x/mod v0.13.0 // indirect - golang.org/x/oauth2 v0.13.0 // indirect + golang.org/x/oauth2 v0.14.0 // indirect golang.org/x/tools v0.14.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect diff --git a/go.sum b/go.sum index 1442c43a164c..727913f07549 100644 --- a/go.sum +++ b/go.sum @@ -193,8 +193,8 @@ github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09Zvgq github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= -github.com/containerd/containerd v1.7.8 h1:RkwgOW3AVUT3H/dyT0W03Dc8AzlpMG65lX48KftOFSM= -github.com/containerd/containerd v1.7.8/go.mod h1:L/Hn9qylJtUFT7cPeM0Sr3fATj+WjHwRQ0lyrYk3OPY= +github.com/containerd/containerd v1.7.9 h1:KOhK01szQbM80YfW1H6RZKh85PHGqY/9OcEZ35Je8sc= +github.com/containerd/containerd v1.7.9/go.mod h1:0/W44LWEYfSHoxBtsHIiNU/duEkgpMokemafHVCpq9Y= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -252,22 +252,22 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= -github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 h1:MNE9Yk+sw3GhHGRIXQHqx4V3P9L2MVHrZITD107DDB4= -github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761/go.mod h1:78sIy+6IjdfQWXfPUZyDqysufB/vhgz9SGLrLQ2k0KU= -github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce h1:b0NLsUl+hvPYPiAlP7VJrSHJZDQbZgUa3i+JfwMv4To= -github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce/go.mod h1:EOB29rKXAeQcUU8JQ9MjbYkyPfcNpAZ7s3Ar59PU0YE= +github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 h1:G+FidpI/V85O3sXfOg+xFwWav23FW0/L9KjZuxbr71g= +github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310/go.mod h1:2mTSu+BX8gjB2wUxu4raCdNdP/bc5ADL8Hiw6oUrOYE= +github.com/containers/common v0.57.0 h1:5O/+6QUBafKK0/zeok9y1rLPukfWgdE0sT4nuzmyAqk= +github.com/containers/common v0.57.0/go.mod h1:t/Z+/sFrapvFMEJe3YnecN49/Tae2wYEQShbEN6SRaU= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= -github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f h1:x79xiC/Zs7yRzCWCT/fuf8J8LALTzVHzGT9T0HEx9FQ= -github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f/go.mod h1:7+h9aIQgB6YzWxFzKAAYQ0CQZS0ks/bc+FMZQTJFoN8= +github.com/containers/image/v5 v5.29.0 h1:9+nhS/ZM7c4Kuzu5tJ0NMpxrgoryOJ2HAYTgG8Ny7j4= +github.com/containers/image/v5 v5.29.0/go.mod h1:kQ7qcDsps424ZAz24thD+x7+dJw1vgur3A9tTDsj97E= github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 h1:R6e4nMpxUWRTn+QoiS1dnWL3qa0hpFb2+8/ltKtSnWE= github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734/go.mod h1:3lTcwI2g7qe8Ekgk9hdDxQeT9KrqXPilQvxJfIJp8TQ= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= -github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd h1:NbQ782+jynau+ySnK8qBGyLstgiaLOAjoJWrwSLovGc= -github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd/go.mod h1:p3x2uBi+Eaqor7MXSnXIoSGmIaocAlRnd3UiEl6AtgQ= +github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b h1:8XvNAm+g7ivwPUkyiHvBs7z356JWpK9a0FDaek86+sY= +github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b/go.mod h1:menB9p4o5HckgcLW6cO0+dl6+axkVmSqKlrNcratsh4= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= @@ -276,8 +276,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= -github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd h1:IidA+YID5VdlNNJ0xcRdOcaPWs+fP0IFJqFRVuwtPjo= -github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= +github.com/containers/storage v1.51.0 h1:AowbcpiWXzAjHosKz7MKvPEqpyX+ryZA/ZurytRrFNA= +github.com/containers/storage v1.51.0/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -311,8 +311,8 @@ github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420/go.mod h1:OQiqOghC github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= -github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd h1:0av0vtcjA8Hqv5gyWj79CLCFVwOOyBNWPjrfUWceMNg= -github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= +github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 h1:2Dx4IHfC1yHWI12AxQDJM1QbRCDfk6M+blLzlZCXdrc= +github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= @@ -337,6 +337,7 @@ github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= @@ -354,6 +355,7 @@ github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0/go.mod h1: github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= +github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651 h1:YcvzLmdrP/b8kLAGJ8GT7bdncgCAiWxJZIlt84D+RJg= github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651/go.mod h1:LFyLie6XcDbyKGeVK6bHe+9aJTYCxWLBg5IrJZOaXKA= @@ -406,8 +408,8 @@ github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= -github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= +github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= +github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= @@ -639,8 +641,8 @@ github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1: github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= -github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= +github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= @@ -695,8 +697,8 @@ github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdY github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= -github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= -github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= +github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= @@ -870,8 +872,8 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/imagebuilder v1.2.5 h1:dby0N3FTouXSBgWNf+gfTkj36fAb8g4iL/SRw1eNAoo= -github.com/openshift/imagebuilder v1.2.5/go.mod h1:bF4w79W8nM+jH1QkAiHSUVaqHkMBJGijafZxCJEHH5o= +github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc h1:ZQ+qN+nVYlNOOx/Nsm5J78je5r+eJfo62pFGisvHtyI= +github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc/go.mod h1:hFr3F5mM+J/zFaXcZdNzHS0xKuxAYOZOoHQO9D2JvIU= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= @@ -941,8 +943,8 @@ github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rootless-containers/rootlesskit v1.1.1 h1:F5psKWoWY9/VjZ3ifVcaosjvFZJOagX85U22M0/EQZE= github.com/rootless-containers/rootlesskit v1.1.1/go.mod h1:UD5GoA3dqKCJrnvnhVgQQnweMF2qZnf9KLw8EewcMZI= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -1133,13 +1135,13 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= -go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= -go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= -go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= -go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= -go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= -go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= +go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= +go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= +go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= +go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= +go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -1265,8 +1267,8 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= +golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/vendor/github.com/containers/buildah/.cirrus.yml b/vendor/github.com/containers/buildah/.cirrus.yml index 79a4b8dfd07f..ab95dcbc4e1e 100644 --- a/vendor/github.com/containers/buildah/.cirrus.yml +++ b/vendor/github.com/containers/buildah/.cirrus.yml @@ -27,8 +27,8 @@ env: #### # GCE project where images live IMAGE_PROJECT: "libpod-218412" - FEDORA_NAME: "fedora-38" - PRIOR_FEDORA_NAME: "fedora-37" + FEDORA_NAME: "fedora-39β" + PRIOR_FEDORA_NAME: "fedora-38" DEBIAN_NAME: "debian-13" # Image identifiers @@ -120,7 +120,7 @@ vendor_task: # Runs within Cirrus's "community cluster" container: - image: docker.io/library/golang:1.18 + image: docker.io/library/golang:1.20 cpu: 1 memory: 1 diff --git a/vendor/github.com/containers/buildah/Makefile b/vendor/github.com/containers/buildah/Makefile index 81ffc9375825..112a3cb62116 100644 --- a/vendor/github.com/containers/buildah/Makefile +++ b/vendor/github.com/containers/buildah/Makefile @@ -192,13 +192,13 @@ tests/testreport/testreport: tests/testreport/testreport.go .PHONY: test-unit test-unit: tests/testreport/testreport $(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" -cover $(RACEFLAGS) $(shell $(GO) list ./... | grep -v vendor | grep -v tests | grep -v cmd | grep -v chroot | grep -v copier) -timeout 45m - $(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" $(RACEFLAGS) ./chroot ./copier -timeout 45m + $(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" $(RACEFLAGS) ./chroot ./copier -timeout 60m tmp=$(shell mktemp -d) ; \ mkdir -p $$tmp/root $$tmp/runroot; \ $(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" -cover $(RACEFLAGS) ./cmd/buildah -args --root $$tmp/root --runroot $$tmp/runroot --storage-driver vfs --signature-policy $(shell pwd)/tests/policy.json --registries-conf $(shell pwd)/tests/registries.conf vendor-in-container: - podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src docker.io/library/golang:1.18 make vendor + podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src docker.io/library/golang:1.20 make vendor .PHONY: vendor vendor: diff --git a/vendor/github.com/containers/buildah/add.go b/vendor/github.com/containers/buildah/add.go index 534ef83f21fe..c61de5a49eb6 100644 --- a/vendor/github.com/containers/buildah/add.go +++ b/vendor/github.com/containers/buildah/add.go @@ -22,6 +22,7 @@ import ( "github.com/containers/storage/pkg/fileutils" "github.com/containers/storage/pkg/idtools" "github.com/hashicorp/go-multierror" + digest "github.com/opencontainers/go-digest" "github.com/opencontainers/runc/libcontainer/userns" "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" @@ -35,6 +36,9 @@ type AddAndCopyOptions struct { // newly-added content, potentially overriding permissions which would // otherwise be set to 0:0. Chown string + // Checksum is a standard container digest string (e.g. :) + // and is the expected hash of the content being copied. + Checksum string // PreserveOwnership, if Chown is not set, tells us to avoid setting // ownership of copied items to 0:0, instead using whatever ownership // information is already set. Not meaningful for remote sources or @@ -77,7 +81,7 @@ func sourceIsRemote(source string) bool { } // getURL writes a tar archive containing the named content -func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, writer io.Writer, chmod *os.FileMode) error { +func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, writer io.Writer, chmod *os.FileMode, srcDigest digest.Digest) error { url, err := url.Parse(src) if err != nil { return err @@ -110,7 +114,7 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, } // Figure out the size of the content. size := response.ContentLength - responseBody := response.Body + var responseBody io.Reader = response.Body if size < 0 { // Create a temporary file and copy the content to it, so that // we can figure out how much content there is. @@ -130,6 +134,11 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, } responseBody = f } + var digester digest.Digester + if srcDigest != "" { + digester = srcDigest.Algorithm().Digester() + responseBody = io.TeeReader(responseBody, digester.Hash()) + } // Write the output archive. Set permissions for compatibility. tw := tar.NewWriter(writer) defer tw.Close() @@ -161,6 +170,12 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, return fmt.Errorf("writing content from %q to tar stream: %w", src, err) } + if digester != nil { + if responseDigest := digester.Digest(); responseDigest != srcDigest { + return fmt.Errorf("unexpected response digest for %q: %s, want %s", src, responseDigest, srcDigest) + } + } + return nil } @@ -392,9 +407,16 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption var wg sync.WaitGroup if sourceIsRemote(src) { pipeReader, pipeWriter := io.Pipe() + var srcDigest digest.Digest + if options.Checksum != "" { + srcDigest, err = digest.Parse(options.Checksum) + if err != nil { + return fmt.Errorf("invalid checksum flag: %w", err) + } + } wg.Add(1) go func() { - getErr = getURL(src, chownFiles, mountPoint, renameTarget, pipeWriter, chmodDirsFiles) + getErr = getURL(src, chownFiles, mountPoint, renameTarget, pipeWriter, chmodDirsFiles, srcDigest) pipeWriter.Close() wg.Done() }() @@ -441,6 +463,10 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption continue } + if options.Checksum != "" { + return fmt.Errorf("checksum flag is not supported for local sources") + } + // Dig out the result of running glob+stat on this source spec. var localSourceStat *copier.StatsForGlob for _, st := range localSourceStats { diff --git a/vendor/github.com/containers/buildah/commit.go b/vendor/github.com/containers/buildah/commit.go index 1268181d82b3..00181b518d97 100644 --- a/vendor/github.com/containers/buildah/commit.go +++ b/vendor/github.com/containers/buildah/commit.go @@ -3,7 +3,6 @@ package buildah import ( "context" "encoding/json" - "errors" "fmt" "io" "os" @@ -22,7 +21,6 @@ import ( "github.com/containers/image/v5/transports" "github.com/containers/image/v5/types" encconfig "github.com/containers/ocicrypt/config" - "github.com/containers/storage" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/stringid" digest "github.com/opencontainers/go-digest" @@ -358,7 +356,7 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options if len(options.AdditionalTags) > 0 { switch dest.Transport().Name() { case is.Transport.Name(): - img, err := is.Transport.GetStoreImage(b.store, dest) + _, img, err := is.ResolveReference(dest) if err != nil { return imgID, nil, "", fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) } @@ -371,11 +369,12 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options } } - img, err := is.Transport.GetStoreImage(b.store, dest) - if err != nil && !errors.Is(err, storage.ErrImageUnknown) { - return imgID, nil, "", fmt.Errorf("locating image %q in local storage: %w", transports.ImageName(dest), err) - } - if err == nil { + if dest.Transport().Name() == is.Transport.Name() { + dest2, img, err := is.ResolveReference(dest) + if err != nil { + return imgID, nil, "", fmt.Errorf("locating image %q in local storage: %w", transports.ImageName(dest), err) + } + dest = dest2 imgID = img.ID toPruneNames := make([]string, 0, len(img.Names)) for _, name := range img.Names { @@ -388,11 +387,6 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options return imgID, nil, "", fmt.Errorf("failed to remove temporary name from image %q: %w", imgID, err) } logrus.Debugf("removing %v from assigned names to image %q", nameToRemove, img.ID) - dest2, err := is.Transport.ParseStoreReference(b.store, "@"+imgID) - if err != nil { - return imgID, nil, "", fmt.Errorf("creating unnamed destination reference for image: %w", err) - } - dest = dest2 } if options.IIDFile != "" { if err = os.WriteFile(options.IIDFile, []byte("sha256:"+img.ID), 0644); err != nil { diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index 78bf746a004e..aedcf9da4b1e 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -58,8 +58,8 @@ const ( type TeeType string var ( - // DefaultCapabilities is the list of capabilities which we grant by - // default to containers which are running under UID 0. + // Deprecated: DefaultCapabilities values should be retrieved from + // github.com/containers/common/pkg/config DefaultCapabilities = []string{ "CAP_AUDIT_WRITE", "CAP_CHOWN", @@ -75,8 +75,8 @@ var ( "CAP_SETUID", "CAP_SYS_CHROOT", } - // DefaultNetworkSysctl is the list of Kernel parameters which we - // grant by default to containers which are running under UID 0. + // Deprecated: DefaultNetworkSysctl values should be retrieved from + // github.com/containers/common/pkg/config DefaultNetworkSysctl = map[string]string{ "net.ipv4.ping_group_range": "0 0", } diff --git a/vendor/github.com/containers/buildah/image.go b/vendor/github.com/containers/buildah/image.go index 9fb34ab37fbc..52f7dc67abbd 100644 --- a/vendor/github.com/containers/buildah/image.go +++ b/vendor/github.com/containers/buildah/image.go @@ -286,6 +286,18 @@ func (i *containerImageRef) createConfigsAndManifests() (v1.Image, v1.Manifest, } // Always replace this value, since we're newer than our base image. dimage.Created = created + // Clear the list of diffIDs, since we always repopulate it. + dimage.RootFS = &docker.V2S2RootFS{} + dimage.RootFS.Type = docker.TypeLayers + dimage.RootFS.DiffIDs = []digest.Digest{} + // Only clear the history if we're squashing, otherwise leave it be so + // that we can append entries to it. Clear the parent, too, we no + // longer include its layers and history. + if i.confidentialWorkload.Convert || i.squash || i.omitHistory { + dimage.Parent = "" + dimage.History = []docker.V2S2History{} + } + // If we're producing a confidential workload, override the command and // assorted other settings that aren't expected to work correctly. if i.confidentialWorkload.Convert { @@ -304,17 +316,6 @@ func (i *containerImageRef) createConfigsAndManifests() (v1.Image, v1.Manifest, dimage.Config.ExposedPorts = nil oimage.Config.ExposedPorts = nil } - // Clear the list of diffIDs, since we always repopulate it. - dimage.RootFS = &docker.V2S2RootFS{} - dimage.RootFS.Type = docker.TypeLayers - dimage.RootFS.DiffIDs = []digest.Digest{} - // Only clear the history if we're squashing, otherwise leave it be so - // that we can append entries to it. Clear the parent, too, we no - // longer include its layers and history. - if i.confidentialWorkload.Convert || i.squash || i.omitHistory { - dimage.Parent = "" - dimage.History = []docker.V2S2History{} - } // Build empty manifests. The Layers lists will be populated later. omanifest := v1.Manifest{ diff --git a/vendor/github.com/containers/buildah/imagebuildah/build.go b/vendor/github.com/containers/buildah/imagebuildah/build.go index 4e2d7084148d..03081fde9fd2 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/build.go +++ b/vendor/github.com/containers/buildah/imagebuildah/build.go @@ -15,6 +15,7 @@ import ( "sync" "github.com/containerd/containerd/platforms" + "github.com/containers/buildah" "github.com/containers/buildah/define" internalUtil "github.com/containers/buildah/internal/util" "github.com/containers/buildah/pkg/parse" @@ -267,6 +268,9 @@ func BuildDockerfiles(ctx context.Context, store storage.Store, options define.B } thisID, thisRef, err := buildDockerfilesOnce(ctx, store, loggerPerPlatform, logPrefix, platformOptions, paths, files) if err != nil { + if errorContext := strings.TrimSpace(logPrefix); errorContext != "" { + return fmt.Errorf("%s: %w", errorContext, err) + } return err } instancesLock.Lock() @@ -669,7 +673,7 @@ func baseImages(dockerfilenames []string, dockerfilecontents [][]byte, from stri } } base := child.Next.Value - if base != "scratch" && !nicknames[base] { + if base != "" && base != buildah.BaseImageFakeName && !nicknames[base] { headingArgs := argsMapToSlice(stage.Builder.HeadingArgs) userArgs := argsMapToSlice(stage.Builder.Args) // append heading args so if --build-arg key=value is not diff --git a/vendor/github.com/containers/buildah/imagebuildah/executor.go b/vendor/github.com/containers/buildah/imagebuildah/executor.go index 7cc7876daff1..917c84f6ceee 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/executor.go +++ b/vendor/github.com/containers/buildah/imagebuildah/executor.go @@ -762,7 +762,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image b.fromOverride = "" } base := child.Next.Value - if base != "scratch" { + if base != "" && base != buildah.BaseImageFakeName { if replaceBuildContext, ok := b.additionalBuildContexts[child.Next.Value]; ok { if replaceBuildContext.IsImage { child.Next.Value = replaceBuildContext.Value @@ -1018,7 +1018,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image if dest, err := b.resolveNameToImageRef(b.output); err == nil { switch dest.Transport().Name() { case storageTransport.Transport.Name(): - img, err := storageTransport.Transport.GetStoreImage(b.store, dest) + _, img, err := storageTransport.ResolveReference(dest) if err != nil { return imageID, ref, fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) } @@ -1029,7 +1029,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image logrus.Debugf("assigned names %v to image %q", img.Names, img.ID) } // Report back the caller the tags applied, if any. - img, err = storageTransport.Transport.GetStoreImage(b.store, dest) + _, img, err = storageTransport.ResolveReference(dest) if err != nil { return imageID, ref, fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) } diff --git a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go index d4d88699f77c..69b60f53909f 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go +++ b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go @@ -473,6 +473,7 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err options := buildah.AddAndCopyOptions{ Chmod: copy.Chmod, Chown: copy.Chown, + Checksum: copy.Checksum, PreserveOwnership: preserveOwnership, ContextDir: contextDir, Excludes: copyExcludes, @@ -1040,57 +1041,34 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, if len(children) == 0 { // There are no steps. - if s.builder.FromImageID == "" || s.executor.squash { + if s.builder.FromImageID == "" || s.executor.squash || s.executor.confidentialWorkload.Convert || len(s.executor.labels) > 0 || len(s.executor.annotations) > 0 || len(s.executor.unsetEnvs) > 0 || len(s.executor.unsetLabels) > 0 { // We either don't have a base image, or we need to - // squash the contents of the base image. Whichever is - // the case, we need to commit() to create a new image. + // transform the contents of the base image, or we need + // to make some changes to just the config blob. Whichever + // is the case, we need to commit() to create a new image. logCommit(s.output, -1) - emptyLayer := false - if s.builder.FromImageID == "" { - // No base image means there's nothing to put in a - // layer, so don't create one. - emptyLayer = true - } + // No base image means there's nothing to put in a + // layer, so don't create one. + emptyLayer := (s.builder.FromImageID == "") if imgID, ref, err = s.commit(ctx, s.getCreatedBy(nil, ""), emptyLayer, s.output, s.executor.squash, lastStage); err != nil { return "", nil, false, fmt.Errorf("committing base container: %w", err) } - // Generate build output if needed. - if canGenerateBuildOutput { - if err := s.generateBuildOutput(buildOutputOption); err != nil { - return "", nil, false, err - } - } - } else if len(s.executor.labels) > 0 || len(s.executor.annotations) > 0 { - // The image would be modified by the labels passed - // via the command line, so we need to commit. - logCommit(s.output, -1) - if imgID, ref, err = s.commit(ctx, s.getCreatedBy(stage.Node, ""), true, s.output, s.executor.squash, lastStage); err != nil { - return "", nil, false, err - } - // Generate build output if needed. - if canGenerateBuildOutput { - if err := s.generateBuildOutput(buildOutputOption); err != nil { - return "", nil, false, err - } - } } else { - // We don't need to squash the base image, and the - // image wouldn't be modified by the command line - // options, so just reuse the base image. + // We don't need to squash or otherwise transform the + // base image, and the image wouldn't be modified by + // the command line options, so just reuse the base + // image. logCommit(s.output, -1) if imgID, ref, err = s.tagExistingImage(ctx, s.builder.FromImageID, s.output); err != nil { return "", nil, onlyBaseImage, err } onlyBaseImage = true - // If we have reached this point then our build is just performing a tag - // and it contains no steps or instructions (i.e Containerfile only contains - // `FROM and nothing else so we will never end up committing this - // but instead just re-tag image. For such use-cases if `-o` or `--output` was - // specified honor that and export the contents of the current build anyways. - if canGenerateBuildOutput { - if err := s.generateBuildOutput(buildOutputOption); err != nil { - return "", nil, onlyBaseImage, err - } + } + // Generate build output from the new image, or the preexisting + // one if we didn't actually do anything, if needed. + if canGenerateBuildOutput { + if err := s.generateBuildOutput(buildOutputOption); err != nil { + return "", nil, onlyBaseImage, err } } logImageID(imgID) @@ -1118,13 +1096,13 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, if command == "COPY" && (flag == "--chmod" || flag == "--chown" || flag == "--from") { return "", nil, false, fmt.Errorf("COPY only supports the --chmod= --chown= and the --from= flags") } - if command == "ADD" && (flag == "--chmod" || flag == "--chown") { - return "", nil, false, fmt.Errorf("ADD only supports the --chmod= and the --chown= flags") + if command == "ADD" && (flag == "--chmod" || flag == "--chown" || flag == "--checksum") { + return "", nil, false, fmt.Errorf("ADD only supports the --chmod=, --chown=, and --checksum= flags") } if strings.Contains(flag, "--from") && command == "COPY" { arr := strings.Split(flag, "=") if len(arr) != 2 { - return "", nil, false, fmt.Errorf("%s: invalid --from flag, should be --from=", command) + return "", nil, false, fmt.Errorf("%s: invalid --from flag %q, should be --from=", command, flag) } // If arr[1] has an argument within it, resolve it to its // value. Otherwise just return the value found. @@ -1415,7 +1393,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, } // Note: If the build has squash, we must try to re-use as many layers as possible if cache is found. - // So only perform commit if its the lastInstruction of lastStage. + // So only perform commit if it's the lastInstruction of lastStage. if cacheID != "" { logCacheHit(cacheID) // A suitable cached image was found, so we can just @@ -1439,7 +1417,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, // While committing we always set squash to false here // because at this point we want to save history for // layers even if its a squashed build so that they - // can be part of build-cache. + // can be part of the build cache. imgID, ref, err = s.commit(ctx, s.getCreatedBy(node, addedContentSummary), !s.stepRequiresLayer(step), commitName, false, lastStage && lastInstruction) if err != nil { return "", nil, false, fmt.Errorf("committing container for step %+v: %w", *step, err) @@ -1470,7 +1448,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, } if lastInstruction && lastStage { - if s.executor.squash { + if s.executor.squash || s.executor.confidentialWorkload.Convert { // Create a squashed version of this image // if we're supposed to create one and this // is the last instruction of the last stage. @@ -1531,6 +1509,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, } } } + return imgID, ref, onlyBaseImage, nil } @@ -1752,7 +1731,7 @@ func (s *StageExecutor) tagExistingImage(ctx context.Context, cacheID, output st if err != nil { return "", nil, fmt.Errorf("computing digest of manifest for image %q: %w", cacheID, err) } - img, err := is.Transport.GetStoreImage(s.executor.store, dest) + _, img, err := is.ResolveReference(dest) if err != nil { return "", nil, fmt.Errorf("locating new copy of image %q (i.e., %q): %w", cacheID, transports.ImageName(dest), err) } diff --git a/vendor/github.com/containers/buildah/internal/mkcw/embed/entrypoint.gz b/vendor/github.com/containers/buildah/internal/mkcw/embed/entrypoint.gz index 0680f1d1f54a356e09941f6bd6bbc50d1fcd02e7..8fcd7633e63ffb869374d3b019d94268f832fa06 100644 GIT binary patch delta 16 XcmbQrJe8SUzMF$1rOACGdmkeJB$@[=|[,]])") fs.BoolVar(&flags.Stdin, "stdin", false, "pass stdin into containers") fs.StringArrayVarP(&flags.Tag, "tag", "t", []string{}, "tagged `name` to apply to the built image") @@ -371,7 +371,7 @@ func GetFromAndBudFlags(flags *FromAndBudResults, usernsResults *UserNSResults, fs.StringVar(&flags.RetryDelay, "retry-delay", PullPushRetryDelay.String(), "delay between retries in case of push/pull failures") fs.String("arch", runtime.GOARCH, "set the ARCH of the image to the provided value instead of the architecture of the host") fs.String("os", runtime.GOOS, "prefer `OS` instead of the running OS when pulling images") - fs.StringSlice("platform", []string{parse.DefaultPlatform()}, "set the OS/ARCH/VARIANT of the image to the provided value instead of the current operating system and architecture of the host (for example `linux/arm`)") + fs.StringSlice("platform", []string{parse.DefaultPlatform()}, "set the `OS/ARCH[/VARIANT]` of the image to the provided value instead of the current operating system and architecture of the host (for example \"linux/arm\")") fs.String("variant", "", "override the `variant` of the specified image") fs.StringArrayVar(&flags.SecurityOpt, "security-opt", []string{}, "security options (default [])") fs.StringVar(&flags.ShmSize, "shm-size", defaultContainerConfig.Containers.ShmSize, "size of '/dev/shm'. The format is ``.") diff --git a/vendor/github.com/containers/buildah/pkg/parse/parse.go b/vendor/github.com/containers/buildah/pkg/parse/parse.go index 492d3dbee99e..d865f5044f9f 100644 --- a/vendor/github.com/containers/buildah/pkg/parse/parse.go +++ b/vendor/github.com/containers/buildah/pkg/parse/parse.go @@ -519,14 +519,10 @@ func DefaultPlatform() string { // Platform separates the platform string into os, arch and variant, // accepting any of $arch, $os/$arch, or $os/$arch/$variant. func Platform(platform string) (os, arch, variant string, err error) { - if platform == "local" || platform == "" || platform == "/" { + platform = strings.Trim(platform, "/") + if platform == "local" || platform == "" { return Platform(DefaultPlatform()) } - if platform[len(platform)-1] == '/' || platform[0] == '/' { - // If --platform string has format as `some/plat/string/` - // or `/some/plat/string` make it `some/plat/string` - platform = strings.Trim(platform, "/") - } platformSpec, err := platforms.Parse(platform) if err != nil { return "", "", "", fmt.Errorf("invalid platform syntax for --platform=%q: %w", platform, err) @@ -638,6 +634,11 @@ func GetBuildOutput(buildOutput string) (define.BuildOutputOption, error) { return define.BuildOutputOption{Path: path, IsDir: isDir, IsStdout: isStdout}, nil } +// TeeType parses a string value and returns a TeeType +func TeeType(teeType string) define.TeeType { + return define.TeeType(strings.ToLower(teeType)) +} + // GetConfidentialWorkloadOptions parses a confidential workload settings // argument, which controls both whether or not we produce an image that // expects to be run using krun, and how we handle things like encrypting @@ -651,7 +652,7 @@ func GetConfidentialWorkloadOptions(arg string) (define.ConfidentialWorkloadOpti var err error switch { case strings.HasPrefix(option, "type="): - options.TeeType = define.TeeType(strings.ToLower(strings.TrimPrefix(option, "type="))) + options.TeeType = TeeType(strings.TrimPrefix(option, "type=")) switch options.TeeType { case define.SEV, define.SNP, mkcwtypes.SEV_NO_ES: default: @@ -1069,6 +1070,7 @@ func isValidDeviceMode(mode string) bool { return true } +// GetTempDir returns the path of the preferred temporary directory on the host. func GetTempDir() string { return tmpdir.GetTempDir() } diff --git a/vendor/github.com/containers/buildah/pkg/util/util.go b/vendor/github.com/containers/buildah/pkg/util/util.go index 6bb20219d674..17ad36056add 100644 --- a/vendor/github.com/containers/buildah/pkg/util/util.go +++ b/vendor/github.com/containers/buildah/pkg/util/util.go @@ -5,6 +5,8 @@ import ( "os" "path/filepath" "strings" + + "github.com/containers/buildah/pkg/parse" ) // Mirrors path to a tmpfile if path points to a @@ -17,7 +19,7 @@ import ( func MirrorToTempFileIfPathIsDescriptor(file string) (string, bool) { // one use-case is discussed here // https://github.com/containers/buildah/issues/3070 - if !strings.HasPrefix(file, "/dev/fd") { + if !strings.HasPrefix(file, "/dev/fd/") { return file, false } b, err := os.ReadFile(file) @@ -25,10 +27,11 @@ func MirrorToTempFileIfPathIsDescriptor(file string) (string, bool) { // if anything goes wrong return original path return file, false } - tmpfile, err := os.CreateTemp(os.TempDir(), "buildah-temp-file") + tmpfile, err := os.CreateTemp(parse.GetTempDir(), "buildah-temp-file") if err != nil { return file, false } + defer tmpfile.Close() if _, err := tmpfile.Write(b); err != nil { // if anything goes wrong return original path return file, false diff --git a/vendor/github.com/containers/buildah/run_linux.go b/vendor/github.com/containers/buildah/run_linux.go index 72473f6e7483..5263abeccce9 100644 --- a/vendor/github.com/containers/buildah/run_linux.go +++ b/vendor/github.com/containers/buildah/run_linux.go @@ -773,20 +773,6 @@ func setupNamespaces(logger *logrus.Logger, g *generate.Generator, namespaceOpti if err := addSysctl([]string{"net"}); err != nil { return false, "", false, err } - for name, val := range define.DefaultNetworkSysctl { - // Check that the sysctl we are adding is actually supported - // by the kernel - p := filepath.Join("/proc/sys", strings.Replace(name, ".", "/", -1)) - _, err := os.Stat(p) - if err != nil && !errors.Is(err, os.ErrNotExist) { - return false, "", false, err - } - if err == nil { - g.AddLinuxSysctl(name, val) - } else { - logger.Warnf("ignoring sysctl %s since %s doesn't exist", name, p) - } - } } return configureNetwork, networkString, configureUTS, nil } @@ -1023,32 +1009,13 @@ func (b *Builder) runSetupVolumeMounts(mountLabel string, volumeMounts []string, } func setupMaskedPaths(g *generate.Generator) { - for _, mp := range []string{ - "/proc/acpi", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/proc/scsi", - "/sys/firmware", - "/sys/fs/selinux", - "/sys/dev", - } { + for _, mp := range config.DefaultMaskedPaths { g.AddLinuxMaskedPaths(mp) } } func setupReadOnlyPaths(g *generate.Generator) { - for _, rp := range []string{ - "/proc/asound", - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger", - } { + for _, rp := range config.DefaultReadOnlyPaths { g.AddLinuxReadonlyPaths(rp) } } diff --git a/vendor/github.com/containers/buildah/util/types.go b/vendor/github.com/containers/buildah/util/types.go index 12546dbd5cec..91c9ace14adf 100644 --- a/vendor/github.com/containers/buildah/util/types.go +++ b/vendor/github.com/containers/buildah/util/types.go @@ -10,11 +10,11 @@ const ( ) var ( - // DefaultCapabilities is the list of capabilities which we grant by - // default to containers which are running under UID 0. - DefaultCapabilities = define.DefaultCapabilities + // Deprecated: DefaultCapabilities values should be retrieved from + // github.com/containers/common/pkg/config + DefaultCapabilities = define.DefaultCapabilities //nolint - // DefaultNetworkSysctl is the list of Kernel parameters which we - // grant by default to containers which are running under UID 0. - DefaultNetworkSysctl = define.DefaultNetworkSysctl + // Deprecated: DefaultNetworkSysctl values should be retrieved from + // github.com/containers/common/pkg/config + DefaultNetworkSysctl = define.DefaultNetworkSysctl //nolint ) diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go index ff59e6cdf29d..6536d0f2fdfe 100644 --- a/vendor/github.com/containers/common/pkg/auth/auth.go +++ b/vendor/github.com/containers/common/pkg/auth/auth.go @@ -16,6 +16,7 @@ import ( "github.com/containers/image/v5/pkg/docker/config" "github.com/containers/image/v5/pkg/sysregistriesv2" "github.com/containers/image/v5/types" + "github.com/containers/storage/pkg/homedir" "github.com/sirupsen/logrus" ) @@ -39,33 +40,46 @@ func (e ErrNewCredentialsInvalid) Unwrap() error { // GetDefaultAuthFile returns env value REGISTRY_AUTH_FILE as default // --authfile path used in multiple --authfile flag definitions // Will fail over to DOCKER_CONFIG if REGISTRY_AUTH_FILE environment is not set +// +// WARNINGS: +// - In almost all invocations, expect this function to return ""; so it can not be used +// for directly accessing the file. +// - Use this only for commands that _read_ credentials, not write them. +// The path may refer to github.com/containers auth.json, or to Docker config.json, +// and the distinction is lost; writing auth.json data to config.json may not be consumable by Docker, +// or it may overwrite and discard unrelated Docker configuration set by the user. func GetDefaultAuthFile() string { + // Keep this in sync with the default logic in systemContextWithOptions! + if authfile := os.Getenv("REGISTRY_AUTH_FILE"); authfile != "" { return authfile } + // This pre-existing behavior is not conceptually consistent: + // If users have a ~/.docker/config.json in the default path, and no environment variable + // set, we read auth.json first, falling back to config.json; + // but if DOCKER_CONFIG is set, we read only config.json in that path, and we don’t read auth.json at all. if authEnv := os.Getenv("DOCKER_CONFIG"); authEnv != "" { return filepath.Join(authEnv, "config.json") } return "" } -// CheckAuthFile validates filepath given by --authfile -// used by command has --authfile flag -func CheckAuthFile(authfile string) error { - if authfile == "" { +// CheckAuthFile validates a path option, failing if the option is set but the referenced file is not accessible. +func CheckAuthFile(pathOption string) error { + if pathOption == "" { return nil } - if _, err := os.Stat(authfile); err != nil { - return fmt.Errorf("checking authfile: %w", err) + if _, err := os.Stat(pathOption); err != nil { + return fmt.Errorf("credential file is not accessible: %w", err) } return nil } // systemContextWithOptions returns a version of sys -// updated with authFile and certDir values (if they are not ""). +// updated with authFile, dockerCompatAuthFile and certDir values (if they are not ""). // NOTE: this is a shallow copy that can be used and updated, but may share // data with the original parameter. -func systemContextWithOptions(sys *types.SystemContext, authFile, certDir string) *types.SystemContext { +func systemContextWithOptions(sys *types.SystemContext, authFile, dockerCompatAuthFile, certDir string) (*types.SystemContext, error) { if sys != nil { sysCopy := *sys sys = &sysCopy @@ -73,24 +87,50 @@ func systemContextWithOptions(sys *types.SystemContext, authFile, certDir string sys = &types.SystemContext{} } - if authFile != "" { + defaultDockerConfigPath := filepath.Join(homedir.Get(), ".docker", "config.json") + switch { + case authFile != "" && dockerCompatAuthFile != "": + return nil, errors.New("options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously") + case authFile != "": + if authFile == defaultDockerConfigPath { + logrus.Warn("saving credentials to ~/.docker/config.json, but not using Docker-compatible file format") + } sys.AuthFilePath = authFile + case dockerCompatAuthFile != "": + sys.DockerCompatAuthFilePath = dockerCompatAuthFile + default: + // Keep this in sync with GetDefaultAuthFile()! + // + // Note that c/image does not natively implement the REGISTRY_AUTH_FILE + // variable, so not all callers look for credentials in this location. + if authFileVar := os.Getenv("REGISTRY_AUTH_FILE"); authFileVar != "" { + if authFileVar == defaultDockerConfigPath { + logrus.Warn("$REGISTRY_AUTH_FILE points to ~/.docker/config.json, but the file format is not fully compatible; use the Docker-compatible file path option instead") + } + sys.AuthFilePath = authFileVar + } else if dockerConfig := os.Getenv("DOCKER_CONFIG"); dockerConfig != "" { + // This preserves pre-existing _inconsistent_ behavior: + // If the Docker configuration exists in the default ~/.docker/config.json location, + // we DO NOT write to it; instead, we update auth.json in the default path. + // Only if the user explicitly sets DOCKER_CONFIG, we write to that config.json. + sys.DockerCompatAuthFilePath = filepath.Join(dockerConfig, "config.json") + } } if certDir != "" { sys.DockerCertPath = certDir } - return sys + return sys, nil } // Login implements a “log in” command with the provided opts and args // reading the password from opts.Stdin or the options in opts. func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginOptions, args []string) error { - systemContext = systemContextWithOptions(systemContext, opts.AuthFile, opts.CertDir) + systemContext, err := systemContextWithOptions(systemContext, opts.AuthFile, opts.DockerCompatAuthFile, opts.CertDir) + if err != nil { + return err + } - var ( - key, registry string - err error - ) + var key, registry string switch len(args) { case 0: if !opts.AcceptUnspecifiedRegistry { @@ -284,7 +324,13 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri if err := CheckAuthFile(opts.AuthFile); err != nil { return err } - systemContext = systemContextWithOptions(systemContext, opts.AuthFile, "") + if err := CheckAuthFile(opts.DockerCompatAuthFile); err != nil { + return err + } + systemContext, err := systemContextWithOptions(systemContext, opts.AuthFile, opts.DockerCompatAuthFile, "") + if err != nil { + return err + } if opts.All { if len(args) != 0 { @@ -297,10 +343,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri return nil } - var ( - key, registry string - err error - ) + var key, registry string switch len(args) { case 0: if !opts.AcceptUnspecifiedRegistry { diff --git a/vendor/github.com/containers/common/pkg/auth/cli.go b/vendor/github.com/containers/common/pkg/auth/cli.go index 26727f35cc49..60e02e51e6d4 100644 --- a/vendor/github.com/containers/common/pkg/auth/cli.go +++ b/vendor/github.com/containers/common/pkg/auth/cli.go @@ -14,14 +14,15 @@ type LoginOptions struct { // CLI flags managed by the FlagSet returned by GetLoginFlags // Callers that use GetLoginFlags should not need to touch these values at all; callers that use // other CLI frameworks should set them based on user input. - AuthFile string - CertDir string - Password string - Username string - StdinPassword bool - GetLoginSet bool - Verbose bool // set to true for verbose output - AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries + AuthFile string + DockerCompatAuthFile string + CertDir string + Password string + Username string + StdinPassword bool + GetLoginSet bool + Verbose bool // set to true for verbose output + AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries // Options caller can set Stdin io.Reader // set to os.Stdin Stdout io.Writer // set to os.Stdout @@ -34,9 +35,10 @@ type LogoutOptions struct { // CLI flags managed by the FlagSet returned by GetLogoutFlags // Callers that use GetLogoutFlags should not need to touch these values at all; callers that use // other CLI frameworks should set them based on user input. - AuthFile string - All bool - AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries + AuthFile string + DockerCompatAuthFile string + All bool + AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries // Options caller can set Stdout io.Writer // set to os.Stdout AcceptUnspecifiedRegistry bool // set to true if allows logout with unspecified registry @@ -45,7 +47,8 @@ type LogoutOptions struct { // GetLoginFlags defines and returns login flags for containers tools func GetLoginFlags(flags *LoginOptions) *pflag.FlagSet { fs := pflag.FlagSet{} - fs.StringVar(&flags.AuthFile, "authfile", GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") + fs.StringVar(&flags.AuthFile, "authfile", "", "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") + fs.StringVar(&flags.DockerCompatAuthFile, "compat-auth-file", "", "path of a Docker-compatible config file to update instead") fs.StringVar(&flags.CertDir, "cert-dir", "", "use certificates at the specified path to access the registry") fs.StringVarP(&flags.Password, "password", "p", "", "Password for registry") fs.StringVarP(&flags.Username, "username", "u", "", "Username for registry") @@ -59,6 +62,7 @@ func GetLoginFlags(flags *LoginOptions) *pflag.FlagSet { func GetLoginFlagsCompletions() completion.FlagCompletions { flagCompletion := completion.FlagCompletions{} flagCompletion["authfile"] = completion.AutocompleteDefault + flagCompletion["compat-auth-file"] = completion.AutocompleteDefault flagCompletion["cert-dir"] = completion.AutocompleteDefault flagCompletion["password"] = completion.AutocompleteNone flagCompletion["username"] = completion.AutocompleteNone @@ -68,7 +72,8 @@ func GetLoginFlagsCompletions() completion.FlagCompletions { // GetLogoutFlags defines and returns logout flags for containers tools func GetLogoutFlags(flags *LogoutOptions) *pflag.FlagSet { fs := pflag.FlagSet{} - fs.StringVar(&flags.AuthFile, "authfile", GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") + fs.StringVar(&flags.AuthFile, "authfile", "", "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") + fs.StringVar(&flags.DockerCompatAuthFile, "compat-auth-file", "", "path of a Docker-compatible config file to update instead") fs.BoolVarP(&flags.All, "all", "a", false, "Remove the cached credentials for all registries in the auth file") return &fs } @@ -77,5 +82,6 @@ func GetLogoutFlags(flags *LogoutOptions) *pflag.FlagSet { func GetLogoutFlagsCompletions() completion.FlagCompletions { flagCompletion := completion.FlagCompletions{} flagCompletion["authfile"] = completion.AutocompleteDefault + flagCompletion["compat-auth-file"] = completion.AutocompleteDefault return flagCompletion } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 3aba47016e32..639a2d72069d 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.56.1-dev" +const Version = "0.57.0" diff --git a/vendor/github.com/containers/image/v5/copy/compression.go b/vendor/github.com/containers/image/v5/copy/compression.go index 6ba70f0bfad8..a42e3b67abe1 100644 --- a/vendor/github.com/containers/image/v5/copy/compression.go +++ b/vendor/github.com/containers/image/v5/copy/compression.go @@ -284,11 +284,24 @@ func (d *bpCompressionStepData) recordValidatedDigestData(c *copier, uploadedInf } } if d.uploadedCompressorName != "" && d.uploadedCompressorName != internalblobinfocache.UnknownCompression { - c.blobInfoCache.RecordDigestCompressorName(uploadedInfo.Digest, d.uploadedCompressorName) + if d.uploadedCompressorName != compressiontypes.ZstdChunkedAlgorithmName { + // HACK: Don’t record zstd:chunked algorithms. + // There is already a similar hack in internal/imagedestination/impl/helpers.BlobMatchesRequiredCompression, + // and that one prevents reusing zstd:chunked blobs, so recording the algorithm here would be mostly harmless. + // + // We skip that here anyway to work around the inability of blobPipelineDetectCompressionStep to differentiate + // between zstd and zstd:chunked; so we could, in varying situations over time, call RecordDigestCompressorName + // with the same digest and both ZstdAlgorithmName and ZstdChunkedAlgorithmName , which causes warnings about + // inconsistent data to be logged. + c.blobInfoCache.RecordDigestCompressorName(uploadedInfo.Digest, d.uploadedCompressorName) + } } if srcInfo.Digest != "" && srcInfo.Digest != uploadedInfo.Digest && d.srcCompressorName != "" && d.srcCompressorName != internalblobinfocache.UnknownCompression { - c.blobInfoCache.RecordDigestCompressorName(srcInfo.Digest, d.srcCompressorName) + if d.srcCompressorName != compressiontypes.ZstdChunkedAlgorithmName { + // HACK: Don’t record zstd:chunked algorithms, see above. + c.blobInfoCache.RecordDigestCompressorName(srcInfo.Digest, d.srcCompressorName) + } } return nil } diff --git a/vendor/github.com/containers/image/v5/docker/errors.go b/vendor/github.com/containers/image/v5/docker/errors.go index e03969189057..4392f9d1829a 100644 --- a/vendor/github.com/containers/image/v5/docker/errors.go +++ b/vendor/github.com/containers/image/v5/docker/errors.go @@ -88,7 +88,7 @@ func registryHTTPResponseToError(res *http.Response) error { response = response[:50] + "..." } // %.0w makes e visible to error.Unwrap() without including any text - err = fmt.Errorf("StatusCode: %d, %s%.0w", e.StatusCode, response, e) + err = fmt.Errorf("StatusCode: %d, %q%.0w", e.StatusCode, response, e) case errcode.Error: // e.Error() is fmt.Sprintf("%s: %s", e.Code.Error(), e.Message, which is usually // rather redundant. So reword it without using e.Code.Error() if e.Message is the default. diff --git a/vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go b/vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go index d5de81a613b0..5d28b3e73a49 100644 --- a/vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go +++ b/vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go @@ -12,6 +12,11 @@ func BlobMatchesRequiredCompression(options private.TryReusingBlobOptions, candi if options.RequiredCompression == nil { return true // no requirement imposed } + if options.RequiredCompression.Name() == compression.ZstdChunkedAlgorithmName { + // HACK: Never match when the caller asks for zstd:chunked, because we don’t record the annotations required to use the chunked blobs. + // The caller must re-compress to build those annotations. + return false + } return candidateCompression != nil && (options.RequiredCompression.Name() == candidateCompression.Name()) } diff --git a/vendor/github.com/containers/image/v5/pkg/docker/config/config.go b/vendor/github.com/containers/image/v5/pkg/docker/config/config.go index b987c580606b..c61065cb014c 100644 --- a/vendor/github.com/containers/image/v5/pkg/docker/config/config.go +++ b/vendor/github.com/containers/image/v5/pkg/docker/config/config.go @@ -5,6 +5,7 @@ import ( "encoding/json" "errors" "fmt" + "io/fs" "os" "os/exec" "path/filepath" @@ -61,78 +62,6 @@ func newAuthPathDefault(path string) authPath { return authPath{path: path, legacyFormat: false} } -// SetCredentials stores the username and password in a location -// appropriate for sys and the users’ configuration. -// A valid key is a repository, a namespace within a registry, or a registry hostname; -// using forms other than just a registry may fail depending on configuration. -// Returns a human-readable description of the location that was updated. -// NOTE: The return value is only intended to be read by humans; its form is not an API, -// it may change (or new forms can be added) any time. -func SetCredentials(sys *types.SystemContext, key, username, password string) (string, error) { - isNamespaced, err := validateKey(key) - if err != nil { - return "", err - } - - helpers, err := sysregistriesv2.CredentialHelpers(sys) - if err != nil { - return "", err - } - - // Make sure to collect all errors. - var multiErr error - for _, helper := range helpers { - var desc string - var err error - switch helper { - // Special-case the built-in helpers for auth files. - case sysregistriesv2.AuthenticationFileHelper: - desc, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { - if ch, exists := fileContents.CredHelpers[key]; exists { - if isNamespaced { - return false, "", unsupportedNamespaceErr(ch) - } - desc, err := setCredsInCredHelper(ch, key, username, password) - if err != nil { - return false, "", err - } - return false, desc, nil - } - creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) - newCreds := dockerAuthConfig{Auth: creds} - fileContents.AuthConfigs[key] = newCreds - return true, "", nil - }) - // External helpers. - default: - if isNamespaced { - err = unsupportedNamespaceErr(helper) - } else { - desc, err = setCredsInCredHelper(helper, key, username, password) - } - } - if err != nil { - multiErr = multierror.Append(multiErr, err) - logrus.Debugf("Error storing credentials for %s in credential helper %s: %v", key, helper, err) - continue - } - logrus.Debugf("Stored credentials for %s in credential helper %s", key, helper) - return desc, nil - } - return "", multiErr -} - -func unsupportedNamespaceErr(helper string) error { - return fmt.Errorf("namespaced key is not supported for credential helper %s", helper) -} - -// SetAuthentication stores the username and password in the credential helper or file -// See the documentation of SetCredentials for format of "key" -func SetAuthentication(sys *types.SystemContext, key, username, password string) error { - _, err := SetCredentials(sys, key, username, password) - return err -} - // GetAllCredentials returns the registry credentials for all registries stored // in any of the configured credential helpers. func GetAllCredentials(sys *types.SystemContext) (map[string]types.DockerAuthConfig, error) { @@ -370,17 +299,79 @@ func getAuthenticationWithHomeDir(sys *types.SystemContext, key, homeDir string) return creds.Username, creds.Password, nil } -// RemoveAuthentication removes credentials for `key` from all possible -// sources such as credential helpers and auth files. +// SetCredentials stores the username and password in a location +// appropriate for sys and the users’ configuration. // A valid key is a repository, a namespace within a registry, or a registry hostname; // using forms other than just a registry may fail depending on configuration. -func RemoveAuthentication(sys *types.SystemContext, key string) error { - isNamespaced, err := validateKey(key) +// Returns a human-readable description of the location that was updated. +// NOTE: The return value is only intended to be read by humans; its form is not an API, +// it may change (or new forms can be added) any time. +func SetCredentials(sys *types.SystemContext, key, username, password string) (string, error) { + helpers, jsonEditor, key, isNamespaced, err := prepareForEdit(sys, key, true) if err != nil { - return err + return "", err } - helpers, err := sysregistriesv2.CredentialHelpers(sys) + // Make sure to collect all errors. + var multiErr error + for _, helper := range helpers { + var desc string + var err error + switch helper { + // Special-case the built-in helpers for auth files. + case sysregistriesv2.AuthenticationFileHelper: + desc, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { + if ch, exists := fileContents.CredHelpers[key]; exists { + if isNamespaced { + return false, "", unsupportedNamespaceErr(ch) + } + desc, err := setCredsInCredHelper(ch, key, username, password) + if err != nil { + return false, "", err + } + return false, desc, nil + } + creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) + newCreds := dockerAuthConfig{Auth: creds} + fileContents.AuthConfigs[key] = newCreds + return true, "", nil + }) + // External helpers. + default: + if isNamespaced { + err = unsupportedNamespaceErr(helper) + } else { + desc, err = setCredsInCredHelper(helper, key, username, password) + } + } + if err != nil { + multiErr = multierror.Append(multiErr, err) + logrus.Debugf("Error storing credentials for %s in credential helper %s: %v", key, helper, err) + continue + } + logrus.Debugf("Stored credentials for %s in credential helper %s", key, helper) + return desc, nil + } + return "", multiErr +} + +func unsupportedNamespaceErr(helper string) error { + return fmt.Errorf("namespaced key is not supported for credential helper %s", helper) +} + +// SetAuthentication stores the username and password in the credential helper or file +// See the documentation of SetCredentials for format of "key" +func SetAuthentication(sys *types.SystemContext, key, username, password string) error { + _, err := SetCredentials(sys, key, username, password) + return err +} + +// RemoveAuthentication removes credentials for `key` from all possible +// sources such as credential helpers and auth files. +// A valid key is a repository, a namespace within a registry, or a registry hostname; +// using forms other than just a registry may fail depending on configuration. +func RemoveAuthentication(sys *types.SystemContext, key string) error { + helpers, jsonEditor, key, isNamespaced, err := prepareForEdit(sys, key, true) if err != nil { return err } @@ -411,7 +402,7 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error { switch helper { // Special-case the built-in helper for auth files. case sysregistriesv2.AuthenticationFileHelper: - _, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { + _, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { if innerHelper, exists := fileContents.CredHelpers[key]; exists { removeFromCredHelper(innerHelper) } @@ -443,7 +434,7 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error { // RemoveAllAuthentication deletes all the credentials stored in credential // helpers and auth files. func RemoveAllAuthentication(sys *types.SystemContext) error { - helpers, err := sysregistriesv2.CredentialHelpers(sys) + helpers, jsonEditor, _, _, err := prepareForEdit(sys, "", false) if err != nil { return err } @@ -454,7 +445,7 @@ func RemoveAllAuthentication(sys *types.SystemContext) error { switch helper { // Special-case the built-in helper for auth files. case sysregistriesv2.AuthenticationFileHelper: - _, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { + _, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { for registry, helper := range fileContents.CredHelpers { // Helpers in auth files are expected // to exist, so no special treatment @@ -497,6 +488,46 @@ func RemoveAllAuthentication(sys *types.SystemContext) error { return multiErr } +// prepareForEdit processes sys and key (if keyRelevant) to return: +// - a list of credential helpers +// - a function which can be used to edit the JSON file +// - the key value to actually use in credential helpers / JSON +// - a boolean which is true if key is namespaced (and should not be used with credential helpers). +func prepareForEdit(sys *types.SystemContext, key string, keyRelevant bool) ([]string, func(*types.SystemContext, func(*dockerConfigFile) (bool, string, error)) (string, error), string, bool, error) { + var isNamespaced bool + if keyRelevant { + ns, err := validateKey(key) + if err != nil { + return nil, nil, "", false, err + } + isNamespaced = ns + } + + if sys != nil && sys.DockerCompatAuthFilePath != "" { + if sys.AuthFilePath != "" { + return nil, nil, "", false, errors.New("AuthFilePath and DockerCompatAuthFilePath can not be set simultaneously") + } + if keyRelevant { + if isNamespaced { + return nil, nil, "", false, fmt.Errorf("Credentials cannot be recorded in Docker-compatible format with namespaced key %q", key) + } + if key == "docker.io" { + key = "https://index.docker.io/v1/" + } + } + + // Do not use helpers defined in sysregistriesv2 because Docker isn’t aware of them. + return []string{sysregistriesv2.AuthenticationFileHelper}, modifyDockerConfigJSON, key, false, nil + } + + helpers, err := sysregistriesv2.CredentialHelpers(sys) + if err != nil { + return nil, nil, "", false, err + } + + return helpers, modifyJSON, key, isNamespaced, nil +} + func listCredsInCredHelper(credHelper string) (map[string]string, error) { helperName := fmt.Sprintf("docker-credential-%s", credHelper) p := helperclient.NewShellProgramFunc(helperName) @@ -513,9 +544,17 @@ func getPathToAuth(sys *types.SystemContext) (authPath, bool, error) { // it exists only to allow testing it with an artificial runtime.GOOS. func getPathToAuthWithOS(sys *types.SystemContext, goOS string) (authPath, bool, error) { if sys != nil { + if sys.AuthFilePath != "" && sys.DockerCompatAuthFilePath != "" { + return authPath{}, false, errors.New("AuthFilePath and DockerCompatAuthFilePath can not be set simultaneously") + } if sys.AuthFilePath != "" { return newAuthPathDefault(sys.AuthFilePath), true, nil } + // When reading, we can process auth.json and Docker’s config.json with the same code. + // When writing, prepareForEdit chooses an appropriate jsonEditor implementation. + if sys.DockerCompatAuthFilePath != "" { + return newAuthPathDefault(sys.DockerCompatAuthFilePath), true, nil + } if sys.LegacyFormatAuthFilePath != "" { return authPath{path: sys.LegacyFormatAuthFilePath, legacyFormat: true}, true, nil } @@ -626,6 +665,86 @@ func modifyJSON(sys *types.SystemContext, editor func(fileContents *dockerConfig return description, nil } +// modifyDockerConfigJSON finds a docker config.json file, calls editor on the contents, and +// writes it back if editor returns true. +// Returns a human-readable description of the file, to be returned by SetCredentials. +// +// The editor may also return a human-readable description of the updated location; if it is "", +// the file itself is used. +func modifyDockerConfigJSON(sys *types.SystemContext, editor func(fileContents *dockerConfigFile) (bool, string, error)) (string, error) { + if sys == nil || sys.DockerCompatAuthFilePath == "" { + return "", errors.New("internal error: modifyDockerConfigJSON called with DockerCompatAuthFilePath not set") + } + path := sys.DockerCompatAuthFilePath + + dir := filepath.Dir(path) + if err := os.MkdirAll(dir, 0700); err != nil { + return "", err + } + + // Try hard not to clobber fields we don’t understand, even fields which may be added in future Docker versions. + var rawContents map[string]json.RawMessage + originalBytes, err := os.ReadFile(path) + switch { + case err == nil: + if err := json.Unmarshal(originalBytes, &rawContents); err != nil { + return "", fmt.Errorf("unmarshaling JSON at %q: %w", path, err) + } + case errors.Is(err, fs.ErrNotExist): + rawContents = map[string]json.RawMessage{} + default: // err != nil + return "", err + } + + syntheticContents := dockerConfigFile{ + AuthConfigs: map[string]dockerAuthConfig{}, + CredHelpers: map[string]string{}, + } + // json.Unmarshal also falls back to case-insensitive field matching; this code does not do that. Presumably + // config.json is mostly maintained by machines doing `docker login`, so the files should, hopefully, not contain field names with + // unexpected case. + if rawAuths, ok := rawContents["auths"]; ok { + // This conversion will lose fields we don’t know about; when updating an entry, we can’t tell whether an unknown field + // should be preserved or discarded (because it is made obsolete/unwanted with the new credentials). + // It might make sense to track which entries of "auths" we actually modified, and to not touch any others. + if err := json.Unmarshal(rawAuths, &syntheticContents.AuthConfigs); err != nil { + return "", fmt.Errorf(`unmarshaling "auths" in JSON at %q: %w`, path, err) + } + } + if rawCH, ok := rawContents["credHelpers"]; ok { + if err := json.Unmarshal(rawCH, &syntheticContents.CredHelpers); err != nil { + return "", fmt.Errorf(`unmarshaling "credHelpers" in JSON at %q: %w`, path, err) + + } + } + + updated, description, err := editor(&syntheticContents) + if err != nil { + return "", fmt.Errorf("updating %q: %w", path, err) + } + if updated { + rawAuths, err := json.MarshalIndent(syntheticContents.AuthConfigs, "", "\t") + if err != nil { + return "", fmt.Errorf("marshaling JSON %q: %w", path, err) + } + rawContents["auths"] = rawAuths + // We never modify syntheticContents.CredHelpers, so we don’t need to update it. + newData, err := json.MarshalIndent(rawContents, "", "\t") + if err != nil { + return "", fmt.Errorf("marshaling JSON %q: %w", path, err) + } + + if err = ioutils.AtomicWriteFile(path, newData, 0600); err != nil { + return "", fmt.Errorf("writing to file %q: %w", path, err) + } + } + + if description == "" { + description = path + } + return description, nil +} + func getCredsFromCredHelper(credHelper, registry string) (types.DockerAuthConfig, error) { helperName := fmt.Sprintf("docker-credential-%s", credHelper) p := helperclient.NewShellProgramFunc(helperName) diff --git a/vendor/github.com/containers/image/v5/storage/storage_reference.go b/vendor/github.com/containers/image/v5/storage/storage_reference.go index ba230d1fddc9..a55e34054ab9 100644 --- a/vendor/github.com/containers/image/v5/storage/storage_reference.go +++ b/vendor/github.com/containers/image/v5/storage/storage_reference.go @@ -102,6 +102,8 @@ func multiArchImageMatchesSystemContext(store storage.Store, img *storage.Image, // Resolve the reference's name to an image ID in the store, if there's already // one present with the same name or ID, and return the image. +// +// Returns an error matching ErrNoSuchImage if an image matching ref was not found. func (s *storageReference) resolveImage(sys *types.SystemContext) (*storage.Image, error) { var loadedImage *storage.Image if s.id == "" && s.named != nil { @@ -297,6 +299,8 @@ func (s storageReference) NewImageDestination(ctx context.Context, sys *types.Sy // Note that it _is_ possible for the later uses to fail, either because the image was removed // completely, or because the name used in the reference was untaged (even if the underlying image // ID still exists in local storage). +// +// Returns an error matching ErrNoSuchImage if an image matching ref was not found. func ResolveReference(ref types.ImageReference) (types.ImageReference, *storage.Image, error) { sref, ok := ref.(*storageReference) if !ok { diff --git a/vendor/github.com/containers/image/v5/storage/storage_transport.go b/vendor/github.com/containers/image/v5/storage/storage_transport.go index e9f42dc0a8cc..deb500b4d27a 100644 --- a/vendor/github.com/containers/image/v5/storage/storage_transport.go +++ b/vendor/github.com/containers/image/v5/storage/storage_transport.go @@ -53,7 +53,8 @@ type StoreTransport interface { // can return different images, with no way for the caller to "freeze" the storage.Image identity // without discarding the name entirely. // - // Use storage.ResolveReference instead. + // Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns + // c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown. GetImage(types.ImageReference) (*storage.Image, error) // GetStoreImage retrieves the image from a specified store that's named // by the reference. @@ -65,7 +66,8 @@ type StoreTransport interface { // // Also, a StoreTransport reference already contains a store, so providing another one is redundant. // - // Use storage.ResolveReference instead. + // Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns + // c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown. GetStoreImage(storage.Store, types.ImageReference) (*storage.Image, error) // ParseStoreReference parses a reference, overriding any store // specification that it may contain. @@ -312,7 +314,8 @@ func (s *storageTransport) ParseReference(reference string) (types.ImageReferenc // // Also, a StoreTransport reference already contains a store, so providing another one is redundant. // -// Use storage.ResolveReference instead. +// Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns +// c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown. func (s storageTransport) GetStoreImage(store storage.Store, ref types.ImageReference) (*storage.Image, error) { dref := ref.DockerReference() if dref != nil { @@ -334,7 +337,8 @@ func (s storageTransport) GetStoreImage(store storage.Store, ref types.ImageRefe // can return different images, with no way for the caller to "freeze" the storage.Image identity // without discarding the name entirely. // -// Use storage.ResolveReference instead. +// Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns +// c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown. func (s *storageTransport) GetImage(ref types.ImageReference) (*storage.Image, error) { store, err := s.GetStore() if err != nil { diff --git a/vendor/github.com/containers/image/v5/types/types.go b/vendor/github.com/containers/image/v5/types/types.go index 7de93bb37fea..180a98c5ba44 100644 --- a/vendor/github.com/containers/image/v5/types/types.go +++ b/vendor/github.com/containers/image/v5/types/types.go @@ -594,6 +594,10 @@ type SystemContext struct { // this field is ignored if `AuthFilePath` is set (we favor the newer format); // only reading of this data is supported; LegacyFormatAuthFilePath string + // If set, a path to a Docker-compatible "config.json" file containing credentials; and no other files are processed. + // This must not be set if AuthFilePath is set. + // Only credentials and credential helpers in this file apre processed, not any other configuration in this file. + DockerCompatAuthFilePath string // If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match. ArchitectureChoice string // If not "", overrides the use of platform.GOOS when choosing an image or verifying OS match. diff --git a/vendor/github.com/containers/image/v5/version/version.go b/vendor/github.com/containers/image/v5/version/version.go index e93746e569a5..990f0a96d2c0 100644 --- a/vendor/github.com/containers/image/v5/version/version.go +++ b/vendor/github.com/containers/image/v5/version/version.go @@ -6,12 +6,12 @@ const ( // VersionMajor is for an API incompatible changes VersionMajor = 5 // VersionMinor is for functionality in a backwards-compatible manner - VersionMinor = 28 + VersionMinor = 29 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 1 + VersionPatch = 0 // VersionDev indicates development branch. Releases will be empty string. - VersionDev = "-dev" + VersionDev = "" ) // Version is the specification version that the package types support. diff --git a/vendor/github.com/containers/luksy/.cirrus.yml b/vendor/github.com/containers/luksy/.cirrus.yml index 08e1cb885fa9..b639575b2c5b 100644 --- a/vendor/github.com/containers/luksy/.cirrus.yml +++ b/vendor/github.com/containers/luksy/.cirrus.yml @@ -9,8 +9,23 @@ docker_builder: apt-get -q install -y bats cryptsetup golang go version make - unit_test_script: + unit_test_script: | go test -timeout 45m -v -cover + case $(go env GOARCH) in + amd64) + otherarch=386;; + arm64) + otherarch=arm;; + mips64) + otherarch=mips;; + mips64le) + otherarch=mipsle;; + esac + if test -n "$otherarch" ; then + echo running unit tests again with GOARCH=$otherarch + GOARCH=$otherarch go test -timeout 45m -v -cover + fi + : defaults_script: | bats -f defaults ./tests aes_script: | diff --git a/vendor/github.com/containers/luksy/tune.go b/vendor/github.com/containers/luksy/tune.go index ac01cf105d46..6624f8826a2f 100644 --- a/vendor/github.com/containers/luksy/tune.go +++ b/vendor/github.com/containers/luksy/tune.go @@ -40,7 +40,7 @@ func memoryCostArgon2(salt []byte, keyLen, timeCost, threadsCost int, kdf func([ if d < time.Second/10 { memoryCost *= 2 } else { - return memoryCost * int(time.Second) / int(d) + return memoryCost * int(float64(time.Second)/float64(d)) } } return memoryCost diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION index c3bcae0809f0..ba0a719118ce 100644 --- a/vendor/github.com/containers/storage/VERSION +++ b/vendor/github.com/containers/storage/VERSION @@ -1 +1 @@ -1.50.3-dev +1.51.0 diff --git a/vendor/github.com/go-jose/go-jose/v3/CHANGELOG.md b/vendor/github.com/go-jose/go-jose/v3/CHANGELOG.md new file mode 100644 index 000000000000..7820c2f4d78f --- /dev/null +++ b/vendor/github.com/go-jose/go-jose/v3/CHANGELOG.md @@ -0,0 +1,8 @@ +# v3.0.1 + +Fixed: + - Security issue: an attacker specifying a large "p2c" value can cause + JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large + amounts of CPU, causing a DoS. Thanks to Matt Schwager (@mschwager) for the + disclosure and to Tom Tervoort for originally publishing the category of attack. + https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf diff --git a/vendor/github.com/go-jose/go-jose/v3/symmetric.go b/vendor/github.com/go-jose/go-jose/v3/symmetric.go index fb54775ed61b..1ffd2708b219 100644 --- a/vendor/github.com/go-jose/go-jose/v3/symmetric.go +++ b/vendor/github.com/go-jose/go-jose/v3/symmetric.go @@ -415,6 +415,11 @@ func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipien if p2c <= 0 { return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: must be a positive integer") } + if p2c > 1000000 { + // An unauthenticated attacker can set a high P2C value. Set an upper limit to avoid + // DoS attacks. + return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: too high") + } // salt is UTF8(Alg) || 0x00 || Salt Input alg := headers.getAlgorithm() diff --git a/vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md b/vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md index 33686e4da8be..7a17b9f99309 100644 --- a/vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md +++ b/vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.7.5 (Nov 8, 2023) + +BUG FIXES + +- client: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections [GH-207] + ## 0.7.4 (Jun 6, 2023) BUG FIXES diff --git a/vendor/github.com/hashicorp/go-retryablehttp/client.go b/vendor/github.com/hashicorp/go-retryablehttp/client.go index cad96bd97b45..c9edbd0595b0 100644 --- a/vendor/github.com/hashicorp/go-retryablehttp/client.go +++ b/vendor/github.com/hashicorp/go-retryablehttp/client.go @@ -160,6 +160,20 @@ func (r *Request) SetBody(rawBody interface{}) error { } r.body = bodyReader r.ContentLength = contentLength + if bodyReader != nil { + r.GetBody = func() (io.ReadCloser, error) { + body, err := bodyReader() + if err != nil { + return nil, err + } + if rc, ok := body.(io.ReadCloser); ok { + return rc, nil + } + return io.NopCloser(body), nil + } + } else { + r.GetBody = func() (io.ReadCloser, error) { return http.NoBody, nil } + } return nil } @@ -302,18 +316,19 @@ func NewRequest(method, url string, rawBody interface{}) (*Request, error) { // The context controls the entire lifetime of a request and its response: // obtaining a connection, sending the request, and reading the response headers and body. func NewRequestWithContext(ctx context.Context, method, url string, rawBody interface{}) (*Request, error) { - bodyReader, contentLength, err := getBodyReaderAndContentLength(rawBody) + httpReq, err := http.NewRequestWithContext(ctx, method, url, nil) if err != nil { return nil, err } - httpReq, err := http.NewRequestWithContext(ctx, method, url, nil) - if err != nil { + req := &Request{ + Request: httpReq, + } + if err := req.SetBody(rawBody); err != nil { return nil, err } - httpReq.ContentLength = contentLength - return &Request{body: bodyReader, Request: httpReq}, nil + return req, nil } // Logger interface allows to use other loggers than diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md index 43de4867758c..7e83f583c00a 100644 --- a/vendor/github.com/klauspost/compress/README.md +++ b/vendor/github.com/klauspost/compress/README.md @@ -16,6 +16,14 @@ This package provides various compression algorithms. # changelog +* Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2) + * zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876 + +* Oct 14th, 2023 - [v1.17.1](https://github.com/klauspost/compress/releases/tag/v1.17.1) + * s2: Fix S2 "best" dictionary wrong encoding by @klauspost in https://github.com/klauspost/compress/pull/871 + * flate: Reduce allocations in decompressor and minor code improvements by @fakefloordiv in https://github.com/klauspost/compress/pull/869 + * s2: Fix EstimateBlockSize on 6&7 length input by @klauspost in https://github.com/klauspost/compress/pull/867 + * Sept 19th, 2023 - [v1.17.0](https://github.com/klauspost/compress/releases/tag/v1.17.0) * Add experimental dictionary builder https://github.com/klauspost/compress/pull/853 * Add xerial snappy read/writer https://github.com/klauspost/compress/pull/838 diff --git a/vendor/github.com/klauspost/compress/fse/compress.go b/vendor/github.com/klauspost/compress/fse/compress.go index 65d777357aac..074018d8f94c 100644 --- a/vendor/github.com/klauspost/compress/fse/compress.go +++ b/vendor/github.com/klauspost/compress/fse/compress.go @@ -212,7 +212,7 @@ func (s *Scratch) writeCount() error { previous0 bool charnum uint16 - maxHeaderSize = ((int(s.symbolLen) * int(tableLog)) >> 3) + 3 + maxHeaderSize = ((int(s.symbolLen)*int(tableLog) + 4 + 2) >> 3) + 3 // Write Table Size bitStream = uint32(tableLog - minTablelog) diff --git a/vendor/github.com/klauspost/compress/zstd/enc_best.go b/vendor/github.com/klauspost/compress/zstd/enc_best.go index 858f8f43a563..c81a15357af6 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_best.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_best.go @@ -43,7 +43,7 @@ func (m *match) estBits(bitsPerByte int32) { if m.rep < 0 { ofc = ofCode(uint32(m.s-m.offset) + 3) } else { - ofc = ofCode(uint32(m.rep)) + ofc = ofCode(uint32(m.rep) & 3) } // Cost, excluding ofTT, mlTT := fsePredefEnc[tableOffsets].ct.symbolTT[ofc], fsePredefEnc[tableMatchLengths].ct.symbolTT[mlc] @@ -227,7 +227,7 @@ encodeLoop: } } l := 4 + e.matchlen(s+4, offset+4, src) - if rep < 0 { + if true { // Extend candidate match backwards as far as possible. tMin := s - e.maxMatchOff if tMin < 0 { @@ -282,6 +282,7 @@ encodeLoop: // Load next and check... e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: candidateL.offset} e.table[nextHashS] = prevEntry{offset: s + e.cur, prev: candidateS.offset} + index0 := s + 1 // Look far ahead, unless we have a really long match already... if best.length < goodEnough { @@ -357,19 +358,16 @@ encodeLoop: blk.sequences = append(blk.sequences, seq) // Index old s + 1 -> s - 1 - index0 := s + 1 s = best.s + best.length - nextEmit = s - if s >= sLimit { - if debugEncoder { - println("repeat ended", s, best.length) - } - break encodeLoop - } + // Index skipped... + end := s + if s > sLimit+4 { + end = sLimit + 4 + } off := index0 + e.cur - for index0 < s { + for index0 < end { cv0 := load6432(src, index0) h0 := hashLen(cv0, bestLongTableBits, bestLongLen) h1 := hashLen(cv0, bestShortTableBits, bestShortLen) @@ -378,6 +376,7 @@ encodeLoop: off++ index0++ } + switch best.rep { case 2, 4 | 1: offset1, offset2 = offset2, offset1 @@ -386,12 +385,17 @@ encodeLoop: case 4 | 3: offset1, offset2, offset3 = offset1-1, offset1, offset2 } + if s >= sLimit { + if debugEncoder { + println("repeat ended", s, best.length) + } + break encodeLoop + } continue } // A 4-byte match has been found. Update recent offsets. // We'll later see if more than 4 bytes. - index0 := s + 1 s = best.s t := best.offset offset1, offset2, offset3 = s-t, offset1, offset2 @@ -419,19 +423,25 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) nextEmit = s - if s >= sLimit { - break encodeLoop + + // Index old s + 1 -> s - 1 or sLimit + end := s + if s > sLimit-4 { + end = sLimit - 4 } - // Index old s + 1 -> s - 1 - for index0 < s { + off := index0 + e.cur + for index0 < end { cv0 := load6432(src, index0) h0 := hashLen(cv0, bestLongTableBits, bestLongLen) h1 := hashLen(cv0, bestShortTableBits, bestShortLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset} index0++ + off++ + } + if s >= sLimit { + break encodeLoop } } diff --git a/vendor/github.com/klauspost/compress/zstd/enc_better.go b/vendor/github.com/klauspost/compress/zstd/enc_better.go index 8582f31a7cc4..20d25b0e0523 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_better.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_better.go @@ -145,7 +145,7 @@ encodeLoop: var t int32 // We allow the encoder to optionally turn off repeat offsets across blocks canRepeat := len(blk.sequences) > 2 - var matched int32 + var matched, index0 int32 for { if debugAsserts && canRepeat && offset1 == 0 { @@ -162,6 +162,7 @@ encodeLoop: off := s + e.cur e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset} e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} + index0 = s + 1 if canRepeat { if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { @@ -258,7 +259,6 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) - index0 := s + repOff2 s += lenght + repOff2 nextEmit = s if s >= sLimit { @@ -498,15 +498,15 @@ encodeLoop: } // Index match start+1 (long) -> s - 1 - index0 := s - l + 1 + off := index0 + e.cur for index0 < s-1 { cv0 := load6432(src, index0) cv1 := cv0 >> 8 h0 := hashLen(cv0, betterLongTableBits, betterLongLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)} index0 += 2 + off += 2 } cv = load6432(src, s) @@ -672,7 +672,7 @@ encodeLoop: var t int32 // We allow the encoder to optionally turn off repeat offsets across blocks canRepeat := len(blk.sequences) > 2 - var matched int32 + var matched, index0 int32 for { if debugAsserts && canRepeat && offset1 == 0 { @@ -691,6 +691,7 @@ encodeLoop: e.markLongShardDirty(nextHashL) e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} e.markShortShardDirty(nextHashS) + index0 = s + 1 if canRepeat { if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { @@ -726,7 +727,6 @@ encodeLoop: blk.sequences = append(blk.sequences, seq) // Index match start+1 (long) -> s - 1 - index0 := s + repOff s += lenght + repOff nextEmit = s @@ -790,7 +790,6 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) - index0 := s + repOff2 s += lenght + repOff2 nextEmit = s if s >= sLimit { @@ -1024,18 +1023,18 @@ encodeLoop: } // Index match start+1 (long) -> s - 1 - index0 := s - l + 1 + off := index0 + e.cur for index0 < s-1 { cv0 := load6432(src, index0) cv1 := cv0 >> 8 h0 := hashLen(cv0, betterLongTableBits, betterLongLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.markLongShardDirty(h0) h1 := hashLen(cv1, betterShortTableBits, betterShortLen) e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)} e.markShortShardDirty(h1) index0 += 2 + off += 2 } cv = load6432(src, s) diff --git a/vendor/github.com/openshift/imagebuilder/builder.go b/vendor/github.com/openshift/imagebuilder/builder.go index b01ed0c0e740..3a86aaf10786 100644 --- a/vendor/github.com/openshift/imagebuilder/builder.go +++ b/vendor/github.com/openshift/imagebuilder/builder.go @@ -29,8 +29,9 @@ type Copy struct { Download bool // If set, the owner:group for the destination. This value is passed // to the executor for handling. - Chown string - Chmod string + Chown string + Chmod string + Checksum string } // Run defines a run operation required in the container. @@ -78,7 +79,7 @@ func (logExecutor) EnsureContainerPathAs(path, user string, mode *os.FileMode) e func (logExecutor) Copy(excludes []string, copies ...Copy) error { for _, c := range copies { - log.Printf("COPY %v -> %s (from:%s download:%t), chown: %s, chmod %s", c.Src, c.Dest, c.From, c.Download, c.Chown, c.Chmod) + log.Printf("COPY %v -> %s (from:%s download:%t), chown: %s, chmod %s, checksum: %s", c.Src, c.Dest, c.From, c.Download, c.Chown, c.Chmod, c.Checksum) } return nil } diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index f264876c14f4..7479e6ab070d 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -137,6 +137,7 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin } var chown string var chmod string + var checksum string last := len(args) - 1 dest := makeAbsolute(args[last], b.RunConfig.WorkingDir) filteredUserArgs := make(map[string]string) @@ -160,11 +161,19 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin if err != nil { return err } + case strings.HasPrefix(arg, "--checksum="): + checksum = strings.TrimPrefix(arg, "--checksum=") default: - return fmt.Errorf("ADD only supports the --chmod= and the --chown= flag") + return fmt.Errorf("ADD only supports the --chmod=, --chown=, and --checksum= flags") } } - b.PendingCopies = append(b.PendingCopies, Copy{Src: args[0:last], Dest: dest, Download: true, Chown: chown, Chmod: chmod}) + b.PendingCopies = append(b.PendingCopies, Copy{ + Src: args[0:last], + Dest: dest, + Download: true, + Chown: chown, + Chmod: chmod, + Checksum: checksum}) return nil } diff --git a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go index f5bef441b7f7..64fc0dbe9671 100644 --- a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go +++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go @@ -261,6 +261,10 @@ func Parse(rwc io.Reader) (*Result, error) { currentLine := 0 root := &Node{StartLine: -1} scanner := bufio.NewScanner(rwc) + buf := []byte{} + // containerfile may contain large lines, + // allocate 2MB for such use-cases. + scanner.Buffer(buf, 2048*1024) warnings := []string{} var err error @@ -312,6 +316,10 @@ func Parse(rwc io.Reader) (*Result, error) { root.AddChild(child, startLine, currentLine) } + if scannerErr := scanner.Err(); scannerErr != nil { + return nil, scannerErr + } + if len(warnings) > 0 { warnings = append(warnings, "[WARNING]: Empty continuation lines will become errors in a future release.") } diff --git a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec index 8f26e33a05f1..194707c54b55 100644 --- a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec +++ b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec @@ -12,7 +12,7 @@ # %global golang_version 1.8.1 -%{!?version: %global version 1.2.5} +%{!?version: %global version 1.2.6-dev} %{!?release: %global release 1} %global package_name imagebuilder %global product_name Container Image Builder diff --git a/vendor/go.opentelemetry.io/otel/.gitignore b/vendor/go.opentelemetry.io/otel/.gitignore index aa699376225d..f3355c852be8 100644 --- a/vendor/go.opentelemetry.io/otel/.gitignore +++ b/vendor/go.opentelemetry.io/otel/.gitignore @@ -13,6 +13,7 @@ go.work.sum gen/ +/example/dice/dice /example/fib/fib /example/fib/traces.txt /example/jaeger/jaeger diff --git a/vendor/go.opentelemetry.io/otel/.golangci.yml b/vendor/go.opentelemetry.io/otel/.golangci.yml index dbb6670b3974..6e8eeec00faf 100644 --- a/vendor/go.opentelemetry.io/otel/.golangci.yml +++ b/vendor/go.opentelemetry.io/otel/.golangci.yml @@ -61,28 +61,63 @@ issues: linters-settings: depguard: - # Check the list against standard lib. - # Default: false - include-go-root: true - # A list of packages for the list type specified. - # Default: [] - packages: - - "crypto/md5" - - "crypto/sha1" - - "crypto/**/pkix" - ignore-file-rules: - - "**/*_test.go" - additional-guards: - # Do not allow testing packages in non-test files. - - list-type: denylist - include-go-root: true - packages: - - testing - - github.com/stretchr/testify - ignore-file-rules: - - "**/*_test.go" - - "**/*test/*.go" - - "**/internal/matchers/*.go" + rules: + non-tests: + files: + - "!$test" + - "!**/*test/*.go" + - "!**/internal/matchers/*.go" + deny: + - pkg: "testing" + - pkg: "github.com/stretchr/testify" + - pkg: "crypto/md5" + - pkg: "crypto/sha1" + - pkg: "crypto/**/pkix" + otlp-internal: + files: + - "!**/exporters/otlp/internal/**/*.go" + deny: + - pkg: "go.opentelemetry.io/otel/exporters/otlp/internal" + desc: Do not use cross-module internal packages. + otlptrace-internal: + files: + - "!**/exporters/otlp/otlptrace/*.go" + - "!**/exporters/otlp/otlptrace/internal/**.go" + deny: + - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal" + desc: Do not use cross-module internal packages. + otlpmetric-internal: + files: + - "!**/exporters/otlp/otlpmetric/internal/*.go" + - "!**/exporters/otlp/otlpmetric/internal/**/*.go" + deny: + - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal" + desc: Do not use cross-module internal packages. + otel-internal: + files: + - "**/sdk/*.go" + - "**/sdk/**/*.go" + - "**/exporters/*.go" + - "**/exporters/**/*.go" + - "**/schema/*.go" + - "**/schema/**/*.go" + - "**/metric/*.go" + - "**/metric/**/*.go" + - "**/bridge/*.go" + - "**/bridge/**/*.go" + - "**/example/*.go" + - "**/example/**/*.go" + - "**/trace/*.go" + - "**/trace/**/*.go" + deny: + - pkg: "go.opentelemetry.io/otel/internal$" + desc: Do not use cross-module internal packages. + - pkg: "go.opentelemetry.io/otel/internal/attribute" + desc: Do not use cross-module internal packages. + - pkg: "go.opentelemetry.io/otel/internal/internaltest" + desc: Do not use cross-module internal packages. + - pkg: "go.opentelemetry.io/otel/internal/matchers" + desc: Do not use cross-module internal packages. godot: exclude: # Exclude links. diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md index d9f145f86d7a..3e5c35b5dcc6 100644 --- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md +++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md @@ -8,6 +8,164 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm ## [Unreleased] +## [1.19.0/0.42.0/0.0.7] 2023-09-28 + +This release contains the first stable release of the OpenTelemetry Go [metric SDK]. +Our project stability guarantees now apply to the `go.opentelemetry.io/otel/sdk/metric` package. +See our [versioning policy](VERSIONING.md) for more information about these stability guarantees. + +### Added + +- Add the "Roll the dice" getting started application example in `go.opentelemetry.io/otel/example/dice`. (#4539) +- The `WithWriter` and `WithPrettyPrint` options to `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric` to set a custom `io.Writer`, and allow displaying the output in human-readable JSON. (#4507) + +### Changed + +- Allow '/' characters in metric instrument names. (#4501) +- The exporter in `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric` does not prettify its output by default anymore. (#4507) +- Upgrade `gopkg.io/yaml` from `v2` to `v3` in `go.opentelemetry.io/otel/schema`. (#4535) + +### Fixed + +- In `go.opentelemetry.op/otel/exporters/prometheus`, don't try to create the Prometheus metric on every `Collect` if we know the scope is invalid. (#4499) + +### Removed + +- Remove `"go.opentelemetry.io/otel/bridge/opencensus".NewMetricExporter`, which is replaced by `NewMetricProducer`. (#4566) + +## [1.19.0-rc.1/0.42.0-rc.1] 2023-09-14 + +This is a release candidate for the v1.19.0/v0.42.0 release. +That release is expected to include the `v1` release of the OpenTelemetry Go metric SDK and will provide stability guarantees of that SDK. +See our [versioning policy](VERSIONING.md) for more information about these stability guarantees. + +### Changed + +- Allow '/' characters in metric instrument names. (#4501) + +### Fixed + +- In `go.opentelemetry.op/otel/exporters/prometheus`, don't try to create the prometheus metric on every `Collect` if we know the scope is invalid. (#4499) + +## [1.18.0/0.41.0/0.0.6] 2023-09-12 + +This release drops the compatibility guarantee of [Go 1.19]. + +### Added + +- Add `WithProducer` option in `go.opentelemetry.op/otel/exporters/prometheus` to restore the ability to register producers on the prometheus exporter's manual reader. (#4473) +- Add `IgnoreValue` option in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest` to allow ignoring values when comparing metrics. (#4447) + +### Changed + +- Use a `TestingT` interface instead of `*testing.T` struct in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest`. (#4483) + +### Deprecated + +- The `NewMetricExporter` in `go.opentelemetry.io/otel/bridge/opencensus` was deprecated in `v0.35.0` (#3541). + The deprecation notice format for the function has been corrected to trigger Go documentation and build tooling. (#4470) + +### Removed + +- Removed the deprecated `go.opentelemetry.io/otel/exporters/jaeger` package. (#4467) +- Removed the deprecated `go.opentelemetry.io/otel/example/jaeger` package. (#4467) +- Removed the deprecated `go.opentelemetry.io/otel/sdk/metric/aggregation` package. (#4468) +- Removed the deprecated internal packages in `go.opentelemetry.io/otel/exporters/otlp` and its sub-packages. (#4469) +- Dropped guaranteed support for versions of Go less than 1.20. (#4481) + +## [1.17.0/0.40.0/0.0.5] 2023-08-28 + +### Added + +- Export the `ManualReader` struct in `go.opentelemetry.io/otel/sdk/metric`. (#4244) +- Export the `PeriodicReader` struct in `go.opentelemetry.io/otel/sdk/metric`. (#4244) +- Add support for exponential histogram aggregations. + A histogram can be configured as an exponential histogram using a view with `"go.opentelemetry.io/otel/sdk/metric".ExponentialHistogram` as the aggregation. (#4245) +- Export the `Exporter` struct in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4272) +- Export the `Exporter` struct in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4272) +- The exporters in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` now support the `OTEL_EXPORTER_OTLP_METRICS_TEMPORALITY_PREFERENCE` environment variable. (#4287) +- Add `WithoutCounterSuffixes` option in `go.opentelemetry.io/otel/exporters/prometheus` to disable addition of `_total` suffixes. (#4306) +- Add info and debug logging to the metric SDK in `go.opentelemetry.io/otel/sdk/metric`. (#4315) +- The `go.opentelemetry.io/otel/semconv/v1.21.0` package. + The package contains semantic conventions from the `v1.21.0` version of the OpenTelemetry Semantic Conventions. (#4362) +- Accept 201 to 299 HTTP status as success in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4365) +- Document the `Temporality` and `Aggregation` methods of the `"go.opentelemetry.io/otel/sdk/metric".Exporter"` need to be concurrent safe. (#4381) +- Expand the set of units supported by the Prometheus exporter, and don't add unit suffixes if they are already present in `go.opentelemetry.op/otel/exporters/prometheus` (#4374) +- Move the `Aggregation` interface and its implementations from `go.opentelemetry.io/otel/sdk/metric/aggregation` to `go.opentelemetry.io/otel/sdk/metric`. (#4435) +- The exporters in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` now support the `OTEL_EXPORTER_OTLP_METRICS_DEFAULT_HISTOGRAM_AGGREGATION` environment variable. (#4437) +- Add the `NewAllowKeysFilter` and `NewDenyKeysFilter` functions to `go.opentelemetry.io/otel/attribute` to allow convenient creation of allow-keys and deny-keys filters. (#4444) +- Support Go 1.21. (#4463) + +### Changed + +- Starting from `v1.21.0` of semantic conventions, `go.opentelemetry.io/otel/semconv/{version}/httpconv` and `go.opentelemetry.io/otel/semconv/{version}/netconv` packages will no longer be published. (#4145) +- Log duplicate instrument conflict at a warning level instead of info in `go.opentelemetry.io/otel/sdk/metric`. (#4202) +- Return an error on the creation of new instruments in `go.opentelemetry.io/otel/sdk/metric` if their name doesn't pass regexp validation. (#4210) +- `NewManualReader` in `go.opentelemetry.io/otel/sdk/metric` returns `*ManualReader` instead of `Reader`. (#4244) +- `NewPeriodicReader` in `go.opentelemetry.io/otel/sdk/metric` returns `*PeriodicReader` instead of `Reader`. (#4244) +- Count the Collect time in the `PeriodicReader` timeout in `go.opentelemetry.io/otel/sdk/metric`. (#4221) +- The function `New` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` returns `*Exporter` instead of `"go.opentelemetry.io/otel/sdk/metric".Exporter`. (#4272) +- The function `New` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` returns `*Exporter` instead of `"go.opentelemetry.io/otel/sdk/metric".Exporter`. (#4272) +- If an attribute set is omitted from an async callback, the previous value will no longer be exported in `go.opentelemetry.io/otel/sdk/metric`. (#4290) +- If an attribute set is observed multiple times in an async callback in `go.opentelemetry.io/otel/sdk/metric`, the values will be summed instead of the last observation winning. (#4289) +- Allow the explicit bucket histogram aggregation to be used for the up-down counter, observable counter, observable up-down counter, and observable gauge in the `go.opentelemetry.io/otel/sdk/metric` package. (#4332) +- Restrict `Meter`s in `go.opentelemetry.io/otel/sdk/metric` to only register and collect instruments it created. (#4333) +- `PeriodicReader.Shutdown` and `PeriodicReader.ForceFlush` in `go.opentelemetry.io/otel/sdk/metric` now apply the periodic reader's timeout to the operation if the user provided context does not contain a deadline. (#4356, #4377) +- Upgrade all use of `go.opentelemetry.io/otel/semconv` to use `v1.21.0`. (#4408) +- Increase instrument name maximum length from 63 to 255 characters in `go.opentelemetry.io/otel/sdk/metric`. (#4434) +- Add `go.opentelemetry.op/otel/sdk/metric.WithProducer` as an `Option` for `"go.opentelemetry.io/otel/sdk/metric".NewManualReader` and `"go.opentelemetry.io/otel/sdk/metric".NewPeriodicReader`. (#4346) + +### Removed + +- Remove `Reader.RegisterProducer` in `go.opentelemetry.io/otel/metric`. + Use the added `WithProducer` option instead. (#4346) +- Remove `Reader.ForceFlush` in `go.opentelemetry.io/otel/metric`. + Notice that `PeriodicReader.ForceFlush` is still available. (#4375) + +### Fixed + +- Correctly format log messages from the `go.opentelemetry.io/otel/exporters/zipkin` exporter. (#4143) +- Log an error for calls to `NewView` in `go.opentelemetry.io/otel/sdk/metric` that have empty criteria. (#4307) +- Fix `"go.opentelemetry.io/otel/sdk/resource".WithHostID()` to not set an empty `host.id`. (#4317) +- Use the instrument identifying fields to cache aggregators and determine duplicate instrument registrations in `go.opentelemetry.io/otel/sdk/metric`. (#4337) +- Detect duplicate instruments for case-insensitive names in `go.opentelemetry.io/otel/sdk/metric`. (#4338) +- The `ManualReader` will not panic if `AggregationSelector` returns `nil` in `go.opentelemetry.io/otel/sdk/metric`. (#4350) +- If a `Reader`'s `AggregationSelector` returns `nil` or `DefaultAggregation` the pipeline will use the default aggregation. (#4350) +- Log a suggested view that fixes instrument conflicts in `go.opentelemetry.io/otel/sdk/metric`. (#4349) +- Fix possible panic, deadlock and race condition in batch span processor in `go.opentelemetry.io/otel/sdk/trace`. (#4353) +- Improve context cancellation handling in batch span processor's `ForceFlush` in `go.opentelemetry.io/otel/sdk/trace`. (#4369) +- Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` using gotmpl. (#4397, #3846) +- Decouple `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` using gotmpl. (#4404, #3846) +- Decouple `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` using gotmpl. (#4407, #3846) +- Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` using gotmpl. (#4400, #3846) +- Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` using gotmpl. (#4401, #3846) +- Do not block the metric SDK when OTLP metric exports are blocked in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#3925, #4395) +- Do not append `_total` if the counter already has that suffix for the Prometheus exproter in `go.opentelemetry.io/otel/exporter/prometheus`. (#4373) +- Fix resource detection data race in `go.opentelemetry.io/otel/sdk/resource`. (#4409) +- Use the first-seen instrument name during instrument name conflicts in `go.opentelemetry.io/otel/sdk/metric`. (#4428) + +### Deprecated + +- The `go.opentelemetry.io/otel/exporters/jaeger` package is deprecated. + OpenTelemetry dropped support for Jaeger exporter in July 2023. + Use `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` + or `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` instead. (#4423) +- The `go.opentelemetry.io/otel/example/jaeger` package is deprecated. (#4423) +- The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` package is deprecated. (#4420) +- The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/oconf` package is deprecated. (#4420) +- The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/otest` package is deprecated. (#4420) +- The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/transform` package is deprecated. (#4420) +- The `go.opentelemetry.io/otel/exporters/otlp/internal` package is deprecated. (#4421) +- The `go.opentelemetry.io/otel/exporters/otlp/internal/envconfig` package is deprecated. (#4421) +- The `go.opentelemetry.io/otel/exporters/otlp/internal/retry` package is deprecated. (#4421) +- The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` package is deprecated. (#4425) +- The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/envconfig` package is deprecated. (#4425) +- The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlpconfig` package is deprecated. (#4425) +- The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlptracetest` package is deprecated. (#4425) +- The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/retry` package is deprecated. (#4425) +- The `go.opentelemetry.io/otel/sdk/metric/aggregation` package is deprecated. + Use the aggregation types added to `go.opentelemetry.io/otel/sdk/metric` instead. (#4435) + ## [1.16.0/0.39.0] 2023-05-18 This release contains the first stable release of the OpenTelemetry Go [metric API]. @@ -20,10 +178,14 @@ See our [versioning policy](VERSIONING.md) for more information about these stab The package contains semantic conventions from the `v1.19.0` version of the OpenTelemetry specification. (#3848) - The `go.opentelemetry.io/otel/semconv/v1.20.0` package. The package contains semantic conventions from the `v1.20.0` version of the OpenTelemetry specification. (#4078) +- The Exponential Histogram data types in `go.opentelemetry.io/otel/sdk/metric/metricdata`. (#4165) +- OTLP metrics exporter now supports the Exponential Histogram Data Type. (#4222) +- Fix serialization of `time.Time` zero values in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` packages. (#4271) ### Changed - Use `strings.Cut()` instead of `string.SplitN()` for better readability and memory use. (#4049) +- `MeterProvider` returns noop meters once it has been shutdown. (#4154) ### Removed @@ -188,6 +350,8 @@ This release drops the compatibility guarantee of [Go 1.18]. - Handle empty environment variable as it they were not set. (#3764) - Clarify the `httpconv` and `netconv` packages in `go.opentelemetry.io/otel/semconv/*` provide tracing semantic conventions. (#3823) +- Fix race conditions in `go.opentelemetry.io/otel/exporters/metric/prometheus` that could cause a panic. (#3899) +- Fix sending nil `scopeInfo` to metrics channel in `go.opentelemetry.io/otel/exporters/metric/prometheus` that could cause a panic in `github.com/prometheus/client_golang/prometheus`. (#3899) ### Deprecated @@ -2492,7 +2656,11 @@ It contains api and sdk for trace and meter. - CircleCI build CI manifest files. - CODEOWNERS file to track owners of this project. -[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.16.0...HEAD +[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.19.0...HEAD +[1.19.0/0.42.0/0.0.7]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0 +[1.19.0-rc.1/0.42.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0-rc.1 +[1.18.0/0.41.0/0.0.6]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.18.0 +[1.17.0/0.40.0/0.0.5]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.17.0 [1.16.0/0.39.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.16.0 [1.16.0-rc.1/0.39.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.16.0-rc.1 [1.15.1/0.38.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.15.1 @@ -2563,5 +2731,7 @@ It contains api and sdk for trace and meter. [Go 1.20]: https://go.dev/doc/go1.20 [Go 1.19]: https://go.dev/doc/go1.19 [Go 1.18]: https://go.dev/doc/go1.18 +[Go 1.19]: https://go.dev/doc/go1.19 [metric API]:https://pkg.go.dev/go.opentelemetry.io/otel/metric +[metric SDK]:https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric diff --git a/vendor/go.opentelemetry.io/otel/CODEOWNERS b/vendor/go.opentelemetry.io/otel/CODEOWNERS index f6f6a313b5b8..623740007d4e 100644 --- a/vendor/go.opentelemetry.io/otel/CODEOWNERS +++ b/vendor/go.opentelemetry.io/otel/CODEOWNERS @@ -14,4 +14,4 @@ * @MrAlias @Aneurysm9 @evantorrie @XSAM @dashpole @MadVikingGod @pellared @hanyuancheung @dmathieu -CODEOWNERS @MrAlias @Aneurysm9 @MadVikingGod +CODEOWNERS @MrAlias @MadVikingGod @pellared \ No newline at end of file diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md index b2df5de34a63..a00dbca7b083 100644 --- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md +++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md @@ -179,23 +179,23 @@ For a deeper discussion, see ## Documentation -Each non-example Go Module should have its own `README.md` containing: +Each (non-internal, non-test) package must be documented using +[Go Doc Comments](https://go.dev/doc/comment), +preferably in a `doc.go` file. -- A pkg.go.dev badge which can be generated [here](https://pkg.go.dev/badge/). -- Brief description. -- Installation instructions (and requirements if applicable). -- Hyperlink to an example. Depending on the component the example can be: - - An `example_test.go` like [here](exporters/stdout/stdouttrace/example_test.go). - - A sample Go application with its own `README.md`, like [here](example/zipkin). -- Additional documentation sections such us: - - Configuration, - - Contributing, - - References. +Prefer using [Examples](https://pkg.go.dev/testing#hdr-Examples) +instead of putting code snippets in Go doc comments. +In some cases, you can even create [Testable Examples](https://go.dev/blog/examples). -[Here](exporters/jaeger/README.md) is an example of a concise `README.md`. +You can install and run a "local Go Doc site" in the following way: -Moreover, it should be possible to navigate to any `README.md` from the -root `README.md`. + ```sh + go install golang.org/x/pkgsite/cmd/pkgsite@latest + pkgsite + ``` + +[`go.opentelemetry.io/otel/metric`](https://pkg.go.dev/go.opentelemetry.io/otel/metric) +is an example of a very well-documented package. ## Style Guide @@ -475,8 +475,33 @@ documentation are allowed to be extended with additional methods. > Warning: methods may be added to this interface in minor releases. +These interfaces are defined by the OpenTelemetry specification and will be +updated as the specification evolves. + Otherwise, stable interfaces MUST NOT be modified. +#### How to Change Specification Interfaces + +When an API change must be made, we will update the SDK with the new method one +release before the API change. This will allow the SDK one version before the +API change to work seamlessly with the new API. + +If an incompatible version of the SDK is used with the new API the application +will fail to compile. + +#### How Not to Change Specification Interfaces + +We have explored using a v2 of the API to change interfaces and found that there +was no way to introduce a v2 and have it work seamlessly with the v1 of the API. +Problems happened with libraries that upgraded to v2 when an application did not, +and would not produce any telemetry. + +More detail of the approaches considered and their limitations can be found in +the [Use a V2 API to evolve interfaces](https://github.com/open-telemetry/opentelemetry-go/issues/3920) +issue. + +#### How to Change Other Interfaces + If new functionality is needed for an interface that cannot be changed it MUST be added by including an additional interface. That added interface can be a simple interface for the specific functionality that you want to add or it can @@ -531,6 +556,37 @@ functionality should be added, each one will need their own super-set interfaces and will duplicate the pattern. For this reason, the simple targeted interface that defines the specific functionality should be preferred. +### Testing + +The tests should never leak goroutines. + +Use the term `ConcurrentSafe` in the test name when it aims to verify the +absence of race conditions. + +### Internal packages + +The use of internal packages should be scoped to a single module. A sub-module +should never import from a parent internal package. This creates a coupling +between the two modules where a user can upgrade the parent without the child +and if the internal package API has changed it will fail to upgrade[^3]. + +There are two known exceptions to this rule: + +- `go.opentelemetry.io/otel/internal/global` + - This package manages global state for all of opentelemetry-go. It needs to + be a single package in order to ensure the uniqueness of the global state. +- `go.opentelemetry.io/otel/internal/baggage` + - This package provides values in a `context.Context` that need to be + recognized by `go.opentelemetry.io/otel/baggage` and + `go.opentelemetry.io/otel/bridge/opentracing` but remain private. + +If you have duplicate code in multiple modules, make that code into a Go +template stored in `go.opentelemetry.io/otel/internal/shared` and use [gotmpl] +to render the templates in the desired locations. See [#4404] for an example of +this. + +[^3]: https://github.com/open-telemetry/opentelemetry-go/issues/3548 + ## Approvers and Maintainers ### Approvers @@ -538,14 +594,14 @@ interface that defines the specific functionality should be preferred. - [Evan Torrie](https://github.com/evantorrie), Verizon Media - [Sam Xie](https://github.com/XSAM), Cisco/AppDynamics - [David Ashpole](https://github.com/dashpole), Google -- [Robert Pająk](https://github.com/pellared), Splunk - [Chester Cheung](https://github.com/hanyuancheung), Tencent - [Damien Mathieu](https://github.com/dmathieu), Elastic +- [Anthony Mirabella](https://github.com/Aneurysm9), AWS ### Maintainers - [Aaron Clawson](https://github.com/MadVikingGod), LightStep -- [Anthony Mirabella](https://github.com/Aneurysm9), AWS +- [Robert Pająk](https://github.com/pellared), Splunk - [Tyler Yahn](https://github.com/MrAlias), Splunk ### Emeritus @@ -560,3 +616,5 @@ repo](https://github.com/open-telemetry/community/blob/main/community-membership [Approver]: #approvers [Maintainer]: #maintainers +[gotmpl]: https://pkg.go.dev/go.opentelemetry.io/build-tools/gotmpl +[#4404]: https://github.com/open-telemetry/opentelemetry-go/pull/4404 diff --git a/vendor/go.opentelemetry.io/otel/Makefile b/vendor/go.opentelemetry.io/otel/Makefile index 26e4bed226f2..5c311706b0c3 100644 --- a/vendor/go.opentelemetry.io/otel/Makefile +++ b/vendor/go.opentelemetry.io/otel/Makefile @@ -25,7 +25,7 @@ TIMEOUT = 60 .DEFAULT_GOAL := precommit .PHONY: precommit ci -precommit: generate dependabot-generate license-check vanity-import-fix misspell go-mod-tidy golangci-lint-fix test-default +precommit: generate dependabot-generate license-check misspell go-mod-tidy golangci-lint-fix test-default ci: generate dependabot-check license-check lint vanity-import-check build test-default check-clean-work-tree test-coverage # Tools @@ -71,8 +71,14 @@ $(TOOLS)/porto: PACKAGE=github.com/jcchavezs/porto/cmd/porto GOJQ = $(TOOLS)/gojq $(TOOLS)/gojq: PACKAGE=github.com/itchyny/gojq/cmd/gojq +GOTMPL = $(TOOLS)/gotmpl +$(GOTMPL): PACKAGE=go.opentelemetry.io/build-tools/gotmpl + +GORELEASE = $(TOOLS)/gorelease +$(GORELEASE): PACKAGE=golang.org/x/exp/cmd/gorelease + .PHONY: tools -tools: $(CROSSLINK) $(DBOTCONF) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(GOJQ) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) +tools: $(CROSSLINK) $(DBOTCONF) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(GOJQ) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE) # Virtualized python tools via docker @@ -110,13 +116,24 @@ $(CODESPELL): PACKAGE=codespell # Generate .PHONY: generate +generate: go-generate vanity-import-fix -generate: $(OTEL_GO_MOD_DIRS:%=generate/%) -generate/%: DIR=$* -generate/%: | $(STRINGER) $(PORTO) +.PHONY: go-generate +go-generate: $(OTEL_GO_MOD_DIRS:%=go-generate/%) +go-generate/%: DIR=$* +go-generate/%: | $(STRINGER) $(GOTMPL) @echo "$(GO) generate $(DIR)/..." \ && cd $(DIR) \ - && PATH="$(TOOLS):$${PATH}" $(GO) generate ./... && $(PORTO) -w . + && PATH="$(TOOLS):$${PATH}" $(GO) generate ./... + +.PHONY: vanity-import-fix +vanity-import-fix: | $(PORTO) + @$(PORTO) --include-internal -w . + +# Generate go.work file for local development. +.PHONY: go-work +go-work: | $(CROSSLINK) + $(CROSSLINK) work --root=$(shell pwd) # Build @@ -193,7 +210,7 @@ go-mod-tidy/%: DIR=$* go-mod-tidy/%: | crosslink @echo "$(GO) mod tidy in $(DIR)" \ && cd $(DIR) \ - && $(GO) mod tidy -compat=1.19 + && $(GO) mod tidy -compat=1.20 .PHONY: lint-modules lint-modules: go-mod-tidy @@ -203,11 +220,7 @@ lint: misspell lint-modules golangci-lint .PHONY: vanity-import-check vanity-import-check: | $(PORTO) - @$(PORTO) --include-internal -l . || echo "(run: make vanity-import-fix)" - -.PHONY: vanity-import-fix -vanity-import-fix: | $(PORTO) - @$(PORTO) --include-internal -w . + @$(PORTO) --include-internal -l . || ( echo "(run: make vanity-import-fix)"; exit 1 ) .PHONY: misspell misspell: | $(MISSPELL) @@ -220,7 +233,7 @@ codespell: | $(CODESPELL) .PHONY: license-check license-check: @licRes=$$(for f in $$(find . -type f \( -iname '*.go' -o -iname '*.sh' \) ! -path '**/third_party/*' ! -path './.git/*' ) ; do \ - awk '/Copyright The OpenTelemetry Authors|generated|GENERATED/ && NR<=3 { found=1; next } END { if (!found) print FILENAME }' $$f; \ + awk '/Copyright The OpenTelemetry Authors|generated|GENERATED/ && NR<=4 { found=1; next } END { if (!found) print FILENAME }' $$f; \ done); \ if [ -n "$${licRes}" ]; then \ echo "license header checking failed:"; echo "$${licRes}"; \ @@ -230,7 +243,7 @@ license-check: DEPENDABOT_CONFIG = .github/dependabot.yml .PHONY: dependabot-check dependabot-check: | $(DBOTCONF) - @$(DBOTCONF) verify $(DEPENDABOT_CONFIG) || echo "(run: make dependabot-generate)" + @$(DBOTCONF) verify $(DEPENDABOT_CONFIG) || ( echo "(run: make dependabot-generate)"; exit 1 ) .PHONY: dependabot-generate dependabot-generate: | $(DBOTCONF) @@ -249,14 +262,23 @@ check-clean-work-tree: SEMCONVPKG ?= "semconv/" .PHONY: semconv-generate semconv-generate: | $(SEMCONVGEN) $(SEMCONVKIT) - [ "$(TAG)" ] || ( echo "TAG unset: missing opentelemetry specification tag"; exit 1 ) - [ "$(OTEL_SPEC_REPO)" ] || ( echo "OTEL_SPEC_REPO unset: missing path to opentelemetry specification repo"; exit 1 ) - $(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=span -p conventionType=trace -f trace.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" - $(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=attribute_group -p conventionType=trace -f attribute_group.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" - $(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=event -p conventionType=event -f event.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" - $(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=resource -p conventionType=resource -f resource.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" + [ "$(TAG)" ] || ( echo "TAG unset: missing opentelemetry semantic-conventions tag"; exit 1 ) + [ "$(OTEL_SEMCONV_REPO)" ] || ( echo "OTEL_SEMCONV_REPO unset: missing path to opentelemetry semantic-conventions repo"; exit 1 ) + $(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=span -p conventionType=trace -f trace.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" + $(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=attribute_group -p conventionType=trace -f attribute_group.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" + $(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=event -p conventionType=event -f event.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" + $(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=resource -p conventionType=resource -f resource.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" $(SEMCONVKIT) -output "$(SEMCONVPKG)/$(TAG)" -tag "$(TAG)" +.PHONY: gorelease +gorelease: $(OTEL_GO_MOD_DIRS:%=gorelease/%) +gorelease/%: DIR=$* +gorelease/%:| $(GORELEASE) + @echo "gorelease in $(DIR):" \ + && cd $(DIR) \ + && $(GORELEASE) \ + || echo "" + .PHONY: prerelease prerelease: | $(MULTIMOD) @[ "${MODSET}" ] || ( echo ">> env var MODSET is not set"; exit 1 ) diff --git a/vendor/go.opentelemetry.io/otel/README.md b/vendor/go.opentelemetry.io/otel/README.md index e138a8a07f4e..634326ef833f 100644 --- a/vendor/go.opentelemetry.io/otel/README.md +++ b/vendor/go.opentelemetry.io/otel/README.md @@ -11,22 +11,25 @@ It provides a set of APIs to directly measure performance and behavior of your s ## Project Status -| Signal | Status | Project | -| ------- | ---------- | ------- | -| Traces | Stable | N/A | -| Metrics | Beta | N/A | -| Logs | Frozen [1] | N/A | +| Signal | Status | Project | +|---------|------------|-----------------------| +| Traces | Stable | N/A | +| Metrics | Mixed [1] | [Go: Metric SDK (GA)] | +| Logs | Frozen [2] | N/A | -- [1]: The Logs signal development is halted for this project while we develop both Traces and Metrics. +[Go: Metric SDK (GA)]: https://github.com/orgs/open-telemetry/projects/34 + +- [1]: [Metrics API](https://pkg.go.dev/go.opentelemetry.io/otel/metric) is Stable. [Metrics SDK](https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric) is Beta. +- [2]: The Logs signal development is halted for this project while we stabilize the Metrics SDK. No Logs Pull Requests are currently being accepted. -Progress and status specific to this repository is tracked in our local +Progress and status specific to this repository is tracked in our [project boards](https://github.com/open-telemetry/opentelemetry-go/projects) and [milestones](https://github.com/open-telemetry/opentelemetry-go/milestones). Project versioning information and stability guarantees can be found in the -[versioning documentation](./VERSIONING.md). +[versioning documentation](VERSIONING.md). ### Compatibility @@ -49,17 +52,17 @@ stop ensuring compatibility with these versions in the following manner: Currently, this project supports the following environments. | OS | Go Version | Architecture | -| ------- | ---------- | ------------ | +|---------|------------|--------------| +| Ubuntu | 1.21 | amd64 | | Ubuntu | 1.20 | amd64 | -| Ubuntu | 1.19 | amd64 | +| Ubuntu | 1.21 | 386 | | Ubuntu | 1.20 | 386 | -| Ubuntu | 1.19 | 386 | +| MacOS | 1.21 | amd64 | | MacOS | 1.20 | amd64 | -| MacOS | 1.19 | amd64 | +| Windows | 1.21 | amd64 | | Windows | 1.20 | amd64 | -| Windows | 1.19 | amd64 | +| Windows | 1.21 | 386 | | Windows | 1.20 | 386 | -| Windows | 1.19 | 386 | While this project should work for other systems, no compatibility guarantees are made for those systems currently. @@ -97,12 +100,11 @@ export pipeline to send that telemetry to an observability platform. All officially supported exporters for the OpenTelemetry project are contained in the [exporters directory](./exporters). | Exporter | Metrics | Traces | -| :-----------------------------------: | :-----: | :----: | -| [Jaeger](./exporters/jaeger/) | | ✓ | -| [OTLP](./exporters/otlp/) | ✓ | ✓ | -| [Prometheus](./exporters/prometheus/) | ✓ | | -| [stdout](./exporters/stdout/) | ✓ | ✓ | -| [Zipkin](./exporters/zipkin/) | | ✓ | +|---------------------------------------|:-------:|:------:| +| [OTLP](./exporters/otlp/) | ✓ | ✓ | +| [Prometheus](./exporters/prometheus/) | ✓ | | +| [stdout](./exporters/stdout/) | ✓ | ✓ | +| [Zipkin](./exporters/zipkin/) | | ✓ | ## Contributing diff --git a/vendor/go.opentelemetry.io/otel/RELEASING.md b/vendor/go.opentelemetry.io/otel/RELEASING.md index 5e6daf6c48ee..82ce3ee46a15 100644 --- a/vendor/go.opentelemetry.io/otel/RELEASING.md +++ b/vendor/go.opentelemetry.io/otel/RELEASING.md @@ -2,27 +2,30 @@ ## Semantic Convention Generation -New versions of the [OpenTelemetry Specification] mean new versions of the `semconv` package need to be generated. +New versions of the [OpenTelemetry Semantic Conventions] mean new versions of the `semconv` package need to be generated. The `semconv-generate` make target is used for this. -1. Checkout a local copy of the [OpenTelemetry Specification] to the desired release tag. +1. Checkout a local copy of the [OpenTelemetry Semantic Conventions] to the desired release tag. 2. Pull the latest `otel/semconvgen` image: `docker pull otel/semconvgen:latest` 3. Run the `make semconv-generate ...` target from this repository. For example, ```sh -export TAG="v1.13.0" # Change to the release version you are generating. -export OTEL_SPEC_REPO="/absolute/path/to/opentelemetry-specification" +export TAG="v1.21.0" # Change to the release version you are generating. +export OTEL_SEMCONV_REPO="/absolute/path/to/opentelemetry/semantic-conventions" docker pull otel/semconvgen:latest -make semconv-generate # Uses the exported TAG and OTEL_SPEC_REPO. +make semconv-generate # Uses the exported TAG and OTEL_SEMCONV_REPO. ``` This should create a new sub-package of [`semconv`](./semconv). Ensure things look correct before submitting a pull request to include the addition. -**Note**, the generation code was changed to generate versions >= 1.13. -To generate versions prior to this, checkout the old release of this repository (i.e. [2fe8861](https://github.com/open-telemetry/opentelemetry-go/commit/2fe8861a24e20088c065b116089862caf9e3cd8b)). +## Breaking changes validation + +You can run `make gorelease` that runs [gorelease](https://pkg.go.dev/golang.org/x/exp/cmd/gorelease) to ensure that there are no unwanted changes done in the public API. + +You can check/report problems with `gorelease` [here](https://golang.org/issues/26420). ## Pre-Release @@ -120,7 +123,17 @@ Once verified be sure to [make a release for the `contrib` repository](https://g ### Website Documentation -Update [the documentation](./website_docs) for [the OpenTelemetry website](https://opentelemetry.io/docs/go/). +Update the [Go instrumentation documentation] in the OpenTelemetry website under [content/en/docs/instrumentation/go]. Importantly, bump any package versions referenced to be the latest one you just released and ensure all code examples still compile and are accurate. -[OpenTelemetry Specification]: https://github.com/open-telemetry/opentelemetry-specification +[OpenTelemetry Semantic Conventions]: https://github.com/open-telemetry/semantic-conventions +[Go instrumentation documentation]: https://opentelemetry.io/docs/instrumentation/go/ +[content/en/docs/instrumentation/go]: https://github.com/open-telemetry/opentelemetry.io/tree/main/content/en/docs/instrumentation/go + +### Demo Repository + +Bump the dependencies in the following Go services: + +- [`accountingservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/accountingservice) +- [`checkoutservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/checkoutservice) +- [`productcatalogservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/productcatalogservice) diff --git a/vendor/go.opentelemetry.io/otel/attribute/filter.go b/vendor/go.opentelemetry.io/otel/attribute/filter.go new file mode 100644 index 000000000000..638c213d59ab --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/attribute/filter.go @@ -0,0 +1,60 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package attribute // import "go.opentelemetry.io/otel/attribute" + +// Filter supports removing certain attributes from attribute sets. When +// the filter returns true, the attribute will be kept in the filtered +// attribute set. When the filter returns false, the attribute is excluded +// from the filtered attribute set, and the attribute instead appears in +// the removed list of excluded attributes. +type Filter func(KeyValue) bool + +// NewAllowKeysFilter returns a Filter that only allows attributes with one of +// the provided keys. +// +// If keys is empty a deny-all filter is returned. +func NewAllowKeysFilter(keys ...Key) Filter { + if len(keys) <= 0 { + return func(kv KeyValue) bool { return false } + } + + allowed := make(map[Key]struct{}) + for _, k := range keys { + allowed[k] = struct{}{} + } + return func(kv KeyValue) bool { + _, ok := allowed[kv.Key] + return ok + } +} + +// NewDenyKeysFilter returns a Filter that only allows attributes +// that do not have one of the provided keys. +// +// If keys is empty an allow-all filter is returned. +func NewDenyKeysFilter(keys ...Key) Filter { + if len(keys) <= 0 { + return func(kv KeyValue) bool { return true } + } + + forbid := make(map[Key]struct{}) + for _, k := range keys { + forbid[k] = struct{}{} + } + return func(kv KeyValue) bool { + _, ok := forbid[kv.Key] + return !ok + } +} diff --git a/vendor/go.opentelemetry.io/otel/attribute/set.go b/vendor/go.opentelemetry.io/otel/attribute/set.go index b976367e46d4..9f9303d4f15d 100644 --- a/vendor/go.opentelemetry.io/otel/attribute/set.go +++ b/vendor/go.opentelemetry.io/otel/attribute/set.go @@ -39,13 +39,6 @@ type ( iface interface{} } - // Filter supports removing certain attributes from attribute sets. When - // the filter returns true, the attribute will be kept in the filtered - // attribute set. When the filter returns false, the attribute is excluded - // from the filtered attribute set, and the attribute instead appears in - // the removed list of excluded attributes. - Filter func(KeyValue) bool - // Sortable implements sort.Interface, used for sorting KeyValue. This is // an exported type to support a memory optimization. A pointer to one of // these is needed for the call to sort.Stable(), which the caller may diff --git a/vendor/go.opentelemetry.io/otel/baggage/baggage.go b/vendor/go.opentelemetry.io/otel/baggage/baggage.go index 46e523a80e43..9e6b3b7b52af 100644 --- a/vendor/go.opentelemetry.io/otel/baggage/baggage.go +++ b/vendor/go.opentelemetry.io/otel/baggage/baggage.go @@ -61,11 +61,6 @@ type Property struct { // hasValue indicates if a zero-value value means the property does not // have a value or if it was the zero-value. hasValue bool - - // hasData indicates whether the created property contains data or not. - // Properties that do not contain data are invalid with no other check - // required. - hasData bool } // NewKeyProperty returns a new Property for key. @@ -76,7 +71,7 @@ func NewKeyProperty(key string) (Property, error) { return newInvalidProperty(), fmt.Errorf("%w: %q", errInvalidKey, key) } - p := Property{key: key, hasData: true} + p := Property{key: key} return p, nil } @@ -95,7 +90,6 @@ func NewKeyValueProperty(key, value string) (Property, error) { key: key, value: value, hasValue: true, - hasData: true, } return p, nil } @@ -117,7 +111,7 @@ func parseProperty(property string) (Property, error) { return newInvalidProperty(), fmt.Errorf("%w: %q", errInvalidProperty, property) } - p := Property{hasData: true} + var p Property if match[1] != "" { p.key = match[1] } else { @@ -136,10 +130,6 @@ func (p Property) validate() error { return fmt.Errorf("invalid property: %w", err) } - if !p.hasData { - return errFunc(fmt.Errorf("%w: %q", errInvalidProperty, p)) - } - if !keyRe.MatchString(p.key) { return errFunc(fmt.Errorf("%w: %q", errInvalidKey, p.key)) } diff --git a/vendor/go.opentelemetry.io/otel/internal/gen.go b/vendor/go.opentelemetry.io/otel/internal/gen.go new file mode 100644 index 000000000000..f532f07e9e52 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/internal/gen.go @@ -0,0 +1,29 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package internal // import "go.opentelemetry.io/otel/internal" + +//go:generate gotmpl --body=./shared/matchers/expectation.go.tmpl "--data={}" --out=matchers/expectation.go +//go:generate gotmpl --body=./shared/matchers/expecter.go.tmpl "--data={}" --out=matchers/expecter.go +//go:generate gotmpl --body=./shared/matchers/temporal_matcher.go.tmpl "--data={}" --out=matchers/temporal_matcher.go + +//go:generate gotmpl --body=./shared/internaltest/alignment.go.tmpl "--data={}" --out=internaltest/alignment.go +//go:generate gotmpl --body=./shared/internaltest/env.go.tmpl "--data={}" --out=internaltest/env.go +//go:generate gotmpl --body=./shared/internaltest/env_test.go.tmpl "--data={}" --out=internaltest/env_test.go +//go:generate gotmpl --body=./shared/internaltest/errors.go.tmpl "--data={}" --out=internaltest/errors.go +//go:generate gotmpl --body=./shared/internaltest/harness.go.tmpl "--data={\"matchersImportPath\": \"go.opentelemetry.io/otel/internal/matchers\"}" --out=internaltest/harness.go +//go:generate gotmpl --body=./shared/internaltest/text_map_carrier.go.tmpl "--data={}" --out=internaltest/text_map_carrier.go +//go:generate gotmpl --body=./shared/internaltest/text_map_carrier_test.go.tmpl "--data={}" --out=internaltest/text_map_carrier_test.go +//go:generate gotmpl --body=./shared/internaltest/text_map_propagator.go.tmpl "--data={}" --out=internaltest/text_map_propagator.go +//go:generate gotmpl --body=./shared/internaltest/text_map_propagator_test.go.tmpl "--data={}" --out=internaltest/text_map_propagator_test.go diff --git a/vendor/go.opentelemetry.io/otel/internal/global/handler.go b/vendor/go.opentelemetry.io/otel/internal/global/handler.go index 3dcd1caae69d..5e9b83047924 100644 --- a/vendor/go.opentelemetry.io/otel/internal/global/handler.go +++ b/vendor/go.opentelemetry.io/otel/internal/global/handler.go @@ -18,7 +18,6 @@ import ( "log" "os" "sync/atomic" - "unsafe" ) var ( @@ -42,7 +41,7 @@ type ErrorHandler interface { } type ErrDelegator struct { - delegate unsafe.Pointer + delegate atomic.Pointer[ErrorHandler] } func (d *ErrDelegator) Handle(err error) { @@ -50,12 +49,12 @@ func (d *ErrDelegator) Handle(err error) { } func (d *ErrDelegator) getDelegate() ErrorHandler { - return *(*ErrorHandler)(atomic.LoadPointer(&d.delegate)) + return *d.delegate.Load() } // setDelegate sets the ErrorHandler delegate. func (d *ErrDelegator) setDelegate(eh ErrorHandler) { - atomic.StorePointer(&d.delegate, unsafe.Pointer(&eh)) + d.delegate.Store(&eh) } func defaultErrorHandler() *ErrDelegator { diff --git a/vendor/go.opentelemetry.io/otel/internal/global/internal_logging.go b/vendor/go.opentelemetry.io/otel/internal/global/internal_logging.go index 5951fd06d4cb..c6f305a2b76a 100644 --- a/vendor/go.opentelemetry.io/otel/internal/global/internal_logging.go +++ b/vendor/go.opentelemetry.io/otel/internal/global/internal_logging.go @@ -18,7 +18,6 @@ import ( "log" "os" "sync/atomic" - "unsafe" "github.com/go-logr/logr" "github.com/go-logr/stdr" @@ -28,7 +27,7 @@ import ( // // The default logger uses stdr which is backed by the standard `log.Logger` // interface. This logger will only show messages at the Error Level. -var globalLogger unsafe.Pointer +var globalLogger atomic.Pointer[logr.Logger] func init() { SetLogger(stdr.New(log.New(os.Stderr, "", log.LstdFlags|log.Lshortfile))) @@ -40,11 +39,11 @@ func init() { // To see Info messages use a logger with `l.V(4).Enabled() == true` // To see Debug messages use a logger with `l.V(8).Enabled() == true`. func SetLogger(l logr.Logger) { - atomic.StorePointer(&globalLogger, unsafe.Pointer(&l)) + globalLogger.Store(&l) } func getLogger() logr.Logger { - return *(*logr.Logger)(atomic.LoadPointer(&globalLogger)) + return *globalLogger.Load() } // Info prints messages about the general state of the API or SDK. diff --git a/vendor/go.opentelemetry.io/otel/metric/instrument.go b/vendor/go.opentelemetry.io/otel/metric/instrument.go index 0033c1e12d52..cdca00058c68 100644 --- a/vendor/go.opentelemetry.io/otel/metric/instrument.go +++ b/vendor/go.opentelemetry.io/otel/metric/instrument.go @@ -167,6 +167,8 @@ func (o unitOpt) applyInt64ObservableGauge(c Int64ObservableGaugeConfig) Int64Ob } // WithUnit sets the instrument unit. +// +// The unit u should be defined using the appropriate [UCUM](https://ucum.org) case-sensitive code. func WithUnit(u string) InstrumentOption { return unitOpt(u) } // AddOption applies options to an addition measurement. See diff --git a/vendor/go.opentelemetry.io/otel/metric/meter.go b/vendor/go.opentelemetry.io/otel/metric/meter.go index 8e1917c32140..2520bc74af17 100644 --- a/vendor/go.opentelemetry.io/otel/metric/meter.go +++ b/vendor/go.opentelemetry.io/otel/metric/meter.go @@ -157,6 +157,8 @@ type Meter interface { // // If no instruments are passed, f should not be registered nor called // during collection. + // + // The function f needs to be concurrent safe. RegisterCallback(f Callback, instruments ...Observable) (Registration, error) } diff --git a/vendor/go.opentelemetry.io/otel/requirements.txt b/vendor/go.opentelemetry.io/otel/requirements.txt index 407f17489c63..ddff454685c8 100644 --- a/vendor/go.opentelemetry.io/otel/requirements.txt +++ b/vendor/go.opentelemetry.io/otel/requirements.txt @@ -1 +1 @@ -codespell==2.2.4 +codespell==2.2.5 diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go index c2217a28d685..ad64e199672f 100644 --- a/vendor/go.opentelemetry.io/otel/version.go +++ b/vendor/go.opentelemetry.io/otel/version.go @@ -16,5 +16,5 @@ package otel // import "go.opentelemetry.io/otel" // Version is the current release version of OpenTelemetry in use. func Version() string { - return "1.16.0" + return "1.19.0" } diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml index 9dc47532bc2e..7d2127692403 100644 --- a/vendor/go.opentelemetry.io/otel/versions.yaml +++ b/vendor/go.opentelemetry.io/otel/versions.yaml @@ -14,19 +14,17 @@ module-sets: stable-v1: - version: v1.16.0 + version: v1.19.0 modules: - go.opentelemetry.io/otel - go.opentelemetry.io/otel/bridge/opentracing - go.opentelemetry.io/otel/bridge/opentracing/test + - go.opentelemetry.io/otel/example/dice - go.opentelemetry.io/otel/example/fib - - go.opentelemetry.io/otel/example/jaeger - go.opentelemetry.io/otel/example/namedtracer - go.opentelemetry.io/otel/example/otel-collector - go.opentelemetry.io/otel/example/passthrough - go.opentelemetry.io/otel/example/zipkin - - go.opentelemetry.io/otel/exporters/jaeger - - go.opentelemetry.io/otel/exporters/otlp/internal/retry - go.opentelemetry.io/otel/exporters/otlp/otlptrace - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp @@ -34,23 +32,23 @@ module-sets: - go.opentelemetry.io/otel/exporters/zipkin - go.opentelemetry.io/otel/metric - go.opentelemetry.io/otel/sdk + - go.opentelemetry.io/otel/sdk/metric - go.opentelemetry.io/otel/trace experimental-metrics: - version: v0.39.0 + version: v0.42.0 modules: + - go.opentelemetry.io/otel/bridge/opencensus + - go.opentelemetry.io/otel/bridge/opencensus/test - go.opentelemetry.io/otel/example/opencensus - go.opentelemetry.io/otel/example/prometheus + - go.opentelemetry.io/otel/example/view - go.opentelemetry.io/otel/exporters/otlp/otlpmetric - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp - go.opentelemetry.io/otel/exporters/prometheus - go.opentelemetry.io/otel/exporters/stdout/stdoutmetric - - go.opentelemetry.io/otel/sdk/metric - - go.opentelemetry.io/otel/bridge/opencensus - - go.opentelemetry.io/otel/bridge/opencensus/test - - go.opentelemetry.io/otel/example/view experimental-schema: - version: v0.0.4 + version: v0.0.7 modules: - go.opentelemetry.io/otel/schema excluded-modules: diff --git a/vendor/modules.txt b/vendor/modules.txt index eb18eb31c579..432ec35afadf 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -107,7 +107,7 @@ github.com/chzyer/readline # github.com/containerd/cgroups/v3 v3.0.2 ## explicit; go 1.18 github.com/containerd/cgroups/v3/cgroup1/stats -# github.com/containerd/containerd v1.7.8 +# github.com/containerd/containerd v1.7.9 ## explicit; go 1.19 github.com/containerd/containerd/errdefs github.com/containerd/containerd/log @@ -135,8 +135,8 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.3.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 -## explicit; go 1.18 +# github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 +## explicit; go 1.20 github.com/containers/buildah github.com/containers/buildah/bind github.com/containers/buildah/chroot @@ -163,7 +163,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce +# github.com/containers/common v0.57.0 ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -230,7 +230,7 @@ github.com/containers/conmon/runner/config # github.com/containers/gvisor-tap-vsock v0.7.1 ## explicit; go 1.20 github.com/containers/gvisor-tap-vsock/pkg/types -# github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f +# github.com/containers/image/v5 v5.29.0 ## explicit; go 1.19 github.com/containers/image/v5/copy github.com/containers/image/v5/directory @@ -310,7 +310,7 @@ github.com/containers/libhvee/pkg/wmiext # github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 ## explicit github.com/containers/libtrust -# github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd +# github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b ## explicit; go 1.20 github.com/containers/luksy # github.com/containers/ocicrypt v1.1.9 @@ -340,7 +340,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd +# github.com/containers/storage v1.51.0 ## explicit; go 1.19 github.com/containers/storage github.com/containers/storage/drivers @@ -418,7 +418,7 @@ github.com/crc-org/vfkit/pkg/config github.com/crc-org/vfkit/pkg/rest github.com/crc-org/vfkit/pkg/rest/define github.com/crc-org/vfkit/pkg/util -# github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd +# github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 ## explicit github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer # github.com/cyphar/filepath-securejoin v0.2.4 @@ -524,7 +524,7 @@ github.com/gin-gonic/gin/binding github.com/gin-gonic/gin/internal/bytesconv github.com/gin-gonic/gin/internal/json github.com/gin-gonic/gin/render -# github.com/go-jose/go-jose/v3 v3.0.0 +# github.com/go-jose/go-jose/v3 v3.0.1 ## explicit; go 1.12 github.com/go-jose/go-jose/v3 github.com/go-jose/go-jose/v3/cipher @@ -672,7 +672,7 @@ github.com/hashicorp/go-cleanhttp # github.com/hashicorp/go-multierror v1.1.1 ## explicit; go 1.13 github.com/hashicorp/go-multierror -# github.com/hashicorp/go-retryablehttp v0.7.4 +# github.com/hashicorp/go-retryablehttp v0.7.5 ## explicit; go 1.13 github.com/hashicorp/go-retryablehttp # github.com/hugelgupf/p9 v0.3.1-0.20230822151754-54f5c5530921 @@ -696,8 +696,8 @@ github.com/josharian/intern # github.com/json-iterator/go v1.1.12 ## explicit; go 1.12 github.com/json-iterator/go -# github.com/klauspost/compress v1.17.2 -## explicit; go 1.18 +# github.com/klauspost/compress v1.17.3 +## explicit; go 1.19 github.com/klauspost/compress github.com/klauspost/compress/flate github.com/klauspost/compress/fse @@ -873,7 +873,7 @@ github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/imagebuilder v1.2.5 +# github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc ## explicit; go 1.19 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerfile/command @@ -1083,8 +1083,8 @@ go.opencensus.io/internal go.opencensus.io/trace go.opencensus.io/trace/internal go.opencensus.io/trace/tracestate -# go.opentelemetry.io/otel v1.16.0 -## explicit; go 1.19 +# go.opentelemetry.io/otel v1.19.0 +## explicit; go 1.20 go.opentelemetry.io/otel go.opentelemetry.io/otel/attribute go.opentelemetry.io/otel/baggage @@ -1096,12 +1096,12 @@ go.opentelemetry.io/otel/internal/global go.opentelemetry.io/otel/propagation go.opentelemetry.io/otel/semconv/internal go.opentelemetry.io/otel/semconv/v1.12.0 -# go.opentelemetry.io/otel/metric v1.16.0 -## explicit; go 1.19 +# go.opentelemetry.io/otel/metric v1.19.0 +## explicit; go 1.20 go.opentelemetry.io/otel/metric go.opentelemetry.io/otel/metric/embedded -# go.opentelemetry.io/otel/trace v1.16.0 -## explicit; go 1.19 +# go.opentelemetry.io/otel/trace v1.19.0 +## explicit; go 1.20 go.opentelemetry.io/otel/trace # golang.org/x/arch v0.5.0 ## explicit; go 1.17 @@ -1162,7 +1162,7 @@ golang.org/x/net/internal/socks golang.org/x/net/internal/timeseries golang.org/x/net/proxy golang.org/x/net/trace -# golang.org/x/oauth2 v0.13.0 +# golang.org/x/oauth2 v0.14.0 ## explicit; go 1.18 golang.org/x/oauth2 golang.org/x/oauth2/internal From a3d5814e0eddc37b59482fbec250ec6774e8bf9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Wed, 8 Nov 2023 19:21:52 +0100 Subject: [PATCH 034/170] Update tests for a c/common error message change MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Miloslav Trmač --- test/buildah-bud/apply-podman-deltas | 4 ++-- test/e2e/login_logout_test.go | 4 ++-- test/e2e/pull_test.go | 2 +- test/system/030-run.bats | 4 ++-- test/system/700-play.bats | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/test/buildah-bud/apply-podman-deltas b/test/buildah-bud/apply-podman-deltas index 20517067d731..53e5a8caeaed 100755 --- a/test/buildah-bud/apply-podman-deltas +++ b/test/buildah-bud/apply-podman-deltas @@ -159,8 +159,8 @@ errmsg "no contents in .*" \ "Error: context must be a directory: .*" \ "bud with specified context should fail if context contains empty Dockerfile" -errmsg "checking authfile: stat /tmp/nonexistent: no such file or directory" \ - "Error: checking authfile: stat /tmp/nonexistent: no such file or directory" \ +errmsg "credential file is not accessible: stat /tmp/nonexistent: no such file or directory" \ + "Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory" \ "bud with Containerfile should fail with nonexistent authfile" errmsg "cannot find Containerfile or Dockerfile" \ diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index 38a076d8c881..a5ebb4a1382a 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -168,7 +168,7 @@ var _ = Describe("Podman login and logout", func() { session = podmanTest.Podman([]string{"push", "-q", "--authfile", "/tmp/nonexistent", ALPINE, testImg}) session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) - Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) + Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) session = podmanTest.Podman([]string{"push", "-q", "--authfile", authFile, ALPINE, testImg}) session.WaitWithDefaultTimeout() @@ -182,7 +182,7 @@ var _ = Describe("Podman login and logout", func() { session = podmanTest.Podman([]string{"logout", "--authfile", "/tmp/nonexistent", server}) session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) - Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) + Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) session = podmanTest.Podman([]string{"logout", "--authfile", authFile, server}) session.WaitWithDefaultTimeout() diff --git a/test/e2e/pull_test.go b/test/e2e/pull_test.go index 0fea12229ee6..9a3b5f049f2c 100644 --- a/test/e2e/pull_test.go +++ b/test/e2e/pull_test.go @@ -172,7 +172,7 @@ var _ = Describe("Podman pull", func() { session := podmanTest.Podman([]string{"pull", "-q", "--authfile", "/tmp/nonexistent", ALPINE}) session.WaitWithDefaultTimeout() Expect(session).To(ExitWithError()) - Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) + Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) }) It("podman pull by digest (image list)", func() { diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 2a1cdcf9ced7..ab2abfa37b73 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -1297,12 +1297,12 @@ search | $IMAGE | if [[ "$args" = "''" ]]; then args=;fi run_podman 125 $command --authfile=$bogus $args - assert "$output" = "Error: checking authfile: stat $bogus: no such file or directory" \ + assert "$output" = "Error: credential file is not accessible: stat $bogus: no such file or directory" \ "$command --authfile=nonexistent-path" if [[ "$command" != "logout" ]]; then REGISTRY_AUTH_FILE=$bogus run_podman ? $command $args - assert "$output" !~ "checking authfile" \ + assert "$output" !~ "credential file is not accessible" \ "$command REGISTRY_AUTH_FILE=nonexistent-path" fi done < <(parse_table "$tests") diff --git a/test/system/700-play.bats b/test/system/700-play.bats index b64007acbc84..f58ebe729710 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -756,7 +756,7 @@ spec: bogus=$PODMAN_TMPDIR/bogus-authfile run_podman 125 kube play --authfile=$bogus - < $PODMAN_TMPDIR/test.yaml - is "$output" "Error: checking authfile: stat $bogus: no such file or directory" "$command should fail with not such file" + is "$output" "Error: credential file is not accessible: stat $bogus: no such file or directory" "$command should fail with not such file" } @test "podman kube play with umask from containers.conf" { From d0b32255e477fc434ffd5ad056be102d4a5a32ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Tue, 7 Nov 2023 20:41:09 +0100 Subject: [PATCH 035/170] Add support for --compat-auth-file in login/logout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This mostly just inherits the c/common/pkg/auth implementation, except that AuthFilePath and DockerCompatAuthFilePath can not be set simultaneously, so don't unnecessarily explicitly set AuthFilePath. c/common already handles that. Signed-off-by: Miloslav Trmač --- cmd/podman/login.go | 2 -- cmd/podman/logout.go | 4 +-- docs/source/markdown/podman-login.1.md.in | 4 +++ docs/source/markdown/podman-logout.1.md.in | 4 +++ test/e2e/login_logout_test.go | 39 ++++++++++++++++++++++ test/system/150-login.bats | 11 ++++++ 6 files changed, 59 insertions(+), 5 deletions(-) diff --git a/cmd/podman/login.go b/cmd/podman/login.go index ce9568382dd7..d9777941fdf0 100644 --- a/cmd/podman/login.go +++ b/cmd/podman/login.go @@ -96,8 +96,6 @@ func login(cmd *cobra.Command, args []string) error { } sysCtx := &types.SystemContext{ - AuthFilePath: loginOptions.AuthFile, - DockerCertPath: loginOptions.CertDir, DockerInsecureSkipTLSVerify: skipTLS, } setRegistriesConfPath(sysCtx) diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go index 397edbb9a955..f6c086d819d3 100644 --- a/cmd/podman/logout.go +++ b/cmd/podman/logout.go @@ -48,9 +48,7 @@ func init() { // Implementation of podman-logout. func logout(cmd *cobra.Command, args []string) error { - sysCtx := &types.SystemContext{ - AuthFilePath: logoutOptions.AuthFile, - } + sysCtx := &types.SystemContext{} setRegistriesConfPath(sysCtx) return auth.Logout(sysCtx, &logoutOptions, args) } diff --git a/docs/source/markdown/podman-login.1.md.in b/docs/source/markdown/podman-login.1.md.in index dd826ba68b6c..0f1713cc9778 100644 --- a/docs/source/markdown/podman-login.1.md.in +++ b/docs/source/markdown/podman-login.1.md.in @@ -32,6 +32,10 @@ For more details about format and configurations of the auth.json file, see cont @@option cert-dir +#### **--compat-auth-file**=*path* + +Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format. + #### **--get-login** Return the logged-in user for the registry. Return error if no login is found. diff --git a/docs/source/markdown/podman-logout.1.md.in b/docs/source/markdown/podman-logout.1.md.in index 893d3942e821..496c039732e3 100644 --- a/docs/source/markdown/podman-logout.1.md.in +++ b/docs/source/markdown/podman-logout.1.md.in @@ -27,6 +27,10 @@ Remove the cached credentials for all registries in the auth file @@option authfile +#### **--compat-auth-file**=*path* + +Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format. + #### **--help**, **-h** Print usage statement diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go index a5ebb4a1382a..3faedb7013d5 100644 --- a/test/e2e/login_logout_test.go +++ b/test/e2e/login_logout_test.go @@ -189,6 +189,45 @@ var _ = Describe("Podman login and logout", func() { Expect(session).Should(ExitCleanly()) }) + It("podman login and logout --compat-auth-file flag handling", func() { + // A minimal smoke test + compatAuthFile := filepath.Join(podmanTest.TempDir, "config.json") + session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--compat-auth-file", compatAuthFile, server}) + session.WaitWithDefaultTimeout() + Expect(session).Should(ExitCleanly()) + + readAuthInfo(compatAuthFile) + + session = podmanTest.Podman([]string{"logout", "--compat-auth-file", compatAuthFile, server}) + session.WaitWithDefaultTimeout() + Expect(session).Should(ExitCleanly()) + + // logout should fail with nonexistent authfile + session = podmanTest.Podman([]string{"logout", "--compat-auth-file", "/tmp/nonexistent", server}) + session.WaitWithDefaultTimeout() + Expect(session).To(ExitWithError()) + Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) + + // inconsistent command line flags are rejected + // Pre-create the files to make sure we are not hitting the “file not found” path + authFile := filepath.Join(podmanTest.TempDir, "auth.json") + err := os.WriteFile(authFile, []byte("{}"), 0o700) + Expect(err).ToNot(HaveOccurred()) + err = os.WriteFile(compatAuthFile, []byte("{}"), 0o700) + Expect(err).ToNot(HaveOccurred()) + + session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", + "--authfile", authFile, "--compat-auth-file", compatAuthFile, server}) + session.WaitWithDefaultTimeout() + Expect(session).To(ExitWithError()) + Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously")) + + session = podmanTest.Podman([]string{"logout", "--authfile", authFile, "--compat-auth-file", compatAuthFile, server}) + session.WaitWithDefaultTimeout() + Expect(session).To(ExitWithError()) + Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously")) + }) + It("podman manifest with --authfile", func() { os.Unsetenv("REGISTRY_AUTH_FILE") diff --git a/test/system/150-login.bats b/test/system/150-login.bats index a0342b0f6d8e..f9c6b1394dd0 100644 --- a/test/system/150-login.bats +++ b/test/system/150-login.bats @@ -80,6 +80,17 @@ function setup() { is "$output" "{}" "credentials removed from $authfile" } +@test "podman login inconsistent authfiles" { + ambiguous_file=${PODMAN_LOGIN_WORKDIR}/ambiguous-auth.json + echo '{}' > $ambiguous_file # To make sure we are not hitting the “file not found” path + + run_podman 125 login --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000 + assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously" + + run_podman 125 logout --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000 + assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously" +} + # Some push tests @test "podman push fail" { From d32f61d91ba6de9dc91df227627d9f39c19b35e7 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Fri, 17 Nov 2023 11:36:34 -0600 Subject: [PATCH 036/170] vmtypes names cannot be used as machine names florent found a bug where he used "applehv" as a machine name. it turns out when we use a vmtype name, esp. the active type, it really messes up directory structures for configuration and images alike. Signed-off-by: Brent Baude --- cmd/podman/machine/init.go | 6 ++++++ pkg/machine/config.go | 3 ++- pkg/machine/e2e/init_test.go | 6 ++++++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/cmd/podman/machine/init.go b/cmd/podman/machine/init.go index 62c1c9be446b..73867fc17266 100644 --- a/cmd/podman/machine/init.go +++ b/cmd/podman/machine/init.go @@ -140,6 +140,12 @@ func initMachine(cmd *cobra.Command, args []string) error { } initOpts.Name = args[0] } + + // The vmtype names need to be reserved and cannot be used for podman machine names + if _, err := machine.ParseVMType(initOpts.Name, machine.UnknownVirt); err == nil { + return fmt.Errorf("cannot use %q for a machine name", initOpts.Name) + } + if _, err := provider.LoadVMByName(initOpts.Name); err == nil { return fmt.Errorf("%s: %w", initOpts.Name, machine.ErrVMAlreadyExists) } diff --git a/pkg/machine/config.go b/pkg/machine/config.go index b97cda77c3c8..6d071496b7be 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -346,6 +346,7 @@ const ( WSLVirt AppleHvVirt HyperVVirt + UnknownVirt ) func (v VMType) String() string { @@ -383,7 +384,7 @@ func ParseVMType(input string, emptyFallback VMType) (VMType, error) { case "": return emptyFallback, nil default: - return QemuVirt, fmt.Errorf("unknown VMType `%s`", input) + return UnknownVirt, fmt.Errorf("unknown VMType `%s`", input) } } diff --git a/pkg/machine/e2e/init_test.go b/pkg/machine/e2e/init_test.go index 317e60c5f595..7c1608157878 100644 --- a/pkg/machine/e2e/init_test.go +++ b/pkg/machine/e2e/init_test.go @@ -41,6 +41,12 @@ var _ = Describe("podman machine init", func() { Expect(err).ToNot(HaveOccurred()) Expect(session).To(Exit(125)) + reservedName := initMachine{} + reservedNameSession, err := mb.setName(testProvider.VMType().String()).setCmd(&reservedName).run() + Expect(err).ToNot(HaveOccurred()) + Expect(reservedNameSession).To(Exit(125)) + Expect(reservedNameSession.errorToString()).To(ContainSubstring(fmt.Sprintf("cannot use %q", testProvider.VMType().String()))) + badName := "foobar" bm := basicMachine{} sysConn, err := mb.setCmd(bm.withPodmanCommand([]string{"system", "connection", "add", badName, "tcp://localhost:8000"})).run() From 60d9f9b807cfe00d5a1a2686755d8ee459fadadc Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Fri, 17 Nov 2023 13:16:25 -0600 Subject: [PATCH 037/170] Update to libhvee 0.5.0 Signed-off-by: Brent Baude --- go.mod | 2 +- go.sum | 4 +- .../pkg/hypervctl/diskdrive_settings.go | 2 +- .../containers/libhvee/pkg/hypervctl/error.go | 17 ++ .../pkg/hypervctl/ethernet_port_settings.go | 2 +- .../pkg/hypervctl/resources_settings.go | 4 +- .../libhvee/pkg/hypervctl/scsi_controller.go | 2 +- .../libhvee/pkg/hypervctl/system_settings.go | 4 +- .../pkg/hypervctl/system_settings_builder.go | 2 +- .../containers/libhvee/pkg/hypervctl/vm.go | 16 +- .../containers/libhvee/pkg/hypervctl/vmm.go | 61 ++++-- .../containers/libhvee/pkg/wmiext/array.go | 6 +- .../containers/libhvee/pkg/wmiext/enum.go | 2 +- .../containers/libhvee/pkg/wmiext/error.go | 196 ++++++++++++++++++ .../containers/libhvee/pkg/wmiext/init.go | 7 +- .../containers/libhvee/pkg/wmiext/instance.go | 16 +- .../containers/libhvee/pkg/wmiext/service.go | 12 +- vendor/modules.txt | 2 +- 18 files changed, 297 insertions(+), 60 deletions(-) create mode 100644 vendor/github.com/containers/libhvee/pkg/wmiext/error.go diff --git a/go.mod b/go.mod index 37624d783e26..9d2e7dc3d392 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.29.0 - github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 + github.com/containers/libhvee v0.5.0 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 github.com/containers/storage v1.51.0 diff --git a/go.sum b/go.sum index 727913f07549..f7947af7c64f 100644 --- a/go.sum +++ b/go.sum @@ -262,8 +262,8 @@ github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIq github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= github.com/containers/image/v5 v5.29.0 h1:9+nhS/ZM7c4Kuzu5tJ0NMpxrgoryOJ2HAYTgG8Ny7j4= github.com/containers/image/v5 v5.29.0/go.mod h1:kQ7qcDsps424ZAz24thD+x7+dJw1vgur3A9tTDsj97E= -github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 h1:R6e4nMpxUWRTn+QoiS1dnWL3qa0hpFb2+8/ltKtSnWE= -github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734/go.mod h1:3lTcwI2g7qe8Ekgk9hdDxQeT9KrqXPilQvxJfIJp8TQ= +github.com/containers/libhvee v0.5.0 h1:rDhfG2NI8Q+VgeXht2dXezanxEdpj9pHqYX3vWfOGUw= +github.com/containers/libhvee v0.5.0/go.mod h1:yvU3Em2u1ZLl2VLd2glMIBWriBwfhWsDaRJsvixUIB0= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b h1:8XvNAm+g7ivwPUkyiHvBs7z356JWpK9a0FDaek86+sY= diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/diskdrive_settings.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/diskdrive_settings.go index c493b1a8f26c..5e669302d69a 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/diskdrive_settings.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/diskdrive_settings.go @@ -43,7 +43,7 @@ func (d *SyntheticDiskDriveSettings) DefineVirtualHardDisk(vhdxFile string, befo func createDiskResourceInternal(systemPath string, drivePath string, file string, settings diskAssociation, resourceType string, cb func()) error { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/error.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/error.go index 7fe985d97987..2f169712aa00 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/error.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/error.go @@ -6,6 +6,8 @@ package hypervctl import ( "errors" "fmt" + + "github.com/containers/libhvee/pkg/wmiext" ) // VM State errors @@ -155,3 +157,18 @@ func translateModifyError(code int) error { return &modifyResourceError{code, message} } + +var ( + ErrHyperVNamespaceMissing = errors.New("HyperV namespace not found, is HyperV enabled?") +) + +func translateCommonHyperVWmiError(wmiError error) error { + if werr, ok := wmiError.(*wmiext.WmiError); ok { + switch werr.Code() { + case wmiext.WBEM_E_INVALID_NAMESPACE: + return ErrHyperVNamespaceMissing + } + } + + return wmiError +} diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/ethernet_port_settings.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/ethernet_port_settings.go index f1d8930d891d..294d87e5eea3 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/ethernet_port_settings.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/ethernet_port_settings.go @@ -68,7 +68,7 @@ func (p *SyntheticEthernetPortSettings) DefineEthernetPortConnection(switchName var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return nil, err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/resources_settings.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/resources_settings.go index c229121339fd..eda4b25238fb 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/resources_settings.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/resources_settings.go @@ -53,7 +53,7 @@ func (s *ResourceSettings) Path() string { func createResourceSettingGeneric(settings interface{}, resourceType string) (string, error) { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return "", err } @@ -84,7 +84,7 @@ func createResourceSettingGeneric(settings interface{}, resourceType string) (st func populateDefaults(subType string, settings interface{}) error { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/scsi_controller.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/scsi_controller.go index b9a2e2cdcfa5..d38bfacb609d 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/scsi_controller.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/scsi_controller.go @@ -42,7 +42,7 @@ func (c *ScsiControllerSettings) AddSyntheticDvdDrive(slot uint) (*SyntheticDvdD func (c *ScsiControllerSettings) createSyntheticDriveInternal(slot uint, settings driveAssociation, resourceType string) error { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings.go index 527a8574c27e..cfb4207dc5ba 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings.go @@ -106,7 +106,7 @@ func (s *SystemSettings) AddScsiController() (*ScsiControllerSettings, error) { func (s *SystemSettings) createSystemResourceInternal(settings interface{}, resourceType string, cb func()) error { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() @@ -186,7 +186,7 @@ func addResource(service *wmiext.Service, systemSettingPath string, resourceSett func (s *SystemSettings) GetVM() (*VirtualMachine, error) { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return nil, err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings_builder.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings_builder.go index 119ba9e6d411..76b5995367eb 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings_builder.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/system_settings_builder.go @@ -90,7 +90,7 @@ func (builder *SystemSettingsBuilder) Build() (*SystemSettings, error) { return nil, err } - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return nil, err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/vm.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/vm.go index e610990d0f01..fa0b612587de 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/vm.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/vm.go @@ -114,7 +114,7 @@ func (vm *VirtualMachine) GetKeyValuePairs() (map[string]string, error) { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return nil, err } @@ -153,7 +153,7 @@ func (vm *VirtualMachine) kvpOperation(op string, key string, value string, ille var vsms, job *wmiext.Instance var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() @@ -226,7 +226,7 @@ func (vm *VirtualMachine) stop(force bool) error { res int32 srv *wmiext.Service ) - if srv, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if srv, err = NewLocalHyperVService(); err != nil { return err } wmiInst, err := srv.FindFirstRelatedInstance(vm.Path(), "Msvm_ShutdownComponent") @@ -303,7 +303,7 @@ func (vm *VirtualMachine) Start() error { func getService(_ *wmiext.Service) (*wmiext.Service, error) { // any reason why when we instantiate a vm, we should NOT just embed a service? - return wmiext.NewLocalService(HyperVNamespace) + return NewLocalHyperVService() } func (vm *VirtualMachine) GetConfig(diskPath string) (*HyperVConfig, error) { @@ -350,7 +350,7 @@ func (vm *VirtualMachine) GetConfig(diskPath string) (*HyperVConfig, error) { // SummaryRequestCommon and SummaryRequestNearAll provide predefined combinations for this // parameter func (vm *VirtualMachine) GetSummaryInformation(requestedFields SummaryRequestSet) (*SummaryInformation, error) { - service, err := wmiext.NewLocalService(HyperVNamespace) + service, err := NewLocalHyperVService() if err != nil { return nil, err } @@ -469,7 +469,7 @@ func (vm *VirtualMachine) fetchExistingResourceSettings(service *wmiext.Service, } func (vm *VirtualMachine) getMemorySettings(m *MemorySettings) error { - service, err := wmiext.NewLocalService(HyperVNamespace) + service, err := NewLocalHyperVService() if err != nil { return err } @@ -479,7 +479,7 @@ func (vm *VirtualMachine) getMemorySettings(m *MemorySettings) error { // Update processor and/or mem func (vm *VirtualMachine) UpdateProcessorMemSettings(updateProcessor func(*ProcessorSettings), updateMemory func(*MemorySettings)) error { - service, err := wmiext.NewLocalService(HyperVNamespace) + service, err := NewLocalHyperVService() if err != nil { return err } @@ -556,7 +556,7 @@ func (vm *VirtualMachine) remove() (int32, error) { if !Disabled.equal(vm.EnabledState) { return -1, ErrMachineStateInvalid } - if srv, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if srv, err = NewLocalHyperVService(); err != nil { return -1, err } diff --git a/vendor/github.com/containers/libhvee/pkg/hypervctl/vmm.go b/vendor/github.com/containers/libhvee/pkg/hypervctl/vmm.go index fee021edb3e6..489c57503da4 100644 --- a/vendor/github.com/containers/libhvee/pkg/hypervctl/vmm.go +++ b/vendor/github.com/containers/libhvee/pkg/hypervctl/vmm.go @@ -12,6 +12,7 @@ import ( const ( HyperVNamespace = "root\\virtualization\\v2" VirtualSystemManagementService = "Msvm_VirtualSystemManagementService" + MsvmComputerSystem = "Msvm_ComputerSystem" ) // https://learn.microsoft.com/en-us/windows/win32/hyperv_v2/msvm-computersystem @@ -23,12 +24,22 @@ func NewVirtualMachineManager() *VirtualMachineManager { return &VirtualMachineManager{} } +func NewLocalHyperVService() (*wmiext.Service, error) { + service, err := wmiext.NewLocalService(HyperVNamespace) + if err != nil { + return nil, translateCommonHyperVWmiError(err) + } + + return service, nil +} + func (vmm *VirtualMachineManager) GetAll() ([]*VirtualMachine, error) { - const wql = "Select * From Msvm_ComputerSystem Where Description = 'Microsoft Virtual Machine'" + // Fetch through settings to avoid locale sensitive properties + const wql = "Select * From Msvm_VirtualSystemSettingData Where VirtualSystemType = 'Microsoft:Hyper-V:System:Realized'" var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return []*VirtualMachine{}, err } defer service.Close() @@ -38,22 +49,31 @@ func (vmm *VirtualMachineManager) GetAll() ([]*VirtualMachine, error) { return nil, err } defer enum.Close() - var vms []*VirtualMachine + for { - vm := &VirtualMachine{vmm: vmm} - done, err := wmiext.NextObject(enum, vm) + settings, err := enum.Next() if err != nil { return vms, err } - if done { + + // Finished iterating + if settings == nil { break } + + vm, err := vmm.findVMFromSettings(service, settings) + settings.Close() + if err != nil { + return vms, err + } + vms = append(vms, vm) } return vms, nil } + func (vmm *VirtualMachineManager) Exists(name string) (bool, error) { vms, err := vmm.GetAll() if err != nil { @@ -68,14 +88,14 @@ func (vmm *VirtualMachineManager) Exists(name string) (bool, error) { return false, nil } -func (*VirtualMachineManager) GetMachine(name string) (*VirtualMachine, error) { - const wql = "Select * From Msvm_ComputerSystem Where Description = 'Microsoft Virtual Machine' And ElementName='%s'" +func (vmm *VirtualMachineManager) GetMachine(name string) (*VirtualMachine, error) { + const wql = "Select * From Msvm_VirtualSystemSettingData Where VirtualSystemType = 'Microsoft:Hyper-V:System:Realized' And ElementName='%s'" vm := &VirtualMachine{} var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return vm, err } defer service.Close() @@ -86,22 +106,31 @@ func (*VirtualMachineManager) GetMachine(name string) (*VirtualMachine, error) { } defer enum.Close() - done, err := wmiext.NextObject(enum, vm) + settings, err := service.FindFirstInstance(fmt.Sprintf(wql, name)) if err != nil { - return vm, err + return vm, fmt.Errorf("could not find virtual machine %q: %w", name, err) } + defer settings.Close() - if done { - return vm, fmt.Errorf("could not find virtual machine %q", name) + return vmm.findVMFromSettings(service, settings) +} + +func (vmm *VirtualMachineManager) findVMFromSettings(service *wmiext.Service, settings *wmiext.Instance) (*VirtualMachine, error) { + path, err := settings.Path() + if err != nil { + return nil, err } - return vm, nil + vm := &VirtualMachine{vmm: vmm} + err = service.FindFirstRelatedObject(path, MsvmComputerSystem, vm) + + return vm, err } func (*VirtualMachineManager) CreateVhdxFile(path string, maxSize uint64) error { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return err } defer service.Close() @@ -152,7 +181,7 @@ func (vmm *VirtualMachineManager) GetSummaryInformation(requestedFields SummaryR func (vmm *VirtualMachineManager) getSummaryInformation(settingsPath string, requestedFields SummaryRequestSet) ([]SummaryInformation, error) { var service *wmiext.Service var err error - if service, err = wmiext.NewLocalService(HyperVNamespace); err != nil { + if service, err = NewLocalHyperVService(); err != nil { return nil, err } defer service.Close() diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/array.go b/vendor/github.com/containers/libhvee/pkg/wmiext/array.go index 2b92dc80ba8e..3f059360cb7d 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/array.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/array.go @@ -113,7 +113,7 @@ func safeArrayDestroy(safearray *ole.SafeArray) (err error) { ret, _, _ := procSafeArrayDestroy.Call(uintptr(unsafe.Pointer(safearray))) if ret != 0 { - return ole.NewError(ret) + return NewWmiError(ret) } return nil @@ -127,7 +127,7 @@ func safeArrayPutElement(safearray *ole.SafeArray, index int64, element uintptr) element) if ret != 0 { - return ole.NewError(ret) + return NewWmiError(ret) } return nil @@ -141,7 +141,7 @@ func safeArrayGetElement(safearray *ole.SafeArray, index int64, element unsafe.P uintptr(element)) if ret != 0 { - return ole.NewError(ret) + return NewWmiError(ret) } return nil diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/enum.go b/vendor/github.com/containers/libhvee/pkg/wmiext/enum.go index 7bb4d8d0192c..2b6fd690b39a 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/enum.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/enum.go @@ -77,7 +77,7 @@ func (e *Enum) Next() (instance *Instance, err error) { uintptr(unsafe.Pointer(&apObjects)), // [out] IWbemClassObject **apObjects, uintptr(unsafe.Pointer(&uReturned))) // [out] ULONG *puReturned) if int(res) < 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } if uReturned < 1 { diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/error.go b/vendor/github.com/containers/libhvee/pkg/wmiext/error.go new file mode 100644 index 000000000000..9956c58d2ab8 --- /dev/null +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/error.go @@ -0,0 +1,196 @@ +package wmiext + +import ( + "fmt" + "os" + "strings" + "syscall" + "unicode/utf16" + + "golang.org/x/sys/windows" +) + +const ( + WBEM_NO_ERROR = 0 + WBEM_S_NO_ERROR = 0 + WBEM_S_SAME = 0 + WBEM_S_FALSE = 1 + WBEM_S_ALREADY_EXISTS = 0x40001 + WBEM_S_RESET_TO_DEFAULT = 0x40002 + WBEM_S_DIFFERENT = 0x40003 + WBEM_S_TIMEDOUT = 0x40004 + WBEM_S_NO_MORE_DATA = 0x40005 + WBEM_S_OPERATION_CANCELLED = 0x40006 + WBEM_S_PENDING = 0x40007 + WBEM_S_DUPLICATE_OBJECTS = 0x40008 + WBEM_S_ACCESS_DENIED = 0x40009 + WBEM_S_PARTIAL_RESULTS = 0x40010 + WBEM_S_SOURCE_NOT_AVAILABLE = 0x40017 + WBEM_E_FAILED = 0x80041001 + WBEM_E_NOT_FOUND = 0x80041002 + WBEM_E_ACCESS_DENIED = 0x80041003 + WBEM_E_PROVIDER_FAILURE = 0x80041004 + WBEM_E_TYPE_MISMATCH = 0x80041005 + WBEM_E_OUT_OF_MEMORY = 0x80041006 + WBEM_E_INVALID_CONTEXT = 0x80041007 + WBEM_E_INVALID_PARAMETER = 0x80041008 + WBEM_E_NOT_AVAILABLE = 0x80041009 + WBEM_E_CRITICAL_ERROR = 0x8004100a + WBEM_E_INVALID_STREAM = 0x8004100b + WBEM_E_NOT_SUPPORTED = 0x8004100c + WBEM_E_INVALID_SUPERCLASS = 0x8004100d + WBEM_E_INVALID_NAMESPACE = 0x8004100e + WBEM_E_INVALID_OBJECT = 0x8004100f + WBEM_E_INVALID_CLASS = 0x80041010 + WBEM_E_PROVIDER_NOT_FOUND = 0x80041011 + WBEM_E_INVALID_PROVIDER_REGISTRATION = 0x80041012 + WBEM_E_PROVIDER_LOAD_FAILURE = 0x80041013 + WBEM_E_INITIALIZATION_FAILURE = 0x80041014 + WBEM_E_TRANSPORT_FAILURE = 0x80041015 + WBEM_E_INVALID_OPERATION = 0x80041016 + WBEM_E_INVALID_QUERY = 0x80041017 + WBEM_E_INVALID_QUERY_TYPE = 0x80041018 + WBEM_E_ALREADY_EXISTS = 0x80041019 + WBEM_E_OVERRIDE_NOT_ALLOWED = 0x8004101a + WBEM_E_PROPAGATED_QUALIFIER = 0x8004101b + WBEM_E_PROPAGATED_PROPERTY = 0x8004101c + WBEM_E_UNEXPECTED = 0x8004101d + WBEM_E_ILLEGAL_OPERATION = 0x8004101e + WBEM_E_CANNOT_BE_KEY = 0x8004101f + WBEM_E_INCOMPLETE_CLASS = 0x80041020 + WBEM_E_INVALID_SYNTAX = 0x80041021 + WBEM_E_NONDECORATED_OBJECT = 0x80041022 + WBEM_E_READ_ONLY = 0x80041023 + WBEM_E_PROVIDER_NOT_CAPABLE = 0x80041024 + WBEM_E_CLASS_HAS_CHILDREN = 0x80041025 + WBEM_E_CLASS_HAS_INSTANCES = 0x80041026 + WBEM_E_QUERY_NOT_IMPLEMENTED = 0x80041027 + WBEM_E_ILLEGAL_NULL = 0x80041028 + WBEM_E_INVALID_QUALIFIER_TYPE = 0x80041029 + WBEM_E_INVALID_PROPERTY_TYPE = 0x8004102a + WBEM_E_VALUE_OUT_OF_RANGE = 0x8004102b + WBEM_E_CANNOT_BE_SINGLETON = 0x8004102c + WBEM_E_INVALID_CIM_TYPE = 0x8004102d + WBEM_E_INVALID_METHOD = 0x8004102e + WBEM_E_INVALID_METHOD_PARAMETERS = 0x8004102f + WBEM_E_SYSTEM_PROPERTY = 0x80041030 + WBEM_E_INVALID_PROPERTY = 0x80041031 + WBEM_E_CALL_CANCELLED = 0x80041032 + WBEM_E_SHUTTING_DOWN = 0x80041033 + WBEM_E_PROPAGATED_METHOD = 0x80041034 + WBEM_E_UNSUPPORTED_PARAMETER = 0x80041035 + WBEM_E_MISSING_PARAMETER_ID = 0x80041036 + WBEM_E_INVALID_PARAMETER_ID = 0x80041037 + WBEM_E_NONCONSECUTIVE_PARAMETER_IDS = 0x80041038 + WBEM_E_PARAMETER_ID_ON_RETVAL = 0x80041039 + WBEM_E_INVALID_OBJECT_PATH = 0x8004103a + WBEM_E_OUT_OF_DISK_SPACE = 0x8004103b + WBEM_E_BUFFER_TOO_SMALL = 0x8004103c + WBEM_E_UNSUPPORTED_PUT_EXTENSION = 0x8004103d + WBEM_E_UNKNOWN_OBJECT_TYPE = 0x8004103e + WBEM_E_UNKNOWN_PACKET_TYPE = 0x8004103f + WBEM_E_MARSHAL_VERSION_MISMATCH = 0x80041040 + WBEM_E_MARSHAL_INVALID_SIGNATURE = 0x80041041 + WBEM_E_INVALID_QUALIFIER = 0x80041042 + WBEM_E_INVALID_DUPLICATE_PARAMETER = 0x80041043 + WBEM_E_TOO_MUCH_DATA = 0x80041044 + WBEM_E_SERVER_TOO_BUSY = 0x80041045 + WBEM_E_INVALID_FLAVOR = 0x80041046 + WBEM_E_CIRCULAR_REFERENCE = 0x80041047 + WBEM_E_UNSUPPORTED_CLASS_UPDATE = 0x80041048 + WBEM_E_CANNOT_CHANGE_KEY_INHERITANCE = 0x80041049 + WBEM_E_CANNOT_CHANGE_INDEX_INHERITANCE = 0x80041050 + WBEM_E_TOO_MANY_PROPERTIES = 0x80041051 + WBEM_E_UPDATE_TYPE_MISMATCH = 0x80041052 + WBEM_E_UPDATE_OVERRIDE_NOT_ALLOWED = 0x80041053 + WBEM_E_UPDATE_PROPAGATED_METHOD = 0x80041054 + WBEM_E_METHOD_NOT_IMPLEMENTED = 0x80041055 + WBEM_E_METHOD_DISABLED = 0x80041056 + WBEM_E_REFRESHER_BUSY = 0x80041057 + WBEM_E_UNPARSABLE_QUERY = 0x80041058 + WBEM_E_NOT_EVENT_CLASS = 0x80041059 + WBEM_E_MISSING_GROUP_WITHIN = 0x8004105a + WBEM_E_MISSING_AGGREGATION_LIST = 0x8004105b + WBEM_E_PROPERTY_NOT_AN_OBJECT = 0x8004105c + WBEM_E_AGGREGATING_BY_OBJECT = 0x8004105d + WBEM_E_UNINTERPRETABLE_PROVIDER_QUERY = 0x8004105f + WBEM_E_BACKUP_RESTORE_WINMGMT_RUNNING = 0x80041060 + WBEM_E_QUEUE_OVERFLOW = 0x80041061 + WBEM_E_PRIVILEGE_NOT_HELD = 0x80041062 + WBEM_E_INVALID_OPERATOR = 0x80041063 + WBEM_E_LOCAL_CREDENTIALS = 0x80041064 + WBEM_E_CANNOT_BE_ABSTRACT = 0x80041065 + WBEM_E_AMENDED_OBJECT = 0x80041066 + WBEM_E_CLIENT_TOO_SLOW = 0x80041067 + WBEM_E_NULL_SECURITY_DESCRIPTOR = 0x80041068 + WBEM_E_TIMED_OUT = 0x80041069 + WBEM_E_INVALID_ASSOCIATION = 0x8004106a + WBEM_E_AMBIGUOUS_OPERATION = 0x8004106b + WBEM_E_QUOTA_VIOLATION = 0x8004106c + WBEM_E_RESERVED_001 = 0x8004106d + WBEM_E_RESERVED_002 = 0x8004106e + WBEM_E_UNSUPPORTED_LOCALE = 0x8004106f + WBEM_E_HANDLE_OUT_OF_DATE = 0x80041070 + WBEM_E_CONNECTION_FAILED = 0x80041071 + WBEM_E_INVALID_HANDLE_REQUEST = 0x80041072 + WBEM_E_PROPERTY_NAME_TOO_WIDE = 0x80041073 + WBEM_E_CLASS_NAME_TOO_WIDE = 0x80041074 + WBEM_E_METHOD_NAME_TOO_WIDE = 0x80041075 + WBEM_E_QUALIFIER_NAME_TOO_WIDE = 0x80041076 + WBEM_E_RERUN_COMMAND = 0x80041077 + WBEM_E_DATABASE_VER_MISMATCH = 0x80041078 + WBEM_E_VETO_DELETE = 0x80041079 + WBEM_E_VETO_PUT = 0x8004107a + WBEM_E_INVALID_LOCALE = 0x80041080 + WBEM_E_PROVIDER_SUSPENDED = 0x80041081 + WBEM_E_SYNCHRONIZATION_REQUIRED = 0x80041082 + WBEM_E_NO_SCHEMA = 0x80041083 + WBEM_E_PROVIDER_ALREADY_REGISTERED = 0x80041084 + WBEM_E_PROVIDER_NOT_REGISTERED = 0x80041085 + WBEM_E_FATAL_TRANSPORT_ERROR = 0x80041086 + WBEM_E_ENCRYPTED_CONNECTION_REQUIRED = 0x80041087 + WBEM_E_PROVIDER_TIMED_OUT = 0x80041088 + WBEM_E_NO_KEY = 0x80041089 + WBEM_E_PROVIDER_DISABLED = 0x8004108a +) + +var ( + wmiModule syscall.Handle +) + +func init() { + file := os.ExpandEnv("${windir}\\system32\\wbem\\wmiutils.dll") + wmiModule, _ = syscall.LoadLibrary(file) +} + +type WmiError struct { + hres uintptr +} + +func NewWmiError(hres uintptr) *WmiError { + return &WmiError{hres} +} + +func (w *WmiError) String() string { + return w.Error() +} + +func (w *WmiError) Code() uintptr { + return w.hres +} + +func (w *WmiError) Error() string { + // ask windows for the remaining errors + var flags uint32 = syscall.FORMAT_MESSAGE_FROM_SYSTEM | + syscall.FORMAT_MESSAGE_FROM_HMODULE | + syscall.FORMAT_MESSAGE_ARGUMENT_ARRAY | + syscall.FORMAT_MESSAGE_IGNORE_INSERTS + + buf := make([]uint16, 300) + n, err := windows.FormatMessage(flags, uintptr(wmiModule), uint32(w.hres), 0, buf, nil) + if err != nil { + return fmt.Sprintf("WMI error [%d]: FormatMessage failed with: %v", w.hres, err) + } + + return fmt.Sprintf("WMI error [%d]: %s", w.hres, strings.TrimRight(string(utf16.Decode(buf[:n])), "\r\n")) +} diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/init.go b/vendor/github.com/containers/libhvee/pkg/wmiext/init.go index 59517336223b..35c5b829711b 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/init.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/init.go @@ -31,11 +31,6 @@ var ( ) const ( - // WMI HRESULT values - WBEM_S_NO_ERROR = 0 - WBEM_S_FALSE = 1 - WBEM_S_NO_MORE_DATA = 0x40005 - // WMI Generic flags WBEM_FLAG_RETURN_WBEM_COMPLETE = 0x0 WBEM_FLAG_RETURN_IMMEDIATELY = 0x10 @@ -108,6 +103,6 @@ func initSecurity() { uintptr(EOAC_NONE), // [in] DWORD dwCapabilities, uintptr(0)) // [in, optional] void *pReserved3 if int(res) < 0 { - logrus.Errorf("Unable to initialize COM security: %s", ole.NewError(res).Error()) + logrus.Errorf("Unable to initialize COM security: %s", NewWmiError(res).Error()) } } diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go b/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go index fdd18dda6556..b60d636fe220 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/instance.go @@ -151,7 +151,7 @@ func (i *Instance) SpawnInstance() (instance *Instance, err error) { uintptr(0), // [in] long lFlags, uintptr(unsafe.Pointer(&newUnknown))) // [out] IWbemClassObject **ppNewInstance) if res != 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } return newInstance(newUnknown, i.service), nil @@ -168,7 +168,7 @@ func (i *Instance) CloneInstance() (*Instance, error) { uintptr(unsafe.Pointer(classObj)), // IWbemClassObject ptr uintptr(unsafe.Pointer(&cloned))) // [out] IWbemClassObject **ppCopy) if ret != 0 { - return nil, ole.NewError(ret) + return nil, NewWmiError(ret) } return newInstance(cloned, i.service), nil @@ -260,7 +260,7 @@ func (i *Instance) Put(name string, value interface{}) (err error) { uintptr(unsafe.Pointer(&variant)), // [in] VARIANT *pVal, uintptr(0)) // [in] CIMTYPE Type) if res != 0 { - return ole.NewError(res) + return NewWmiError(res) } _ = variant.Clear() @@ -444,7 +444,7 @@ func (i *Instance) GetAsVariant(name string) (*ole.VARIANT, CIMTYPE_ENUMERATION, uintptr(unsafe.Pointer(&cimType)), // [out, optional] CIMTYPE *pType, uintptr(unsafe.Pointer(&flavor))) // [out, optional] long *plFlavor) if res != 0 { - return nil, 0, 0, ole.NewError(res) + return nil, 0, 0, NewWmiError(res) } return &variant, cimType, flavor, nil @@ -490,7 +490,7 @@ func (i *Instance) NextAsVariant() (bool, string, *ole.VARIANT, CIMTYPE_ENUMERAT uintptr(unsafe.Pointer(&cimType)), // [out, optional] CIMTYPE *pType, uintptr(unsafe.Pointer(&flavor))) // [out, optional] long *plFlavor if int(res) < 0 { - return false, "", nil, cimType, flavor, ole.NewError(res) + return false, "", nil, cimType, flavor, NewWmiError(res) } if res == WBEM_S_NO_MORE_DATA { @@ -556,7 +556,7 @@ func (i *Instance) GetMethodParameters(method string) (*Instance, error) { uintptr(unsafe.Pointer(&inSignature)), // [out] IWbemClassObject **ppInSignature, uintptr(0)) // [out] IWbemClassObject **ppOutSignature) if res != 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } return newInstance(inSignature, i.service), nil @@ -612,7 +612,7 @@ func (i *Instance) BeginEnumeration() error { uintptr(unsafe.Pointer(classObj)), // IWbemClassObject ptr, uintptr(0)) // [in] long lEnumFlags) // 0 = defaults if result != 0 { - return ole.NewError(result) + return NewWmiError(result) } return nil @@ -626,7 +626,7 @@ func (i *Instance) EndEnumeration() error { i.vTable.EndEnumeration, // IWbemClassObject::EndEnumeration( uintptr(unsafe.Pointer(i.object))) // IWbemClassObject ptr) if res != 0 { - return ole.NewError(res) + return NewWmiError(res) } return nil diff --git a/vendor/github.com/containers/libhvee/pkg/wmiext/service.go b/vendor/github.com/containers/libhvee/pkg/wmiext/service.go index 882426848925..c173e1252653 100644 --- a/vendor/github.com/containers/libhvee/pkg/wmiext/service.go +++ b/vendor/github.com/containers/libhvee/pkg/wmiext/service.go @@ -90,7 +90,7 @@ func connectService(namespace string) (*Service, error) { uintptr(unsafe.Pointer(&service))) // [out] IWbemServices **ppNamespace) if res != 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } if err = CoSetProxyBlanket(service); err != nil { @@ -123,7 +123,7 @@ func CoSetProxyBlanket(service *ole.IUnknown) (err error) { uintptr(EOAC_NONE)) // [in] DWORD dwCapabilities) if res != 0 { - return ole.NewError(res) + return NewWmiError(res) } return nil @@ -169,7 +169,7 @@ func (s *Service) ExecQuery(wqlQuery string) (*Enum, error) { uintptr(0), // [in] IWbemContext *pCtx, uintptr(unsafe.Pointer(&pEnum))) // [out] IEnumWbemClassObject **ppEnum) if hres != 0 { - return nil, ole.NewError(hres) + return nil, NewWmiError(hres) } if err = CoSetProxyBlanket(pEnum); err != nil { @@ -201,7 +201,7 @@ func (s *Service) GetObject(objectPath string) (instance *Instance, err error) { uintptr(0)) // [out] IWbemCallResult **ppCallResult) if int(res) < 0 { // returns WBEM_E_PROVIDER_NOT_FOUND when no entry found - return nil, ole.NewError(res) + return nil, NewWmiError(res) } return newInstance(pObject, s), nil @@ -240,7 +240,7 @@ func (s *Service) CreateInstanceEnum(className string) (*Enum, error) { uintptr(0), // [in] IWbemContext *pCtx, uintptr(unsafe.Pointer(&pEnum))) // [out] IEnumWbemClassObject **ppEnum) if int(res) < 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } if err = CoSetProxyBlanket(pEnum); err != nil { @@ -278,7 +278,7 @@ func (s *Service) ExecMethod(className string, methodName string, inParams *Inst uintptr(unsafe.Pointer(&outParams)), // [out] IWbemClassObject **ppOutParams, uintptr(0)) // [out] IWbemCallResult **ppCallResult) if int(res) < 0 { - return nil, ole.NewError(res) + return nil, NewWmiError(res) } return newInstance(outParams, s), nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 432ec35afadf..7c0f3070c1d1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -302,7 +302,7 @@ github.com/containers/image/v5/transports github.com/containers/image/v5/transports/alltransports github.com/containers/image/v5/types github.com/containers/image/v5/version -# github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 +# github.com/containers/libhvee v0.5.0 ## explicit; go 1.18 github.com/containers/libhvee/pkg/hypervctl github.com/containers/libhvee/pkg/kvp/ginsu From 3d86a9658e47631c5516c04e6ca391a97be7c6c5 Mon Sep 17 00:00:00 2001 From: TomSweeneyRedHat Date: Fri, 17 Nov 2023 18:02:42 -0500 Subject: [PATCH 038/170] Bump Buildah to v1.33.0 As the title says. This is the last dance step in preparation for Podman v4.8. [NO NEW TESTS NEEDED] Signed-off-by: TomSweeneyRedHat --- go.mod | 6 +- go.sum | 11 +- .../github.com/containerd/typeurl/.gitignore | 2 + vendor/github.com/containerd/typeurl/LICENSE | 191 + .../github.com/containerd/typeurl/README.md | 20 + vendor/github.com/containerd/typeurl/doc.go | 83 + vendor/github.com/containerd/typeurl/types.go | 214 ++ .../containers/buildah/CHANGELOG.md | 81 + vendor/github.com/containers/buildah/Makefile | 2 +- .../containers/buildah/changelog.txt | 80 + .../github.com/containers/buildah/commit.go | 8 + .../containers/buildah/define/types.go | 2 +- vendor/github.com/containers/buildah/image.go | 23 +- .../buildah/imagebuildah/stage_executor.go | 123 +- .../buildah/internal/config/convert.go | 121 + .../buildah/internal/config/executor.go | 45 + .../buildah/internal/config/override.go | 181 + .../buildah/internal/mkcw/embed/entrypoint.gz | Bin 405 -> 327 bytes .../gogo/protobuf/sortkeys/sortkeys.go | 101 + vendor/github.com/gogo/protobuf/types/any.go | 140 + .../github.com/gogo/protobuf/types/any.pb.go | 694 ++++ .../github.com/gogo/protobuf/types/api.pb.go | 2134 +++++++++++ vendor/github.com/gogo/protobuf/types/doc.go | 35 + .../gogo/protobuf/types/duration.go | 100 + .../gogo/protobuf/types/duration.pb.go | 517 +++ .../gogo/protobuf/types/duration_gogo.go | 100 + .../gogo/protobuf/types/empty.pb.go | 462 +++ .../gogo/protobuf/types/field_mask.pb.go | 738 ++++ .../gogo/protobuf/types/protosize.go | 34 + .../gogo/protobuf/types/source_context.pb.go | 524 +++ .../gogo/protobuf/types/struct.pb.go | 2271 +++++++++++ .../gogo/protobuf/types/timestamp.go | 130 + .../gogo/protobuf/types/timestamp.pb.go | 539 +++ .../gogo/protobuf/types/timestamp_gogo.go | 94 + .../github.com/gogo/protobuf/types/type.pb.go | 3355 +++++++++++++++++ .../gogo/protobuf/types/wrappers.pb.go | 2703 +++++++++++++ .../gogo/protobuf/types/wrappers_gogo.go | 300 ++ vendor/github.com/moby/buildkit/AUTHORS | 66 + vendor/github.com/moby/buildkit/LICENSE | 201 + .../frontend/dockerfile/command/command.go | 46 + .../frontend/dockerfile/parser/errors.go | 58 + .../dockerfile/parser/line_parsers.go | 369 ++ .../frontend/dockerfile/parser/parser.go | 573 +++ .../dockerfile/parser/split_command.go | 117 + .../frontend/dockerfile/shell/envVarTest | 238 ++ .../dockerfile/shell/equal_env_unix.go | 11 + .../dockerfile/shell/equal_env_windows.go | 10 + .../buildkit/frontend/dockerfile/shell/lex.go | 499 +++ .../frontend/dockerfile/shell/wordsTest | 30 + .../moby/buildkit/util/stack/generate.go | 3 + .../moby/buildkit/util/stack/stack.go | 182 + .../moby/buildkit/util/stack/stack.pb.go | 172 + .../moby/buildkit/util/stack/stack.proto | 17 + .../openshift/imagebuilder/Makefile | 6 + .../openshift/imagebuilder/builder.go | 19 +- .../openshift/imagebuilder/dispatchers.go | 84 +- .../imagebuilder/dockerfile/parser/parser.go | 120 +- .../openshift/imagebuilder/evaluator.go | 13 +- vendor/modules.txt | 16 +- 59 files changed, 18958 insertions(+), 56 deletions(-) create mode 100644 vendor/github.com/containerd/typeurl/.gitignore create mode 100644 vendor/github.com/containerd/typeurl/LICENSE create mode 100644 vendor/github.com/containerd/typeurl/README.md create mode 100644 vendor/github.com/containerd/typeurl/doc.go create mode 100644 vendor/github.com/containerd/typeurl/types.go create mode 100644 vendor/github.com/containers/buildah/internal/config/convert.go create mode 100644 vendor/github.com/containers/buildah/internal/config/executor.go create mode 100644 vendor/github.com/containers/buildah/internal/config/override.go create mode 100644 vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go create mode 100644 vendor/github.com/gogo/protobuf/types/any.go create mode 100644 vendor/github.com/gogo/protobuf/types/any.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/api.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/doc.go create mode 100644 vendor/github.com/gogo/protobuf/types/duration.go create mode 100644 vendor/github.com/gogo/protobuf/types/duration.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/duration_gogo.go create mode 100644 vendor/github.com/gogo/protobuf/types/empty.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/field_mask.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/protosize.go create mode 100644 vendor/github.com/gogo/protobuf/types/source_context.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/struct.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/timestamp.go create mode 100644 vendor/github.com/gogo/protobuf/types/timestamp.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/timestamp_gogo.go create mode 100644 vendor/github.com/gogo/protobuf/types/type.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/wrappers.pb.go create mode 100644 vendor/github.com/gogo/protobuf/types/wrappers_gogo.go create mode 100644 vendor/github.com/moby/buildkit/AUTHORS create mode 100644 vendor/github.com/moby/buildkit/LICENSE create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/command/command.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/shell/envVarTest create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/shell/wordsTest create mode 100644 vendor/github.com/moby/buildkit/util/stack/generate.go create mode 100644 vendor/github.com/moby/buildkit/util/stack/stack.go create mode 100644 vendor/github.com/moby/buildkit/util/stack/stack.pb.go create mode 100644 vendor/github.com/moby/buildkit/util/stack/stack.proto diff --git a/go.mod b/go.mod index 37624d783e26..bfe0cc6844fa 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.0.0 github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 - github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 + github.com/containers/buildah v1.33.0 github.com/containers/common v0.57.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 @@ -54,7 +54,7 @@ require ( github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 - github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc + github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 github.com/rootless-containers/rootlesskit v1.1.1 github.com/shirou/gopsutil/v3 v3.23.10 github.com/sirupsen/logrus v1.9.3 @@ -96,6 +96,7 @@ require ( github.com/containerd/containerd v1.7.9 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect + github.com/containerd/typeurl v1.0.2 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b // indirect github.com/coreos/go-oidc/v3 v3.7.0 // indirect @@ -159,6 +160,7 @@ require ( github.com/miekg/pkcs11 v1.1.1 // indirect github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/moby/buildkit v0.10.6 // indirect github.com/moby/patternmatcher v0.5.0 // indirect github.com/moby/sys/mountinfo v0.7.1 // indirect github.com/moby/sys/sequential v0.5.0 // indirect diff --git a/go.sum b/go.sum index 727913f07549..8ee12e234c82 100644 --- a/go.sum +++ b/go.sum @@ -237,6 +237,7 @@ github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Ev github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= +github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= @@ -252,8 +253,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= -github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 h1:G+FidpI/V85O3sXfOg+xFwWav23FW0/L9KjZuxbr71g= -github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310/go.mod h1:2mTSu+BX8gjB2wUxu4raCdNdP/bc5ADL8Hiw6oUrOYE= +github.com/containers/buildah v1.33.0 h1:5MfF/nl/W60V22Jt9paNunMEZkDT0K0LLbf0DnXknfE= +github.com/containers/buildah v1.33.0/go.mod h1:O8jJAByO/HSoNOYAg3uupbyISfRC+hJSfWNsNtxzKCw= github.com/containers/common v0.57.0 h1:5O/+6QUBafKK0/zeok9y1rLPukfWgdE0sT4nuzmyAqk= github.com/containers/common v0.57.0/go.mod h1:t/Z+/sFrapvFMEJe3YnecN49/Tae2wYEQShbEN6SRaU= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= @@ -780,6 +781,8 @@ github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= +github.com/moby/buildkit v0.10.6 h1:DJlEuLIgnu34HQKF4n9Eg6q2YqQVC0eOpMb4p2eRS2w= +github.com/moby/buildkit v0.10.6/go.mod h1:tQuuyTWtOb9D+RE425cwOCUkX0/oZ+5iBZ+uWpWQ9bU= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo= github.com/moby/patternmatcher v0.5.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= @@ -872,8 +875,8 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc h1:ZQ+qN+nVYlNOOx/Nsm5J78je5r+eJfo62pFGisvHtyI= -github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc/go.mod h1:hFr3F5mM+J/zFaXcZdNzHS0xKuxAYOZOoHQO9D2JvIU= +github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 h1:vhEmg+NeucmSYnT2j9ukkZLrR/ZOFUuUiGhxlBAlW8U= +github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722/go.mod h1:+rSifDZnwJPSW2uYHl7ePSVxq4DEu1VlhNR1uIz/Lm4= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= diff --git a/vendor/github.com/containerd/typeurl/.gitignore b/vendor/github.com/containerd/typeurl/.gitignore new file mode 100644 index 000000000000..d53846778b6a --- /dev/null +++ b/vendor/github.com/containerd/typeurl/.gitignore @@ -0,0 +1,2 @@ +*.test +coverage.txt diff --git a/vendor/github.com/containerd/typeurl/LICENSE b/vendor/github.com/containerd/typeurl/LICENSE new file mode 100644 index 000000000000..584149b6ee28 --- /dev/null +++ b/vendor/github.com/containerd/typeurl/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright The containerd Authors + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/containerd/typeurl/README.md b/vendor/github.com/containerd/typeurl/README.md new file mode 100644 index 000000000000..d021e9672497 --- /dev/null +++ b/vendor/github.com/containerd/typeurl/README.md @@ -0,0 +1,20 @@ +# typeurl + +[![PkgGoDev](https://pkg.go.dev/badge/github.com/containerd/typeurl)](https://pkg.go.dev/github.com/containerd/typeurl) +[![Build Status](https://github.com/containerd/typeurl/workflows/CI/badge.svg)](https://github.com/containerd/typeurl/actions?query=workflow%3ACI) +[![codecov](https://codecov.io/gh/containerd/typeurl/branch/master/graph/badge.svg)](https://codecov.io/gh/containerd/typeurl) +[![Go Report Card](https://goreportcard.com/badge/github.com/containerd/typeurl)](https://goreportcard.com/report/github.com/containerd/typeurl) + +A Go package for managing the registration, marshaling, and unmarshaling of encoded types. + +This package helps when types are sent over a GRPC API and marshaled as a [protobuf.Any](https://github.com/gogo/protobuf/blob/master/protobuf/google/protobuf/any.proto). + +## Project details + +**typeurl** is a containerd sub-project, licensed under the [Apache 2.0 license](./LICENSE). +As a containerd sub-project, you will find the: + * [Project governance](https://github.com/containerd/project/blob/master/GOVERNANCE.md), + * [Maintainers](https://github.com/containerd/project/blob/master/MAINTAINERS), + * and [Contributing guidelines](https://github.com/containerd/project/blob/master/CONTRIBUTING.md) + +information in our [`containerd/project`](https://github.com/containerd/project) repository. diff --git a/vendor/github.com/containerd/typeurl/doc.go b/vendor/github.com/containerd/typeurl/doc.go new file mode 100644 index 000000000000..c0d0fd205333 --- /dev/null +++ b/vendor/github.com/containerd/typeurl/doc.go @@ -0,0 +1,83 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package typeurl + +// Package typeurl assists with managing the registration, marshaling, and +// unmarshaling of types encoded as protobuf.Any. +// +// A protobuf.Any is a proto message that can contain any arbitrary data. It +// consists of two components, a TypeUrl and a Value, and its proto definition +// looks like this: +// +// message Any { +// string type_url = 1; +// bytes value = 2; +// } +// +// The TypeUrl is used to distinguish the contents from other proto.Any +// messages. This typeurl library manages these URLs to enable automagic +// marshaling and unmarshaling of the contents. +// +// For example, consider this go struct: +// +// type Foo struct { +// Field1 string +// Field2 string +// } +// +// To use typeurl, types must first be registered. This is typically done in +// the init function +// +// func init() { +// typeurl.Register(&Foo{}, "Foo") +// } +// +// This will register the type Foo with the url path "Foo". The arguments to +// Register are variadic, and are used to construct a url path. Consider this +// example, from the github.com/containerd/containerd/client package: +// +// func init() { +// const prefix = "types.containerd.io" +// // register TypeUrls for commonly marshaled external types +// major := strconv.Itoa(specs.VersionMajor) +// typeurl.Register(&specs.Spec{}, prefix, "opencontainers/runtime-spec", major, "Spec") +// // this function has more Register calls, which are elided. +// } +// +// This registers several types under a more complex url, which ends up mapping +// to `types.containerd.io/opencontainers/runtime-spec/1/Spec` (or some other +// value for major). +// +// Once a type is registered, it can be marshaled to a proto.Any message simply +// by calling `MarshalAny`, like this: +// +// foo := &Foo{Field1: "value1", Field2: "value2"} +// anyFoo, err := typeurl.MarshalAny(foo) +// +// MarshalAny will resolve the correct URL for the type. If the type in +// question implements the proto.Message interface, then it will be marshaled +// as a proto message. Otherwise, it will be marshaled as json. This means that +// typeurl will work on any arbitrary data, whether or not it has a proto +// definition, as long as it can be serialized to json. +// +// To unmarshal, the process is simply inverse: +// +// iface, err := typeurl.UnmarshalAny(anyFoo) +// foo := iface.(*Foo) +// +// The correct type is automatically chosen from the type registry, and the +// returned interface can be cast straight to that type. diff --git a/vendor/github.com/containerd/typeurl/types.go b/vendor/github.com/containerd/typeurl/types.go new file mode 100644 index 000000000000..647d419a293d --- /dev/null +++ b/vendor/github.com/containerd/typeurl/types.go @@ -0,0 +1,214 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package typeurl + +import ( + "encoding/json" + "path" + "reflect" + "sync" + + "github.com/gogo/protobuf/proto" + "github.com/gogo/protobuf/types" + "github.com/pkg/errors" +) + +var ( + mu sync.RWMutex + registry = make(map[reflect.Type]string) +) + +// Definitions of common error types used throughout typeurl. +// +// These error types are used with errors.Wrap and errors.Wrapf to add context +// to an error. +// +// To detect an error class, use errors.Is() functions to tell whether an +// error is of this type. +var ( + ErrNotFound = errors.New("not found") +) + +// Register a type with a base URL for JSON marshaling. When the MarshalAny and +// UnmarshalAny functions are called they will treat the Any type value as JSON. +// To use protocol buffers for handling the Any value the proto.Register +// function should be used instead of this function. +func Register(v interface{}, args ...string) { + var ( + t = tryDereference(v) + p = path.Join(args...) + ) + mu.Lock() + defer mu.Unlock() + if et, ok := registry[t]; ok { + if et != p { + panic(errors.Errorf("type registered with alternate path %q != %q", et, p)) + } + return + } + registry[t] = p +} + +// TypeURL returns the type url for a registered type. +func TypeURL(v interface{}) (string, error) { + mu.RLock() + u, ok := registry[tryDereference(v)] + mu.RUnlock() + if !ok { + // fallback to the proto registry if it is a proto message + pb, ok := v.(proto.Message) + if !ok { + return "", errors.Wrapf(ErrNotFound, "type %s", reflect.TypeOf(v)) + } + return proto.MessageName(pb), nil + } + return u, nil +} + +// Is returns true if the type of the Any is the same as v. +func Is(any *types.Any, v interface{}) bool { + // call to check that v is a pointer + tryDereference(v) + url, err := TypeURL(v) + if err != nil { + return false + } + return any.TypeUrl == url +} + +// MarshalAny marshals the value v into an any with the correct TypeUrl. +// If the provided object is already a proto.Any message, then it will be +// returned verbatim. If it is of type proto.Message, it will be marshaled as a +// protocol buffer. Otherwise, the object will be marshaled to json. +func MarshalAny(v interface{}) (*types.Any, error) { + var marshal func(v interface{}) ([]byte, error) + switch t := v.(type) { + case *types.Any: + // avoid reserializing the type if we have an any. + return t, nil + case proto.Message: + marshal = func(v interface{}) ([]byte, error) { + return proto.Marshal(t) + } + default: + marshal = json.Marshal + } + + url, err := TypeURL(v) + if err != nil { + return nil, err + } + + data, err := marshal(v) + if err != nil { + return nil, err + } + return &types.Any{ + TypeUrl: url, + Value: data, + }, nil +} + +// UnmarshalAny unmarshals the any type into a concrete type. +func UnmarshalAny(any *types.Any) (interface{}, error) { + return UnmarshalByTypeURL(any.TypeUrl, any.Value) +} + +// UnmarshalByTypeURL unmarshals the given type and value to into a concrete type. +func UnmarshalByTypeURL(typeURL string, value []byte) (interface{}, error) { + return unmarshal(typeURL, value, nil) +} + +// UnmarshalTo unmarshals the any type into a concrete type passed in the out +// argument. It is identical to UnmarshalAny, but lets clients provide a +// destination type through the out argument. +func UnmarshalTo(any *types.Any, out interface{}) error { + return UnmarshalToByTypeURL(any.TypeUrl, any.Value, out) +} + +// UnmarshalTo unmarshals the given type and value into a concrete type passed +// in the out argument. It is identical to UnmarshalByTypeURL, but lets clients +// provide a destination type through the out argument. +func UnmarshalToByTypeURL(typeURL string, value []byte, out interface{}) error { + _, err := unmarshal(typeURL, value, out) + return err +} + +func unmarshal(typeURL string, value []byte, v interface{}) (interface{}, error) { + t, err := getTypeByUrl(typeURL) + if err != nil { + return nil, err + } + + if v == nil { + v = reflect.New(t.t).Interface() + } else { + // Validate interface type provided by client + vURL, err := TypeURL(v) + if err != nil { + return nil, err + } + if typeURL != vURL { + return nil, errors.Errorf("can't unmarshal type %q to output %q", typeURL, vURL) + } + } + + if t.isProto { + err = proto.Unmarshal(value, v.(proto.Message)) + } else { + err = json.Unmarshal(value, v) + } + + return v, err +} + +type urlType struct { + t reflect.Type + isProto bool +} + +func getTypeByUrl(url string) (urlType, error) { + mu.RLock() + for t, u := range registry { + if u == url { + mu.RUnlock() + return urlType{ + t: t, + }, nil + } + } + mu.RUnlock() + // fallback to proto registry + t := proto.MessageType(url) + if t != nil { + return urlType{ + // get the underlying Elem because proto returns a pointer to the type + t: t.Elem(), + isProto: true, + }, nil + } + return urlType{}, errors.Wrapf(ErrNotFound, "type with url %s", url) +} + +func tryDereference(v interface{}) reflect.Type { + t := reflect.TypeOf(v) + if t.Kind() == reflect.Ptr { + // require check of pointer but dereference to register + return t.Elem() + } + panic("v is not a pointer to a type") +} diff --git a/vendor/github.com/containers/buildah/CHANGELOG.md b/vendor/github.com/containers/buildah/CHANGELOG.md index d766e3248b78..d578ed93877c 100644 --- a/vendor/github.com/containers/buildah/CHANGELOG.md +++ b/vendor/github.com/containers/buildah/CHANGELOG.md @@ -2,6 +2,87 @@ # Changelog +## v1.33.0 (2023-11-17) + + Never omit layers for emptyLayer instructions when squashing/cwing + Add OverrideChanges and OverrideConfig to CommitOptions + buildah: add heredoc support for RUN, COPY and ADD + vendor: bump imagebuilder to v1.2.6-0.20231110114814-35a50d57f722 + conformance tests: archive the context directory as 0:0 (#5171) + blobcacheinfo,test: blobs must be resued when pushing across registry + Bump c/storage v1.51.0, c/image v5.29.0, c/common v0.57.0 + pkg/util.MirrorToTempFileIfPathIsDescriptor(): don't leak an fd + StageExecutor.Execute: force a commit for --unsetenv, too + Increase a copier+chroot test timeout + Add support for --compat-auth-file in login/logout + Update existing tests for error message change + Update c/image and c/common to latest + fix(deps): update module github.com/containerd/containerd to v1.7.9 + build: downgrade to go 1.20 + Add godoc for pkg/parse.GetTempDir + conformance tests: use go-dockerclient for BuildKit builds + Make TEE types case-insensitive + fix(deps): update module golang.org/x/crypto to v0.15.0 + Tweak some help descriptions + Stop using DefaultNetworkSysctl and use containers.conf only + Implement ADD checksum flag #5135 + vendor of openshift/imagebuilder #5135 + Pass secrets from the host down to internal podman containers + Update cirrus and version of golang + image: replace GetStoreImage with ResolveReference + vendor: bump c/image to 373c52a9466f + pkg/parse.Platform(): minor simplification + createConfigsAndManifests: clear history before cw-specific logic + Use a constant definition instead of "scratch" + conformance: use require.NoErrorf() more + fix(deps): update module golang.org/x/term to v0.14.0 + fix(deps): update module golang.org/x/sync to v0.5.0 + fix(deps): update module github.com/spf13/cobra to v1.8.0 + fix(deps): update module golang.org/x/sys to v0.14.0 + fix(deps): update github.com/containers/common digest to 8354404 + fix(deps): update module github.com/opencontainers/runc to v1.1.10 + fix(deps): update github.com/containers/luksy digest to b5a7f79 + Log the platform for build errors during multi-platform builds + Use mask definitions from containers/common + Vendor in latest containers/common + fix(deps): update module github.com/containerd/containerd to v1.7.8 + fix(deps): update module go.etcd.io/bbolt to v1.3.8 + container.conf: support attributed string slices + fix(deps): update module sigs.k8s.io/yaml to v1.4.0 + Use cutil.StringInSlice rather then contains + Add --no-hostname option to buildah containers + vendor c/common: appendable containers.conf strings, Part 1 + fix(deps): update module github.com/onsi/gomega to v1.28.1 + chroot.setupChrootBindMounts: pay more attention to flags + chore(deps): update dependency containers/automation_images to v20231004 + Vendor containers/common + chore(deps): update module golang.org/x/net to v0.17.0 [security] + run: use internal.GetTempDir with os.MkdirTemp + fix(deps): update module github.com/containerd/containerd to v1.7.7 + imagebuildah,multi-stage: do not remove base images + gitignore: add mkcw binary + mkcw: remove entrypoint binaries + fix(deps): update module golang.org/x/crypto to v0.14.0 + fix(deps): update module golang.org/x/sys to v0.13.0 + fix(deps): update module golang.org/x/sync to v0.4.0 + Update some comments related to confidential workload + Use the parent's image ID in the config that we pass to imagebuilder + fix(deps): update github.com/containers/common digest to 8892536 + fix(deps): update github.com/containers/luksy digest to 6df88cb + bug: Ensure the mount type is always BindMount by default + Protocol can be specified with --port. Ex. --port 514/udp + fix(deps): update module github.com/onsi/gomega to v1.28.0 + build,config: add support for --unsetlabel + tests/bud: add tests + [CI:BUILD] Packit: tag @containers/packit-build on copr build failures + stage_executor: allow images without layers + vendor of containers/common + Removing selinux_tag.sh as no longer needed after 580356f [NO NEW TESTS NEEDED] + add/copy: make sure we handle relative path names correctly + fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 + Bump to v1.33.0-dev + imagebuildah: consider ignorefile with --build-context + ## v1.32.0 (2023-09-14) GetTmpDir is not using ImageCopyTmpdir correctly diff --git a/vendor/github.com/containers/buildah/Makefile b/vendor/github.com/containers/buildah/Makefile index 112a3cb62116..85b43c7b9ebc 100644 --- a/vendor/github.com/containers/buildah/Makefile +++ b/vendor/github.com/containers/buildah/Makefile @@ -39,7 +39,7 @@ LIBSECCOMP_COMMIT := release-2.3 EXTRA_LDFLAGS ?= BUILDAH_LDFLAGS := $(GO_LDFLAGS) '-X main.GitCommit=$(GIT_COMMIT) -X main.buildInfo=$(SOURCE_DATE_EPOCH) -X main.cniVersion=$(CNI_COMMIT) $(EXTRA_LDFLAGS)' -SOURCES=*.go imagebuildah/*.go bind/*.go chroot/*.go copier/*.go define/*.go docker/*.go internal/mkcw/*.go internal/mkcw/types/*.go internal/parse/*.go internal/source/*.go internal/util/*.go manifests/*.go pkg/chrootuser/*.go pkg/cli/*.go pkg/completion/*.go pkg/formats/*.go pkg/overlay/*.go pkg/parse/*.go pkg/rusage/*.go pkg/sshagent/*.go pkg/umask/*.go pkg/util/*.go util/*.go +SOURCES=*.go imagebuildah/*.go bind/*.go chroot/*.go copier/*.go define/*.go docker/*.go internal/config/*.go internal/mkcw/*.go internal/mkcw/types/*.go internal/parse/*.go internal/source/*.go internal/util/*.go manifests/*.go pkg/chrootuser/*.go pkg/cli/*.go pkg/completion/*.go pkg/formats/*.go pkg/overlay/*.go pkg/parse/*.go pkg/rusage/*.go pkg/sshagent/*.go pkg/umask/*.go pkg/util/*.go util/*.go LINTFLAGS ?= diff --git a/vendor/github.com/containers/buildah/changelog.txt b/vendor/github.com/containers/buildah/changelog.txt index 5cd3d0c01d78..a47dae0aab3e 100644 --- a/vendor/github.com/containers/buildah/changelog.txt +++ b/vendor/github.com/containers/buildah/changelog.txt @@ -1,3 +1,83 @@ +- Changelog for v1.33.0 (2023-11-17) + * Never omit layers for emptyLayer instructions when squashing/cwing + * Add OverrideChanges and OverrideConfig to CommitOptions + * buildah: add heredoc support for RUN, COPY and ADD + * vendor: bump imagebuilder to v1.2.6-0.20231110114814-35a50d57f722 + * conformance tests: archive the context directory as 0:0 (#5171) + * blobcacheinfo,test: blobs must be resued when pushing across registry + * Bump c/storage v1.51.0, c/image v5.29.0, c/common v0.57.0 + * pkg/util.MirrorToTempFileIfPathIsDescriptor(): don't leak an fd + * StageExecutor.Execute: force a commit for --unsetenv, too + * Increase a copier+chroot test timeout + * Add support for --compat-auth-file in login/logout + * Update existing tests for error message change + * Update c/image and c/common to latest + * fix(deps): update module github.com/containerd/containerd to v1.7.9 + * build: downgrade to go 1.20 + * Add godoc for pkg/parse.GetTempDir + * conformance tests: use go-dockerclient for BuildKit builds + * Make TEE types case-insensitive + * fix(deps): update module golang.org/x/crypto to v0.15.0 + * Tweak some help descriptions + * Stop using DefaultNetworkSysctl and use containers.conf only + * Implement ADD checksum flag #5135 + * vendor of openshift/imagebuilder #5135 + * Pass secrets from the host down to internal podman containers + * Update cirrus and version of golang + * image: replace GetStoreImage with ResolveReference + * vendor: bump c/image to 373c52a9466f + * pkg/parse.Platform(): minor simplification + * createConfigsAndManifests: clear history before cw-specific logic + * Use a constant definition instead of "scratch" + * conformance: use require.NoErrorf() more + * fix(deps): update module golang.org/x/term to v0.14.0 + * fix(deps): update module golang.org/x/sync to v0.5.0 + * fix(deps): update module github.com/spf13/cobra to v1.8.0 + * fix(deps): update module golang.org/x/sys to v0.14.0 + * fix(deps): update github.com/containers/common digest to 8354404 + * fix(deps): update module github.com/opencontainers/runc to v1.1.10 + * fix(deps): update github.com/containers/luksy digest to b5a7f79 + * Log the platform for build errors during multi-platform builds + * Use mask definitions from containers/common + * Vendor in latest containers/common + * fix(deps): update module github.com/containerd/containerd to v1.7.8 + * fix(deps): update module go.etcd.io/bbolt to v1.3.8 + * container.conf: support attributed string slices + * fix(deps): update module sigs.k8s.io/yaml to v1.4.0 + * Use cutil.StringInSlice rather then contains + * Add --no-hostname option to buildah containers + * vendor c/common: appendable containers.conf strings, Part 1 + * fix(deps): update module github.com/onsi/gomega to v1.28.1 + * chroot.setupChrootBindMounts: pay more attention to flags + * chore(deps): update dependency containers/automation_images to v20231004 + * Vendor containers/common + * chore(deps): update module golang.org/x/net to v0.17.0 [security] + * run: use internal.GetTempDir with os.MkdirTemp + * fix(deps): update module github.com/containerd/containerd to v1.7.7 + * imagebuildah,multi-stage: do not remove base images + * gitignore: add mkcw binary + * mkcw: remove entrypoint binaries + * fix(deps): update module golang.org/x/crypto to v0.14.0 + * fix(deps): update module golang.org/x/sys to v0.13.0 + * fix(deps): update module golang.org/x/sync to v0.4.0 + * Update some comments related to confidential workload + * Use the parent's image ID in the config that we pass to imagebuilder + * fix(deps): update github.com/containers/common digest to 8892536 + * fix(deps): update github.com/containers/luksy digest to 6df88cb + * bug: Ensure the mount type is always BindMount by default + * Protocol can be specified with --port. Ex. --port 514/udp + * fix(deps): update module github.com/onsi/gomega to v1.28.0 + * build,config: add support for --unsetlabel + * tests/bud: add tests + * [CI:BUILD] Packit: tag @containers/packit-build on copr build failures + * stage_executor: allow images without layers + * vendor of containers/common + * Removing selinux_tag.sh as no longer needed after 580356f [NO NEW TESTS NEEDED] + * add/copy: make sure we handle relative path names correctly + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 + * Bump to v1.33.0-dev + * imagebuildah: consider ignorefile with --build-context + - Changelog for v1.32.0 (2023-09-14) * GetTmpDir is not using ImageCopyTmpdir correctly * Run codespell on code diff --git a/vendor/github.com/containers/buildah/commit.go b/vendor/github.com/containers/buildah/commit.go index 00181b518d97..ef55e5419a7b 100644 --- a/vendor/github.com/containers/buildah/commit.go +++ b/vendor/github.com/containers/buildah/commit.go @@ -110,6 +110,14 @@ type CommitOptions struct { // UnsetEnvs is a list of environments to not add to final image. // Deprecated: use UnsetEnv() before committing instead. UnsetEnvs []string + // OverrideConfig is an optional Schema2Config which can override parts + // of the working container's configuration for the image that is being + // committed. + OverrideConfig *manifest.Schema2Config + // OverrideChanges is a slice of Dockerfile-style instructions to make + // to the configuration of the image that is being committed, after + // OverrideConfig is applied. + OverrideChanges []string } var ( diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index aedcf9da4b1e..ae3836a3fde1 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -29,7 +29,7 @@ const ( // identify working containers. Package = "buildah" // Version for the Package. Also used by .packit.sh for Packit builds. - Version = "1.33.0-dev" + Version = "1.33.0" // DefaultRuntime if containers.conf fails. DefaultRuntime = "runc" diff --git a/vendor/github.com/containers/buildah/image.go b/vendor/github.com/containers/buildah/image.go index 52f7dc67abbd..7318e04bdac4 100644 --- a/vendor/github.com/containers/buildah/image.go +++ b/vendor/github.com/containers/buildah/image.go @@ -16,6 +16,7 @@ import ( "github.com/containers/buildah/copier" "github.com/containers/buildah/define" "github.com/containers/buildah/docker" + "github.com/containers/buildah/internal/config" "github.com/containers/buildah/internal/mkcw" "github.com/containers/buildah/internal/tmpdir" "github.com/containers/image/v5/docker/reference" @@ -79,6 +80,8 @@ type containerImageRef struct { blobDirectory string preEmptyLayers []v1.History postEmptyLayers []v1.History + overrideChanges []string + overrideConfig *manifest.Schema2Config } type blobLayerInfo struct { @@ -298,6 +301,12 @@ func (i *containerImageRef) createConfigsAndManifests() (v1.Image, v1.Manifest, dimage.History = []docker.V2S2History{} } + // If we were supplied with a configuration, copy fields from it to + // matching fields in both formats. + if err := config.Override(dimage.Config, &oimage.Config, i.overrideChanges, i.overrideConfig); err != nil { + return v1.Image{}, v1.Manifest{}, docker.V2Image{}, docker.V2S2Manifest{}, fmt.Errorf("applying changes: %w", err) + } + // If we're producing a confidential workload, override the command and // assorted other settings that aren't expected to work correctly. if i.confidentialWorkload.Convert { @@ -412,11 +421,6 @@ func (i *containerImageRef) NewImageSource(ctx context.Context, sc *types.System if err != nil { return nil, fmt.Errorf("unable to locate layer %q: %w", layerID, err) } - // If we're up to the final layer, but we don't want to include - // a diff for it, we're done. - if i.emptyLayer && layerID == i.layerID { - continue - } // If we already know the digest of the contents of parent // layers, reuse their blobsums, diff IDs, and sizes. if !i.confidentialWorkload.Convert && !i.squash && layerID != i.layerID && layer.UncompressedDigest != "" { @@ -470,6 +474,11 @@ func (i *containerImageRef) NewImageSource(ctx context.Context, sc *types.System return nil, err } } else { + // If we're up to the final layer, but we don't want to + // include a diff for it, we're done. + if i.emptyLayer && layerID == i.layerID { + continue + } // Extract this layer, one of possibly many. rc, err = i.store.Diff("", layerID, diffOptions) if err != nil { @@ -918,12 +927,14 @@ func (b *Builder) makeContainerImageRef(options CommitOptions) (*containerImageR squash: options.Squash, confidentialWorkload: options.ConfidentialWorkloadOptions, omitHistory: options.OmitHistory, - emptyLayer: options.EmptyLayer && !options.Squash, + emptyLayer: options.EmptyLayer && !options.Squash && !options.ConfidentialWorkloadOptions.Convert, idMappingOptions: &b.IDMappingOptions, parent: parent, blobDirectory: options.BlobDirectory, preEmptyLayers: b.PrependedEmptyLayers, postEmptyLayers: b.AppendedEmptyLayers, + overrideChanges: options.OverrideChanges, + overrideConfig: options.OverrideConfig, } return ref, nil } diff --git a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go index 69b60f53909f..9398dcef8da2 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go +++ b/vendor/github.com/containers/buildah/imagebuildah/stage_executor.go @@ -7,6 +7,7 @@ import ( "fmt" "io" "os" + "path" "path/filepath" "sort" "strconv" @@ -35,6 +36,7 @@ import ( "github.com/containers/storage/pkg/chrootarchive" "github.com/containers/storage/pkg/unshare" docker "github.com/fsouza/go-dockerclient" + buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" digest "github.com/opencontainers/go-digest" v1 "github.com/opencontainers/image-spec/specs-go/v1" "github.com/opencontainers/runtime-spec/specs-go" @@ -348,6 +350,11 @@ func (s *StageExecutor) volumeCacheRestore() error { // imagebuilder tells us the instruction was "ADD" and not "COPY". func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) error { s.builder.ContentDigester.Restart() + return s.performCopy(excludes, copies...) +} + +func (s *StageExecutor) performCopy(excludes []string, copies ...imagebuilder.Copy) error { + copiesExtend := []imagebuilder.Copy{} for _, copy := range copies { if err := s.volumeCacheInvalidate(copy.Dest); err != nil { return err @@ -362,7 +369,61 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err stripSetgid := false preserveOwnership := false contextDir := s.executor.contextDir - if len(copy.From) > 0 { + // If we are copying files via heredoc syntax, then + // its time to create these temporary files on host + // and copy these to container + if len(copy.Files) > 0 { + // If we are copying files from heredoc syntax, there + // maybe regular files from context as well so split and + // process them differently + if len(copy.Src) > len(copy.Files) { + regularSources := []string{} + for _, src := range copy.Src { + // If this source is not a heredoc, then it is a regular file from + // build context or from another stage (`--from=`) so treat this differently. + if !strings.HasPrefix(src, "<<") { + regularSources = append(regularSources, src) + } + } + copyEntry := copy + // Remove heredoc if any, since we are already processing them + // so create new entry with sources containing regular files + // only, since regular files can have different context then + // heredoc files. + copyEntry.Files = nil + copyEntry.Src = regularSources + copiesExtend = append(copiesExtend, copyEntry) + } + copySources := []string{} + for _, file := range copy.Files { + data := file.Data + // remove first break line added while parsing heredoc + data = strings.TrimPrefix(data, "\n") + // add breakline when heredoc ends for docker compat + data = data + "\n" + tmpFile, err := os.Create(filepath.Join(parse.GetTempDir(), path.Base(filepath.ToSlash(file.Name)))) + if err != nil { + return fmt.Errorf("unable to create tmp file for COPY instruction at %q: %w", parse.GetTempDir(), err) + } + err = tmpFile.Chmod(0644) // 644 is consistent with buildkit + if err != nil { + tmpFile.Close() + return fmt.Errorf("unable to chmod tmp file created for COPY instruction at %q: %w", tmpFile.Name(), err) + } + defer os.Remove(tmpFile.Name()) + _, err = tmpFile.WriteString(data) + if err != nil { + tmpFile.Close() + return fmt.Errorf("unable to write contents of heredoc file at %q: %w", tmpFile.Name(), err) + } + copySources = append(copySources, filepath.Base(tmpFile.Name())) + tmpFile.Close() + } + contextDir = parse.GetTempDir() + copy.Src = copySources + } + + if len(copy.From) > 0 && len(copy.Files) == 0 { // If from has an argument within it, resolve it to its // value. Otherwise just return the value found. from, fromErr := imagebuilder.ProcessWord(copy.From, s.stage.Builder.Arguments()) @@ -486,6 +547,13 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err return err } } + if len(copiesExtend) > 0 { + // If we found heredocs and regularfiles together + // in same statement then we produced new copies to + // process regular files separately since they need + // different context. + return s.performCopy(excludes, copiesExtend...) + } return nil } @@ -591,10 +659,59 @@ func (s *StageExecutor) runStageMountPoints(mountList []string) (map[string]inte return stageMountPoints, nil } +func (s *StageExecutor) createNeededHeredocMountsForRun(files []imagebuilder.File) ([]Mount, error) { + mountResult := []Mount{} + for _, file := range files { + f, err := os.CreateTemp(parse.GetTempDir(), "buildahheredoc") + if err != nil { + return nil, err + } + if _, err := f.WriteString(file.Data); err != nil { + f.Close() + return nil, err + } + err = f.Chmod(0755) + if err != nil { + f.Close() + return nil, err + } + // dest path is same as buildkit for compat + dest := filepath.Join("/dev/pipes/", filepath.Base(f.Name())) + mount := Mount{Destination: dest, Type: define.TypeBind, Source: f.Name(), Options: append(define.BindOptions, "rprivate", "z", "Z")} + mountResult = append(mountResult, mount) + f.Close() + } + return mountResult, nil +} + // Run executes a RUN instruction using the stage's current working container // as a root directory. func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error { logrus.Debugf("RUN %#v, %#v", run, config) + args := run.Args + heredocMounts := []Mount{} + if len(run.Files) > 0 { + if heredoc := buildkitparser.MustParseHeredoc(args[0]); heredoc != nil { + if strings.HasPrefix(run.Files[0].Data, "#!") || strings.HasPrefix(run.Files[0].Data, "\n#!") { + // This is a single heredoc with a shebang, so create a file + // and run it. + heredocMount, err := s.createNeededHeredocMountsForRun(run.Files) + if err != nil { + return err + } + args = []string{heredocMount[0].Destination} + heredocMounts = append(heredocMounts, heredocMount...) + } else { + args = []string{run.Files[0].Data} + } + } else { + full := args[0] + for _, file := range run.Files { + full += file.Data + "\n" + file.Name + } + args = []string{full} + } + } stageMountPoints, err := s.runStageMountPoints(run.Mounts) if err != nil { return err @@ -658,7 +775,6 @@ func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error { options.ConfigureNetwork = buildah.NetworkDisabled } - args := run.Args if run.Shell { if len(config.Shell) > 0 && s.builder.Format == define.Dockerv2ImageManifest { args = append(config.Shell, args...) @@ -671,6 +787,9 @@ func (s *StageExecutor) Run(run imagebuilder.Run, config docker.Config) error { return err } options.Mounts = append(options.Mounts, mounts...) + if len(heredocMounts) > 0 { + options.Mounts = append(options.Mounts, heredocMounts...) + } err = s.builder.Run(args, options) if err2 := s.volumeCacheRestore(); err2 != nil { if err == nil { diff --git a/vendor/github.com/containers/buildah/internal/config/convert.go b/vendor/github.com/containers/buildah/internal/config/convert.go new file mode 100644 index 000000000000..7287c6718b0c --- /dev/null +++ b/vendor/github.com/containers/buildah/internal/config/convert.go @@ -0,0 +1,121 @@ +package config + +import ( + "github.com/containers/image/v5/manifest" + dockerclient "github.com/fsouza/go-dockerclient" +) + +// Schema2ConfigFromGoDockerclientConfig converts a go-dockerclient Config +// structure to a manifest Schema2Config. +func Schema2ConfigFromGoDockerclientConfig(config *dockerclient.Config) *manifest.Schema2Config { + overrideExposedPorts := make(map[manifest.Schema2Port]struct{}) + for port := range config.ExposedPorts { + overrideExposedPorts[manifest.Schema2Port(port)] = struct{}{} + } + var overrideHealthCheck *manifest.Schema2HealthConfig + if config.Healthcheck != nil { + overrideHealthCheck = &manifest.Schema2HealthConfig{ + Test: config.Healthcheck.Test, + StartPeriod: config.Healthcheck.StartPeriod, + Interval: config.Healthcheck.Interval, + Timeout: config.Healthcheck.Timeout, + Retries: config.Healthcheck.Retries, + } + } + labels := make(map[string]string) + for k, v := range config.Labels { + labels[k] = v + } + volumes := make(map[string]struct{}) + for v := range config.Volumes { + volumes[v] = struct{}{} + } + s2config := &manifest.Schema2Config{ + Hostname: config.Hostname, + Domainname: config.Domainname, + User: config.User, + AttachStdin: config.AttachStdin, + AttachStdout: config.AttachStdout, + AttachStderr: config.AttachStderr, + ExposedPorts: overrideExposedPorts, + Tty: config.Tty, + OpenStdin: config.OpenStdin, + StdinOnce: config.StdinOnce, + Env: append([]string{}, config.Env...), + Cmd: append([]string{}, config.Cmd...), + Healthcheck: overrideHealthCheck, + ArgsEscaped: config.ArgsEscaped, + Image: config.Image, + Volumes: volumes, + WorkingDir: config.WorkingDir, + Entrypoint: append([]string{}, config.Entrypoint...), + NetworkDisabled: config.NetworkDisabled, + MacAddress: config.MacAddress, + OnBuild: append([]string{}, config.OnBuild...), + Labels: labels, + StopSignal: config.StopSignal, + Shell: config.Shell, + } + if config.StopTimeout != 0 { + s2config.StopTimeout = &config.StopTimeout + } + return s2config +} + +// GoDockerclientConfigFromSchema2Config converts a manifest Schema2Config +// to a go-dockerclient config structure. +func GoDockerclientConfigFromSchema2Config(s2config *manifest.Schema2Config) *dockerclient.Config { + overrideExposedPorts := make(map[dockerclient.Port]struct{}) + for port := range s2config.ExposedPorts { + overrideExposedPorts[dockerclient.Port(port)] = struct{}{} + } + var healthCheck *dockerclient.HealthConfig + if s2config.Healthcheck != nil { + healthCheck = &dockerclient.HealthConfig{ + Test: s2config.Healthcheck.Test, + StartPeriod: s2config.Healthcheck.StartPeriod, + Interval: s2config.Healthcheck.Interval, + Timeout: s2config.Healthcheck.Timeout, + Retries: s2config.Healthcheck.Retries, + } + } + labels := make(map[string]string) + for k, v := range s2config.Labels { + labels[k] = v + } + volumes := make(map[string]struct{}) + for v := range s2config.Volumes { + volumes[v] = struct{}{} + } + config := &dockerclient.Config{ + Hostname: s2config.Hostname, + Domainname: s2config.Domainname, + User: s2config.User, + AttachStdin: s2config.AttachStdin, + AttachStdout: s2config.AttachStdout, + AttachStderr: s2config.AttachStderr, + PortSpecs: nil, + ExposedPorts: overrideExposedPorts, + Tty: s2config.Tty, + OpenStdin: s2config.OpenStdin, + StdinOnce: s2config.StdinOnce, + Env: append([]string{}, s2config.Env...), + Cmd: append([]string{}, s2config.Cmd...), + Healthcheck: healthCheck, + ArgsEscaped: s2config.ArgsEscaped, + Image: s2config.Image, + Volumes: volumes, + WorkingDir: s2config.WorkingDir, + Entrypoint: append([]string{}, s2config.Entrypoint...), + NetworkDisabled: s2config.NetworkDisabled, + MacAddress: s2config.MacAddress, + OnBuild: append([]string{}, s2config.OnBuild...), + Labels: labels, + StopSignal: s2config.StopSignal, + Shell: s2config.Shell, + } + if s2config.StopTimeout != nil { + config.StopTimeout = *s2config.StopTimeout + } + return config +} diff --git a/vendor/github.com/containers/buildah/internal/config/executor.go b/vendor/github.com/containers/buildah/internal/config/executor.go new file mode 100644 index 000000000000..19b1429b7878 --- /dev/null +++ b/vendor/github.com/containers/buildah/internal/config/executor.go @@ -0,0 +1,45 @@ +package config + +import ( + "errors" + "fmt" + "os" + + dockerclient "github.com/fsouza/go-dockerclient" + "github.com/openshift/imagebuilder" +) + +// configOnlyExecutor implements the Executor interface that an +// imagebuilder.Builder expects to be able to call to do some heavy lifting, +// but it just refuses to do the work of ADD, COPY, or RUN. It also doesn't +// care if the working directory exists in a container, because it's really +// only concerned with letting the Builder's RunConfig get updated by changes +// from a Dockerfile. Try anything more than that and it'll return an error. +type configOnlyExecutor struct{} + +func (g *configOnlyExecutor) Preserve(path string) error { + return errors.New("ADD/COPY/RUN not supported as changes") +} + +func (g *configOnlyExecutor) EnsureContainerPath(path string) error { + return nil +} + +func (g *configOnlyExecutor) EnsureContainerPathAs(path, user string, mode *os.FileMode) error { + return nil +} + +func (g *configOnlyExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) error { + if len(copies) == 0 { + return nil + } + return errors.New("ADD/COPY not supported as changes") +} + +func (g *configOnlyExecutor) Run(run imagebuilder.Run, config dockerclient.Config) error { + return errors.New("RUN not supported as changes") +} + +func (g *configOnlyExecutor) UnrecognizedInstruction(step *imagebuilder.Step) error { + return fmt.Errorf("did not understand change instruction %q", step.Original) +} diff --git a/vendor/github.com/containers/buildah/internal/config/override.go b/vendor/github.com/containers/buildah/internal/config/override.go new file mode 100644 index 000000000000..a1dfebf69531 --- /dev/null +++ b/vendor/github.com/containers/buildah/internal/config/override.go @@ -0,0 +1,181 @@ +package config + +import ( + "fmt" + "os" + "strings" + + "github.com/containers/buildah/docker" + "github.com/containers/image/v5/manifest" + v1 "github.com/opencontainers/image-spec/specs-go/v1" + "github.com/openshift/imagebuilder" +) + +// firstStringElseSecondString takes two strings, and returns the first +// string if it isn't empty, else the second string +func firstStringElseSecondString(first, second string) string { + if first != "" { + return first + } + return second +} + +// firstSliceElseSecondSlice takes two string slices, and returns the first +// slice of strings if it has contents, else the second slice +func firstSliceElseSecondSlice(first, second []string) []string { + if len(first) > 0 { + return append([]string{}, first...) + } + return append([]string{}, second...) +} + +// firstSlicePairElseSecondSlicePair takes two pairs of string slices, and +// returns the first pair of slices if either has contents, else the second +// pair +func firstSlicePairElseSecondSlicePair(firstA, firstB, secondA, secondB []string) ([]string, []string) { + if len(firstA) > 0 || len(firstB) > 0 { + return append([]string{}, firstA...), append([]string{}, firstB...) + } + return append([]string{}, secondA...), append([]string{}, secondB...) +} + +// mergeEnv combines variables from a and b into a single environment slice. if +// a and b both provide values for the same variable, the value from b is +// preferred +func mergeEnv(a, b []string) []string { + index := make(map[string]int) + results := make([]string, 0, len(a)+len(b)) + for _, kv := range append(append([]string{}, a...), b...) { + k, _, specifiesValue := strings.Cut(kv, "=") + if !specifiesValue { + if value, ok := os.LookupEnv(kv); ok { + kv = kv + "=" + value + } else { + kv = kv + "=" + } + } + if i, seen := index[k]; seen { + results[i] = kv + } else { + index[k] = len(results) + results = append(results, kv) + } + } + return results +} + +// Override takes a buildah docker config and an OCI ImageConfig, and applies a +// mixture of a slice of Dockerfile-style instructions and fields from a config +// blob to them both +func Override(dconfig *docker.Config, oconfig *v1.ImageConfig, overrideChanges []string, overrideConfig *manifest.Schema2Config) error { + if len(overrideChanges) > 0 { + if overrideConfig == nil { + overrideConfig = &manifest.Schema2Config{} + } + // Parse the set of changes as we would a Dockerfile. + changes := strings.Join(overrideChanges, "\n") + parsed, err := imagebuilder.ParseDockerfile(strings.NewReader(changes)) + if err != nil { + return fmt.Errorf("parsing change set %+v: %w", changes, err) + } + // Create a dummy builder object to process configuration-related + // instructions. + subBuilder := imagebuilder.NewBuilder(nil) + // Convert the incoming data into an initial RunConfig. + subBuilder.RunConfig = *GoDockerclientConfigFromSchema2Config(overrideConfig) + // Process the change instructions one by one. + for _, node := range parsed.Children { + var step imagebuilder.Step + if err := step.Resolve(node); err != nil { + return fmt.Errorf("resolving change %q: %w", node.Original, err) + } + if err := subBuilder.Run(&step, &configOnlyExecutor{}, true); err != nil { + return fmt.Errorf("processing change %q: %w", node.Original, err) + } + } + // Pull settings out of the dummy builder's RunConfig. + overrideConfig = Schema2ConfigFromGoDockerclientConfig(&subBuilder.RunConfig) + } + if overrideConfig != nil { + // Apply changes from a possibly-provided possibly-changed config struct. + dconfig.Hostname = firstStringElseSecondString(overrideConfig.Hostname, dconfig.Hostname) + dconfig.Domainname = firstStringElseSecondString(overrideConfig.Domainname, dconfig.Domainname) + dconfig.User = firstStringElseSecondString(overrideConfig.User, dconfig.User) + oconfig.User = firstStringElseSecondString(overrideConfig.User, oconfig.User) + dconfig.AttachStdin = overrideConfig.AttachStdin + dconfig.AttachStdout = overrideConfig.AttachStdout + dconfig.AttachStderr = overrideConfig.AttachStderr + if len(overrideConfig.ExposedPorts) > 0 { + dexposedPorts := make(map[docker.Port]struct{}) + oexposedPorts := make(map[string]struct{}) + for port := range dconfig.ExposedPorts { + dexposedPorts[port] = struct{}{} + } + for port := range overrideConfig.ExposedPorts { + dexposedPorts[docker.Port(port)] = struct{}{} + } + for port := range oconfig.ExposedPorts { + oexposedPorts[port] = struct{}{} + } + for port := range overrideConfig.ExposedPorts { + oexposedPorts[string(port)] = struct{}{} + } + dconfig.ExposedPorts = dexposedPorts + oconfig.ExposedPorts = oexposedPorts + } + dconfig.Tty = overrideConfig.Tty + dconfig.OpenStdin = overrideConfig.OpenStdin + dconfig.StdinOnce = overrideConfig.StdinOnce + if len(overrideConfig.Env) > 0 { + dconfig.Env = mergeEnv(dconfig.Env, overrideConfig.Env) + oconfig.Env = mergeEnv(oconfig.Env, overrideConfig.Env) + } + dconfig.Entrypoint, dconfig.Cmd = firstSlicePairElseSecondSlicePair(overrideConfig.Entrypoint, overrideConfig.Cmd, dconfig.Entrypoint, dconfig.Cmd) + oconfig.Entrypoint, oconfig.Cmd = firstSlicePairElseSecondSlicePair(overrideConfig.Entrypoint, overrideConfig.Cmd, oconfig.Entrypoint, oconfig.Cmd) + if overrideConfig.Healthcheck != nil { + dconfig.Healthcheck = &docker.HealthConfig{ + Test: append([]string{}, overrideConfig.Healthcheck.Test...), + Interval: overrideConfig.Healthcheck.Interval, + Timeout: overrideConfig.Healthcheck.Timeout, + StartPeriod: overrideConfig.Healthcheck.StartPeriod, + Retries: overrideConfig.Healthcheck.Retries, + } + } + dconfig.ArgsEscaped = overrideConfig.ArgsEscaped + dconfig.Image = firstStringElseSecondString(overrideConfig.Image, dconfig.Image) + if len(overrideConfig.Volumes) > 0 { + if dconfig.Volumes == nil { + dconfig.Volumes = make(map[string]struct{}) + } + if oconfig.Volumes == nil { + oconfig.Volumes = make(map[string]struct{}) + } + for volume := range overrideConfig.Volumes { + dconfig.Volumes[volume] = struct{}{} + oconfig.Volumes[volume] = struct{}{} + } + } + dconfig.WorkingDir = firstStringElseSecondString(overrideConfig.WorkingDir, dconfig.WorkingDir) + oconfig.WorkingDir = firstStringElseSecondString(overrideConfig.WorkingDir, oconfig.WorkingDir) + dconfig.NetworkDisabled = overrideConfig.NetworkDisabled + dconfig.MacAddress = overrideConfig.MacAddress + dconfig.OnBuild = overrideConfig.OnBuild + if len(overrideConfig.Labels) > 0 { + if dconfig.Labels == nil { + dconfig.Labels = make(map[string]string) + } + if oconfig.Labels == nil { + oconfig.Labels = make(map[string]string) + } + for k, v := range overrideConfig.Labels { + dconfig.Labels[k] = v + oconfig.Labels[k] = v + } + } + dconfig.StopSignal = overrideConfig.StopSignal + oconfig.StopSignal = overrideConfig.StopSignal + dconfig.StopTimeout = overrideConfig.StopTimeout + dconfig.Shell = firstSliceElseSecondSlice(overrideConfig.Shell, dconfig.Shell) + } + return nil +} diff --git a/vendor/github.com/containers/buildah/internal/mkcw/embed/entrypoint.gz b/vendor/github.com/containers/buildah/internal/mkcw/embed/entrypoint.gz index 8fcd7633e63ffb869374d3b019d94268f832fa06..f8218a05ef74ee3dfdcdba928caa037f3c3fa20e 100644 GIT binary patch literal 327 zcmV-N0l5AjiwFpKidSU-17&V>a(QrXX>N1??b@+Ugg_7m;Ngz5&_XQj<_RdQER3Pi zTq2E$FR%y)n?p$0y=dpF84Gz5-^0CyB^B8K->h5~B{?nrZ00000 z006)bJrq*0d=h!a=0}<-nO9lLy5=O~W>c|HEcmgmRx-^hEk()Cb+ayOk@7~#D(6xr zYcm)g6NRc!y3rz`P-ici!lq7z7Qb=M6YAdm5AX1Y?*+ODC-dHa(QrXX>N1??V7(%!!QuWFQF|J4D<<*2S#KeCI*DE z0F{W45byvlF=^CdSBWdi#4GfXDhBc-ya$f|gf<{im4W4clJn)e+{KQ!==^#fUxYyb zo)FH!xL#y@wEpZ!J>-!?F$y= 1 && any.TypeUrl[prefix-1] == '/' && any.TypeUrl[prefix:] == name +} diff --git a/vendor/github.com/gogo/protobuf/types/any.pb.go b/vendor/github.com/gogo/protobuf/types/any.pb.go new file mode 100644 index 000000000000..e3d4d9490f5e --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/any.pb.go @@ -0,0 +1,694 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/any.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// `Any` contains an arbitrary serialized protocol buffer message along with a +// URL that describes the type of the serialized message. +// +// Protobuf library provides support to pack/unpack Any values in the form +// of utility functions or additional generated methods of the Any type. +// +// Example 1: Pack and unpack a message in C++. +// +// Foo foo = ...; +// Any any; +// any.PackFrom(foo); +// ... +// if (any.UnpackTo(&foo)) { +// ... +// } +// +// Example 2: Pack and unpack a message in Java. +// +// Foo foo = ...; +// Any any = Any.pack(foo); +// ... +// if (any.is(Foo.class)) { +// foo = any.unpack(Foo.class); +// } +// +// Example 3: Pack and unpack a message in Python. +// +// foo = Foo(...) +// any = Any() +// any.Pack(foo) +// ... +// if any.Is(Foo.DESCRIPTOR): +// any.Unpack(foo) +// ... +// +// Example 4: Pack and unpack a message in Go +// +// foo := &pb.Foo{...} +// any, err := ptypes.MarshalAny(foo) +// ... +// foo := &pb.Foo{} +// if err := ptypes.UnmarshalAny(any, foo); err != nil { +// ... +// } +// +// The pack methods provided by protobuf library will by default use +// 'type.googleapis.com/full.type.name' as the type URL and the unpack +// methods only use the fully qualified type name after the last '/' +// in the type URL, for example "foo.bar.com/x/y.z" will yield type +// name "y.z". +// +// +// JSON +// ==== +// The JSON representation of an `Any` value uses the regular +// representation of the deserialized, embedded message, with an +// additional field `@type` which contains the type URL. Example: +// +// package google.profile; +// message Person { +// string first_name = 1; +// string last_name = 2; +// } +// +// { +// "@type": "type.googleapis.com/google.profile.Person", +// "firstName": , +// "lastName": +// } +// +// If the embedded message type is well-known and has a custom JSON +// representation, that representation will be embedded adding a field +// `value` which holds the custom JSON in addition to the `@type` +// field. Example (for message [google.protobuf.Duration][]): +// +// { +// "@type": "type.googleapis.com/google.protobuf.Duration", +// "value": "1.212s" +// } +// +type Any struct { + // A URL/resource name that uniquely identifies the type of the serialized + // protocol buffer message. This string must contain at least + // one "/" character. The last segment of the URL's path must represent + // the fully qualified name of the type (as in + // `path/google.protobuf.Duration`). The name should be in a canonical form + // (e.g., leading "." is not accepted). + // + // In practice, teams usually precompile into the binary all types that they + // expect it to use in the context of Any. However, for URLs which use the + // scheme `http`, `https`, or no scheme, one can optionally set up a type + // server that maps type URLs to message definitions as follows: + // + // * If no scheme is provided, `https` is assumed. + // * An HTTP GET on the URL must yield a [google.protobuf.Type][] + // value in binary format, or produce an error. + // * Applications are allowed to cache lookup results based on the + // URL, or have them precompiled into a binary to avoid any + // lookup. Therefore, binary compatibility needs to be preserved + // on changes to types. (Use versioned type names to manage + // breaking changes.) + // + // Note: this functionality is not currently available in the official + // protobuf release, and it is not used for type URLs beginning with + // type.googleapis.com. + // + // Schemes other than `http`, `https` (or the empty scheme) might be + // used with implementation specific semantics. + // + TypeUrl string `protobuf:"bytes,1,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"` + // Must be a valid serialized protocol buffer of the above specified type. + Value []byte `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Any) Reset() { *m = Any{} } +func (*Any) ProtoMessage() {} +func (*Any) Descriptor() ([]byte, []int) { + return fileDescriptor_b53526c13ae22eb4, []int{0} +} +func (*Any) XXX_WellKnownType() string { return "Any" } +func (m *Any) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Any) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Any.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Any) XXX_Merge(src proto.Message) { + xxx_messageInfo_Any.Merge(m, src) +} +func (m *Any) XXX_Size() int { + return m.Size() +} +func (m *Any) XXX_DiscardUnknown() { + xxx_messageInfo_Any.DiscardUnknown(m) +} + +var xxx_messageInfo_Any proto.InternalMessageInfo + +func (m *Any) GetTypeUrl() string { + if m != nil { + return m.TypeUrl + } + return "" +} + +func (m *Any) GetValue() []byte { + if m != nil { + return m.Value + } + return nil +} + +func (*Any) XXX_MessageName() string { + return "google.protobuf.Any" +} +func init() { + proto.RegisterType((*Any)(nil), "google.protobuf.Any") +} + +func init() { proto.RegisterFile("google/protobuf/any.proto", fileDescriptor_b53526c13ae22eb4) } + +var fileDescriptor_b53526c13ae22eb4 = []byte{ + // 211 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4c, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcc, 0xab, 0xd4, + 0x03, 0x73, 0x84, 0xf8, 0x21, 0x52, 0x7a, 0x30, 0x29, 0x25, 0x33, 0x2e, 0x66, 0xc7, 0xbc, 0x4a, + 0x21, 0x49, 0x2e, 0x8e, 0x92, 0xca, 0x82, 0xd4, 0xf8, 0xd2, 0xa2, 0x1c, 0x09, 0x46, 0x05, 0x46, + 0x0d, 0xce, 0x20, 0x76, 0x10, 0x3f, 0xb4, 0x28, 0x47, 0x48, 0x84, 0x8b, 0xb5, 0x2c, 0x31, 0xa7, + 0x34, 0x55, 0x82, 0x49, 0x81, 0x51, 0x83, 0x27, 0x08, 0xc2, 0x71, 0xaa, 0xbf, 0xf1, 0x50, 0x8e, + 0xe1, 0xc3, 0x43, 0x39, 0xc6, 0x1f, 0x0f, 0xe5, 0x18, 0x1b, 0x1e, 0xc9, 0x31, 0xae, 0x78, 0x24, + 0xc7, 0x78, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0xbe, 0x78, + 0x24, 0xc7, 0xf0, 0x01, 0x24, 0xfe, 0x58, 0x8e, 0xf1, 0xc4, 0x63, 0x39, 0x46, 0x2e, 0xe1, 0xe4, + 0xfc, 0x5c, 0x3d, 0x34, 0xeb, 0x9d, 0x38, 0x1c, 0xf3, 0x2a, 0x03, 0x40, 0x9c, 0x00, 0xc6, 0x28, + 0x56, 0x90, 0x8d, 0xc5, 0x8b, 0x98, 0x98, 0xdd, 0x03, 0x9c, 0x56, 0x31, 0xc9, 0xb9, 0x43, 0x94, + 0x06, 0x40, 0x95, 0xea, 0x85, 0xa7, 0xe6, 0xe4, 0x78, 0xe7, 0xe5, 0x97, 0xe7, 0x85, 0x80, 0x94, + 0x25, 0xb1, 0x81, 0xcd, 0x30, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xb7, 0x81, 0x82, 0xd3, 0xed, + 0x00, 0x00, 0x00, +} + +func (this *Any) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Any) + if !ok { + that2, ok := that.(Any) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.TypeUrl != that1.TypeUrl { + if this.TypeUrl < that1.TypeUrl { + return -1 + } + return 1 + } + if c := bytes.Compare(this.Value, that1.Value); c != 0 { + return c + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Any) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Any) + if !ok { + that2, ok := that.(Any) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.TypeUrl != that1.TypeUrl { + return false + } + if !bytes.Equal(this.Value, that1.Value) { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Any) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 6) + s = append(s, "&types.Any{") + s = append(s, "TypeUrl: "+fmt.Sprintf("%#v", this.TypeUrl)+",\n") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringAny(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Any) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Any) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Any) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Value) > 0 { + i -= len(m.Value) + copy(dAtA[i:], m.Value) + i = encodeVarintAny(dAtA, i, uint64(len(m.Value))) + i-- + dAtA[i] = 0x12 + } + if len(m.TypeUrl) > 0 { + i -= len(m.TypeUrl) + copy(dAtA[i:], m.TypeUrl) + i = encodeVarintAny(dAtA, i, uint64(len(m.TypeUrl))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintAny(dAtA []byte, offset int, v uint64) int { + offset -= sovAny(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedAny(r randyAny, easy bool) *Any { + this := &Any{} + this.TypeUrl = string(randStringAny(r)) + v1 := r.Intn(100) + this.Value = make([]byte, v1) + for i := 0; i < v1; i++ { + this.Value[i] = byte(r.Intn(256)) + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedAny(r, 3) + } + return this +} + +type randyAny interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneAny(r randyAny) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringAny(r randyAny) string { + v2 := r.Intn(100) + tmps := make([]rune, v2) + for i := 0; i < v2; i++ { + tmps[i] = randUTF8RuneAny(r) + } + return string(tmps) +} +func randUnrecognizedAny(r randyAny, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldAny(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldAny(dAtA []byte, r randyAny, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) + v3 := r.Int63() + if r.Intn(2) == 0 { + v3 *= -1 + } + dAtA = encodeVarintPopulateAny(dAtA, uint64(v3)) + case 1: + dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateAny(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateAny(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *Any) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.TypeUrl) + if l > 0 { + n += 1 + l + sovAny(uint64(l)) + } + l = len(m.Value) + if l > 0 { + n += 1 + l + sovAny(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovAny(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozAny(x uint64) (n int) { + return sovAny(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *Any) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Any{`, + `TypeUrl:` + fmt.Sprintf("%v", this.TypeUrl) + `,`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringAny(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *Any) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAny + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Any: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Any: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field TypeUrl", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAny + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAny + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAny + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.TypeUrl = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAny + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAny + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAny + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...) + if m.Value == nil { + m.Value = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAny(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAny + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipAny(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowAny + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowAny + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowAny + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthAny + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupAny + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthAny + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthAny = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowAny = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupAny = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/api.pb.go b/vendor/github.com/gogo/protobuf/types/api.pb.go new file mode 100644 index 000000000000..83e8869206fe --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/api.pb.go @@ -0,0 +1,2134 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/api.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// Api is a light-weight descriptor for an API Interface. +// +// Interfaces are also described as "protocol buffer services" in some contexts, +// such as by the "service" keyword in a .proto file, but they are different +// from API Services, which represent a concrete implementation of an interface +// as opposed to simply a description of methods and bindings. They are also +// sometimes simply referred to as "APIs" in other contexts, such as the name of +// this message itself. See https://cloud.google.com/apis/design/glossary for +// detailed terminology. +type Api struct { + // The fully qualified name of this interface, including package name + // followed by the interface's simple name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The methods of this interface, in unspecified order. + Methods []*Method `protobuf:"bytes,2,rep,name=methods,proto3" json:"methods,omitempty"` + // Any metadata attached to the interface. + Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` + // A version string for this interface. If specified, must have the form + // `major-version.minor-version`, as in `1.10`. If the minor version is + // omitted, it defaults to zero. If the entire version field is empty, the + // major version is derived from the package name, as outlined below. If the + // field is not empty, the version in the package name will be verified to be + // consistent with what is provided here. + // + // The versioning schema uses [semantic + // versioning](http://semver.org) where the major version number + // indicates a breaking change and the minor version an additive, + // non-breaking change. Both version numbers are signals to users + // what to expect from different versions, and should be carefully + // chosen based on the product plan. + // + // The major version is also reflected in the package name of the + // interface, which must end in `v`, as in + // `google.feature.v1`. For major versions 0 and 1, the suffix can + // be omitted. Zero major versions must only be used for + // experimental, non-GA interfaces. + // + // + Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` + // Source context for the protocol buffer service represented by this + // message. + SourceContext *SourceContext `protobuf:"bytes,5,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` + // Included interfaces. See [Mixin][]. + Mixins []*Mixin `protobuf:"bytes,6,rep,name=mixins,proto3" json:"mixins,omitempty"` + // The source syntax of the service. + Syntax Syntax `protobuf:"varint,7,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Api) Reset() { *m = Api{} } +func (*Api) ProtoMessage() {} +func (*Api) Descriptor() ([]byte, []int) { + return fileDescriptor_a2ec32096296c143, []int{0} +} +func (m *Api) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Api) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Api.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Api) XXX_Merge(src proto.Message) { + xxx_messageInfo_Api.Merge(m, src) +} +func (m *Api) XXX_Size() int { + return m.Size() +} +func (m *Api) XXX_DiscardUnknown() { + xxx_messageInfo_Api.DiscardUnknown(m) +} + +var xxx_messageInfo_Api proto.InternalMessageInfo + +func (m *Api) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Api) GetMethods() []*Method { + if m != nil { + return m.Methods + } + return nil +} + +func (m *Api) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (m *Api) GetVersion() string { + if m != nil { + return m.Version + } + return "" +} + +func (m *Api) GetSourceContext() *SourceContext { + if m != nil { + return m.SourceContext + } + return nil +} + +func (m *Api) GetMixins() []*Mixin { + if m != nil { + return m.Mixins + } + return nil +} + +func (m *Api) GetSyntax() Syntax { + if m != nil { + return m.Syntax + } + return Syntax_SYNTAX_PROTO2 +} + +func (*Api) XXX_MessageName() string { + return "google.protobuf.Api" +} + +// Method represents a method of an API interface. +type Method struct { + // The simple name of this method. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // A URL of the input message type. + RequestTypeUrl string `protobuf:"bytes,2,opt,name=request_type_url,json=requestTypeUrl,proto3" json:"request_type_url,omitempty"` + // If true, the request is streamed. + RequestStreaming bool `protobuf:"varint,3,opt,name=request_streaming,json=requestStreaming,proto3" json:"request_streaming,omitempty"` + // The URL of the output message type. + ResponseTypeUrl string `protobuf:"bytes,4,opt,name=response_type_url,json=responseTypeUrl,proto3" json:"response_type_url,omitempty"` + // If true, the response is streamed. + ResponseStreaming bool `protobuf:"varint,5,opt,name=response_streaming,json=responseStreaming,proto3" json:"response_streaming,omitempty"` + // Any metadata attached to the method. + Options []*Option `protobuf:"bytes,6,rep,name=options,proto3" json:"options,omitempty"` + // The source syntax of this method. + Syntax Syntax `protobuf:"varint,7,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Method) Reset() { *m = Method{} } +func (*Method) ProtoMessage() {} +func (*Method) Descriptor() ([]byte, []int) { + return fileDescriptor_a2ec32096296c143, []int{1} +} +func (m *Method) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Method) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Method.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Method) XXX_Merge(src proto.Message) { + xxx_messageInfo_Method.Merge(m, src) +} +func (m *Method) XXX_Size() int { + return m.Size() +} +func (m *Method) XXX_DiscardUnknown() { + xxx_messageInfo_Method.DiscardUnknown(m) +} + +var xxx_messageInfo_Method proto.InternalMessageInfo + +func (m *Method) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Method) GetRequestTypeUrl() string { + if m != nil { + return m.RequestTypeUrl + } + return "" +} + +func (m *Method) GetRequestStreaming() bool { + if m != nil { + return m.RequestStreaming + } + return false +} + +func (m *Method) GetResponseTypeUrl() string { + if m != nil { + return m.ResponseTypeUrl + } + return "" +} + +func (m *Method) GetResponseStreaming() bool { + if m != nil { + return m.ResponseStreaming + } + return false +} + +func (m *Method) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (m *Method) GetSyntax() Syntax { + if m != nil { + return m.Syntax + } + return Syntax_SYNTAX_PROTO2 +} + +func (*Method) XXX_MessageName() string { + return "google.protobuf.Method" +} + +// Declares an API Interface to be included in this interface. The including +// interface must redeclare all the methods from the included interface, but +// documentation and options are inherited as follows: +// +// - If after comment and whitespace stripping, the documentation +// string of the redeclared method is empty, it will be inherited +// from the original method. +// +// - Each annotation belonging to the service config (http, +// visibility) which is not set in the redeclared method will be +// inherited. +// +// - If an http annotation is inherited, the path pattern will be +// modified as follows. Any version prefix will be replaced by the +// version of the including interface plus the [root][] path if +// specified. +// +// Example of a simple mixin: +// +// package google.acl.v1; +// service AccessControl { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v1/{resource=**}:getAcl"; +// } +// } +// +// package google.storage.v2; +// service Storage { +// rpc GetAcl(GetAclRequest) returns (Acl); +// +// // Get a data record. +// rpc GetData(GetDataRequest) returns (Data) { +// option (google.api.http).get = "/v2/{resource=**}"; +// } +// } +// +// Example of a mixin configuration: +// +// apis: +// - name: google.storage.v2.Storage +// mixins: +// - name: google.acl.v1.AccessControl +// +// The mixin construct implies that all methods in `AccessControl` are +// also declared with same name and request/response types in +// `Storage`. A documentation generator or annotation processor will +// see the effective `Storage.GetAcl` method after inherting +// documentation and annotations as follows: +// +// service Storage { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v2/{resource=**}:getAcl"; +// } +// ... +// } +// +// Note how the version in the path pattern changed from `v1` to `v2`. +// +// If the `root` field in the mixin is specified, it should be a +// relative path under which inherited HTTP paths are placed. Example: +// +// apis: +// - name: google.storage.v2.Storage +// mixins: +// - name: google.acl.v1.AccessControl +// root: acls +// +// This implies the following inherited HTTP annotation: +// +// service Storage { +// // Get the underlying ACL object. +// rpc GetAcl(GetAclRequest) returns (Acl) { +// option (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; +// } +// ... +// } +type Mixin struct { + // The fully qualified name of the interface which is included. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // If non-empty specifies a path under which inherited HTTP paths + // are rooted. + Root string `protobuf:"bytes,2,opt,name=root,proto3" json:"root,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Mixin) Reset() { *m = Mixin{} } +func (*Mixin) ProtoMessage() {} +func (*Mixin) Descriptor() ([]byte, []int) { + return fileDescriptor_a2ec32096296c143, []int{2} +} +func (m *Mixin) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Mixin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Mixin.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Mixin) XXX_Merge(src proto.Message) { + xxx_messageInfo_Mixin.Merge(m, src) +} +func (m *Mixin) XXX_Size() int { + return m.Size() +} +func (m *Mixin) XXX_DiscardUnknown() { + xxx_messageInfo_Mixin.DiscardUnknown(m) +} + +var xxx_messageInfo_Mixin proto.InternalMessageInfo + +func (m *Mixin) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Mixin) GetRoot() string { + if m != nil { + return m.Root + } + return "" +} + +func (*Mixin) XXX_MessageName() string { + return "google.protobuf.Mixin" +} +func init() { + proto.RegisterType((*Api)(nil), "google.protobuf.Api") + proto.RegisterType((*Method)(nil), "google.protobuf.Method") + proto.RegisterType((*Mixin)(nil), "google.protobuf.Mixin") +} + +func init() { proto.RegisterFile("google/protobuf/api.proto", fileDescriptor_a2ec32096296c143) } + +var fileDescriptor_a2ec32096296c143 = []byte{ + // 467 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x91, 0x31, 0x6f, 0x13, 0x31, + 0x14, 0xc7, 0xeb, 0xbb, 0xe4, 0x52, 0x5c, 0x91, 0x82, 0x91, 0xc0, 0x64, 0xb0, 0x4e, 0x15, 0xc3, + 0x09, 0xc4, 0x45, 0x94, 0x4f, 0xd0, 0x20, 0xd4, 0x01, 0x21, 0xa2, 0x0b, 0x08, 0x89, 0x25, 0x4a, + 0x83, 0x09, 0x96, 0xee, 0x6c, 0x63, 0x3b, 0x90, 0x4c, 0xf0, 0x59, 0x98, 0x10, 0x23, 0xdf, 0x80, + 0xad, 0x23, 0x23, 0x23, 0xb9, 0x2e, 0x8c, 0x1d, 0x19, 0x91, 0x7d, 0xe7, 0xa6, 0x5c, 0x83, 0x04, + 0x9b, 0xdf, 0xfb, 0xff, 0xfc, 0xf7, 0x7b, 0x7f, 0xc3, 0x9b, 0x33, 0x21, 0x66, 0x39, 0xed, 0x4b, + 0x25, 0x8c, 0x38, 0x9a, 0xbf, 0xea, 0x4f, 0x24, 0x4b, 0x5d, 0x81, 0x76, 0x2b, 0x29, 0xf5, 0x52, + 0xef, 0x56, 0x93, 0xd5, 0x62, 0xae, 0xa6, 0x74, 0x3c, 0x15, 0xdc, 0xd0, 0x85, 0xa9, 0xc0, 0x5e, + 0xaf, 0x49, 0x99, 0xa5, 0xac, 0x4d, 0xf6, 0xbe, 0x06, 0x30, 0x3c, 0x90, 0x0c, 0x21, 0xd8, 0xe2, + 0x93, 0x82, 0x62, 0x10, 0x83, 0xe4, 0x52, 0xe6, 0xce, 0xe8, 0x1e, 0xec, 0x14, 0xd4, 0xbc, 0x16, + 0x2f, 0x35, 0x0e, 0xe2, 0x30, 0xd9, 0xd9, 0xbf, 0x91, 0x36, 0x06, 0x48, 0x1f, 0x3b, 0x3d, 0xf3, + 0x9c, 0xbd, 0x22, 0xa4, 0x61, 0x82, 0x6b, 0x1c, 0xfe, 0xe5, 0xca, 0x13, 0xa7, 0x67, 0x9e, 0x43, + 0x18, 0x76, 0xde, 0x52, 0xa5, 0x99, 0xe0, 0xb8, 0xe5, 0x1e, 0xf7, 0x25, 0x7a, 0x08, 0xbb, 0x7f, + 0xee, 0x83, 0xdb, 0x31, 0x48, 0x76, 0xf6, 0xc9, 0x05, 0xcf, 0x91, 0xc3, 0x1e, 0x54, 0x54, 0x76, + 0x59, 0x9f, 0x2f, 0x51, 0x0a, 0xa3, 0x82, 0x2d, 0x18, 0xd7, 0x38, 0x72, 0x23, 0x5d, 0xbf, 0xb8, + 0x85, 0x95, 0xb3, 0x9a, 0x42, 0x7d, 0x18, 0xe9, 0x25, 0x37, 0x93, 0x05, 0xee, 0xc4, 0x20, 0xe9, + 0x6e, 0x58, 0x61, 0xe4, 0xe4, 0xac, 0xc6, 0xf6, 0xbe, 0x04, 0x30, 0xaa, 0x82, 0xd8, 0x18, 0x63, + 0x02, 0xaf, 0x28, 0xfa, 0x66, 0x4e, 0xb5, 0x19, 0xdb, 0xe0, 0xc7, 0x73, 0x95, 0xe3, 0xc0, 0xe9, + 0xdd, 0xba, 0xff, 0x74, 0x29, 0xe9, 0x33, 0x95, 0xa3, 0x3b, 0xf0, 0xaa, 0x27, 0xb5, 0x51, 0x74, + 0x52, 0x30, 0x3e, 0xc3, 0x61, 0x0c, 0x92, 0xed, 0xcc, 0x5b, 0x8c, 0x7c, 0x1f, 0xdd, 0xb6, 0xb0, + 0x96, 0x82, 0x6b, 0xba, 0xf6, 0xad, 0x12, 0xdc, 0xf5, 0x82, 0x37, 0xbe, 0x0b, 0xd1, 0x19, 0xbb, + 0x76, 0x6e, 0x3b, 0xe7, 0x33, 0x97, 0xb5, 0xf5, 0xb9, 0x5f, 0x8c, 0xfe, 0xf1, 0x17, 0xff, 0x3b, + 0xb4, 0x3e, 0x6c, 0xbb, 0xd8, 0x37, 0x46, 0x86, 0x60, 0x4b, 0x09, 0x61, 0xea, 0x98, 0xdc, 0x79, + 0xf0, 0xfe, 0xfb, 0x8a, 0x6c, 0x9d, 0xae, 0x08, 0xf8, 0xb5, 0x22, 0xe0, 0x43, 0x49, 0xc0, 0xa7, + 0x92, 0x80, 0xe3, 0x92, 0x80, 0x6f, 0x25, 0x01, 0x3f, 0x4a, 0x02, 0x7e, 0x96, 0x64, 0xeb, 0xd4, + 0xf6, 0x4f, 0x08, 0x38, 0x3e, 0x21, 0x00, 0x5e, 0x9b, 0x8a, 0xa2, 0x39, 0xc6, 0x60, 0xfb, 0x40, + 0xb2, 0xa1, 0x2d, 0x86, 0xe0, 0x45, 0xdb, 0xe6, 0xa6, 0x3f, 0x06, 0xe1, 0xe1, 0x70, 0xf0, 0x39, + 0x20, 0x87, 0x15, 0x3a, 0xf4, 0x13, 0x3f, 0xa7, 0x79, 0xfe, 0x88, 0x8b, 0x77, 0xdc, 0xc6, 0xa8, + 0x8f, 0x22, 0xe7, 0x71, 0xff, 0x77, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x64, 0x40, 0x40, 0xa1, + 0x03, 0x00, 0x00, +} + +func (this *Api) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Api) + if !ok { + that2, ok := that.(Api) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if len(this.Methods) != len(that1.Methods) { + if len(this.Methods) < len(that1.Methods) { + return -1 + } + return 1 + } + for i := range this.Methods { + if c := this.Methods[i].Compare(that1.Methods[i]); c != 0 { + return c + } + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if this.Version != that1.Version { + if this.Version < that1.Version { + return -1 + } + return 1 + } + if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { + return c + } + if len(this.Mixins) != len(that1.Mixins) { + if len(this.Mixins) < len(that1.Mixins) { + return -1 + } + return 1 + } + for i := range this.Mixins { + if c := this.Mixins[i].Compare(that1.Mixins[i]); c != 0 { + return c + } + } + if this.Syntax != that1.Syntax { + if this.Syntax < that1.Syntax { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Method) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Method) + if !ok { + that2, ok := that.(Method) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if this.RequestTypeUrl != that1.RequestTypeUrl { + if this.RequestTypeUrl < that1.RequestTypeUrl { + return -1 + } + return 1 + } + if this.RequestStreaming != that1.RequestStreaming { + if !this.RequestStreaming { + return -1 + } + return 1 + } + if this.ResponseTypeUrl != that1.ResponseTypeUrl { + if this.ResponseTypeUrl < that1.ResponseTypeUrl { + return -1 + } + return 1 + } + if this.ResponseStreaming != that1.ResponseStreaming { + if !this.ResponseStreaming { + return -1 + } + return 1 + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if this.Syntax != that1.Syntax { + if this.Syntax < that1.Syntax { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Mixin) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Mixin) + if !ok { + that2, ok := that.(Mixin) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if this.Root != that1.Root { + if this.Root < that1.Root { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Api) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Api) + if !ok { + that2, ok := that.(Api) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if len(this.Methods) != len(that1.Methods) { + return false + } + for i := range this.Methods { + if !this.Methods[i].Equal(that1.Methods[i]) { + return false + } + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if this.Version != that1.Version { + return false + } + if !this.SourceContext.Equal(that1.SourceContext) { + return false + } + if len(this.Mixins) != len(that1.Mixins) { + return false + } + for i := range this.Mixins { + if !this.Mixins[i].Equal(that1.Mixins[i]) { + return false + } + } + if this.Syntax != that1.Syntax { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Method) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Method) + if !ok { + that2, ok := that.(Method) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if this.RequestTypeUrl != that1.RequestTypeUrl { + return false + } + if this.RequestStreaming != that1.RequestStreaming { + return false + } + if this.ResponseTypeUrl != that1.ResponseTypeUrl { + return false + } + if this.ResponseStreaming != that1.ResponseStreaming { + return false + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if this.Syntax != that1.Syntax { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Mixin) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Mixin) + if !ok { + that2, ok := that.(Mixin) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if this.Root != that1.Root { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Api) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 11) + s = append(s, "&types.Api{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + if this.Methods != nil { + s = append(s, "Methods: "+fmt.Sprintf("%#v", this.Methods)+",\n") + } + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + s = append(s, "Version: "+fmt.Sprintf("%#v", this.Version)+",\n") + if this.SourceContext != nil { + s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") + } + if this.Mixins != nil { + s = append(s, "Mixins: "+fmt.Sprintf("%#v", this.Mixins)+",\n") + } + s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Method) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 11) + s = append(s, "&types.Method{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + s = append(s, "RequestTypeUrl: "+fmt.Sprintf("%#v", this.RequestTypeUrl)+",\n") + s = append(s, "RequestStreaming: "+fmt.Sprintf("%#v", this.RequestStreaming)+",\n") + s = append(s, "ResponseTypeUrl: "+fmt.Sprintf("%#v", this.ResponseTypeUrl)+",\n") + s = append(s, "ResponseStreaming: "+fmt.Sprintf("%#v", this.ResponseStreaming)+",\n") + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Mixin) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 6) + s = append(s, "&types.Mixin{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + s = append(s, "Root: "+fmt.Sprintf("%#v", this.Root)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringApi(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Api) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Api) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Api) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Syntax != 0 { + i = encodeVarintApi(dAtA, i, uint64(m.Syntax)) + i-- + dAtA[i] = 0x38 + } + if len(m.Mixins) > 0 { + for iNdEx := len(m.Mixins) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Mixins[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintApi(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x32 + } + } + if m.SourceContext != nil { + { + size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintApi(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x2a + } + if len(m.Version) > 0 { + i -= len(m.Version) + copy(dAtA[i:], m.Version) + i = encodeVarintApi(dAtA, i, uint64(len(m.Version))) + i-- + dAtA[i] = 0x22 + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintApi(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } + } + if len(m.Methods) > 0 { + for iNdEx := len(m.Methods) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Methods[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintApi(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *Method) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Method) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Method) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Syntax != 0 { + i = encodeVarintApi(dAtA, i, uint64(m.Syntax)) + i-- + dAtA[i] = 0x38 + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintApi(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x32 + } + } + if m.ResponseStreaming { + i-- + if m.ResponseStreaming { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x28 + } + if len(m.ResponseTypeUrl) > 0 { + i -= len(m.ResponseTypeUrl) + copy(dAtA[i:], m.ResponseTypeUrl) + i = encodeVarintApi(dAtA, i, uint64(len(m.ResponseTypeUrl))) + i-- + dAtA[i] = 0x22 + } + if m.RequestStreaming { + i-- + if m.RequestStreaming { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x18 + } + if len(m.RequestTypeUrl) > 0 { + i -= len(m.RequestTypeUrl) + copy(dAtA[i:], m.RequestTypeUrl) + i = encodeVarintApi(dAtA, i, uint64(len(m.RequestTypeUrl))) + i-- + dAtA[i] = 0x12 + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *Mixin) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Mixin) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Mixin) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Root) > 0 { + i -= len(m.Root) + copy(dAtA[i:], m.Root) + i = encodeVarintApi(dAtA, i, uint64(len(m.Root))) + i-- + dAtA[i] = 0x12 + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintApi(dAtA []byte, offset int, v uint64) int { + offset -= sovApi(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedApi(r randyApi, easy bool) *Api { + this := &Api{} + this.Name = string(randStringApi(r)) + if r.Intn(5) != 0 { + v1 := r.Intn(5) + this.Methods = make([]*Method, v1) + for i := 0; i < v1; i++ { + this.Methods[i] = NewPopulatedMethod(r, easy) + } + } + if r.Intn(5) != 0 { + v2 := r.Intn(5) + this.Options = make([]*Option, v2) + for i := 0; i < v2; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + this.Version = string(randStringApi(r)) + if r.Intn(5) != 0 { + this.SourceContext = NewPopulatedSourceContext(r, easy) + } + if r.Intn(5) != 0 { + v3 := r.Intn(5) + this.Mixins = make([]*Mixin, v3) + for i := 0; i < v3; i++ { + this.Mixins[i] = NewPopulatedMixin(r, easy) + } + } + this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedApi(r, 8) + } + return this +} + +func NewPopulatedMethod(r randyApi, easy bool) *Method { + this := &Method{} + this.Name = string(randStringApi(r)) + this.RequestTypeUrl = string(randStringApi(r)) + this.RequestStreaming = bool(bool(r.Intn(2) == 0)) + this.ResponseTypeUrl = string(randStringApi(r)) + this.ResponseStreaming = bool(bool(r.Intn(2) == 0)) + if r.Intn(5) != 0 { + v4 := r.Intn(5) + this.Options = make([]*Option, v4) + for i := 0; i < v4; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedApi(r, 8) + } + return this +} + +func NewPopulatedMixin(r randyApi, easy bool) *Mixin { + this := &Mixin{} + this.Name = string(randStringApi(r)) + this.Root = string(randStringApi(r)) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedApi(r, 3) + } + return this +} + +type randyApi interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneApi(r randyApi) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringApi(r randyApi) string { + v5 := r.Intn(100) + tmps := make([]rune, v5) + for i := 0; i < v5; i++ { + tmps[i] = randUTF8RuneApi(r) + } + return string(tmps) +} +func randUnrecognizedApi(r randyApi, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldApi(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldApi(dAtA []byte, r randyApi, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) + v6 := r.Int63() + if r.Intn(2) == 0 { + v6 *= -1 + } + dAtA = encodeVarintPopulateApi(dAtA, uint64(v6)) + case 1: + dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateApi(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateApi(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *Api) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + if len(m.Methods) > 0 { + for _, e := range m.Methods { + l = e.Size() + n += 1 + l + sovApi(uint64(l)) + } + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovApi(uint64(l)) + } + } + l = len(m.Version) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + if m.SourceContext != nil { + l = m.SourceContext.Size() + n += 1 + l + sovApi(uint64(l)) + } + if len(m.Mixins) > 0 { + for _, e := range m.Mixins { + l = e.Size() + n += 1 + l + sovApi(uint64(l)) + } + } + if m.Syntax != 0 { + n += 1 + sovApi(uint64(m.Syntax)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Method) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + l = len(m.RequestTypeUrl) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + if m.RequestStreaming { + n += 2 + } + l = len(m.ResponseTypeUrl) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + if m.ResponseStreaming { + n += 2 + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovApi(uint64(l)) + } + } + if m.Syntax != 0 { + n += 1 + sovApi(uint64(m.Syntax)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Mixin) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + l = len(m.Root) + if l > 0 { + n += 1 + l + sovApi(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovApi(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozApi(x uint64) (n int) { + return sovApi(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *Api) String() string { + if this == nil { + return "nil" + } + repeatedStringForMethods := "[]*Method{" + for _, f := range this.Methods { + repeatedStringForMethods += strings.Replace(f.String(), "Method", "Method", 1) + "," + } + repeatedStringForMethods += "}" + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(fmt.Sprintf("%v", f), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + repeatedStringForMixins := "[]*Mixin{" + for _, f := range this.Mixins { + repeatedStringForMixins += strings.Replace(f.String(), "Mixin", "Mixin", 1) + "," + } + repeatedStringForMixins += "}" + s := strings.Join([]string{`&Api{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Methods:` + repeatedStringForMethods + `,`, + `Options:` + repeatedStringForOptions + `,`, + `Version:` + fmt.Sprintf("%v", this.Version) + `,`, + `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, + `Mixins:` + repeatedStringForMixins + `,`, + `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Method) String() string { + if this == nil { + return "nil" + } + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(fmt.Sprintf("%v", f), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + s := strings.Join([]string{`&Method{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `RequestTypeUrl:` + fmt.Sprintf("%v", this.RequestTypeUrl) + `,`, + `RequestStreaming:` + fmt.Sprintf("%v", this.RequestStreaming) + `,`, + `ResponseTypeUrl:` + fmt.Sprintf("%v", this.ResponseTypeUrl) + `,`, + `ResponseStreaming:` + fmt.Sprintf("%v", this.ResponseStreaming) + `,`, + `Options:` + repeatedStringForOptions + `,`, + `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Mixin) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Mixin{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Root:` + fmt.Sprintf("%v", this.Root) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringApi(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *Api) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Api: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Api: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Methods", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Methods = append(m.Methods, &Method{}) + if err := m.Methods[len(m.Methods)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Version", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Version = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.SourceContext == nil { + m.SourceContext = &SourceContext{} + } + if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Mixins", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Mixins = append(m.Mixins, &Mixin{}) + if err := m.Mixins[len(m.Mixins)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 7: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) + } + m.Syntax = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Syntax |= Syntax(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipApi(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthApi + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Method) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Method: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Method: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RequestTypeUrl", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RequestTypeUrl = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field RequestStreaming", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.RequestStreaming = bool(v != 0) + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ResponseTypeUrl", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ResponseTypeUrl = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 5: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field ResponseStreaming", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.ResponseStreaming = bool(v != 0) + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 7: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) + } + m.Syntax = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Syntax |= Syntax(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipApi(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthApi + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Mixin) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Mixin: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Mixin: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Root", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowApi + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthApi + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthApi + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Root = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipApi(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthApi + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipApi(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowApi + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowApi + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowApi + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthApi + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupApi + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthApi + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthApi = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowApi = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupApi = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/doc.go b/vendor/github.com/gogo/protobuf/types/doc.go new file mode 100644 index 000000000000..ff2810af1ee0 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/doc.go @@ -0,0 +1,35 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2016 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +/* +Package types contains code for interacting with well-known types. +*/ +package types diff --git a/vendor/github.com/gogo/protobuf/types/duration.go b/vendor/github.com/gogo/protobuf/types/duration.go new file mode 100644 index 000000000000..979b8e78a4ef --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/duration.go @@ -0,0 +1,100 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2016 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package types + +// This file implements conversions between google.protobuf.Duration +// and time.Duration. + +import ( + "errors" + "fmt" + "time" +) + +const ( + // Range of a Duration in seconds, as specified in + // google/protobuf/duration.proto. This is about 10,000 years in seconds. + maxSeconds = int64(10000 * 365.25 * 24 * 60 * 60) + minSeconds = -maxSeconds +) + +// validateDuration determines whether the Duration is valid according to the +// definition in google/protobuf/duration.proto. A valid Duration +// may still be too large to fit into a time.Duration (the range of Duration +// is about 10,000 years, and the range of time.Duration is about 290). +func validateDuration(d *Duration) error { + if d == nil { + return errors.New("duration: nil Duration") + } + if d.Seconds < minSeconds || d.Seconds > maxSeconds { + return fmt.Errorf("duration: %#v: seconds out of range", d) + } + if d.Nanos <= -1e9 || d.Nanos >= 1e9 { + return fmt.Errorf("duration: %#v: nanos out of range", d) + } + // Seconds and Nanos must have the same sign, unless d.Nanos is zero. + if (d.Seconds < 0 && d.Nanos > 0) || (d.Seconds > 0 && d.Nanos < 0) { + return fmt.Errorf("duration: %#v: seconds and nanos have different signs", d) + } + return nil +} + +// DurationFromProto converts a Duration to a time.Duration. DurationFromProto +// returns an error if the Duration is invalid or is too large to be +// represented in a time.Duration. +func DurationFromProto(p *Duration) (time.Duration, error) { + if err := validateDuration(p); err != nil { + return 0, err + } + d := time.Duration(p.Seconds) * time.Second + if int64(d/time.Second) != p.Seconds { + return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) + } + if p.Nanos != 0 { + d += time.Duration(p.Nanos) * time.Nanosecond + if (d < 0) != (p.Nanos < 0) { + return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) + } + } + return d, nil +} + +// DurationProto converts a time.Duration to a Duration. +func DurationProto(d time.Duration) *Duration { + nanos := d.Nanoseconds() + secs := nanos / 1e9 + nanos -= secs * 1e9 + return &Duration{ + Seconds: secs, + Nanos: int32(nanos), + } +} diff --git a/vendor/github.com/gogo/protobuf/types/duration.pb.go b/vendor/github.com/gogo/protobuf/types/duration.pb.go new file mode 100644 index 000000000000..4deafcb1ce95 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/duration.pb.go @@ -0,0 +1,517 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/duration.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// A Duration represents a signed, fixed-length span of time represented +// as a count of seconds and fractions of seconds at nanosecond +// resolution. It is independent of any calendar and concepts like "day" +// or "month". It is related to Timestamp in that the difference between +// two Timestamp values is a Duration and it can be added or subtracted +// from a Timestamp. Range is approximately +-10,000 years. +// +// # Examples +// +// Example 1: Compute Duration from two Timestamps in pseudo code. +// +// Timestamp start = ...; +// Timestamp end = ...; +// Duration duration = ...; +// +// duration.seconds = end.seconds - start.seconds; +// duration.nanos = end.nanos - start.nanos; +// +// if (duration.seconds < 0 && duration.nanos > 0) { +// duration.seconds += 1; +// duration.nanos -= 1000000000; +// } else if (durations.seconds > 0 && duration.nanos < 0) { +// duration.seconds -= 1; +// duration.nanos += 1000000000; +// } +// +// Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. +// +// Timestamp start = ...; +// Duration duration = ...; +// Timestamp end = ...; +// +// end.seconds = start.seconds + duration.seconds; +// end.nanos = start.nanos + duration.nanos; +// +// if (end.nanos < 0) { +// end.seconds -= 1; +// end.nanos += 1000000000; +// } else if (end.nanos >= 1000000000) { +// end.seconds += 1; +// end.nanos -= 1000000000; +// } +// +// Example 3: Compute Duration from datetime.timedelta in Python. +// +// td = datetime.timedelta(days=3, minutes=10) +// duration = Duration() +// duration.FromTimedelta(td) +// +// # JSON Mapping +// +// In JSON format, the Duration type is encoded as a string rather than an +// object, where the string ends in the suffix "s" (indicating seconds) and +// is preceded by the number of seconds, with nanoseconds expressed as +// fractional seconds. For example, 3 seconds with 0 nanoseconds should be +// encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should +// be expressed in JSON format as "3.000000001s", and 3 seconds and 1 +// microsecond should be expressed in JSON format as "3.000001s". +// +// +type Duration struct { + // Signed seconds of the span of time. Must be from -315,576,000,000 + // to +315,576,000,000 inclusive. Note: these bounds are computed from: + // 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` + // Signed fractions of a second at nanosecond resolution of the span + // of time. Durations less than one second are represented with a 0 + // `seconds` field and a positive or negative `nanos` field. For durations + // of one second or more, a non-zero value for the `nanos` field must be + // of the same sign as the `seconds` field. Must be from -999,999,999 + // to +999,999,999 inclusive. + Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Duration) Reset() { *m = Duration{} } +func (*Duration) ProtoMessage() {} +func (*Duration) Descriptor() ([]byte, []int) { + return fileDescriptor_23597b2ebd7ac6c5, []int{0} +} +func (*Duration) XXX_WellKnownType() string { return "Duration" } +func (m *Duration) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Duration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Duration.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Duration) XXX_Merge(src proto.Message) { + xxx_messageInfo_Duration.Merge(m, src) +} +func (m *Duration) XXX_Size() int { + return m.Size() +} +func (m *Duration) XXX_DiscardUnknown() { + xxx_messageInfo_Duration.DiscardUnknown(m) +} + +var xxx_messageInfo_Duration proto.InternalMessageInfo + +func (m *Duration) GetSeconds() int64 { + if m != nil { + return m.Seconds + } + return 0 +} + +func (m *Duration) GetNanos() int32 { + if m != nil { + return m.Nanos + } + return 0 +} + +func (*Duration) XXX_MessageName() string { + return "google.protobuf.Duration" +} +func init() { + proto.RegisterType((*Duration)(nil), "google.protobuf.Duration") +} + +func init() { proto.RegisterFile("google/protobuf/duration.proto", fileDescriptor_23597b2ebd7ac6c5) } + +var fileDescriptor_23597b2ebd7ac6c5 = []byte{ + // 209 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4b, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0x29, 0x2d, 0x4a, + 0x2c, 0xc9, 0xcc, 0xcf, 0xd3, 0x03, 0x8b, 0x08, 0xf1, 0x43, 0xe4, 0xf5, 0x60, 0xf2, 0x4a, 0x56, + 0x5c, 0x1c, 0x2e, 0x50, 0x25, 0x42, 0x12, 0x5c, 0xec, 0xc5, 0xa9, 0xc9, 0xf9, 0x79, 0x29, 0xc5, + 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0xcc, 0x41, 0x30, 0xae, 0x90, 0x08, 0x17, 0x6b, 0x5e, 0x62, 0x5e, + 0x7e, 0xb1, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x6b, 0x10, 0x84, 0xe3, 0x54, 0x7f, 0xe3, 0xa1, 0x1c, + 0xc3, 0x87, 0x87, 0x72, 0x8c, 0x2b, 0x1e, 0xc9, 0x31, 0x9e, 0x78, 0x24, 0xc7, 0x78, 0xe1, 0x91, + 0x1c, 0xe3, 0x83, 0x47, 0x72, 0x8c, 0x2f, 0x1e, 0xc9, 0x31, 0x7c, 0x78, 0x24, 0xc7, 0xb8, 0xe2, + 0xb1, 0x1c, 0xe3, 0x89, 0xc7, 0x72, 0x8c, 0x5c, 0xc2, 0xc9, 0xf9, 0xb9, 0x7a, 0x68, 0x56, 0x3b, + 0xf1, 0xc2, 0x2c, 0x0e, 0x00, 0x89, 0x04, 0x30, 0x46, 0xb1, 0x96, 0x54, 0x16, 0xa4, 0x16, 0xff, + 0x60, 0x64, 0x5c, 0xc4, 0xc4, 0xec, 0x1e, 0xe0, 0xb4, 0x8a, 0x49, 0xce, 0x1d, 0xa2, 0x25, 0x00, + 0xaa, 0x45, 0x2f, 0x3c, 0x35, 0x27, 0xc7, 0x3b, 0x2f, 0xbf, 0x3c, 0x2f, 0x04, 0xa4, 0x32, 0x89, + 0x0d, 0x6c, 0x96, 0x31, 0x20, 0x00, 0x00, 0xff, 0xff, 0x8a, 0x1c, 0x64, 0x4e, 0xf6, 0x00, 0x00, + 0x00, +} + +func (this *Duration) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Duration) + if !ok { + that2, ok := that.(Duration) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Seconds != that1.Seconds { + if this.Seconds < that1.Seconds { + return -1 + } + return 1 + } + if this.Nanos != that1.Nanos { + if this.Nanos < that1.Nanos { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Duration) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Duration) + if !ok { + that2, ok := that.(Duration) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Seconds != that1.Seconds { + return false + } + if this.Nanos != that1.Nanos { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Duration) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 6) + s = append(s, "&types.Duration{") + s = append(s, "Seconds: "+fmt.Sprintf("%#v", this.Seconds)+",\n") + s = append(s, "Nanos: "+fmt.Sprintf("%#v", this.Nanos)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringDuration(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Duration) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Duration) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Duration) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Nanos != 0 { + i = encodeVarintDuration(dAtA, i, uint64(m.Nanos)) + i-- + dAtA[i] = 0x10 + } + if m.Seconds != 0 { + i = encodeVarintDuration(dAtA, i, uint64(m.Seconds)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func encodeVarintDuration(dAtA []byte, offset int, v uint64) int { + offset -= sovDuration(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func (m *Duration) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Seconds != 0 { + n += 1 + sovDuration(uint64(m.Seconds)) + } + if m.Nanos != 0 { + n += 1 + sovDuration(uint64(m.Nanos)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovDuration(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozDuration(x uint64) (n int) { + return sovDuration(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *Duration) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowDuration + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Duration: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Duration: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Seconds", wireType) + } + m.Seconds = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowDuration + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Seconds |= int64(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Nanos", wireType) + } + m.Nanos = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowDuration + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Nanos |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipDuration(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthDuration + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipDuration(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowDuration + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowDuration + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowDuration + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthDuration + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupDuration + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthDuration + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthDuration = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowDuration = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupDuration = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/duration_gogo.go b/vendor/github.com/gogo/protobuf/types/duration_gogo.go new file mode 100644 index 000000000000..90e7670e21d1 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/duration_gogo.go @@ -0,0 +1,100 @@ +// Protocol Buffers for Go with Gadgets +// +// Copyright (c) 2016, The GoGo Authors. All rights reserved. +// http://github.com/gogo/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package types + +import ( + "fmt" + "time" +) + +func NewPopulatedDuration(r interface { + Int63() int64 +}, easy bool) *Duration { + this := &Duration{} + maxSecs := time.Hour.Nanoseconds() / 1e9 + max := 2 * maxSecs + s := int64(r.Int63()) % max + s -= maxSecs + neg := int64(1) + if s < 0 { + neg = -1 + } + this.Seconds = s + this.Nanos = int32(neg * (r.Int63() % 1e9)) + return this +} + +func (d *Duration) String() string { + td, err := DurationFromProto(d) + if err != nil { + return fmt.Sprintf("(%v)", err) + } + return td.String() +} + +func NewPopulatedStdDuration(r interface { + Int63() int64 +}, easy bool) *time.Duration { + dur := NewPopulatedDuration(r, easy) + d, err := DurationFromProto(dur) + if err != nil { + return nil + } + return &d +} + +func SizeOfStdDuration(d time.Duration) int { + dur := DurationProto(d) + return dur.Size() +} + +func StdDurationMarshal(d time.Duration) ([]byte, error) { + size := SizeOfStdDuration(d) + buf := make([]byte, size) + _, err := StdDurationMarshalTo(d, buf) + return buf, err +} + +func StdDurationMarshalTo(d time.Duration, data []byte) (int, error) { + dur := DurationProto(d) + return dur.MarshalTo(data) +} + +func StdDurationUnmarshal(d *time.Duration, data []byte) error { + dur := &Duration{} + if err := dur.Unmarshal(data); err != nil { + return err + } + dd, err := DurationFromProto(dur) + if err != nil { + return err + } + *d = dd + return nil +} diff --git a/vendor/github.com/gogo/protobuf/types/empty.pb.go b/vendor/github.com/gogo/protobuf/types/empty.pb.go new file mode 100644 index 000000000000..9e94748b3a33 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/empty.pb.go @@ -0,0 +1,462 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/empty.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// A generic empty message that you can re-use to avoid defining duplicated +// empty messages in your APIs. A typical example is to use it as the request +// or the response type of an API method. For instance: +// +// service Foo { +// rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); +// } +// +// The JSON representation for `Empty` is empty JSON object `{}`. +type Empty struct { + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Empty) Reset() { *m = Empty{} } +func (*Empty) ProtoMessage() {} +func (*Empty) Descriptor() ([]byte, []int) { + return fileDescriptor_900544acb223d5b8, []int{0} +} +func (*Empty) XXX_WellKnownType() string { return "Empty" } +func (m *Empty) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Empty) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Empty.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Empty) XXX_Merge(src proto.Message) { + xxx_messageInfo_Empty.Merge(m, src) +} +func (m *Empty) XXX_Size() int { + return m.Size() +} +func (m *Empty) XXX_DiscardUnknown() { + xxx_messageInfo_Empty.DiscardUnknown(m) +} + +var xxx_messageInfo_Empty proto.InternalMessageInfo + +func (*Empty) XXX_MessageName() string { + return "google.protobuf.Empty" +} +func init() { + proto.RegisterType((*Empty)(nil), "google.protobuf.Empty") +} + +func init() { proto.RegisterFile("google/protobuf/empty.proto", fileDescriptor_900544acb223d5b8) } + +var fileDescriptor_900544acb223d5b8 = []byte{ + // 176 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4e, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcd, 0x2d, 0x28, + 0xa9, 0xd4, 0x03, 0x73, 0x85, 0xf8, 0x21, 0x92, 0x7a, 0x30, 0x49, 0x25, 0x76, 0x2e, 0x56, 0x57, + 0x90, 0xbc, 0x53, 0x0b, 0xe3, 0x8d, 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xfe, 0x78, 0x28, + 0xc7, 0xd8, 0xf0, 0x48, 0x8e, 0x71, 0xc5, 0x23, 0x39, 0xc6, 0x13, 0x8f, 0xe4, 0x18, 0x2f, 0x3c, + 0x92, 0x63, 0x7c, 0xf0, 0x48, 0x8e, 0xf1, 0xc5, 0x23, 0x39, 0x86, 0x0f, 0x20, 0xf1, 0xc7, 0x72, + 0x8c, 0x27, 0x1e, 0xcb, 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, 0x19, 0xe8, 0xc4, 0x05, + 0x36, 0x2e, 0x00, 0xc4, 0x0d, 0x60, 0x8c, 0x62, 0x2d, 0xa9, 0x2c, 0x48, 0x2d, 0xfe, 0xc1, 0xc8, + 0xb8, 0x88, 0x89, 0xd9, 0x3d, 0xc0, 0x69, 0x15, 0x93, 0x9c, 0x3b, 0x44, 0x7d, 0x00, 0x54, 0xbd, + 0x5e, 0x78, 0x6a, 0x4e, 0x8e, 0x77, 0x5e, 0x7e, 0x79, 0x5e, 0x08, 0x48, 0x65, 0x12, 0x1b, 0xd8, + 0x20, 0x63, 0x40, 0x00, 0x00, 0x00, 0xff, 0xff, 0x21, 0xbe, 0xb6, 0x31, 0xc6, 0x00, 0x00, 0x00, +} + +func (this *Empty) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Empty) + if !ok { + that2, ok := that.(Empty) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Empty) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Empty) + if !ok { + that2, ok := that.(Empty) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Empty) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 4) + s = append(s, "&types.Empty{") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringEmpty(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Empty) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Empty) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Empty) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + return len(dAtA) - i, nil +} + +func encodeVarintEmpty(dAtA []byte, offset int, v uint64) int { + offset -= sovEmpty(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedEmpty(r randyEmpty, easy bool) *Empty { + this := &Empty{} + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedEmpty(r, 1) + } + return this +} + +type randyEmpty interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneEmpty(r randyEmpty) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringEmpty(r randyEmpty) string { + v1 := r.Intn(100) + tmps := make([]rune, v1) + for i := 0; i < v1; i++ { + tmps[i] = randUTF8RuneEmpty(r) + } + return string(tmps) +} +func randUnrecognizedEmpty(r randyEmpty, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldEmpty(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldEmpty(dAtA []byte, r randyEmpty, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) + v2 := r.Int63() + if r.Intn(2) == 0 { + v2 *= -1 + } + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(v2)) + case 1: + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateEmpty(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *Empty) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovEmpty(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozEmpty(x uint64) (n int) { + return sovEmpty(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *Empty) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Empty{`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringEmpty(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *Empty) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowEmpty + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Empty: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Empty: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + default: + iNdEx = preIndex + skippy, err := skipEmpty(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthEmpty + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipEmpty(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowEmpty + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowEmpty + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowEmpty + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthEmpty + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupEmpty + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthEmpty + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthEmpty = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowEmpty = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupEmpty = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/field_mask.pb.go b/vendor/github.com/gogo/protobuf/types/field_mask.pb.go new file mode 100644 index 000000000000..6ae346d92527 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/field_mask.pb.go @@ -0,0 +1,738 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/field_mask.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// `FieldMask` represents a set of symbolic field paths, for example: +// +// paths: "f.a" +// paths: "f.b.d" +// +// Here `f` represents a field in some root message, `a` and `b` +// fields in the message found in `f`, and `d` a field found in the +// message in `f.b`. +// +// Field masks are used to specify a subset of fields that should be +// returned by a get operation or modified by an update operation. +// Field masks also have a custom JSON encoding (see below). +// +// # Field Masks in Projections +// +// When used in the context of a projection, a response message or +// sub-message is filtered by the API to only contain those fields as +// specified in the mask. For example, if the mask in the previous +// example is applied to a response message as follows: +// +// f { +// a : 22 +// b { +// d : 1 +// x : 2 +// } +// y : 13 +// } +// z: 8 +// +// The result will not contain specific values for fields x,y and z +// (their value will be set to the default, and omitted in proto text +// output): +// +// +// f { +// a : 22 +// b { +// d : 1 +// } +// } +// +// A repeated field is not allowed except at the last position of a +// paths string. +// +// If a FieldMask object is not present in a get operation, the +// operation applies to all fields (as if a FieldMask of all fields +// had been specified). +// +// Note that a field mask does not necessarily apply to the +// top-level response message. In case of a REST get operation, the +// field mask applies directly to the response, but in case of a REST +// list operation, the mask instead applies to each individual message +// in the returned resource list. In case of a REST custom method, +// other definitions may be used. Where the mask applies will be +// clearly documented together with its declaration in the API. In +// any case, the effect on the returned resource/resources is required +// behavior for APIs. +// +// # Field Masks in Update Operations +// +// A field mask in update operations specifies which fields of the +// targeted resource are going to be updated. The API is required +// to only change the values of the fields as specified in the mask +// and leave the others untouched. If a resource is passed in to +// describe the updated values, the API ignores the values of all +// fields not covered by the mask. +// +// If a repeated field is specified for an update operation, new values will +// be appended to the existing repeated field in the target resource. Note that +// a repeated field is only allowed in the last position of a `paths` string. +// +// If a sub-message is specified in the last position of the field mask for an +// update operation, then new value will be merged into the existing sub-message +// in the target resource. +// +// For example, given the target message: +// +// f { +// b { +// d: 1 +// x: 2 +// } +// c: [1] +// } +// +// And an update message: +// +// f { +// b { +// d: 10 +// } +// c: [2] +// } +// +// then if the field mask is: +// +// paths: ["f.b", "f.c"] +// +// then the result will be: +// +// f { +// b { +// d: 10 +// x: 2 +// } +// c: [1, 2] +// } +// +// An implementation may provide options to override this default behavior for +// repeated and message fields. +// +// In order to reset a field's value to the default, the field must +// be in the mask and set to the default value in the provided resource. +// Hence, in order to reset all fields of a resource, provide a default +// instance of the resource and set all fields in the mask, or do +// not provide a mask as described below. +// +// If a field mask is not present on update, the operation applies to +// all fields (as if a field mask of all fields has been specified). +// Note that in the presence of schema evolution, this may mean that +// fields the client does not know and has therefore not filled into +// the request will be reset to their default. If this is unwanted +// behavior, a specific service may require a client to always specify +// a field mask, producing an error if not. +// +// As with get operations, the location of the resource which +// describes the updated values in the request message depends on the +// operation kind. In any case, the effect of the field mask is +// required to be honored by the API. +// +// ## Considerations for HTTP REST +// +// The HTTP kind of an update operation which uses a field mask must +// be set to PATCH instead of PUT in order to satisfy HTTP semantics +// (PUT must only be used for full updates). +// +// # JSON Encoding of Field Masks +// +// In JSON, a field mask is encoded as a single string where paths are +// separated by a comma. Fields name in each path are converted +// to/from lower-camel naming conventions. +// +// As an example, consider the following message declarations: +// +// message Profile { +// User user = 1; +// Photo photo = 2; +// } +// message User { +// string display_name = 1; +// string address = 2; +// } +// +// In proto a field mask for `Profile` may look as such: +// +// mask { +// paths: "user.display_name" +// paths: "photo" +// } +// +// In JSON, the same mask is represented as below: +// +// { +// mask: "user.displayName,photo" +// } +// +// # Field Masks and Oneof Fields +// +// Field masks treat fields in oneofs just as regular fields. Consider the +// following message: +// +// message SampleMessage { +// oneof test_oneof { +// string name = 4; +// SubMessage sub_message = 9; +// } +// } +// +// The field mask can be: +// +// mask { +// paths: "name" +// } +// +// Or: +// +// mask { +// paths: "sub_message" +// } +// +// Note that oneof type names ("test_oneof" in this case) cannot be used in +// paths. +// +// ## Field Mask Verification +// +// The implementation of any API method which has a FieldMask type field in the +// request should verify the included field paths, and return an +// `INVALID_ARGUMENT` error if any path is duplicated or unmappable. +type FieldMask struct { + // The set of field mask paths. + Paths []string `protobuf:"bytes,1,rep,name=paths,proto3" json:"paths,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *FieldMask) Reset() { *m = FieldMask{} } +func (*FieldMask) ProtoMessage() {} +func (*FieldMask) Descriptor() ([]byte, []int) { + return fileDescriptor_5158202634f0da48, []int{0} +} +func (m *FieldMask) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *FieldMask) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_FieldMask.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *FieldMask) XXX_Merge(src proto.Message) { + xxx_messageInfo_FieldMask.Merge(m, src) +} +func (m *FieldMask) XXX_Size() int { + return m.Size() +} +func (m *FieldMask) XXX_DiscardUnknown() { + xxx_messageInfo_FieldMask.DiscardUnknown(m) +} + +var xxx_messageInfo_FieldMask proto.InternalMessageInfo + +func (m *FieldMask) GetPaths() []string { + if m != nil { + return m.Paths + } + return nil +} + +func (*FieldMask) XXX_MessageName() string { + return "google.protobuf.FieldMask" +} +func init() { + proto.RegisterType((*FieldMask)(nil), "google.protobuf.FieldMask") +} + +func init() { proto.RegisterFile("google/protobuf/field_mask.proto", fileDescriptor_5158202634f0da48) } + +var fileDescriptor_5158202634f0da48 = []byte{ + // 203 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x52, 0x48, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcb, 0x4c, 0xcd, + 0x49, 0x89, 0xcf, 0x4d, 0x2c, 0xce, 0xd6, 0x03, 0x8b, 0x09, 0xf1, 0x43, 0x54, 0xe8, 0xc1, 0x54, + 0x28, 0x29, 0x72, 0x71, 0xba, 0x81, 0x14, 0xf9, 0x26, 0x16, 0x67, 0x0b, 0x89, 0x70, 0xb1, 0x16, + 0x24, 0x96, 0x64, 0x14, 0x4b, 0x30, 0x2a, 0x30, 0x6b, 0x70, 0x06, 0x41, 0x38, 0x4e, 0x1d, 0x8c, + 0x37, 0x1e, 0xca, 0x31, 0x7c, 0x78, 0x28, 0xc7, 0xf8, 0xe3, 0xa1, 0x1c, 0x63, 0xc3, 0x23, 0x39, + 0xc6, 0x15, 0x8f, 0xe4, 0x18, 0x4f, 0x3c, 0x92, 0x63, 0xbc, 0xf0, 0x48, 0x8e, 0xf1, 0xc1, 0x23, + 0x39, 0xc6, 0x17, 0x8f, 0xe4, 0x18, 0x3e, 0x80, 0xc4, 0x1f, 0xcb, 0x31, 0x9e, 0x78, 0x2c, 0xc7, + 0xc8, 0x25, 0x9c, 0x9c, 0x9f, 0xab, 0x87, 0x66, 0x95, 0x13, 0x1f, 0xdc, 0xa2, 0x00, 0x90, 0x50, + 0x00, 0x63, 0x14, 0x6b, 0x49, 0x65, 0x41, 0x6a, 0xf1, 0x0f, 0x46, 0xc6, 0x45, 0x4c, 0xcc, 0xee, + 0x01, 0x4e, 0xab, 0x98, 0xe4, 0xdc, 0x21, 0x7a, 0x02, 0xa0, 0x7a, 0xf4, 0xc2, 0x53, 0x73, 0x72, + 0xbc, 0xf3, 0xf2, 0xcb, 0xf3, 0x42, 0x40, 0x2a, 0x93, 0xd8, 0xc0, 0x86, 0x19, 0x03, 0x02, 0x00, + 0x00, 0xff, 0xff, 0x43, 0xa0, 0x83, 0xd0, 0xe9, 0x00, 0x00, 0x00, +} + +func (this *FieldMask) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*FieldMask) + if !ok { + that2, ok := that.(FieldMask) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if len(this.Paths) != len(that1.Paths) { + if len(this.Paths) < len(that1.Paths) { + return -1 + } + return 1 + } + for i := range this.Paths { + if this.Paths[i] != that1.Paths[i] { + if this.Paths[i] < that1.Paths[i] { + return -1 + } + return 1 + } + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *FieldMask) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*FieldMask) + if !ok { + that2, ok := that.(FieldMask) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if len(this.Paths) != len(that1.Paths) { + return false + } + for i := range this.Paths { + if this.Paths[i] != that1.Paths[i] { + return false + } + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *FieldMask) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.FieldMask{") + s = append(s, "Paths: "+fmt.Sprintf("%#v", this.Paths)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringFieldMask(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *FieldMask) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *FieldMask) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *FieldMask) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Paths) > 0 { + for iNdEx := len(m.Paths) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.Paths[iNdEx]) + copy(dAtA[i:], m.Paths[iNdEx]) + i = encodeVarintFieldMask(dAtA, i, uint64(len(m.Paths[iNdEx]))) + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func encodeVarintFieldMask(dAtA []byte, offset int, v uint64) int { + offset -= sovFieldMask(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedFieldMask(r randyFieldMask, easy bool) *FieldMask { + this := &FieldMask{} + v1 := r.Intn(10) + this.Paths = make([]string, v1) + for i := 0; i < v1; i++ { + this.Paths[i] = string(randStringFieldMask(r)) + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedFieldMask(r, 2) + } + return this +} + +type randyFieldMask interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneFieldMask(r randyFieldMask) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringFieldMask(r randyFieldMask) string { + v2 := r.Intn(100) + tmps := make([]rune, v2) + for i := 0; i < v2; i++ { + tmps[i] = randUTF8RuneFieldMask(r) + } + return string(tmps) +} +func randUnrecognizedFieldMask(r randyFieldMask, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldFieldMask(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldFieldMask(dAtA []byte, r randyFieldMask, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) + v3 := r.Int63() + if r.Intn(2) == 0 { + v3 *= -1 + } + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(v3)) + case 1: + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateFieldMask(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *FieldMask) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.Paths) > 0 { + for _, s := range m.Paths { + l = len(s) + n += 1 + l + sovFieldMask(uint64(l)) + } + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovFieldMask(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozFieldMask(x uint64) (n int) { + return sovFieldMask(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *FieldMask) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&FieldMask{`, + `Paths:` + fmt.Sprintf("%v", this.Paths) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringFieldMask(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *FieldMask) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowFieldMask + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: FieldMask: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: FieldMask: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Paths", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowFieldMask + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthFieldMask + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthFieldMask + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Paths = append(m.Paths, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipFieldMask(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthFieldMask + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipFieldMask(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowFieldMask + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowFieldMask + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowFieldMask + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthFieldMask + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupFieldMask + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthFieldMask + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthFieldMask = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowFieldMask = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupFieldMask = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/protosize.go b/vendor/github.com/gogo/protobuf/types/protosize.go new file mode 100644 index 000000000000..3a2d1b7e1118 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/protosize.go @@ -0,0 +1,34 @@ +package types + +func (m *Any) ProtoSize() (n int) { return m.Size() } +func (m *Api) ProtoSize() (n int) { return m.Size() } +func (m *Method) ProtoSize() (n int) { return m.Size() } +func (m *Mixin) ProtoSize() (n int) { return m.Size() } +func (m *Duration) ProtoSize() (n int) { return m.Size() } +func (m *Empty) ProtoSize() (n int) { return m.Size() } +func (m *FieldMask) ProtoSize() (n int) { return m.Size() } +func (m *SourceContext) ProtoSize() (n int) { return m.Size() } +func (m *Struct) ProtoSize() (n int) { return m.Size() } +func (m *Value) ProtoSize() (n int) { return m.Size() } +func (m *Value_NullValue) ProtoSize() (n int) { return m.Size() } +func (m *Value_NumberValue) ProtoSize() (n int) { return m.Size() } +func (m *Value_StringValue) ProtoSize() (n int) { return m.Size() } +func (m *Value_BoolValue) ProtoSize() (n int) { return m.Size() } +func (m *Value_StructValue) ProtoSize() (n int) { return m.Size() } +func (m *Value_ListValue) ProtoSize() (n int) { return m.Size() } +func (m *ListValue) ProtoSize() (n int) { return m.Size() } +func (m *Timestamp) ProtoSize() (n int) { return m.Size() } +func (m *Type) ProtoSize() (n int) { return m.Size() } +func (m *Field) ProtoSize() (n int) { return m.Size() } +func (m *Enum) ProtoSize() (n int) { return m.Size() } +func (m *EnumValue) ProtoSize() (n int) { return m.Size() } +func (m *Option) ProtoSize() (n int) { return m.Size() } +func (m *DoubleValue) ProtoSize() (n int) { return m.Size() } +func (m *FloatValue) ProtoSize() (n int) { return m.Size() } +func (m *Int64Value) ProtoSize() (n int) { return m.Size() } +func (m *UInt64Value) ProtoSize() (n int) { return m.Size() } +func (m *Int32Value) ProtoSize() (n int) { return m.Size() } +func (m *UInt32Value) ProtoSize() (n int) { return m.Size() } +func (m *BoolValue) ProtoSize() (n int) { return m.Size() } +func (m *StringValue) ProtoSize() (n int) { return m.Size() } +func (m *BytesValue) ProtoSize() (n int) { return m.Size() } diff --git a/vendor/github.com/gogo/protobuf/types/source_context.pb.go b/vendor/github.com/gogo/protobuf/types/source_context.pb.go new file mode 100644 index 000000000000..8e6ce71b275e --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/source_context.pb.go @@ -0,0 +1,524 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/source_context.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// `SourceContext` represents information about the source of a +// protobuf element, like the file in which it is defined. +type SourceContext struct { + // The path-qualified name of the .proto file that contained the associated + // protobuf element. For example: `"google/protobuf/source_context.proto"`. + FileName string `protobuf:"bytes,1,opt,name=file_name,json=fileName,proto3" json:"file_name,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *SourceContext) Reset() { *m = SourceContext{} } +func (*SourceContext) ProtoMessage() {} +func (*SourceContext) Descriptor() ([]byte, []int) { + return fileDescriptor_b686cdb126d509db, []int{0} +} +func (m *SourceContext) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *SourceContext) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_SourceContext.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *SourceContext) XXX_Merge(src proto.Message) { + xxx_messageInfo_SourceContext.Merge(m, src) +} +func (m *SourceContext) XXX_Size() int { + return m.Size() +} +func (m *SourceContext) XXX_DiscardUnknown() { + xxx_messageInfo_SourceContext.DiscardUnknown(m) +} + +var xxx_messageInfo_SourceContext proto.InternalMessageInfo + +func (m *SourceContext) GetFileName() string { + if m != nil { + return m.FileName + } + return "" +} + +func (*SourceContext) XXX_MessageName() string { + return "google.protobuf.SourceContext" +} +func init() { + proto.RegisterType((*SourceContext)(nil), "google.protobuf.SourceContext") +} + +func init() { + proto.RegisterFile("google/protobuf/source_context.proto", fileDescriptor_b686cdb126d509db) +} + +var fileDescriptor_b686cdb126d509db = []byte{ + // 212 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x52, 0x49, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0xce, 0x2f, 0x2d, + 0x4a, 0x4e, 0x8d, 0x4f, 0xce, 0xcf, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x03, 0x8b, 0x0b, 0xf1, 0x43, + 0x54, 0xe9, 0xc1, 0x54, 0x29, 0xe9, 0x70, 0xf1, 0x06, 0x83, 0x15, 0x3a, 0x43, 0xd4, 0x09, 0x49, + 0x73, 0x71, 0xa6, 0x65, 0xe6, 0xa4, 0xc6, 0xe7, 0x25, 0xe6, 0xa6, 0x4a, 0x30, 0x2a, 0x30, 0x6a, + 0x70, 0x06, 0x71, 0x80, 0x04, 0xfc, 0x12, 0x73, 0x53, 0x9d, 0x3a, 0x19, 0x6f, 0x3c, 0x94, 0x63, + 0xf8, 0xf0, 0x50, 0x8e, 0xf1, 0xc7, 0x43, 0x39, 0xc6, 0x86, 0x47, 0x72, 0x8c, 0x2b, 0x1e, 0xc9, + 0x31, 0x9e, 0x78, 0x24, 0xc7, 0x78, 0xe1, 0x91, 0x1c, 0xe3, 0x83, 0x47, 0x72, 0x8c, 0x2f, 0x1e, + 0xc9, 0x31, 0x7c, 0x00, 0x89, 0x3f, 0x96, 0x63, 0x3c, 0xf1, 0x58, 0x8e, 0x91, 0x4b, 0x38, 0x39, + 0x3f, 0x57, 0x0f, 0xcd, 0x56, 0x27, 0x21, 0x14, 0x3b, 0x03, 0x40, 0xc2, 0x01, 0x8c, 0x51, 0xac, + 0x25, 0x95, 0x05, 0xa9, 0xc5, 0x8b, 0x98, 0x98, 0xdd, 0x03, 0x9c, 0x56, 0x31, 0xc9, 0xb9, 0x43, + 0x34, 0x05, 0x40, 0x35, 0xe9, 0x85, 0xa7, 0xe6, 0xe4, 0x78, 0xe7, 0xe5, 0x97, 0xe7, 0x85, 0x80, + 0x94, 0x25, 0xb1, 0x81, 0x4d, 0x33, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xb8, 0x37, 0x2a, 0xa1, + 0xf9, 0x00, 0x00, 0x00, +} + +func (this *SourceContext) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*SourceContext) + if !ok { + that2, ok := that.(SourceContext) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.FileName != that1.FileName { + if this.FileName < that1.FileName { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *SourceContext) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*SourceContext) + if !ok { + that2, ok := that.(SourceContext) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.FileName != that1.FileName { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *SourceContext) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.SourceContext{") + s = append(s, "FileName: "+fmt.Sprintf("%#v", this.FileName)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringSourceContext(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *SourceContext) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *SourceContext) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *SourceContext) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.FileName) > 0 { + i -= len(m.FileName) + copy(dAtA[i:], m.FileName) + i = encodeVarintSourceContext(dAtA, i, uint64(len(m.FileName))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintSourceContext(dAtA []byte, offset int, v uint64) int { + offset -= sovSourceContext(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedSourceContext(r randySourceContext, easy bool) *SourceContext { + this := &SourceContext{} + this.FileName = string(randStringSourceContext(r)) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedSourceContext(r, 2) + } + return this +} + +type randySourceContext interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneSourceContext(r randySourceContext) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringSourceContext(r randySourceContext) string { + v1 := r.Intn(100) + tmps := make([]rune, v1) + for i := 0; i < v1; i++ { + tmps[i] = randUTF8RuneSourceContext(r) + } + return string(tmps) +} +func randUnrecognizedSourceContext(r randySourceContext, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldSourceContext(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldSourceContext(dAtA []byte, r randySourceContext, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) + v2 := r.Int63() + if r.Intn(2) == 0 { + v2 *= -1 + } + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(v2)) + case 1: + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateSourceContext(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *SourceContext) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.FileName) + if l > 0 { + n += 1 + l + sovSourceContext(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovSourceContext(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozSourceContext(x uint64) (n int) { + return sovSourceContext(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *SourceContext) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&SourceContext{`, + `FileName:` + fmt.Sprintf("%v", this.FileName) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringSourceContext(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *SourceContext) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSourceContext + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: SourceContext: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: SourceContext: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field FileName", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowSourceContext + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthSourceContext + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthSourceContext + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.FileName = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipSourceContext(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthSourceContext + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipSourceContext(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowSourceContext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowSourceContext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowSourceContext + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthSourceContext + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupSourceContext + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthSourceContext + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthSourceContext = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowSourceContext = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupSourceContext = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/struct.pb.go b/vendor/github.com/gogo/protobuf/types/struct.pb.go new file mode 100644 index 000000000000..c0457312e67f --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/struct.pb.go @@ -0,0 +1,2271 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/struct.proto + +package types + +import ( + bytes "bytes" + encoding_binary "encoding/binary" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strconv "strconv" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// `NullValue` is a singleton enumeration to represent the null value for the +// `Value` type union. +// +// The JSON representation for `NullValue` is JSON `null`. +type NullValue int32 + +const ( + // Null value. + NullValue_NULL_VALUE NullValue = 0 +) + +var NullValue_name = map[int32]string{ + 0: "NULL_VALUE", +} + +var NullValue_value = map[string]int32{ + "NULL_VALUE": 0, +} + +func (NullValue) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_df322afd6c9fb402, []int{0} +} + +func (NullValue) XXX_WellKnownType() string { return "NullValue" } + +// `Struct` represents a structured data value, consisting of fields +// which map to dynamically typed values. In some languages, `Struct` +// might be supported by a native representation. For example, in +// scripting languages like JS a struct is represented as an +// object. The details of that representation are described together +// with the proto support for the language. +// +// The JSON representation for `Struct` is JSON object. +type Struct struct { + // Unordered map of dynamically typed values. + Fields map[string]*Value `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Struct) Reset() { *m = Struct{} } +func (*Struct) ProtoMessage() {} +func (*Struct) Descriptor() ([]byte, []int) { + return fileDescriptor_df322afd6c9fb402, []int{0} +} +func (*Struct) XXX_WellKnownType() string { return "Struct" } +func (m *Struct) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Struct) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Struct.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Struct) XXX_Merge(src proto.Message) { + xxx_messageInfo_Struct.Merge(m, src) +} +func (m *Struct) XXX_Size() int { + return m.Size() +} +func (m *Struct) XXX_DiscardUnknown() { + xxx_messageInfo_Struct.DiscardUnknown(m) +} + +var xxx_messageInfo_Struct proto.InternalMessageInfo + +func (m *Struct) GetFields() map[string]*Value { + if m != nil { + return m.Fields + } + return nil +} + +func (*Struct) XXX_MessageName() string { + return "google.protobuf.Struct" +} + +// `Value` represents a dynamically typed value which can be either +// null, a number, a string, a boolean, a recursive struct value, or a +// list of values. A producer of value is expected to set one of that +// variants, absence of any variant indicates an error. +// +// The JSON representation for `Value` is JSON value. +type Value struct { + // The kind of value. + // + // Types that are valid to be assigned to Kind: + // *Value_NullValue + // *Value_NumberValue + // *Value_StringValue + // *Value_BoolValue + // *Value_StructValue + // *Value_ListValue + Kind isValue_Kind `protobuf_oneof:"kind"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Value) Reset() { *m = Value{} } +func (*Value) ProtoMessage() {} +func (*Value) Descriptor() ([]byte, []int) { + return fileDescriptor_df322afd6c9fb402, []int{1} +} +func (*Value) XXX_WellKnownType() string { return "Value" } +func (m *Value) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Value.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Value) XXX_Merge(src proto.Message) { + xxx_messageInfo_Value.Merge(m, src) +} +func (m *Value) XXX_Size() int { + return m.Size() +} +func (m *Value) XXX_DiscardUnknown() { + xxx_messageInfo_Value.DiscardUnknown(m) +} + +var xxx_messageInfo_Value proto.InternalMessageInfo + +type isValue_Kind interface { + isValue_Kind() + Equal(interface{}) bool + MarshalTo([]byte) (int, error) + Size() int + Compare(interface{}) int +} + +type Value_NullValue struct { + NullValue NullValue `protobuf:"varint,1,opt,name=null_value,json=nullValue,proto3,enum=google.protobuf.NullValue,oneof" json:"null_value,omitempty"` +} +type Value_NumberValue struct { + NumberValue float64 `protobuf:"fixed64,2,opt,name=number_value,json=numberValue,proto3,oneof" json:"number_value,omitempty"` +} +type Value_StringValue struct { + StringValue string `protobuf:"bytes,3,opt,name=string_value,json=stringValue,proto3,oneof" json:"string_value,omitempty"` +} +type Value_BoolValue struct { + BoolValue bool `protobuf:"varint,4,opt,name=bool_value,json=boolValue,proto3,oneof" json:"bool_value,omitempty"` +} +type Value_StructValue struct { + StructValue *Struct `protobuf:"bytes,5,opt,name=struct_value,json=structValue,proto3,oneof" json:"struct_value,omitempty"` +} +type Value_ListValue struct { + ListValue *ListValue `protobuf:"bytes,6,opt,name=list_value,json=listValue,proto3,oneof" json:"list_value,omitempty"` +} + +func (*Value_NullValue) isValue_Kind() {} +func (*Value_NumberValue) isValue_Kind() {} +func (*Value_StringValue) isValue_Kind() {} +func (*Value_BoolValue) isValue_Kind() {} +func (*Value_StructValue) isValue_Kind() {} +func (*Value_ListValue) isValue_Kind() {} + +func (m *Value) GetKind() isValue_Kind { + if m != nil { + return m.Kind + } + return nil +} + +func (m *Value) GetNullValue() NullValue { + if x, ok := m.GetKind().(*Value_NullValue); ok { + return x.NullValue + } + return NullValue_NULL_VALUE +} + +func (m *Value) GetNumberValue() float64 { + if x, ok := m.GetKind().(*Value_NumberValue); ok { + return x.NumberValue + } + return 0 +} + +func (m *Value) GetStringValue() string { + if x, ok := m.GetKind().(*Value_StringValue); ok { + return x.StringValue + } + return "" +} + +func (m *Value) GetBoolValue() bool { + if x, ok := m.GetKind().(*Value_BoolValue); ok { + return x.BoolValue + } + return false +} + +func (m *Value) GetStructValue() *Struct { + if x, ok := m.GetKind().(*Value_StructValue); ok { + return x.StructValue + } + return nil +} + +func (m *Value) GetListValue() *ListValue { + if x, ok := m.GetKind().(*Value_ListValue); ok { + return x.ListValue + } + return nil +} + +// XXX_OneofWrappers is for the internal use of the proto package. +func (*Value) XXX_OneofWrappers() []interface{} { + return []interface{}{ + (*Value_NullValue)(nil), + (*Value_NumberValue)(nil), + (*Value_StringValue)(nil), + (*Value_BoolValue)(nil), + (*Value_StructValue)(nil), + (*Value_ListValue)(nil), + } +} + +func (*Value) XXX_MessageName() string { + return "google.protobuf.Value" +} + +// `ListValue` is a wrapper around a repeated field of values. +// +// The JSON representation for `ListValue` is JSON array. +type ListValue struct { + // Repeated field of dynamically typed values. + Values []*Value `protobuf:"bytes,1,rep,name=values,proto3" json:"values,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ListValue) Reset() { *m = ListValue{} } +func (*ListValue) ProtoMessage() {} +func (*ListValue) Descriptor() ([]byte, []int) { + return fileDescriptor_df322afd6c9fb402, []int{2} +} +func (*ListValue) XXX_WellKnownType() string { return "ListValue" } +func (m *ListValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *ListValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_ListValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *ListValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_ListValue.Merge(m, src) +} +func (m *ListValue) XXX_Size() int { + return m.Size() +} +func (m *ListValue) XXX_DiscardUnknown() { + xxx_messageInfo_ListValue.DiscardUnknown(m) +} + +var xxx_messageInfo_ListValue proto.InternalMessageInfo + +func (m *ListValue) GetValues() []*Value { + if m != nil { + return m.Values + } + return nil +} + +func (*ListValue) XXX_MessageName() string { + return "google.protobuf.ListValue" +} +func init() { + proto.RegisterEnum("google.protobuf.NullValue", NullValue_name, NullValue_value) + proto.RegisterType((*Struct)(nil), "google.protobuf.Struct") + proto.RegisterMapType((map[string]*Value)(nil), "google.protobuf.Struct.FieldsEntry") + proto.RegisterType((*Value)(nil), "google.protobuf.Value") + proto.RegisterType((*ListValue)(nil), "google.protobuf.ListValue") +} + +func init() { proto.RegisterFile("google/protobuf/struct.proto", fileDescriptor_df322afd6c9fb402) } + +var fileDescriptor_df322afd6c9fb402 = []byte{ + // 443 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x91, 0xb1, 0x6f, 0xd3, 0x40, + 0x14, 0xc6, 0xfd, 0x9c, 0xc6, 0x22, 0xcf, 0xa8, 0x54, 0x87, 0x04, 0x51, 0x41, 0x47, 0x94, 0x2e, + 0x11, 0x42, 0xae, 0x14, 0x16, 0x44, 0x58, 0x88, 0x54, 0x5a, 0x89, 0xa8, 0x32, 0x86, 0x16, 0x89, + 0x25, 0xc2, 0xae, 0x1b, 0x59, 0xbd, 0xde, 0x55, 0xf6, 0x1d, 0x28, 0x1b, 0x0b, 0xff, 0x03, 0x33, + 0x13, 0x62, 0xe4, 0xaf, 0xe8, 0xc8, 0xc8, 0x48, 0xdc, 0x85, 0xb1, 0x63, 0x47, 0x74, 0x77, 0xb6, + 0x41, 0x8d, 0xb2, 0xf9, 0x7d, 0xf7, 0x7b, 0xdf, 0x7b, 0xdf, 0x33, 0xde, 0x9f, 0x09, 0x31, 0x63, + 0xe9, 0xf6, 0x59, 0x2e, 0xa4, 0x88, 0xd5, 0xf1, 0x76, 0x21, 0x73, 0x95, 0xc8, 0xc0, 0xd4, 0xe4, + 0x96, 0x7d, 0x0d, 0xea, 0xd7, 0xfe, 0x17, 0x40, 0xef, 0xb5, 0x21, 0xc8, 0x08, 0xbd, 0xe3, 0x2c, + 0x65, 0x47, 0x45, 0x17, 0x7a, 0xad, 0x81, 0x3f, 0xdc, 0x0a, 0xae, 0xc1, 0x81, 0x05, 0x83, 0x17, + 0x86, 0xda, 0xe1, 0x32, 0x9f, 0x47, 0x55, 0xcb, 0xe6, 0x2b, 0xf4, 0xff, 0x93, 0xc9, 0x06, 0xb6, + 0x4e, 0xd2, 0x79, 0x17, 0x7a, 0x30, 0xe8, 0x44, 0xfa, 0x93, 0x3c, 0xc2, 0xf6, 0x87, 0xf7, 0x4c, + 0xa5, 0x5d, 0xb7, 0x07, 0x03, 0x7f, 0x78, 0x67, 0xc9, 0xfc, 0x50, 0xbf, 0x46, 0x16, 0x7a, 0xea, + 0x3e, 0x81, 0xfe, 0x0f, 0x17, 0xdb, 0x46, 0x24, 0x23, 0x44, 0xae, 0x18, 0x9b, 0x5a, 0x03, 0x6d, + 0xba, 0x3e, 0xdc, 0x5c, 0x32, 0xd8, 0x57, 0x8c, 0x19, 0x7e, 0xcf, 0x89, 0x3a, 0xbc, 0x2e, 0xc8, + 0x16, 0xde, 0xe4, 0xea, 0x34, 0x4e, 0xf3, 0xe9, 0xbf, 0xf9, 0xb0, 0xe7, 0x44, 0xbe, 0x55, 0x1b, + 0xa8, 0x90, 0x79, 0xc6, 0x67, 0x15, 0xd4, 0xd2, 0x8b, 0x6b, 0xc8, 0xaa, 0x16, 0x7a, 0x80, 0x18, + 0x0b, 0x51, 0xaf, 0xb1, 0xd6, 0x83, 0xc1, 0x0d, 0x3d, 0x4a, 0x6b, 0x16, 0x78, 0x66, 0x5c, 0x54, + 0x22, 0x2b, 0xa4, 0x6d, 0xa2, 0xde, 0x5d, 0x71, 0xc7, 0xca, 0x5e, 0x25, 0xb2, 0x49, 0xc9, 0xb2, + 0xa2, 0xee, 0xf5, 0x4c, 0xef, 0x72, 0xca, 0x49, 0x56, 0xc8, 0x26, 0x25, 0xab, 0x8b, 0xb1, 0x87, + 0x6b, 0x27, 0x19, 0x3f, 0xea, 0x8f, 0xb0, 0xd3, 0x10, 0x24, 0x40, 0xcf, 0x98, 0xd5, 0x7f, 0x74, + 0xd5, 0xd1, 0x2b, 0xea, 0xe1, 0x3d, 0xec, 0x34, 0x47, 0x24, 0xeb, 0x88, 0xfb, 0x07, 0x93, 0xc9, + 0xf4, 0xf0, 0xf9, 0xe4, 0x60, 0x67, 0xc3, 0x19, 0x7f, 0x86, 0x5f, 0x0b, 0xea, 0x5c, 0x2e, 0x28, + 0x5c, 0x2d, 0x28, 0x7c, 0x2a, 0x29, 0x7c, 0x2b, 0x29, 0x9c, 0x97, 0x14, 0x7e, 0x96, 0x14, 0x7e, + 0x97, 0x14, 0xfe, 0x94, 0xd4, 0xb9, 0xd4, 0xfa, 0x05, 0x85, 0xf3, 0x0b, 0x0a, 0x78, 0x3b, 0x11, + 0xa7, 0xd7, 0x47, 0x8e, 0x7d, 0x9b, 0x3e, 0xd4, 0x75, 0x08, 0xef, 0xda, 0x72, 0x7e, 0x96, 0x16, + 0x57, 0x00, 0x5f, 0xdd, 0xd6, 0x6e, 0x38, 0xfe, 0xee, 0xd2, 0x5d, 0xdb, 0x10, 0xd6, 0x3b, 0xbe, + 0x4d, 0x19, 0x7b, 0xc9, 0xc5, 0x47, 0xfe, 0x46, 0x93, 0xb1, 0x67, 0x9c, 0x1e, 0xff, 0x0d, 0x00, + 0x00, 0xff, 0xff, 0x26, 0x30, 0xdb, 0xbe, 0xe9, 0x02, 0x00, 0x00, +} + +func (this *Struct) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Struct) + if !ok { + that2, ok := that.(Struct) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if len(this.Fields) != len(that1.Fields) { + if len(this.Fields) < len(that1.Fields) { + return -1 + } + return 1 + } + for i := range this.Fields { + if c := this.Fields[i].Compare(that1.Fields[i]); c != 0 { + return c + } + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Value) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value) + if !ok { + that2, ok := that.(Value) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if that1.Kind == nil { + if this.Kind != nil { + return 1 + } + } else if this.Kind == nil { + return -1 + } else { + thisType := -1 + switch this.Kind.(type) { + case *Value_NullValue: + thisType = 0 + case *Value_NumberValue: + thisType = 1 + case *Value_StringValue: + thisType = 2 + case *Value_BoolValue: + thisType = 3 + case *Value_StructValue: + thisType = 4 + case *Value_ListValue: + thisType = 5 + default: + panic(fmt.Sprintf("compare: unexpected type %T in oneof", this.Kind)) + } + that1Type := -1 + switch that1.Kind.(type) { + case *Value_NullValue: + that1Type = 0 + case *Value_NumberValue: + that1Type = 1 + case *Value_StringValue: + that1Type = 2 + case *Value_BoolValue: + that1Type = 3 + case *Value_StructValue: + that1Type = 4 + case *Value_ListValue: + that1Type = 5 + default: + panic(fmt.Sprintf("compare: unexpected type %T in oneof", that1.Kind)) + } + if thisType == that1Type { + if c := this.Kind.Compare(that1.Kind); c != 0 { + return c + } + } else if thisType < that1Type { + return -1 + } else if thisType > that1Type { + return 1 + } + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Value_NullValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_NullValue) + if !ok { + that2, ok := that.(Value_NullValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.NullValue != that1.NullValue { + if this.NullValue < that1.NullValue { + return -1 + } + return 1 + } + return 0 +} +func (this *Value_NumberValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_NumberValue) + if !ok { + that2, ok := that.(Value_NumberValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.NumberValue != that1.NumberValue { + if this.NumberValue < that1.NumberValue { + return -1 + } + return 1 + } + return 0 +} +func (this *Value_StringValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_StringValue) + if !ok { + that2, ok := that.(Value_StringValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.StringValue != that1.StringValue { + if this.StringValue < that1.StringValue { + return -1 + } + return 1 + } + return 0 +} +func (this *Value_BoolValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_BoolValue) + if !ok { + that2, ok := that.(Value_BoolValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.BoolValue != that1.BoolValue { + if !this.BoolValue { + return -1 + } + return 1 + } + return 0 +} +func (this *Value_StructValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_StructValue) + if !ok { + that2, ok := that.(Value_StructValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if c := this.StructValue.Compare(that1.StructValue); c != 0 { + return c + } + return 0 +} +func (this *Value_ListValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Value_ListValue) + if !ok { + that2, ok := that.(Value_ListValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if c := this.ListValue.Compare(that1.ListValue); c != 0 { + return c + } + return 0 +} +func (this *ListValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*ListValue) + if !ok { + that2, ok := that.(ListValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if len(this.Values) != len(that1.Values) { + if len(this.Values) < len(that1.Values) { + return -1 + } + return 1 + } + for i := range this.Values { + if c := this.Values[i].Compare(that1.Values[i]); c != 0 { + return c + } + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (x NullValue) String() string { + s, ok := NullValue_name[int32(x)] + if ok { + return s + } + return strconv.Itoa(int(x)) +} +func (this *Struct) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Struct) + if !ok { + that2, ok := that.(Struct) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if len(this.Fields) != len(that1.Fields) { + return false + } + for i := range this.Fields { + if !this.Fields[i].Equal(that1.Fields[i]) { + return false + } + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Value) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value) + if !ok { + that2, ok := that.(Value) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if that1.Kind == nil { + if this.Kind != nil { + return false + } + } else if this.Kind == nil { + return false + } else if !this.Kind.Equal(that1.Kind) { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Value_NullValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_NullValue) + if !ok { + that2, ok := that.(Value_NullValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.NullValue != that1.NullValue { + return false + } + return true +} +func (this *Value_NumberValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_NumberValue) + if !ok { + that2, ok := that.(Value_NumberValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.NumberValue != that1.NumberValue { + return false + } + return true +} +func (this *Value_StringValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_StringValue) + if !ok { + that2, ok := that.(Value_StringValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.StringValue != that1.StringValue { + return false + } + return true +} +func (this *Value_BoolValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_BoolValue) + if !ok { + that2, ok := that.(Value_BoolValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.BoolValue != that1.BoolValue { + return false + } + return true +} +func (this *Value_StructValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_StructValue) + if !ok { + that2, ok := that.(Value_StructValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if !this.StructValue.Equal(that1.StructValue) { + return false + } + return true +} +func (this *Value_ListValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Value_ListValue) + if !ok { + that2, ok := that.(Value_ListValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if !this.ListValue.Equal(that1.ListValue) { + return false + } + return true +} +func (this *ListValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*ListValue) + if !ok { + that2, ok := that.(ListValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if len(this.Values) != len(that1.Values) { + return false + } + for i := range this.Values { + if !this.Values[i].Equal(that1.Values[i]) { + return false + } + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Struct) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.Struct{") + keysForFields := make([]string, 0, len(this.Fields)) + for k := range this.Fields { + keysForFields = append(keysForFields, k) + } + github_com_gogo_protobuf_sortkeys.Strings(keysForFields) + mapStringForFields := "map[string]*Value{" + for _, k := range keysForFields { + mapStringForFields += fmt.Sprintf("%#v: %#v,", k, this.Fields[k]) + } + mapStringForFields += "}" + if this.Fields != nil { + s = append(s, "Fields: "+mapStringForFields+",\n") + } + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Value) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 10) + s = append(s, "&types.Value{") + if this.Kind != nil { + s = append(s, "Kind: "+fmt.Sprintf("%#v", this.Kind)+",\n") + } + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Value_NullValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_NullValue{` + + `NullValue:` + fmt.Sprintf("%#v", this.NullValue) + `}`}, ", ") + return s +} +func (this *Value_NumberValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_NumberValue{` + + `NumberValue:` + fmt.Sprintf("%#v", this.NumberValue) + `}`}, ", ") + return s +} +func (this *Value_StringValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_StringValue{` + + `StringValue:` + fmt.Sprintf("%#v", this.StringValue) + `}`}, ", ") + return s +} +func (this *Value_BoolValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_BoolValue{` + + `BoolValue:` + fmt.Sprintf("%#v", this.BoolValue) + `}`}, ", ") + return s +} +func (this *Value_StructValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_StructValue{` + + `StructValue:` + fmt.Sprintf("%#v", this.StructValue) + `}`}, ", ") + return s +} +func (this *Value_ListValue) GoString() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&types.Value_ListValue{` + + `ListValue:` + fmt.Sprintf("%#v", this.ListValue) + `}`}, ", ") + return s +} +func (this *ListValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.ListValue{") + if this.Values != nil { + s = append(s, "Values: "+fmt.Sprintf("%#v", this.Values)+",\n") + } + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringStruct(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Struct) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Struct) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Struct) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Fields) > 0 { + for k := range m.Fields { + v := m.Fields[k] + baseI := i + if v != nil { + { + size, err := v.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintStruct(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + i -= len(k) + copy(dAtA[i:], k) + i = encodeVarintStruct(dAtA, i, uint64(len(k))) + i-- + dAtA[i] = 0xa + i = encodeVarintStruct(dAtA, i, uint64(baseI-i)) + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func (m *Value) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Value) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Kind != nil { + { + size := m.Kind.Size() + i -= size + if _, err := m.Kind.MarshalTo(dAtA[i:]); err != nil { + return 0, err + } + } + } + return len(dAtA) - i, nil +} + +func (m *Value_NullValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_NullValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + i = encodeVarintStruct(dAtA, i, uint64(m.NullValue)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil +} +func (m *Value_NumberValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_NumberValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + i -= 8 + encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.NumberValue)))) + i-- + dAtA[i] = 0x11 + return len(dAtA) - i, nil +} +func (m *Value_StringValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_StringValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + i -= len(m.StringValue) + copy(dAtA[i:], m.StringValue) + i = encodeVarintStruct(dAtA, i, uint64(len(m.StringValue))) + i-- + dAtA[i] = 0x1a + return len(dAtA) - i, nil +} +func (m *Value_BoolValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_BoolValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + i-- + if m.BoolValue { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x20 + return len(dAtA) - i, nil +} +func (m *Value_StructValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_StructValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.StructValue != nil { + { + size, err := m.StructValue.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintStruct(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x2a + } + return len(dAtA) - i, nil +} +func (m *Value_ListValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Value_ListValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + if m.ListValue != nil { + { + size, err := m.ListValue.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintStruct(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x32 + } + return len(dAtA) - i, nil +} +func (m *ListValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *ListValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *ListValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Values) > 0 { + for iNdEx := len(m.Values) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Values[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintStruct(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + +func encodeVarintStruct(dAtA []byte, offset int, v uint64) int { + offset -= sovStruct(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedStruct(r randyStruct, easy bool) *Struct { + this := &Struct{} + if r.Intn(5) == 0 { + v1 := r.Intn(10) + this.Fields = make(map[string]*Value) + for i := 0; i < v1; i++ { + this.Fields[randStringStruct(r)] = NewPopulatedValue(r, easy) + } + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedStruct(r, 2) + } + return this +} + +func NewPopulatedValue(r randyStruct, easy bool) *Value { + this := &Value{} + oneofNumber_Kind := []int32{1, 2, 3, 4, 5, 6}[r.Intn(6)] + switch oneofNumber_Kind { + case 1: + this.Kind = NewPopulatedValue_NullValue(r, easy) + case 2: + this.Kind = NewPopulatedValue_NumberValue(r, easy) + case 3: + this.Kind = NewPopulatedValue_StringValue(r, easy) + case 4: + this.Kind = NewPopulatedValue_BoolValue(r, easy) + case 5: + this.Kind = NewPopulatedValue_StructValue(r, easy) + case 6: + this.Kind = NewPopulatedValue_ListValue(r, easy) + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedStruct(r, 7) + } + return this +} + +func NewPopulatedValue_NullValue(r randyStruct, easy bool) *Value_NullValue { + this := &Value_NullValue{} + this.NullValue = NullValue([]int32{0}[r.Intn(1)]) + return this +} +func NewPopulatedValue_NumberValue(r randyStruct, easy bool) *Value_NumberValue { + this := &Value_NumberValue{} + this.NumberValue = float64(r.Float64()) + if r.Intn(2) == 0 { + this.NumberValue *= -1 + } + return this +} +func NewPopulatedValue_StringValue(r randyStruct, easy bool) *Value_StringValue { + this := &Value_StringValue{} + this.StringValue = string(randStringStruct(r)) + return this +} +func NewPopulatedValue_BoolValue(r randyStruct, easy bool) *Value_BoolValue { + this := &Value_BoolValue{} + this.BoolValue = bool(bool(r.Intn(2) == 0)) + return this +} +func NewPopulatedValue_StructValue(r randyStruct, easy bool) *Value_StructValue { + this := &Value_StructValue{} + this.StructValue = NewPopulatedStruct(r, easy) + return this +} +func NewPopulatedValue_ListValue(r randyStruct, easy bool) *Value_ListValue { + this := &Value_ListValue{} + this.ListValue = NewPopulatedListValue(r, easy) + return this +} +func NewPopulatedListValue(r randyStruct, easy bool) *ListValue { + this := &ListValue{} + if r.Intn(5) == 0 { + v2 := r.Intn(5) + this.Values = make([]*Value, v2) + for i := 0; i < v2; i++ { + this.Values[i] = NewPopulatedValue(r, easy) + } + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedStruct(r, 2) + } + return this +} + +type randyStruct interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneStruct(r randyStruct) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringStruct(r randyStruct) string { + v3 := r.Intn(100) + tmps := make([]rune, v3) + for i := 0; i < v3; i++ { + tmps[i] = randUTF8RuneStruct(r) + } + return string(tmps) +} +func randUnrecognizedStruct(r randyStruct, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldStruct(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldStruct(dAtA []byte, r randyStruct, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) + v4 := r.Int63() + if r.Intn(2) == 0 { + v4 *= -1 + } + dAtA = encodeVarintPopulateStruct(dAtA, uint64(v4)) + case 1: + dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateStruct(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateStruct(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *Struct) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.Fields) > 0 { + for k, v := range m.Fields { + _ = k + _ = v + l = 0 + if v != nil { + l = v.Size() + l += 1 + sovStruct(uint64(l)) + } + mapEntrySize := 1 + len(k) + sovStruct(uint64(len(k))) + l + n += mapEntrySize + 1 + sovStruct(uint64(mapEntrySize)) + } + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Value) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Kind != nil { + n += m.Kind.Size() + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Value_NullValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + n += 1 + sovStruct(uint64(m.NullValue)) + return n +} +func (m *Value_NumberValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + n += 9 + return n +} +func (m *Value_StringValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.StringValue) + n += 1 + l + sovStruct(uint64(l)) + return n +} +func (m *Value_BoolValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + n += 2 + return n +} +func (m *Value_StructValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.StructValue != nil { + l = m.StructValue.Size() + n += 1 + l + sovStruct(uint64(l)) + } + return n +} +func (m *Value_ListValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.ListValue != nil { + l = m.ListValue.Size() + n += 1 + l + sovStruct(uint64(l)) + } + return n +} +func (m *ListValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.Values) > 0 { + for _, e := range m.Values { + l = e.Size() + n += 1 + l + sovStruct(uint64(l)) + } + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovStruct(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozStruct(x uint64) (n int) { + return sovStruct(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *Struct) String() string { + if this == nil { + return "nil" + } + keysForFields := make([]string, 0, len(this.Fields)) + for k := range this.Fields { + keysForFields = append(keysForFields, k) + } + github_com_gogo_protobuf_sortkeys.Strings(keysForFields) + mapStringForFields := "map[string]*Value{" + for _, k := range keysForFields { + mapStringForFields += fmt.Sprintf("%v: %v,", k, this.Fields[k]) + } + mapStringForFields += "}" + s := strings.Join([]string{`&Struct{`, + `Fields:` + mapStringForFields + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Value) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value{`, + `Kind:` + fmt.Sprintf("%v", this.Kind) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Value_NullValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_NullValue{`, + `NullValue:` + fmt.Sprintf("%v", this.NullValue) + `,`, + `}`, + }, "") + return s +} +func (this *Value_NumberValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_NumberValue{`, + `NumberValue:` + fmt.Sprintf("%v", this.NumberValue) + `,`, + `}`, + }, "") + return s +} +func (this *Value_StringValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_StringValue{`, + `StringValue:` + fmt.Sprintf("%v", this.StringValue) + `,`, + `}`, + }, "") + return s +} +func (this *Value_BoolValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_BoolValue{`, + `BoolValue:` + fmt.Sprintf("%v", this.BoolValue) + `,`, + `}`, + }, "") + return s +} +func (this *Value_StructValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_StructValue{`, + `StructValue:` + strings.Replace(fmt.Sprintf("%v", this.StructValue), "Struct", "Struct", 1) + `,`, + `}`, + }, "") + return s +} +func (this *Value_ListValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Value_ListValue{`, + `ListValue:` + strings.Replace(fmt.Sprintf("%v", this.ListValue), "ListValue", "ListValue", 1) + `,`, + `}`, + }, "") + return s +} +func (this *ListValue) String() string { + if this == nil { + return "nil" + } + repeatedStringForValues := "[]*Value{" + for _, f := range this.Values { + repeatedStringForValues += strings.Replace(f.String(), "Value", "Value", 1) + "," + } + repeatedStringForValues += "}" + s := strings.Join([]string{`&ListValue{`, + `Values:` + repeatedStringForValues + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringStruct(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *Struct) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Struct: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Struct: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Fields", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthStruct + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthStruct + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Fields == nil { + m.Fields = make(map[string]*Value) + } + var mapkey string + var mapvalue *Value + for iNdEx < postIndex { + entryPreIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + if fieldNum == 1 { + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapkey |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthStruct + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey < 0 { + return ErrInvalidLengthStruct + } + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + } else if fieldNum == 2 { + var mapmsglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + mapmsglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if mapmsglen < 0 { + return ErrInvalidLengthStruct + } + postmsgIndex := iNdEx + mapmsglen + if postmsgIndex < 0 { + return ErrInvalidLengthStruct + } + if postmsgIndex > l { + return io.ErrUnexpectedEOF + } + mapvalue = &Value{} + if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil { + return err + } + iNdEx = postmsgIndex + } else { + iNdEx = entryPreIndex + skippy, err := skipStruct(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthStruct + } + if (iNdEx + skippy) > postIndex { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + m.Fields[mapkey] = mapvalue + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipStruct(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthStruct + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Value) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Value: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Value: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field NullValue", wireType) + } + var v NullValue + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= NullValue(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.Kind = &Value_NullValue{v} + case 2: + if wireType != 1 { + return fmt.Errorf("proto: wrong wireType = %d for field NumberValue", wireType) + } + var v uint64 + if (iNdEx + 8) > l { + return io.ErrUnexpectedEOF + } + v = uint64(encoding_binary.LittleEndian.Uint64(dAtA[iNdEx:])) + iNdEx += 8 + m.Kind = &Value_NumberValue{float64(math.Float64frombits(v))} + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthStruct + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthStruct + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Kind = &Value_StringValue{string(dAtA[iNdEx:postIndex])} + iNdEx = postIndex + case 4: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + b := bool(v != 0) + m.Kind = &Value_BoolValue{b} + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field StructValue", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthStruct + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthStruct + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &Struct{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Kind = &Value_StructValue{v} + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListValue", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthStruct + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthStruct + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &ListValue{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Kind = &Value_ListValue{v} + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipStruct(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthStruct + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ListValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ListValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ListValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowStruct + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthStruct + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthStruct + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Values = append(m.Values, &Value{}) + if err := m.Values[len(m.Values)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipStruct(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthStruct + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipStruct(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowStruct + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowStruct + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowStruct + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthStruct + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupStruct + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthStruct + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthStruct = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowStruct = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupStruct = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/timestamp.go b/vendor/github.com/gogo/protobuf/types/timestamp.go new file mode 100644 index 000000000000..232ada57ce42 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/timestamp.go @@ -0,0 +1,130 @@ +// Go support for Protocol Buffers - Google's data interchange format +// +// Copyright 2016 The Go Authors. All rights reserved. +// https://github.com/golang/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived from +// this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package types + +// This file implements operations on google.protobuf.Timestamp. + +import ( + "errors" + "fmt" + "time" +) + +const ( + // Seconds field of the earliest valid Timestamp. + // This is time.Date(1, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). + minValidSeconds = -62135596800 + // Seconds field just after the latest valid Timestamp. + // This is time.Date(10000, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). + maxValidSeconds = 253402300800 +) + +// validateTimestamp determines whether a Timestamp is valid. +// A valid timestamp represents a time in the range +// [0001-01-01, 10000-01-01) and has a Nanos field +// in the range [0, 1e9). +// +// If the Timestamp is valid, validateTimestamp returns nil. +// Otherwise, it returns an error that describes +// the problem. +// +// Every valid Timestamp can be represented by a time.Time, but the converse is not true. +func validateTimestamp(ts *Timestamp) error { + if ts == nil { + return errors.New("timestamp: nil Timestamp") + } + if ts.Seconds < minValidSeconds { + return fmt.Errorf("timestamp: %#v before 0001-01-01", ts) + } + if ts.Seconds >= maxValidSeconds { + return fmt.Errorf("timestamp: %#v after 10000-01-01", ts) + } + if ts.Nanos < 0 || ts.Nanos >= 1e9 { + return fmt.Errorf("timestamp: %#v: nanos not in range [0, 1e9)", ts) + } + return nil +} + +// TimestampFromProto converts a google.protobuf.Timestamp proto to a time.Time. +// It returns an error if the argument is invalid. +// +// Unlike most Go functions, if Timestamp returns an error, the first return value +// is not the zero time.Time. Instead, it is the value obtained from the +// time.Unix function when passed the contents of the Timestamp, in the UTC +// locale. This may or may not be a meaningful time; many invalid Timestamps +// do map to valid time.Times. +// +// A nil Timestamp returns an error. The first return value in that case is +// undefined. +func TimestampFromProto(ts *Timestamp) (time.Time, error) { + // Don't return the zero value on error, because corresponds to a valid + // timestamp. Instead return whatever time.Unix gives us. + var t time.Time + if ts == nil { + t = time.Unix(0, 0).UTC() // treat nil like the empty Timestamp + } else { + t = time.Unix(ts.Seconds, int64(ts.Nanos)).UTC() + } + return t, validateTimestamp(ts) +} + +// TimestampNow returns a google.protobuf.Timestamp for the current time. +func TimestampNow() *Timestamp { + ts, err := TimestampProto(time.Now()) + if err != nil { + panic("ptypes: time.Now() out of Timestamp range") + } + return ts +} + +// TimestampProto converts the time.Time to a google.protobuf.Timestamp proto. +// It returns an error if the resulting Timestamp is invalid. +func TimestampProto(t time.Time) (*Timestamp, error) { + ts := &Timestamp{ + Seconds: t.Unix(), + Nanos: int32(t.Nanosecond()), + } + if err := validateTimestamp(ts); err != nil { + return nil, err + } + return ts, nil +} + +// TimestampString returns the RFC 3339 string for valid Timestamps. For invalid +// Timestamps, it returns an error message in parentheses. +func TimestampString(ts *Timestamp) string { + t, err := TimestampFromProto(ts) + if err != nil { + return fmt.Sprintf("(%v)", err) + } + return t.Format(time.RFC3339Nano) +} diff --git a/vendor/github.com/gogo/protobuf/types/timestamp.pb.go b/vendor/github.com/gogo/protobuf/types/timestamp.pb.go new file mode 100644 index 000000000000..45db7b3bb1c8 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/timestamp.pb.go @@ -0,0 +1,539 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/timestamp.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// A Timestamp represents a point in time independent of any time zone or local +// calendar, encoded as a count of seconds and fractions of seconds at +// nanosecond resolution. The count is relative to an epoch at UTC midnight on +// January 1, 1970, in the proleptic Gregorian calendar which extends the +// Gregorian calendar backwards to year one. +// +// All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap +// second table is needed for interpretation, using a [24-hour linear +// smear](https://developers.google.com/time/smear). +// +// The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By +// restricting to that range, we ensure that we can convert to and from [RFC +// 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings. +// +// # Examples +// +// Example 1: Compute Timestamp from POSIX `time()`. +// +// Timestamp timestamp; +// timestamp.set_seconds(time(NULL)); +// timestamp.set_nanos(0); +// +// Example 2: Compute Timestamp from POSIX `gettimeofday()`. +// +// struct timeval tv; +// gettimeofday(&tv, NULL); +// +// Timestamp timestamp; +// timestamp.set_seconds(tv.tv_sec); +// timestamp.set_nanos(tv.tv_usec * 1000); +// +// Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. +// +// FILETIME ft; +// GetSystemTimeAsFileTime(&ft); +// UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; +// +// // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z +// // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. +// Timestamp timestamp; +// timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); +// timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); +// +// Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. +// +// long millis = System.currentTimeMillis(); +// +// Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) +// .setNanos((int) ((millis % 1000) * 1000000)).build(); +// +// +// Example 5: Compute Timestamp from current time in Python. +// +// timestamp = Timestamp() +// timestamp.GetCurrentTime() +// +// # JSON Mapping +// +// In JSON format, the Timestamp type is encoded as a string in the +// [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the +// format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z" +// where {year} is always expressed using four digits while {month}, {day}, +// {hour}, {min}, and {sec} are zero-padded to two digits each. The fractional +// seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), +// are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone +// is required. A proto3 JSON serializer should always use UTC (as indicated by +// "Z") when printing the Timestamp type and a proto3 JSON parser should be +// able to accept both UTC and other timezones (as indicated by an offset). +// +// For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past +// 01:30 UTC on January 15, 2017. +// +// In JavaScript, one can convert a Date object to this format using the +// standard +// [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString) +// method. In Python, a standard `datetime.datetime` object can be converted +// to this format using +// [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with +// the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use +// the Joda Time's [`ISODateTimeFormat.dateTime()`]( +// http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D +// ) to obtain a formatter capable of generating timestamps in this format. +// +// +type Timestamp struct { + // Represents seconds of UTC time since Unix epoch + // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to + // 9999-12-31T23:59:59Z inclusive. + Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` + // Non-negative fractions of a second at nanosecond resolution. Negative + // second values with fractions must still have non-negative nanos values + // that count forward in time. Must be from 0 to 999,999,999 + // inclusive. + Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Timestamp) Reset() { *m = Timestamp{} } +func (*Timestamp) ProtoMessage() {} +func (*Timestamp) Descriptor() ([]byte, []int) { + return fileDescriptor_292007bbfe81227e, []int{0} +} +func (*Timestamp) XXX_WellKnownType() string { return "Timestamp" } +func (m *Timestamp) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Timestamp) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Timestamp.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Timestamp) XXX_Merge(src proto.Message) { + xxx_messageInfo_Timestamp.Merge(m, src) +} +func (m *Timestamp) XXX_Size() int { + return m.Size() +} +func (m *Timestamp) XXX_DiscardUnknown() { + xxx_messageInfo_Timestamp.DiscardUnknown(m) +} + +var xxx_messageInfo_Timestamp proto.InternalMessageInfo + +func (m *Timestamp) GetSeconds() int64 { + if m != nil { + return m.Seconds + } + return 0 +} + +func (m *Timestamp) GetNanos() int32 { + if m != nil { + return m.Nanos + } + return 0 +} + +func (*Timestamp) XXX_MessageName() string { + return "google.protobuf.Timestamp" +} +func init() { + proto.RegisterType((*Timestamp)(nil), "google.protobuf.Timestamp") +} + +func init() { proto.RegisterFile("google/protobuf/timestamp.proto", fileDescriptor_292007bbfe81227e) } + +var fileDescriptor_292007bbfe81227e = []byte{ + // 212 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4f, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0xc9, 0xcc, 0x4d, + 0x2d, 0x2e, 0x49, 0xcc, 0x2d, 0xd0, 0x03, 0x0b, 0x09, 0xf1, 0x43, 0x14, 0xe8, 0xc1, 0x14, 0x28, + 0x59, 0x73, 0x71, 0x86, 0xc0, 0xd4, 0x08, 0x49, 0x70, 0xb1, 0x17, 0xa7, 0x26, 0xe7, 0xe7, 0xa5, + 0x14, 0x4b, 0x30, 0x2a, 0x30, 0x6a, 0x30, 0x07, 0xc1, 0xb8, 0x42, 0x22, 0x5c, 0xac, 0x79, 0x89, + 0x79, 0xf9, 0xc5, 0x12, 0x4c, 0x0a, 0x8c, 0x1a, 0xac, 0x41, 0x10, 0x8e, 0x53, 0x03, 0xe3, 0x8d, + 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xae, 0x78, 0x24, 0xc7, 0x78, 0xe2, 0x91, 0x1c, 0xe3, + 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0xbe, 0x78, 0x24, 0xc7, 0xf0, 0xe1, 0x91, 0x1c, + 0xe3, 0x8a, 0xc7, 0x72, 0x8c, 0x27, 0x1e, 0xcb, 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, + 0x59, 0xee, 0xc4, 0x07, 0xb7, 0x3a, 0x00, 0x24, 0x14, 0xc0, 0x18, 0xc5, 0x5a, 0x52, 0x59, 0x90, + 0x5a, 0xfc, 0x83, 0x91, 0x71, 0x11, 0x13, 0xb3, 0x7b, 0x80, 0xd3, 0x2a, 0x26, 0x39, 0x77, 0x88, + 0x9e, 0x00, 0xa8, 0x1e, 0xbd, 0xf0, 0xd4, 0x9c, 0x1c, 0xef, 0xbc, 0xfc, 0xf2, 0xbc, 0x10, 0x90, + 0xca, 0x24, 0x36, 0xb0, 0x61, 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x0b, 0x23, 0x83, 0xdd, + 0xfa, 0x00, 0x00, 0x00, +} + +func (this *Timestamp) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Timestamp) + if !ok { + that2, ok := that.(Timestamp) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Seconds != that1.Seconds { + if this.Seconds < that1.Seconds { + return -1 + } + return 1 + } + if this.Nanos != that1.Nanos { + if this.Nanos < that1.Nanos { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Timestamp) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Timestamp) + if !ok { + that2, ok := that.(Timestamp) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Seconds != that1.Seconds { + return false + } + if this.Nanos != that1.Nanos { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Timestamp) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 6) + s = append(s, "&types.Timestamp{") + s = append(s, "Seconds: "+fmt.Sprintf("%#v", this.Seconds)+",\n") + s = append(s, "Nanos: "+fmt.Sprintf("%#v", this.Nanos)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringTimestamp(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Timestamp) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Timestamp) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Timestamp) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Nanos != 0 { + i = encodeVarintTimestamp(dAtA, i, uint64(m.Nanos)) + i-- + dAtA[i] = 0x10 + } + if m.Seconds != 0 { + i = encodeVarintTimestamp(dAtA, i, uint64(m.Seconds)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func encodeVarintTimestamp(dAtA []byte, offset int, v uint64) int { + offset -= sovTimestamp(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func (m *Timestamp) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Seconds != 0 { + n += 1 + sovTimestamp(uint64(m.Seconds)) + } + if m.Nanos != 0 { + n += 1 + sovTimestamp(uint64(m.Nanos)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovTimestamp(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozTimestamp(x uint64) (n int) { + return sovTimestamp(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (m *Timestamp) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTimestamp + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Timestamp: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Timestamp: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Seconds", wireType) + } + m.Seconds = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTimestamp + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Seconds |= int64(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Nanos", wireType) + } + m.Nanos = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTimestamp + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Nanos |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipTimestamp(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTimestamp + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipTimestamp(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowTimestamp + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowTimestamp + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowTimestamp + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthTimestamp + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupTimestamp + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthTimestamp + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthTimestamp = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowTimestamp = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupTimestamp = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go b/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go new file mode 100644 index 000000000000..e03fa1315830 --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go @@ -0,0 +1,94 @@ +// Protocol Buffers for Go with Gadgets +// +// Copyright (c) 2016, The GoGo Authors. All rights reserved. +// http://github.com/gogo/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package types + +import ( + "time" +) + +func NewPopulatedTimestamp(r interface { + Int63() int64 +}, easy bool) *Timestamp { + this := &Timestamp{} + ns := int64(r.Int63()) + this.Seconds = ns / 1e9 + this.Nanos = int32(ns % 1e9) + return this +} + +func (ts *Timestamp) String() string { + return TimestampString(ts) +} + +func NewPopulatedStdTime(r interface { + Int63() int64 +}, easy bool) *time.Time { + timestamp := NewPopulatedTimestamp(r, easy) + t, err := TimestampFromProto(timestamp) + if err != nil { + return nil + } + return &t +} + +func SizeOfStdTime(t time.Time) int { + ts, err := TimestampProto(t) + if err != nil { + return 0 + } + return ts.Size() +} + +func StdTimeMarshal(t time.Time) ([]byte, error) { + size := SizeOfStdTime(t) + buf := make([]byte, size) + _, err := StdTimeMarshalTo(t, buf) + return buf, err +} + +func StdTimeMarshalTo(t time.Time, data []byte) (int, error) { + ts, err := TimestampProto(t) + if err != nil { + return 0, err + } + return ts.MarshalTo(data) +} + +func StdTimeUnmarshal(t *time.Time, data []byte) error { + ts := &Timestamp{} + if err := ts.Unmarshal(data); err != nil { + return err + } + tt, err := TimestampFromProto(ts) + if err != nil { + return err + } + *t = tt + return nil +} diff --git a/vendor/github.com/gogo/protobuf/types/type.pb.go b/vendor/github.com/gogo/protobuf/types/type.pb.go new file mode 100644 index 000000000000..791427bb228a --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/type.pb.go @@ -0,0 +1,3355 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/type.proto + +package types + +import ( + bytes "bytes" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strconv "strconv" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// The syntax in which a protocol buffer element is defined. +type Syntax int32 + +const ( + // Syntax `proto2`. + Syntax_SYNTAX_PROTO2 Syntax = 0 + // Syntax `proto3`. + Syntax_SYNTAX_PROTO3 Syntax = 1 +) + +var Syntax_name = map[int32]string{ + 0: "SYNTAX_PROTO2", + 1: "SYNTAX_PROTO3", +} + +var Syntax_value = map[string]int32{ + "SYNTAX_PROTO2": 0, + "SYNTAX_PROTO3": 1, +} + +func (Syntax) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{0} +} + +// Basic field types. +type Field_Kind int32 + +const ( + // Field type unknown. + Field_TYPE_UNKNOWN Field_Kind = 0 + // Field type double. + Field_TYPE_DOUBLE Field_Kind = 1 + // Field type float. + Field_TYPE_FLOAT Field_Kind = 2 + // Field type int64. + Field_TYPE_INT64 Field_Kind = 3 + // Field type uint64. + Field_TYPE_UINT64 Field_Kind = 4 + // Field type int32. + Field_TYPE_INT32 Field_Kind = 5 + // Field type fixed64. + Field_TYPE_FIXED64 Field_Kind = 6 + // Field type fixed32. + Field_TYPE_FIXED32 Field_Kind = 7 + // Field type bool. + Field_TYPE_BOOL Field_Kind = 8 + // Field type string. + Field_TYPE_STRING Field_Kind = 9 + // Field type group. Proto2 syntax only, and deprecated. + Field_TYPE_GROUP Field_Kind = 10 + // Field type message. + Field_TYPE_MESSAGE Field_Kind = 11 + // Field type bytes. + Field_TYPE_BYTES Field_Kind = 12 + // Field type uint32. + Field_TYPE_UINT32 Field_Kind = 13 + // Field type enum. + Field_TYPE_ENUM Field_Kind = 14 + // Field type sfixed32. + Field_TYPE_SFIXED32 Field_Kind = 15 + // Field type sfixed64. + Field_TYPE_SFIXED64 Field_Kind = 16 + // Field type sint32. + Field_TYPE_SINT32 Field_Kind = 17 + // Field type sint64. + Field_TYPE_SINT64 Field_Kind = 18 +) + +var Field_Kind_name = map[int32]string{ + 0: "TYPE_UNKNOWN", + 1: "TYPE_DOUBLE", + 2: "TYPE_FLOAT", + 3: "TYPE_INT64", + 4: "TYPE_UINT64", + 5: "TYPE_INT32", + 6: "TYPE_FIXED64", + 7: "TYPE_FIXED32", + 8: "TYPE_BOOL", + 9: "TYPE_STRING", + 10: "TYPE_GROUP", + 11: "TYPE_MESSAGE", + 12: "TYPE_BYTES", + 13: "TYPE_UINT32", + 14: "TYPE_ENUM", + 15: "TYPE_SFIXED32", + 16: "TYPE_SFIXED64", + 17: "TYPE_SINT32", + 18: "TYPE_SINT64", +} + +var Field_Kind_value = map[string]int32{ + "TYPE_UNKNOWN": 0, + "TYPE_DOUBLE": 1, + "TYPE_FLOAT": 2, + "TYPE_INT64": 3, + "TYPE_UINT64": 4, + "TYPE_INT32": 5, + "TYPE_FIXED64": 6, + "TYPE_FIXED32": 7, + "TYPE_BOOL": 8, + "TYPE_STRING": 9, + "TYPE_GROUP": 10, + "TYPE_MESSAGE": 11, + "TYPE_BYTES": 12, + "TYPE_UINT32": 13, + "TYPE_ENUM": 14, + "TYPE_SFIXED32": 15, + "TYPE_SFIXED64": 16, + "TYPE_SINT32": 17, + "TYPE_SINT64": 18, +} + +func (Field_Kind) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{1, 0} +} + +// Whether a field is optional, required, or repeated. +type Field_Cardinality int32 + +const ( + // For fields with unknown cardinality. + Field_CARDINALITY_UNKNOWN Field_Cardinality = 0 + // For optional fields. + Field_CARDINALITY_OPTIONAL Field_Cardinality = 1 + // For required fields. Proto2 syntax only. + Field_CARDINALITY_REQUIRED Field_Cardinality = 2 + // For repeated fields. + Field_CARDINALITY_REPEATED Field_Cardinality = 3 +) + +var Field_Cardinality_name = map[int32]string{ + 0: "CARDINALITY_UNKNOWN", + 1: "CARDINALITY_OPTIONAL", + 2: "CARDINALITY_REQUIRED", + 3: "CARDINALITY_REPEATED", +} + +var Field_Cardinality_value = map[string]int32{ + "CARDINALITY_UNKNOWN": 0, + "CARDINALITY_OPTIONAL": 1, + "CARDINALITY_REQUIRED": 2, + "CARDINALITY_REPEATED": 3, +} + +func (Field_Cardinality) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{1, 1} +} + +// A protocol buffer message type. +type Type struct { + // The fully qualified message name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The list of fields. + Fields []*Field `protobuf:"bytes,2,rep,name=fields,proto3" json:"fields,omitempty"` + // The list of types appearing in `oneof` definitions in this type. + Oneofs []string `protobuf:"bytes,3,rep,name=oneofs,proto3" json:"oneofs,omitempty"` + // The protocol buffer options. + Options []*Option `protobuf:"bytes,4,rep,name=options,proto3" json:"options,omitempty"` + // The source context. + SourceContext *SourceContext `protobuf:"bytes,5,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` + // The source syntax. + Syntax Syntax `protobuf:"varint,6,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Type) Reset() { *m = Type{} } +func (*Type) ProtoMessage() {} +func (*Type) Descriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{0} +} +func (m *Type) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Type) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Type.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Type) XXX_Merge(src proto.Message) { + xxx_messageInfo_Type.Merge(m, src) +} +func (m *Type) XXX_Size() int { + return m.Size() +} +func (m *Type) XXX_DiscardUnknown() { + xxx_messageInfo_Type.DiscardUnknown(m) +} + +var xxx_messageInfo_Type proto.InternalMessageInfo + +func (m *Type) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Type) GetFields() []*Field { + if m != nil { + return m.Fields + } + return nil +} + +func (m *Type) GetOneofs() []string { + if m != nil { + return m.Oneofs + } + return nil +} + +func (m *Type) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (m *Type) GetSourceContext() *SourceContext { + if m != nil { + return m.SourceContext + } + return nil +} + +func (m *Type) GetSyntax() Syntax { + if m != nil { + return m.Syntax + } + return Syntax_SYNTAX_PROTO2 +} + +func (*Type) XXX_MessageName() string { + return "google.protobuf.Type" +} + +// A single field of a message type. +type Field struct { + // The field type. + Kind Field_Kind `protobuf:"varint,1,opt,name=kind,proto3,enum=google.protobuf.Field_Kind" json:"kind,omitempty"` + // The field cardinality. + Cardinality Field_Cardinality `protobuf:"varint,2,opt,name=cardinality,proto3,enum=google.protobuf.Field_Cardinality" json:"cardinality,omitempty"` + // The field number. + Number int32 `protobuf:"varint,3,opt,name=number,proto3" json:"number,omitempty"` + // The field name. + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` + // The field type URL, without the scheme, for message or enumeration + // types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. + TypeUrl string `protobuf:"bytes,6,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"` + // The index of the field type in `Type.oneofs`, for message or enumeration + // types. The first type has index 1; zero means the type is not in the list. + OneofIndex int32 `protobuf:"varint,7,opt,name=oneof_index,json=oneofIndex,proto3" json:"oneof_index,omitempty"` + // Whether to use alternative packed wire representation. + Packed bool `protobuf:"varint,8,opt,name=packed,proto3" json:"packed,omitempty"` + // The protocol buffer options. + Options []*Option `protobuf:"bytes,9,rep,name=options,proto3" json:"options,omitempty"` + // The field JSON name. + JsonName string `protobuf:"bytes,10,opt,name=json_name,json=jsonName,proto3" json:"json_name,omitempty"` + // The string value of the default value of this field. Proto2 syntax only. + DefaultValue string `protobuf:"bytes,11,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Field) Reset() { *m = Field{} } +func (*Field) ProtoMessage() {} +func (*Field) Descriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{1} +} +func (m *Field) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Field) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Field.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Field) XXX_Merge(src proto.Message) { + xxx_messageInfo_Field.Merge(m, src) +} +func (m *Field) XXX_Size() int { + return m.Size() +} +func (m *Field) XXX_DiscardUnknown() { + xxx_messageInfo_Field.DiscardUnknown(m) +} + +var xxx_messageInfo_Field proto.InternalMessageInfo + +func (m *Field) GetKind() Field_Kind { + if m != nil { + return m.Kind + } + return Field_TYPE_UNKNOWN +} + +func (m *Field) GetCardinality() Field_Cardinality { + if m != nil { + return m.Cardinality + } + return Field_CARDINALITY_UNKNOWN +} + +func (m *Field) GetNumber() int32 { + if m != nil { + return m.Number + } + return 0 +} + +func (m *Field) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Field) GetTypeUrl() string { + if m != nil { + return m.TypeUrl + } + return "" +} + +func (m *Field) GetOneofIndex() int32 { + if m != nil { + return m.OneofIndex + } + return 0 +} + +func (m *Field) GetPacked() bool { + if m != nil { + return m.Packed + } + return false +} + +func (m *Field) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (m *Field) GetJsonName() string { + if m != nil { + return m.JsonName + } + return "" +} + +func (m *Field) GetDefaultValue() string { + if m != nil { + return m.DefaultValue + } + return "" +} + +func (*Field) XXX_MessageName() string { + return "google.protobuf.Field" +} + +// Enum type definition. +type Enum struct { + // Enum type name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Enum value definitions. + Enumvalue []*EnumValue `protobuf:"bytes,2,rep,name=enumvalue,proto3" json:"enumvalue,omitempty"` + // Protocol buffer options. + Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` + // The source context. + SourceContext *SourceContext `protobuf:"bytes,4,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` + // The source syntax. + Syntax Syntax `protobuf:"varint,5,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Enum) Reset() { *m = Enum{} } +func (*Enum) ProtoMessage() {} +func (*Enum) Descriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{2} +} +func (m *Enum) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Enum) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Enum.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Enum) XXX_Merge(src proto.Message) { + xxx_messageInfo_Enum.Merge(m, src) +} +func (m *Enum) XXX_Size() int { + return m.Size() +} +func (m *Enum) XXX_DiscardUnknown() { + xxx_messageInfo_Enum.DiscardUnknown(m) +} + +var xxx_messageInfo_Enum proto.InternalMessageInfo + +func (m *Enum) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Enum) GetEnumvalue() []*EnumValue { + if m != nil { + return m.Enumvalue + } + return nil +} + +func (m *Enum) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (m *Enum) GetSourceContext() *SourceContext { + if m != nil { + return m.SourceContext + } + return nil +} + +func (m *Enum) GetSyntax() Syntax { + if m != nil { + return m.Syntax + } + return Syntax_SYNTAX_PROTO2 +} + +func (*Enum) XXX_MessageName() string { + return "google.protobuf.Enum" +} + +// Enum value definition. +type EnumValue struct { + // Enum value name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Enum value number. + Number int32 `protobuf:"varint,2,opt,name=number,proto3" json:"number,omitempty"` + // Protocol buffer options. + Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *EnumValue) Reset() { *m = EnumValue{} } +func (*EnumValue) ProtoMessage() {} +func (*EnumValue) Descriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{3} +} +func (m *EnumValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *EnumValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_EnumValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *EnumValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_EnumValue.Merge(m, src) +} +func (m *EnumValue) XXX_Size() int { + return m.Size() +} +func (m *EnumValue) XXX_DiscardUnknown() { + xxx_messageInfo_EnumValue.DiscardUnknown(m) +} + +var xxx_messageInfo_EnumValue proto.InternalMessageInfo + +func (m *EnumValue) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *EnumValue) GetNumber() int32 { + if m != nil { + return m.Number + } + return 0 +} + +func (m *EnumValue) GetOptions() []*Option { + if m != nil { + return m.Options + } + return nil +} + +func (*EnumValue) XXX_MessageName() string { + return "google.protobuf.EnumValue" +} + +// A protocol buffer option, which can be attached to a message, field, +// enumeration, etc. +type Option struct { + // The option's name. For protobuf built-in options (options defined in + // descriptor.proto), this is the short name. For example, `"map_entry"`. + // For custom options, it should be the fully-qualified name. For example, + // `"google.api.http"`. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The option's value packed in an Any message. If the value is a primitive, + // the corresponding wrapper type defined in google/protobuf/wrappers.proto + // should be used. If the value is an enum, it should be stored as an int32 + // value using the google.protobuf.Int32Value type. + Value *Any `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Option) Reset() { *m = Option{} } +func (*Option) ProtoMessage() {} +func (*Option) Descriptor() ([]byte, []int) { + return fileDescriptor_dd271cc1e348c538, []int{4} +} +func (m *Option) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Option) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Option.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Option) XXX_Merge(src proto.Message) { + xxx_messageInfo_Option.Merge(m, src) +} +func (m *Option) XXX_Size() int { + return m.Size() +} +func (m *Option) XXX_DiscardUnknown() { + xxx_messageInfo_Option.DiscardUnknown(m) +} + +var xxx_messageInfo_Option proto.InternalMessageInfo + +func (m *Option) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Option) GetValue() *Any { + if m != nil { + return m.Value + } + return nil +} + +func (*Option) XXX_MessageName() string { + return "google.protobuf.Option" +} +func init() { + proto.RegisterEnum("google.protobuf.Syntax", Syntax_name, Syntax_value) + proto.RegisterEnum("google.protobuf.Field_Kind", Field_Kind_name, Field_Kind_value) + proto.RegisterEnum("google.protobuf.Field_Cardinality", Field_Cardinality_name, Field_Cardinality_value) + proto.RegisterType((*Type)(nil), "google.protobuf.Type") + proto.RegisterType((*Field)(nil), "google.protobuf.Field") + proto.RegisterType((*Enum)(nil), "google.protobuf.Enum") + proto.RegisterType((*EnumValue)(nil), "google.protobuf.EnumValue") + proto.RegisterType((*Option)(nil), "google.protobuf.Option") +} + +func init() { proto.RegisterFile("google/protobuf/type.proto", fileDescriptor_dd271cc1e348c538) } + +var fileDescriptor_dd271cc1e348c538 = []byte{ + // 840 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xcf, 0x73, 0xda, 0x46, + 0x14, 0xf6, 0x0a, 0x21, 0xa3, 0x87, 0xc1, 0x9b, 0x4d, 0x26, 0x51, 0x9c, 0x19, 0x95, 0xa1, 0x3d, + 0x30, 0x39, 0xe0, 0x29, 0x78, 0x3c, 0xbd, 0x82, 0x91, 0x29, 0x63, 0x22, 0xa9, 0x8b, 0x68, 0xe2, + 0x5e, 0x18, 0x0c, 0x72, 0x86, 0x44, 0xac, 0x18, 0x24, 0x5a, 0x73, 0xeb, 0x4c, 0xcf, 0xfd, 0x27, + 0x7a, 0xea, 0xf4, 0xdc, 0x3f, 0xc2, 0xc7, 0x1e, 0x7b, 0xac, 0xc9, 0xa5, 0xc7, 0x1c, 0x73, 0x6b, + 0x67, 0x57, 0x20, 0x8b, 0x1f, 0x9d, 0x49, 0xdb, 0x1b, 0xef, 0xfb, 0xbe, 0xf7, 0x73, 0x9f, 0x1e, + 0x70, 0xf4, 0xda, 0xf7, 0x5f, 0x7b, 0xee, 0xf1, 0x64, 0xea, 0x87, 0xfe, 0xd5, 0xec, 0xfa, 0x38, + 0x9c, 0x4f, 0xdc, 0xb2, 0xb0, 0xc8, 0x61, 0xc4, 0x95, 0x57, 0xdc, 0xd1, 0xd3, 0x4d, 0x71, 0x9f, + 0xcd, 0x23, 0xf6, 0xe8, 0xb3, 0x4d, 0x2a, 0xf0, 0x67, 0xd3, 0x81, 0xdb, 0x1b, 0xf8, 0x2c, 0x74, + 0x6f, 0xc2, 0x48, 0x55, 0xfc, 0x51, 0x02, 0xd9, 0x99, 0x4f, 0x5c, 0x42, 0x40, 0x66, 0xfd, 0xb1, + 0xab, 0xa1, 0x02, 0x2a, 0xa9, 0x54, 0xfc, 0x26, 0x65, 0x50, 0xae, 0x47, 0xae, 0x37, 0x0c, 0x34, + 0xa9, 0x90, 0x2a, 0x65, 0x2b, 0x8f, 0xcb, 0x1b, 0xf9, 0xcb, 0xe7, 0x9c, 0xa6, 0x4b, 0x15, 0x79, + 0x0c, 0x8a, 0xcf, 0x5c, 0xff, 0x3a, 0xd0, 0x52, 0x85, 0x54, 0x49, 0xa5, 0x4b, 0x8b, 0x7c, 0x0e, + 0xfb, 0xfe, 0x24, 0x1c, 0xf9, 0x2c, 0xd0, 0x64, 0x11, 0xe8, 0xc9, 0x56, 0x20, 0x4b, 0xf0, 0x74, + 0xa5, 0x23, 0x06, 0xe4, 0xd7, 0xeb, 0xd5, 0xd2, 0x05, 0x54, 0xca, 0x56, 0xf4, 0x2d, 0xcf, 0x8e, + 0x90, 0x9d, 0x45, 0x2a, 0x9a, 0x0b, 0x92, 0x26, 0x39, 0x06, 0x25, 0x98, 0xb3, 0xb0, 0x7f, 0xa3, + 0x29, 0x05, 0x54, 0xca, 0xef, 0x48, 0xdc, 0x11, 0x34, 0x5d, 0xca, 0x8a, 0xbf, 0x2a, 0x90, 0x16, + 0x4d, 0x91, 0x63, 0x90, 0xdf, 0x8e, 0xd8, 0x50, 0x0c, 0x24, 0x5f, 0x79, 0xb6, 0xbb, 0xf5, 0xf2, + 0xc5, 0x88, 0x0d, 0xa9, 0x10, 0x92, 0x06, 0x64, 0x07, 0xfd, 0xe9, 0x70, 0xc4, 0xfa, 0xde, 0x28, + 0x9c, 0x6b, 0x92, 0xf0, 0x2b, 0xfe, 0x83, 0xdf, 0xd9, 0xbd, 0x92, 0x26, 0xdd, 0xf8, 0x0c, 0xd9, + 0x6c, 0x7c, 0xe5, 0x4e, 0xb5, 0x54, 0x01, 0x95, 0xd2, 0x74, 0x69, 0xc5, 0xef, 0x23, 0x27, 0xde, + 0xe7, 0x29, 0x64, 0xf8, 0x72, 0xf4, 0x66, 0x53, 0x4f, 0xf4, 0xa7, 0xd2, 0x7d, 0x6e, 0x77, 0xa7, + 0x1e, 0xf9, 0x04, 0xb2, 0x62, 0xf8, 0xbd, 0x11, 0x1b, 0xba, 0x37, 0xda, 0xbe, 0x88, 0x05, 0x02, + 0x6a, 0x71, 0x84, 0xe7, 0x99, 0xf4, 0x07, 0x6f, 0xdd, 0xa1, 0x96, 0x29, 0xa0, 0x52, 0x86, 0x2e, + 0xad, 0xe4, 0x5b, 0xa9, 0x1f, 0xf9, 0x56, 0xcf, 0x40, 0x7d, 0x13, 0xf8, 0xac, 0x27, 0xea, 0x03, + 0x51, 0x47, 0x86, 0x03, 0x26, 0xaf, 0xf1, 0x53, 0xc8, 0x0d, 0xdd, 0xeb, 0xfe, 0xcc, 0x0b, 0x7b, + 0xdf, 0xf6, 0xbd, 0x99, 0xab, 0x65, 0x85, 0xe0, 0x60, 0x09, 0x7e, 0xcd, 0xb1, 0xe2, 0xad, 0x04, + 0x32, 0x9f, 0x24, 0xc1, 0x70, 0xe0, 0x5c, 0xda, 0x46, 0xaf, 0x6b, 0x5e, 0x98, 0xd6, 0x4b, 0x13, + 0xef, 0x91, 0x43, 0xc8, 0x0a, 0xa4, 0x61, 0x75, 0xeb, 0x6d, 0x03, 0x23, 0x92, 0x07, 0x10, 0xc0, + 0x79, 0xdb, 0xaa, 0x39, 0x58, 0x8a, 0xed, 0x96, 0xe9, 0x9c, 0x9e, 0xe0, 0x54, 0xec, 0xd0, 0x8d, + 0x00, 0x39, 0x29, 0xa8, 0x56, 0x70, 0x3a, 0xce, 0x71, 0xde, 0x7a, 0x65, 0x34, 0x4e, 0x4f, 0xb0, + 0xb2, 0x8e, 0x54, 0x2b, 0x78, 0x9f, 0xe4, 0x40, 0x15, 0x48, 0xdd, 0xb2, 0xda, 0x38, 0x13, 0xc7, + 0xec, 0x38, 0xb4, 0x65, 0x36, 0xb1, 0x1a, 0xc7, 0x6c, 0x52, 0xab, 0x6b, 0x63, 0x88, 0x23, 0xbc, + 0x30, 0x3a, 0x9d, 0x5a, 0xd3, 0xc0, 0xd9, 0x58, 0x51, 0xbf, 0x74, 0x8c, 0x0e, 0x3e, 0x58, 0x2b, + 0xab, 0x5a, 0xc1, 0xb9, 0x38, 0x85, 0x61, 0x76, 0x5f, 0xe0, 0x3c, 0x79, 0x00, 0xb9, 0x28, 0xc5, + 0xaa, 0x88, 0xc3, 0x0d, 0xe8, 0xf4, 0x04, 0xe3, 0xfb, 0x42, 0xa2, 0x28, 0x0f, 0xd6, 0x80, 0xd3, + 0x13, 0x4c, 0x8a, 0x21, 0x64, 0x13, 0xbb, 0x45, 0x9e, 0xc0, 0xc3, 0xb3, 0x1a, 0x6d, 0xb4, 0xcc, + 0x5a, 0xbb, 0xe5, 0x5c, 0x26, 0xe6, 0xaa, 0xc1, 0xa3, 0x24, 0x61, 0xd9, 0x4e, 0xcb, 0x32, 0x6b, + 0x6d, 0x8c, 0x36, 0x19, 0x6a, 0x7c, 0xd5, 0x6d, 0x51, 0xa3, 0x81, 0xa5, 0x6d, 0xc6, 0x36, 0x6a, + 0x8e, 0xd1, 0xc0, 0xa9, 0xe2, 0x5f, 0x08, 0x64, 0x83, 0xcd, 0xc6, 0x3b, 0xcf, 0xc8, 0x17, 0xa0, + 0xba, 0x6c, 0x36, 0x8e, 0x9e, 0x3f, 0xba, 0x24, 0x47, 0x5b, 0x4b, 0xc5, 0xbd, 0xc5, 0x32, 0xd0, + 0x7b, 0x71, 0x72, 0x19, 0x53, 0xff, 0xf9, 0x70, 0xc8, 0xff, 0xef, 0x70, 0xa4, 0x3f, 0xee, 0x70, + 0xbc, 0x01, 0x35, 0x6e, 0x61, 0xe7, 0x14, 0xee, 0x3f, 0x6c, 0x69, 0xed, 0xc3, 0xfe, 0xf7, 0x3d, + 0x16, 0xbf, 0x04, 0x25, 0x82, 0x76, 0x26, 0x7a, 0x0e, 0xe9, 0xd5, 0xa8, 0x79, 0xe3, 0x8f, 0xb6, + 0xc2, 0xd5, 0xd8, 0x9c, 0x46, 0x92, 0xe7, 0x65, 0x50, 0xa2, 0x3e, 0xf8, 0xb2, 0x75, 0x2e, 0x4d, + 0xa7, 0xf6, 0xaa, 0x67, 0x53, 0xcb, 0xb1, 0x2a, 0x78, 0x6f, 0x13, 0xaa, 0x62, 0x54, 0xff, 0x01, + 0xfd, 0x7e, 0xa7, 0xef, 0xbd, 0xbf, 0xd3, 0xd1, 0x87, 0x3b, 0x1d, 0x7d, 0xbf, 0xd0, 0xd1, 0xcf, + 0x0b, 0x1d, 0xdd, 0x2e, 0x74, 0xf4, 0xdb, 0x42, 0x47, 0x7f, 0x2c, 0x74, 0xf4, 0xe7, 0x42, 0xdf, + 0x7b, 0xcf, 0xf1, 0x77, 0x3a, 0xba, 0x7d, 0xa7, 0x23, 0x78, 0x38, 0xf0, 0xc7, 0x9b, 0x25, 0xd4, + 0x55, 0xfe, 0x9f, 0x63, 0x73, 0xcb, 0x46, 0xdf, 0xa4, 0xf9, 0xd1, 0x0a, 0x3e, 0x20, 0xf4, 0x93, + 0x94, 0x6a, 0xda, 0xf5, 0x5f, 0x24, 0xbd, 0x19, 0xc9, 0xed, 0x55, 0xc5, 0x2f, 0x5d, 0xcf, 0xbb, + 0x60, 0xfe, 0x77, 0x8c, 0xbb, 0x05, 0x57, 0x8a, 0x88, 0x53, 0xfd, 0x3b, 0x00, 0x00, 0xff, 0xff, + 0xbc, 0x2a, 0x5e, 0x82, 0x2b, 0x07, 0x00, 0x00, +} + +func (this *Type) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Type) + if !ok { + that2, ok := that.(Type) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if len(this.Fields) != len(that1.Fields) { + if len(this.Fields) < len(that1.Fields) { + return -1 + } + return 1 + } + for i := range this.Fields { + if c := this.Fields[i].Compare(that1.Fields[i]); c != 0 { + return c + } + } + if len(this.Oneofs) != len(that1.Oneofs) { + if len(this.Oneofs) < len(that1.Oneofs) { + return -1 + } + return 1 + } + for i := range this.Oneofs { + if this.Oneofs[i] != that1.Oneofs[i] { + if this.Oneofs[i] < that1.Oneofs[i] { + return -1 + } + return 1 + } + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { + return c + } + if this.Syntax != that1.Syntax { + if this.Syntax < that1.Syntax { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Field) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Field) + if !ok { + that2, ok := that.(Field) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Kind != that1.Kind { + if this.Kind < that1.Kind { + return -1 + } + return 1 + } + if this.Cardinality != that1.Cardinality { + if this.Cardinality < that1.Cardinality { + return -1 + } + return 1 + } + if this.Number != that1.Number { + if this.Number < that1.Number { + return -1 + } + return 1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if this.TypeUrl != that1.TypeUrl { + if this.TypeUrl < that1.TypeUrl { + return -1 + } + return 1 + } + if this.OneofIndex != that1.OneofIndex { + if this.OneofIndex < that1.OneofIndex { + return -1 + } + return 1 + } + if this.Packed != that1.Packed { + if !this.Packed { + return -1 + } + return 1 + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if this.JsonName != that1.JsonName { + if this.JsonName < that1.JsonName { + return -1 + } + return 1 + } + if this.DefaultValue != that1.DefaultValue { + if this.DefaultValue < that1.DefaultValue { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Enum) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Enum) + if !ok { + that2, ok := that.(Enum) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if len(this.Enumvalue) != len(that1.Enumvalue) { + if len(this.Enumvalue) < len(that1.Enumvalue) { + return -1 + } + return 1 + } + for i := range this.Enumvalue { + if c := this.Enumvalue[i].Compare(that1.Enumvalue[i]); c != 0 { + return c + } + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { + return c + } + if this.Syntax != that1.Syntax { + if this.Syntax < that1.Syntax { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *EnumValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*EnumValue) + if !ok { + that2, ok := that.(EnumValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if this.Number != that1.Number { + if this.Number < that1.Number { + return -1 + } + return 1 + } + if len(this.Options) != len(that1.Options) { + if len(this.Options) < len(that1.Options) { + return -1 + } + return 1 + } + for i := range this.Options { + if c := this.Options[i].Compare(that1.Options[i]); c != 0 { + return c + } + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Option) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Option) + if !ok { + that2, ok := that.(Option) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Name != that1.Name { + if this.Name < that1.Name { + return -1 + } + return 1 + } + if c := this.Value.Compare(that1.Value); c != 0 { + return c + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (x Syntax) String() string { + s, ok := Syntax_name[int32(x)] + if ok { + return s + } + return strconv.Itoa(int(x)) +} +func (x Field_Kind) String() string { + s, ok := Field_Kind_name[int32(x)] + if ok { + return s + } + return strconv.Itoa(int(x)) +} +func (x Field_Cardinality) String() string { + s, ok := Field_Cardinality_name[int32(x)] + if ok { + return s + } + return strconv.Itoa(int(x)) +} +func (this *Type) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Type) + if !ok { + that2, ok := that.(Type) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if len(this.Fields) != len(that1.Fields) { + return false + } + for i := range this.Fields { + if !this.Fields[i].Equal(that1.Fields[i]) { + return false + } + } + if len(this.Oneofs) != len(that1.Oneofs) { + return false + } + for i := range this.Oneofs { + if this.Oneofs[i] != that1.Oneofs[i] { + return false + } + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if !this.SourceContext.Equal(that1.SourceContext) { + return false + } + if this.Syntax != that1.Syntax { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Field) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Field) + if !ok { + that2, ok := that.(Field) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Kind != that1.Kind { + return false + } + if this.Cardinality != that1.Cardinality { + return false + } + if this.Number != that1.Number { + return false + } + if this.Name != that1.Name { + return false + } + if this.TypeUrl != that1.TypeUrl { + return false + } + if this.OneofIndex != that1.OneofIndex { + return false + } + if this.Packed != that1.Packed { + return false + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if this.JsonName != that1.JsonName { + return false + } + if this.DefaultValue != that1.DefaultValue { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Enum) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Enum) + if !ok { + that2, ok := that.(Enum) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if len(this.Enumvalue) != len(that1.Enumvalue) { + return false + } + for i := range this.Enumvalue { + if !this.Enumvalue[i].Equal(that1.Enumvalue[i]) { + return false + } + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if !this.SourceContext.Equal(that1.SourceContext) { + return false + } + if this.Syntax != that1.Syntax { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *EnumValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*EnumValue) + if !ok { + that2, ok := that.(EnumValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if this.Number != that1.Number { + return false + } + if len(this.Options) != len(that1.Options) { + return false + } + for i := range this.Options { + if !this.Options[i].Equal(that1.Options[i]) { + return false + } + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Option) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Option) + if !ok { + that2, ok := that.(Option) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Name != that1.Name { + return false + } + if !this.Value.Equal(that1.Value) { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Type) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 10) + s = append(s, "&types.Type{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + if this.Fields != nil { + s = append(s, "Fields: "+fmt.Sprintf("%#v", this.Fields)+",\n") + } + s = append(s, "Oneofs: "+fmt.Sprintf("%#v", this.Oneofs)+",\n") + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + if this.SourceContext != nil { + s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") + } + s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Field) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 14) + s = append(s, "&types.Field{") + s = append(s, "Kind: "+fmt.Sprintf("%#v", this.Kind)+",\n") + s = append(s, "Cardinality: "+fmt.Sprintf("%#v", this.Cardinality)+",\n") + s = append(s, "Number: "+fmt.Sprintf("%#v", this.Number)+",\n") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + s = append(s, "TypeUrl: "+fmt.Sprintf("%#v", this.TypeUrl)+",\n") + s = append(s, "OneofIndex: "+fmt.Sprintf("%#v", this.OneofIndex)+",\n") + s = append(s, "Packed: "+fmt.Sprintf("%#v", this.Packed)+",\n") + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + s = append(s, "JsonName: "+fmt.Sprintf("%#v", this.JsonName)+",\n") + s = append(s, "DefaultValue: "+fmt.Sprintf("%#v", this.DefaultValue)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Enum) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 9) + s = append(s, "&types.Enum{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + if this.Enumvalue != nil { + s = append(s, "Enumvalue: "+fmt.Sprintf("%#v", this.Enumvalue)+",\n") + } + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + if this.SourceContext != nil { + s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") + } + s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *EnumValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 7) + s = append(s, "&types.EnumValue{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + s = append(s, "Number: "+fmt.Sprintf("%#v", this.Number)+",\n") + if this.Options != nil { + s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") + } + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Option) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 6) + s = append(s, "&types.Option{") + s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") + if this.Value != nil { + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + } + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringType(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *Type) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Type) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Type) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Syntax != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Syntax)) + i-- + dAtA[i] = 0x30 + } + if m.SourceContext != nil { + { + size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x2a + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x22 + } + } + if len(m.Oneofs) > 0 { + for iNdEx := len(m.Oneofs) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.Oneofs[iNdEx]) + copy(dAtA[i:], m.Oneofs[iNdEx]) + i = encodeVarintType(dAtA, i, uint64(len(m.Oneofs[iNdEx]))) + i-- + dAtA[i] = 0x1a + } + } + if len(m.Fields) > 0 { + for iNdEx := len(m.Fields) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Fields[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintType(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *Field) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Field) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Field) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.DefaultValue) > 0 { + i -= len(m.DefaultValue) + copy(dAtA[i:], m.DefaultValue) + i = encodeVarintType(dAtA, i, uint64(len(m.DefaultValue))) + i-- + dAtA[i] = 0x5a + } + if len(m.JsonName) > 0 { + i -= len(m.JsonName) + copy(dAtA[i:], m.JsonName) + i = encodeVarintType(dAtA, i, uint64(len(m.JsonName))) + i-- + dAtA[i] = 0x52 + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x4a + } + } + if m.Packed { + i-- + if m.Packed { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x40 + } + if m.OneofIndex != 0 { + i = encodeVarintType(dAtA, i, uint64(m.OneofIndex)) + i-- + dAtA[i] = 0x38 + } + if len(m.TypeUrl) > 0 { + i -= len(m.TypeUrl) + copy(dAtA[i:], m.TypeUrl) + i = encodeVarintType(dAtA, i, uint64(len(m.TypeUrl))) + i-- + dAtA[i] = 0x32 + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintType(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0x22 + } + if m.Number != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Number)) + i-- + dAtA[i] = 0x18 + } + if m.Cardinality != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Cardinality)) + i-- + dAtA[i] = 0x10 + } + if m.Kind != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Kind)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *Enum) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Enum) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Enum) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Syntax != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Syntax)) + i-- + dAtA[i] = 0x28 + } + if m.SourceContext != nil { + { + size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x22 + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } + } + if len(m.Enumvalue) > 0 { + for iNdEx := len(m.Enumvalue) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Enumvalue[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintType(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *EnumValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *EnumValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *EnumValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Options) > 0 { + for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } + } + if m.Number != 0 { + i = encodeVarintType(dAtA, i, uint64(m.Number)) + i-- + dAtA[i] = 0x10 + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintType(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *Option) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Option) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Option) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != nil { + { + size, err := m.Value.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintType(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + if len(m.Name) > 0 { + i -= len(m.Name) + copy(dAtA[i:], m.Name) + i = encodeVarintType(dAtA, i, uint64(len(m.Name))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintType(dAtA []byte, offset int, v uint64) int { + offset -= sovType(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedType(r randyType, easy bool) *Type { + this := &Type{} + this.Name = string(randStringType(r)) + if r.Intn(5) != 0 { + v1 := r.Intn(5) + this.Fields = make([]*Field, v1) + for i := 0; i < v1; i++ { + this.Fields[i] = NewPopulatedField(r, easy) + } + } + v2 := r.Intn(10) + this.Oneofs = make([]string, v2) + for i := 0; i < v2; i++ { + this.Oneofs[i] = string(randStringType(r)) + } + if r.Intn(5) != 0 { + v3 := r.Intn(5) + this.Options = make([]*Option, v3) + for i := 0; i < v3; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + if r.Intn(5) != 0 { + this.SourceContext = NewPopulatedSourceContext(r, easy) + } + this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedType(r, 7) + } + return this +} + +func NewPopulatedField(r randyType, easy bool) *Field { + this := &Field{} + this.Kind = Field_Kind([]int32{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18}[r.Intn(19)]) + this.Cardinality = Field_Cardinality([]int32{0, 1, 2, 3}[r.Intn(4)]) + this.Number = int32(r.Int31()) + if r.Intn(2) == 0 { + this.Number *= -1 + } + this.Name = string(randStringType(r)) + this.TypeUrl = string(randStringType(r)) + this.OneofIndex = int32(r.Int31()) + if r.Intn(2) == 0 { + this.OneofIndex *= -1 + } + this.Packed = bool(bool(r.Intn(2) == 0)) + if r.Intn(5) != 0 { + v4 := r.Intn(5) + this.Options = make([]*Option, v4) + for i := 0; i < v4; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + this.JsonName = string(randStringType(r)) + this.DefaultValue = string(randStringType(r)) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedType(r, 12) + } + return this +} + +func NewPopulatedEnum(r randyType, easy bool) *Enum { + this := &Enum{} + this.Name = string(randStringType(r)) + if r.Intn(5) != 0 { + v5 := r.Intn(5) + this.Enumvalue = make([]*EnumValue, v5) + for i := 0; i < v5; i++ { + this.Enumvalue[i] = NewPopulatedEnumValue(r, easy) + } + } + if r.Intn(5) != 0 { + v6 := r.Intn(5) + this.Options = make([]*Option, v6) + for i := 0; i < v6; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + if r.Intn(5) != 0 { + this.SourceContext = NewPopulatedSourceContext(r, easy) + } + this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedType(r, 6) + } + return this +} + +func NewPopulatedEnumValue(r randyType, easy bool) *EnumValue { + this := &EnumValue{} + this.Name = string(randStringType(r)) + this.Number = int32(r.Int31()) + if r.Intn(2) == 0 { + this.Number *= -1 + } + if r.Intn(5) != 0 { + v7 := r.Intn(5) + this.Options = make([]*Option, v7) + for i := 0; i < v7; i++ { + this.Options[i] = NewPopulatedOption(r, easy) + } + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedType(r, 4) + } + return this +} + +func NewPopulatedOption(r randyType, easy bool) *Option { + this := &Option{} + this.Name = string(randStringType(r)) + if r.Intn(5) != 0 { + this.Value = NewPopulatedAny(r, easy) + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedType(r, 3) + } + return this +} + +type randyType interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneType(r randyType) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringType(r randyType) string { + v8 := r.Intn(100) + tmps := make([]rune, v8) + for i := 0; i < v8; i++ { + tmps[i] = randUTF8RuneType(r) + } + return string(tmps) +} +func randUnrecognizedType(r randyType, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldType(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldType(dAtA []byte, r randyType, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateType(dAtA, uint64(key)) + v9 := r.Int63() + if r.Intn(2) == 0 { + v9 *= -1 + } + dAtA = encodeVarintPopulateType(dAtA, uint64(v9)) + case 1: + dAtA = encodeVarintPopulateType(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateType(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateType(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateType(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateType(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *Type) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if len(m.Fields) > 0 { + for _, e := range m.Fields { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + if len(m.Oneofs) > 0 { + for _, s := range m.Oneofs { + l = len(s) + n += 1 + l + sovType(uint64(l)) + } + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + if m.SourceContext != nil { + l = m.SourceContext.Size() + n += 1 + l + sovType(uint64(l)) + } + if m.Syntax != 0 { + n += 1 + sovType(uint64(m.Syntax)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Field) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Kind != 0 { + n += 1 + sovType(uint64(m.Kind)) + } + if m.Cardinality != 0 { + n += 1 + sovType(uint64(m.Cardinality)) + } + if m.Number != 0 { + n += 1 + sovType(uint64(m.Number)) + } + l = len(m.Name) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + l = len(m.TypeUrl) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if m.OneofIndex != 0 { + n += 1 + sovType(uint64(m.OneofIndex)) + } + if m.Packed { + n += 2 + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + l = len(m.JsonName) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + l = len(m.DefaultValue) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Enum) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if len(m.Enumvalue) > 0 { + for _, e := range m.Enumvalue { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + if m.SourceContext != nil { + l = m.SourceContext.Size() + n += 1 + l + sovType(uint64(l)) + } + if m.Syntax != 0 { + n += 1 + sovType(uint64(m.Syntax)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *EnumValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if m.Number != 0 { + n += 1 + sovType(uint64(m.Number)) + } + if len(m.Options) > 0 { + for _, e := range m.Options { + l = e.Size() + n += 1 + l + sovType(uint64(l)) + } + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Option) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Name) + if l > 0 { + n += 1 + l + sovType(uint64(l)) + } + if m.Value != nil { + l = m.Value.Size() + n += 1 + l + sovType(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovType(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozType(x uint64) (n int) { + return sovType(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *Type) String() string { + if this == nil { + return "nil" + } + repeatedStringForFields := "[]*Field{" + for _, f := range this.Fields { + repeatedStringForFields += strings.Replace(f.String(), "Field", "Field", 1) + "," + } + repeatedStringForFields += "}" + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + s := strings.Join([]string{`&Type{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Fields:` + repeatedStringForFields + `,`, + `Oneofs:` + fmt.Sprintf("%v", this.Oneofs) + `,`, + `Options:` + repeatedStringForOptions + `,`, + `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, + `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Field) String() string { + if this == nil { + return "nil" + } + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + s := strings.Join([]string{`&Field{`, + `Kind:` + fmt.Sprintf("%v", this.Kind) + `,`, + `Cardinality:` + fmt.Sprintf("%v", this.Cardinality) + `,`, + `Number:` + fmt.Sprintf("%v", this.Number) + `,`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `TypeUrl:` + fmt.Sprintf("%v", this.TypeUrl) + `,`, + `OneofIndex:` + fmt.Sprintf("%v", this.OneofIndex) + `,`, + `Packed:` + fmt.Sprintf("%v", this.Packed) + `,`, + `Options:` + repeatedStringForOptions + `,`, + `JsonName:` + fmt.Sprintf("%v", this.JsonName) + `,`, + `DefaultValue:` + fmt.Sprintf("%v", this.DefaultValue) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Enum) String() string { + if this == nil { + return "nil" + } + repeatedStringForEnumvalue := "[]*EnumValue{" + for _, f := range this.Enumvalue { + repeatedStringForEnumvalue += strings.Replace(f.String(), "EnumValue", "EnumValue", 1) + "," + } + repeatedStringForEnumvalue += "}" + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + s := strings.Join([]string{`&Enum{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Enumvalue:` + repeatedStringForEnumvalue + `,`, + `Options:` + repeatedStringForOptions + `,`, + `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, + `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *EnumValue) String() string { + if this == nil { + return "nil" + } + repeatedStringForOptions := "[]*Option{" + for _, f := range this.Options { + repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," + } + repeatedStringForOptions += "}" + s := strings.Join([]string{`&EnumValue{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Number:` + fmt.Sprintf("%v", this.Number) + `,`, + `Options:` + repeatedStringForOptions + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Option) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Option{`, + `Name:` + fmt.Sprintf("%v", this.Name) + `,`, + `Value:` + strings.Replace(fmt.Sprintf("%v", this.Value), "Any", "Any", 1) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringType(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *Type) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Type: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Type: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Fields", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Fields = append(m.Fields, &Field{}) + if err := m.Fields[len(m.Fields)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Oneofs", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Oneofs = append(m.Oneofs, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.SourceContext == nil { + m.SourceContext = &SourceContext{} + } + if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 6: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) + } + m.Syntax = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Syntax |= Syntax(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipType(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthType + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Field) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Field: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Field: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Kind", wireType) + } + m.Kind = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Kind |= Field_Kind(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Cardinality", wireType) + } + m.Cardinality = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Cardinality |= Field_Cardinality(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType) + } + m.Number = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Number |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field TypeUrl", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.TypeUrl = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 7: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field OneofIndex", wireType) + } + m.OneofIndex = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.OneofIndex |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 8: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Packed", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.Packed = bool(v != 0) + case 9: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 10: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field JsonName", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.JsonName = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 11: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field DefaultValue", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.DefaultValue = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipType(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthType + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Enum) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Enum: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Enum: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Enumvalue", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Enumvalue = append(m.Enumvalue, &EnumValue{}) + if err := m.Enumvalue[len(m.Enumvalue)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.SourceContext == nil { + m.SourceContext = &SourceContext{} + } + if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 5: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) + } + m.Syntax = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Syntax |= Syntax(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipType(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthType + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *EnumValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: EnumValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: EnumValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType) + } + m.Number = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Number |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Options = append(m.Options, &Option{}) + if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipType(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthType + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Option) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Option: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Option: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowType + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthType + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthType + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Value == nil { + m.Value = &Any{} + } + if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipType(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthType + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipType(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowType + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowType + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowType + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthType + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupType + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthType + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthType = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowType = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupType = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/wrappers.pb.go b/vendor/github.com/gogo/protobuf/types/wrappers.pb.go new file mode 100644 index 000000000000..8d415420a74d --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/wrappers.pb.go @@ -0,0 +1,2703 @@ +// Code generated by protoc-gen-gogo. DO NOT EDIT. +// source: google/protobuf/wrappers.proto + +package types + +import ( + bytes "bytes" + encoding_binary "encoding/binary" + fmt "fmt" + proto "github.com/gogo/protobuf/proto" + io "io" + math "math" + math_bits "math/bits" + reflect "reflect" + strings "strings" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package + +// Wrapper message for `double`. +// +// The JSON representation for `DoubleValue` is JSON number. +type DoubleValue struct { + // The double value. + Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *DoubleValue) Reset() { *m = DoubleValue{} } +func (*DoubleValue) ProtoMessage() {} +func (*DoubleValue) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{0} +} +func (*DoubleValue) XXX_WellKnownType() string { return "DoubleValue" } +func (m *DoubleValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *DoubleValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_DoubleValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *DoubleValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_DoubleValue.Merge(m, src) +} +func (m *DoubleValue) XXX_Size() int { + return m.Size() +} +func (m *DoubleValue) XXX_DiscardUnknown() { + xxx_messageInfo_DoubleValue.DiscardUnknown(m) +} + +var xxx_messageInfo_DoubleValue proto.InternalMessageInfo + +func (m *DoubleValue) GetValue() float64 { + if m != nil { + return m.Value + } + return 0 +} + +func (*DoubleValue) XXX_MessageName() string { + return "google.protobuf.DoubleValue" +} + +// Wrapper message for `float`. +// +// The JSON representation for `FloatValue` is JSON number. +type FloatValue struct { + // The float value. + Value float32 `protobuf:"fixed32,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *FloatValue) Reset() { *m = FloatValue{} } +func (*FloatValue) ProtoMessage() {} +func (*FloatValue) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{1} +} +func (*FloatValue) XXX_WellKnownType() string { return "FloatValue" } +func (m *FloatValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *FloatValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_FloatValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *FloatValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_FloatValue.Merge(m, src) +} +func (m *FloatValue) XXX_Size() int { + return m.Size() +} +func (m *FloatValue) XXX_DiscardUnknown() { + xxx_messageInfo_FloatValue.DiscardUnknown(m) +} + +var xxx_messageInfo_FloatValue proto.InternalMessageInfo + +func (m *FloatValue) GetValue() float32 { + if m != nil { + return m.Value + } + return 0 +} + +func (*FloatValue) XXX_MessageName() string { + return "google.protobuf.FloatValue" +} + +// Wrapper message for `int64`. +// +// The JSON representation for `Int64Value` is JSON string. +type Int64Value struct { + // The int64 value. + Value int64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Int64Value) Reset() { *m = Int64Value{} } +func (*Int64Value) ProtoMessage() {} +func (*Int64Value) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{2} +} +func (*Int64Value) XXX_WellKnownType() string { return "Int64Value" } +func (m *Int64Value) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Int64Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Int64Value.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Int64Value) XXX_Merge(src proto.Message) { + xxx_messageInfo_Int64Value.Merge(m, src) +} +func (m *Int64Value) XXX_Size() int { + return m.Size() +} +func (m *Int64Value) XXX_DiscardUnknown() { + xxx_messageInfo_Int64Value.DiscardUnknown(m) +} + +var xxx_messageInfo_Int64Value proto.InternalMessageInfo + +func (m *Int64Value) GetValue() int64 { + if m != nil { + return m.Value + } + return 0 +} + +func (*Int64Value) XXX_MessageName() string { + return "google.protobuf.Int64Value" +} + +// Wrapper message for `uint64`. +// +// The JSON representation for `UInt64Value` is JSON string. +type UInt64Value struct { + // The uint64 value. + Value uint64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *UInt64Value) Reset() { *m = UInt64Value{} } +func (*UInt64Value) ProtoMessage() {} +func (*UInt64Value) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{3} +} +func (*UInt64Value) XXX_WellKnownType() string { return "UInt64Value" } +func (m *UInt64Value) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *UInt64Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_UInt64Value.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *UInt64Value) XXX_Merge(src proto.Message) { + xxx_messageInfo_UInt64Value.Merge(m, src) +} +func (m *UInt64Value) XXX_Size() int { + return m.Size() +} +func (m *UInt64Value) XXX_DiscardUnknown() { + xxx_messageInfo_UInt64Value.DiscardUnknown(m) +} + +var xxx_messageInfo_UInt64Value proto.InternalMessageInfo + +func (m *UInt64Value) GetValue() uint64 { + if m != nil { + return m.Value + } + return 0 +} + +func (*UInt64Value) XXX_MessageName() string { + return "google.protobuf.UInt64Value" +} + +// Wrapper message for `int32`. +// +// The JSON representation for `Int32Value` is JSON number. +type Int32Value struct { + // The int32 value. + Value int32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Int32Value) Reset() { *m = Int32Value{} } +func (*Int32Value) ProtoMessage() {} +func (*Int32Value) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{4} +} +func (*Int32Value) XXX_WellKnownType() string { return "Int32Value" } +func (m *Int32Value) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Int32Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Int32Value.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Int32Value) XXX_Merge(src proto.Message) { + xxx_messageInfo_Int32Value.Merge(m, src) +} +func (m *Int32Value) XXX_Size() int { + return m.Size() +} +func (m *Int32Value) XXX_DiscardUnknown() { + xxx_messageInfo_Int32Value.DiscardUnknown(m) +} + +var xxx_messageInfo_Int32Value proto.InternalMessageInfo + +func (m *Int32Value) GetValue() int32 { + if m != nil { + return m.Value + } + return 0 +} + +func (*Int32Value) XXX_MessageName() string { + return "google.protobuf.Int32Value" +} + +// Wrapper message for `uint32`. +// +// The JSON representation for `UInt32Value` is JSON number. +type UInt32Value struct { + // The uint32 value. + Value uint32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *UInt32Value) Reset() { *m = UInt32Value{} } +func (*UInt32Value) ProtoMessage() {} +func (*UInt32Value) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{5} +} +func (*UInt32Value) XXX_WellKnownType() string { return "UInt32Value" } +func (m *UInt32Value) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *UInt32Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_UInt32Value.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *UInt32Value) XXX_Merge(src proto.Message) { + xxx_messageInfo_UInt32Value.Merge(m, src) +} +func (m *UInt32Value) XXX_Size() int { + return m.Size() +} +func (m *UInt32Value) XXX_DiscardUnknown() { + xxx_messageInfo_UInt32Value.DiscardUnknown(m) +} + +var xxx_messageInfo_UInt32Value proto.InternalMessageInfo + +func (m *UInt32Value) GetValue() uint32 { + if m != nil { + return m.Value + } + return 0 +} + +func (*UInt32Value) XXX_MessageName() string { + return "google.protobuf.UInt32Value" +} + +// Wrapper message for `bool`. +// +// The JSON representation for `BoolValue` is JSON `true` and `false`. +type BoolValue struct { + // The bool value. + Value bool `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *BoolValue) Reset() { *m = BoolValue{} } +func (*BoolValue) ProtoMessage() {} +func (*BoolValue) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{6} +} +func (*BoolValue) XXX_WellKnownType() string { return "BoolValue" } +func (m *BoolValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *BoolValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_BoolValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *BoolValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_BoolValue.Merge(m, src) +} +func (m *BoolValue) XXX_Size() int { + return m.Size() +} +func (m *BoolValue) XXX_DiscardUnknown() { + xxx_messageInfo_BoolValue.DiscardUnknown(m) +} + +var xxx_messageInfo_BoolValue proto.InternalMessageInfo + +func (m *BoolValue) GetValue() bool { + if m != nil { + return m.Value + } + return false +} + +func (*BoolValue) XXX_MessageName() string { + return "google.protobuf.BoolValue" +} + +// Wrapper message for `string`. +// +// The JSON representation for `StringValue` is JSON string. +type StringValue struct { + // The string value. + Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *StringValue) Reset() { *m = StringValue{} } +func (*StringValue) ProtoMessage() {} +func (*StringValue) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{7} +} +func (*StringValue) XXX_WellKnownType() string { return "StringValue" } +func (m *StringValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *StringValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_StringValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *StringValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_StringValue.Merge(m, src) +} +func (m *StringValue) XXX_Size() int { + return m.Size() +} +func (m *StringValue) XXX_DiscardUnknown() { + xxx_messageInfo_StringValue.DiscardUnknown(m) +} + +var xxx_messageInfo_StringValue proto.InternalMessageInfo + +func (m *StringValue) GetValue() string { + if m != nil { + return m.Value + } + return "" +} + +func (*StringValue) XXX_MessageName() string { + return "google.protobuf.StringValue" +} + +// Wrapper message for `bytes`. +// +// The JSON representation for `BytesValue` is JSON string. +type BytesValue struct { + // The bytes value. + Value []byte `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *BytesValue) Reset() { *m = BytesValue{} } +func (*BytesValue) ProtoMessage() {} +func (*BytesValue) Descriptor() ([]byte, []int) { + return fileDescriptor_5377b62bda767935, []int{8} +} +func (*BytesValue) XXX_WellKnownType() string { return "BytesValue" } +func (m *BytesValue) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *BytesValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_BytesValue.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *BytesValue) XXX_Merge(src proto.Message) { + xxx_messageInfo_BytesValue.Merge(m, src) +} +func (m *BytesValue) XXX_Size() int { + return m.Size() +} +func (m *BytesValue) XXX_DiscardUnknown() { + xxx_messageInfo_BytesValue.DiscardUnknown(m) +} + +var xxx_messageInfo_BytesValue proto.InternalMessageInfo + +func (m *BytesValue) GetValue() []byte { + if m != nil { + return m.Value + } + return nil +} + +func (*BytesValue) XXX_MessageName() string { + return "google.protobuf.BytesValue" +} +func init() { + proto.RegisterType((*DoubleValue)(nil), "google.protobuf.DoubleValue") + proto.RegisterType((*FloatValue)(nil), "google.protobuf.FloatValue") + proto.RegisterType((*Int64Value)(nil), "google.protobuf.Int64Value") + proto.RegisterType((*UInt64Value)(nil), "google.protobuf.UInt64Value") + proto.RegisterType((*Int32Value)(nil), "google.protobuf.Int32Value") + proto.RegisterType((*UInt32Value)(nil), "google.protobuf.UInt32Value") + proto.RegisterType((*BoolValue)(nil), "google.protobuf.BoolValue") + proto.RegisterType((*StringValue)(nil), "google.protobuf.StringValue") + proto.RegisterType((*BytesValue)(nil), "google.protobuf.BytesValue") +} + +func init() { proto.RegisterFile("google/protobuf/wrappers.proto", fileDescriptor_5377b62bda767935) } + +var fileDescriptor_5377b62bda767935 = []byte{ + // 285 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4b, 0xcf, 0xcf, 0x4f, + 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0x2f, 0x4a, 0x2c, + 0x28, 0x48, 0x2d, 0x2a, 0xd6, 0x03, 0x8b, 0x08, 0xf1, 0x43, 0xe4, 0xf5, 0x60, 0xf2, 0x4a, 0xca, + 0x5c, 0xdc, 0x2e, 0xf9, 0xa5, 0x49, 0x39, 0xa9, 0x61, 0x89, 0x39, 0xa5, 0xa9, 0x42, 0x22, 0x5c, + 0xac, 0x65, 0x20, 0x86, 0x04, 0xa3, 0x02, 0xa3, 0x06, 0x63, 0x10, 0x84, 0xa3, 0xa4, 0xc4, 0xc5, + 0xe5, 0x96, 0x93, 0x9f, 0x58, 0x82, 0x45, 0x0d, 0x13, 0x92, 0x1a, 0xcf, 0xbc, 0x12, 0x33, 0x13, + 0x2c, 0x6a, 0x98, 0x61, 0x6a, 0x94, 0xb9, 0xb8, 0x43, 0x71, 0x29, 0x62, 0x41, 0x35, 0xc8, 0xd8, + 0x08, 0x8b, 0x1a, 0x56, 0x34, 0x83, 0xb0, 0x2a, 0xe2, 0x85, 0x29, 0x52, 0xe4, 0xe2, 0x74, 0xca, + 0xcf, 0xcf, 0xc1, 0xa2, 0x84, 0x03, 0xc9, 0x9c, 0xe0, 0x92, 0xa2, 0xcc, 0xbc, 0x74, 0x2c, 0x8a, + 0x38, 0x91, 0x1c, 0xe4, 0x54, 0x59, 0x92, 0x5a, 0x8c, 0x45, 0x0d, 0x0f, 0x54, 0x8d, 0x53, 0x3b, + 0xe3, 0x8d, 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xfe, 0x78, 0x28, 0xc7, 0xd8, 0xf0, 0x48, + 0x8e, 0x71, 0xc5, 0x23, 0x39, 0xc6, 0x13, 0x8f, 0xe4, 0x18, 0x2f, 0x3c, 0x92, 0x63, 0x7c, 0xf0, + 0x48, 0x8e, 0xf1, 0xc5, 0x23, 0x39, 0x86, 0x0f, 0x20, 0xf1, 0xc7, 0x72, 0x8c, 0x27, 0x1e, 0xcb, + 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, 0x45, 0x87, 0x13, 0x6f, 0x38, 0x34, 0xbe, 0x02, + 0x40, 0x22, 0x01, 0x8c, 0x51, 0xac, 0x25, 0x95, 0x05, 0xa9, 0xc5, 0x3f, 0x18, 0x19, 0x17, 0x31, + 0x31, 0xbb, 0x07, 0x38, 0xad, 0x62, 0x92, 0x73, 0x87, 0x68, 0x09, 0x80, 0x6a, 0xd1, 0x0b, 0x4f, + 0xcd, 0xc9, 0xf1, 0xce, 0xcb, 0x2f, 0xcf, 0x0b, 0x01, 0xa9, 0x4c, 0x62, 0x03, 0x9b, 0x65, 0x0c, + 0x08, 0x00, 0x00, 0xff, 0xff, 0x31, 0x55, 0x64, 0x90, 0x0a, 0x02, 0x00, 0x00, +} + +func (this *DoubleValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*DoubleValue) + if !ok { + that2, ok := that.(DoubleValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *FloatValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*FloatValue) + if !ok { + that2, ok := that.(FloatValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Int64Value) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Int64Value) + if !ok { + that2, ok := that.(Int64Value) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *UInt64Value) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*UInt64Value) + if !ok { + that2, ok := that.(UInt64Value) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *Int32Value) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*Int32Value) + if !ok { + that2, ok := that.(Int32Value) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *UInt32Value) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*UInt32Value) + if !ok { + that2, ok := that.(UInt32Value) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *BoolValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*BoolValue) + if !ok { + that2, ok := that.(BoolValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if !this.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *StringValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*StringValue) + if !ok { + that2, ok := that.(StringValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if this.Value != that1.Value { + if this.Value < that1.Value { + return -1 + } + return 1 + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *BytesValue) Compare(that interface{}) int { + if that == nil { + if this == nil { + return 0 + } + return 1 + } + + that1, ok := that.(*BytesValue) + if !ok { + that2, ok := that.(BytesValue) + if ok { + that1 = &that2 + } else { + return 1 + } + } + if that1 == nil { + if this == nil { + return 0 + } + return 1 + } else if this == nil { + return -1 + } + if c := bytes.Compare(this.Value, that1.Value); c != 0 { + return c + } + if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { + return c + } + return 0 +} +func (this *DoubleValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*DoubleValue) + if !ok { + that2, ok := that.(DoubleValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *FloatValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*FloatValue) + if !ok { + that2, ok := that.(FloatValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Int64Value) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Int64Value) + if !ok { + that2, ok := that.(Int64Value) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *UInt64Value) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*UInt64Value) + if !ok { + that2, ok := that.(UInt64Value) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *Int32Value) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*Int32Value) + if !ok { + that2, ok := that.(Int32Value) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *UInt32Value) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*UInt32Value) + if !ok { + that2, ok := that.(UInt32Value) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *BoolValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*BoolValue) + if !ok { + that2, ok := that.(BoolValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *StringValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*StringValue) + if !ok { + that2, ok := that.(StringValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if this.Value != that1.Value { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *BytesValue) Equal(that interface{}) bool { + if that == nil { + return this == nil + } + + that1, ok := that.(*BytesValue) + if !ok { + that2, ok := that.(BytesValue) + if ok { + that1 = &that2 + } else { + return false + } + } + if that1 == nil { + return this == nil + } else if this == nil { + return false + } + if !bytes.Equal(this.Value, that1.Value) { + return false + } + if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { + return false + } + return true +} +func (this *DoubleValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.DoubleValue{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *FloatValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.FloatValue{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Int64Value) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.Int64Value{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *UInt64Value) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.UInt64Value{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *Int32Value) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.Int32Value{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *UInt32Value) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.UInt32Value{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *BoolValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.BoolValue{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *StringValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.StringValue{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func (this *BytesValue) GoString() string { + if this == nil { + return "nil" + } + s := make([]string, 0, 5) + s = append(s, "&types.BytesValue{") + s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") + if this.XXX_unrecognized != nil { + s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") + } + s = append(s, "}") + return strings.Join(s, "") +} +func valueToGoStringWrappers(v interface{}, typ string) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) +} +func (m *DoubleValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *DoubleValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *DoubleValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i -= 8 + encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.Value)))) + i-- + dAtA[i] = 0x9 + } + return len(dAtA) - i, nil +} + +func (m *FloatValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *FloatValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *FloatValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i -= 4 + encoding_binary.LittleEndian.PutUint32(dAtA[i:], uint32(math.Float32bits(float32(m.Value)))) + i-- + dAtA[i] = 0xd + } + return len(dAtA) - i, nil +} + +func (m *Int64Value) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Int64Value) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Int64Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *UInt64Value) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *UInt64Value) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *UInt64Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *Int32Value) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Int32Value) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Int32Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *UInt32Value) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *UInt32Value) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *UInt32Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value != 0 { + i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *BoolValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *BoolValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *BoolValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if m.Value { + i-- + if m.Value { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x8 + } + return len(dAtA) - i, nil +} + +func (m *StringValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *StringValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *StringValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Value) > 0 { + i -= len(m.Value) + copy(dAtA[i:], m.Value) + i = encodeVarintWrappers(dAtA, i, uint64(len(m.Value))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *BytesValue) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *BytesValue) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *BytesValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } + if len(m.Value) > 0 { + i -= len(m.Value) + copy(dAtA[i:], m.Value) + i = encodeVarintWrappers(dAtA, i, uint64(len(m.Value))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func encodeVarintWrappers(dAtA []byte, offset int, v uint64) int { + offset -= sovWrappers(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ + } + dAtA[offset] = uint8(v) + return base +} +func NewPopulatedDoubleValue(r randyWrappers, easy bool) *DoubleValue { + this := &DoubleValue{} + this.Value = float64(r.Float64()) + if r.Intn(2) == 0 { + this.Value *= -1 + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedFloatValue(r randyWrappers, easy bool) *FloatValue { + this := &FloatValue{} + this.Value = float32(r.Float32()) + if r.Intn(2) == 0 { + this.Value *= -1 + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedInt64Value(r randyWrappers, easy bool) *Int64Value { + this := &Int64Value{} + this.Value = int64(r.Int63()) + if r.Intn(2) == 0 { + this.Value *= -1 + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedUInt64Value(r randyWrappers, easy bool) *UInt64Value { + this := &UInt64Value{} + this.Value = uint64(uint64(r.Uint32())) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedInt32Value(r randyWrappers, easy bool) *Int32Value { + this := &Int32Value{} + this.Value = int32(r.Int31()) + if r.Intn(2) == 0 { + this.Value *= -1 + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedUInt32Value(r randyWrappers, easy bool) *UInt32Value { + this := &UInt32Value{} + this.Value = uint32(r.Uint32()) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedBoolValue(r randyWrappers, easy bool) *BoolValue { + this := &BoolValue{} + this.Value = bool(bool(r.Intn(2) == 0)) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedStringValue(r randyWrappers, easy bool) *StringValue { + this := &StringValue{} + this.Value = string(randStringWrappers(r)) + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +func NewPopulatedBytesValue(r randyWrappers, easy bool) *BytesValue { + this := &BytesValue{} + v1 := r.Intn(100) + this.Value = make([]byte, v1) + for i := 0; i < v1; i++ { + this.Value[i] = byte(r.Intn(256)) + } + if !easy && r.Intn(10) != 0 { + this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) + } + return this +} + +type randyWrappers interface { + Float32() float32 + Float64() float64 + Int63() int64 + Int31() int32 + Uint32() uint32 + Intn(n int) int +} + +func randUTF8RuneWrappers(r randyWrappers) rune { + ru := r.Intn(62) + if ru < 10 { + return rune(ru + 48) + } else if ru < 36 { + return rune(ru + 55) + } + return rune(ru + 61) +} +func randStringWrappers(r randyWrappers) string { + v2 := r.Intn(100) + tmps := make([]rune, v2) + for i := 0; i < v2; i++ { + tmps[i] = randUTF8RuneWrappers(r) + } + return string(tmps) +} +func randUnrecognizedWrappers(r randyWrappers, maxFieldNumber int) (dAtA []byte) { + l := r.Intn(5) + for i := 0; i < l; i++ { + wire := r.Intn(4) + if wire == 3 { + wire = 5 + } + fieldNumber := maxFieldNumber + r.Intn(100) + dAtA = randFieldWrappers(dAtA, r, fieldNumber, wire) + } + return dAtA +} +func randFieldWrappers(dAtA []byte, r randyWrappers, fieldNumber int, wire int) []byte { + key := uint32(fieldNumber)<<3 | uint32(wire) + switch wire { + case 0: + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) + v3 := r.Int63() + if r.Intn(2) == 0 { + v3 *= -1 + } + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(v3)) + case 1: + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + case 2: + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) + ll := r.Intn(100) + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(ll)) + for j := 0; j < ll; j++ { + dAtA = append(dAtA, byte(r.Intn(256))) + } + default: + dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) + dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) + } + return dAtA +} +func encodeVarintPopulateWrappers(dAtA []byte, v uint64) []byte { + for v >= 1<<7 { + dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) + v >>= 7 + } + dAtA = append(dAtA, uint8(v)) + return dAtA +} +func (m *DoubleValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 9 + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *FloatValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 5 + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Int64Value) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 1 + sovWrappers(uint64(m.Value)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *UInt64Value) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 1 + sovWrappers(uint64(m.Value)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *Int32Value) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 1 + sovWrappers(uint64(m.Value)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *UInt32Value) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value != 0 { + n += 1 + sovWrappers(uint64(m.Value)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *BoolValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if m.Value { + n += 2 + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *StringValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Value) + if l > 0 { + n += 1 + l + sovWrappers(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func (m *BytesValue) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Value) + if l > 0 { + n += 1 + l + sovWrappers(uint64(l)) + } + if m.XXX_unrecognized != nil { + n += len(m.XXX_unrecognized) + } + return n +} + +func sovWrappers(x uint64) (n int) { + return (math_bits.Len64(x|1) + 6) / 7 +} +func sozWrappers(x uint64) (n int) { + return sovWrappers(uint64((x << 1) ^ uint64((int64(x) >> 63)))) +} +func (this *DoubleValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&DoubleValue{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *FloatValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&FloatValue{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Int64Value) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Int64Value{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *UInt64Value) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&UInt64Value{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *Int32Value) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&Int32Value{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *UInt32Value) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&UInt32Value{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *BoolValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&BoolValue{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *StringValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&StringValue{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func (this *BytesValue) String() string { + if this == nil { + return "nil" + } + s := strings.Join([]string{`&BytesValue{`, + `Value:` + fmt.Sprintf("%v", this.Value) + `,`, + `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, + `}`, + }, "") + return s +} +func valueToStringWrappers(v interface{}) string { + rv := reflect.ValueOf(v) + if rv.IsNil() { + return "nil" + } + pv := reflect.Indirect(rv).Interface() + return fmt.Sprintf("*%v", pv) +} +func (m *DoubleValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: DoubleValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: DoubleValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 1 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var v uint64 + if (iNdEx + 8) > l { + return io.ErrUnexpectedEOF + } + v = uint64(encoding_binary.LittleEndian.Uint64(dAtA[iNdEx:])) + iNdEx += 8 + m.Value = float64(math.Float64frombits(v)) + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *FloatValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: FloatValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: FloatValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 5 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var v uint32 + if (iNdEx + 4) > l { + return io.ErrUnexpectedEOF + } + v = uint32(encoding_binary.LittleEndian.Uint32(dAtA[iNdEx:])) + iNdEx += 4 + m.Value = float32(math.Float32frombits(v)) + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Int64Value) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Int64Value: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Int64Value: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + m.Value = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Value |= int64(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *UInt64Value) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: UInt64Value: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: UInt64Value: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + m.Value = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Value |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *Int32Value) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Int32Value: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Int32Value: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + m.Value = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Value |= int32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *UInt32Value) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: UInt32Value: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: UInt32Value: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + m.Value = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Value |= uint32(b&0x7F) << shift + if b < 0x80 { + break + } + } + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *BoolValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: BoolValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: BoolValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.Value = bool(v != 0) + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *StringValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: StringValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: StringValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthWrappers + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthWrappers + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Value = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *BytesValue) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: BytesValue: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: BytesValue: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowWrappers + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthWrappers + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthWrappers + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...) + if m.Value == nil { + m.Value = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipWrappers(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthWrappers + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func skipWrappers(dAtA []byte) (n int, err error) { + l := len(dAtA) + iNdEx := 0 + depth := 0 + for iNdEx < l { + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWrappers + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + wireType := int(wire & 0x7) + switch wireType { + case 0: + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWrappers + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + iNdEx++ + if dAtA[iNdEx-1] < 0x80 { + break + } + } + case 1: + iNdEx += 8 + case 2: + var length int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return 0, ErrIntOverflowWrappers + } + if iNdEx >= l { + return 0, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + length |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if length < 0 { + return 0, ErrInvalidLengthWrappers + } + iNdEx += length + case 3: + depth++ + case 4: + if depth == 0 { + return 0, ErrUnexpectedEndOfGroupWrappers + } + depth-- + case 5: + iNdEx += 4 + default: + return 0, fmt.Errorf("proto: illegal wireType %d", wireType) + } + if iNdEx < 0 { + return 0, ErrInvalidLengthWrappers + } + if depth == 0 { + return iNdEx, nil + } + } + return 0, io.ErrUnexpectedEOF +} + +var ( + ErrInvalidLengthWrappers = fmt.Errorf("proto: negative length found during unmarshaling") + ErrIntOverflowWrappers = fmt.Errorf("proto: integer overflow") + ErrUnexpectedEndOfGroupWrappers = fmt.Errorf("proto: unexpected end of group") +) diff --git a/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go b/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go new file mode 100644 index 000000000000..d905df36055d --- /dev/null +++ b/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go @@ -0,0 +1,300 @@ +// Protocol Buffers for Go with Gadgets +// +// Copyright (c) 2018, The GoGo Authors. All rights reserved. +// http://github.com/gogo/protobuf +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following disclaimer +// in the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +package types + +func NewPopulatedStdDouble(r randyWrappers, easy bool) *float64 { + v := NewPopulatedDoubleValue(r, easy) + return &v.Value +} + +func SizeOfStdDouble(v float64) int { + pv := &DoubleValue{Value: v} + return pv.Size() +} + +func StdDoubleMarshal(v float64) ([]byte, error) { + size := SizeOfStdDouble(v) + buf := make([]byte, size) + _, err := StdDoubleMarshalTo(v, buf) + return buf, err +} + +func StdDoubleMarshalTo(v float64, data []byte) (int, error) { + pv := &DoubleValue{Value: v} + return pv.MarshalTo(data) +} + +func StdDoubleUnmarshal(v *float64, data []byte) error { + pv := &DoubleValue{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdFloat(r randyWrappers, easy bool) *float32 { + v := NewPopulatedFloatValue(r, easy) + return &v.Value +} + +func SizeOfStdFloat(v float32) int { + pv := &FloatValue{Value: v} + return pv.Size() +} + +func StdFloatMarshal(v float32) ([]byte, error) { + size := SizeOfStdFloat(v) + buf := make([]byte, size) + _, err := StdFloatMarshalTo(v, buf) + return buf, err +} + +func StdFloatMarshalTo(v float32, data []byte) (int, error) { + pv := &FloatValue{Value: v} + return pv.MarshalTo(data) +} + +func StdFloatUnmarshal(v *float32, data []byte) error { + pv := &FloatValue{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdInt64(r randyWrappers, easy bool) *int64 { + v := NewPopulatedInt64Value(r, easy) + return &v.Value +} + +func SizeOfStdInt64(v int64) int { + pv := &Int64Value{Value: v} + return pv.Size() +} + +func StdInt64Marshal(v int64) ([]byte, error) { + size := SizeOfStdInt64(v) + buf := make([]byte, size) + _, err := StdInt64MarshalTo(v, buf) + return buf, err +} + +func StdInt64MarshalTo(v int64, data []byte) (int, error) { + pv := &Int64Value{Value: v} + return pv.MarshalTo(data) +} + +func StdInt64Unmarshal(v *int64, data []byte) error { + pv := &Int64Value{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdUInt64(r randyWrappers, easy bool) *uint64 { + v := NewPopulatedUInt64Value(r, easy) + return &v.Value +} + +func SizeOfStdUInt64(v uint64) int { + pv := &UInt64Value{Value: v} + return pv.Size() +} + +func StdUInt64Marshal(v uint64) ([]byte, error) { + size := SizeOfStdUInt64(v) + buf := make([]byte, size) + _, err := StdUInt64MarshalTo(v, buf) + return buf, err +} + +func StdUInt64MarshalTo(v uint64, data []byte) (int, error) { + pv := &UInt64Value{Value: v} + return pv.MarshalTo(data) +} + +func StdUInt64Unmarshal(v *uint64, data []byte) error { + pv := &UInt64Value{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdInt32(r randyWrappers, easy bool) *int32 { + v := NewPopulatedInt32Value(r, easy) + return &v.Value +} + +func SizeOfStdInt32(v int32) int { + pv := &Int32Value{Value: v} + return pv.Size() +} + +func StdInt32Marshal(v int32) ([]byte, error) { + size := SizeOfStdInt32(v) + buf := make([]byte, size) + _, err := StdInt32MarshalTo(v, buf) + return buf, err +} + +func StdInt32MarshalTo(v int32, data []byte) (int, error) { + pv := &Int32Value{Value: v} + return pv.MarshalTo(data) +} + +func StdInt32Unmarshal(v *int32, data []byte) error { + pv := &Int32Value{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdUInt32(r randyWrappers, easy bool) *uint32 { + v := NewPopulatedUInt32Value(r, easy) + return &v.Value +} + +func SizeOfStdUInt32(v uint32) int { + pv := &UInt32Value{Value: v} + return pv.Size() +} + +func StdUInt32Marshal(v uint32) ([]byte, error) { + size := SizeOfStdUInt32(v) + buf := make([]byte, size) + _, err := StdUInt32MarshalTo(v, buf) + return buf, err +} + +func StdUInt32MarshalTo(v uint32, data []byte) (int, error) { + pv := &UInt32Value{Value: v} + return pv.MarshalTo(data) +} + +func StdUInt32Unmarshal(v *uint32, data []byte) error { + pv := &UInt32Value{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdBool(r randyWrappers, easy bool) *bool { + v := NewPopulatedBoolValue(r, easy) + return &v.Value +} + +func SizeOfStdBool(v bool) int { + pv := &BoolValue{Value: v} + return pv.Size() +} + +func StdBoolMarshal(v bool) ([]byte, error) { + size := SizeOfStdBool(v) + buf := make([]byte, size) + _, err := StdBoolMarshalTo(v, buf) + return buf, err +} + +func StdBoolMarshalTo(v bool, data []byte) (int, error) { + pv := &BoolValue{Value: v} + return pv.MarshalTo(data) +} + +func StdBoolUnmarshal(v *bool, data []byte) error { + pv := &BoolValue{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdString(r randyWrappers, easy bool) *string { + v := NewPopulatedStringValue(r, easy) + return &v.Value +} + +func SizeOfStdString(v string) int { + pv := &StringValue{Value: v} + return pv.Size() +} + +func StdStringMarshal(v string) ([]byte, error) { + size := SizeOfStdString(v) + buf := make([]byte, size) + _, err := StdStringMarshalTo(v, buf) + return buf, err +} + +func StdStringMarshalTo(v string, data []byte) (int, error) { + pv := &StringValue{Value: v} + return pv.MarshalTo(data) +} + +func StdStringUnmarshal(v *string, data []byte) error { + pv := &StringValue{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} +func NewPopulatedStdBytes(r randyWrappers, easy bool) *[]byte { + v := NewPopulatedBytesValue(r, easy) + return &v.Value +} + +func SizeOfStdBytes(v []byte) int { + pv := &BytesValue{Value: v} + return pv.Size() +} + +func StdBytesMarshal(v []byte) ([]byte, error) { + size := SizeOfStdBytes(v) + buf := make([]byte, size) + _, err := StdBytesMarshalTo(v, buf) + return buf, err +} + +func StdBytesMarshalTo(v []byte, data []byte) (int, error) { + pv := &BytesValue{Value: v} + return pv.MarshalTo(data) +} + +func StdBytesUnmarshal(v *[]byte, data []byte) error { + pv := &BytesValue{} + if err := pv.Unmarshal(data); err != nil { + return err + } + *v = pv.Value + return nil +} diff --git a/vendor/github.com/moby/buildkit/AUTHORS b/vendor/github.com/moby/buildkit/AUTHORS new file mode 100644 index 000000000000..c1dce65586b2 --- /dev/null +++ b/vendor/github.com/moby/buildkit/AUTHORS @@ -0,0 +1,66 @@ +# This file lists all individuals having contributed content to the repository. +# For how it is generated, see `scripts/generate-authors.sh`. + +Aaron L. Xu +Aaron Lehmann +Akihiro Suda +Alexander Morozov +Alice Frosi +Allen Sun +Anda Xu +Anthony Sottile +Arnaud Bailly +Bin Liu +Brian Goff +Daniel Nephin +Dave Chen +David Calavera +Dennis Chen +Derek McGowan +Doug Davis +Edgar Lee +Eli Uriegas +f0 +Fernando Miguel +Hao Hu +Helen Xie +Himanshu Pandey +Hiromu Nakamura +Ian Campbell +Iskander (Alex) Sharipov +Jean-Pierre Huynh +Jessica Frazelle +John Howard +Jonathan Stoppani +Justas Brazauskas +Justin Cormack +Kunal Kushwaha +Lajos Papp +Matt Rickard +Michael Crosby +Miyachi Katsuya +Nao YONASHIRO +Natasha Jarus +Noel Georgi <18496730+frezbo@users.noreply.github.com> +Ondrej Fabry +Patrick Van Stee +Ri Xu +Sebastiaan van Stijn +Shev Yan +Simon Ferquel +Stefan Weil +Thomas Leonard +Thomas Shaw +Tibor Vass +Tiffany Jernigan +Tino Rusch +Tobias Klauser +Tomas Tomecek +Tomohiro Kusumoto +Tõnis Tiigi +Vincent Demeester +Wei Fu +Yong Tang +Yuichiro Kaneko +Ziv Tsarfati +郑泽宇 diff --git a/vendor/github.com/moby/buildkit/LICENSE b/vendor/github.com/moby/buildkit/LICENSE new file mode 100644 index 000000000000..261eeb9e9f8b --- /dev/null +++ b/vendor/github.com/moby/buildkit/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/command/command.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/command/command.go new file mode 100644 index 000000000000..f23c6874b55e --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/command/command.go @@ -0,0 +1,46 @@ +// Package command contains the set of Dockerfile commands. +package command + +// Define constants for the command strings +const ( + Add = "add" + Arg = "arg" + Cmd = "cmd" + Copy = "copy" + Entrypoint = "entrypoint" + Env = "env" + Expose = "expose" + From = "from" + Healthcheck = "healthcheck" + Label = "label" + Maintainer = "maintainer" + Onbuild = "onbuild" + Run = "run" + Shell = "shell" + StopSignal = "stopsignal" + User = "user" + Volume = "volume" + Workdir = "workdir" +) + +// Commands is list of all Dockerfile commands +var Commands = map[string]struct{}{ + Add: {}, + Arg: {}, + Cmd: {}, + Copy: {}, + Entrypoint: {}, + Env: {}, + Expose: {}, + From: {}, + Healthcheck: {}, + Label: {}, + Maintainer: {}, + Onbuild: {}, + Run: {}, + Shell: {}, + StopSignal: {}, + User: {}, + Volume: {}, + Workdir: {}, +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go new file mode 100644 index 000000000000..9f28a5a2e15f --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go @@ -0,0 +1,58 @@ +package parser + +import ( + "github.com/moby/buildkit/util/stack" + "github.com/pkg/errors" +) + +// ErrorLocation gives a location in source code that caused the error +type ErrorLocation struct { + Location []Range + error +} + +// Unwrap unwraps to the next error +func (e *ErrorLocation) Unwrap() error { + return e.error +} + +// Range is a code section between two positions +type Range struct { + Start Position + End Position +} + +// Position is a point in source code +type Position struct { + Line int + Character int +} + +func withLocation(err error, start, end int) error { + return WithLocation(err, toRanges(start, end)) +} + +// WithLocation extends an error with a source code location +func WithLocation(err error, location []Range) error { + if err == nil { + return nil + } + var el *ErrorLocation + if errors.As(err, &el) { + return err + } + return stack.Enable(&ErrorLocation{ + error: err, + Location: location, + }) +} + +func toRanges(start, end int) (r []Range) { + if end <= start { + end = start + } + for i := start; i <= end; i++ { + r = append(r, Range{Start: Position{Line: i}, End: Position{Line: i}}) + } + return +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go new file mode 100644 index 000000000000..c0d0a55d1224 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go @@ -0,0 +1,369 @@ +package parser + +// line parsers are dispatch calls that parse a single unit of text into a +// Node object which contains the whole statement. Dockerfiles have varied +// (but not usually unique, see ONBUILD for a unique example) parsing rules +// per-command, and these unify the processing in a way that makes it +// manageable. + +import ( + "encoding/json" + "fmt" + "strings" + "unicode" + "unicode/utf8" + + "github.com/pkg/errors" +) + +var ( + errDockerfileNotStringArray = errors.New("when using JSON array syntax, arrays must be comprised of strings only") +) + +const ( + commandLabel = "LABEL" +) + +// ignore the current argument. This will still leave a command parsed, but +// will not incorporate the arguments into the ast. +func parseIgnore(rest string, d *directives) (*Node, map[string]bool, error) { + return &Node{}, nil, nil +} + +// used for onbuild. Could potentially be used for anything that represents a +// statement with sub-statements. +// +// ONBUILD RUN foo bar -> (onbuild (run foo bar)) +// +func parseSubCommand(rest string, d *directives) (*Node, map[string]bool, error) { + if rest == "" { + return nil, nil, nil + } + + child, err := newNodeFromLine(rest, d, nil) + if err != nil { + return nil, nil, err + } + + return &Node{Children: []*Node{child}}, nil, nil +} + +// helper to parse words (i.e space delimited or quoted strings) in a statement. +// The quotes are preserved as part of this function and they are stripped later +// as part of processWords(). +func parseWords(rest string, d *directives) []string { + const ( + inSpaces = iota // looking for start of a word + inWord + inQuote + ) + + words := []string{} + phase := inSpaces + word := "" + quote := '\000' + blankOK := false + var ch rune + var chWidth int + + for pos := 0; pos <= len(rest); pos += chWidth { + if pos != len(rest) { + ch, chWidth = utf8.DecodeRuneInString(rest[pos:]) + } + + if phase == inSpaces { // Looking for start of word + if pos == len(rest) { // end of input + break + } + if unicode.IsSpace(ch) { // skip spaces + continue + } + phase = inWord // found it, fall through + } + if (phase == inWord || phase == inQuote) && (pos == len(rest)) { + if blankOK || len(word) > 0 { + words = append(words, word) + } + break + } + if phase == inWord { + if unicode.IsSpace(ch) { + phase = inSpaces + if blankOK || len(word) > 0 { + words = append(words, word) + } + word = "" + blankOK = false + continue + } + if ch == '\'' || ch == '"' { + quote = ch + blankOK = true + phase = inQuote + } + if ch == d.escapeToken { + if pos+chWidth == len(rest) { + continue // just skip an escape token at end of line + } + // If we're not quoted and we see an escape token, then always just + // add the escape token plus the char to the word, even if the char + // is a quote. + word += string(ch) + pos += chWidth + ch, chWidth = utf8.DecodeRuneInString(rest[pos:]) + } + word += string(ch) + continue + } + if phase == inQuote { + if ch == quote { + phase = inWord + } + // The escape token is special except for ' quotes - can't escape anything for ' + if ch == d.escapeToken && quote != '\'' { + if pos+chWidth == len(rest) { + phase = inWord + continue // just skip the escape token at end + } + pos += chWidth + word += string(ch) + ch, chWidth = utf8.DecodeRuneInString(rest[pos:]) + } + word += string(ch) + } + } + + return words +} + +// parse environment like statements. Note that this does *not* handle +// variable interpolation, which will be handled in the evaluator. +func parseNameVal(rest string, key string, d *directives) (*Node, error) { + // This is kind of tricky because we need to support the old + // variant: KEY name value + // as well as the new one: KEY name=value ... + // The trigger to know which one is being used will be whether we hit + // a space or = first. space ==> old, "=" ==> new + + words := parseWords(rest, d) + if len(words) == 0 { + return nil, nil + } + + // Old format (KEY name value) + if !strings.Contains(words[0], "=") { + parts := reWhitespace.Split(rest, 2) + if len(parts) < 2 { + return nil, fmt.Errorf(key + " must have two arguments") + } + return newKeyValueNode(parts[0], parts[1]), nil + } + + var rootNode *Node + var prevNode *Node + for _, word := range words { + if !strings.Contains(word, "=") { + return nil, fmt.Errorf("Syntax error - can't find = in %q. Must be of the form: name=value", word) + } + + parts := strings.SplitN(word, "=", 2) + node := newKeyValueNode(parts[0], parts[1]) + rootNode, prevNode = appendKeyValueNode(node, rootNode, prevNode) + } + + return rootNode, nil +} + +func newKeyValueNode(key, value string) *Node { + return &Node{ + Value: key, + Next: &Node{Value: value}, + } +} + +func appendKeyValueNode(node, rootNode, prevNode *Node) (*Node, *Node) { + if rootNode == nil { + rootNode = node + } + if prevNode != nil { + prevNode.Next = node + } + + prevNode = node.Next + return rootNode, prevNode +} + +func parseEnv(rest string, d *directives) (*Node, map[string]bool, error) { + node, err := parseNameVal(rest, "ENV", d) + return node, nil, err +} + +func parseLabel(rest string, d *directives) (*Node, map[string]bool, error) { + node, err := parseNameVal(rest, commandLabel, d) + return node, nil, err +} + +// parses a statement containing one or more keyword definition(s) and/or +// value assignments, like `name1 name2= name3="" name4=value`. +// Note that this is a stricter format than the old format of assignment, +// allowed by parseNameVal(), in a way that this only allows assignment of the +// form `keyword=[]` like `name2=`, `name3=""`, and `name4=value` above. +// In addition, a keyword definition alone is of the form `keyword` like `name1` +// above. And the assignments `name2=` and `name3=""` are equivalent and +// assign an empty value to the respective keywords. +func parseNameOrNameVal(rest string, d *directives) (*Node, map[string]bool, error) { + words := parseWords(rest, d) + if len(words) == 0 { + return nil, nil, nil + } + + var ( + rootnode *Node + prevNode *Node + ) + for i, word := range words { + node := &Node{} + node.Value = word + if i == 0 { + rootnode = node + } else { + prevNode.Next = node + } + prevNode = node + } + + return rootnode, nil, nil +} + +// parses a whitespace-delimited set of arguments. The result is effectively a +// linked list of string arguments. +func parseStringsWhitespaceDelimited(rest string, d *directives) (*Node, map[string]bool, error) { + if rest == "" { + return nil, nil, nil + } + + node := &Node{} + rootnode := node + prevnode := node + for _, str := range reWhitespace.Split(rest, -1) { // use regexp + prevnode = node + node.Value = str + node.Next = &Node{} + node = node.Next + } + + // XXX to get around regexp.Split *always* providing an empty string at the + // end due to how our loop is constructed, nil out the last node in the + // chain. + prevnode.Next = nil + + return rootnode, nil, nil +} + +// parseString just wraps the string in quotes and returns a working node. +func parseString(rest string, d *directives) (*Node, map[string]bool, error) { + if rest == "" { + return nil, nil, nil + } + n := &Node{} + n.Value = rest + return n, nil, nil +} + +// parseJSON converts JSON arrays to an AST. +func parseJSON(rest string, d *directives) (*Node, map[string]bool, error) { + rest = strings.TrimLeftFunc(rest, unicode.IsSpace) + if !strings.HasPrefix(rest, "[") { + return nil, nil, fmt.Errorf(`Error parsing "%s" as a JSON array`, rest) + } + + var myJSON []interface{} + if err := json.NewDecoder(strings.NewReader(rest)).Decode(&myJSON); err != nil { + return nil, nil, err + } + + var top, prev *Node + for _, str := range myJSON { + s, ok := str.(string) + if !ok { + return nil, nil, errDockerfileNotStringArray + } + + node := &Node{Value: s} + if prev == nil { + top = node + } else { + prev.Next = node + } + prev = node + } + + return top, map[string]bool{"json": true}, nil +} + +// parseMaybeJSON determines if the argument appears to be a JSON array. If +// so, passes to parseJSON; if not, quotes the result and returns a single +// node. +func parseMaybeJSON(rest string, d *directives) (*Node, map[string]bool, error) { + if rest == "" { + return nil, nil, nil + } + + node, attrs, err := parseJSON(rest, d) + + if err == nil { + return node, attrs, nil + } + if err == errDockerfileNotStringArray { + return nil, nil, err + } + + node = &Node{} + node.Value = rest + return node, nil, nil +} + +// parseMaybeJSONToList determines if the argument appears to be a JSON array. If +// so, passes to parseJSON; if not, attempts to parse it as a whitespace +// delimited string. +func parseMaybeJSONToList(rest string, d *directives) (*Node, map[string]bool, error) { + node, attrs, err := parseJSON(rest, d) + + if err == nil { + return node, attrs, nil + } + if err == errDockerfileNotStringArray { + return nil, nil, err + } + + return parseStringsWhitespaceDelimited(rest, d) +} + +// The HEALTHCHECK command is like parseMaybeJSON, but has an extra type argument. +func parseHealthConfig(rest string, d *directives) (*Node, map[string]bool, error) { + // Find end of first argument + var sep int + for ; sep < len(rest); sep++ { + if unicode.IsSpace(rune(rest[sep])) { + break + } + } + next := sep + for ; next < len(rest); next++ { + if !unicode.IsSpace(rune(rest[next])) { + break + } + } + + if sep == 0 { + return nil, nil, nil + } + + typ := rest[:sep] + cmd, attrs, err := parseMaybeJSON(rest[next:], d) + if err != nil { + return nil, nil, err + } + + return &Node{Value: typ, Next: cmd}, attrs, err +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go new file mode 100644 index 000000000000..53165e0a481d --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go @@ -0,0 +1,573 @@ +// Package parser implements a parser and parse tree dumper for Dockerfiles. +package parser + +import ( + "bufio" + "bytes" + "fmt" + "io" + "regexp" + "strconv" + "strings" + "unicode" + + "github.com/moby/buildkit/frontend/dockerfile/command" + "github.com/moby/buildkit/frontend/dockerfile/shell" + "github.com/pkg/errors" +) + +// Node is a structure used to represent a parse tree. +// +// In the node there are three fields, Value, Next, and Children. Value is the +// current token's string value. Next is always the next non-child token, and +// children contains all the children. Here's an example: +// +// (value next (child child-next child-next-next) next-next) +// +// This data structure is frankly pretty lousy for handling complex languages, +// but lucky for us the Dockerfile isn't very complicated. This structure +// works a little more effectively than a "proper" parse tree for our needs. +// +type Node struct { + Value string // actual content + Next *Node // the next item in the current sexp + Children []*Node // the children of this sexp + Heredocs []Heredoc // extra heredoc content attachments + Attributes map[string]bool // special attributes for this node + Original string // original line used before parsing + Flags []string // only top Node should have this set + StartLine int // the line in the original dockerfile where the node begins + EndLine int // the line in the original dockerfile where the node ends + PrevComment []string +} + +// Location return the location of node in source code +func (node *Node) Location() []Range { + return toRanges(node.StartLine, node.EndLine) +} + +// Dump dumps the AST defined by `node` as a list of sexps. +// Returns a string suitable for printing. +func (node *Node) Dump() string { + str := "" + str += strings.ToLower(node.Value) + + if len(node.Flags) > 0 { + str += fmt.Sprintf(" %q", node.Flags) + } + + for _, n := range node.Children { + str += "(" + n.Dump() + ")\n" + } + + for n := node.Next; n != nil; n = n.Next { + if len(n.Children) > 0 { + str += " " + n.Dump() + } else { + str += " " + strconv.Quote(n.Value) + } + } + + return strings.TrimSpace(str) +} + +func (node *Node) lines(start, end int) { + node.StartLine = start + node.EndLine = end +} + +func (node *Node) canContainHeredoc() bool { + // check for compound commands, like ONBUILD + if ok := heredocCompoundDirectives[strings.ToLower(node.Value)]; ok { + if node.Next != nil && len(node.Next.Children) > 0 { + node = node.Next.Children[0] + } + } + + if ok := heredocDirectives[strings.ToLower(node.Value)]; !ok { + return false + } + if isJSON := node.Attributes["json"]; isJSON { + return false + } + + return true +} + +// AddChild adds a new child node, and updates line information +func (node *Node) AddChild(child *Node, startLine, endLine int) { + child.lines(startLine, endLine) + if node.StartLine < 0 { + node.StartLine = startLine + } + node.EndLine = endLine + node.Children = append(node.Children, child) +} + +type Heredoc struct { + Name string + FileDescriptor uint + Expand bool + Chomp bool + Content string +} + +var ( + dispatch map[string]func(string, *directives) (*Node, map[string]bool, error) + reWhitespace = regexp.MustCompile(`[\t\v\f\r ]+`) + reDirectives = regexp.MustCompile(`^#\s*([a-zA-Z][a-zA-Z0-9]*)\s*=\s*(.+?)\s*$`) + reComment = regexp.MustCompile(`^#.*$`) + reHeredoc = regexp.MustCompile(`^(\d*)<<(-?)([^<]*)$`) + reLeadingTabs = regexp.MustCompile(`(?m)^\t+`) +) + +// DefaultEscapeToken is the default escape token +const DefaultEscapeToken = '\\' + +var validDirectives = map[string]struct{}{ + "escape": {}, + "syntax": {}, +} + +var ( + // Directives allowed to contain heredocs + heredocDirectives = map[string]bool{ + command.Add: true, + command.Copy: true, + command.Run: true, + } + + // Directives allowed to contain directives containing heredocs + heredocCompoundDirectives = map[string]bool{ + command.Onbuild: true, + } +) + +// directive is the structure used during a build run to hold the state of +// parsing directives. +type directives struct { + escapeToken rune // Current escape token + lineContinuationRegex *regexp.Regexp // Current line continuation regex + done bool // Whether we are done looking for directives + seen map[string]struct{} // Whether the escape directive has been seen +} + +// setEscapeToken sets the default token for escaping characters and as line- +// continuation token in a Dockerfile. Only ` (backtick) and \ (backslash) are +// allowed as token. +func (d *directives) setEscapeToken(s string) error { + if s != "`" && s != `\` { + return errors.Errorf("invalid escape token '%s' does not match ` or \\", s) + } + d.escapeToken = rune(s[0]) + // The escape token is used both to escape characters in a line and as line + // continuation token. If it's the last non-whitespace token, it is used as + // line-continuation token, *unless* preceded by an escape-token. + // + // The second branch in the regular expression handles line-continuation + // tokens on their own line, which don't have any character preceding them. + // + // Due to Go lacking negative look-ahead matching, this regular expression + // does not currently handle a line-continuation token preceded by an *escaped* + // escape-token ("foo \\\"). + d.lineContinuationRegex = regexp.MustCompile(`([^\` + s + `])\` + s + `[ \t]*$|^\` + s + `[ \t]*$`) + return nil +} + +// possibleParserDirective looks for parser directives, eg '# escapeToken='. +// Parser directives must precede any builder instruction or other comments, +// and cannot be repeated. +func (d *directives) possibleParserDirective(line string) error { + if d.done { + return nil + } + + match := reDirectives.FindStringSubmatch(line) + if len(match) == 0 { + d.done = true + return nil + } + + k := strings.ToLower(match[1]) + _, ok := validDirectives[k] + if !ok { + d.done = true + return nil + } + + if _, ok := d.seen[k]; ok { + return errors.Errorf("only one %s parser directive can be used", k) + } + d.seen[k] = struct{}{} + + if k == "escape" { + return d.setEscapeToken(match[2]) + } + + return nil +} + +// newDefaultDirectives returns a new directives structure with the default escapeToken token +func newDefaultDirectives() *directives { + d := &directives{ + seen: map[string]struct{}{}, + } + d.setEscapeToken(string(DefaultEscapeToken)) + return d +} + +func init() { + // Dispatch Table. see line_parsers.go for the parse functions. + // The command is parsed and mapped to the line parser. The line parser + // receives the arguments but not the command, and returns an AST after + // reformulating the arguments according to the rules in the parser + // functions. Errors are propagated up by Parse() and the resulting AST can + // be incorporated directly into the existing AST as a next. + dispatch = map[string]func(string, *directives) (*Node, map[string]bool, error){ + command.Add: parseMaybeJSONToList, + command.Arg: parseNameOrNameVal, + command.Cmd: parseMaybeJSON, + command.Copy: parseMaybeJSONToList, + command.Entrypoint: parseMaybeJSON, + command.Env: parseEnv, + command.Expose: parseStringsWhitespaceDelimited, + command.From: parseStringsWhitespaceDelimited, + command.Healthcheck: parseHealthConfig, + command.Label: parseLabel, + command.Maintainer: parseString, + command.Onbuild: parseSubCommand, + command.Run: parseMaybeJSON, + command.Shell: parseMaybeJSON, + command.StopSignal: parseString, + command.User: parseString, + command.Volume: parseMaybeJSONToList, + command.Workdir: parseString, + } +} + +// newNodeFromLine splits the line into parts, and dispatches to a function +// based on the command and command arguments. A Node is created from the +// result of the dispatch. +func newNodeFromLine(line string, d *directives, comments []string) (*Node, error) { + cmd, flags, args, err := splitCommand(line) + if err != nil { + return nil, err + } + + fn := dispatch[strings.ToLower(cmd)] + // Ignore invalid Dockerfile instructions + if fn == nil { + fn = parseIgnore + } + next, attrs, err := fn(args, d) + if err != nil { + return nil, err + } + + return &Node{ + Value: cmd, + Original: line, + Flags: flags, + Next: next, + Attributes: attrs, + PrevComment: comments, + }, nil +} + +// Result is the result of parsing a Dockerfile +type Result struct { + AST *Node + EscapeToken rune + Warnings []Warning +} + +type Warning struct { + Short string + Detail [][]byte + URL string + Location *Range +} + +// PrintWarnings to the writer +func (r *Result) PrintWarnings(out io.Writer) { + if len(r.Warnings) == 0 { + return + } + for _, w := range r.Warnings { + fmt.Fprintf(out, "[WARNING]: %s\n", w.Short) + } + if len(r.Warnings) > 0 { + fmt.Fprintf(out, "[WARNING]: Empty continuation lines will become errors in a future release.\n") + } +} + +// Parse reads lines from a Reader, parses the lines into an AST and returns +// the AST and escape token +func Parse(rwc io.Reader) (*Result, error) { + d := newDefaultDirectives() + currentLine := 0 + root := &Node{StartLine: -1} + scanner := bufio.NewScanner(rwc) + scanner.Split(scanLines) + warnings := []Warning{} + var comments []string + + var err error + for scanner.Scan() { + bytesRead := scanner.Bytes() + if currentLine == 0 { + // First line, strip the byte-order-marker if present + bytesRead = bytes.TrimPrefix(bytesRead, utf8bom) + } + if isComment(bytesRead) { + comment := strings.TrimSpace(string(bytesRead[1:])) + if comment == "" { + comments = nil + } else { + comments = append(comments, comment) + } + } + bytesRead, err = processLine(d, bytesRead, true) + if err != nil { + return nil, withLocation(err, currentLine, 0) + } + currentLine++ + + startLine := currentLine + line, isEndOfLine := trimContinuationCharacter(string(bytesRead), d) + if isEndOfLine && line == "" { + continue + } + + var hasEmptyContinuationLine bool + for !isEndOfLine && scanner.Scan() { + bytesRead, err := processLine(d, scanner.Bytes(), false) + if err != nil { + return nil, withLocation(err, currentLine, 0) + } + currentLine++ + + if isComment(scanner.Bytes()) { + // original line was a comment (processLine strips comments) + continue + } + if isEmptyContinuationLine(bytesRead) { + hasEmptyContinuationLine = true + continue + } + + continuationLine := string(bytesRead) + continuationLine, isEndOfLine = trimContinuationCharacter(continuationLine, d) + line += continuationLine + } + + if hasEmptyContinuationLine { + warnings = append(warnings, Warning{ + Short: "Empty continuation line found in: " + line, + Detail: [][]byte{[]byte("Empty continuation lines will become errors in a future release")}, + URL: "https://github.com/moby/moby/pull/33719", + Location: &Range{Start: Position{Line: currentLine}, End: Position{Line: currentLine}}, + }) + } + + child, err := newNodeFromLine(line, d, comments) + if err != nil { + return nil, withLocation(err, startLine, currentLine) + } + + if child.canContainHeredoc() { + heredocs, err := heredocsFromLine(line) + if err != nil { + return nil, withLocation(err, startLine, currentLine) + } + + for _, heredoc := range heredocs { + terminator := []byte(heredoc.Name) + terminated := false + for scanner.Scan() { + bytesRead := scanner.Bytes() + currentLine++ + + possibleTerminator := trimNewline(bytesRead) + if heredoc.Chomp { + possibleTerminator = trimLeadingTabs(possibleTerminator) + } + if bytes.Equal(possibleTerminator, terminator) { + terminated = true + break + } + heredoc.Content += string(bytesRead) + } + if !terminated { + return nil, withLocation(errors.New("unterminated heredoc"), startLine, currentLine) + } + + child.Heredocs = append(child.Heredocs, heredoc) + } + } + + root.AddChild(child, startLine, currentLine) + comments = nil + } + + if root.StartLine < 0 { + return nil, withLocation(errors.New("file with no instructions"), currentLine, 0) + } + + return &Result{ + AST: root, + Warnings: warnings, + EscapeToken: d.escapeToken, + }, withLocation(handleScannerError(scanner.Err()), currentLine, 0) +} + +// Extracts a heredoc from a possible heredoc regex match +func heredocFromMatch(match []string) (*Heredoc, error) { + if len(match) == 0 { + return nil, nil + } + + fd, _ := strconv.ParseUint(match[1], 10, 0) + chomp := match[2] == "-" + rest := match[3] + + if len(rest) == 0 { + return nil, nil + } + + shlex := shell.NewLex('\\') + shlex.SkipUnsetEnv = true + + // Attempt to parse both the heredoc both with *and* without quotes. + // If there are quotes in one but not the other, then we know that some + // part of the heredoc word is quoted, so we shouldn't expand the content. + shlex.RawQuotes = false + words, err := shlex.ProcessWords(rest, []string{}) + if err != nil { + return nil, err + } + // quick sanity check that rest is a single word + if len(words) != 1 { + return nil, nil + } + + shlex.RawQuotes = true + wordsRaw, err := shlex.ProcessWords(rest, []string{}) + if err != nil { + return nil, err + } + if len(wordsRaw) != len(words) { + return nil, fmt.Errorf("internal lexing of heredoc produced inconsistent results: %s", rest) + } + + word := words[0] + wordQuoteCount := strings.Count(word, `'`) + strings.Count(word, `"`) + wordRaw := wordsRaw[0] + wordRawQuoteCount := strings.Count(wordRaw, `'`) + strings.Count(wordRaw, `"`) + + expand := wordQuoteCount == wordRawQuoteCount + + return &Heredoc{ + Name: word, + Expand: expand, + Chomp: chomp, + FileDescriptor: uint(fd), + }, nil +} + +func ParseHeredoc(src string) (*Heredoc, error) { + return heredocFromMatch(reHeredoc.FindStringSubmatch(src)) +} +func MustParseHeredoc(src string) *Heredoc { + heredoc, _ := ParseHeredoc(src) + return heredoc +} + +func heredocsFromLine(line string) ([]Heredoc, error) { + shlex := shell.NewLex('\\') + shlex.RawQuotes = true + shlex.RawEscapes = true + shlex.SkipUnsetEnv = true + words, _ := shlex.ProcessWords(line, []string{}) + + var docs []Heredoc + for _, word := range words { + heredoc, err := ParseHeredoc(word) + if err != nil { + return nil, err + } + if heredoc != nil { + docs = append(docs, *heredoc) + } + } + return docs, nil +} + +func ChompHeredocContent(src string) string { + return reLeadingTabs.ReplaceAllString(src, "") +} + +func trimComments(src []byte) []byte { + return reComment.ReplaceAll(src, []byte{}) +} + +func trimLeadingWhitespace(src []byte) []byte { + return bytes.TrimLeftFunc(src, unicode.IsSpace) +} +func trimLeadingTabs(src []byte) []byte { + return bytes.TrimLeft(src, "\t") +} +func trimNewline(src []byte) []byte { + return bytes.TrimRight(src, "\r\n") +} + +func isComment(line []byte) bool { + return reComment.Match(trimLeadingWhitespace(trimNewline(line))) +} + +func isEmptyContinuationLine(line []byte) bool { + return len(trimLeadingWhitespace(trimNewline(line))) == 0 +} + +var utf8bom = []byte{0xEF, 0xBB, 0xBF} + +func trimContinuationCharacter(line string, d *directives) (string, bool) { + if d.lineContinuationRegex.MatchString(line) { + line = d.lineContinuationRegex.ReplaceAllString(line, "$1") + return line, false + } + return line, true +} + +// TODO: remove stripLeftWhitespace after deprecation period. It seems silly +// to preserve whitespace on continuation lines. Why is that done? +func processLine(d *directives, token []byte, stripLeftWhitespace bool) ([]byte, error) { + token = trimNewline(token) + if stripLeftWhitespace { + token = trimLeadingWhitespace(token) + } + return trimComments(token), d.possibleParserDirective(string(token)) +} + +// Variation of bufio.ScanLines that preserves the line endings +func scanLines(data []byte, atEOF bool) (advance int, token []byte, err error) { + if atEOF && len(data) == 0 { + return 0, nil, nil + } + if i := bytes.IndexByte(data, '\n'); i >= 0 { + return i + 1, data[0 : i+1], nil + } + if atEOF { + return len(data), data, nil + } + return 0, nil, nil +} + +func handleScannerError(err error) error { + switch err { + case bufio.ErrTooLong: + return errors.Errorf("dockerfile line greater than max allowed size of %d", bufio.MaxScanTokenSize-1) + default: + return err + } +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go new file mode 100644 index 000000000000..c0261652f8e2 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go @@ -0,0 +1,117 @@ +package parser + +import ( + "strings" + "unicode" +) + +// splitCommand takes a single line of text and parses out the cmd and args, +// which are used for dispatching to more exact parsing functions. +func splitCommand(line string) (string, []string, string, error) { + var args string + var flags []string + + // Make sure we get the same results irrespective of leading/trailing spaces + cmdline := reWhitespace.Split(strings.TrimSpace(line), 2) + + if len(cmdline) == 2 { + var err error + args, flags, err = extractBuilderFlags(cmdline[1]) + if err != nil { + return "", nil, "", err + } + } + + return cmdline[0], flags, strings.TrimSpace(args), nil +} + +func extractBuilderFlags(line string) (string, []string, error) { + // Parses the BuilderFlags and returns the remaining part of the line + + const ( + inSpaces = iota // looking for start of a word + inWord + inQuote + ) + + words := []string{} + phase := inSpaces + word := "" + quote := '\000' + blankOK := false + var ch rune + + for pos := 0; pos <= len(line); pos++ { + if pos != len(line) { + ch = rune(line[pos]) + } + + if phase == inSpaces { // Looking for start of word + if pos == len(line) { // end of input + break + } + if unicode.IsSpace(ch) { // skip spaces + continue + } + + // Only keep going if the next word starts with -- + if ch != '-' || pos+1 == len(line) || rune(line[pos+1]) != '-' { + return line[pos:], words, nil + } + + phase = inWord // found something with "--", fall through + } + if (phase == inWord || phase == inQuote) && (pos == len(line)) { + if word != "--" && (blankOK || len(word) > 0) { + words = append(words, word) + } + break + } + if phase == inWord { + if unicode.IsSpace(ch) { + phase = inSpaces + if word == "--" { + return line[pos:], words, nil + } + if blankOK || len(word) > 0 { + words = append(words, word) + } + word = "" + blankOK = false + continue + } + if ch == '\'' || ch == '"' { + quote = ch + blankOK = true + phase = inQuote + continue + } + if ch == '\\' { + if pos+1 == len(line) { + continue // just skip \ at end + } + pos++ + ch = rune(line[pos]) + } + word += string(ch) + continue + } + if phase == inQuote { + if ch == quote { + phase = inWord + continue + } + if ch == '\\' { + if pos+1 == len(line) { + phase = inWord + continue // just skip \ at end + } + pos++ + ch = rune(line[pos]) + } + word += string(ch) + } + } + + return "", words, nil +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/envVarTest b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/envVarTest new file mode 100644 index 000000000000..38534b0c78f6 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/envVarTest @@ -0,0 +1,238 @@ +A|hello | hello +A|he'll'o | hello +A|he'llo | error +A|he\'llo | he'llo +A|he\\'llo | error +A|abc\tdef | abctdef +A|"abc\tdef" | abc\tdef +A|"abc\\tdef" | abc\tdef +A|'abc\tdef' | abc\tdef +A|hello\ | hello +A|hello\\ | hello\ +A|"hello | error +A|"hello\" | error +A|"hel'lo" | hel'lo +A|'hello | error +A|'hello\' | hello\ +A|'hello\there' | hello\there +A|'hello\\there' | hello\\there +A|"''" | '' +A|$. | $. +A|he$1x | hex +A|he$.x | he$.x +# Next one is different on Windows as $pwd==$PWD +U|he$pwd. | he. +W|he$pwd. | he/home. +A|he$PWD | he/home +A|he\$PWD | he$PWD +A|he\\$PWD | he\/home +A|"he\$PWD" | he$PWD +A|"he\\$PWD" | he\/home +A|\${} | ${} +A|\${}aaa | ${}aaa +A|he\${} | he${} +A|he\${}xx | he${}xx +A|${} | error +A|${}aaa | error +A|he${} | error +A|he${}xx | error +A|he${hi} | he +A|he${hi}xx | hexx +A|he${PWD} | he/home +A|he${.} | error +A|he${XXX:-000}xx | he000xx +A|he${PWD:-000}xx | he/homexx +A|he${XXX:-$PWD}xx | he/homexx +A|he${XXX:-${PWD:-yyy}}xx | he/homexx +A|he${XXX:-${YYY:-yyy}}xx | heyyyxx +A|he${XXX:YYY} | error +A|he${XXX?} | error +A|he${XXX:?} | error +A|he${PWD?} | he/home +A|he${PWD:?} | he/home +A|he${NULL?} | he +A|he${NULL:?} | error +A|he${XXX:+${PWD}}xx | hexx +A|he${PWD:+${XXX}}xx | hexx +A|he${PWD:+${SHELL}}xx | hebashxx +A|he${XXX:+000}xx | hexx +A|he${PWD:+000}xx | he000xx +A|'he${XX}' | he${XX} +A|"he${PWD}" | he/home +A|"he'$PWD'" | he'/home' +A|"$PWD" | /home +A|'$PWD' | $PWD +A|'\$PWD' | \$PWD +A|'"hello"' | "hello" +A|he\$PWD | he$PWD +A|"he\$PWD" | he$PWD +A|'he\$PWD' | he\$PWD +A|he${PWD | error +A|he${PWD:=000}xx | error +A|he${PWD:+${PWD}:}xx | he/home:xx +A|he${XXX:-\$PWD:}xx | he$PWD:xx +A|he${XXX:-\${PWD}z}xx | he${PWDz}xx +A|안녕하세요 | 안녕하세요 +A|안'녕'하세요 | 안녕하세요 +A|안'녕하세요 | error +A|안녕\'하세요 | 안녕'하세요 +A|안\\'녕하세요 | error +A|안녕\t하세요 | 안녕t하세요 +A|"안녕\t하세요" | 안녕\t하세요 +A|'안녕\t하세요 | error +A|안녕하세요\ | 안녕하세요 +A|안녕하세요\\ | 안녕하세요\ +A|"안녕하세요 | error +A|"안녕하세요\" | error +A|"안녕'하세요" | 안녕'하세요 +A|'안녕하세요 | error +A|'안녕하세요\' | 안녕하세요\ +A|안녕$1x | 안녕x +A|안녕$.x | 안녕$.x +# Next one is different on Windows as $pwd==$PWD +U|안녕$pwd. | 안녕. +W|안녕$pwd. | 안녕/home. +A|안녕$PWD | 안녕/home +A|안녕\$PWD | 안녕$PWD +A|안녕\\$PWD | 안녕\/home +A|안녕\${} | 안녕${} +A|안녕\${}xx | 안녕${}xx +A|안녕${} | error +A|안녕${}xx | error +A|안녕${hi} | 안녕 +A|안녕${hi}xx | 안녕xx +A|안녕${PWD} | 안녕/home +A|안녕${.} | error +A|안녕${XXX:-000}xx | 안녕000xx +A|안녕${PWD:-000}xx | 안녕/homexx +A|안녕${XXX:-$PWD}xx | 안녕/homexx +A|안녕${XXX:-${PWD:-yyy}}xx | 안녕/homexx +A|안녕${XXX:-${YYY:-yyy}}xx | 안녕yyyxx +A|안녕${XXX:YYY} | error +A|안녕${XXX:+${PWD}}xx | 안녕xx +A|안녕${PWD:+${XXX}}xx | 안녕xx +A|안녕${PWD:+${SHELL}}xx | 안녕bashxx +A|안녕${XXX:+000}xx | 안녕xx +A|안녕${PWD:+000}xx | 안녕000xx +A|'안녕${XX}' | 안녕${XX} +A|"안녕${PWD}" | 안녕/home +A|"안녕'$PWD'" | 안녕'/home' +A|'"안녕"' | "안녕" +A|안녕\$PWD | 안녕$PWD +A|"안녕\$PWD" | 안녕$PWD +A|'안녕\$PWD' | 안녕\$PWD +A|안녕${PWD | error +A|안녕${PWD:=000}xx | error +A|안녕${PWD:+${PWD}:}xx | 안녕/home:xx +A|안녕${XXX:-\$PWD:}xx | 안녕$PWD:xx +A|안녕${XXX:-\${PWD}z}xx | 안녕${PWDz}xx +A|$KOREAN | 한국어 +A|안녕$KOREAN | 안녕한국어 +A|${{aaa} | error +A|${aaa}} | } +A|${aaa | error +A|${{aaa:-bbb} | error +A|${aaa:-bbb}} | bbb} +A|${aaa:-bbb | error +A|${aaa:-bbb} | bbb +A|${aaa:-${bbb:-ccc}} | ccc +A|${aaa:-bbb ${foo} | error +A|${aaa:-bbb {foo} | bbb {foo +A|${:} | error +A|${:-bbb} | error +A|${:+bbb} | error + +# Positional parameters won't be set: +# http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_05_01 +A|$1 | +A|${1} | +A|${1:+bbb} | +A|${1:-bbb} | bbb +A|$2 | +A|${2} | +A|${2:+bbb} | +A|${2:-bbb} | bbb +A|$3 | +A|${3} | +A|${3:+bbb} | +A|${3:-bbb} | bbb +A|$4 | +A|${4} | +A|${4:+bbb} | +A|${4:-bbb} | bbb +A|$5 | +A|${5} | +A|${5:+bbb} | +A|${5:-bbb} | bbb +A|$6 | +A|${6} | +A|${6:+bbb} | +A|${6:-bbb} | bbb +A|$7 | +A|${7} | +A|${7:+bbb} | +A|${7:-bbb} | bbb +A|$8 | +A|${8} | +A|${8:+bbb} | +A|${8:-bbb} | bbb +A|$9 | +A|${9} | +A|${9:+bbb} | +A|${9:-bbb} | bbb +A|$999 | +A|${999} | +A|${999:+bbb} | +A|${999:-bbb} | bbb +A|$999aaa | aaa +A|${999}aaa | aaa +A|${999:+bbb}aaa | aaa +A|${999:-bbb}aaa | bbbaaa +A|$001 | +A|${001} | +A|${001:+bbb} | +A|${001:-bbb} | bbb +A|$001aaa | aaa +A|${001}aaa | aaa +A|${001:+bbb}aaa | aaa +A|${001:-bbb}aaa | bbbaaa + +# Special parameters won't be set in the Dockerfile: +# http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_05_02 +A|$@ | +A|${@} | +A|${@:+bbb} | +A|${@:-bbb} | bbb +A|$@@@ | @@ +A|$@aaa | aaa +A|${@}aaa | aaa +A|${@:+bbb}aaa | aaa +A|${@:-bbb}aaa | bbbaaa +A|$* | +A|${*} | +A|${*:+bbb} | +A|${*:-bbb} | bbb +A|$# | +A|${#} | +A|${#:+bbb} | +A|${#:-bbb} | bbb +A|$? | +A|${?} | +A|${?:+bbb} | +A|${?:-bbb} | bbb +A|$- | +A|${-} | +A|${-:+bbb} | +A|${-:-bbb} | bbb +A|$$ | +A|${$} | +A|${$:+bbb} | +A|${$:-bbb} | bbb +A|$! | +A|${!} | +A|${!:+bbb} | +A|${!:-bbb} | bbb +A|$0 | +A|${0} | +A|${0:+bbb} | +A|${0:-bbb} | bbb diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go new file mode 100644 index 000000000000..bf0887f236b6 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go @@ -0,0 +1,11 @@ +//go:build !windows +// +build !windows + +package shell + +// EqualEnvKeys compare two strings and returns true if they are equal. +// On Unix this comparison is case sensitive. +// On Windows this comparison is case insensitive. +func EqualEnvKeys(from, to string) bool { + return from == to +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go new file mode 100644 index 000000000000..010569bbaa06 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go @@ -0,0 +1,10 @@ +package shell + +import "strings" + +// EqualEnvKeys compare two strings and returns true if they are equal. +// On Unix this comparison is case sensitive. +// On Windows this comparison is case insensitive. +func EqualEnvKeys(from, to string) bool { + return strings.ToUpper(from) == strings.ToUpper(to) +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go new file mode 100644 index 000000000000..23ab81f25cab --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go @@ -0,0 +1,499 @@ +package shell + +import ( + "bytes" + "fmt" + "strings" + "text/scanner" + "unicode" + + "github.com/pkg/errors" +) + +// Lex performs shell word splitting and variable expansion. +// +// Lex takes a string and an array of env variables and +// process all quotes (" and ') as well as $xxx and ${xxx} env variable +// tokens. Tries to mimic bash shell process. +// It doesn't support all flavors of ${xx:...} formats but new ones can +// be added by adding code to the "special ${} format processing" section +type Lex struct { + escapeToken rune + RawQuotes bool + RawEscapes bool + SkipProcessQuotes bool + SkipUnsetEnv bool +} + +// NewLex creates a new Lex which uses escapeToken to escape quotes. +func NewLex(escapeToken rune) *Lex { + return &Lex{escapeToken: escapeToken} +} + +// ProcessWord will use the 'env' list of environment variables, +// and replace any env var references in 'word'. +func (s *Lex) ProcessWord(word string, env []string) (string, error) { + word, _, err := s.process(word, BuildEnvs(env)) + return word, err +} + +// ProcessWords will use the 'env' list of environment variables, +// and replace any env var references in 'word' then it will also +// return a slice of strings which represents the 'word' +// split up based on spaces - taking into account quotes. Note that +// this splitting is done **after** the env var substitutions are done. +// Note, each one is trimmed to remove leading and trailing spaces (unless +// they are quoted", but ProcessWord retains spaces between words. +func (s *Lex) ProcessWords(word string, env []string) ([]string, error) { + _, words, err := s.process(word, BuildEnvs(env)) + return words, err +} + +// ProcessWordWithMap will use the 'env' list of environment variables, +// and replace any env var references in 'word'. +func (s *Lex) ProcessWordWithMap(word string, env map[string]string) (string, error) { + word, _, err := s.process(word, env) + return word, err +} + +// ProcessWordWithMatches will use the 'env' list of environment variables, +// replace any env var references in 'word' and return the env that were used. +func (s *Lex) ProcessWordWithMatches(word string, env map[string]string) (string, map[string]struct{}, error) { + sw := s.init(word, env) + word, _, err := sw.process(word) + return word, sw.matches, err +} + +func (s *Lex) ProcessWordsWithMap(word string, env map[string]string) ([]string, error) { + _, words, err := s.process(word, env) + return words, err +} + +func (s *Lex) init(word string, env map[string]string) *shellWord { + sw := &shellWord{ + envs: env, + escapeToken: s.escapeToken, + skipUnsetEnv: s.SkipUnsetEnv, + skipProcessQuotes: s.SkipProcessQuotes, + rawQuotes: s.RawQuotes, + rawEscapes: s.RawEscapes, + matches: make(map[string]struct{}), + } + sw.scanner.Init(strings.NewReader(word)) + return sw +} + +func (s *Lex) process(word string, env map[string]string) (string, []string, error) { + sw := s.init(word, env) + return sw.process(word) +} + +type shellWord struct { + scanner scanner.Scanner + envs map[string]string + escapeToken rune + rawQuotes bool + rawEscapes bool + skipUnsetEnv bool + skipProcessQuotes bool + matches map[string]struct{} +} + +func (sw *shellWord) process(source string) (string, []string, error) { + word, words, err := sw.processStopOn(scanner.EOF) + if err != nil { + err = errors.Wrapf(err, "failed to process %q", source) + } + return word, words, err +} + +type wordsStruct struct { + word string + words []string + inWord bool +} + +func (w *wordsStruct) addChar(ch rune) { + if unicode.IsSpace(ch) && w.inWord { + if len(w.word) != 0 { + w.words = append(w.words, w.word) + w.word = "" + w.inWord = false + } + } else if !unicode.IsSpace(ch) { + w.addRawChar(ch) + } +} + +func (w *wordsStruct) addRawChar(ch rune) { + w.word += string(ch) + w.inWord = true +} + +func (w *wordsStruct) addString(str string) { + for _, ch := range str { + w.addChar(ch) + } +} + +func (w *wordsStruct) addRawString(str string) { + w.word += str + w.inWord = true +} + +func (w *wordsStruct) getWords() []string { + if len(w.word) > 0 { + w.words = append(w.words, w.word) + + // Just in case we're called again by mistake + w.word = "" + w.inWord = false + } + return w.words +} + +// Process the word, starting at 'pos', and stop when we get to the +// end of the word or the 'stopChar' character +func (sw *shellWord) processStopOn(stopChar rune) (string, []string, error) { + var result bytes.Buffer + var words wordsStruct + + var charFuncMapping = map[rune]func() (string, error){ + '$': sw.processDollar, + } + if !sw.skipProcessQuotes { + charFuncMapping['\''] = sw.processSingleQuote + charFuncMapping['"'] = sw.processDoubleQuote + } + + for sw.scanner.Peek() != scanner.EOF { + ch := sw.scanner.Peek() + + if stopChar != scanner.EOF && ch == stopChar { + sw.scanner.Next() + return result.String(), words.getWords(), nil + } + if fn, ok := charFuncMapping[ch]; ok { + // Call special processing func for certain chars + tmp, err := fn() + if err != nil { + return "", []string{}, err + } + result.WriteString(tmp) + + if ch == rune('$') { + words.addString(tmp) + } else { + words.addRawString(tmp) + } + } else { + // Not special, just add it to the result + ch = sw.scanner.Next() + + if ch == sw.escapeToken { + if sw.rawEscapes { + words.addRawChar(ch) + result.WriteRune(ch) + } + + // '\' (default escape token, but ` allowed) escapes, except end of line + ch = sw.scanner.Next() + + if ch == scanner.EOF { + break + } + + words.addRawChar(ch) + } else { + words.addChar(ch) + } + + result.WriteRune(ch) + } + } + if stopChar != scanner.EOF { + return "", []string{}, errors.Errorf("unexpected end of statement while looking for matching %s", string(stopChar)) + } + return result.String(), words.getWords(), nil +} + +func (sw *shellWord) processSingleQuote() (string, error) { + // All chars between single quotes are taken as-is + // Note, you can't escape ' + // + // From the "sh" man page: + // Single Quotes + // Enclosing characters in single quotes preserves the literal meaning of + // all the characters (except single quotes, making it impossible to put + // single-quotes in a single-quoted string). + + var result bytes.Buffer + + ch := sw.scanner.Next() + if sw.rawQuotes { + result.WriteRune(ch) + } + + for { + ch = sw.scanner.Next() + switch ch { + case scanner.EOF: + return "", errors.New("unexpected end of statement while looking for matching single-quote") + case '\'': + if sw.rawQuotes { + result.WriteRune(ch) + } + return result.String(), nil + } + result.WriteRune(ch) + } +} + +func (sw *shellWord) processDoubleQuote() (string, error) { + // All chars up to the next " are taken as-is, even ', except any $ chars + // But you can escape " with a \ (or ` if escape token set accordingly) + // + // From the "sh" man page: + // Double Quotes + // Enclosing characters within double quotes preserves the literal meaning + // of all characters except dollarsign ($), backquote (`), and backslash + // (\). The backslash inside double quotes is historically weird, and + // serves to quote only the following characters: + // $ ` " \ . + // Otherwise it remains literal. + + var result bytes.Buffer + + ch := sw.scanner.Next() + if sw.rawQuotes { + result.WriteRune(ch) + } + + for { + switch sw.scanner.Peek() { + case scanner.EOF: + return "", errors.New("unexpected end of statement while looking for matching double-quote") + case '"': + ch := sw.scanner.Next() + if sw.rawQuotes { + result.WriteRune(ch) + } + return result.String(), nil + case '$': + value, err := sw.processDollar() + if err != nil { + return "", err + } + result.WriteString(value) + default: + ch := sw.scanner.Next() + if ch == sw.escapeToken { + if sw.rawEscapes { + result.WriteRune(ch) + } + + switch sw.scanner.Peek() { + case scanner.EOF: + // Ignore \ at end of word + continue + case '"', '$', sw.escapeToken: + // These chars can be escaped, all other \'s are left as-is + // Note: for now don't do anything special with ` chars. + // Not sure what to do with them anyway since we're not going + // to execute the text in there (not now anyway). + ch = sw.scanner.Next() + } + } + result.WriteRune(ch) + } + } +} + +func (sw *shellWord) processDollar() (string, error) { + sw.scanner.Next() + + // $xxx case + if sw.scanner.Peek() != '{' { + name := sw.processName() + if name == "" { + return "$", nil + } + value, found := sw.getEnv(name) + if !found && sw.skipUnsetEnv { + return "$" + name, nil + } + return value, nil + } + + sw.scanner.Next() + switch sw.scanner.Peek() { + case scanner.EOF: + return "", errors.New("syntax error: missing '}'") + case '{', '}', ':': + // Invalid ${{xx}, ${:xx}, ${:}. ${} case + return "", errors.New("syntax error: bad substitution") + } + name := sw.processName() + ch := sw.scanner.Next() + switch ch { + case '}': + // Normal ${xx} case + value, found := sw.getEnv(name) + if !found && sw.skipUnsetEnv { + return fmt.Sprintf("${%s}", name), nil + } + return value, nil + case '?': + word, _, err := sw.processStopOn('}') + if err != nil { + if sw.scanner.Peek() == scanner.EOF { + return "", errors.New("syntax error: missing '}'") + } + return "", err + } + newValue, found := sw.getEnv(name) + if !found { + if sw.skipUnsetEnv { + return fmt.Sprintf("${%s?%s}", name, word), nil + } + message := "is not allowed to be unset" + if word != "" { + message = word + } + return "", errors.Errorf("%s: %s", name, message) + } + return newValue, nil + case ':': + // Special ${xx:...} format processing + // Yes it allows for recursive $'s in the ... spot + modifier := sw.scanner.Next() + + word, _, err := sw.processStopOn('}') + if err != nil { + if sw.scanner.Peek() == scanner.EOF { + return "", errors.New("syntax error: missing '}'") + } + return "", err + } + + // Grab the current value of the variable in question so we + // can use to to determine what to do based on the modifier + newValue, found := sw.getEnv(name) + + switch modifier { + case '+': + if newValue != "" { + newValue = word + } + if !found && sw.skipUnsetEnv { + return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil + } + return newValue, nil + + case '-': + if newValue == "" { + newValue = word + } + if !found && sw.skipUnsetEnv { + return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil + } + + return newValue, nil + + case '?': + if !found { + if sw.skipUnsetEnv { + return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil + } + message := "is not allowed to be unset" + if word != "" { + message = word + } + return "", errors.Errorf("%s: %s", name, message) + } + if newValue == "" { + message := "is not allowed to be empty" + if word != "" { + message = word + } + return "", errors.Errorf("%s: %s", name, message) + } + return newValue, nil + + default: + return "", errors.Errorf("unsupported modifier (%c) in substitution", modifier) + } + } + return "", errors.Errorf("missing ':' in substitution") +} + +func (sw *shellWord) processName() string { + // Read in a name (alphanumeric or _) + // If it starts with a numeric then just return $# + var name bytes.Buffer + + for sw.scanner.Peek() != scanner.EOF { + ch := sw.scanner.Peek() + if name.Len() == 0 && unicode.IsDigit(ch) { + for sw.scanner.Peek() != scanner.EOF && unicode.IsDigit(sw.scanner.Peek()) { + // Keep reading until the first non-digit character, or EOF + ch = sw.scanner.Next() + name.WriteRune(ch) + } + return name.String() + } + if name.Len() == 0 && isSpecialParam(ch) { + ch = sw.scanner.Next() + return string(ch) + } + if !unicode.IsLetter(ch) && !unicode.IsDigit(ch) && ch != '_' { + break + } + ch = sw.scanner.Next() + name.WriteRune(ch) + } + + return name.String() +} + +// isSpecialParam checks if the provided character is a special parameters, +// as defined in http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_05_02 +func isSpecialParam(char rune) bool { + switch char { + case '@', '*', '#', '?', '-', '$', '!', '0': + // Special parameters + // http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_05_02 + return true + } + return false +} + +func (sw *shellWord) getEnv(name string) (string, bool) { + for key, value := range sw.envs { + if EqualEnvKeys(name, key) { + sw.matches[name] = struct{}{} + return value, true + } + } + return "", false +} + +func BuildEnvs(env []string) map[string]string { + envs := map[string]string{} + + for _, e := range env { + i := strings.Index(e, "=") + + if i < 0 { + envs[e] = "" + } else { + k := e[:i] + v := e[i+1:] + + // overwrite value if key already exists + envs[k] = v + } + } + + return envs +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/wordsTest b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/wordsTest new file mode 100644 index 000000000000..1fd9f19433d9 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/wordsTest @@ -0,0 +1,30 @@ +hello | hello +hello${hi}bye | hellobye +ENV hi=hi +hello${hi}bye | hellohibye +ENV space=abc def +hello${space}bye | helloabc,defbye +hello"${space}"bye | helloabc defbye +hello "${space}"bye | hello,abc defbye +ENV leading= ab c +hello${leading}def | hello,ab,cdef +hello"${leading}" def | hello ab c,def +hello"${leading}" | hello ab c +hello${leading} | hello,ab,c +# next line MUST have 3 trailing spaces, don't erase them! +ENV trailing=ab c +hello${trailing} | helloab,c +hello${trailing}d | helloab,c,d +hello"${trailing}"d | helloab c d +# next line MUST have 3 trailing spaces, don't erase them! +hel"lo${trailing}" | helloab c +hello" there " | hello there +hello there | hello,there +hello\ there | hello there +hello" there | error +hello\" there | hello",there +hello"\\there" | hello\there +hello"\there" | hello\there +hello'\\there' | hello\\there +hello'\there' | hello\there +hello'$there' | hello$there diff --git a/vendor/github.com/moby/buildkit/util/stack/generate.go b/vendor/github.com/moby/buildkit/util/stack/generate.go new file mode 100644 index 000000000000..f3e967787c9b --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/stack/generate.go @@ -0,0 +1,3 @@ +package stack + +//go:generate protoc -I=. -I=../../vendor/ --go_out=. --go_opt=paths=source_relative --go_opt=Mstack.proto=/util/stack stack.proto diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.go b/vendor/github.com/moby/buildkit/util/stack/stack.go new file mode 100644 index 000000000000..3409ac047af0 --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/stack/stack.go @@ -0,0 +1,182 @@ +package stack + +import ( + "fmt" + io "io" + "os" + "runtime" + "strconv" + "strings" + "sync" + + "github.com/containerd/typeurl" + "github.com/pkg/errors" +) + +var helpers map[string]struct{} +var helpersMu sync.RWMutex + +func init() { + typeurl.Register((*Stack)(nil), "github.com/moby/buildkit", "stack.Stack+json") + + helpers = map[string]struct{}{} +} + +var version string +var revision string + +func SetVersionInfo(v, r string) { + version = v + revision = r +} + +func Helper() { + var pc [1]uintptr + n := runtime.Callers(2, pc[:]) + if n == 0 { + return + } + frames := runtime.CallersFrames(pc[:n]) + frame, _ := frames.Next() + helpersMu.Lock() + helpers[frame.Function] = struct{}{} + helpersMu.Unlock() +} + +func Traces(err error) []*Stack { + var st []*Stack + + wrapped, ok := err.(interface { + Unwrap() error + }) + if ok { + st = Traces(wrapped.Unwrap()) + } + + if ste, ok := err.(interface { + StackTrace() errors.StackTrace + }); ok { + st = append(st, convertStack(ste.StackTrace())) + } + + if ste, ok := err.(interface { + StackTrace() *Stack + }); ok { + st = append(st, ste.StackTrace()) + } + + return st +} + +func Enable(err error) error { + if err == nil { + return nil + } + Helper() + if !hasLocalStackTrace(err) { + return errors.WithStack(err) + } + return err +} + +func Wrap(err error, s Stack) error { + return &withStack{stack: s, error: err} +} + +func hasLocalStackTrace(err error) bool { + wrapped, ok := err.(interface { + Unwrap() error + }) + if ok && hasLocalStackTrace(wrapped.Unwrap()) { + return true + } + + _, ok = err.(interface { + StackTrace() errors.StackTrace + }) + return ok +} + +func Formatter(err error) fmt.Formatter { + return &formatter{err} +} + +type formatter struct { + error +} + +func (w *formatter) Format(s fmt.State, verb rune) { + if w.error == nil { + fmt.Fprintf(s, "%v", w.error) + return + } + switch verb { + case 'v': + if s.Flag('+') { + fmt.Fprintf(s, "%s\n", w.Error()) + for _, stack := range Traces(w.error) { + fmt.Fprintf(s, "%d %s %s\n", stack.Pid, stack.Version, strings.Join(stack.Cmdline, " ")) + for _, f := range stack.Frames { + fmt.Fprintf(s, "%s\n\t%s:%d\n", f.Name, f.File, f.Line) + } + fmt.Fprintln(s) + } + return + } + fallthrough + case 's': + io.WriteString(s, w.Error()) + case 'q': + fmt.Fprintf(s, "%q", w.Error()) + } +} + +func convertStack(s errors.StackTrace) *Stack { + var out Stack + helpersMu.RLock() + defer helpersMu.RUnlock() + for _, f := range s { + dt, err := f.MarshalText() + if err != nil { + continue + } + p := strings.SplitN(string(dt), " ", 2) + if len(p) != 2 { + continue + } + if _, ok := helpers[p[0]]; ok { + continue + } + idx := strings.LastIndexByte(p[1], ':') + if idx == -1 { + continue + } + line, err := strconv.Atoi(p[1][idx+1:]) + if err != nil { + continue + } + out.Frames = append(out.Frames, &Frame{ + Name: p[0], + File: p[1][:idx], + Line: int32(line), + }) + } + out.Cmdline = os.Args + out.Pid = int32(os.Getpid()) + out.Version = version + out.Revision = revision + return &out +} + +type withStack struct { + stack Stack + error +} + +func (e *withStack) Unwrap() error { + return e.error +} + +func (e *withStack) StackTrace() *Stack { + return &e.stack +} diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go new file mode 100644 index 000000000000..df55582db48a --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go @@ -0,0 +1,172 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: stack.proto + +package stack + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +type Stack struct { + Frames []*Frame `protobuf:"bytes,1,rep,name=frames,proto3" json:"frames,omitempty"` + Cmdline []string `protobuf:"bytes,2,rep,name=cmdline,proto3" json:"cmdline,omitempty"` + Pid int32 `protobuf:"varint,3,opt,name=pid,proto3" json:"pid,omitempty"` + Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` + Revision string `protobuf:"bytes,5,opt,name=revision,proto3" json:"revision,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Stack) Reset() { *m = Stack{} } +func (m *Stack) String() string { return proto.CompactTextString(m) } +func (*Stack) ProtoMessage() {} +func (*Stack) Descriptor() ([]byte, []int) { + return fileDescriptor_b44c07feb2ca0a5a, []int{0} +} + +func (m *Stack) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Stack.Unmarshal(m, b) +} +func (m *Stack) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Stack.Marshal(b, m, deterministic) +} +func (m *Stack) XXX_Merge(src proto.Message) { + xxx_messageInfo_Stack.Merge(m, src) +} +func (m *Stack) XXX_Size() int { + return xxx_messageInfo_Stack.Size(m) +} +func (m *Stack) XXX_DiscardUnknown() { + xxx_messageInfo_Stack.DiscardUnknown(m) +} + +var xxx_messageInfo_Stack proto.InternalMessageInfo + +func (m *Stack) GetFrames() []*Frame { + if m != nil { + return m.Frames + } + return nil +} + +func (m *Stack) GetCmdline() []string { + if m != nil { + return m.Cmdline + } + return nil +} + +func (m *Stack) GetPid() int32 { + if m != nil { + return m.Pid + } + return 0 +} + +func (m *Stack) GetVersion() string { + if m != nil { + return m.Version + } + return "" +} + +func (m *Stack) GetRevision() string { + if m != nil { + return m.Revision + } + return "" +} + +type Frame struct { + Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"` + File string `protobuf:"bytes,2,opt,name=File,proto3" json:"File,omitempty"` + Line int32 `protobuf:"varint,3,opt,name=Line,proto3" json:"Line,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Frame) Reset() { *m = Frame{} } +func (m *Frame) String() string { return proto.CompactTextString(m) } +func (*Frame) ProtoMessage() {} +func (*Frame) Descriptor() ([]byte, []int) { + return fileDescriptor_b44c07feb2ca0a5a, []int{1} +} + +func (m *Frame) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Frame.Unmarshal(m, b) +} +func (m *Frame) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Frame.Marshal(b, m, deterministic) +} +func (m *Frame) XXX_Merge(src proto.Message) { + xxx_messageInfo_Frame.Merge(m, src) +} +func (m *Frame) XXX_Size() int { + return xxx_messageInfo_Frame.Size(m) +} +func (m *Frame) XXX_DiscardUnknown() { + xxx_messageInfo_Frame.DiscardUnknown(m) +} + +var xxx_messageInfo_Frame proto.InternalMessageInfo + +func (m *Frame) GetName() string { + if m != nil { + return m.Name + } + return "" +} + +func (m *Frame) GetFile() string { + if m != nil { + return m.File + } + return "" +} + +func (m *Frame) GetLine() int32 { + if m != nil { + return m.Line + } + return 0 +} + +func init() { + proto.RegisterType((*Stack)(nil), "stack.Stack") + proto.RegisterType((*Frame)(nil), "stack.Frame") +} + +func init() { + proto.RegisterFile("stack.proto", fileDescriptor_b44c07feb2ca0a5a) +} + +var fileDescriptor_b44c07feb2ca0a5a = []byte{ + // 185 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x3c, 0x8f, 0x3d, 0xce, 0x82, 0x40, + 0x10, 0x86, 0xb3, 0xdf, 0xb2, 0x7c, 0x3a, 0x58, 0x98, 0xa9, 0x36, 0x56, 0x1b, 0x62, 0x41, 0x45, + 0xa1, 0x47, 0x30, 0xa1, 0x32, 0x16, 0x78, 0x02, 0x84, 0x35, 0xd9, 0xc8, 0x5f, 0x76, 0x09, 0xd7, + 0xf0, 0xca, 0x66, 0x06, 0xb4, 0x7b, 0xde, 0x9f, 0xe4, 0x9d, 0x81, 0x24, 0x4c, 0x55, 0xfd, 0xca, + 0x47, 0x3f, 0x4c, 0x03, 0x2a, 0x16, 0xe9, 0x5b, 0x80, 0xba, 0x13, 0xe1, 0x11, 0xe2, 0xa7, 0xaf, + 0x3a, 0x1b, 0xb4, 0x30, 0x32, 0x4b, 0x4e, 0xbb, 0x7c, 0xa9, 0x17, 0x64, 0x96, 0x6b, 0x86, 0x1a, + 0xfe, 0xeb, 0xae, 0x69, 0x5d, 0x6f, 0xf5, 0x9f, 0x91, 0xd9, 0xb6, 0xfc, 0x4a, 0xdc, 0x83, 0x1c, + 0x5d, 0xa3, 0xa5, 0x11, 0x99, 0x2a, 0x09, 0xa9, 0x3b, 0x5b, 0x1f, 0xdc, 0xd0, 0xeb, 0xc8, 0x08, + 0xea, 0xae, 0x12, 0x0f, 0xb0, 0xf1, 0x76, 0x76, 0x1c, 0x29, 0x8e, 0x7e, 0x3a, 0xbd, 0x80, 0xe2, + 0x49, 0x44, 0x88, 0x6e, 0x55, 0x67, 0xb5, 0xe0, 0x02, 0x33, 0x79, 0x85, 0x6b, 0x69, 0x9b, 0x3d, + 0x62, 0xf2, 0xae, 0x74, 0xcf, 0xb2, 0xcc, 0xfc, 0x88, 0xf9, 0xc9, 0xf3, 0x27, 0x00, 0x00, 0xff, + 0xff, 0xfd, 0x2c, 0xbb, 0xfb, 0xf3, 0x00, 0x00, 0x00, +} diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.proto b/vendor/github.com/moby/buildkit/util/stack/stack.proto new file mode 100644 index 000000000000..9c63bc3626c1 --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/stack/stack.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package stack; + +message Stack { + repeated Frame frames = 1; + repeated string cmdline = 2; + int32 pid = 3; + string version = 4; + string revision = 5; +} + +message Frame { + string Name = 1; + string File = 2; + int32 Line = 3; +} \ No newline at end of file diff --git a/vendor/github.com/openshift/imagebuilder/Makefile b/vendor/github.com/openshift/imagebuilder/Makefile index dea84bb23e6d..6c545f4cd60c 100644 --- a/vendor/github.com/openshift/imagebuilder/Makefile +++ b/vendor/github.com/openshift/imagebuilder/Makefile @@ -9,3 +9,9 @@ test: test-conformance: go test -v -tags conformance -timeout 45m ./dockerclient .PHONY: test-conformance + +.PHONY: vendor +vendor: + GO111MODULE=on go mod tidy + GO111MODULE=on go mod vendor + GO111MODULE=on go mod verify diff --git a/vendor/github.com/openshift/imagebuilder/builder.go b/vendor/github.com/openshift/imagebuilder/builder.go index 3a86aaf10786..74e118c3acfd 100644 --- a/vendor/github.com/openshift/imagebuilder/builder.go +++ b/vendor/github.com/openshift/imagebuilder/builder.go @@ -13,6 +13,7 @@ import ( docker "github.com/fsouza/go-dockerclient" + buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" "github.com/openshift/imagebuilder/dockerfile/command" "github.com/openshift/imagebuilder/dockerfile/parser" ) @@ -32,6 +33,17 @@ type Copy struct { Chown string Chmod string Checksum string + // Additional files which need to be created by executor for this + // instruction. + Files []File +} + +// File defines if any additional file needs to be created +// by the executor instruction so that specified command +// can execute/copy the created file inside the build container. +type File struct { + Name string // Name of the new file. + Data string // Content of the file. } // Run defines a run operation required in the container. @@ -42,6 +54,9 @@ type Run struct { Mounts []string // Network specifies the network mode to run the container with Network string + // Additional files which need to be created by executor for this + // instruction. + Files []File } type Executor interface { @@ -395,7 +410,7 @@ func (b *Builder) Run(step *Step, exec Executor, noRunsRemaining bool) error { if !ok { return exec.UnrecognizedInstruction(step) } - if err := fn(b, step.Args, step.Attrs, step.Flags, step.Original); err != nil { + if err := fn(b, step.Args, step.Attrs, step.Flags, step.Original, step.Heredocs); err != nil { return err } @@ -575,7 +590,7 @@ func SplitBy(node *parser.Node, value string) []*parser.Node { } // StepFunc is invoked with the result of a resolved step. -type StepFunc func(*Builder, []string, map[string]bool, []string, string) error +type StepFunc func(*Builder, []string, map[string]bool, []string, string, []buildkitparser.Heredoc) error var evaluateTable = map[string]StepFunc{ command.Env: env, diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index 7479e6ab070d..fdb2aded64dd 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -22,6 +22,9 @@ import ( "github.com/containers/storage/pkg/regexp" "github.com/openshift/imagebuilder/signal" "github.com/openshift/imagebuilder/strslice" + + buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" + buildkitshell "github.com/moby/buildkit/frontend/dockerfile/shell" ) var ( @@ -53,7 +56,7 @@ func init() { // // Sets the environment variable foo to bar, also makes interpolation // in the dockerfile available from the next statement on via ${foo}. -func env(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func env(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("ENV") } @@ -94,7 +97,7 @@ func env(b *Builder, args []string, attributes map[string]bool, flagArgs []strin // MAINTAINER some text // // Sets the maintainer metadata. -func maintainer(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func maintainer(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) != 1 { return errExactlyOneArgument("MAINTAINER") } @@ -105,7 +108,7 @@ func maintainer(b *Builder, args []string, attributes map[string]bool, flagArgs // LABEL some json data describing the image // // Sets the Label variable foo to bar, -func label(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func label(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("LABEL") } @@ -127,11 +130,37 @@ func label(b *Builder, args []string, attributes map[string]bool, flagArgs []str return nil } +func processHereDocs(originalInstruction string, heredocs []buildkitparser.Heredoc, args []string) ([]File, error) { + var files []File + for _, heredoc := range heredocs { + var err error + content := heredoc.Content + if heredoc.Chomp { + content = buildkitparser.ChompHeredocContent(content) + } + if heredoc.Expand { + shlex := buildkitshell.NewLex('\\') + shlex.RawQuotes = true + shlex.RawEscapes = true + content, err = shlex.ProcessWord(content, args) + if err != nil { + return nil, err + } + } + file := File{ + Data: content, + Name: heredoc.Name, + } + files = append(files, file) + } + return files, nil +} + // ADD foo /path // // Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling // exist here. If you do not wish to have this automatic handling, use COPY. -func add(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func add(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) < 2 { return errAtLeastTwoArgument("ADD") } @@ -167,20 +196,25 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin return fmt.Errorf("ADD only supports the --chmod=, --chown=, and --checksum= flags") } } + files, err := processHereDocs(original, heredocs, userArgs) + if err != nil { + return err + } b.PendingCopies = append(b.PendingCopies, Copy{ Src: args[0:last], Dest: dest, Download: true, Chown: chown, Chmod: chmod, - Checksum: checksum}) + Checksum: checksum, + Files: files}) return nil } // COPY foo /path // // Same as 'ADD' but without the tar and remote url handling. -func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) < 2 { return errAtLeastTwoArgument("COPY") } @@ -210,14 +244,18 @@ func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArg return fmt.Errorf("COPY only supports the --chmod= --chown= and the --from= flags") } } - b.PendingCopies = append(b.PendingCopies, Copy{From: from, Src: args[0:last], Dest: dest, Download: false, Chown: chown, Chmod: chmod}) + files, err := processHereDocs(original, heredocs, userArgs) + if err != nil { + return err + } + b.PendingCopies = append(b.PendingCopies, Copy{From: from, Src: args[0:last], Dest: dest, Download: false, Chown: chown, Chmod: chmod, Files: files}) return nil } // FROM imagename // // This sets the image the dockerfile will build on top of. -func from(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func from(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { switch { case len(args) == 1: case len(args) == 3 && len(args[0]) > 0 && strings.EqualFold(args[1], "as") && len(args[2]) > 0: @@ -282,7 +320,7 @@ func from(b *Builder, args []string, attributes map[string]bool, flagArgs []stri // evaluator.go and comments around dispatch() in the same file explain the // special cases. search for 'OnBuild' in internals.go for additional special // cases. -func onbuild(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func onbuild(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("ONBUILD") } @@ -304,7 +342,7 @@ func onbuild(b *Builder, args []string, attributes map[string]bool, flagArgs []s // WORKDIR /tmp // // Set the working directory for future RUN/CMD/etc statements. -func workdir(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func workdir(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) != 1 { return errExactlyOneArgument("WORKDIR") } @@ -331,7 +369,7 @@ func workdir(b *Builder, args []string, attributes map[string]bool, flagArgs []s // RUN echo hi # sh -c echo hi (Linux) // RUN echo hi # cmd /S /C echo hi (Windows) // RUN [ "echo", "hi" ] # echo hi -func run(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func run(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if b.RunConfig.Image == "" { return fmt.Errorf("Please provide a source image with `from` prior to run") } @@ -363,10 +401,16 @@ func run(b *Builder, args []string, attributes map[string]bool, flagArgs []strin } } + files, err := processHereDocs(original, heredocs, userArgs) + if err != nil { + return err + } + run := Run{ Args: args, Mounts: mounts, Network: network, + Files: files, } if !attributes["json"] { @@ -380,7 +424,7 @@ func run(b *Builder, args []string, attributes map[string]bool, flagArgs []strin // // Set the default command to run in the container (which may be empty). // Argument handling is the same as RUN. -func cmd(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func cmd(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { cmdSlice := handleJSONArgs(args, attributes) if !attributes["json"] { @@ -405,7 +449,7 @@ func cmd(b *Builder, args []string, attributes map[string]bool, flagArgs []strin // // Handles command processing similar to CMD and RUN, only b.RunConfig.Entrypoint // is initialized at NewBuilder time instead of through argument parsing. -func entrypoint(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func entrypoint(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { parsed := handleJSONArgs(args, attributes) switch { @@ -436,7 +480,7 @@ func entrypoint(b *Builder, args []string, attributes map[string]bool, flagArgs // // Expose ports for links and port mappings. This all ends up in // b.RunConfig.ExposedPorts for runconfig. -func expose(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func expose(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("EXPOSE") } @@ -463,7 +507,7 @@ func expose(b *Builder, args []string, attributes map[string]bool, flagArgs []st // // Set the user to 'foo' for future commands and when running the // ENTRYPOINT/CMD at container run time. -func user(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func user(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) != 1 { return errExactlyOneArgument("USER") } @@ -475,7 +519,7 @@ func user(b *Builder, args []string, attributes map[string]bool, flagArgs []stri // VOLUME /foo // // Expose the volume /foo for use. Will also accept the JSON array form. -func volume(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func volume(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("VOLUME") } @@ -497,7 +541,7 @@ func volume(b *Builder, args []string, attributes map[string]bool, flagArgs []st // STOPSIGNAL signal // // Set the signal that will be used to kill the container. -func stopSignal(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func stopSignal(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) != 1 { return errExactlyOneArgument("STOPSIGNAL") } @@ -515,7 +559,7 @@ func stopSignal(b *Builder, args []string, attributes map[string]bool, flagArgs // // Set the default healthcheck command to run in the container (which may be empty). // Argument handling is the same as RUN. -func healthcheck(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func healthcheck(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { if len(args) == 0 { return errAtLeastOneArgument("HEALTHCHECK") } @@ -608,7 +652,7 @@ var targetArgs = []string{"TARGETOS", "TARGETARCH", "TARGETVARIANT"} // Adds the variable foo to the trusted list of variables that can be passed // to builder using the --build-arg flag for expansion/subsitution or passing to 'run'. // Dockerfile author may optionally set a default value of this variable. -func arg(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func arg(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { var ( name string value string @@ -674,7 +718,7 @@ func arg(b *Builder, args []string, attributes map[string]bool, flagArgs []strin // SHELL powershell -command // // Set the non-default shell to use. -func shell(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string) error { +func shell(b *Builder, args []string, attributes map[string]bool, flagArgs []string, original string, heredocs []buildkitparser.Heredoc) error { shellSlice := handleJSONArgs(args, attributes) switch { case len(shellSlice) == 0: diff --git a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go index 64fc0dbe9671..f8cb979a8f84 100644 --- a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go +++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go @@ -15,6 +15,8 @@ import ( sRegexp "github.com/containers/storage/pkg/regexp" "github.com/containers/storage/pkg/system" + buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" + buildkitshell "github.com/moby/buildkit/frontend/dockerfile/shell" "github.com/openshift/imagebuilder/dockerfile/command" ) @@ -30,14 +32,15 @@ import ( // but lucky for us the Dockerfile isn't very complicated. This structure // works a little more effectively than a "proper" parse tree for our needs. type Node struct { - Value string // actual content - Next *Node // the next item in the current sexp - Children []*Node // the children of this sexp - Attributes map[string]bool // special attributes for this node - Original string // original line used before parsing - Flags []string // only top Node should have this set - StartLine int // the line in the original dockerfile where the node begins - EndLine int // the line in the original dockerfile where the node ends + Value string // actual content + Next *Node // the next item in the current sexp + Children []*Node // the children of this sexp + Heredocs []buildkitparser.Heredoc // extra heredoc content attachments + Attributes map[string]bool // special attributes for this node + Original string // original line used before parsing + Flags []string // only top Node should have this set + StartLine int // the line in the original dockerfile where the node begins + EndLine int // the line in the original dockerfile where the node ends } // Dump dumps the AST defined by `node` as a list of sexps. @@ -53,7 +56,11 @@ func (node *Node) Dump() string { for _, n := range node.Children { str += "(" + n.Dump() + ")\n" } - + if len(node.Heredocs) > 0 { + for _, doc := range node.Heredocs { + str += "(" + doc.Name + "-" + doc.Content + "-" + strconv.Itoa(int(doc.FileDescriptor)) + "-" + strconv.FormatBool(doc.Expand) + "-" + strconv.FormatBool(doc.Chomp) + ")\n" + } + } for n := node.Next; n != nil; n = n.Next { if len(n.Children) > 0 { str += " " + n.Dump() @@ -70,6 +77,24 @@ func (node *Node) lines(start, end int) { node.EndLine = end } +func (node *Node) canContainHeredoc() bool { + // check for compound commands, like ONBUILD + if ok := heredocCompoundDirectives[strings.ToLower(node.Value)]; ok { + if node.Next != nil && len(node.Next.Children) > 0 { + node = node.Next.Children[0] + } + } + + if ok := heredocDirectives[strings.ToLower(node.Value)]; !ok { + return false + } + if isJSON := node.Attributes["json"]; isJSON { + return false + } + + return true +} + // AddChild adds a new child node, and updates line information func (node *Node) AddChild(child *Node, startLine, endLine int) { child.lines(startLine, endLine) @@ -94,6 +119,20 @@ const DefaultEscapeToken = '\\' // defaultPlatformToken is the platform assumed for the build if not explicitly provided var defaultPlatformToken = runtime.GOOS +var ( + // Directives allowed to contain heredocs + heredocDirectives = map[string]bool{ + command.Add: true, + command.Copy: true, + command.Run: true, + } + + // Directives allowed to contain directives containing heredocs + heredocCompoundDirectives = map[string]bool{ + command.Onbuild: true, + } +) + // Directive is the structure used during a build run to hold the state of // parsing directives. type Directive struct { @@ -313,6 +352,39 @@ func Parse(rwc io.Reader) (*Result, error) { if err != nil { return nil, err } + + if child.canContainHeredoc() { + heredocs, err := heredocsFromLine(line) + if err != nil { + return nil, err + } + + for _, heredoc := range heredocs { + terminator := []byte(heredoc.Name) + terminated := false + for scanner.Scan() { + bytesRead := scanner.Bytes() + currentLine++ + + possibleTerminator := trimNewline(bytesRead) + if heredoc.Chomp { + possibleTerminator = trimLeadingTabs(possibleTerminator) + } + if bytes.Equal(possibleTerminator, terminator) { + terminated = true + break + } + heredoc.Content += "\n" + heredoc.Content += string(bytesRead) + } + if !terminated { + return nil, fmt.Errorf("%s: unterminated heredoc", heredoc.Name) + } + + child.Heredocs = append(child.Heredocs, heredoc) + } + } + root.AddChild(child, startLine, currentLine) } @@ -331,6 +403,26 @@ func Parse(rwc io.Reader) (*Result, error) { }, nil } +func heredocsFromLine(line string) ([]buildkitparser.Heredoc, error) { + shlex := buildkitshell.NewLex('\\') + shlex.RawQuotes = true + shlex.RawEscapes = true + shlex.SkipUnsetEnv = true + words, _ := shlex.ProcessWords(line, []string{}) + + var docs []buildkitparser.Heredoc + for _, word := range words { + heredoc, err := buildkitparser.ParseHeredoc(word) + if err != nil { + return nil, err + } + if heredoc != nil { + docs = append(docs, *heredoc) + } + } + return docs, nil +} + func trimComments(src []byte) []byte { return tokenComment.ReplaceAll(src, []byte{}) } @@ -339,6 +431,16 @@ func trimWhitespace(src []byte) []byte { return bytes.TrimLeftFunc(src, unicode.IsSpace) } +func trimLeadingWhitespace(src []byte) []byte { + return bytes.TrimLeftFunc(src, unicode.IsSpace) +} +func trimLeadingTabs(src []byte) []byte { + return bytes.TrimLeft(src, "\t") +} +func trimNewline(src []byte) []byte { + return bytes.TrimRight(src, "\r\n") +} + func isEmptyContinuationLine(line []byte) bool { return len(trimComments(trimWhitespace(line))) == 0 } diff --git a/vendor/github.com/openshift/imagebuilder/evaluator.go b/vendor/github.com/openshift/imagebuilder/evaluator.go index b05f6c647b8f..7bea4f48cf70 100644 --- a/vendor/github.com/openshift/imagebuilder/evaluator.go +++ b/vendor/github.com/openshift/imagebuilder/evaluator.go @@ -7,6 +7,7 @@ import ( "github.com/openshift/imagebuilder/dockerfile/command" "github.com/openshift/imagebuilder/dockerfile/parser" + buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" ) // ParseDockerfile parses the provided stream as a canonical Dockerfile @@ -34,14 +35,10 @@ var replaceEnvAllowed = map[string]bool{ // Certain commands are allowed to have their args split into more // words after env var replacements. Meaning: -// -// ENV foo="123 456" -// EXPOSE $foo -// +// ENV foo="123 456" +// EXPOSE $foo // should result in the same thing as: -// -// EXPOSE 123 456 -// +// EXPOSE 123 456 // and not treat "123 456" as a single word. // Note that: EXPOSE "$foo" and EXPOSE $foo are not the same thing. // Quotes will cause it to still be treated as single word. @@ -59,6 +56,7 @@ type Step struct { Flags []string Attrs map[string]bool Message string + Heredocs []buildkitparser.Heredoc Original string } @@ -78,6 +76,7 @@ type Step struct { // deal with that, at least until it becomes more of a general concern with new // features. func (b *Step) Resolve(ast *parser.Node) error { + b.Heredocs = ast.Heredocs cmd := ast.Value upperCasedCmd := strings.ToUpper(cmd) diff --git a/vendor/modules.txt b/vendor/modules.txt index 432ec35afadf..74c0ff27578b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -120,6 +120,9 @@ github.com/containerd/log ## explicit; go 1.19 github.com/containerd/stargz-snapshotter/estargz github.com/containerd/stargz-snapshotter/estargz/errorutil +# github.com/containerd/typeurl v1.0.2 +## explicit; go 1.13 +github.com/containerd/typeurl # github.com/containernetworking/cni v1.1.2 ## explicit; go 1.14 github.com/containernetworking/cni/libcni @@ -135,7 +138,7 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.3.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 +# github.com/containers/buildah v1.33.0 ## explicit; go 1.20 github.com/containers/buildah github.com/containers/buildah/bind @@ -145,6 +148,7 @@ github.com/containers/buildah/define github.com/containers/buildah/docker github.com/containers/buildah/imagebuildah github.com/containers/buildah/internal +github.com/containers/buildah/internal/config github.com/containers/buildah/internal/mkcw github.com/containers/buildah/internal/mkcw/types github.com/containers/buildah/internal/parse @@ -615,6 +619,8 @@ github.com/godbus/dbus/v5 # github.com/gogo/protobuf v1.3.2 ## explicit; go 1.15 github.com/gogo/protobuf/proto +github.com/gogo/protobuf/sortkeys +github.com/gogo/protobuf/types # github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da ## explicit github.com/golang/groupcache/lru @@ -769,6 +775,12 @@ github.com/mistifyio/go-zfs/v3 # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 github.com/mitchellh/mapstructure +# github.com/moby/buildkit v0.10.6 +## explicit; go 1.17 +github.com/moby/buildkit/frontend/dockerfile/command +github.com/moby/buildkit/frontend/dockerfile/parser +github.com/moby/buildkit/frontend/dockerfile/shell +github.com/moby/buildkit/util/stack # github.com/moby/patternmatcher v0.5.0 ## explicit; go 1.19 github.com/moby/patternmatcher @@ -873,7 +885,7 @@ github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc +# github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 ## explicit; go 1.19 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerfile/command From ee165462272f94bd3c69c039e6d65ddde3646311 Mon Sep 17 00:00:00 2001 From: TomSweeneyRedHat Date: Sun, 19 Nov 2023 00:49:10 -0500 Subject: [PATCH 039/170] Bump Buildah to v1.33.1 Bump Buildah to v1.33.1 to get a CVE fix for Buildkit. I thought it was also going to drag in the test fix as mentioned in #20709, but I'm not seeing that here. [NO NEW TESTS NEEDED] Signed-off-by: TomSweeneyRedHat --- go.mod | 4 +- go.sum | 8 +- .../containers/buildah/CHANGELOG.md | 6 + .../containers/buildah/changelog.txt | 5 + .../containers/buildah/define/types.go | 2 +- .../frontend/dockerfile/parser/directives.go | 171 ++++++++++ .../dockerfile/parser/line_parsers.go | 8 +- .../frontend/dockerfile/parser/parser.go | 70 ++-- .../buildkit/frontend/dockerfile/shell/lex.go | 2 +- .../moby/buildkit/util/stack/stack.go | 8 +- .../moby/buildkit/util/stack/stack.pb.go | 307 +++++++++++------- vendor/modules.txt | 6 +- 12 files changed, 423 insertions(+), 174 deletions(-) create mode 100644 vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go diff --git a/go.mod b/go.mod index 927f8625d974..a5c89b23b7ae 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.0.0 github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 - github.com/containers/buildah v1.33.0 + github.com/containers/buildah v1.33.1 github.com/containers/common v0.57.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 @@ -160,7 +160,7 @@ require ( github.com/miekg/pkcs11 v1.1.1 // indirect github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/moby/buildkit v0.10.6 // indirect + github.com/moby/buildkit v0.11.4 // indirect github.com/moby/patternmatcher v0.5.0 // indirect github.com/moby/sys/mountinfo v0.7.1 // indirect github.com/moby/sys/sequential v0.5.0 // indirect diff --git a/go.sum b/go.sum index 3b46e4101e3e..e1dfb3c63f57 100644 --- a/go.sum +++ b/go.sum @@ -253,8 +253,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= -github.com/containers/buildah v1.33.0 h1:5MfF/nl/W60V22Jt9paNunMEZkDT0K0LLbf0DnXknfE= -github.com/containers/buildah v1.33.0/go.mod h1:O8jJAByO/HSoNOYAg3uupbyISfRC+hJSfWNsNtxzKCw= +github.com/containers/buildah v1.33.1 h1:s+5LaZx+vkOV/BboM6QZbf0Uma/A9W/B1REoUiM3CQo= +github.com/containers/buildah v1.33.1/go.mod h1:xEvekGaEeflDV4kxdKcTk0NbTuV4FsbPW4UYReLkHIw= github.com/containers/common v0.57.0 h1:5O/+6QUBafKK0/zeok9y1rLPukfWgdE0sT4nuzmyAqk= github.com/containers/common v0.57.0/go.mod h1:t/Z+/sFrapvFMEJe3YnecN49/Tae2wYEQShbEN6SRaU= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= @@ -781,8 +781,8 @@ github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/moby/buildkit v0.10.6 h1:DJlEuLIgnu34HQKF4n9Eg6q2YqQVC0eOpMb4p2eRS2w= -github.com/moby/buildkit v0.10.6/go.mod h1:tQuuyTWtOb9D+RE425cwOCUkX0/oZ+5iBZ+uWpWQ9bU= +github.com/moby/buildkit v0.11.4 h1:mleVHr+n7HUD65QNUkgkT3d8muTzhYUoHE9FM3Ej05s= +github.com/moby/buildkit v0.11.4/go.mod h1:P5Qi041LvCfhkfYBHry+Rwoo3Wi6H971J2ggE+PcIoo= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo= github.com/moby/patternmatcher v0.5.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= diff --git a/vendor/github.com/containers/buildah/CHANGELOG.md b/vendor/github.com/containers/buildah/CHANGELOG.md index d578ed93877c..6ed2502f0465 100644 --- a/vendor/github.com/containers/buildah/CHANGELOG.md +++ b/vendor/github.com/containers/buildah/CHANGELOG.md @@ -2,6 +2,12 @@ # Changelog +## v1.33.1 (2023-11-18) + + fix(deps): update module github.com/moby/buildkit to v0.11.4 [security] + test,heredoc: use fedora instead of docker.io/library/python:latest + Bump to v1.33.1-dev + ## v1.33.0 (2023-11-17) Never omit layers for emptyLayer instructions when squashing/cwing diff --git a/vendor/github.com/containers/buildah/changelog.txt b/vendor/github.com/containers/buildah/changelog.txt index a47dae0aab3e..ce6b8ab1ecd2 100644 --- a/vendor/github.com/containers/buildah/changelog.txt +++ b/vendor/github.com/containers/buildah/changelog.txt @@ -1,3 +1,8 @@ +- Changelog for v1.33.1 (2023-11-18) + * fix(deps): update module github.com/moby/buildkit to v0.11.4 [security] + * test,heredoc: use fedora instead of docker.io/library/python:latest + * Bump to v1.33.1-dev + - Changelog for v1.33.0 (2023-11-17) * Never omit layers for emptyLayer instructions when squashing/cwing * Add OverrideChanges and OverrideConfig to CommitOptions diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index ae3836a3fde1..89617f015cb0 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -29,7 +29,7 @@ const ( // identify working containers. Package = "buildah" // Version for the Package. Also used by .packit.sh for Packit builds. - Version = "1.33.0" + Version = "1.33.1" // DefaultRuntime if containers.conf fails. DefaultRuntime = "runc" diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go new file mode 100644 index 000000000000..db1668f252bf --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go @@ -0,0 +1,171 @@ +package parser + +import ( + "bufio" + "bytes" + "encoding/json" + "fmt" + "regexp" + "strings" + + "github.com/pkg/errors" +) + +const ( + keySyntax = "syntax" + keyEscape = "escape" +) + +var validDirectives = map[string]struct{}{ + keySyntax: {}, + keyEscape: {}, +} + +type Directive struct { + Name string + Value string + Location []Range +} + +// DirectiveParser is a parser for Dockerfile directives that enforces the +// quirks of the directive parser. +type DirectiveParser struct { + line int + regexp *regexp.Regexp + seen map[string]struct{} + done bool +} + +func (d *DirectiveParser) setComment(comment string) { + d.regexp = regexp.MustCompile(fmt.Sprintf(`^%s\s*([a-zA-Z][a-zA-Z0-9]*)\s*=\s*(.+?)\s*$`, comment)) +} + +func (d *DirectiveParser) ParseLine(line []byte) (*Directive, error) { + d.line++ + if d.done { + return nil, nil + } + if d.regexp == nil { + d.setComment("#") + } + + match := d.regexp.FindSubmatch(line) + if len(match) == 0 { + d.done = true + return nil, nil + } + + k := strings.ToLower(string(match[1])) + if _, ok := validDirectives[k]; !ok { + d.done = true + return nil, nil + } + if d.seen == nil { + d.seen = map[string]struct{}{} + } + if _, ok := d.seen[k]; ok { + return nil, errors.Errorf("only one %s parser directive can be used", k) + } + d.seen[k] = struct{}{} + + v := string(match[2]) + + directive := Directive{ + Name: k, + Value: v, + Location: []Range{{ + Start: Position{Line: d.line}, + End: Position{Line: d.line}, + }}, + } + return &directive, nil +} + +func (d *DirectiveParser) ParseAll(data []byte) ([]*Directive, error) { + scanner := bufio.NewScanner(bytes.NewReader(data)) + var directives []*Directive + for scanner.Scan() { + if d.done { + break + } + + d, err := d.ParseLine(scanner.Bytes()) + if err != nil { + return directives, err + } + if d != nil { + directives = append(directives, d) + } + } + return directives, nil +} + +// DetectSyntax returns the syntax of provided input. +// +// The traditional dockerfile directives '# syntax = ...' are used by default, +// however, the function will also fallback to c-style directives '// syntax = ...' +// and json-encoded directives '{ "syntax": "..." }'. Finally, starting lines +// with '#!' are treated as shebangs and ignored. +// +// This allows for a flexible range of input formats, and appropriate syntax +// selection. +func DetectSyntax(dt []byte) (string, string, []Range, bool) { + dt, hadShebang, err := discardShebang(dt) + if err != nil { + return "", "", nil, false + } + line := 0 + if hadShebang { + line++ + } + + // use default directive parser, and search for #syntax= + directiveParser := DirectiveParser{line: line} + if syntax, cmdline, loc, ok := detectSyntaxFromParser(dt, directiveParser); ok { + return syntax, cmdline, loc, true + } + + // use directive with different comment prefix, and search for //syntax= + directiveParser = DirectiveParser{line: line} + directiveParser.setComment("//") + if syntax, cmdline, loc, ok := detectSyntaxFromParser(dt, directiveParser); ok { + return syntax, cmdline, loc, true + } + + // search for possible json directives + var directive struct { + Syntax string `json:"syntax"` + } + if err := json.Unmarshal(dt, &directive); err == nil { + if directive.Syntax != "" { + loc := []Range{{ + Start: Position{Line: line}, + End: Position{Line: line}, + }} + return directive.Syntax, directive.Syntax, loc, true + } + } + + return "", "", nil, false +} + +func detectSyntaxFromParser(dt []byte, parser DirectiveParser) (string, string, []Range, bool) { + directives, _ := parser.ParseAll(dt) + for _, d := range directives { + // check for syntax directive before erroring out, since the error + // might have occurred *after* the syntax directive + if d.Name == keySyntax { + p, _, _ := strings.Cut(d.Value, " ") + return p, d.Value, d.Location, true + } + } + return "", "", nil, false +} + +func discardShebang(dt []byte) ([]byte, bool, error) { + line, rest, _ := bytes.Cut(dt, []byte("\n")) + if bytes.HasPrefix(line, []byte("#!")) { + return rest, true, nil + } + return dt, false, nil +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go index c0d0a55d1224..db8d0bda23d1 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go @@ -8,7 +8,6 @@ package parser import ( "encoding/json" - "fmt" "strings" "unicode" "unicode/utf8" @@ -34,7 +33,6 @@ func parseIgnore(rest string, d *directives) (*Node, map[string]bool, error) { // statement with sub-statements. // // ONBUILD RUN foo bar -> (onbuild (run foo bar)) -// func parseSubCommand(rest string, d *directives) (*Node, map[string]bool, error) { if rest == "" { return nil, nil, nil @@ -154,7 +152,7 @@ func parseNameVal(rest string, key string, d *directives) (*Node, error) { if !strings.Contains(words[0], "=") { parts := reWhitespace.Split(rest, 2) if len(parts) < 2 { - return nil, fmt.Errorf(key + " must have two arguments") + return nil, errors.Errorf("%s must have two arguments", key) } return newKeyValueNode(parts[0], parts[1]), nil } @@ -163,7 +161,7 @@ func parseNameVal(rest string, key string, d *directives) (*Node, error) { var prevNode *Node for _, word := range words { if !strings.Contains(word, "=") { - return nil, fmt.Errorf("Syntax error - can't find = in %q. Must be of the form: name=value", word) + return nil, errors.Errorf("Syntax error - can't find = in %q. Must be of the form: name=value", word) } parts := strings.SplitN(word, "=", 2) @@ -274,7 +272,7 @@ func parseString(rest string, d *directives) (*Node, map[string]bool, error) { func parseJSON(rest string, d *directives) (*Node, map[string]bool, error) { rest = strings.TrimLeftFunc(rest, unicode.IsSpace) if !strings.HasPrefix(rest, "[") { - return nil, nil, fmt.Errorf(`Error parsing "%s" as a JSON array`, rest) + return nil, nil, errors.Errorf("Error parsing %q as a JSON array", rest) } var myJSON []interface{} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go index 53165e0a481d..d6723635d4a8 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go @@ -1,4 +1,5 @@ -// Package parser implements a parser and parse tree dumper for Dockerfiles. +// The parser package implements a parser that transforms a raw byte-stream +// into a low-level Abstract Syntax Tree. package parser import ( @@ -27,7 +28,6 @@ import ( // This data structure is frankly pretty lousy for handling complex languages, // but lucky for us the Dockerfile isn't very complicated. This structure // works a little more effectively than a "proper" parse tree for our needs. -// type Node struct { Value string // actual content Next *Node // the next item in the current sexp @@ -115,7 +115,6 @@ type Heredoc struct { var ( dispatch map[string]func(string, *directives) (*Node, map[string]bool, error) reWhitespace = regexp.MustCompile(`[\t\v\f\r ]+`) - reDirectives = regexp.MustCompile(`^#\s*([a-zA-Z][a-zA-Z0-9]*)\s*=\s*(.+?)\s*$`) reComment = regexp.MustCompile(`^#.*$`) reHeredoc = regexp.MustCompile(`^(\d*)<<(-?)([^<]*)$`) reLeadingTabs = regexp.MustCompile(`(?m)^\t+`) @@ -124,11 +123,6 @@ var ( // DefaultEscapeToken is the default escape token const DefaultEscapeToken = '\\' -var validDirectives = map[string]struct{}{ - "escape": {}, - "syntax": {}, -} - var ( // Directives allowed to contain heredocs heredocDirectives = map[string]bool{ @@ -143,13 +137,12 @@ var ( } ) -// directive is the structure used during a build run to hold the state of +// directives is the structure used during a build run to hold the state of // parsing directives. type directives struct { - escapeToken rune // Current escape token - lineContinuationRegex *regexp.Regexp // Current line continuation regex - done bool // Whether we are done looking for directives - seen map[string]struct{} // Whether the escape directive has been seen + parser DirectiveParser + escapeToken rune // Current escape token + lineContinuationRegex *regexp.Regexp // Current line continuation regex } // setEscapeToken sets the default token for escaping characters and as line- @@ -178,40 +171,19 @@ func (d *directives) setEscapeToken(s string) error { // Parser directives must precede any builder instruction or other comments, // and cannot be repeated. func (d *directives) possibleParserDirective(line string) error { - if d.done { - return nil - } - - match := reDirectives.FindStringSubmatch(line) - if len(match) == 0 { - d.done = true - return nil - } - - k := strings.ToLower(match[1]) - _, ok := validDirectives[k] - if !ok { - d.done = true - return nil - } - - if _, ok := d.seen[k]; ok { - return errors.Errorf("only one %s parser directive can be used", k) + directive, err := d.parser.ParseLine([]byte(line)) + if err != nil { + return err } - d.seen[k] = struct{}{} - - if k == "escape" { - return d.setEscapeToken(match[2]) + if directive != nil && directive.Name == keyEscape { + return d.setEscapeToken(directive.Value) } - return nil } // newDefaultDirectives returns a new directives structure with the default escapeToken token func newDefaultDirectives() *directives { - d := &directives{ - seen: map[string]struct{}{}, - } + d := &directives{} d.setEscapeToken(string(DefaultEscapeToken)) return d } @@ -274,13 +246,15 @@ func newNodeFromLine(line string, d *directives, comments []string) (*Node, erro }, nil } -// Result is the result of parsing a Dockerfile +// Result contains the bundled outputs from parsing a Dockerfile. type Result struct { AST *Node EscapeToken rune Warnings []Warning } +// Warning contains information to identify and locate a warning generated +// during parsing. type Warning struct { Short string Detail [][]byte @@ -301,8 +275,8 @@ func (r *Result) PrintWarnings(out io.Writer) { } } -// Parse reads lines from a Reader, parses the lines into an AST and returns -// the AST and escape token +// Parse consumes lines from a provided Reader, parses each line into an AST +// and returns the results of doing so. func Parse(rwc io.Reader) (*Result, error) { d := newDefaultDirectives() currentLine := 0 @@ -421,7 +395,7 @@ func Parse(rwc io.Reader) (*Result, error) { }, withLocation(handleScannerError(scanner.Err()), currentLine, 0) } -// Extracts a heredoc from a possible heredoc regex match +// heredocFromMatch extracts a heredoc from a possible heredoc regex match. func heredocFromMatch(match []string) (*Heredoc, error) { if len(match) == 0 { return nil, nil @@ -457,7 +431,7 @@ func heredocFromMatch(match []string) (*Heredoc, error) { return nil, err } if len(wordsRaw) != len(words) { - return nil, fmt.Errorf("internal lexing of heredoc produced inconsistent results: %s", rest) + return nil, errors.Errorf("internal lexing of heredoc produced inconsistent results: %s", rest) } word := words[0] @@ -475,9 +449,14 @@ func heredocFromMatch(match []string) (*Heredoc, error) { }, nil } +// ParseHeredoc parses a heredoc word from a target string, returning the +// components from the doc. func ParseHeredoc(src string) (*Heredoc, error) { return heredocFromMatch(reHeredoc.FindStringSubmatch(src)) } + +// MustParseHeredoc is a variant of ParseHeredoc that discards the error, if +// there was one present. func MustParseHeredoc(src string) *Heredoc { heredoc, _ := ParseHeredoc(src) return heredoc @@ -503,6 +482,7 @@ func heredocsFromLine(line string) ([]Heredoc, error) { return docs, nil } +// ChompHeredocContent chomps leading tabs from the heredoc. func ChompHeredocContent(src string) string { return reLeadingTabs.ReplaceAllString(src, "") } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go index 23ab81f25cab..b930ab32601a 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go @@ -377,7 +377,7 @@ func (sw *shellWord) processDollar() (string, error) { } // Grab the current value of the variable in question so we - // can use to to determine what to do based on the modifier + // can use it to determine what to do based on the modifier newValue, found := sw.getEnv(name) switch modifier { diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.go b/vendor/github.com/moby/buildkit/util/stack/stack.go index 3409ac047af0..18d03630b47e 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.go @@ -79,7 +79,7 @@ func Enable(err error) error { return err } -func Wrap(err error, s Stack) error { +func Wrap(err error, s *Stack) error { return &withStack{stack: s, error: err} } @@ -151,7 +151,7 @@ func convertStack(s errors.StackTrace) *Stack { if idx == -1 { continue } - line, err := strconv.Atoi(p[1][idx+1:]) + line, err := strconv.ParseInt(p[1][idx+1:], 10, 32) if err != nil { continue } @@ -169,7 +169,7 @@ func convertStack(s errors.StackTrace) *Stack { } type withStack struct { - stack Stack + stack *Stack error } @@ -178,5 +178,5 @@ func (e *withStack) Unwrap() error { } func (e *withStack) StackTrace() *Stack { - return &e.stack + return e.stack } diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go index df55582db48a..c4a73a68f485 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go @@ -1,172 +1,261 @@ // Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.28.1 +// protoc v3.11.4 // source: stack.proto package stack import ( - fmt "fmt" - proto "github.com/golang/protobuf/proto" - math "math" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" ) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) type Stack struct { - Frames []*Frame `protobuf:"bytes,1,rep,name=frames,proto3" json:"frames,omitempty"` - Cmdline []string `protobuf:"bytes,2,rep,name=cmdline,proto3" json:"cmdline,omitempty"` - Pid int32 `protobuf:"varint,3,opt,name=pid,proto3" json:"pid,omitempty"` - Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` - Revision string `protobuf:"bytes,5,opt,name=revision,proto3" json:"revision,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Stack) Reset() { *m = Stack{} } -func (m *Stack) String() string { return proto.CompactTextString(m) } -func (*Stack) ProtoMessage() {} -func (*Stack) Descriptor() ([]byte, []int) { - return fileDescriptor_b44c07feb2ca0a5a, []int{0} -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Stack) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Stack.Unmarshal(m, b) + Frames []*Frame `protobuf:"bytes,1,rep,name=frames,proto3" json:"frames,omitempty"` + Cmdline []string `protobuf:"bytes,2,rep,name=cmdline,proto3" json:"cmdline,omitempty"` + Pid int32 `protobuf:"varint,3,opt,name=pid,proto3" json:"pid,omitempty"` + Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` + Revision string `protobuf:"bytes,5,opt,name=revision,proto3" json:"revision,omitempty"` } -func (m *Stack) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Stack.Marshal(b, m, deterministic) -} -func (m *Stack) XXX_Merge(src proto.Message) { - xxx_messageInfo_Stack.Merge(m, src) + +func (x *Stack) Reset() { + *x = Stack{} + if protoimpl.UnsafeEnabled { + mi := &file_stack_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Stack) XXX_Size() int { - return xxx_messageInfo_Stack.Size(m) + +func (x *Stack) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Stack) XXX_DiscardUnknown() { - xxx_messageInfo_Stack.DiscardUnknown(m) + +func (*Stack) ProtoMessage() {} + +func (x *Stack) ProtoReflect() protoreflect.Message { + mi := &file_stack_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Stack proto.InternalMessageInfo +// Deprecated: Use Stack.ProtoReflect.Descriptor instead. +func (*Stack) Descriptor() ([]byte, []int) { + return file_stack_proto_rawDescGZIP(), []int{0} +} -func (m *Stack) GetFrames() []*Frame { - if m != nil { - return m.Frames +func (x *Stack) GetFrames() []*Frame { + if x != nil { + return x.Frames } return nil } -func (m *Stack) GetCmdline() []string { - if m != nil { - return m.Cmdline +func (x *Stack) GetCmdline() []string { + if x != nil { + return x.Cmdline } return nil } -func (m *Stack) GetPid() int32 { - if m != nil { - return m.Pid +func (x *Stack) GetPid() int32 { + if x != nil { + return x.Pid } return 0 } -func (m *Stack) GetVersion() string { - if m != nil { - return m.Version +func (x *Stack) GetVersion() string { + if x != nil { + return x.Version } return "" } -func (m *Stack) GetRevision() string { - if m != nil { - return m.Revision +func (x *Stack) GetRevision() string { + if x != nil { + return x.Revision } return "" } type Frame struct { - Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"` - File string `protobuf:"bytes,2,opt,name=File,proto3" json:"File,omitempty"` - Line int32 `protobuf:"varint,3,opt,name=Line,proto3" json:"Line,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Frame) Reset() { *m = Frame{} } -func (m *Frame) String() string { return proto.CompactTextString(m) } -func (*Frame) ProtoMessage() {} -func (*Frame) Descriptor() ([]byte, []int) { - return fileDescriptor_b44c07feb2ca0a5a, []int{1} + Name string `protobuf:"bytes,1,opt,name=Name,proto3" json:"Name,omitempty"` + File string `protobuf:"bytes,2,opt,name=File,proto3" json:"File,omitempty"` + Line int32 `protobuf:"varint,3,opt,name=Line,proto3" json:"Line,omitempty"` } -func (m *Frame) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Frame.Unmarshal(m, b) -} -func (m *Frame) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Frame.Marshal(b, m, deterministic) -} -func (m *Frame) XXX_Merge(src proto.Message) { - xxx_messageInfo_Frame.Merge(m, src) +func (x *Frame) Reset() { + *x = Frame{} + if protoimpl.UnsafeEnabled { + mi := &file_stack_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Frame) XXX_Size() int { - return xxx_messageInfo_Frame.Size(m) + +func (x *Frame) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Frame) XXX_DiscardUnknown() { - xxx_messageInfo_Frame.DiscardUnknown(m) + +func (*Frame) ProtoMessage() {} + +func (x *Frame) ProtoReflect() protoreflect.Message { + mi := &file_stack_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Frame proto.InternalMessageInfo +// Deprecated: Use Frame.ProtoReflect.Descriptor instead. +func (*Frame) Descriptor() ([]byte, []int) { + return file_stack_proto_rawDescGZIP(), []int{1} +} -func (m *Frame) GetName() string { - if m != nil { - return m.Name +func (x *Frame) GetName() string { + if x != nil { + return x.Name } return "" } -func (m *Frame) GetFile() string { - if m != nil { - return m.File +func (x *Frame) GetFile() string { + if x != nil { + return x.File } return "" } -func (m *Frame) GetLine() int32 { - if m != nil { - return m.Line +func (x *Frame) GetLine() int32 { + if x != nil { + return x.Line } return 0 } -func init() { - proto.RegisterType((*Stack)(nil), "stack.Stack") - proto.RegisterType((*Frame)(nil), "stack.Frame") +var File_stack_proto protoreflect.FileDescriptor + +var file_stack_proto_rawDesc = []byte{ + 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x73, + 0x74, 0x61, 0x63, 0x6b, 0x22, 0x8f, 0x01, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x12, 0x24, + 0x0a, 0x06, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x0c, + 0x2e, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x2e, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x52, 0x06, 0x66, 0x72, + 0x61, 0x6d, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6d, 0x64, 0x6c, 0x69, 0x6e, 0x65, 0x18, + 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x63, 0x6d, 0x64, 0x6c, 0x69, 0x6e, 0x65, 0x12, 0x10, + 0x0a, 0x03, 0x70, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x70, 0x69, 0x64, + 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x43, 0x0a, 0x05, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x12, + 0x12, 0x0a, 0x04, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x4e, + 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x46, 0x69, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x04, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x4c, 0x69, 0x6e, 0x65, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x04, 0x4c, 0x69, 0x6e, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, +} + +var ( + file_stack_proto_rawDescOnce sync.Once + file_stack_proto_rawDescData = file_stack_proto_rawDesc +) + +func file_stack_proto_rawDescGZIP() []byte { + file_stack_proto_rawDescOnce.Do(func() { + file_stack_proto_rawDescData = protoimpl.X.CompressGZIP(file_stack_proto_rawDescData) + }) + return file_stack_proto_rawDescData } -func init() { - proto.RegisterFile("stack.proto", fileDescriptor_b44c07feb2ca0a5a) +var file_stack_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_stack_proto_goTypes = []interface{}{ + (*Stack)(nil), // 0: stack.Stack + (*Frame)(nil), // 1: stack.Frame +} +var file_stack_proto_depIdxs = []int32{ + 1, // 0: stack.Stack.frames:type_name -> stack.Frame + 1, // [1:1] is the sub-list for method output_type + 1, // [1:1] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name } -var fileDescriptor_b44c07feb2ca0a5a = []byte{ - // 185 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x3c, 0x8f, 0x3d, 0xce, 0x82, 0x40, - 0x10, 0x86, 0xb3, 0xdf, 0xb2, 0x7c, 0x3a, 0x58, 0x98, 0xa9, 0x36, 0x56, 0x1b, 0x62, 0x41, 0x45, - 0xa1, 0x47, 0x30, 0xa1, 0x32, 0x16, 0x78, 0x02, 0x84, 0x35, 0xd9, 0xc8, 0x5f, 0x76, 0x09, 0xd7, - 0xf0, 0xca, 0x66, 0x06, 0xb4, 0x7b, 0xde, 0x9f, 0xe4, 0x9d, 0x81, 0x24, 0x4c, 0x55, 0xfd, 0xca, - 0x47, 0x3f, 0x4c, 0x03, 0x2a, 0x16, 0xe9, 0x5b, 0x80, 0xba, 0x13, 0xe1, 0x11, 0xe2, 0xa7, 0xaf, - 0x3a, 0x1b, 0xb4, 0x30, 0x32, 0x4b, 0x4e, 0xbb, 0x7c, 0xa9, 0x17, 0x64, 0x96, 0x6b, 0x86, 0x1a, - 0xfe, 0xeb, 0xae, 0x69, 0x5d, 0x6f, 0xf5, 0x9f, 0x91, 0xd9, 0xb6, 0xfc, 0x4a, 0xdc, 0x83, 0x1c, - 0x5d, 0xa3, 0xa5, 0x11, 0x99, 0x2a, 0x09, 0xa9, 0x3b, 0x5b, 0x1f, 0xdc, 0xd0, 0xeb, 0xc8, 0x08, - 0xea, 0xae, 0x12, 0x0f, 0xb0, 0xf1, 0x76, 0x76, 0x1c, 0x29, 0x8e, 0x7e, 0x3a, 0xbd, 0x80, 0xe2, - 0x49, 0x44, 0x88, 0x6e, 0x55, 0x67, 0xb5, 0xe0, 0x02, 0x33, 0x79, 0x85, 0x6b, 0x69, 0x9b, 0x3d, - 0x62, 0xf2, 0xae, 0x74, 0xcf, 0xb2, 0xcc, 0xfc, 0x88, 0xf9, 0xc9, 0xf3, 0x27, 0x00, 0x00, 0xff, - 0xff, 0xfd, 0x2c, 0xbb, 0xfb, 0xf3, 0x00, 0x00, 0x00, +func init() { file_stack_proto_init() } +func file_stack_proto_init() { + if File_stack_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_stack_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Stack); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_stack_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Frame); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_stack_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_stack_proto_goTypes, + DependencyIndexes: file_stack_proto_depIdxs, + MessageInfos: file_stack_proto_msgTypes, + }.Build() + File_stack_proto = out.File + file_stack_proto_rawDesc = nil + file_stack_proto_goTypes = nil + file_stack_proto_depIdxs = nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index 0f16017f481b..1087c98cb3f2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -138,7 +138,7 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.3.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/buildah v1.33.0 +# github.com/containers/buildah v1.33.1 ## explicit; go 1.20 github.com/containers/buildah github.com/containers/buildah/bind @@ -775,8 +775,8 @@ github.com/mistifyio/go-zfs/v3 # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 github.com/mitchellh/mapstructure -# github.com/moby/buildkit v0.10.6 -## explicit; go 1.17 +# github.com/moby/buildkit v0.11.4 +## explicit; go 1.18 github.com/moby/buildkit/frontend/dockerfile/command github.com/moby/buildkit/frontend/dockerfile/parser github.com/moby/buildkit/frontend/dockerfile/shell From 62060f32343290e27b149c578584da1d90a25b47 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 10 Nov 2023 04:44:12 -0600 Subject: [PATCH 040/170] Get masked paths and readonly masked patchs from containers/common Signed-off-by: Daniel J Walsh --- pkg/specgen/generate/config_linux.go | 25 +++------------------- test/e2e/run_test.go | 31 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 22 deletions(-) diff --git a/pkg/specgen/generate/config_linux.go b/pkg/specgen/generate/config_linux.go index 07375529334b..04a5caf89510 100644 --- a/pkg/specgen/generate/config_linux.go +++ b/pkg/specgen/generate/config_linux.go @@ -11,6 +11,7 @@ import ( "path/filepath" "strings" + "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" @@ -93,34 +94,14 @@ func DevicesFromPath(g *generate.Generator, devicePath string) error { } func BlockAccessToKernelFilesystems(privileged, pidModeIsHost bool, mask, unmask []string, g *generate.Generator) { - defaultMaskPaths := []string{"/proc/acpi", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/proc/scsi", - "/sys/firmware", - "/sys/fs/selinux", - "/sys/dev/block", - } - if !privileged { - for _, mp := range defaultMaskPaths { + for _, mp := range config.DefaultMaskedPaths { // check that the path to mask is not in the list of paths to unmask if shouldMask(mp, unmask) { g.AddLinuxMaskedPaths(mp) } } - for _, rp := range []string{ - "/proc/asound", - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger", - } { + for _, rp := range config.DefaultReadOnlyPaths { if shouldMask(rp, unmask) { g.AddLinuxReadonlyPaths(rp) } diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index b923fd5fbe7e..67899616344d 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -11,6 +11,7 @@ import ( "time" "github.com/containers/common/pkg/cgroups" + "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/libpod/define" . "github.com/containers/podman/v4/test/utils" "github.com/containers/storage/pkg/stringid" @@ -370,6 +371,36 @@ var _ = Describe("Podman run", func() { return jsonFile } + It("podman run default mask test", func() { + session := podmanTest.Podman([]string{"run", "-d", "--name=maskCtr", ALPINE, "sleep", "200"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(ExitCleanly()) + for _, mask := range config.DefaultMaskedPaths { + if st, err := os.Stat(mask); err == nil { + if st.IsDir() { + session = podmanTest.Podman([]string{"exec", "maskCtr", "ls", mask}) + session.WaitWithDefaultTimeout() + Expect(session).Should(ExitCleanly()) + Expect(session.OutputToString()).To(BeEmpty()) + } else { + session = podmanTest.Podman([]string{"exec", "maskCtr", "cat", mask}) + session.WaitWithDefaultTimeout() + // Call can fail with permission denied, ignoring error or Not exist. + // key factor is there is no information leak + Expect(session.OutputToString()).To(BeEmpty()) + } + } + } + for _, mask := range config.DefaultReadOnlyPaths { + if _, err := os.Stat(mask); err == nil { + session = podmanTest.Podman([]string{"exec", "maskCtr", "touch", mask}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(1)) + Expect(session.ErrorToString()).To(Equal(fmt.Sprintf("touch: %s: Read-only file system", mask))) + } + } + }) + It("podman run mask and unmask path test", func() { session := podmanTest.Podman([]string{"run", "-d", "--name=maskCtr1", "--security-opt", "unmask=ALL", "--security-opt", "mask=/proc/acpi", ALPINE, "sleep", "200"}) session.WaitWithDefaultTimeout() From 9ea390191b579b2cf2dc6737be2ad12443e8660d Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 15 Nov 2023 07:11:26 -0700 Subject: [PATCH 041/170] rootless_tutorial: modernize - We can assume that cgroups v2 and rootless overlayfs are the default everywhere. - Remove RHEL7-only instructions - add clear '$' and '#' prompts to rootless and root commands - other minor consistency cleanups Ref: #20669 Signed-off-by: Ed Santiago --- docs/tutorials/rootless_tutorial.md | 86 +++++++++-------------------- 1 file changed, 25 insertions(+), 61 deletions(-) diff --git a/docs/tutorials/rootless_tutorial.md b/docs/tutorials/rootless_tutorial.md index c77135f463fd..7c9fceb0e78f 100644 --- a/docs/tutorials/rootless_tutorial.md +++ b/docs/tutorials/rootless_tutorial.md @@ -4,17 +4,6 @@ Prior to allowing users without root privileges to run Podman, the administrator must install or build Podman and complete the following configurations. -## cgroup V2 support - -The cgroup V2 Linux kernel feature allows the user to limit the amount of resources a rootless container can use. If the Linux distribution that you are running Podman on is enabled with cgroup V2 then you might need to change the default OCI Runtime. Some older versions of `runc` do not work with cgroup V2, you might have to switch to the alternative OCI runtime `crun`. - -The alternative OCI runtime support for cgroup V2 can also be turned on at the command line by using the `--runtime` option: - -``` -podman --runtime crun -``` -or for all commands by changing the value for the "Default OCI runtime" in the `containers.conf` file either at the system level or at the [user level](#user-configuration-files) from `runtime = "runc"` to `runtime = "crun"`. - ## Administrator Actions ### Installing Podman @@ -29,33 +18,6 @@ For building Podman, see the [build instructions](https://podman.io/getting-star The [slirp4netns](https://github.com/rootless-containers/slirp4netns) package provides user-mode networking for unprivileged network namespaces and must be installed on the machine in order for Podman to run in a rootless environment. The package is available on most Linux distributions via their package distribution software such as `yum`, `dnf`, `apt`, `zypper`, etc. If the package is not available, you can build and install `slirp4netns` from [GitHub](https://github.com/rootless-containers/slirp4netns). -### Ensure `fuse-overlayfs` is installed - -When using Podman in a rootless environment, it is recommended to use `fuse-overlayfs` rather than the VFS file system. For that you need the `fuse-overlayfs` executable available in `$PATH`. - -Your distribution might already provide it in the `fuse-overlayfs` package, but be aware that you need at least version **0.7.6**. This especially needs to be checked on Ubuntu distributions as `fuse-overlayfs` is not generally installed by default and the 0.7.6 version is not available natively on Ubuntu releases prior to **20.04**. - -The `fuse-overlayfs` project is available from [GitHub](https://github.com/containers/fuse-overlayfs), and provides instructions for easily building a static `fuse-overlayfs` executable. - -If Podman is used before `fuse-overlayfs` is installed, it may be necessary to adjust the `storage.conf` file (see "User Configuration Files" below) to change the `driver` option under `[storage]` to `"overlay"` and point the `mount_program` option in `[storage.options.overlay]` to the path of the `fuse-overlayfs` executable: - -``` -[storage] - driver = "overlay" - - (...) - -[storage.options.overlay] - - (...) - - mount_program = "/usr/bin/fuse-overlayfs" -``` - -### Enable user namespaces (on RHEL7 machines) - -The number of user namespaces that are allowed on the system is specified in the file `/proc/sys/user/max_user_namespaces`. On most Linux platforms this is preset by default and no adjustment is necessary. However, on RHEL7 machines, a user with root privileges may need to set that to a reasonable value by using this command: `sysctl user.max_user_namespaces=15000`. - ### `/etc/subuid` and `/etc/subgid` configuration Rootless Podman requires the user running it to have a range of UIDs listed in the files `/etc/subuid` and `/etc/subgid`. The `shadow-utils` or `newuid` package provides these files on different distributions and they must be installed on the system. Root privileges are required to add or update entries within these files. The following is a summary from the [How does rootless Podman work?](https://opensource.com/article/19/2/how-does-rootless-podman-work) article by Dan Walsh on [opensource.com](https://opensource.com) @@ -63,7 +25,7 @@ Rootless Podman requires the user running it to have a range of UIDs listed in t For each user that will be allowed to create containers, update `/etc/subuid` and `/etc/subgid` for the user with fields that look like the following. Note that the values for each user must be unique. If there is overlap, there is a potential for a user to use another user's namespace and they could corrupt it. ``` -cat /etc/subuid +# cat /etc/subuid johndoe:100000:65536 test:165536:65536 ``` @@ -76,24 +38,24 @@ The format of this file is `USERNAME:UID:RANGE` This means the user `johndoe` is allocated UIDs 100000-165535 as well as their standard UID in the `/etc/passwd` file. NOTE: this is not currently supported with network installs; these files must be available locally to the host machine. It is not possible to configure this with LDAP or Active Directory. -If you update either `/etc/subuid` or `/etc/subgid`, you need to stop all the running containers owned by the user and kill the pause process that is running on the system for that user. This can be done automatically by using the [`podman system migrate`](https://github.com/containers/podman/blob/main/docs/source/markdown/podman-system-migrate.1.md) command which will stop all the containers for the user and will kill the pause process. - Rather than updating the files directly, the `usermod` program can be used to assign UIDs and GIDs to a user. ``` -usermod --add-subuids 100000-165535 --add-subgids 100000-165535 johndoe +# usermod --add-subuids 100000-165535 --add-subgids 100000-165535 johndoe grep johndoe /etc/subuid /etc/subgid /etc/subuid:johndoe:100000:65536 /etc/subgid:johndoe:100000:65536 ``` +If you update either `/etc/subuid` or `/etc/subgid`, you need to stop all the running containers owned by the user and kill the pause process that is running on the system for that user. This can be done automatically by running [`podman system migrate`](https://github.com/containers/podman/blob/main/docs/source/markdown/podman-system-migrate.1.md) as that user. + #### Giving access to additional groups Users can fully map additional groups to a container namespace if those groups subordinated to the user: ``` -usermod --add-subgids 2000-2000 johndoe +# usermod --add-subgids 2000-2000 johndoe grep johndoe /etc/subgid ``` @@ -106,7 +68,7 @@ groups, and `--gidmap="+g102000:@2000"` to map the group `2000` in the host to the group `102000` in the container: ``` -podman run \ +$ podman run \ --rm \ --group-add keep-groups \ --gidmap="+g102000:@2000" \ @@ -117,6 +79,8 @@ podman run \ ### Enable unprivileged `ping` +(It is very unlikely that you will need to do this on a modern distro). + Users running in a non-privileged container may not be able to use the `ping` utility from that container. If this is required, the administrator must verify that the UID of the user is part of the range in the `/proc/sys/net/ipv4/ping_group_range` file. @@ -142,16 +106,16 @@ The three main configuration files are [containers.conf](https://github.com/cont Podman reads 1. `/usr/share/containers/containers.conf` 2. `/etc/containers/containers.conf` -3. `$HOME/.config/containers/containers.conf` +3. `${XDG_CONFIG_HOME}/containers.conf` -if they exist in that order. Each file can override the previous for particular fields. +if they exist, in that order. Each file can override the previous for particular fields. #### storage.conf For `storage.conf` the order is 1. `/etc/containers/storage.conf` -2. `$HOME/.config/containers/storage.conf` +2. `${XDG_CONFIG_HOME}/storage.conf` -In rootless Podman certain fields in `/etc/containers/storage.conf` are ignored. These fields are: +In rootless Podman, certain fields in `/etc/containers/storage.conf` are ignored. These fields are: ``` graphroot="" container storage graph dir (default: "/var/lib/containers/storage") @@ -163,21 +127,21 @@ runroot="" ``` In rootless Podman these fields default to ``` -graphroot="$HOME/.local/share/containers/storage" -runroot="$XDG_RUNTIME_DIR/containers" +graphroot="${XDG_DATA_HOME}/containers/storage" +runroot="${XDG_RUNTIME_DIR}/containers" ``` [$XDG_RUNTIME_DIR](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) defaults on most systems to `/run/user/$UID`. #### registries -Registry configuration is read in by this order +Registry configuration is read in this order 1. `/etc/containers/registries.conf` 2. `/etc/containers/registries.d/*` -3. `HOME/.config/containers/registries.conf` +3. `${XDG_CONFIG_HOME}/registries.conf` The files in the home directory should be used to configure rootless Podman for personal needs. These files are not created by default. Users can copy the files from `/usr/share/containers` or `/etc/containers` and modify them. #### Authorization files - The default authorization file used by the `podman login` and `podman logout` commands reside in `${XDG_RUNTIME_DIR}/containers/auth.json`. +The default authorization file used by the `podman login` and `podman logout` commands is `${XDG_RUNTIME_DIR}/containers/auth.json`. ### Using volumes @@ -188,24 +152,24 @@ If your container runs with the root user, then `root` in the container is actua So, for example, ``` -> whoami +host$ whoami john # a folder which is empty -host> ls /home/john/folder -host> podman run -v /home/john/folder:/container/volume mycontainer /bin/bash +host$ ls /home/john/folder +host$ podman run -it -v /home/john/folder:/container/volume mycontainer /bin/bash # Now I'm in the container -root@container> whoami +root@container# whoami root -root@container> touch /container/volume/test -root@container> ls -l /container/volume +root@container# touch /container/volume/test +root@container# ls -l /container/volume total 0 -rw-r--r-- 1 root root 0 May 20 21:47 test -root@container> exit +root@container# exit # I check again -host> ls -l /home/john/folder +host$ ls -l /home/john/folder total 0 -rw-r--r-- 1 john john 0 May 20 21:47 test ``` From 8b2667ef692a3e02e667c31e6d6fbdf9ac2bdcb2 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Mon, 20 Nov 2023 07:43:12 -0700 Subject: [PATCH 042/170] More rootless-tutorial fixes Followup to #20722: - Fix missing "containers" subdirectory - Indicate what podman uses as defaults for XDG envariables - whitespace and quoting fixes (I actually ran pandoc this time) Signed-off-by: Ed Santiago --- docs/tutorials/rootless_tutorial.md | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/docs/tutorials/rootless_tutorial.md b/docs/tutorials/rootless_tutorial.md index 7c9fceb0e78f..8c6079cc805e 100644 --- a/docs/tutorials/rootless_tutorial.md +++ b/docs/tutorials/rootless_tutorial.md @@ -98,22 +98,32 @@ Once the Administrator has completed the setup on the machine and then the confi ### User Configuration Files -The Podman configuration files for root reside in `/usr/share/containers` with overrides in `/etc/containers`. In the rootless environment they reside in `${XDG_CONFIG_HOME}/containers` (usually `~/.config/containers`) and are owned by each individual user. +The Podman configuration files for root reside in `/usr/share/containers` with overrides in `/etc/containers`. In the rootless environment they reside in `${XDG_CONFIG_HOME}/containers` and are owned by each individual user. + +Note: in environments without `XDG` environment variables, Podman internally sets the following defaults: + +- `$XDG_CONFIG_HOME` = `$HOME/.config` +- `$XDG_DATA_HOME` = `$HOME/.local/share` +- `$XDG_RUNTIME_DIR` = + - `/run/user/$UID` on `systemd` environments + - `$TMPDIR/podman-run-$UID` otherwise The three main configuration files are [containers.conf](https://github.com/containers/common/blob/main/docs/containers.conf.5.md), [storage.conf](https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md) and [registries.conf](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md). The user can modify these files as they wish. #### containers.conf Podman reads + 1. `/usr/share/containers/containers.conf` 2. `/etc/containers/containers.conf` -3. `${XDG_CONFIG_HOME}/containers.conf` +3. `${XDG_CONFIG_HOME}/containers/containers.conf` if they exist, in that order. Each file can override the previous for particular fields. #### storage.conf For `storage.conf` the order is + 1. `/etc/containers/storage.conf` -2. `${XDG_CONFIG_HOME}/storage.conf` +2. `${XDG_CONFIG_HOME}/containers/storage.conf` In rootless Podman, certain fields in `/etc/containers/storage.conf` are ignored. These fields are: ``` @@ -130,13 +140,14 @@ In rootless Podman these fields default to graphroot="${XDG_DATA_HOME}/containers/storage" runroot="${XDG_RUNTIME_DIR}/containers" ``` -[$XDG_RUNTIME_DIR](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) defaults on most systems to `/run/user/$UID`. +[\$XDG_RUNTIME_DIR](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) defaults on most systems to `/run/user/$UID`. #### registries Registry configuration is read in this order + 1. `/etc/containers/registries.conf` 2. `/etc/containers/registries.d/*` -3. `${XDG_CONFIG_HOME}/registries.conf` +3. `${XDG_CONFIG_HOME}/containers/registries.conf` The files in the home directory should be used to configure rootless Podman for personal needs. These files are not created by default. Users can copy the files from `/usr/share/containers` or `/etc/containers` and modify them. From 87cef3654639d573aad4d2288cf99d89f85f577d Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Mon, 20 Nov 2023 09:41:51 -0500 Subject: [PATCH 043/170] Update release notes from v4.7 branch Signed-off-by: Ashley Cui --- RELEASE_NOTES.md | 123 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 2b1b13e4c297..7117b44a3a4e 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,128 @@ # Release Notes +## 4.7.2 +### Security +- Fixed [GHSA-jq35-85cj-fj4p](https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p). + +### Bugfixes +- WSL: Fixed `podman compose` command. +- Fixed a bug in `podman compose` to try all configured providers before throwing an error ([#20502](https://github.com/containers/podman/issues/20502)). + +## 4.7.1 +### Bugfixes +- Fixed a bug involving non-English locales of Windows where machine installs using user-mode networking were rejected due to erroneous version detection ([#20209](https://github.com/containers/podman/issues/20209)). +- Fixed a regression in --env-file handling ([#19565](https://github.com/containers/podman/issues/19565)). +- Fixed a bug where podman inspect would fail when stat'ing a device failed. + +### API +- The network list compat API endpoint is now much faster ([#20035](https://github.com/containers/podman/issues/20035)). + +## 4.7.0 +### Security +- Now the io.containers.capabilities LABEL in an image can be an empty string. + +### Features +- New command set: `podman farm [create,list,remove,update]` has been created to "farm" out builds to machines running Podman for different architectures. +- New command: `podman compose` as a thin wrapper around an external compose provider such as docker-compose or podman-compose. +- FreeBSD: `podman run --device` is now supported. +- Linux: Add a new `--module` flag for Podman. +- Podmansh: Timeout is now configurable using the `podmansh_timeout` option in containers.conf. +- SELinux: Add support for confined users to create containers but restrict them from creating privileged containers. +- WSL: Registers shared socket bindings on Windows, to allow other WSL distributions easy remote access ([#15190](https://github.com/containers/podman/issues/15190)). +- WSL: Enabling user-mode-networking on older WSL2 generations will now detect an error with upgrade guidance. +- The `podman build` command now supports two new options: `--layer-label` and `--cw`. +- The `podman kube generate` command now supports generation of k8s DaemonSet kind ([#18899](https://github.com/containers/podman/issues/18899)). +- The `podman kube generate` and `podman kube play` commands now support the k8s `TerminationGracePeriodSeconds` field ([RH BZ#2218061](https://bugzilla.redhat.com/show_bug.cgi?id=2218061)). +- The `podman kube generate` and `podman kube play` commands now support `securityContext.procMount: Unmasked` ([#19881](https://github.com/containers/podman/issues/19881)). +- The `podman generate kube` command now supports a `--podman-only` flag to allow podman-only reserved annotations to be used in the generated YAML file. These annotations cannot be used by Kubernetes. +- The `podman kube generate` now supports a `--no-trunc` flag that supports YAML files with annotations longer than 63 characters. Warning: if an annotation is longer than 63 chars, then the generated yaml file is not Kubernetes compatible. +- An infra name annotation `io.podman.annotations.infra.name` is added in the generated yaml when the `pod create` command has `--infra-name` set. This annotation can also be used with `kube play` when wanting to customize the infra container name ([#18312](https://github.com/containers/podman/issues/18312)). +- The syntax of `--uidmap` and `--gidmap` has been extended to lookup the parent user namespace and to extend default mappings ([#18333](https://github.com/containers/podman/issues/18333)). +- The `podman kube` commands now support the `List` kind ([#19052](https://github.com/containers/podman/issues/19052)). +- The `podman kube play` command now supports environment variables in kube.yaml ([#15983](https://github.com/containers/podman/issues/15983)). +- The `podman push` and `podman manifest push` commands now support the `--force-compression` optionto prevent reusing other blobs ([#18860](https://github.com/containers/podman/issues/18660)). +- The `podman manifest push` command now supports `--add-compression` to push with compressed variants. +- The `podman manifest push` command now honors the `add_compression` field from containers.conf if `--add-compression` is not set. +- The `podman run` and `podman create --mount` commands now support the `ramfs` type ([#19659](https://github.com/containers/podman/issues/19659)). +- When running under systemd (e.g., via Quadlet), Podman will extend the start timeout in 30 second steps up to a maximum of 5 minutes when pulling an image. +- The `--add-host` option now accepts the special string `host-gateway` instead of an IP Address, which will be mapped to the host IP address. +- The `podman generate systemd` command is deprecated. Use Quadlet for running containers and pods under systemd. +- The `podman secret rm` command now supports an `--ignore` option. +- The `--env-file` option now supports multiline variables ([#18724](https://github.com/containers/podman/issues/18724)). +- The `--read-only-tmpfs` flag now affects /dev and /dev/shm as well as /run, /tmp, /var/tmp ([#12937](https://github.com/containers/podman/issues/12937)). +- The Podman `--mount` option now supports bind mounts passed as globs. +- The `--mount` option can now be specified in containers.conf using the `mounts` field. +- The `podman stats` now has an `--all` option to get all containers stats ([#19252](https://github.com/containers/podman/issues/19252)). +- There is now a new `--sdnotify=healthy` policy where Podman sends the READY message once the container turns healthy ([#6160](https://github.com/containers/podman/issues/6160)). +- Temporary files created when dealing with images in `/var/tmp` will automatically be cleaned up on reboot. +- There is now a new filter option `since` for `podman volume ls` and `podman volume prune` ([#19228](https://github.com/containers/podman/issues/19228)). +- The `podman inspect` command now has tab-completion support ([#18672])(https://github.com/containers/podman/issues/18672)). +- The `podman kube play` command now has support for the use of reserved annotations in the generated YAML. +- The progress bar is now displayed when decompressing a Podman machine image ([#19240](https://github.com/containers/podman/issues/19240)). +- The `podman secret inspect` command supports a new option `--showsecret` which will output the actual secret. +- The `podman secret create` now supports a `--replace` option, which allows you to modify secrets without replacing containers. +- The `podman login` command can now read the secret for a registry from its secret database created with `podman secret create` ([#18667]](https://github.com/containers/podman/issues/18667)). +- The remote Podman client’s `podman play kube` command now works with the `--userns` option ([#17392](https://github.com/containers/podman/pull/17392)). + +### Changes +- The `/tmp` and `/var/tmp` inside of a `podman kube play` will no longer be `noexec`. +- The limit of inotify instances has been bumped from 128 to 524288 for podman machine ([#19848](https://github.com/containers/podman/issues/19848)). +- The `podman kube play` has been improved to only pull a newer image for the "latest" tag ([#19801](https://github.com/containers/podman/issues/19801)). +- Pulling from an `oci` transport will use the optional name for naming the image. +- The `podman info` command will always display the existence of the Podman socket. +- The echo server example in socket_activation.md has been rewritten to use quadlet instead of `podman generate systemd`. +- Kubernetes support table documentation correctly show volumes support. +- The `podman auto-update` manpage and documentation has been updated and now includes references to Quadlet. + +### Quadlet +- Quadlet now supports setting Ulimit values. +- Quadlet now supports setting the PidsLimit option in a container. +- Quadlet unit files allow DNS field in Network group and DNS, DNSSearch, and DNSOption field in Container group ([#19884](https://github.com/containers/podman/issues/19884)). +- Quadlet now supports ShmSize option in unit files. +- Quadlet now recursively calls in user directories for unit files. +- Quadlet now allows the user to set the service working directory relative to the YAML or Unit files ([17177](https://github.com/containers/podman/discussions/17177)). +- Quadlet now allows setting user-defined names for `Volume` and `Network` units via the `VolumeName` and `NetworkName` directives, respectively. +- Kube quadlets can now support autoupdate. + +### Bugfixes +- Fixed an issue where containers were being restarted after a `podman kill`. +- Fixed a bug where events could report incorrect healthcheck results ([#19237](https://github.com/containers/podman/issues/19237). +- Fixed a bug where running a container in a pod didn't fail if volumes or mounts were specified in the containers.conf file. +- Fixed a bug where pod cgroup limits were not being honored after a reboot ([#19175](https://github.com/containers/podman/issues/19175)). +- Fixed a bug where `podman rm -af` could fail to remove containers under some circumstances ([#18874](https://github.com/containers/podman/issues/18874)). +- Fixed a bug in rootless to clamp oom_score_adj to current value if it is too low ([#19829](https://github.com/containers/podman/issues/19829)). +- Fixed a bug where `--hostuser` was being parsed in base 8 instead of base 10 ([#19800](https://github.com/containers/podman/issues/19800)). +- Fixed a bug where `kube down` would error when an object did not exist ([#19711](https://github.com/containers/podman/issues/19711)). +- Fixed a bug where containers created via DOCKER API without specifying StopTimeout had StopTimeout defaulting to 0 seconds ([#19139](https://github.com/containers/podman/issues/19139)). +- Fixed a bug in `podman exec` to set umask to match the container it's execing into ([#19713](https://github.com/containers/podman/issues/19713)). +- Fixed a bug where `podman kube play` failed to set a container's Umask to the default `0022`. +- Fixed a bug to automatically reassign Podman's machine ssh port on Windows when it conflicts with in-use system ports ([#19554](https://github.com/containers/podman/issues/19554)). +- Fixed a bug where locales weren't passed to conmon correctly, resulting in a crash if some characters were specified over CLI ([containers/common/#272](https://github.com/containers/conmon/issues/272)). +- Fixed a bug where `podman top` would sometimes not print the full output ([#19504](https://github.com/containers/podman/issues/19504)). +- Fixed a bug were `podman logs --tail` could return incorrect lines when the k8s-file logger is used ([#19545](https://github.com/containers/podman/issues/19545)). +- Fixed a bug where `podman stop` did not ignore cidfile not existing when user specified --ignore flag ([#19546](https://github.com/containers/podman/issues/19546)). +- Fixed a bug where a container with an image volume and an inherited mount from the `--volumes-from` option that used the same path could not be created ([#19529](https://github.com/containers/podman/issues/19529)). +- Fixed a bug where `podman cp` via STDIN did not delete temporary files ([#19496](https://github.com/containers/podman/issues/19496)). +- Fixed a bug where Compatibility API did not accept timeout=-1 for stopping containers ([#17542](https://github.com/containers/podman/issues/17542)). +- Fixed a bug where `podman run --rmi` did not remove the container ([#15640](https://github.com/containers/podman/issues/15640)). +- Fixed a bug to recover from inconsistent podman-machine states with QEMU ([#16054](https://github.com/containers/podman/issues/16054)). +- Fixed a bug where CID Files on remote clients are not removed when container is removed ([#19420](https://github.com/containers/podman/issues/19420)). +- Fixed a bug in `podman inspect` to show a `.NetworkSettings.SandboxKey` path for containers created with --net=none ([#16716](https://github.com/containers/podman/issues/16716)). +- Fixed a concurrency bug in `podman machine start` using the QEMU provider ([#18662](https://github.com/containers/podman/issues/18662)). +- Fixed a bug in `podman run` and `podman create` where the command fails if the user specifies a non-existent authfile path ([#18938](https://github.com/containers/podman/issues/18938)). +- Fixed a bug where some distributions added extra quotes around the distribution name removed from `podman info` output ([#19340](https://github.com/containers/podman/issues/19340)). +- Fixed a crash validating --device argument for create and run ([#19335](https://github.com/containers/podman/issues/19335)). +- Fixed a bug where `.HostConfig.PublishAllPorts` always evaluates to `false` when inspecting a container created with `--publish-all`. +- Fixed a bug in `podman image trust` command to allow using the local policy.json file ([#19073](https://github.com/containers/podman/issues/19073)). +- Fixed a bug where the cgroup file system was not correctly mounted when running without a network namespace in rootless mode ([#20073](https://github.com/containers/podman/issues/20073)). +- Fixed a bug where the `--syslog` flag was not passed to the cleanup process. + +### API +- Fixed a bug with parsing of the pull query parameter for the compat /build endpoint ([#17778](https://github.com/containers/podman/issues/17778)). + +### Misc +- Updated Buildah to v1.32.0. + ## 4.6.2 ### Changes - Fixed a performance issue when calculating diff sizes in overlay. The `podman system df` command should see a significant performance improvement ([#19467](https://github.com/containers/podman/issues/19467)). From c8506822085bae264baaa681f7cf23fcd4ccecfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Mon, 20 Nov 2023 16:57:17 +0100 Subject: [PATCH 044/170] Remove clearly dead code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Should not change behavior. Signed-off-by: Miloslav Trmač --- libpod/storage.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/libpod/storage.go b/libpod/storage.go index 52d5e1e8f76e..e8bc8204bc79 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -97,10 +97,7 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte return ContainerInfo{}, err } - // Update the image name and ID. - if imageName == "" && len(img.Names) > 0 { - imageName = img.Names[0] - } + // Update the image ID. imageID = img.ID } From e9587f5e3710818cb0dbf54fd452a86adc45fd20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Mon, 20 Nov 2023 18:24:28 +0100 Subject: [PATCH 045/170] Don't re-assign imageID MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By construction in callers, imageID is always a full ID, so this assignment is always a no-op. Signed-off-by: Miloslav Trmač --- libpod/storage.go | 7 ------- 1 file changed, 7 deletions(-) diff --git a/libpod/storage.go b/libpod/storage.go index e8bc8204bc79..e60218251493 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -80,10 +80,6 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte if err != nil { return ContainerInfo{}, err } - _, img, err := istorage.ResolveReference(ref) - if err != nil { - return ContainerInfo{}, err - } // Pull out a copy of the image's configuration. image, err := ref.NewImage(ctx, systemContext) if err != nil { @@ -96,9 +92,6 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte if err != nil { return ContainerInfo{}, err } - - // Update the image ID. - imageID = img.ID } // Build metadata to store with the container. From ff80e40adfa7e103bb13fd9e4a5703396cffed43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Mon, 20 Nov 2023 18:26:38 +0100 Subject: [PATCH 046/170] Use NewStoreReference instead of ParseStoreReference MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By construction, imageID is a full image ID, so avoid heuristics by using a more specific API. Signed-off-by: Miloslav Trmač --- libpod/storage.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libpod/storage.go b/libpod/storage.go index e60218251493..33fd95357b0b 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -71,12 +71,11 @@ func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string) { func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID string, options storage.ContainerOptions) (_ ContainerInfo, retErr error) { var imageConfig *v1.Image if imageName != "" { - var ref types.ImageReference if containerName == "" { return ContainerInfo{}, define.ErrEmptyID } // Check if we have the specified image. - ref, err := istorage.Transport.ParseStoreReference(r.store, imageID) + ref, err := istorage.Transport.NewStoreReference(r.store, nil, imageID) if err != nil { return ContainerInfo{}, err } From ae9b63fbf0c888a6f8f64f5ce1ec0faf35c70c74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Mon, 20 Nov 2023 19:04:16 +0100 Subject: [PATCH 047/170] Check for imageID, not imageName MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We are only using imageID on that branch, so it is more consistent. Should not change behavior; in callers, either both are set or neither. [NO NEW TESTS NEEDED] Signed-off-by: Miloslav Trmač --- libpod/storage.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libpod/storage.go b/libpod/storage.go index 33fd95357b0b..3f667c3199f6 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -66,11 +66,12 @@ func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string) { metadata.MountLabel = mountLabel } -// CreateContainerStorage creates the storage end of things. We already have the container spec created +// CreateContainerStorage creates the storage end of things. We already have the container spec created. +// imageID and imageName must both be either empty or non-empty. // TO-DO We should be passing in an Image object in the future. func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID string, options storage.ContainerOptions) (_ ContainerInfo, retErr error) { var imageConfig *v1.Image - if imageName != "" { + if imageID != "" { if containerName == "" { return ContainerInfo{}, define.ErrEmptyID } From e75fbe54e2bb5adfcfd122f431d95db79e6d66e5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 18:13:43 +0000 Subject: [PATCH 048/170] Update dependency setuptools to v69 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- test/apiv2/python/requirements.txt | 2 +- test/python/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/apiv2/python/requirements.txt b/test/apiv2/python/requirements.txt index feda0a872632..8591bd73016a 100644 --- a/test/apiv2/python/requirements.txt +++ b/test/apiv2/python/requirements.txt @@ -1,5 +1,5 @@ requests-mock~=1.11.0 requests~=2.31.0 -setuptools~=68.2.0 +setuptools~=69.0.0 python-dateutil~=2.8.1 PyYAML~=6.0.0 diff --git a/test/python/requirements.txt b/test/python/requirements.txt index 74ef37a69a43..7e2cfbaa71df 100644 --- a/test/python/requirements.txt +++ b/test/python/requirements.txt @@ -1,6 +1,6 @@ docker~=6.1.0 requests-mock~=1.11.0 requests~=2.31.0 -setuptools~=68.2.0 +setuptools~=69.0.0 python-dateutil~=2.8.1 PyYAML~=6.0.0 From be24633300e52b4e5b2f4a1f613599b4572f9eea Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Mon, 20 Nov 2023 10:40:54 -0500 Subject: [PATCH 049/170] Bump to v5.0.0-dev Signed-off-by: Ashley Cui --- test/apiv2/01-basic.at | 2 +- version/rawversion/version.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/apiv2/01-basic.at b/test/apiv2/01-basic.at index ddb2e6e44b9e..f06021efec79 100644 --- a/test/apiv2/01-basic.at +++ b/test/apiv2/01-basic.at @@ -19,7 +19,7 @@ t HEAD libpod/_ping 200 for i in /version version; do t GET $i 200 \ .Components[0].Name="Podman Engine" \ - .Components[0].Details.APIVersion~4[0-9.-]\\+ \ + .Components[0].Details.APIVersion~5[0-9.-]\\+ \ .Components[0].Details.MinAPIVersion=4.0.0 \ .Components[0].Details.Os=linux \ .ApiVersion=1.41 \ diff --git a/version/rawversion/version.go b/version/rawversion/version.go index 23ac83d2be32..493b993356b0 100644 --- a/version/rawversion/version.go +++ b/version/rawversion/version.go @@ -7,4 +7,4 @@ package rawversion // // NOTE: remember to bump the version at the top of the top-level README.md // file when this is bumped. -const RawVersion = "4.8.0-dev" +const RawVersion = "5.0.0-dev" From e40d70cecceb46c7ad6ae8502a29f52867e15a7a Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Mon, 9 Oct 2023 14:08:00 +0200 Subject: [PATCH 050/170] new 'no-dereference' mount option Add a new `no-dereference` mount option supported by crun 1.11+ to re-create/copy a symlink if it's the source of a mount. By default the kernel will resolve the symlink on the host and mount the target. As reported in #20098, there are use cases where the symlink structure must be preserved by all means. Fixes: #20098 Fixes: issues.redhat.com/browse/RUN-1935 Signed-off-by: Valentin Rothberg --- docs/source/markdown/options/mount.md | 2 + go.mod | 2 +- go.sum | 4 +- libpod/container_internal_common.go | 6 +- pkg/specgenutil/volumes.go | 2 +- pkg/util/mountOpts.go | 7 +- test/system/060-mount.bats | 81 ++++++++++++++++++- .../containers/common/pkg/parse/parse.go | 7 +- .../containers/common/version/version.go | 2 +- vendor/modules.txt | 2 +- 10 files changed, 105 insertions(+), 10 deletions(-) diff --git a/docs/source/markdown/options/mount.md b/docs/source/markdown/options/mount.md index a44acbf6958c..9ab02cd97ed8 100644 --- a/docs/source/markdown/options/mount.md +++ b/docs/source/markdown/options/mount.md @@ -75,6 +75,8 @@ Current supported mount TYPEs are **bind**, **devpts**, **glob**, **image**, **r . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container. + . no-dereference: do not dereference symlinks but copy the link source into the mount destination. + Options specific to tmpfs and ramfs: · ro, readonly: true or false (default). diff --git a/go.mod b/go.mod index a5c89b23b7ae..9c0bd374f97e 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 github.com/containers/buildah v1.33.1 - github.com/containers/common v0.57.0 + github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.29.0 diff --git a/go.sum b/go.sum index e1dfb3c63f57..d2679e2cfe7a 100644 --- a/go.sum +++ b/go.sum @@ -255,8 +255,8 @@ github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= github.com/containers/buildah v1.33.1 h1:s+5LaZx+vkOV/BboM6QZbf0Uma/A9W/B1REoUiM3CQo= github.com/containers/buildah v1.33.1/go.mod h1:xEvekGaEeflDV4kxdKcTk0NbTuV4FsbPW4UYReLkHIw= -github.com/containers/common v0.57.0 h1:5O/+6QUBafKK0/zeok9y1rLPukfWgdE0sT4nuzmyAqk= -github.com/containers/common v0.57.0/go.mod h1:t/Z+/sFrapvFMEJe3YnecN49/Tae2wYEQShbEN6SRaU= +github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 h1:4IAcuB9ZYlMIX5rnap2ax9IdFtivbTvUIPh7WgUglvU= +github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6/go.mod h1:gUsz+eYo0q1NMwiukwI8E6LAqyYd0DapZ71hKC+MbJw= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index cd19089e2ec0..81b0fbf337b2 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -366,7 +366,11 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc if err := c.relabel(m.Source, c.MountLabel(), label.IsShared(o)); err != nil { return nil, nil, err } - + case "no-dereference": + // crun calls the option `copy-symlink`. + // Podman decided for --no-dereference as many + // bin-utils tools (e..g, touch, chown, cp) do. + options = append(options, "copy-symlink") default: options = append(options, o) } diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go index b9a85f18b46b..4e663f6e7359 100644 --- a/pkg/specgenutil/volumes.go +++ b/pkg/specgenutil/volumes.go @@ -355,7 +355,7 @@ func parseMountOptions(mountType string, args []string) (*spec.Mount, error) { default: return nil, fmt.Errorf("%s mount option must be 'private' or 'shared': %w", kv[0], util.ErrBadMntOption) } - case "shared", "rshared", "private", "rprivate", "slave", "rslave", "unbindable", "runbindable", "Z", "z": + case "shared", "rshared", "private", "rprivate", "slave", "rslave", "unbindable", "runbindable", "Z", "z", "no-dereference": mnt.Options = append(mnt.Options, kv[0]) case "src", "source": if mountType == define.TypeTmpfs { diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go index a65dcfbba93b..a35ac77f77fa 100644 --- a/pkg/util/mountOpts.go +++ b/pkg/util/mountOpts.go @@ -28,7 +28,7 @@ type defaultMountOptions struct { // The sourcePath variable, if not empty, contains a bind mount source. func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string, error) { var ( - foundWrite, foundSize, foundProp, foundMode, foundExec, foundSuid, foundDev, foundCopyUp, foundBind, foundZ, foundU, foundOverlay, foundIdmap, foundCopy, foundNoSwap bool + foundWrite, foundSize, foundProp, foundMode, foundExec, foundSuid, foundDev, foundCopyUp, foundBind, foundZ, foundU, foundOverlay, foundIdmap, foundCopy, foundNoSwap, foundNoDereference bool ) newOptions := make([]string, 0, len(options)) @@ -148,6 +148,11 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string foundNoSwap = true newOptions = append(newOptions, opt) continue + case "no-dereference": + if foundNoDereference { + return nil, fmt.Errorf("the 'no-dereference' option can only be set once: %w", ErrDupeMntOption) + } + foundNoDereference = true case define.TypeBind, "rbind": if isTmpfs { return nil, fmt.Errorf("the 'bind' and 'rbind' options are not allowed with tmpfs mounts: %w", ErrBadMntOption) diff --git a/test/system/060-mount.bats b/test/system/060-mount.bats index bd4eede000c7..3bb699421dd1 100644 --- a/test/system/060-mount.bats +++ b/test/system/060-mount.bats @@ -321,4 +321,83 @@ EOF fi } -# vim: filetype=sh +@test "podman mount no-dereference" { + # Test how bind and glob-mounts behave with respect to relative (rel) and + # absolute (abs) symlinks. + + if [ $(podman_runtime) != "crun" ]; then + # Requires crun >= 1.11.0 + skip "only crun supports the no-dereference (copy-symlink) mount option" + fi + + # One directory for testing relative symlinks, another for absolute ones. + rel_dir=$PODMAN_TMPDIR/rel-dir + abs_dir=$PODMAN_TMPDIR/abs-dir + mkdir $rel_dir $abs_dir + + # Create random values to discrimate data in the rel/abs directory and the + # one from the image. + rel_random_host="rel_on_the_host_$(random_string 15)" + abs_random_host="abs_on_the_host_$(random_string 15)" + random_img="on_the_image_$(random_string 15)" + + # Relative symlink + echo "$rel_random_host" > $rel_dir/data + ln -r -s $rel_dir/data $rel_dir/link + # Absolute symlink + echo "$abs_random_host" > $abs_dir/data + ln -s $abs_dir/data $abs_dir/link + + dockerfile=$PODMAN_TMPDIR/Dockerfile + cat >$dockerfile < /tmp/data +EOF + + img="localhost/preserve:symlinks" + run_podman build -t $img -f $dockerfile + + link_path="/tmp/link" + create_path="/tmp/i/do/not/exist/link" + + tests=" +0 | bind | $rel_dir/link | /tmp/link | | /tmp/link | $rel_random_host | $link_path | bind mount relative symlink: mounts target from the host +0 | bind | $abs_dir/link | /tmp/link | | /tmp/link | $abs_random_host | $link_path | bind mount absolute symlink: mounts target from the host +0 | glob | $rel_dir/lin* | /tmp/ | | /tmp/link | $rel_random_host | $link_path | glob mount relative symlink: mounts target from the host +0 | glob | $abs_dir/lin* | /tmp/ | | /tmp/link | $abs_random_host | $link_path | glob mount absolute symlink: mounts target from the host +0 | glob | $rel_dir/* | /tmp/ | | /tmp/link | $rel_random_host | $link_path | glob mount entire directory: mounts relative target from the host +0 | glob | $abs_dir/* | /tmp/ | | /tmp/link | $abs_random_host | $link_path | glob mount entire directory: mounts absolute target from the host +0 | bind | $rel_dir/link | /tmp/link | ,no-dereference | '/tmp/link' -> 'data' | $random_img | $link_path | no_deref: bind mount relative symlink: points to file on the image +0 | glob | $rel_dir/lin* | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $random_img | $link_path | no_deref: glob mount relative symlink: points to file on the image +0 | bind | $rel_dir/ | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $rel_random_host | $link_path | no_deref: bind mount the entire directory: preserves symlink automatically +0 | glob | $rel_dir/* | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $rel_random_host | $link_path | no_deref: glob mount the entire directory: preserves symlink automatically +1 | bind | $abs_dir/link | /tmp/link | ,no-dereference | '/tmp/link' -> '$abs_dir/data' | cat: can't open '/tmp/link': No such file or directory | $link_path | bind mount *preserved* absolute symlink: now points to a non-existent file on the container +1 | glob | $abs_dir/lin* | /tmp/ | ,no-dereference | '/tmp/link' -> '$abs_dir/data' | cat: can't open '/tmp/link': No such file or directory | $link_path | glob mount *preserved* absolute symlink: now points to a non-existent file on the container +0 | bind | $rel_dir/link | $create_path | | $create_path | $rel_random_host | $create_path | bind mount relative symlink: creates dirs and mounts target from the host +1 | bind | $rel_dir/link | $create_path | ,no-dereference | '$create_path' -> 'data' | cat: can't open '$create_path': No such file or directory | $create_path | no_deref: bind mount relative symlink: creates dirs and mounts target from the host +" + + while read exit_code mount_type mount_src mount_dst mount_opts line_0 line_1 path description; do + if [[ $mount_opts == "''" ]];then + unset mount_opts + fi + run_podman $exit_code run \ + --mount type=$mount_type,src=$mount_src,dst=$mount_dst$mount_opts \ + --rm --privileged $img sh -c "stat -c '%N' $path; cat $path" + assert "${lines[0]}" = "$line_0" "$description" + assert "${lines[1]}" = "$line_1" "$description" + done < <(parse_table "$tests") + + # Make sure that it's presvered across starts and stops + run_podman create --mount type=glob,src=$rel_dir/*,dst=/tmp/,no-dereference --privileged $img sh -c "stat -c '%N' /tmp/link; cat /tmp/link" + cid="$output" + run_podman start -a $cid + assert "${lines[0]}" = "'/tmp/link' -> 'data'" "symlink is preserved" + assert "${lines[1]}" = "$rel_random_host" "glob macthes symlink and host 'data' file" + run_podman start -a $cid + assert "${lines[0]}" = "'/tmp/link' -> 'data'" "symlink is preserved" + assert "${lines[1]}" = "$rel_random_host" "glob macthes symlink and host 'data' file" + run_podman rm -f -t=0 $cid + + run_podman rmi -f $img +} diff --git a/vendor/github.com/containers/common/pkg/parse/parse.go b/vendor/github.com/containers/common/pkg/parse/parse.go index 7629f5842159..284751e523f4 100644 --- a/vendor/github.com/containers/common/pkg/parse/parse.go +++ b/vendor/github.com/containers/common/pkg/parse/parse.go @@ -14,7 +14,7 @@ import ( // ValidateVolumeOpts validates a volume's options func ValidateVolumeOpts(options []string) ([]string, error) { - var foundRootPropagation, foundRWRO, foundLabelChange, bindType, foundExec, foundDev, foundSuid, foundChown, foundUpperDir, foundWorkDir, foundCopy int + var foundRootPropagation, foundRWRO, foundLabelChange, bindType, foundExec, foundDev, foundSuid, foundChown, foundUpperDir, foundWorkDir, foundCopy, foundCopySymlink int finalOpts := make([]string, 0, len(options)) for _, opt := range options { // support advanced options like upperdir=/path, workdir=/path @@ -93,6 +93,11 @@ func ValidateVolumeOpts(options []string) ([]string, error) { if foundCopy > 1 { return nil, fmt.Errorf("invalid options %q, can only specify 1 'copy' or 'nocopy' option", strings.Join(options, ", ")) } + case "no-dereference": + foundCopySymlink++ + if foundCopySymlink > 1 { + return nil, fmt.Errorf("invalid options %q, can only specify 1 'no-dereference' option", strings.Join(options, ", ")) + } default: return nil, fmt.Errorf("invalid option type %q", opt) } diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 639a2d72069d..8773d23d4b43 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.57.0" +const Version = "0.57.1-dev" diff --git a/vendor/modules.txt b/vendor/modules.txt index 1087c98cb3f2..2bae766e5bd6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.0 +# github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage From 2b95700bcae38f11a2badebaf6b8d7c81307cada Mon Sep 17 00:00:00 2001 From: Jake Correnti Date: Thu, 22 Jun 2023 14:20:24 -0400 Subject: [PATCH 051/170] No longer support deprecated legacy QEMU machine structures Removes the `MachineVMV1` and `MonitorV1` structures that have been deprecated for a long enough period of time that it makes sense to no longer support them. Results in the removal of deprecated `getSocketAndPid` as well. The migration code was added in commit `6e0e1cbddd5e1c5dff51215ad2b41a99d890fad8` and made it into release `v4.1.0` [NO NEW TESTS NEEDED] Signed-off-by: Jake Correnti --- pkg/machine/qemu/config.go | 66 +++------------------- pkg/machine/qemu/machine.go | 109 +----------------------------------- 2 files changed, 9 insertions(+), 166 deletions(-) diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index eef46537027e..25d5af5e7cfb 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -19,6 +19,12 @@ import ( "github.com/sirupsen/logrus" ) +var ( + // defaultQMPTimeout is the timeout duration for the + // qmp monitor interactions. + defaultQMPTimeout = 2 * time.Second +) + type QEMUVirtualization struct { machine.Virtualization } @@ -238,14 +244,8 @@ func getVMInfos() ([]*machine.ListResponse, error) { if err != nil { return err } - err = json.Unmarshal(b, vm) - if err != nil { - // Checking if the file did not unmarshal because it is using - // the deprecated config file format. - migrateErr := migrateVM(fullPath, b, vm) - if migrateErr != nil { - return migrateErr - } + if err = json.Unmarshal(b, vm); err != nil { + return err } listEntry := new(machine.ListResponse) @@ -400,53 +400,3 @@ func VirtualizationProvider() machine.VirtProvider { machine.NewVirtualization(define.Qemu, compression.Xz, define.Qcow, vmtype), } } - -// Deprecated: MachineVMV1 is being deprecated in favor a more flexible and informative -// structure -type MachineVMV1 struct { - // CPUs to be assigned to the VM - CPUs uint64 - // The command line representation of the qemu command - CmdLine []string - // Mounts is the list of remote filesystems to mount - Mounts []machine.Mount - // IdentityPath is the fq path to the ssh priv key - IdentityPath string - // IgnitionFilePath is the fq path to the .ign file - IgnitionFilePath string - // ImageStream is the update stream for the image - ImageStream string - // ImagePath is the fq path to - ImagePath string - // Memory in megabytes assigned to the vm - Memory uint64 - // Disk size in gigabytes assigned to the vm - DiskSize uint64 - // Name of the vm - Name string - // SSH port for user networking - Port int - // QMPMonitor is the qemu monitor object for sending commands - QMPMonitor Monitorv1 - // RemoteUsername of the vm user - RemoteUsername string - // Whether this machine should run in a rootful or rootless manner - Rootful bool - // UID is the numerical id of the user that called machine - UID int -} - -type Monitorv1 struct { - // Address portion of the qmp monitor (/tmp/tmp.sock) - Address string - // Network portion of the qmp monitor (unix) - Network string - // Timeout in seconds for qmp monitor transactions - Timeout time.Duration -} - -var ( - // defaultQMPTimeout is the timeout duration for the - // qmp monitor interactions. - defaultQMPTimeout = 2 * time.Second -) diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index 7ae051eeb056..dac5b1a873a6 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -107,90 +107,6 @@ type Monitor struct { Timeout time.Duration } -// migrateVM takes the old configuration structure and migrates it -// to the new structure and writes it to the filesystem -func migrateVM(configPath string, config []byte, vm *MachineVM) error { - fmt.Printf("Migrating machine %q\n", vm.Name) - var old MachineVMV1 - err := json.Unmarshal(config, &old) - if err != nil { - return err - } - // Looks like we loaded the older structure; now we need to migrate - // from the old structure to the new structure - _, pidFile, err := vm.getSocketandPid() - if err != nil { - return err - } - - pidFilePath := define.VMFile{Path: pidFile} - qmpMonitor := Monitor{ - Address: define.VMFile{Path: old.QMPMonitor.Address}, - Network: old.QMPMonitor.Network, - Timeout: old.QMPMonitor.Timeout, - } - socketPath, err := getRuntimeDir() - if err != nil { - return err - } - virtualSocketPath := filepath.Join(socketPath, "podman", vm.Name+"_ready.sock") - readySocket := define.VMFile{Path: virtualSocketPath} - - vm.HostUser = machine.HostUser{} - vm.ImageConfig = machine.ImageConfig{} - vm.ResourceConfig = machine.ResourceConfig{} - vm.SSHConfig = machine.SSHConfig{} - - ignitionFilePath, err := define.NewMachineFile(old.IgnitionFilePath, nil) - if err != nil { - return err - } - imagePath, err := define.NewMachineFile(old.ImagePath, nil) - if err != nil { - return err - } - - // setReadySocket will stick the entry into the new struct - symlink := vm.Name + "_ready.sock" - if err := machine.SetSocket(&vm.ReadySocket, machine.ReadySocketPath(socketPath+"/podman/", vm.Name), &symlink); err != nil { - return err - } - - vm.CPUs = old.CPUs - vm.CmdLine = old.CmdLine - vm.DiskSize = old.DiskSize - vm.IdentityPath = old.IdentityPath - vm.IgnitionFile = *ignitionFilePath - vm.ImagePath = *imagePath - vm.ImageStream = old.ImageStream - vm.Memory = old.Memory - vm.Mounts = old.Mounts - vm.Name = old.Name - vm.PidFilePath = pidFilePath - vm.Port = old.Port - vm.QMPMonitor = qmpMonitor - vm.ReadySocket = readySocket - vm.RemoteUsername = old.RemoteUsername - vm.Rootful = old.Rootful - vm.UID = old.UID - - // Back up the original config file - if err := os.Rename(configPath, configPath+".orig"); err != nil { - return err - } - // Write the config file - if err := vm.writeConfig(); err != nil { - // If the config file fails to be written, put the original - // config file back before erroring - if renameError := os.Rename(configPath+".orig", configPath); renameError != nil { - logrus.Warn(renameError) - } - return err - } - // Remove the backup file - return os.Remove(configPath + ".orig") -} - // addMountsToVM converts the volumes passed through the CLI into the specified // volume driver and adds them to the machine func (v *MachineVM) addMountsToVM(opts machine.InitOptions) error { @@ -1398,22 +1314,6 @@ func (v *MachineVM) setPIDSocket() error { return nil } -// Deprecated: getSocketandPid is being replaced by setPIDSocket and -// machinefiles. -func (v *MachineVM) getSocketandPid() (string, string, error) { - rtPath, err := getRuntimeDir() - if err != nil { - return "", "", err - } - if isRootful() { - rtPath = "/run" - } - socketDir := filepath.Join(rtPath, "podman") - pidFile := filepath.Join(socketDir, fmt.Sprintf("%s.pid", v.Name)) - qemuSocket := filepath.Join(socketDir, fmt.Sprintf("qemu_%s.sock", v.Name)) - return qemuSocket, pidFile, nil -} - func checkSockInUse(sock string) bool { if info, err := os.Stat(sock); err == nil && info.Mode()&fs.ModeSocket == fs.ModeSocket { _, err = net.DialTimeout("unix", dockerSock, dockerConnectTimeout) @@ -1444,14 +1344,7 @@ func (v *MachineVM) update() error { if err != nil { return err } - err = json.Unmarshal(b, v) - if err != nil { - err = migrateVM(v.ConfigPath.GetPath(), b, v) - if err != nil { - return err - } - } - return err + return json.Unmarshal(b, v) } func (v *MachineVM) writeConfig() error { From 6cb2f9b1225ade1248ed954e5e03fea9ff279730 Mon Sep 17 00:00:00 2001 From: Alex Palaistras Date: Sat, 18 Nov 2023 21:37:00 +0000 Subject: [PATCH 052/170] quadlet: Support `healthy` for `Notify` directives This expands support for the (previously) boolean `Notify` directive, in support of healthcheck determined SD-NOTIFY event emission, as supported by Podman with the `--sdnotify=healthy` option. Closes: #18189 Signed-off-by: Alex Palaistras --- docs/source/markdown/podman-systemd.unit.5.md | 4 ++++ pkg/systemd/quadlet/quadlet.go | 9 ++++++--- test/e2e/quadlet/notify-healthy.container | 5 +++++ test/e2e/quadlet_test.go | 1 + 4 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 test/e2e/quadlet/notify-healthy.container diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 79659ded24fa..01ca6293a0f7 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -496,6 +496,10 @@ starts the child in the container. However, if the container application support `Notify` to true passes the notification details to the container allowing it to notify of startup on its own. +In addition, setting `Notify` to `healthy` will postpone startup notifications until such time as +the container is marked healthy, as determined by Podman healthchecks. Note that this requires +setting up a container healthcheck, see the `HealthCmd` option for more. + ### `PidsLimit=` Tune the container's pids limit. diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 26e1745b1e98..3328087900d6 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -496,10 +496,13 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse if serviceType != "oneshot" { // If we're not in oneshot mode always use some form of sd-notify, normally via conmon, // but we also allow passing it to the container by setting Notify=yes - notify := container.LookupBooleanWithDefault(ContainerGroup, KeyNotify, false) - if notify { + notify, ok := container.Lookup(ContainerGroup, KeyNotify) + switch { + case ok && strings.EqualFold(notify, "healthy"): + podman.add("--sdnotify=healthy") + case container.LookupBooleanWithDefault(ContainerGroup, KeyNotify, false): podman.add("--sdnotify=container") - } else { + default: podman.add("--sdnotify=conmon") } service.Setv(ServiceGroup, diff --git a/test/e2e/quadlet/notify-healthy.container b/test/e2e/quadlet/notify-healthy.container new file mode 100644 index 000000000000..6dc3d8c09257 --- /dev/null +++ b/test/e2e/quadlet/notify-healthy.container @@ -0,0 +1,5 @@ +## assert-podman-args "--sdnotify=healthy" + +[Container] +Image=localhost/imagename +Notify=healthy diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index 34de88293008..ad3061f4cdd2 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -712,6 +712,7 @@ BOGUS=foo Entry("network.quadlet.container", "network.quadlet.container", 0, ""), Entry("noimage.container", "noimage.container", 1, "converting \"noimage.container\": no Image or Rootfs key specified"), Entry("notify.container", "notify.container", 0, ""), + Entry("notify-healthy.container", "notify-healthy.container", 0, ""), Entry("oneshot.container", "oneshot.container", 0, ""), Entry("other-sections.container", "other-sections.container", 0, ""), Entry("podmanargs.container", "podmanargs.container", 0, ""), From 48cf44f23339b051d27387692b89918db4cbaeee Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 21 Nov 2023 18:14:14 +0100 Subject: [PATCH 053/170] machine applehv: create better error on start failure If gvproxy or vfkit exit we can error right away, so while we wait for the socket to get ready we also keep checking the process status with wait4() and WNOHANG so it does not block forever. This is completely untested as I do not have acces to apple machine. Signed-off-by: Paul Holzinger [NO NEW TESTS NEEDED] Signed-off-by: Matt Heon --- pkg/machine/applehv/machine.go | 53 ++++++++++++++++++++++++++++++++-- 1 file changed, 50 insertions(+), 3 deletions(-) diff --git a/pkg/machine/applehv/machine.go b/pkg/machine/applehv/machine.go index 45737296f3ef..6e628c873b60 100644 --- a/pkg/machine/applehv/machine.go +++ b/pkg/machine/applehv/machine.go @@ -4,6 +4,7 @@ package applehv import ( + "context" "encoding/json" "errors" "fmt" @@ -669,9 +670,36 @@ func (m *MacMachine) Start(name string, opts machine.StartOptions) error { return err } - err = <-readyChan - if err != nil { - return err + processErrChan := make(chan error) + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + go func() { + defer close(processErrChan) + for { + select { + case <-ctx.Done(): + return + default: + } + if err := checkProcessRunning("vfkit", cmd.Process.Pid); err != nil { + processErrChan <- err + return + } + // lets poll status every half second + time.Sleep(500 * time.Millisecond) + } + }() + + // wait for either socket or to be ready or process to have exited + select { + case err := <-processErrChan: + if err != nil { + return err + } + case err := <-readyChan: + if err != nil { + return err + } } logrus.Debug("ready notification received") @@ -902,6 +930,10 @@ func (m *MacMachine) startHostNetworking() (string, machine.APIForwardingState, if err == nil { break } + if err := checkProcessRunning("gvproxy", c.Process.Pid); err != nil { + // gvproxy is no longer running + return "", 0, err + } logrus.Debugf("gvproxy unixgram socket %q not found: %v", m.GvProxySock.GetPath(), err) // Sleep for 1/2 second time.Sleep(500 * time.Millisecond) @@ -914,6 +946,21 @@ func (m *MacMachine) startHostNetworking() (string, machine.APIForwardingState, return forwardSock, state, nil } +// checkProcessRunning checks non blocking if the pid exited +// returns nil if process is running otherwise an error if not +func checkProcessRunning(processName string, pid int) error { + var status syscall.WaitStatus + pid, err := syscall.Wait4(pid, &status, syscall.WNOHANG, nil) + if err != nil { + return fmt.Errorf("failed to read %s process status: %w", processName, err) + } + if pid > 0 { + // child exited + return fmt.Errorf("%s exited unexpectedly with exit code %d", processName, status.ExitStatus()) + } + return nil +} + func (m *MacMachine) setupAPIForwarding(cmd gvproxy.GvproxyCommand) (gvproxy.GvproxyCommand, string, machine.APIForwardingState) { socket, err := m.forwardSocketPath() if err != nil { From 478afa728d9df036070c68aeadecc0bf7e24e924 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 9 Nov 2023 14:02:31 +0100 Subject: [PATCH 054/170] vendor: update containers/{common,storage,image,buildah} Signed-off-by: Giuseppe Scrivano --- go.mod | 16 +- go.sum | 31 +- libpod/boltdb_state_internal.go | 3 +- libpod/info.go | 3 +- libpod/networking_linux.go | 2 +- libpod/options.go | 3 +- libpod/reset.go | 3 +- libpod/runtime.go | 4 +- libpod/sqlite_state.go | 3 +- .../containerd/typeurl/{ => v2}/.gitignore | 0 .../containerd/typeurl/{ => v2}/LICENSE | 0 .../containerd/typeurl/{ => v2}/README.md | 2 +- .../containerd/typeurl/{ => v2}/doc.go | 0 .../containerd/typeurl/{ => v2}/types.go | 105 +- .../github.com/containers/buildah/.cirrus.yml | 2 +- vendor/github.com/containers/buildah/Makefile | 9 +- .../containers/buildah/define/types.go | 2 +- .../github.com/containers/buildah/import.go | 2 +- .../containers/buildah/pkg/jail/jail.go | 52 + .../containers/buildah/run_freebsd.go | 21 +- .../containers/common/libimage/inspect.go | 18 +- .../containers/common/pkg/config/default.go | 20 +- .../common/pkg/netns/netns_linux.go | 4 +- .../common/pkg/util/util_supported.go | 91 - .../common/pkg/util/util_windows.go | 13 - .../image/v5/storage/storage_transport.go | 2 +- .../containers/image/v5/version/version.go | 4 +- .../github.com/containers/storage/.cirrus.yml | 2 +- vendor/github.com/containers/storage/VERSION | 2 +- .../storage/pkg/chunked/storage_linux.go | 2 +- .../containers/storage/pkg/homedir/homedir.go | 15 - .../storage/pkg/homedir/homedir_others.go | 17 + .../storage/pkg/homedir/homedir_unix.go | 110 +- vendor/github.com/containers/storage/store.go | 11 +- .../containers/storage/types/options.go | 86 +- .../containers/storage/types/utils.go | 151 +- vendor/github.com/containers/storage/utils.go | 14 +- .../fsouza/go-dockerclient/client.go | 2 +- .../go-dockerclient/container_create.go | 1 + .../gogo/protobuf/sortkeys/sortkeys.go | 101 - vendor/github.com/gogo/protobuf/types/any.go | 140 - .../github.com/gogo/protobuf/types/any.pb.go | 694 ---- .../github.com/gogo/protobuf/types/api.pb.go | 2134 ----------- vendor/github.com/gogo/protobuf/types/doc.go | 35 - .../gogo/protobuf/types/duration.go | 100 - .../gogo/protobuf/types/duration.pb.go | 517 --- .../gogo/protobuf/types/duration_gogo.go | 100 - .../gogo/protobuf/types/empty.pb.go | 462 --- .../gogo/protobuf/types/field_mask.pb.go | 738 ---- .../gogo/protobuf/types/protosize.go | 34 - .../gogo/protobuf/types/source_context.pb.go | 524 --- .../gogo/protobuf/types/struct.pb.go | 2271 ----------- .../gogo/protobuf/types/timestamp.go | 130 - .../gogo/protobuf/types/timestamp.pb.go | 539 --- .../gogo/protobuf/types/timestamp_gogo.go | 94 - .../github.com/gogo/protobuf/types/type.pb.go | 3355 ----------------- .../gogo/protobuf/types/wrappers.pb.go | 2703 ------------- .../gogo/protobuf/types/wrappers_gogo.go | 300 -- .../frontend/dockerfile/parser/parser.go | 3 +- .../dockerfile/shell/equal_env_unix.go | 4 +- .../dockerfile/shell/equal_env_windows.go | 6 +- .../buildkit/frontend/dockerfile/shell/lex.go | 81 +- .../moby/buildkit/util/stack/stack.go | 2 +- .../moby/buildkit/util/stack/stack.pb.go | 2 +- vendor/modules.txt | 24 +- 65 files changed, 445 insertions(+), 15476 deletions(-) rename vendor/github.com/containerd/typeurl/{ => v2}/.gitignore (100%) rename vendor/github.com/containerd/typeurl/{ => v2}/LICENSE (100%) rename vendor/github.com/containerd/typeurl/{ => v2}/README.md (87%) rename vendor/github.com/containerd/typeurl/{ => v2}/doc.go (100%) rename vendor/github.com/containerd/typeurl/{ => v2}/types.go (64%) delete mode 100644 vendor/github.com/containers/common/pkg/util/util_supported.go delete mode 100644 vendor/github.com/containers/common/pkg/util/util_windows.go delete mode 100644 vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go delete mode 100644 vendor/github.com/gogo/protobuf/types/any.go delete mode 100644 vendor/github.com/gogo/protobuf/types/any.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/api.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/doc.go delete mode 100644 vendor/github.com/gogo/protobuf/types/duration.go delete mode 100644 vendor/github.com/gogo/protobuf/types/duration.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/duration_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/types/empty.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/field_mask.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/protosize.go delete mode 100644 vendor/github.com/gogo/protobuf/types/source_context.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/struct.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/timestamp.go delete mode 100644 vendor/github.com/gogo/protobuf/types/timestamp.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/timestamp_gogo.go delete mode 100644 vendor/github.com/gogo/protobuf/types/type.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/wrappers.pb.go delete mode 100644 vendor/github.com/gogo/protobuf/types/wrappers_gogo.go diff --git a/go.mod b/go.mod index 9c0bd374f97e..b8a6dc1b385b 100644 --- a/go.mod +++ b/go.mod @@ -11,15 +11,15 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.0.0 github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 - github.com/containers/buildah v1.33.1 - github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 + github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c + github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 - github.com/containers/image/v5 v5.29.0 + github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 github.com/containers/libhvee v0.5.0 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 - github.com/containers/storage v1.51.0 + github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 @@ -96,7 +96,7 @@ require ( github.com/containerd/containerd v1.7.9 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect - github.com/containerd/typeurl v1.0.2 // indirect + github.com/containerd/typeurl/v2 v2.1.1 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b // indirect github.com/coreos/go-oidc/v3 v3.7.0 // indirect @@ -109,7 +109,7 @@ require ( github.com/docker/docker-credential-helpers v0.8.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/fsouza/go-dockerclient v1.9.7 // indirect + github.com/fsouza/go-dockerclient v1.10.0 // indirect github.com/gabriel-vasile/mimetype v1.4.2 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/gin-gonic/gin v1.9.1 // indirect @@ -160,8 +160,8 @@ require ( github.com/miekg/pkcs11 v1.1.1 // indirect github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/moby/buildkit v0.11.4 // indirect - github.com/moby/patternmatcher v0.5.0 // indirect + github.com/moby/buildkit v0.12.3 // indirect + github.com/moby/patternmatcher v0.6.0 // indirect github.com/moby/sys/mountinfo v0.7.1 // indirect github.com/moby/sys/sequential v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect diff --git a/go.sum b/go.sum index d2679e2cfe7a..d3c950a25193 100644 --- a/go.sum +++ b/go.sum @@ -237,8 +237,9 @@ github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Ev github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= -github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= +github.com/containerd/typeurl/v2 v2.1.1 h1:3Q4Pt7i8nYwy2KmQWIw2+1hTvwTE/6w9FqcttATPO/4= +github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= @@ -253,16 +254,16 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= -github.com/containers/buildah v1.33.1 h1:s+5LaZx+vkOV/BboM6QZbf0Uma/A9W/B1REoUiM3CQo= -github.com/containers/buildah v1.33.1/go.mod h1:xEvekGaEeflDV4kxdKcTk0NbTuV4FsbPW4UYReLkHIw= -github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 h1:4IAcuB9ZYlMIX5rnap2ax9IdFtivbTvUIPh7WgUglvU= -github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6/go.mod h1:gUsz+eYo0q1NMwiukwI8E6LAqyYd0DapZ71hKC+MbJw= +github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= +github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= +github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 h1:JjjvtSd5dwt8CRZX9eZyxNx9IKnE6TT5qYuDqePk2n4= +github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245/go.mod h1:5C4EkX50fgbJZdZPdX3QSVGbXIe3wuhWz1G7e5JBxbs= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= -github.com/containers/image/v5 v5.29.0 h1:9+nhS/ZM7c4Kuzu5tJ0NMpxrgoryOJ2HAYTgG8Ny7j4= -github.com/containers/image/v5 v5.29.0/go.mod h1:kQ7qcDsps424ZAz24thD+x7+dJw1vgur3A9tTDsj97E= +github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 h1:Dz4ryT8VDKn6U+oWPtsihAV2eG7uFc+LYS7UjHjLcwk= +github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166/go.mod h1:0uOgAiVgmF8+VCXltRYmncWjkDYc+jFma49NKNz0cS4= github.com/containers/libhvee v0.5.0 h1:rDhfG2NI8Q+VgeXht2dXezanxEdpj9pHqYX3vWfOGUw= github.com/containers/libhvee v0.5.0/go.mod h1:yvU3Em2u1ZLl2VLd2glMIBWriBwfhWsDaRJsvixUIB0= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= @@ -277,8 +278,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= -github.com/containers/storage v1.51.0 h1:AowbcpiWXzAjHosKz7MKvPEqpyX+ryZA/ZurytRrFNA= -github.com/containers/storage v1.51.0/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= +github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc h1:K+fKkKkqwwY3YYM+RejJ6OcbCRZfDRZLoKsMMBAT2Bw= +github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc/go.mod h1:oz9n9uia9xtxDQhw7nnlpMID5YKbHmMZsVFy4rR+5+s= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -393,8 +394,8 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/fsouza/go-dockerclient v1.9.7 h1:FlIrT71E62zwKgRvCvWGdxRD+a/pIy+miY/n3MXgfuw= -github.com/fsouza/go-dockerclient v1.9.7/go.mod h1:vx9C32kE2D15yDSOMCDaAEIARZpDQDFBHeqL3MgQy/U= +github.com/fsouza/go-dockerclient v1.10.0 h1:ppSBsbR60I1DFbV4Ag7LlHlHakHFRNLk9XakATW1yVQ= +github.com/fsouza/go-dockerclient v1.10.0/go.mod h1:+iNzAW78AzClIBTZ6WFjkaMvOgz68GyCJ236b1opLTs= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= @@ -781,11 +782,11 @@ github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/moby/buildkit v0.11.4 h1:mleVHr+n7HUD65QNUkgkT3d8muTzhYUoHE9FM3Ej05s= -github.com/moby/buildkit v0.11.4/go.mod h1:P5Qi041LvCfhkfYBHry+Rwoo3Wi6H971J2ggE+PcIoo= +github.com/moby/buildkit v0.12.3 h1:cFaPVnyC0PwAP5xHHfzdU5v9rgQrCi6HnGSg3WuFKp4= +github.com/moby/buildkit v0.12.3/go.mod h1:adB4y0SxxX8trnrY+oEulb48ODLqPO6pKMF0ppGcCoI= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo= -github.com/moby/patternmatcher v0.5.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= +github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk= +github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 388110f25113..91907abbefab 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -11,7 +11,6 @@ import ( "strings" "github.com/containers/podman/v4/libpod/define" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/storage" "github.com/sirupsen/logrus" bolt "go.etcd.io/bbolt" @@ -100,7 +99,7 @@ type dbConfigValidation struct { // configuration of the runtime opening it // If there is no runtime configuration loaded, load our own func checkRuntimeConfig(db *bolt.DB, rt *Runtime) error { - storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) + storeOpts, err := storage.DefaultStoreOptions() if err != nil { return err } diff --git a/libpod/info.go b/libpod/info.go index 8f00dbdeb899..aab56a3625c9 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -22,7 +22,6 @@ import ( "github.com/containers/image/v5/pkg/sysregistriesv2" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/libpod/linkmode" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/storage" "github.com/containers/storage/pkg/system" "github.com/sirupsen/logrus" @@ -214,7 +213,7 @@ func (r *Runtime) getContainerStoreInfo() (define.ContainerStore, error) { // top-level "store" info func (r *Runtime) storeInfo() (*define.StoreInfo, error) { // let's say storage driver in use, number of images, number of containers - configFile, err := storage.DefaultConfigFile(rootless.IsRootless()) + configFile, err := storage.DefaultConfigFile() if err != nil { return nil, err } diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 601d9a49bf25..16c317496695 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -21,9 +21,9 @@ import ( "github.com/containers/common/libnetwork/types" netUtil "github.com/containers/common/libnetwork/util" "github.com/containers/common/pkg/netns" - "github.com/containers/common/pkg/util" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" + "github.com/containers/podman/v4/pkg/util" "github.com/containers/podman/v4/utils" "github.com/containers/storage/pkg/lockfile" "github.com/opencontainers/runtime-spec/specs-go" diff --git a/libpod/options.go b/libpod/options.go index b8a374edff92..827852c0b99d 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -21,7 +21,6 @@ import ( "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/libpod/events" "github.com/containers/podman/v4/pkg/namespaces" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/specgen" "github.com/containers/podman/v4/pkg/util" "github.com/containers/storage" @@ -89,7 +88,7 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption { // or graphdriveroptions are set, then GraphRoot and RunRoot // must be set if setField { - storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) + storeOpts, err := storage.DefaultStoreOptions() if err != nil { return err } diff --git a/libpod/reset.go b/libpod/reset.go index 8833eb94b282..2dac1ae6be73 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -14,7 +14,6 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/errorhandling" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" "github.com/containers/storage" "github.com/containers/storage/pkg/lockfile" @@ -224,7 +223,7 @@ func (r *Runtime) reset(ctx context.Context) error { prevError = err } } - if storageConfPath, err := storage.DefaultConfigFile(rootless.IsRootless()); err == nil { + if storageConfPath, err := storage.DefaultConfigFile(); err == nil { switch storageConfPath { case stypes.SystemConfigFile: break diff --git a/libpod/runtime.go b/libpod/runtime.go index 8af1864843df..9122c7ff34f2 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -199,7 +199,7 @@ func newRuntimeFromConfig(conf *config.Config, options ...RuntimeOption) (*Runti return nil, err } - storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) + storeOpts, err := storage.DefaultStoreOptions() if err != nil { return nil, err } @@ -1123,7 +1123,7 @@ func (r *Runtime) reloadContainersConf() error { // reloadStorageConf reloads the storage.conf func (r *Runtime) reloadStorageConf() error { - configFile, err := storage.DefaultConfigFile(rootless.IsRootless()) + configFile, err := storage.DefaultConfigFile() if err != nil { return err } diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index 9c88eb4e9c63..cdd0d25c8840 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -15,7 +15,6 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/podman/v4/libpod/define" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/storage" "github.com/sirupsen/logrus" @@ -299,7 +298,7 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { return define.ErrDBClosed } - storeOpts, err := storage.DefaultStoreOptions(rootless.IsRootless(), rootless.GetRootlessUID()) + storeOpts, err := storage.DefaultStoreOptions() if err != nil { return err } diff --git a/vendor/github.com/containerd/typeurl/.gitignore b/vendor/github.com/containerd/typeurl/v2/.gitignore similarity index 100% rename from vendor/github.com/containerd/typeurl/.gitignore rename to vendor/github.com/containerd/typeurl/v2/.gitignore diff --git a/vendor/github.com/containerd/typeurl/LICENSE b/vendor/github.com/containerd/typeurl/v2/LICENSE similarity index 100% rename from vendor/github.com/containerd/typeurl/LICENSE rename to vendor/github.com/containerd/typeurl/v2/LICENSE diff --git a/vendor/github.com/containerd/typeurl/README.md b/vendor/github.com/containerd/typeurl/v2/README.md similarity index 87% rename from vendor/github.com/containerd/typeurl/README.md rename to vendor/github.com/containerd/typeurl/v2/README.md index d021e9672497..e3d0742f456c 100644 --- a/vendor/github.com/containerd/typeurl/README.md +++ b/vendor/github.com/containerd/typeurl/v2/README.md @@ -7,7 +7,7 @@ A Go package for managing the registration, marshaling, and unmarshaling of encoded types. -This package helps when types are sent over a GRPC API and marshaled as a [protobuf.Any](https://github.com/gogo/protobuf/blob/master/protobuf/google/protobuf/any.proto). +This package helps when types are sent over a ttrpc/GRPC API and marshaled as a protobuf [Any](https://pkg.go.dev/google.golang.org/protobuf@v1.27.1/types/known/anypb#Any) ## Project details diff --git a/vendor/github.com/containerd/typeurl/doc.go b/vendor/github.com/containerd/typeurl/v2/doc.go similarity index 100% rename from vendor/github.com/containerd/typeurl/doc.go rename to vendor/github.com/containerd/typeurl/v2/doc.go diff --git a/vendor/github.com/containerd/typeurl/types.go b/vendor/github.com/containerd/typeurl/v2/types.go similarity index 64% rename from vendor/github.com/containerd/typeurl/types.go rename to vendor/github.com/containerd/typeurl/v2/types.go index 647d419a293d..8d6665bb5ba7 100644 --- a/vendor/github.com/containerd/typeurl/types.go +++ b/vendor/github.com/containerd/typeurl/v2/types.go @@ -18,13 +18,15 @@ package typeurl import ( "encoding/json" + "errors" + "fmt" "path" "reflect" "sync" - "github.com/gogo/protobuf/proto" - "github.com/gogo/protobuf/types" - "github.com/pkg/errors" + gogoproto "github.com/gogo/protobuf/proto" + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/reflect/protoregistry" ) var ( @@ -39,10 +41,47 @@ var ( // // To detect an error class, use errors.Is() functions to tell whether an // error is of this type. + var ( ErrNotFound = errors.New("not found") ) +// Any contains an arbitrary protcol buffer message along with its type. +// +// While there is google.golang.org/protobuf/types/known/anypb.Any, +// we'd like to have our own to hide the underlying protocol buffer +// implementations from containerd clients. +// +// https://developers.google.com/protocol-buffers/docs/proto3#any +type Any interface { + // GetTypeUrl returns a URL/resource name that uniquely identifies + // the type of the serialized protocol buffer message. + GetTypeUrl() string + + // GetValue returns a valid serialized protocol buffer of the type that + // GetTypeUrl() indicates. + GetValue() []byte +} + +type anyType struct { + typeURL string + value []byte +} + +func (a *anyType) GetTypeUrl() string { + if a == nil { + return "" + } + return a.typeURL +} + +func (a *anyType) GetValue() []byte { + if a == nil { + return nil + } + return a.value +} + // Register a type with a base URL for JSON marshaling. When the MarshalAny and // UnmarshalAny functions are called they will treat the Any type value as JSON. // To use protocol buffers for handling the Any value the proto.Register @@ -56,7 +95,7 @@ func Register(v interface{}, args ...string) { defer mu.Unlock() if et, ok := registry[t]; ok { if et != p { - panic(errors.Errorf("type registered with alternate path %q != %q", et, p)) + panic(fmt.Errorf("type registered with alternate path %q != %q", et, p)) } return } @@ -69,41 +108,47 @@ func TypeURL(v interface{}) (string, error) { u, ok := registry[tryDereference(v)] mu.RUnlock() if !ok { - // fallback to the proto registry if it is a proto message - pb, ok := v.(proto.Message) - if !ok { - return "", errors.Wrapf(ErrNotFound, "type %s", reflect.TypeOf(v)) + switch t := v.(type) { + case proto.Message: + return string(t.ProtoReflect().Descriptor().FullName()), nil + case gogoproto.Message: + return gogoproto.MessageName(t), nil + default: + return "", fmt.Errorf("type %s: %w", reflect.TypeOf(v), ErrNotFound) } - return proto.MessageName(pb), nil } return u, nil } // Is returns true if the type of the Any is the same as v. -func Is(any *types.Any, v interface{}) bool { +func Is(any Any, v interface{}) bool { // call to check that v is a pointer tryDereference(v) url, err := TypeURL(v) if err != nil { return false } - return any.TypeUrl == url + return any.GetTypeUrl() == url } // MarshalAny marshals the value v into an any with the correct TypeUrl. // If the provided object is already a proto.Any message, then it will be // returned verbatim. If it is of type proto.Message, it will be marshaled as a // protocol buffer. Otherwise, the object will be marshaled to json. -func MarshalAny(v interface{}) (*types.Any, error) { +func MarshalAny(v interface{}) (Any, error) { var marshal func(v interface{}) ([]byte, error) switch t := v.(type) { - case *types.Any: + case Any: // avoid reserializing the type if we have an any. return t, nil case proto.Message: marshal = func(v interface{}) ([]byte, error) { return proto.Marshal(t) } + case gogoproto.Message: + marshal = func(v interface{}) ([]byte, error) { + return gogoproto.Marshal(t) + } default: marshal = json.Marshal } @@ -117,15 +162,15 @@ func MarshalAny(v interface{}) (*types.Any, error) { if err != nil { return nil, err } - return &types.Any{ - TypeUrl: url, - Value: data, + return &anyType{ + typeURL: url, + value: data, }, nil } // UnmarshalAny unmarshals the any type into a concrete type. -func UnmarshalAny(any *types.Any) (interface{}, error) { - return UnmarshalByTypeURL(any.TypeUrl, any.Value) +func UnmarshalAny(any Any) (interface{}, error) { + return UnmarshalByTypeURL(any.GetTypeUrl(), any.GetValue()) } // UnmarshalByTypeURL unmarshals the given type and value to into a concrete type. @@ -136,11 +181,11 @@ func UnmarshalByTypeURL(typeURL string, value []byte) (interface{}, error) { // UnmarshalTo unmarshals the any type into a concrete type passed in the out // argument. It is identical to UnmarshalAny, but lets clients provide a // destination type through the out argument. -func UnmarshalTo(any *types.Any, out interface{}) error { - return UnmarshalToByTypeURL(any.TypeUrl, any.Value, out) +func UnmarshalTo(any Any, out interface{}) error { + return UnmarshalToByTypeURL(any.GetTypeUrl(), any.GetValue(), out) } -// UnmarshalTo unmarshals the given type and value into a concrete type passed +// UnmarshalToByTypeURL unmarshals the given type and value into a concrete type passed // in the out argument. It is identical to UnmarshalByTypeURL, but lets clients // provide a destination type through the out argument. func UnmarshalToByTypeURL(typeURL string, value []byte, out interface{}) error { @@ -163,12 +208,17 @@ func unmarshal(typeURL string, value []byte, v interface{}) (interface{}, error) return nil, err } if typeURL != vURL { - return nil, errors.Errorf("can't unmarshal type %q to output %q", typeURL, vURL) + return nil, fmt.Errorf("can't unmarshal type %q to output %q", typeURL, vURL) } } if t.isProto { - err = proto.Unmarshal(value, v.(proto.Message)) + switch t := v.(type) { + case proto.Message: + err = proto.Unmarshal(value, t) + case gogoproto.Message: + err = gogoproto.Unmarshal(value, t) + } } else { err = json.Unmarshal(value, v) } @@ -193,7 +243,7 @@ func getTypeByUrl(url string) (urlType, error) { } mu.RUnlock() // fallback to proto registry - t := proto.MessageType(url) + t := gogoproto.MessageType(url) if t != nil { return urlType{ // get the underlying Elem because proto returns a pointer to the type @@ -201,7 +251,12 @@ func getTypeByUrl(url string) (urlType, error) { isProto: true, }, nil } - return urlType{}, errors.Wrapf(ErrNotFound, "type with url %s", url) + mt, err := protoregistry.GlobalTypes.FindMessageByURL(url) + if err != nil { + return urlType{}, fmt.Errorf("type with url %s: %w", url, ErrNotFound) + } + empty := mt.New().Interface() + return urlType{t: reflect.TypeOf(empty).Elem(), isProto: true}, nil } func tryDereference(v interface{}) reflect.Type { diff --git a/vendor/github.com/containers/buildah/.cirrus.yml b/vendor/github.com/containers/buildah/.cirrus.yml index ab95dcbc4e1e..ac12d66b20e2 100644 --- a/vendor/github.com/containers/buildah/.cirrus.yml +++ b/vendor/github.com/containers/buildah/.cirrus.yml @@ -120,7 +120,7 @@ vendor_task: # Runs within Cirrus's "community cluster" container: - image: docker.io/library/golang:1.20 + image: docker.io/library/golang:latest cpu: 1 memory: 1 diff --git a/vendor/github.com/containers/buildah/Makefile b/vendor/github.com/containers/buildah/Makefile index 85b43c7b9ebc..0fda9ae6eb22 100644 --- a/vendor/github.com/containers/buildah/Makefile +++ b/vendor/github.com/containers/buildah/Makefile @@ -73,17 +73,16 @@ bin/buildah: $(SOURCES) cmd/buildah/*.go internal/mkcw/embed/entrypoint.gz $(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah ifneq ($(shell as --version | grep x86_64),) +internal/mkcw/embed/entrypoint.gz: internal/mkcw/embed/entrypoint + $(RM) $@ + gzip -k $^ + internal/mkcw/embed/entrypoint: internal/mkcw/embed/entrypoint.s $(AS) -o $(patsubst %.s,%.o,$^) $^ $(LD) -o $@ $(patsubst %.s,%.o,$^) strip $@ -else -.PHONY: internal/mkcw/embed/entrypoint endif -internal/mkcw/embed/entrypoint.gz: internal/mkcw/embed/entrypoint - $(RM) $@ - gzip -k $^ .PHONY: buildah buildah: bin/buildah diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index 89617f015cb0..2df7c50541eb 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -29,7 +29,7 @@ const ( // identify working containers. Package = "buildah" // Version for the Package. Also used by .packit.sh for Packit builds. - Version = "1.33.1" + Version = "1.33.2-dev" // DefaultRuntime if containers.conf fails. DefaultRuntime = "runc" diff --git a/vendor/github.com/containers/buildah/import.go b/vendor/github.com/containers/buildah/import.go index 88f732abb5bf..1829a2e50e08 100644 --- a/vendor/github.com/containers/buildah/import.go +++ b/vendor/github.com/containers/buildah/import.go @@ -22,7 +22,7 @@ func importBuilderDataFromImage(ctx context.Context, store storage.Store, system return nil, errors.New("Internal error: imageID is empty in importBuilderDataFromImage") } - storeopts, err := storage.DefaultStoreOptions(false, 0) + storeopts, err := storage.DefaultStoreOptions() if err != nil { return nil, err } diff --git a/vendor/github.com/containers/buildah/pkg/jail/jail.go b/vendor/github.com/containers/buildah/pkg/jail/jail.go index fdaca5af2216..3ecad963bf32 100644 --- a/vendor/github.com/containers/buildah/pkg/jail/jail.go +++ b/vendor/github.com/containers/buildah/pkg/jail/jail.go @@ -4,10 +4,13 @@ package jail import ( + "strconv" "strings" + "sync" "syscall" "unsafe" + "github.com/containers/buildah/pkg/util" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) @@ -28,6 +31,11 @@ type config struct { params map[string]interface{} } +var ( + needVnetJailOnce sync.Once + needVnetJail bool +) + func NewConfig() *config { return &config{ params: make(map[string]interface{}), @@ -178,3 +186,47 @@ func (j *jail) Set(jconf *config) error { _, err := jailSet(jconf, JAIL_UPDATE) return err } + +// Return true if its necessary to have a separate jail to own the vnet. For +// FreeBSD 13.3 and later, we don't need a separate vnet jail since it is +// possible to configure the network without either attaching to the container's +// jail or trusting the ifconfig and route utilities in the container. If for +// any reason, we fail to parse the OS version, we default to returning true. +func NeedVnetJail() bool { + needVnetJailOnce.Do(func() { + needVnetJail = true + version, err := util.ReadKernelVersion() + if err != nil { + logrus.Errorf("failed to determine OS version: %v", err) + return + } + // Expected formats ".-" optionally + // followed by "-" + parts := strings.Split(string(version), "-") + if len(parts) < 2 { + logrus.Errorf("unexpected OS version: %s", version) + return + } + ver := strings.Split(parts[0], ".") + if len(parts) != 2 { + logrus.Errorf("unexpected OS version: %s", version) + return + } + + // FreeBSD 13.3 and later have support for 'ifconfig -j' and 'route -j' + major, err := strconv.Atoi(ver[0]) + if err != nil { + logrus.Errorf("unexpected OS version: %s", version) + return + } + minor, err := strconv.Atoi(ver[1]) + if err != nil { + logrus.Errorf("unexpected OS version: %s", version) + return + } + if major > 13 || (major == 13 && minor > 2) { + needVnetJail = false + } + }) + return needVnetJail +} diff --git a/vendor/github.com/containers/buildah/run_freebsd.go b/vendor/github.com/containers/buildah/run_freebsd.go index 9344876df9c6..0e324a478bc5 100644 --- a/vendor/github.com/containers/buildah/run_freebsd.go +++ b/vendor/github.com/containers/buildah/run_freebsd.go @@ -156,7 +156,11 @@ func (b *Builder) Run(command []string, options RunOptions) error { containerName := Package + "-" + filepath.Base(path) if configureNetwork { - g.AddAnnotation("org.freebsd.parentJail", containerName+"-vnet") + if jail.NeedVnetJail() { + g.AddAnnotation("org.freebsd.parentJail", containerName+"-vnet") + } else { + g.AddAnnotation("org.freebsd.jail.vnet", "new") + } } homeDir, err := b.configureUIDGID(g, mountPoint, options) @@ -247,9 +251,11 @@ func (b *Builder) Run(command []string, options RunOptions) error { defer b.cleanupTempVolumes() - // If we are creating a network, make the vnet here so that we - // can execute the OCI runtime inside it. - if configureNetwork { + // If we are creating a network, make the vnet here so that we can + // execute the OCI runtime inside it. For FreeBSD-13.3 and later, we can + // configure the container network settings from outside the jail, which + // removes the need for a separate jail to manage the vnet. + if configureNetwork && jail.NeedVnetJail() { mynetns := containerName + "-vnet" jconf := jail.NewConfig() @@ -426,7 +432,12 @@ func (b *Builder) runConfigureNetwork(pid int, isolation define.Isolation, optio } logrus.Debugf("configureNetworks: %v", configureNetworks) - mynetns := containerName + "-vnet" + var mynetns string + if jail.NeedVnetJail() { + mynetns = containerName + "-vnet" + } else { + mynetns = containerName + } networks := make(map[string]nettypes.PerNetworkOptions, len(configureNetworks)) for i, network := range configureNetworks { diff --git a/vendor/github.com/containers/common/libimage/inspect.go b/vendor/github.com/containers/common/libimage/inspect.go index 1003b6483e2b..ed1ae719df62 100644 --- a/vendor/github.com/containers/common/libimage/inspect.go +++ b/vendor/github.com/containers/common/libimage/inspect.go @@ -180,22 +180,26 @@ func (i *Image) Inspect(ctx context.Context, options *InspectOptions) (*ImageDat } // Docker image - case manifest.DockerV2Schema1MediaType, manifest.DockerV2Schema2MediaType: + case manifest.DockerV2Schema2MediaType: rawConfig, err := i.rawConfigBlob(ctx) if err != nil { return nil, err } - var dockerManifest manifest.Schema2V1Image - if err := json.Unmarshal(rawConfig, &dockerManifest); err != nil { + var dockerConfig manifest.Schema2V1Image + if err := json.Unmarshal(rawConfig, &dockerConfig); err != nil { return nil, err } - data.Comment = dockerManifest.Comment + data.Comment = dockerConfig.Comment // NOTE: Health checks may be listed in the container config or // the config. - data.HealthCheck = dockerManifest.ContainerConfig.Healthcheck - if data.HealthCheck == nil && dockerManifest.Config != nil { - data.HealthCheck = dockerManifest.Config.Healthcheck + data.HealthCheck = dockerConfig.ContainerConfig.Healthcheck + if data.HealthCheck == nil && dockerConfig.Config != nil { + data.HealthCheck = dockerConfig.Config.Healthcheck } + + case manifest.DockerV2Schema1MediaType, manifest.DockerV2Schema1SignedMediaType: + // There seem to be at least _some_ images with .Healthcheck set in schema1 (possibly just as an artifact + // of testing format conversion?), so this could plausibly read these values. } if data.Annotations == nil { diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index b60c4345b1d1..3b0bf913bd63 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -13,7 +13,6 @@ import ( nettypes "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/apparmor" "github.com/containers/common/pkg/cgroupv2" - "github.com/containers/common/pkg/util" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/unshare" "github.com/containers/storage/types" @@ -196,7 +195,9 @@ func defaultConfig() (*Config, error) { } defaultEngineConfig.SignaturePolicyPath = DefaultSignaturePolicyPath - if useUserConfigLocations() { + // NOTE: For now we want Windows to use system locations. + // GetRootlessUID == -1 on Windows, so exclude negative range + if unshare.GetRootlessUID() > 0 { configHome, err := homedir.GetConfigHome() if err != nil { return nil, err @@ -320,7 +321,7 @@ func defaultEngineConfig() (*EngineConfig, error) { return nil, err } } - storeOpts, err := types.DefaultStoreOptions(useUserConfigLocations(), unshare.GetRootlessUID()) + storeOpts, err := types.DefaultStoreOptions() if err != nil { return nil, err } @@ -480,11 +481,14 @@ func defaultEngineConfig() (*EngineConfig, error) { } func defaultTmpDir() (string, error) { - if !useUserConfigLocations() { + // NOTE: For now we want Windows to use system locations. + // GetRootlessUID == -1 on Windows, so exclude negative range + rootless := unshare.GetRootlessUID() > 0 + if !rootless { return getLibpodTmpDir(), nil } - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := homedir.GetRuntimeDir() if err != nil { return "", err } @@ -669,12 +673,6 @@ func getDefaultSSHConfig() string { return filepath.Join(dirname, ".ssh", "config") } -func useUserConfigLocations() bool { - // NOTE: For now we want Windows to use system locations. - // GetRootlessUID == -1 on Windows, so exclude negative range - return unshare.GetRootlessUID() > 0 -} - // getDefaultImage returns the default machine image stream // On Windows this refers to the Fedora major release number func getDefaultMachineImage() string { diff --git a/vendor/github.com/containers/common/pkg/netns/netns_linux.go b/vendor/github.com/containers/common/pkg/netns/netns_linux.go index f2569d3797c5..9f0336bc0f6a 100644 --- a/vendor/github.com/containers/common/pkg/netns/netns_linux.go +++ b/vendor/github.com/containers/common/pkg/netns/netns_linux.go @@ -30,7 +30,7 @@ import ( "sync" "github.com/containernetworking/plugins/pkg/ns" - "github.com/containers/common/pkg/util" + "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/unshare" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" @@ -40,7 +40,7 @@ import ( // rootless, it needs to be at a location writable by user. func GetNSRunDir() (string, error) { if unshare.IsRootless() { - rootlessDir, err := util.GetRuntimeDir() + rootlessDir, err := homedir.GetRuntimeDir() if err != nil { return "", err } diff --git a/vendor/github.com/containers/common/pkg/util/util_supported.go b/vendor/github.com/containers/common/pkg/util/util_supported.go deleted file mode 100644 index 0cd53af53f5e..000000000000 --- a/vendor/github.com/containers/common/pkg/util/util_supported.go +++ /dev/null @@ -1,91 +0,0 @@ -//go:build linux || darwin || freebsd -// +build linux darwin freebsd - -package util - -import ( - "errors" - "fmt" - "os" - "path/filepath" - "sync" - "syscall" - - "github.com/containers/storage/pkg/homedir" - "github.com/containers/storage/pkg/unshare" - "github.com/sirupsen/logrus" -) - -var ( - rootlessRuntimeDirOnce sync.Once - rootlessRuntimeDir string -) - -// isWriteableOnlyByOwner checks that the specified permission mask allows write -// access only to the owner. -func isWriteableOnlyByOwner(perm os.FileMode) bool { - return (perm & 0o722) == 0o700 -} - -// GetRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { - var rootlessRuntimeDirError error - - rootlessRuntimeDirOnce.Do(func() { - runtimeDir, err := homedir.GetRuntimeDir() - if err != nil { - logrus.Debug(err) - } - if runtimeDir != "" { - st, err := os.Stat(runtimeDir) - if err != nil { - rootlessRuntimeDirError = err - return - } - if int(st.Sys().(*syscall.Stat_t).Uid) != os.Geteuid() { - rootlessRuntimeDirError = fmt.Errorf("XDG_RUNTIME_DIR directory %q is not owned by the current user", runtimeDir) - return - } - } - uid := fmt.Sprintf("%d", unshare.GetRootlessUID()) - if runtimeDir == "" { - tmpDir := filepath.Join("/run", "user", uid) - if err := os.MkdirAll(tmpDir, 0o700); err != nil { - logrus.Debugf("unable to make temp dir: %v", err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid)) - if err := os.MkdirAll(tmpDir, 0o700); err != nil { - logrus.Debugf("unable to make temp dir %v", err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - home := os.Getenv("HOME") - if home == "" { - rootlessRuntimeDirError = errors.New("neither XDG_RUNTIME_DIR nor HOME was set non-empty") - return - } - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessRuntimeDirError = fmt.Errorf("cannot resolve home: %w", err) - return - } - runtimeDir = filepath.Join(resolvedHome, "rundir") - } - rootlessRuntimeDir = runtimeDir - }) - - if rootlessRuntimeDirError != nil { - return "", rootlessRuntimeDirError - } - return rootlessRuntimeDir, nil -} diff --git a/vendor/github.com/containers/common/pkg/util/util_windows.go b/vendor/github.com/containers/common/pkg/util/util_windows.go deleted file mode 100644 index 1525bdc348da..000000000000 --- a/vendor/github.com/containers/common/pkg/util/util_windows.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build windows -// +build windows - -package util - -import ( - "errors" -) - -// getRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { - return "", errors.New("this function is not implemented for windows") -} diff --git a/vendor/github.com/containers/image/v5/storage/storage_transport.go b/vendor/github.com/containers/image/v5/storage/storage_transport.go index deb500b4d27a..b981953ad48e 100644 --- a/vendor/github.com/containers/image/v5/storage/storage_transport.go +++ b/vendor/github.com/containers/image/v5/storage/storage_transport.go @@ -213,7 +213,7 @@ func (s *storageTransport) GetStore() (storage.Store, error) { // Return the transport's previously-set store. If we don't have one // of those, initialize one now. if s.store == nil { - options, err := storage.DefaultStoreOptionsAutoDetectUID() + options, err := storage.DefaultStoreOptions() if err != nil { return nil, err } diff --git a/vendor/github.com/containers/image/v5/version/version.go b/vendor/github.com/containers/image/v5/version/version.go index 990f0a96d2c0..0a057ddf0c08 100644 --- a/vendor/github.com/containers/image/v5/version/version.go +++ b/vendor/github.com/containers/image/v5/version/version.go @@ -8,10 +8,10 @@ const ( // VersionMinor is for functionality in a backwards-compatible manner VersionMinor = 29 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 0 + VersionPatch = 1 // VersionDev indicates development branch. Releases will be empty string. - VersionDev = "" + VersionDev = "-dev" ) // Version is the specification version that the package types support. diff --git a/vendor/github.com/containers/storage/.cirrus.yml b/vendor/github.com/containers/storage/.cirrus.yml index c41dd5da2c52..7d49c82dc87c 100644 --- a/vendor/github.com/containers/storage/.cirrus.yml +++ b/vendor/github.com/containers/storage/.cirrus.yml @@ -23,7 +23,7 @@ env: # GCE project where images live IMAGE_PROJECT: "libpod-218412" # VM Image built in containers/automation_images - IMAGE_SUFFIX: "c20231004t194547z-f39f38d13" + IMAGE_SUFFIX: "c20231116t174419z-f39f38d13" FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" DEBIAN_CACHE_IMAGE_NAME: "debian-${IMAGE_SUFFIX}" diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION index ba0a719118ce..6abf1916f7d4 100644 --- a/vendor/github.com/containers/storage/VERSION +++ b/vendor/github.com/containers/storage/VERSION @@ -1 +1 @@ -1.51.0 +1.51.1-dev diff --git a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go index 8493a2c19aaf..fe216a2fff69 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go @@ -254,7 +254,7 @@ func convertTarToZstdChunked(destDirectory string, blobSize int64, iss ImageSour // GetDiffer returns a differ than can be used with ApplyDiffWithDiffer. func GetDiffer(ctx context.Context, store storage.Store, blobSize int64, annotations map[string]string, iss ImageSourceSeekable) (graphdriver.Differ, error) { - storeOpts, err := types.DefaultStoreOptionsAutoDetectUID() + storeOpts, err := types.DefaultStoreOptions() if err != nil { return nil, err } diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir.go b/vendor/github.com/containers/storage/pkg/homedir/homedir.go index 85c5e76c8443..7eb63b67a41d 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir.go @@ -6,21 +6,6 @@ import ( "path/filepath" ) -// GetConfigHome returns XDG_CONFIG_HOME. -// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func GetConfigHome() (string, error) { - if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" { - return xdgConfigHome, nil - } - home := Get() - if home == "" { - return "", errors.New("could not get either XDG_CONFIG_HOME or HOME") - } - return filepath.Join(home, ".config"), nil -} - // GetDataHome returns XDG_DATA_HOME. // GetDataHome returns $HOME/.local/share and nil error if XDG_DATA_HOME is not set. // diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go index 0883ee023042..b02812e61b42 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go @@ -8,6 +8,8 @@ package homedir import ( "errors" + "os" + "path/filepath" ) // GetRuntimeDir is unsupported on non-linux system. @@ -19,3 +21,18 @@ func GetRuntimeDir() (string, error) { func StickRuntimeDirContents(files []string) ([]string, error) { return nil, errors.New("homedir.StickRuntimeDirContents() is not supported on this system") } + +// GetConfigHome returns XDG_CONFIG_HOME. +// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetConfigHome() (string, error) { + if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" { + return xdgConfigHome, nil + } + home := Get() + if home == "" { + return "", errors.New("could not get either XDG_CONFIG_HOME or HOME") + } + return filepath.Join(home, ".config"), nil +} diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go index 9976f19af411..3ac9ff699433 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go @@ -7,12 +7,16 @@ package homedir // NOTE: this package has originally been copied from github.com/docker/docker. import ( - "errors" + "fmt" "os" "path/filepath" + "strconv" "strings" + "sync" + "syscall" "github.com/containers/storage/pkg/unshare" + "github.com/sirupsen/logrus" ) // Key returns the env var name for the user's home dir based on @@ -40,18 +44,6 @@ func GetShortcutString() string { return "~" } -// GetRuntimeDir returns XDG_RUNTIME_DIR. -// XDG_RUNTIME_DIR is typically configured via pam_systemd. -// GetRuntimeDir returns non-nil error if XDG_RUNTIME_DIR is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func GetRuntimeDir() (string, error) { - if xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR"); xdgRuntimeDir != "" { - return filepath.EvalSymlinks(xdgRuntimeDir) - } - return "", errors.New("could not get XDG_RUNTIME_DIR") -} - // StickRuntimeDirContents sets the sticky bit on files that are under // XDG_RUNTIME_DIR, so that the files won't be periodically removed by the system. // @@ -94,3 +86,95 @@ func stick(f string) error { m |= os.ModeSticky return os.Chmod(f, m) } + +var ( + rootlessConfigHomeDirError error + rootlessConfigHomeDirOnce sync.Once + rootlessConfigHomeDir string + rootlessRuntimeDirOnce sync.Once + rootlessRuntimeDir string +) + +// isWriteableOnlyByOwner checks that the specified permission mask allows write +// access only to the owner. +func isWriteableOnlyByOwner(perm os.FileMode) bool { + return (perm & 0o722) == 0o700 +} + +// GetConfigHome returns XDG_CONFIG_HOME. +// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetConfigHome() (string, error) { + rootlessConfigHomeDirOnce.Do(func() { + cfgHomeDir := os.Getenv("XDG_CONFIG_HOME") + if cfgHomeDir == "" { + home := Get() + resolvedHome, err := filepath.EvalSymlinks(home) + if err != nil { + rootlessConfigHomeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) + return + } + tmpDir := filepath.Join(resolvedHome, ".config") + _ = os.MkdirAll(tmpDir, 0o700) + st, err := os.Stat(tmpDir) + if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) { + cfgHomeDir = tmpDir + } else { + rootlessConfigHomeDirError = fmt.Errorf("path %q exists and it is not writeable only by the current user", tmpDir) + return + } + } + rootlessConfigHomeDir = cfgHomeDir + }) + + return rootlessConfigHomeDir, rootlessConfigHomeDirError +} + +// GetRuntimeDir returns a directory suitable to store runtime files. +// The function will try to use the XDG_RUNTIME_DIR env variable if it is set. +// XDG_RUNTIME_DIR is typically configured via pam_systemd. +// If XDG_RUNTIME_DIR is not set, GetRuntimeDir will try to find a suitable +// directory for the current user. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetRuntimeDir() (string, error) { + var rootlessRuntimeDirError error + + rootlessRuntimeDirOnce.Do(func() { + runtimeDir := os.Getenv("XDG_RUNTIME_DIR") + + if runtimeDir != "" { + rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir) + return + } + + uid := strconv.Itoa(unshare.GetRootlessUID()) + if runtimeDir == "" { + tmpDir := filepath.Join("/run", "user", uid) + if err := os.MkdirAll(tmpDir, 0o700); err != nil { + logrus.Debug(err) + } + st, err := os.Lstat(tmpDir) + if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) { + runtimeDir = tmpDir + } + } + if runtimeDir == "" { + tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("storage-run-%s", uid)) + if err := os.MkdirAll(tmpDir, 0o700); err != nil { + logrus.Debug(err) + } + st, err := os.Lstat(tmpDir) + if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) { + runtimeDir = tmpDir + } else { + rootlessRuntimeDirError = fmt.Errorf("path %q exists and it is not writeable only by the current user", tmpDir) + return + } + } + rootlessRuntimeDir = runtimeDir + }) + + return rootlessRuntimeDir, rootlessRuntimeDirError +} diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go index 6753b296ff44..41f3a9e9b21d 100644 --- a/vendor/github.com/containers/storage/store.go +++ b/vendor/github.com/containers/storage/store.go @@ -1,6 +1,7 @@ package storage import ( + _ "embed" "encoding/base64" "errors" "fmt" @@ -2741,7 +2742,13 @@ func (s *store) Status() ([][2]string, error) { return rlstore.Status() } +//go:embed VERSION +var storageVersion string + func (s *store) Version() ([][2]string, error) { + if trimmedVersion := strings.TrimSpace(storageVersion); trimmedVersion != "" { + return [][2]string{{"Version", trimmedVersion}}, nil + } return [][2]string{}, nil } @@ -3545,8 +3552,8 @@ func SetDefaultConfigFilePath(path string) { } // DefaultConfigFile returns the path to the storage config file used -func DefaultConfigFile(rootless bool) (string, error) { - return types.DefaultConfigFile(rootless) +func DefaultConfigFile() (string, error) { + return types.DefaultConfigFile() } // ReloadConfigurationFile parses the specified configuration file and overrides diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go index 5ae667a4935c..ad0bfa43a647 100644 --- a/vendor/github.com/containers/storage/types/options.go +++ b/vendor/github.com/containers/storage/types/options.go @@ -11,7 +11,9 @@ import ( "github.com/BurntSushi/toml" cfg "github.com/containers/storage/pkg/config" + "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/idtools" + "github.com/containers/storage/pkg/unshare" "github.com/sirupsen/logrus" ) @@ -87,7 +89,7 @@ func loadDefaultStoreOptions() { _, err := os.Stat(defaultOverrideConfigFile) if err == nil { - // The DefaultConfigFile(rootless) function returns the path + // The DefaultConfigFile() function returns the path // of the used storage.conf file, by returning defaultConfigFile // If override exists containers/storage uses it by default. defaultConfigFile = defaultOverrideConfigFile @@ -109,21 +111,41 @@ func loadDefaultStoreOptions() { setDefaults() } -// defaultStoreOptionsIsolated is an internal implementation detail of DefaultStoreOptions to allow testing. -// Everyone but the tests this is intended for should only call DefaultStoreOptions, never this function. -func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf string) (StoreOptions, error) { +// loadStoreOptions returns the default storage ops for containers +func loadStoreOptions() (StoreOptions, error) { + storageConf, err := DefaultConfigFile() + if err != nil { + return defaultStoreOptions, err + } + return loadStoreOptionsFromConfFile(storageConf) +} + +// usePerUserStorage returns whether the user private storage must be used. +// We cannot simply use the unshare.IsRootless() condition, because +// that checks only if the current process needs a user namespace to +// work and it would break cases where the process is already created +// in a user namespace (e.g. nested Podman/Buildah) and the desired +// behavior is to use system paths instead of user private paths. +func usePerUserStorage() bool { + return unshare.IsRootless() && unshare.GetRootlessUID() != 0 +} + +// loadStoreOptionsFromConfFile is an internal implementation detail of DefaultStoreOptions to allow testing. +// Everyone but the tests this is intended for should only call loadStoreOptions, never this function. +func loadStoreOptionsFromConfFile(storageConf string) (StoreOptions, error) { var ( defaultRootlessRunRoot string defaultRootlessGraphRoot string err error ) + defaultStoreOptionsOnce.Do(loadDefaultStoreOptions) if loadDefaultStoreOptionsErr != nil { return StoreOptions{}, loadDefaultStoreOptionsErr } storageOpts := defaultStoreOptions - if rootless && rootlessUID != 0 { - storageOpts, err = getRootlessStorageOpts(rootlessUID, storageOpts) + if usePerUserStorage() { + storageOpts, err = getRootlessStorageOpts(storageOpts) if err != nil { return storageOpts, err } @@ -137,7 +159,7 @@ func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf str defaultRootlessGraphRoot = storageOpts.GraphRoot storageOpts = StoreOptions{} reloadConfigurationFileIfNeeded(storageConf, &storageOpts) - if rootless && rootlessUID != 0 { + if usePerUserStorage() { // If the file did not specify a graphroot or runroot, // set sane defaults so we don't try and use root-owned // directories @@ -156,6 +178,7 @@ func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf str if storageOpts.RunRoot == "" { return storageOpts, fmt.Errorf("runroot must be set") } + rootlessUID := unshare.GetRootlessUID() runRoot, err := expandEnvPath(storageOpts.RunRoot, rootlessUID) if err != nil { return storageOpts, err @@ -186,26 +209,17 @@ func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf str return storageOpts, nil } -// loadStoreOptions returns the default storage ops for containers -func loadStoreOptions(rootless bool, rootlessUID int) (StoreOptions, error) { - storageConf, err := DefaultConfigFile(rootless && rootlessUID != 0) - if err != nil { - return defaultStoreOptions, err - } - return defaultStoreOptionsIsolated(rootless, rootlessUID, storageConf) -} - // UpdateOptions should be called iff container engine received a SIGHUP, // otherwise use DefaultStoreOptions -func UpdateStoreOptions(rootless bool, rootlessUID int) (StoreOptions, error) { - storeOptions, storeError = loadStoreOptions(rootless, rootlessUID) +func UpdateStoreOptions() (StoreOptions, error) { + storeOptions, storeError = loadStoreOptions() return storeOptions, storeError } // DefaultStoreOptions returns the default storage ops for containers -func DefaultStoreOptions(rootless bool, rootlessUID int) (StoreOptions, error) { +func DefaultStoreOptions() (StoreOptions, error) { once.Do(func() { - storeOptions, storeError = loadStoreOptions(rootless, rootlessUID) + storeOptions, storeError = loadStoreOptions() }) return storeOptions, storeError } @@ -270,14 +284,26 @@ func isRootlessDriver(driver string) bool { } // getRootlessStorageOpts returns the storage opts for containers running as non root -func getRootlessStorageOpts(rootlessUID int, systemOpts StoreOptions) (StoreOptions, error) { +func getRootlessStorageOpts(systemOpts StoreOptions) (StoreOptions, error) { var opts StoreOptions - dataDir, rootlessRuntime, err := getRootlessDirInfo(rootlessUID) + rootlessUID := unshare.GetRootlessUID() + + dataDir, err := homedir.GetDataHome() + if err != nil { + return opts, err + } + + rootlessRuntime, err := homedir.GetRuntimeDir() if err != nil { return opts, err } - opts.RunRoot = rootlessRuntime + + opts.RunRoot = filepath.Join(rootlessRuntime, "containers") + if err := os.MkdirAll(opts.RunRoot, 0o700); err != nil { + return opts, fmt.Errorf("unable to make rootless runtime: %w", err) + } + opts.PullOptions = systemOpts.PullOptions if systemOpts.RootlessStoragePath != "" { opts.GraphRoot, err = expandEnvPath(systemOpts.RootlessStoragePath, rootlessUID) @@ -343,12 +369,6 @@ func getRootlessStorageOpts(rootlessUID int, systemOpts StoreOptions) (StoreOpti return opts, nil } -// DefaultStoreOptionsAutoDetectUID returns the default storage ops for containers -func DefaultStoreOptionsAutoDetectUID() (StoreOptions, error) { - uid := getRootlessUID() - return DefaultStoreOptions(uid != 0, uid) -} - var prevReloadConfig = struct { storeOptions *StoreOptions mod time.Time @@ -518,8 +538,8 @@ func Options() (StoreOptions, error) { } // Save overwrites the tomlConfig in storage.conf with the given conf -func Save(conf TomlConfig, rootless bool) error { - configFile, err := DefaultConfigFile(rootless) +func Save(conf TomlConfig) error { + configFile, err := DefaultConfigFile() if err != nil { return err } @@ -537,10 +557,10 @@ func Save(conf TomlConfig, rootless bool) error { } // StorageConfig is used to retrieve the storage.conf toml in order to overwrite it -func StorageConfig(rootless bool) (*TomlConfig, error) { +func StorageConfig() (*TomlConfig, error) { config := new(TomlConfig) - configFile, err := DefaultConfigFile(rootless) + configFile, err := DefaultConfigFile() if err != nil { return nil, err } diff --git a/vendor/github.com/containers/storage/types/utils.go b/vendor/github.com/containers/storage/types/utils.go index 73134f82da42..5b4b31b80aca 100644 --- a/vendor/github.com/containers/storage/types/utils.go +++ b/vendor/github.com/containers/storage/types/utils.go @@ -2,162 +2,15 @@ package types import ( "errors" - "fmt" "os" "path/filepath" "strconv" "strings" "github.com/containers/storage/pkg/homedir" - "github.com/containers/storage/pkg/system" "github.com/sirupsen/logrus" ) -// GetRootlessRuntimeDir returns the runtime directory when running as non root -func GetRootlessRuntimeDir(rootlessUID int) (string, error) { - path, err := getRootlessRuntimeDir(rootlessUID) - if err != nil { - return "", err - } - path = filepath.Join(path, "containers") - if err := os.MkdirAll(path, 0o700); err != nil { - return "", fmt.Errorf("unable to make rootless runtime: %w", err) - } - return path, nil -} - -type rootlessRuntimeDirEnvironment interface { - getProcCommandFile() string - getRunUserDir() string - getTmpPerUserDir() string - - homeDirGetRuntimeDir() (string, error) - systemLstat(string) (*system.StatT, error) - homedirGet() string -} - -type rootlessRuntimeDirEnvironmentImplementation struct { - procCommandFile string - runUserDir string - tmpPerUserDir string -} - -func (env rootlessRuntimeDirEnvironmentImplementation) getProcCommandFile() string { - return env.procCommandFile -} - -func (env rootlessRuntimeDirEnvironmentImplementation) getRunUserDir() string { - return env.runUserDir -} - -func (env rootlessRuntimeDirEnvironmentImplementation) getTmpPerUserDir() string { - return env.tmpPerUserDir -} - -func (rootlessRuntimeDirEnvironmentImplementation) homeDirGetRuntimeDir() (string, error) { - return homedir.GetRuntimeDir() -} - -func (rootlessRuntimeDirEnvironmentImplementation) systemLstat(path string) (*system.StatT, error) { - return system.Lstat(path) -} - -func (rootlessRuntimeDirEnvironmentImplementation) homedirGet() string { - return homedir.Get() -} - -func isRootlessRuntimeDirOwner(dir string, env rootlessRuntimeDirEnvironment) bool { - st, err := env.systemLstat(dir) - return err == nil && int(st.UID()) == os.Getuid() && st.Mode()&0o700 == 0o700 && st.Mode()&0o066 == 0o000 -} - -// getRootlessRuntimeDirIsolated is an internal implementation detail of getRootlessRuntimeDir to allow testing. -// Everyone but the tests this is intended for should only call getRootlessRuntimeDir, never this function. -func getRootlessRuntimeDirIsolated(env rootlessRuntimeDirEnvironment) (string, error) { - runtimeDir, err := env.homeDirGetRuntimeDir() - if err == nil { - return runtimeDir, nil - } - - initCommand, err := os.ReadFile(env.getProcCommandFile()) - if err != nil || string(initCommand) == "systemd" { - runUserDir := env.getRunUserDir() - if isRootlessRuntimeDirOwner(runUserDir, env) { - return runUserDir, nil - } - } - - tmpPerUserDir := env.getTmpPerUserDir() - if tmpPerUserDir != "" { - if _, err := env.systemLstat(tmpPerUserDir); os.IsNotExist(err) { - if err := os.Mkdir(tmpPerUserDir, 0o700); err != nil { - logrus.Errorf("Failed to create temp directory for user: %v", err) - } else { - return tmpPerUserDir, nil - } - } else if isRootlessRuntimeDirOwner(tmpPerUserDir, env) { - return tmpPerUserDir, nil - } - } - - homeDir := env.homedirGet() - if homeDir == "" { - return "", errors.New("neither XDG_RUNTIME_DIR nor temp dir nor HOME was set non-empty") - } - resolvedHomeDir, err := filepath.EvalSymlinks(homeDir) - if err != nil { - return "", err - } - return filepath.Join(resolvedHomeDir, "rundir"), nil -} - -func getRootlessRuntimeDir(rootlessUID int) (string, error) { - return getRootlessRuntimeDirIsolated( - rootlessRuntimeDirEnvironmentImplementation{ - "/proc/1/comm", - fmt.Sprintf("/run/user/%d", rootlessUID), - fmt.Sprintf("%s/containers-user-%d", os.TempDir(), rootlessUID), - }, - ) -} - -// getRootlessDirInfo returns the parent path of where the storage for containers and -// volumes will be in rootless mode -func getRootlessDirInfo(rootlessUID int) (string, string, error) { - rootlessRuntime, err := GetRootlessRuntimeDir(rootlessUID) - if err != nil { - return "", "", err - } - - dataDir, err := homedir.GetDataHome() - if err == nil { - return dataDir, rootlessRuntime, nil - } - - home := homedir.Get() - if home == "" { - return "", "", fmt.Errorf("neither XDG_DATA_HOME nor HOME was set non-empty: %w", err) - } - // runc doesn't like symlinks in the rootfs path, and at least - // on CoreOS /home is a symlink to /var/home, so resolve any symlink. - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - return "", "", err - } - dataDir = filepath.Join(resolvedHome, ".local", "share") - - return dataDir, rootlessRuntime, nil -} - -func getRootlessUID() int { - uidEnv := os.Getenv("_CONTAINERS_ROOTLESS_UID") - if uidEnv != "" { - u, _ := strconv.Atoi(uidEnv) - return u - } - return os.Geteuid() -} - func expandEnvPath(path string, rootlessUID int) (string, error) { var err error path = strings.Replace(path, "$UID", strconv.Itoa(rootlessUID), -1) @@ -169,7 +22,7 @@ func expandEnvPath(path string, rootlessUID int) (string, error) { return newpath, nil } -func DefaultConfigFile(rootless bool) (string, error) { +func DefaultConfigFile() (string, error) { if defaultConfigFileSet { return defaultConfigFile, nil } @@ -177,7 +30,7 @@ func DefaultConfigFile(rootless bool) (string, error) { if path, ok := os.LookupEnv(storageConfEnv); ok { return path, nil } - if !rootless { + if !usePerUserStorage() { if _, err := os.Stat(defaultOverrideConfigFile); err == nil { return defaultOverrideConfigFile, nil } diff --git a/vendor/github.com/containers/storage/utils.go b/vendor/github.com/containers/storage/utils.go index 6b5a3421a885..5bade6ffe35f 100644 --- a/vendor/github.com/containers/storage/utils.go +++ b/vendor/github.com/containers/storage/utils.go @@ -11,19 +11,9 @@ func ParseIDMapping(UIDMapSlice, GIDMapSlice []string, subUIDMap, subGIDMap stri return types.ParseIDMapping(UIDMapSlice, GIDMapSlice, subUIDMap, subGIDMap) } -// GetRootlessRuntimeDir returns the runtime directory when running as non root -func GetRootlessRuntimeDir(rootlessUID int) (string, error) { - return types.GetRootlessRuntimeDir(rootlessUID) -} - -// DefaultStoreOptionsAutoDetectUID returns the default storage options for containers -func DefaultStoreOptionsAutoDetectUID() (types.StoreOptions, error) { - return types.DefaultStoreOptionsAutoDetectUID() -} - // DefaultStoreOptions returns the default storage options for containers -func DefaultStoreOptions(rootless bool, rootlessUID int) (types.StoreOptions, error) { - return types.DefaultStoreOptions(rootless, rootlessUID) +func DefaultStoreOptions() (types.StoreOptions, error) { + return types.DefaultStoreOptions() } func validateMountOptions(mountOptions []string) error { diff --git a/vendor/github.com/fsouza/go-dockerclient/client.go b/vendor/github.com/fsouza/go-dockerclient/client.go index 2d8d019cb2ba..e1a420017716 100644 --- a/vendor/github.com/fsouza/go-dockerclient/client.go +++ b/vendor/github.com/fsouza/go-dockerclient/client.go @@ -511,7 +511,7 @@ type streamOptions struct { func chooseError(ctx context.Context, err error) error { select { case <-ctx.Done(): - return ctx.Err() + return context.Cause(ctx) default: return err } diff --git a/vendor/github.com/fsouza/go-dockerclient/container_create.go b/vendor/github.com/fsouza/go-dockerclient/container_create.go index 5a5ffe0f0327..36bcbfc0dd7a 100644 --- a/vendor/github.com/fsouza/go-dockerclient/container_create.go +++ b/vendor/github.com/fsouza/go-dockerclient/container_create.go @@ -17,6 +17,7 @@ var ErrContainerAlreadyExists = errors.New("container already exists") // See https://goo.gl/tyzwVM for more details. type CreateContainerOptions struct { Name string + Platform string Config *Config `qs:"-"` HostConfig *HostConfig `qs:"-"` NetworkingConfig *NetworkingConfig `qs:"-"` diff --git a/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go b/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go deleted file mode 100644 index ceadde6a5e10..000000000000 --- a/vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go +++ /dev/null @@ -1,101 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2013, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package sortkeys - -import ( - "sort" -) - -func Strings(l []string) { - sort.Strings(l) -} - -func Float64s(l []float64) { - sort.Float64s(l) -} - -func Float32s(l []float32) { - sort.Sort(Float32Slice(l)) -} - -func Int64s(l []int64) { - sort.Sort(Int64Slice(l)) -} - -func Int32s(l []int32) { - sort.Sort(Int32Slice(l)) -} - -func Uint64s(l []uint64) { - sort.Sort(Uint64Slice(l)) -} - -func Uint32s(l []uint32) { - sort.Sort(Uint32Slice(l)) -} - -func Bools(l []bool) { - sort.Sort(BoolSlice(l)) -} - -type BoolSlice []bool - -func (p BoolSlice) Len() int { return len(p) } -func (p BoolSlice) Less(i, j int) bool { return p[j] } -func (p BoolSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Int64Slice []int64 - -func (p Int64Slice) Len() int { return len(p) } -func (p Int64Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Int64Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Int32Slice []int32 - -func (p Int32Slice) Len() int { return len(p) } -func (p Int32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Int32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Uint64Slice []uint64 - -func (p Uint64Slice) Len() int { return len(p) } -func (p Uint64Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Uint64Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Uint32Slice []uint32 - -func (p Uint32Slice) Len() int { return len(p) } -func (p Uint32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Uint32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } - -type Float32Slice []float32 - -func (p Float32Slice) Len() int { return len(p) } -func (p Float32Slice) Less(i, j int) bool { return p[i] < p[j] } -func (p Float32Slice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } diff --git a/vendor/github.com/gogo/protobuf/types/any.go b/vendor/github.com/gogo/protobuf/types/any.go deleted file mode 100644 index df4787de37c5..000000000000 --- a/vendor/github.com/gogo/protobuf/types/any.go +++ /dev/null @@ -1,140 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -// This file implements functions to marshal proto.Message to/from -// google.protobuf.Any message. - -import ( - "fmt" - "reflect" - "strings" - - "github.com/gogo/protobuf/proto" -) - -const googleApis = "type.googleapis.com/" - -// AnyMessageName returns the name of the message contained in a google.protobuf.Any message. -// -// Note that regular type assertions should be done using the Is -// function. AnyMessageName is provided for less common use cases like filtering a -// sequence of Any messages based on a set of allowed message type names. -func AnyMessageName(any *Any) (string, error) { - if any == nil { - return "", fmt.Errorf("message is nil") - } - slash := strings.LastIndex(any.TypeUrl, "/") - if slash < 0 { - return "", fmt.Errorf("message type url %q is invalid", any.TypeUrl) - } - return any.TypeUrl[slash+1:], nil -} - -// MarshalAny takes the protocol buffer and encodes it into google.protobuf.Any. -func MarshalAny(pb proto.Message) (*Any, error) { - value, err := proto.Marshal(pb) - if err != nil { - return nil, err - } - return &Any{TypeUrl: googleApis + proto.MessageName(pb), Value: value}, nil -} - -// DynamicAny is a value that can be passed to UnmarshalAny to automatically -// allocate a proto.Message for the type specified in a google.protobuf.Any -// message. The allocated message is stored in the embedded proto.Message. -// -// Example: -// -// var x ptypes.DynamicAny -// if err := ptypes.UnmarshalAny(a, &x); err != nil { ... } -// fmt.Printf("unmarshaled message: %v", x.Message) -type DynamicAny struct { - proto.Message -} - -// Empty returns a new proto.Message of the type specified in a -// google.protobuf.Any message. It returns an error if corresponding message -// type isn't linked in. -func EmptyAny(any *Any) (proto.Message, error) { - aname, err := AnyMessageName(any) - if err != nil { - return nil, err - } - - t := proto.MessageType(aname) - if t == nil { - return nil, fmt.Errorf("any: message type %q isn't linked in", aname) - } - return reflect.New(t.Elem()).Interface().(proto.Message), nil -} - -// UnmarshalAny parses the protocol buffer representation in a google.protobuf.Any -// message and places the decoded result in pb. It returns an error if type of -// contents of Any message does not match type of pb message. -// -// pb can be a proto.Message, or a *DynamicAny. -func UnmarshalAny(any *Any, pb proto.Message) error { - if d, ok := pb.(*DynamicAny); ok { - if d.Message == nil { - var err error - d.Message, err = EmptyAny(any) - if err != nil { - return err - } - } - return UnmarshalAny(any, d.Message) - } - - aname, err := AnyMessageName(any) - if err != nil { - return err - } - - mname := proto.MessageName(pb) - if aname != mname { - return fmt.Errorf("mismatched message type: got %q want %q", aname, mname) - } - return proto.Unmarshal(any.Value, pb) -} - -// Is returns true if any value contains a given message type. -func Is(any *Any, pb proto.Message) bool { - // The following is equivalent to AnyMessageName(any) == proto.MessageName(pb), - // but it avoids scanning TypeUrl for the slash. - if any == nil { - return false - } - name := proto.MessageName(pb) - prefix := len(any.TypeUrl) - len(name) - return prefix >= 1 && any.TypeUrl[prefix-1] == '/' && any.TypeUrl[prefix:] == name -} diff --git a/vendor/github.com/gogo/protobuf/types/any.pb.go b/vendor/github.com/gogo/protobuf/types/any.pb.go deleted file mode 100644 index e3d4d9490f5e..000000000000 --- a/vendor/github.com/gogo/protobuf/types/any.pb.go +++ /dev/null @@ -1,694 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/any.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// `Any` contains an arbitrary serialized protocol buffer message along with a -// URL that describes the type of the serialized message. -// -// Protobuf library provides support to pack/unpack Any values in the form -// of utility functions or additional generated methods of the Any type. -// -// Example 1: Pack and unpack a message in C++. -// -// Foo foo = ...; -// Any any; -// any.PackFrom(foo); -// ... -// if (any.UnpackTo(&foo)) { -// ... -// } -// -// Example 2: Pack and unpack a message in Java. -// -// Foo foo = ...; -// Any any = Any.pack(foo); -// ... -// if (any.is(Foo.class)) { -// foo = any.unpack(Foo.class); -// } -// -// Example 3: Pack and unpack a message in Python. -// -// foo = Foo(...) -// any = Any() -// any.Pack(foo) -// ... -// if any.Is(Foo.DESCRIPTOR): -// any.Unpack(foo) -// ... -// -// Example 4: Pack and unpack a message in Go -// -// foo := &pb.Foo{...} -// any, err := ptypes.MarshalAny(foo) -// ... -// foo := &pb.Foo{} -// if err := ptypes.UnmarshalAny(any, foo); err != nil { -// ... -// } -// -// The pack methods provided by protobuf library will by default use -// 'type.googleapis.com/full.type.name' as the type URL and the unpack -// methods only use the fully qualified type name after the last '/' -// in the type URL, for example "foo.bar.com/x/y.z" will yield type -// name "y.z". -// -// -// JSON -// ==== -// The JSON representation of an `Any` value uses the regular -// representation of the deserialized, embedded message, with an -// additional field `@type` which contains the type URL. Example: -// -// package google.profile; -// message Person { -// string first_name = 1; -// string last_name = 2; -// } -// -// { -// "@type": "type.googleapis.com/google.profile.Person", -// "firstName": , -// "lastName": -// } -// -// If the embedded message type is well-known and has a custom JSON -// representation, that representation will be embedded adding a field -// `value` which holds the custom JSON in addition to the `@type` -// field. Example (for message [google.protobuf.Duration][]): -// -// { -// "@type": "type.googleapis.com/google.protobuf.Duration", -// "value": "1.212s" -// } -// -type Any struct { - // A URL/resource name that uniquely identifies the type of the serialized - // protocol buffer message. This string must contain at least - // one "/" character. The last segment of the URL's path must represent - // the fully qualified name of the type (as in - // `path/google.protobuf.Duration`). The name should be in a canonical form - // (e.g., leading "." is not accepted). - // - // In practice, teams usually precompile into the binary all types that they - // expect it to use in the context of Any. However, for URLs which use the - // scheme `http`, `https`, or no scheme, one can optionally set up a type - // server that maps type URLs to message definitions as follows: - // - // * If no scheme is provided, `https` is assumed. - // * An HTTP GET on the URL must yield a [google.protobuf.Type][] - // value in binary format, or produce an error. - // * Applications are allowed to cache lookup results based on the - // URL, or have them precompiled into a binary to avoid any - // lookup. Therefore, binary compatibility needs to be preserved - // on changes to types. (Use versioned type names to manage - // breaking changes.) - // - // Note: this functionality is not currently available in the official - // protobuf release, and it is not used for type URLs beginning with - // type.googleapis.com. - // - // Schemes other than `http`, `https` (or the empty scheme) might be - // used with implementation specific semantics. - // - TypeUrl string `protobuf:"bytes,1,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"` - // Must be a valid serialized protocol buffer of the above specified type. - Value []byte `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Any) Reset() { *m = Any{} } -func (*Any) ProtoMessage() {} -func (*Any) Descriptor() ([]byte, []int) { - return fileDescriptor_b53526c13ae22eb4, []int{0} -} -func (*Any) XXX_WellKnownType() string { return "Any" } -func (m *Any) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Any) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Any.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Any) XXX_Merge(src proto.Message) { - xxx_messageInfo_Any.Merge(m, src) -} -func (m *Any) XXX_Size() int { - return m.Size() -} -func (m *Any) XXX_DiscardUnknown() { - xxx_messageInfo_Any.DiscardUnknown(m) -} - -var xxx_messageInfo_Any proto.InternalMessageInfo - -func (m *Any) GetTypeUrl() string { - if m != nil { - return m.TypeUrl - } - return "" -} - -func (m *Any) GetValue() []byte { - if m != nil { - return m.Value - } - return nil -} - -func (*Any) XXX_MessageName() string { - return "google.protobuf.Any" -} -func init() { - proto.RegisterType((*Any)(nil), "google.protobuf.Any") -} - -func init() { proto.RegisterFile("google/protobuf/any.proto", fileDescriptor_b53526c13ae22eb4) } - -var fileDescriptor_b53526c13ae22eb4 = []byte{ - // 211 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4c, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcc, 0xab, 0xd4, - 0x03, 0x73, 0x84, 0xf8, 0x21, 0x52, 0x7a, 0x30, 0x29, 0x25, 0x33, 0x2e, 0x66, 0xc7, 0xbc, 0x4a, - 0x21, 0x49, 0x2e, 0x8e, 0x92, 0xca, 0x82, 0xd4, 0xf8, 0xd2, 0xa2, 0x1c, 0x09, 0x46, 0x05, 0x46, - 0x0d, 0xce, 0x20, 0x76, 0x10, 0x3f, 0xb4, 0x28, 0x47, 0x48, 0x84, 0x8b, 0xb5, 0x2c, 0x31, 0xa7, - 0x34, 0x55, 0x82, 0x49, 0x81, 0x51, 0x83, 0x27, 0x08, 0xc2, 0x71, 0xaa, 0xbf, 0xf1, 0x50, 0x8e, - 0xe1, 0xc3, 0x43, 0x39, 0xc6, 0x1f, 0x0f, 0xe5, 0x18, 0x1b, 0x1e, 0xc9, 0x31, 0xae, 0x78, 0x24, - 0xc7, 0x78, 0xe2, 0x91, 0x1c, 0xe3, 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0xbe, 0x78, - 0x24, 0xc7, 0xf0, 0x01, 0x24, 0xfe, 0x58, 0x8e, 0xf1, 0xc4, 0x63, 0x39, 0x46, 0x2e, 0xe1, 0xe4, - 0xfc, 0x5c, 0x3d, 0x34, 0xeb, 0x9d, 0x38, 0x1c, 0xf3, 0x2a, 0x03, 0x40, 0x9c, 0x00, 0xc6, 0x28, - 0x56, 0x90, 0x8d, 0xc5, 0x8b, 0x98, 0x98, 0xdd, 0x03, 0x9c, 0x56, 0x31, 0xc9, 0xb9, 0x43, 0x94, - 0x06, 0x40, 0x95, 0xea, 0x85, 0xa7, 0xe6, 0xe4, 0x78, 0xe7, 0xe5, 0x97, 0xe7, 0x85, 0x80, 0x94, - 0x25, 0xb1, 0x81, 0xcd, 0x30, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xb7, 0x81, 0x82, 0xd3, 0xed, - 0x00, 0x00, 0x00, -} - -func (this *Any) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Any) - if !ok { - that2, ok := that.(Any) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.TypeUrl != that1.TypeUrl { - if this.TypeUrl < that1.TypeUrl { - return -1 - } - return 1 - } - if c := bytes.Compare(this.Value, that1.Value); c != 0 { - return c - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Any) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Any) - if !ok { - that2, ok := that.(Any) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.TypeUrl != that1.TypeUrl { - return false - } - if !bytes.Equal(this.Value, that1.Value) { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Any) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 6) - s = append(s, "&types.Any{") - s = append(s, "TypeUrl: "+fmt.Sprintf("%#v", this.TypeUrl)+",\n") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringAny(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Any) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Any) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Any) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Value) > 0 { - i -= len(m.Value) - copy(dAtA[i:], m.Value) - i = encodeVarintAny(dAtA, i, uint64(len(m.Value))) - i-- - dAtA[i] = 0x12 - } - if len(m.TypeUrl) > 0 { - i -= len(m.TypeUrl) - copy(dAtA[i:], m.TypeUrl) - i = encodeVarintAny(dAtA, i, uint64(len(m.TypeUrl))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarintAny(dAtA []byte, offset int, v uint64) int { - offset -= sovAny(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedAny(r randyAny, easy bool) *Any { - this := &Any{} - this.TypeUrl = string(randStringAny(r)) - v1 := r.Intn(100) - this.Value = make([]byte, v1) - for i := 0; i < v1; i++ { - this.Value[i] = byte(r.Intn(256)) - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedAny(r, 3) - } - return this -} - -type randyAny interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneAny(r randyAny) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringAny(r randyAny) string { - v2 := r.Intn(100) - tmps := make([]rune, v2) - for i := 0; i < v2; i++ { - tmps[i] = randUTF8RuneAny(r) - } - return string(tmps) -} -func randUnrecognizedAny(r randyAny, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldAny(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldAny(dAtA []byte, r randyAny, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) - v3 := r.Int63() - if r.Intn(2) == 0 { - v3 *= -1 - } - dAtA = encodeVarintPopulateAny(dAtA, uint64(v3)) - case 1: - dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateAny(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateAny(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateAny(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *Any) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.TypeUrl) - if l > 0 { - n += 1 + l + sovAny(uint64(l)) - } - l = len(m.Value) - if l > 0 { - n += 1 + l + sovAny(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovAny(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozAny(x uint64) (n int) { - return sovAny(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *Any) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Any{`, - `TypeUrl:` + fmt.Sprintf("%v", this.TypeUrl) + `,`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringAny(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *Any) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAny - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Any: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Any: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TypeUrl", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAny - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthAny - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthAny - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TypeUrl = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowAny - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthAny - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthAny - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...) - if m.Value == nil { - m.Value = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipAny(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthAny - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipAny(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowAny - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowAny - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowAny - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthAny - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupAny - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthAny - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthAny = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowAny = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupAny = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/api.pb.go b/vendor/github.com/gogo/protobuf/types/api.pb.go deleted file mode 100644 index 83e8869206fe..000000000000 --- a/vendor/github.com/gogo/protobuf/types/api.pb.go +++ /dev/null @@ -1,2134 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/api.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// Api is a light-weight descriptor for an API Interface. -// -// Interfaces are also described as "protocol buffer services" in some contexts, -// such as by the "service" keyword in a .proto file, but they are different -// from API Services, which represent a concrete implementation of an interface -// as opposed to simply a description of methods and bindings. They are also -// sometimes simply referred to as "APIs" in other contexts, such as the name of -// this message itself. See https://cloud.google.com/apis/design/glossary for -// detailed terminology. -type Api struct { - // The fully qualified name of this interface, including package name - // followed by the interface's simple name. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The methods of this interface, in unspecified order. - Methods []*Method `protobuf:"bytes,2,rep,name=methods,proto3" json:"methods,omitempty"` - // Any metadata attached to the interface. - Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` - // A version string for this interface. If specified, must have the form - // `major-version.minor-version`, as in `1.10`. If the minor version is - // omitted, it defaults to zero. If the entire version field is empty, the - // major version is derived from the package name, as outlined below. If the - // field is not empty, the version in the package name will be verified to be - // consistent with what is provided here. - // - // The versioning schema uses [semantic - // versioning](http://semver.org) where the major version number - // indicates a breaking change and the minor version an additive, - // non-breaking change. Both version numbers are signals to users - // what to expect from different versions, and should be carefully - // chosen based on the product plan. - // - // The major version is also reflected in the package name of the - // interface, which must end in `v`, as in - // `google.feature.v1`. For major versions 0 and 1, the suffix can - // be omitted. Zero major versions must only be used for - // experimental, non-GA interfaces. - // - // - Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` - // Source context for the protocol buffer service represented by this - // message. - SourceContext *SourceContext `protobuf:"bytes,5,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` - // Included interfaces. See [Mixin][]. - Mixins []*Mixin `protobuf:"bytes,6,rep,name=mixins,proto3" json:"mixins,omitempty"` - // The source syntax of the service. - Syntax Syntax `protobuf:"varint,7,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Api) Reset() { *m = Api{} } -func (*Api) ProtoMessage() {} -func (*Api) Descriptor() ([]byte, []int) { - return fileDescriptor_a2ec32096296c143, []int{0} -} -func (m *Api) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Api) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Api.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Api) XXX_Merge(src proto.Message) { - xxx_messageInfo_Api.Merge(m, src) -} -func (m *Api) XXX_Size() int { - return m.Size() -} -func (m *Api) XXX_DiscardUnknown() { - xxx_messageInfo_Api.DiscardUnknown(m) -} - -var xxx_messageInfo_Api proto.InternalMessageInfo - -func (m *Api) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Api) GetMethods() []*Method { - if m != nil { - return m.Methods - } - return nil -} - -func (m *Api) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (m *Api) GetVersion() string { - if m != nil { - return m.Version - } - return "" -} - -func (m *Api) GetSourceContext() *SourceContext { - if m != nil { - return m.SourceContext - } - return nil -} - -func (m *Api) GetMixins() []*Mixin { - if m != nil { - return m.Mixins - } - return nil -} - -func (m *Api) GetSyntax() Syntax { - if m != nil { - return m.Syntax - } - return Syntax_SYNTAX_PROTO2 -} - -func (*Api) XXX_MessageName() string { - return "google.protobuf.Api" -} - -// Method represents a method of an API interface. -type Method struct { - // The simple name of this method. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // A URL of the input message type. - RequestTypeUrl string `protobuf:"bytes,2,opt,name=request_type_url,json=requestTypeUrl,proto3" json:"request_type_url,omitempty"` - // If true, the request is streamed. - RequestStreaming bool `protobuf:"varint,3,opt,name=request_streaming,json=requestStreaming,proto3" json:"request_streaming,omitempty"` - // The URL of the output message type. - ResponseTypeUrl string `protobuf:"bytes,4,opt,name=response_type_url,json=responseTypeUrl,proto3" json:"response_type_url,omitempty"` - // If true, the response is streamed. - ResponseStreaming bool `protobuf:"varint,5,opt,name=response_streaming,json=responseStreaming,proto3" json:"response_streaming,omitempty"` - // Any metadata attached to the method. - Options []*Option `protobuf:"bytes,6,rep,name=options,proto3" json:"options,omitempty"` - // The source syntax of this method. - Syntax Syntax `protobuf:"varint,7,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Method) Reset() { *m = Method{} } -func (*Method) ProtoMessage() {} -func (*Method) Descriptor() ([]byte, []int) { - return fileDescriptor_a2ec32096296c143, []int{1} -} -func (m *Method) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Method) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Method.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Method) XXX_Merge(src proto.Message) { - xxx_messageInfo_Method.Merge(m, src) -} -func (m *Method) XXX_Size() int { - return m.Size() -} -func (m *Method) XXX_DiscardUnknown() { - xxx_messageInfo_Method.DiscardUnknown(m) -} - -var xxx_messageInfo_Method proto.InternalMessageInfo - -func (m *Method) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Method) GetRequestTypeUrl() string { - if m != nil { - return m.RequestTypeUrl - } - return "" -} - -func (m *Method) GetRequestStreaming() bool { - if m != nil { - return m.RequestStreaming - } - return false -} - -func (m *Method) GetResponseTypeUrl() string { - if m != nil { - return m.ResponseTypeUrl - } - return "" -} - -func (m *Method) GetResponseStreaming() bool { - if m != nil { - return m.ResponseStreaming - } - return false -} - -func (m *Method) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (m *Method) GetSyntax() Syntax { - if m != nil { - return m.Syntax - } - return Syntax_SYNTAX_PROTO2 -} - -func (*Method) XXX_MessageName() string { - return "google.protobuf.Method" -} - -// Declares an API Interface to be included in this interface. The including -// interface must redeclare all the methods from the included interface, but -// documentation and options are inherited as follows: -// -// - If after comment and whitespace stripping, the documentation -// string of the redeclared method is empty, it will be inherited -// from the original method. -// -// - Each annotation belonging to the service config (http, -// visibility) which is not set in the redeclared method will be -// inherited. -// -// - If an http annotation is inherited, the path pattern will be -// modified as follows. Any version prefix will be replaced by the -// version of the including interface plus the [root][] path if -// specified. -// -// Example of a simple mixin: -// -// package google.acl.v1; -// service AccessControl { -// // Get the underlying ACL object. -// rpc GetAcl(GetAclRequest) returns (Acl) { -// option (google.api.http).get = "/v1/{resource=**}:getAcl"; -// } -// } -// -// package google.storage.v2; -// service Storage { -// rpc GetAcl(GetAclRequest) returns (Acl); -// -// // Get a data record. -// rpc GetData(GetDataRequest) returns (Data) { -// option (google.api.http).get = "/v2/{resource=**}"; -// } -// } -// -// Example of a mixin configuration: -// -// apis: -// - name: google.storage.v2.Storage -// mixins: -// - name: google.acl.v1.AccessControl -// -// The mixin construct implies that all methods in `AccessControl` are -// also declared with same name and request/response types in -// `Storage`. A documentation generator or annotation processor will -// see the effective `Storage.GetAcl` method after inherting -// documentation and annotations as follows: -// -// service Storage { -// // Get the underlying ACL object. -// rpc GetAcl(GetAclRequest) returns (Acl) { -// option (google.api.http).get = "/v2/{resource=**}:getAcl"; -// } -// ... -// } -// -// Note how the version in the path pattern changed from `v1` to `v2`. -// -// If the `root` field in the mixin is specified, it should be a -// relative path under which inherited HTTP paths are placed. Example: -// -// apis: -// - name: google.storage.v2.Storage -// mixins: -// - name: google.acl.v1.AccessControl -// root: acls -// -// This implies the following inherited HTTP annotation: -// -// service Storage { -// // Get the underlying ACL object. -// rpc GetAcl(GetAclRequest) returns (Acl) { -// option (google.api.http).get = "/v2/acls/{resource=**}:getAcl"; -// } -// ... -// } -type Mixin struct { - // The fully qualified name of the interface which is included. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // If non-empty specifies a path under which inherited HTTP paths - // are rooted. - Root string `protobuf:"bytes,2,opt,name=root,proto3" json:"root,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Mixin) Reset() { *m = Mixin{} } -func (*Mixin) ProtoMessage() {} -func (*Mixin) Descriptor() ([]byte, []int) { - return fileDescriptor_a2ec32096296c143, []int{2} -} -func (m *Mixin) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Mixin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Mixin.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Mixin) XXX_Merge(src proto.Message) { - xxx_messageInfo_Mixin.Merge(m, src) -} -func (m *Mixin) XXX_Size() int { - return m.Size() -} -func (m *Mixin) XXX_DiscardUnknown() { - xxx_messageInfo_Mixin.DiscardUnknown(m) -} - -var xxx_messageInfo_Mixin proto.InternalMessageInfo - -func (m *Mixin) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Mixin) GetRoot() string { - if m != nil { - return m.Root - } - return "" -} - -func (*Mixin) XXX_MessageName() string { - return "google.protobuf.Mixin" -} -func init() { - proto.RegisterType((*Api)(nil), "google.protobuf.Api") - proto.RegisterType((*Method)(nil), "google.protobuf.Method") - proto.RegisterType((*Mixin)(nil), "google.protobuf.Mixin") -} - -func init() { proto.RegisterFile("google/protobuf/api.proto", fileDescriptor_a2ec32096296c143) } - -var fileDescriptor_a2ec32096296c143 = []byte{ - // 467 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x91, 0x31, 0x6f, 0x13, 0x31, - 0x14, 0xc7, 0xeb, 0xbb, 0xe4, 0x52, 0x5c, 0x91, 0x82, 0x91, 0xc0, 0x64, 0xb0, 0x4e, 0x15, 0xc3, - 0x09, 0xc4, 0x45, 0x94, 0x4f, 0xd0, 0x20, 0xd4, 0x01, 0x21, 0xa2, 0x0b, 0x08, 0x89, 0x25, 0x4a, - 0x83, 0x09, 0x96, 0xee, 0x6c, 0x63, 0x3b, 0x90, 0x4c, 0xf0, 0x59, 0x98, 0x10, 0x23, 0xdf, 0x80, - 0xad, 0x23, 0x23, 0x23, 0xb9, 0x2e, 0x8c, 0x1d, 0x19, 0x91, 0x7d, 0xe7, 0xa6, 0x5c, 0x83, 0x04, - 0x9b, 0xdf, 0xfb, 0xff, 0xfc, 0xf7, 0x7b, 0x7f, 0xc3, 0x9b, 0x33, 0x21, 0x66, 0x39, 0xed, 0x4b, - 0x25, 0x8c, 0x38, 0x9a, 0xbf, 0xea, 0x4f, 0x24, 0x4b, 0x5d, 0x81, 0x76, 0x2b, 0x29, 0xf5, 0x52, - 0xef, 0x56, 0x93, 0xd5, 0x62, 0xae, 0xa6, 0x74, 0x3c, 0x15, 0xdc, 0xd0, 0x85, 0xa9, 0xc0, 0x5e, - 0xaf, 0x49, 0x99, 0xa5, 0xac, 0x4d, 0xf6, 0xbe, 0x06, 0x30, 0x3c, 0x90, 0x0c, 0x21, 0xd8, 0xe2, - 0x93, 0x82, 0x62, 0x10, 0x83, 0xe4, 0x52, 0xe6, 0xce, 0xe8, 0x1e, 0xec, 0x14, 0xd4, 0xbc, 0x16, - 0x2f, 0x35, 0x0e, 0xe2, 0x30, 0xd9, 0xd9, 0xbf, 0x91, 0x36, 0x06, 0x48, 0x1f, 0x3b, 0x3d, 0xf3, - 0x9c, 0xbd, 0x22, 0xa4, 0x61, 0x82, 0x6b, 0x1c, 0xfe, 0xe5, 0xca, 0x13, 0xa7, 0x67, 0x9e, 0x43, - 0x18, 0x76, 0xde, 0x52, 0xa5, 0x99, 0xe0, 0xb8, 0xe5, 0x1e, 0xf7, 0x25, 0x7a, 0x08, 0xbb, 0x7f, - 0xee, 0x83, 0xdb, 0x31, 0x48, 0x76, 0xf6, 0xc9, 0x05, 0xcf, 0x91, 0xc3, 0x1e, 0x54, 0x54, 0x76, - 0x59, 0x9f, 0x2f, 0x51, 0x0a, 0xa3, 0x82, 0x2d, 0x18, 0xd7, 0x38, 0x72, 0x23, 0x5d, 0xbf, 0xb8, - 0x85, 0x95, 0xb3, 0x9a, 0x42, 0x7d, 0x18, 0xe9, 0x25, 0x37, 0x93, 0x05, 0xee, 0xc4, 0x20, 0xe9, - 0x6e, 0x58, 0x61, 0xe4, 0xe4, 0xac, 0xc6, 0xf6, 0xbe, 0x04, 0x30, 0xaa, 0x82, 0xd8, 0x18, 0x63, - 0x02, 0xaf, 0x28, 0xfa, 0x66, 0x4e, 0xb5, 0x19, 0xdb, 0xe0, 0xc7, 0x73, 0x95, 0xe3, 0xc0, 0xe9, - 0xdd, 0xba, 0xff, 0x74, 0x29, 0xe9, 0x33, 0x95, 0xa3, 0x3b, 0xf0, 0xaa, 0x27, 0xb5, 0x51, 0x74, - 0x52, 0x30, 0x3e, 0xc3, 0x61, 0x0c, 0x92, 0xed, 0xcc, 0x5b, 0x8c, 0x7c, 0x1f, 0xdd, 0xb6, 0xb0, - 0x96, 0x82, 0x6b, 0xba, 0xf6, 0xad, 0x12, 0xdc, 0xf5, 0x82, 0x37, 0xbe, 0x0b, 0xd1, 0x19, 0xbb, - 0x76, 0x6e, 0x3b, 0xe7, 0x33, 0x97, 0xb5, 0xf5, 0xb9, 0x5f, 0x8c, 0xfe, 0xf1, 0x17, 0xff, 0x3b, - 0xb4, 0x3e, 0x6c, 0xbb, 0xd8, 0x37, 0x46, 0x86, 0x60, 0x4b, 0x09, 0x61, 0xea, 0x98, 0xdc, 0x79, - 0xf0, 0xfe, 0xfb, 0x8a, 0x6c, 0x9d, 0xae, 0x08, 0xf8, 0xb5, 0x22, 0xe0, 0x43, 0x49, 0xc0, 0xa7, - 0x92, 0x80, 0xe3, 0x92, 0x80, 0x6f, 0x25, 0x01, 0x3f, 0x4a, 0x02, 0x7e, 0x96, 0x64, 0xeb, 0xd4, - 0xf6, 0x4f, 0x08, 0x38, 0x3e, 0x21, 0x00, 0x5e, 0x9b, 0x8a, 0xa2, 0x39, 0xc6, 0x60, 0xfb, 0x40, - 0xb2, 0xa1, 0x2d, 0x86, 0xe0, 0x45, 0xdb, 0xe6, 0xa6, 0x3f, 0x06, 0xe1, 0xe1, 0x70, 0xf0, 0x39, - 0x20, 0x87, 0x15, 0x3a, 0xf4, 0x13, 0x3f, 0xa7, 0x79, 0xfe, 0x88, 0x8b, 0x77, 0xdc, 0xc6, 0xa8, - 0x8f, 0x22, 0xe7, 0x71, 0xff, 0x77, 0x00, 0x00, 0x00, 0xff, 0xff, 0x2b, 0x64, 0x40, 0x40, 0xa1, - 0x03, 0x00, 0x00, -} - -func (this *Api) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Api) - if !ok { - that2, ok := that.(Api) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if len(this.Methods) != len(that1.Methods) { - if len(this.Methods) < len(that1.Methods) { - return -1 - } - return 1 - } - for i := range this.Methods { - if c := this.Methods[i].Compare(that1.Methods[i]); c != 0 { - return c - } - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if this.Version != that1.Version { - if this.Version < that1.Version { - return -1 - } - return 1 - } - if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { - return c - } - if len(this.Mixins) != len(that1.Mixins) { - if len(this.Mixins) < len(that1.Mixins) { - return -1 - } - return 1 - } - for i := range this.Mixins { - if c := this.Mixins[i].Compare(that1.Mixins[i]); c != 0 { - return c - } - } - if this.Syntax != that1.Syntax { - if this.Syntax < that1.Syntax { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Method) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Method) - if !ok { - that2, ok := that.(Method) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if this.RequestTypeUrl != that1.RequestTypeUrl { - if this.RequestTypeUrl < that1.RequestTypeUrl { - return -1 - } - return 1 - } - if this.RequestStreaming != that1.RequestStreaming { - if !this.RequestStreaming { - return -1 - } - return 1 - } - if this.ResponseTypeUrl != that1.ResponseTypeUrl { - if this.ResponseTypeUrl < that1.ResponseTypeUrl { - return -1 - } - return 1 - } - if this.ResponseStreaming != that1.ResponseStreaming { - if !this.ResponseStreaming { - return -1 - } - return 1 - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if this.Syntax != that1.Syntax { - if this.Syntax < that1.Syntax { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Mixin) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Mixin) - if !ok { - that2, ok := that.(Mixin) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if this.Root != that1.Root { - if this.Root < that1.Root { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Api) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Api) - if !ok { - that2, ok := that.(Api) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if len(this.Methods) != len(that1.Methods) { - return false - } - for i := range this.Methods { - if !this.Methods[i].Equal(that1.Methods[i]) { - return false - } - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if this.Version != that1.Version { - return false - } - if !this.SourceContext.Equal(that1.SourceContext) { - return false - } - if len(this.Mixins) != len(that1.Mixins) { - return false - } - for i := range this.Mixins { - if !this.Mixins[i].Equal(that1.Mixins[i]) { - return false - } - } - if this.Syntax != that1.Syntax { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Method) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Method) - if !ok { - that2, ok := that.(Method) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if this.RequestTypeUrl != that1.RequestTypeUrl { - return false - } - if this.RequestStreaming != that1.RequestStreaming { - return false - } - if this.ResponseTypeUrl != that1.ResponseTypeUrl { - return false - } - if this.ResponseStreaming != that1.ResponseStreaming { - return false - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if this.Syntax != that1.Syntax { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Mixin) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Mixin) - if !ok { - that2, ok := that.(Mixin) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if this.Root != that1.Root { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Api) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 11) - s = append(s, "&types.Api{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - if this.Methods != nil { - s = append(s, "Methods: "+fmt.Sprintf("%#v", this.Methods)+",\n") - } - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - s = append(s, "Version: "+fmt.Sprintf("%#v", this.Version)+",\n") - if this.SourceContext != nil { - s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") - } - if this.Mixins != nil { - s = append(s, "Mixins: "+fmt.Sprintf("%#v", this.Mixins)+",\n") - } - s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Method) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 11) - s = append(s, "&types.Method{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - s = append(s, "RequestTypeUrl: "+fmt.Sprintf("%#v", this.RequestTypeUrl)+",\n") - s = append(s, "RequestStreaming: "+fmt.Sprintf("%#v", this.RequestStreaming)+",\n") - s = append(s, "ResponseTypeUrl: "+fmt.Sprintf("%#v", this.ResponseTypeUrl)+",\n") - s = append(s, "ResponseStreaming: "+fmt.Sprintf("%#v", this.ResponseStreaming)+",\n") - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Mixin) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 6) - s = append(s, "&types.Mixin{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - s = append(s, "Root: "+fmt.Sprintf("%#v", this.Root)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringApi(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Api) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Api) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Api) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Syntax != 0 { - i = encodeVarintApi(dAtA, i, uint64(m.Syntax)) - i-- - dAtA[i] = 0x38 - } - if len(m.Mixins) > 0 { - for iNdEx := len(m.Mixins) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Mixins[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintApi(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x32 - } - } - if m.SourceContext != nil { - { - size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintApi(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x2a - } - if len(m.Version) > 0 { - i -= len(m.Version) - copy(dAtA[i:], m.Version) - i = encodeVarintApi(dAtA, i, uint64(len(m.Version))) - i-- - dAtA[i] = 0x22 - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintApi(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x1a - } - } - if len(m.Methods) > 0 { - for iNdEx := len(m.Methods) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Methods[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintApi(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *Method) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Method) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Method) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Syntax != 0 { - i = encodeVarintApi(dAtA, i, uint64(m.Syntax)) - i-- - dAtA[i] = 0x38 - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintApi(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x32 - } - } - if m.ResponseStreaming { - i-- - if m.ResponseStreaming { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x28 - } - if len(m.ResponseTypeUrl) > 0 { - i -= len(m.ResponseTypeUrl) - copy(dAtA[i:], m.ResponseTypeUrl) - i = encodeVarintApi(dAtA, i, uint64(len(m.ResponseTypeUrl))) - i-- - dAtA[i] = 0x22 - } - if m.RequestStreaming { - i-- - if m.RequestStreaming { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x18 - } - if len(m.RequestTypeUrl) > 0 { - i -= len(m.RequestTypeUrl) - copy(dAtA[i:], m.RequestTypeUrl) - i = encodeVarintApi(dAtA, i, uint64(len(m.RequestTypeUrl))) - i-- - dAtA[i] = 0x12 - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *Mixin) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Mixin) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Mixin) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Root) > 0 { - i -= len(m.Root) - copy(dAtA[i:], m.Root) - i = encodeVarintApi(dAtA, i, uint64(len(m.Root))) - i-- - dAtA[i] = 0x12 - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintApi(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarintApi(dAtA []byte, offset int, v uint64) int { - offset -= sovApi(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedApi(r randyApi, easy bool) *Api { - this := &Api{} - this.Name = string(randStringApi(r)) - if r.Intn(5) != 0 { - v1 := r.Intn(5) - this.Methods = make([]*Method, v1) - for i := 0; i < v1; i++ { - this.Methods[i] = NewPopulatedMethod(r, easy) - } - } - if r.Intn(5) != 0 { - v2 := r.Intn(5) - this.Options = make([]*Option, v2) - for i := 0; i < v2; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - this.Version = string(randStringApi(r)) - if r.Intn(5) != 0 { - this.SourceContext = NewPopulatedSourceContext(r, easy) - } - if r.Intn(5) != 0 { - v3 := r.Intn(5) - this.Mixins = make([]*Mixin, v3) - for i := 0; i < v3; i++ { - this.Mixins[i] = NewPopulatedMixin(r, easy) - } - } - this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedApi(r, 8) - } - return this -} - -func NewPopulatedMethod(r randyApi, easy bool) *Method { - this := &Method{} - this.Name = string(randStringApi(r)) - this.RequestTypeUrl = string(randStringApi(r)) - this.RequestStreaming = bool(bool(r.Intn(2) == 0)) - this.ResponseTypeUrl = string(randStringApi(r)) - this.ResponseStreaming = bool(bool(r.Intn(2) == 0)) - if r.Intn(5) != 0 { - v4 := r.Intn(5) - this.Options = make([]*Option, v4) - for i := 0; i < v4; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedApi(r, 8) - } - return this -} - -func NewPopulatedMixin(r randyApi, easy bool) *Mixin { - this := &Mixin{} - this.Name = string(randStringApi(r)) - this.Root = string(randStringApi(r)) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedApi(r, 3) - } - return this -} - -type randyApi interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneApi(r randyApi) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringApi(r randyApi) string { - v5 := r.Intn(100) - tmps := make([]rune, v5) - for i := 0; i < v5; i++ { - tmps[i] = randUTF8RuneApi(r) - } - return string(tmps) -} -func randUnrecognizedApi(r randyApi, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldApi(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldApi(dAtA []byte, r randyApi, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) - v6 := r.Int63() - if r.Intn(2) == 0 { - v6 *= -1 - } - dAtA = encodeVarintPopulateApi(dAtA, uint64(v6)) - case 1: - dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateApi(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateApi(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateApi(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *Api) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - if len(m.Methods) > 0 { - for _, e := range m.Methods { - l = e.Size() - n += 1 + l + sovApi(uint64(l)) - } - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovApi(uint64(l)) - } - } - l = len(m.Version) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - if m.SourceContext != nil { - l = m.SourceContext.Size() - n += 1 + l + sovApi(uint64(l)) - } - if len(m.Mixins) > 0 { - for _, e := range m.Mixins { - l = e.Size() - n += 1 + l + sovApi(uint64(l)) - } - } - if m.Syntax != 0 { - n += 1 + sovApi(uint64(m.Syntax)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Method) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - l = len(m.RequestTypeUrl) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - if m.RequestStreaming { - n += 2 - } - l = len(m.ResponseTypeUrl) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - if m.ResponseStreaming { - n += 2 - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovApi(uint64(l)) - } - } - if m.Syntax != 0 { - n += 1 + sovApi(uint64(m.Syntax)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Mixin) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - l = len(m.Root) - if l > 0 { - n += 1 + l + sovApi(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovApi(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozApi(x uint64) (n int) { - return sovApi(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *Api) String() string { - if this == nil { - return "nil" - } - repeatedStringForMethods := "[]*Method{" - for _, f := range this.Methods { - repeatedStringForMethods += strings.Replace(f.String(), "Method", "Method", 1) + "," - } - repeatedStringForMethods += "}" - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(fmt.Sprintf("%v", f), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - repeatedStringForMixins := "[]*Mixin{" - for _, f := range this.Mixins { - repeatedStringForMixins += strings.Replace(f.String(), "Mixin", "Mixin", 1) + "," - } - repeatedStringForMixins += "}" - s := strings.Join([]string{`&Api{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Methods:` + repeatedStringForMethods + `,`, - `Options:` + repeatedStringForOptions + `,`, - `Version:` + fmt.Sprintf("%v", this.Version) + `,`, - `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, - `Mixins:` + repeatedStringForMixins + `,`, - `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Method) String() string { - if this == nil { - return "nil" - } - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(fmt.Sprintf("%v", f), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - s := strings.Join([]string{`&Method{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `RequestTypeUrl:` + fmt.Sprintf("%v", this.RequestTypeUrl) + `,`, - `RequestStreaming:` + fmt.Sprintf("%v", this.RequestStreaming) + `,`, - `ResponseTypeUrl:` + fmt.Sprintf("%v", this.ResponseTypeUrl) + `,`, - `ResponseStreaming:` + fmt.Sprintf("%v", this.ResponseStreaming) + `,`, - `Options:` + repeatedStringForOptions + `,`, - `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Mixin) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Mixin{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Root:` + fmt.Sprintf("%v", this.Root) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringApi(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *Api) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Api: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Api: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Methods", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Methods = append(m.Methods, &Method{}) - if err := m.Methods[len(m.Methods)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Version", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Version = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.SourceContext == nil { - m.SourceContext = &SourceContext{} - } - if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Mixins", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Mixins = append(m.Mixins, &Mixin{}) - if err := m.Mixins[len(m.Mixins)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) - } - m.Syntax = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Syntax |= Syntax(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipApi(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthApi - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Method) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Method: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Method: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field RequestTypeUrl", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.RequestTypeUrl = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field RequestStreaming", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.RequestStreaming = bool(v != 0) - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ResponseTypeUrl", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ResponseTypeUrl = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field ResponseStreaming", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.ResponseStreaming = bool(v != 0) - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) - } - m.Syntax = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Syntax |= Syntax(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipApi(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthApi - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Mixin) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Mixin: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Mixin: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Root", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApi - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApi - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApi - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Root = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipApi(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthApi - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipApi(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowApi - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowApi - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowApi - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthApi - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupApi - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthApi - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthApi = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowApi = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupApi = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/doc.go b/vendor/github.com/gogo/protobuf/types/doc.go deleted file mode 100644 index ff2810af1ee0..000000000000 --- a/vendor/github.com/gogo/protobuf/types/doc.go +++ /dev/null @@ -1,35 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -/* -Package types contains code for interacting with well-known types. -*/ -package types diff --git a/vendor/github.com/gogo/protobuf/types/duration.go b/vendor/github.com/gogo/protobuf/types/duration.go deleted file mode 100644 index 979b8e78a4ef..000000000000 --- a/vendor/github.com/gogo/protobuf/types/duration.go +++ /dev/null @@ -1,100 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -// This file implements conversions between google.protobuf.Duration -// and time.Duration. - -import ( - "errors" - "fmt" - "time" -) - -const ( - // Range of a Duration in seconds, as specified in - // google/protobuf/duration.proto. This is about 10,000 years in seconds. - maxSeconds = int64(10000 * 365.25 * 24 * 60 * 60) - minSeconds = -maxSeconds -) - -// validateDuration determines whether the Duration is valid according to the -// definition in google/protobuf/duration.proto. A valid Duration -// may still be too large to fit into a time.Duration (the range of Duration -// is about 10,000 years, and the range of time.Duration is about 290). -func validateDuration(d *Duration) error { - if d == nil { - return errors.New("duration: nil Duration") - } - if d.Seconds < minSeconds || d.Seconds > maxSeconds { - return fmt.Errorf("duration: %#v: seconds out of range", d) - } - if d.Nanos <= -1e9 || d.Nanos >= 1e9 { - return fmt.Errorf("duration: %#v: nanos out of range", d) - } - // Seconds and Nanos must have the same sign, unless d.Nanos is zero. - if (d.Seconds < 0 && d.Nanos > 0) || (d.Seconds > 0 && d.Nanos < 0) { - return fmt.Errorf("duration: %#v: seconds and nanos have different signs", d) - } - return nil -} - -// DurationFromProto converts a Duration to a time.Duration. DurationFromProto -// returns an error if the Duration is invalid or is too large to be -// represented in a time.Duration. -func DurationFromProto(p *Duration) (time.Duration, error) { - if err := validateDuration(p); err != nil { - return 0, err - } - d := time.Duration(p.Seconds) * time.Second - if int64(d/time.Second) != p.Seconds { - return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) - } - if p.Nanos != 0 { - d += time.Duration(p.Nanos) * time.Nanosecond - if (d < 0) != (p.Nanos < 0) { - return 0, fmt.Errorf("duration: %#v is out of range for time.Duration", p) - } - } - return d, nil -} - -// DurationProto converts a time.Duration to a Duration. -func DurationProto(d time.Duration) *Duration { - nanos := d.Nanoseconds() - secs := nanos / 1e9 - nanos -= secs * 1e9 - return &Duration{ - Seconds: secs, - Nanos: int32(nanos), - } -} diff --git a/vendor/github.com/gogo/protobuf/types/duration.pb.go b/vendor/github.com/gogo/protobuf/types/duration.pb.go deleted file mode 100644 index 4deafcb1ce95..000000000000 --- a/vendor/github.com/gogo/protobuf/types/duration.pb.go +++ /dev/null @@ -1,517 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/duration.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// A Duration represents a signed, fixed-length span of time represented -// as a count of seconds and fractions of seconds at nanosecond -// resolution. It is independent of any calendar and concepts like "day" -// or "month". It is related to Timestamp in that the difference between -// two Timestamp values is a Duration and it can be added or subtracted -// from a Timestamp. Range is approximately +-10,000 years. -// -// # Examples -// -// Example 1: Compute Duration from two Timestamps in pseudo code. -// -// Timestamp start = ...; -// Timestamp end = ...; -// Duration duration = ...; -// -// duration.seconds = end.seconds - start.seconds; -// duration.nanos = end.nanos - start.nanos; -// -// if (duration.seconds < 0 && duration.nanos > 0) { -// duration.seconds += 1; -// duration.nanos -= 1000000000; -// } else if (durations.seconds > 0 && duration.nanos < 0) { -// duration.seconds -= 1; -// duration.nanos += 1000000000; -// } -// -// Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. -// -// Timestamp start = ...; -// Duration duration = ...; -// Timestamp end = ...; -// -// end.seconds = start.seconds + duration.seconds; -// end.nanos = start.nanos + duration.nanos; -// -// if (end.nanos < 0) { -// end.seconds -= 1; -// end.nanos += 1000000000; -// } else if (end.nanos >= 1000000000) { -// end.seconds += 1; -// end.nanos -= 1000000000; -// } -// -// Example 3: Compute Duration from datetime.timedelta in Python. -// -// td = datetime.timedelta(days=3, minutes=10) -// duration = Duration() -// duration.FromTimedelta(td) -// -// # JSON Mapping -// -// In JSON format, the Duration type is encoded as a string rather than an -// object, where the string ends in the suffix "s" (indicating seconds) and -// is preceded by the number of seconds, with nanoseconds expressed as -// fractional seconds. For example, 3 seconds with 0 nanoseconds should be -// encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should -// be expressed in JSON format as "3.000000001s", and 3 seconds and 1 -// microsecond should be expressed in JSON format as "3.000001s". -// -// -type Duration struct { - // Signed seconds of the span of time. Must be from -315,576,000,000 - // to +315,576,000,000 inclusive. Note: these bounds are computed from: - // 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` - // Signed fractions of a second at nanosecond resolution of the span - // of time. Durations less than one second are represented with a 0 - // `seconds` field and a positive or negative `nanos` field. For durations - // of one second or more, a non-zero value for the `nanos` field must be - // of the same sign as the `seconds` field. Must be from -999,999,999 - // to +999,999,999 inclusive. - Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Duration) Reset() { *m = Duration{} } -func (*Duration) ProtoMessage() {} -func (*Duration) Descriptor() ([]byte, []int) { - return fileDescriptor_23597b2ebd7ac6c5, []int{0} -} -func (*Duration) XXX_WellKnownType() string { return "Duration" } -func (m *Duration) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Duration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Duration.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Duration) XXX_Merge(src proto.Message) { - xxx_messageInfo_Duration.Merge(m, src) -} -func (m *Duration) XXX_Size() int { - return m.Size() -} -func (m *Duration) XXX_DiscardUnknown() { - xxx_messageInfo_Duration.DiscardUnknown(m) -} - -var xxx_messageInfo_Duration proto.InternalMessageInfo - -func (m *Duration) GetSeconds() int64 { - if m != nil { - return m.Seconds - } - return 0 -} - -func (m *Duration) GetNanos() int32 { - if m != nil { - return m.Nanos - } - return 0 -} - -func (*Duration) XXX_MessageName() string { - return "google.protobuf.Duration" -} -func init() { - proto.RegisterType((*Duration)(nil), "google.protobuf.Duration") -} - -func init() { proto.RegisterFile("google/protobuf/duration.proto", fileDescriptor_23597b2ebd7ac6c5) } - -var fileDescriptor_23597b2ebd7ac6c5 = []byte{ - // 209 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4b, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0x29, 0x2d, 0x4a, - 0x2c, 0xc9, 0xcc, 0xcf, 0xd3, 0x03, 0x8b, 0x08, 0xf1, 0x43, 0xe4, 0xf5, 0x60, 0xf2, 0x4a, 0x56, - 0x5c, 0x1c, 0x2e, 0x50, 0x25, 0x42, 0x12, 0x5c, 0xec, 0xc5, 0xa9, 0xc9, 0xf9, 0x79, 0x29, 0xc5, - 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0xcc, 0x41, 0x30, 0xae, 0x90, 0x08, 0x17, 0x6b, 0x5e, 0x62, 0x5e, - 0x7e, 0xb1, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x6b, 0x10, 0x84, 0xe3, 0x54, 0x7f, 0xe3, 0xa1, 0x1c, - 0xc3, 0x87, 0x87, 0x72, 0x8c, 0x2b, 0x1e, 0xc9, 0x31, 0x9e, 0x78, 0x24, 0xc7, 0x78, 0xe1, 0x91, - 0x1c, 0xe3, 0x83, 0x47, 0x72, 0x8c, 0x2f, 0x1e, 0xc9, 0x31, 0x7c, 0x78, 0x24, 0xc7, 0xb8, 0xe2, - 0xb1, 0x1c, 0xe3, 0x89, 0xc7, 0x72, 0x8c, 0x5c, 0xc2, 0xc9, 0xf9, 0xb9, 0x7a, 0x68, 0x56, 0x3b, - 0xf1, 0xc2, 0x2c, 0x0e, 0x00, 0x89, 0x04, 0x30, 0x46, 0xb1, 0x96, 0x54, 0x16, 0xa4, 0x16, 0xff, - 0x60, 0x64, 0x5c, 0xc4, 0xc4, 0xec, 0x1e, 0xe0, 0xb4, 0x8a, 0x49, 0xce, 0x1d, 0xa2, 0x25, 0x00, - 0xaa, 0x45, 0x2f, 0x3c, 0x35, 0x27, 0xc7, 0x3b, 0x2f, 0xbf, 0x3c, 0x2f, 0x04, 0xa4, 0x32, 0x89, - 0x0d, 0x6c, 0x96, 0x31, 0x20, 0x00, 0x00, 0xff, 0xff, 0x8a, 0x1c, 0x64, 0x4e, 0xf6, 0x00, 0x00, - 0x00, -} - -func (this *Duration) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Duration) - if !ok { - that2, ok := that.(Duration) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Seconds != that1.Seconds { - if this.Seconds < that1.Seconds { - return -1 - } - return 1 - } - if this.Nanos != that1.Nanos { - if this.Nanos < that1.Nanos { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Duration) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Duration) - if !ok { - that2, ok := that.(Duration) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Seconds != that1.Seconds { - return false - } - if this.Nanos != that1.Nanos { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Duration) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 6) - s = append(s, "&types.Duration{") - s = append(s, "Seconds: "+fmt.Sprintf("%#v", this.Seconds)+",\n") - s = append(s, "Nanos: "+fmt.Sprintf("%#v", this.Nanos)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringDuration(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Duration) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Duration) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Duration) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Nanos != 0 { - i = encodeVarintDuration(dAtA, i, uint64(m.Nanos)) - i-- - dAtA[i] = 0x10 - } - if m.Seconds != 0 { - i = encodeVarintDuration(dAtA, i, uint64(m.Seconds)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func encodeVarintDuration(dAtA []byte, offset int, v uint64) int { - offset -= sovDuration(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func (m *Duration) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Seconds != 0 { - n += 1 + sovDuration(uint64(m.Seconds)) - } - if m.Nanos != 0 { - n += 1 + sovDuration(uint64(m.Nanos)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovDuration(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozDuration(x uint64) (n int) { - return sovDuration(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (m *Duration) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowDuration - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Duration: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Duration: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Seconds", wireType) - } - m.Seconds = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowDuration - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Seconds |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Nanos", wireType) - } - m.Nanos = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowDuration - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Nanos |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipDuration(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthDuration - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipDuration(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowDuration - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowDuration - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowDuration - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthDuration - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupDuration - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthDuration - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthDuration = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowDuration = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupDuration = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/duration_gogo.go b/vendor/github.com/gogo/protobuf/types/duration_gogo.go deleted file mode 100644 index 90e7670e21d1..000000000000 --- a/vendor/github.com/gogo/protobuf/types/duration_gogo.go +++ /dev/null @@ -1,100 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2016, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -import ( - "fmt" - "time" -) - -func NewPopulatedDuration(r interface { - Int63() int64 -}, easy bool) *Duration { - this := &Duration{} - maxSecs := time.Hour.Nanoseconds() / 1e9 - max := 2 * maxSecs - s := int64(r.Int63()) % max - s -= maxSecs - neg := int64(1) - if s < 0 { - neg = -1 - } - this.Seconds = s - this.Nanos = int32(neg * (r.Int63() % 1e9)) - return this -} - -func (d *Duration) String() string { - td, err := DurationFromProto(d) - if err != nil { - return fmt.Sprintf("(%v)", err) - } - return td.String() -} - -func NewPopulatedStdDuration(r interface { - Int63() int64 -}, easy bool) *time.Duration { - dur := NewPopulatedDuration(r, easy) - d, err := DurationFromProto(dur) - if err != nil { - return nil - } - return &d -} - -func SizeOfStdDuration(d time.Duration) int { - dur := DurationProto(d) - return dur.Size() -} - -func StdDurationMarshal(d time.Duration) ([]byte, error) { - size := SizeOfStdDuration(d) - buf := make([]byte, size) - _, err := StdDurationMarshalTo(d, buf) - return buf, err -} - -func StdDurationMarshalTo(d time.Duration, data []byte) (int, error) { - dur := DurationProto(d) - return dur.MarshalTo(data) -} - -func StdDurationUnmarshal(d *time.Duration, data []byte) error { - dur := &Duration{} - if err := dur.Unmarshal(data); err != nil { - return err - } - dd, err := DurationFromProto(dur) - if err != nil { - return err - } - *d = dd - return nil -} diff --git a/vendor/github.com/gogo/protobuf/types/empty.pb.go b/vendor/github.com/gogo/protobuf/types/empty.pb.go deleted file mode 100644 index 9e94748b3a33..000000000000 --- a/vendor/github.com/gogo/protobuf/types/empty.pb.go +++ /dev/null @@ -1,462 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/empty.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// A generic empty message that you can re-use to avoid defining duplicated -// empty messages in your APIs. A typical example is to use it as the request -// or the response type of an API method. For instance: -// -// service Foo { -// rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); -// } -// -// The JSON representation for `Empty` is empty JSON object `{}`. -type Empty struct { - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Empty) Reset() { *m = Empty{} } -func (*Empty) ProtoMessage() {} -func (*Empty) Descriptor() ([]byte, []int) { - return fileDescriptor_900544acb223d5b8, []int{0} -} -func (*Empty) XXX_WellKnownType() string { return "Empty" } -func (m *Empty) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Empty) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Empty.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Empty) XXX_Merge(src proto.Message) { - xxx_messageInfo_Empty.Merge(m, src) -} -func (m *Empty) XXX_Size() int { - return m.Size() -} -func (m *Empty) XXX_DiscardUnknown() { - xxx_messageInfo_Empty.DiscardUnknown(m) -} - -var xxx_messageInfo_Empty proto.InternalMessageInfo - -func (*Empty) XXX_MessageName() string { - return "google.protobuf.Empty" -} -func init() { - proto.RegisterType((*Empty)(nil), "google.protobuf.Empty") -} - -func init() { proto.RegisterFile("google/protobuf/empty.proto", fileDescriptor_900544acb223d5b8) } - -var fileDescriptor_900544acb223d5b8 = []byte{ - // 176 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4e, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcd, 0x2d, 0x28, - 0xa9, 0xd4, 0x03, 0x73, 0x85, 0xf8, 0x21, 0x92, 0x7a, 0x30, 0x49, 0x25, 0x76, 0x2e, 0x56, 0x57, - 0x90, 0xbc, 0x53, 0x0b, 0xe3, 0x8d, 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xfe, 0x78, 0x28, - 0xc7, 0xd8, 0xf0, 0x48, 0x8e, 0x71, 0xc5, 0x23, 0x39, 0xc6, 0x13, 0x8f, 0xe4, 0x18, 0x2f, 0x3c, - 0x92, 0x63, 0x7c, 0xf0, 0x48, 0x8e, 0xf1, 0xc5, 0x23, 0x39, 0x86, 0x0f, 0x20, 0xf1, 0xc7, 0x72, - 0x8c, 0x27, 0x1e, 0xcb, 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, 0x19, 0xe8, 0xc4, 0x05, - 0x36, 0x2e, 0x00, 0xc4, 0x0d, 0x60, 0x8c, 0x62, 0x2d, 0xa9, 0x2c, 0x48, 0x2d, 0xfe, 0xc1, 0xc8, - 0xb8, 0x88, 0x89, 0xd9, 0x3d, 0xc0, 0x69, 0x15, 0x93, 0x9c, 0x3b, 0x44, 0x7d, 0x00, 0x54, 0xbd, - 0x5e, 0x78, 0x6a, 0x4e, 0x8e, 0x77, 0x5e, 0x7e, 0x79, 0x5e, 0x08, 0x48, 0x65, 0x12, 0x1b, 0xd8, - 0x20, 0x63, 0x40, 0x00, 0x00, 0x00, 0xff, 0xff, 0x21, 0xbe, 0xb6, 0x31, 0xc6, 0x00, 0x00, 0x00, -} - -func (this *Empty) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Empty) - if !ok { - that2, ok := that.(Empty) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Empty) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Empty) - if !ok { - that2, ok := that.(Empty) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Empty) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 4) - s = append(s, "&types.Empty{") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringEmpty(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Empty) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Empty) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Empty) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - return len(dAtA) - i, nil -} - -func encodeVarintEmpty(dAtA []byte, offset int, v uint64) int { - offset -= sovEmpty(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedEmpty(r randyEmpty, easy bool) *Empty { - this := &Empty{} - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedEmpty(r, 1) - } - return this -} - -type randyEmpty interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneEmpty(r randyEmpty) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringEmpty(r randyEmpty) string { - v1 := r.Intn(100) - tmps := make([]rune, v1) - for i := 0; i < v1; i++ { - tmps[i] = randUTF8RuneEmpty(r) - } - return string(tmps) -} -func randUnrecognizedEmpty(r randyEmpty, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldEmpty(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldEmpty(dAtA []byte, r randyEmpty, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) - v2 := r.Int63() - if r.Intn(2) == 0 { - v2 *= -1 - } - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(v2)) - case 1: - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateEmpty(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateEmpty(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *Empty) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovEmpty(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozEmpty(x uint64) (n int) { - return sovEmpty(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *Empty) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Empty{`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringEmpty(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *Empty) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowEmpty - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Empty: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Empty: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - default: - iNdEx = preIndex - skippy, err := skipEmpty(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthEmpty - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipEmpty(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowEmpty - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowEmpty - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowEmpty - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthEmpty - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupEmpty - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthEmpty - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthEmpty = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowEmpty = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupEmpty = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/field_mask.pb.go b/vendor/github.com/gogo/protobuf/types/field_mask.pb.go deleted file mode 100644 index 6ae346d92527..000000000000 --- a/vendor/github.com/gogo/protobuf/types/field_mask.pb.go +++ /dev/null @@ -1,738 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/field_mask.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// `FieldMask` represents a set of symbolic field paths, for example: -// -// paths: "f.a" -// paths: "f.b.d" -// -// Here `f` represents a field in some root message, `a` and `b` -// fields in the message found in `f`, and `d` a field found in the -// message in `f.b`. -// -// Field masks are used to specify a subset of fields that should be -// returned by a get operation or modified by an update operation. -// Field masks also have a custom JSON encoding (see below). -// -// # Field Masks in Projections -// -// When used in the context of a projection, a response message or -// sub-message is filtered by the API to only contain those fields as -// specified in the mask. For example, if the mask in the previous -// example is applied to a response message as follows: -// -// f { -// a : 22 -// b { -// d : 1 -// x : 2 -// } -// y : 13 -// } -// z: 8 -// -// The result will not contain specific values for fields x,y and z -// (their value will be set to the default, and omitted in proto text -// output): -// -// -// f { -// a : 22 -// b { -// d : 1 -// } -// } -// -// A repeated field is not allowed except at the last position of a -// paths string. -// -// If a FieldMask object is not present in a get operation, the -// operation applies to all fields (as if a FieldMask of all fields -// had been specified). -// -// Note that a field mask does not necessarily apply to the -// top-level response message. In case of a REST get operation, the -// field mask applies directly to the response, but in case of a REST -// list operation, the mask instead applies to each individual message -// in the returned resource list. In case of a REST custom method, -// other definitions may be used. Where the mask applies will be -// clearly documented together with its declaration in the API. In -// any case, the effect on the returned resource/resources is required -// behavior for APIs. -// -// # Field Masks in Update Operations -// -// A field mask in update operations specifies which fields of the -// targeted resource are going to be updated. The API is required -// to only change the values of the fields as specified in the mask -// and leave the others untouched. If a resource is passed in to -// describe the updated values, the API ignores the values of all -// fields not covered by the mask. -// -// If a repeated field is specified for an update operation, new values will -// be appended to the existing repeated field in the target resource. Note that -// a repeated field is only allowed in the last position of a `paths` string. -// -// If a sub-message is specified in the last position of the field mask for an -// update operation, then new value will be merged into the existing sub-message -// in the target resource. -// -// For example, given the target message: -// -// f { -// b { -// d: 1 -// x: 2 -// } -// c: [1] -// } -// -// And an update message: -// -// f { -// b { -// d: 10 -// } -// c: [2] -// } -// -// then if the field mask is: -// -// paths: ["f.b", "f.c"] -// -// then the result will be: -// -// f { -// b { -// d: 10 -// x: 2 -// } -// c: [1, 2] -// } -// -// An implementation may provide options to override this default behavior for -// repeated and message fields. -// -// In order to reset a field's value to the default, the field must -// be in the mask and set to the default value in the provided resource. -// Hence, in order to reset all fields of a resource, provide a default -// instance of the resource and set all fields in the mask, or do -// not provide a mask as described below. -// -// If a field mask is not present on update, the operation applies to -// all fields (as if a field mask of all fields has been specified). -// Note that in the presence of schema evolution, this may mean that -// fields the client does not know and has therefore not filled into -// the request will be reset to their default. If this is unwanted -// behavior, a specific service may require a client to always specify -// a field mask, producing an error if not. -// -// As with get operations, the location of the resource which -// describes the updated values in the request message depends on the -// operation kind. In any case, the effect of the field mask is -// required to be honored by the API. -// -// ## Considerations for HTTP REST -// -// The HTTP kind of an update operation which uses a field mask must -// be set to PATCH instead of PUT in order to satisfy HTTP semantics -// (PUT must only be used for full updates). -// -// # JSON Encoding of Field Masks -// -// In JSON, a field mask is encoded as a single string where paths are -// separated by a comma. Fields name in each path are converted -// to/from lower-camel naming conventions. -// -// As an example, consider the following message declarations: -// -// message Profile { -// User user = 1; -// Photo photo = 2; -// } -// message User { -// string display_name = 1; -// string address = 2; -// } -// -// In proto a field mask for `Profile` may look as such: -// -// mask { -// paths: "user.display_name" -// paths: "photo" -// } -// -// In JSON, the same mask is represented as below: -// -// { -// mask: "user.displayName,photo" -// } -// -// # Field Masks and Oneof Fields -// -// Field masks treat fields in oneofs just as regular fields. Consider the -// following message: -// -// message SampleMessage { -// oneof test_oneof { -// string name = 4; -// SubMessage sub_message = 9; -// } -// } -// -// The field mask can be: -// -// mask { -// paths: "name" -// } -// -// Or: -// -// mask { -// paths: "sub_message" -// } -// -// Note that oneof type names ("test_oneof" in this case) cannot be used in -// paths. -// -// ## Field Mask Verification -// -// The implementation of any API method which has a FieldMask type field in the -// request should verify the included field paths, and return an -// `INVALID_ARGUMENT` error if any path is duplicated or unmappable. -type FieldMask struct { - // The set of field mask paths. - Paths []string `protobuf:"bytes,1,rep,name=paths,proto3" json:"paths,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *FieldMask) Reset() { *m = FieldMask{} } -func (*FieldMask) ProtoMessage() {} -func (*FieldMask) Descriptor() ([]byte, []int) { - return fileDescriptor_5158202634f0da48, []int{0} -} -func (m *FieldMask) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *FieldMask) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_FieldMask.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *FieldMask) XXX_Merge(src proto.Message) { - xxx_messageInfo_FieldMask.Merge(m, src) -} -func (m *FieldMask) XXX_Size() int { - return m.Size() -} -func (m *FieldMask) XXX_DiscardUnknown() { - xxx_messageInfo_FieldMask.DiscardUnknown(m) -} - -var xxx_messageInfo_FieldMask proto.InternalMessageInfo - -func (m *FieldMask) GetPaths() []string { - if m != nil { - return m.Paths - } - return nil -} - -func (*FieldMask) XXX_MessageName() string { - return "google.protobuf.FieldMask" -} -func init() { - proto.RegisterType((*FieldMask)(nil), "google.protobuf.FieldMask") -} - -func init() { proto.RegisterFile("google/protobuf/field_mask.proto", fileDescriptor_5158202634f0da48) } - -var fileDescriptor_5158202634f0da48 = []byte{ - // 203 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x52, 0x48, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x4f, 0xcb, 0x4c, 0xcd, - 0x49, 0x89, 0xcf, 0x4d, 0x2c, 0xce, 0xd6, 0x03, 0x8b, 0x09, 0xf1, 0x43, 0x54, 0xe8, 0xc1, 0x54, - 0x28, 0x29, 0x72, 0x71, 0xba, 0x81, 0x14, 0xf9, 0x26, 0x16, 0x67, 0x0b, 0x89, 0x70, 0xb1, 0x16, - 0x24, 0x96, 0x64, 0x14, 0x4b, 0x30, 0x2a, 0x30, 0x6b, 0x70, 0x06, 0x41, 0x38, 0x4e, 0x1d, 0x8c, - 0x37, 0x1e, 0xca, 0x31, 0x7c, 0x78, 0x28, 0xc7, 0xf8, 0xe3, 0xa1, 0x1c, 0x63, 0xc3, 0x23, 0x39, - 0xc6, 0x15, 0x8f, 0xe4, 0x18, 0x4f, 0x3c, 0x92, 0x63, 0xbc, 0xf0, 0x48, 0x8e, 0xf1, 0xc1, 0x23, - 0x39, 0xc6, 0x17, 0x8f, 0xe4, 0x18, 0x3e, 0x80, 0xc4, 0x1f, 0xcb, 0x31, 0x9e, 0x78, 0x2c, 0xc7, - 0xc8, 0x25, 0x9c, 0x9c, 0x9f, 0xab, 0x87, 0x66, 0x95, 0x13, 0x1f, 0xdc, 0xa2, 0x00, 0x90, 0x50, - 0x00, 0x63, 0x14, 0x6b, 0x49, 0x65, 0x41, 0x6a, 0xf1, 0x0f, 0x46, 0xc6, 0x45, 0x4c, 0xcc, 0xee, - 0x01, 0x4e, 0xab, 0x98, 0xe4, 0xdc, 0x21, 0x7a, 0x02, 0xa0, 0x7a, 0xf4, 0xc2, 0x53, 0x73, 0x72, - 0xbc, 0xf3, 0xf2, 0xcb, 0xf3, 0x42, 0x40, 0x2a, 0x93, 0xd8, 0xc0, 0x86, 0x19, 0x03, 0x02, 0x00, - 0x00, 0xff, 0xff, 0x43, 0xa0, 0x83, 0xd0, 0xe9, 0x00, 0x00, 0x00, -} - -func (this *FieldMask) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*FieldMask) - if !ok { - that2, ok := that.(FieldMask) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if len(this.Paths) != len(that1.Paths) { - if len(this.Paths) < len(that1.Paths) { - return -1 - } - return 1 - } - for i := range this.Paths { - if this.Paths[i] != that1.Paths[i] { - if this.Paths[i] < that1.Paths[i] { - return -1 - } - return 1 - } - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *FieldMask) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*FieldMask) - if !ok { - that2, ok := that.(FieldMask) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if len(this.Paths) != len(that1.Paths) { - return false - } - for i := range this.Paths { - if this.Paths[i] != that1.Paths[i] { - return false - } - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *FieldMask) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.FieldMask{") - s = append(s, "Paths: "+fmt.Sprintf("%#v", this.Paths)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringFieldMask(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *FieldMask) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *FieldMask) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *FieldMask) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Paths) > 0 { - for iNdEx := len(m.Paths) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Paths[iNdEx]) - copy(dAtA[i:], m.Paths[iNdEx]) - i = encodeVarintFieldMask(dAtA, i, uint64(len(m.Paths[iNdEx]))) - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - -func encodeVarintFieldMask(dAtA []byte, offset int, v uint64) int { - offset -= sovFieldMask(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedFieldMask(r randyFieldMask, easy bool) *FieldMask { - this := &FieldMask{} - v1 := r.Intn(10) - this.Paths = make([]string, v1) - for i := 0; i < v1; i++ { - this.Paths[i] = string(randStringFieldMask(r)) - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedFieldMask(r, 2) - } - return this -} - -type randyFieldMask interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneFieldMask(r randyFieldMask) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringFieldMask(r randyFieldMask) string { - v2 := r.Intn(100) - tmps := make([]rune, v2) - for i := 0; i < v2; i++ { - tmps[i] = randUTF8RuneFieldMask(r) - } - return string(tmps) -} -func randUnrecognizedFieldMask(r randyFieldMask, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldFieldMask(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldFieldMask(dAtA []byte, r randyFieldMask, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) - v3 := r.Int63() - if r.Intn(2) == 0 { - v3 *= -1 - } - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(v3)) - case 1: - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateFieldMask(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateFieldMask(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *FieldMask) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Paths) > 0 { - for _, s := range m.Paths { - l = len(s) - n += 1 + l + sovFieldMask(uint64(l)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovFieldMask(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozFieldMask(x uint64) (n int) { - return sovFieldMask(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *FieldMask) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&FieldMask{`, - `Paths:` + fmt.Sprintf("%v", this.Paths) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringFieldMask(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *FieldMask) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowFieldMask - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: FieldMask: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: FieldMask: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Paths", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowFieldMask - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthFieldMask - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthFieldMask - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Paths = append(m.Paths, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipFieldMask(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthFieldMask - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipFieldMask(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowFieldMask - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowFieldMask - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowFieldMask - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthFieldMask - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupFieldMask - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthFieldMask - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthFieldMask = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowFieldMask = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupFieldMask = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/protosize.go b/vendor/github.com/gogo/protobuf/types/protosize.go deleted file mode 100644 index 3a2d1b7e1118..000000000000 --- a/vendor/github.com/gogo/protobuf/types/protosize.go +++ /dev/null @@ -1,34 +0,0 @@ -package types - -func (m *Any) ProtoSize() (n int) { return m.Size() } -func (m *Api) ProtoSize() (n int) { return m.Size() } -func (m *Method) ProtoSize() (n int) { return m.Size() } -func (m *Mixin) ProtoSize() (n int) { return m.Size() } -func (m *Duration) ProtoSize() (n int) { return m.Size() } -func (m *Empty) ProtoSize() (n int) { return m.Size() } -func (m *FieldMask) ProtoSize() (n int) { return m.Size() } -func (m *SourceContext) ProtoSize() (n int) { return m.Size() } -func (m *Struct) ProtoSize() (n int) { return m.Size() } -func (m *Value) ProtoSize() (n int) { return m.Size() } -func (m *Value_NullValue) ProtoSize() (n int) { return m.Size() } -func (m *Value_NumberValue) ProtoSize() (n int) { return m.Size() } -func (m *Value_StringValue) ProtoSize() (n int) { return m.Size() } -func (m *Value_BoolValue) ProtoSize() (n int) { return m.Size() } -func (m *Value_StructValue) ProtoSize() (n int) { return m.Size() } -func (m *Value_ListValue) ProtoSize() (n int) { return m.Size() } -func (m *ListValue) ProtoSize() (n int) { return m.Size() } -func (m *Timestamp) ProtoSize() (n int) { return m.Size() } -func (m *Type) ProtoSize() (n int) { return m.Size() } -func (m *Field) ProtoSize() (n int) { return m.Size() } -func (m *Enum) ProtoSize() (n int) { return m.Size() } -func (m *EnumValue) ProtoSize() (n int) { return m.Size() } -func (m *Option) ProtoSize() (n int) { return m.Size() } -func (m *DoubleValue) ProtoSize() (n int) { return m.Size() } -func (m *FloatValue) ProtoSize() (n int) { return m.Size() } -func (m *Int64Value) ProtoSize() (n int) { return m.Size() } -func (m *UInt64Value) ProtoSize() (n int) { return m.Size() } -func (m *Int32Value) ProtoSize() (n int) { return m.Size() } -func (m *UInt32Value) ProtoSize() (n int) { return m.Size() } -func (m *BoolValue) ProtoSize() (n int) { return m.Size() } -func (m *StringValue) ProtoSize() (n int) { return m.Size() } -func (m *BytesValue) ProtoSize() (n int) { return m.Size() } diff --git a/vendor/github.com/gogo/protobuf/types/source_context.pb.go b/vendor/github.com/gogo/protobuf/types/source_context.pb.go deleted file mode 100644 index 8e6ce71b275e..000000000000 --- a/vendor/github.com/gogo/protobuf/types/source_context.pb.go +++ /dev/null @@ -1,524 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/source_context.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// `SourceContext` represents information about the source of a -// protobuf element, like the file in which it is defined. -type SourceContext struct { - // The path-qualified name of the .proto file that contained the associated - // protobuf element. For example: `"google/protobuf/source_context.proto"`. - FileName string `protobuf:"bytes,1,opt,name=file_name,json=fileName,proto3" json:"file_name,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *SourceContext) Reset() { *m = SourceContext{} } -func (*SourceContext) ProtoMessage() {} -func (*SourceContext) Descriptor() ([]byte, []int) { - return fileDescriptor_b686cdb126d509db, []int{0} -} -func (m *SourceContext) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SourceContext) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_SourceContext.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *SourceContext) XXX_Merge(src proto.Message) { - xxx_messageInfo_SourceContext.Merge(m, src) -} -func (m *SourceContext) XXX_Size() int { - return m.Size() -} -func (m *SourceContext) XXX_DiscardUnknown() { - xxx_messageInfo_SourceContext.DiscardUnknown(m) -} - -var xxx_messageInfo_SourceContext proto.InternalMessageInfo - -func (m *SourceContext) GetFileName() string { - if m != nil { - return m.FileName - } - return "" -} - -func (*SourceContext) XXX_MessageName() string { - return "google.protobuf.SourceContext" -} -func init() { - proto.RegisterType((*SourceContext)(nil), "google.protobuf.SourceContext") -} - -func init() { - proto.RegisterFile("google/protobuf/source_context.proto", fileDescriptor_b686cdb126d509db) -} - -var fileDescriptor_b686cdb126d509db = []byte{ - // 212 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x52, 0x49, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0xce, 0x2f, 0x2d, - 0x4a, 0x4e, 0x8d, 0x4f, 0xce, 0xcf, 0x2b, 0x49, 0xad, 0x28, 0xd1, 0x03, 0x8b, 0x0b, 0xf1, 0x43, - 0x54, 0xe9, 0xc1, 0x54, 0x29, 0xe9, 0x70, 0xf1, 0x06, 0x83, 0x15, 0x3a, 0x43, 0xd4, 0x09, 0x49, - 0x73, 0x71, 0xa6, 0x65, 0xe6, 0xa4, 0xc6, 0xe7, 0x25, 0xe6, 0xa6, 0x4a, 0x30, 0x2a, 0x30, 0x6a, - 0x70, 0x06, 0x71, 0x80, 0x04, 0xfc, 0x12, 0x73, 0x53, 0x9d, 0x3a, 0x19, 0x6f, 0x3c, 0x94, 0x63, - 0xf8, 0xf0, 0x50, 0x8e, 0xf1, 0xc7, 0x43, 0x39, 0xc6, 0x86, 0x47, 0x72, 0x8c, 0x2b, 0x1e, 0xc9, - 0x31, 0x9e, 0x78, 0x24, 0xc7, 0x78, 0xe1, 0x91, 0x1c, 0xe3, 0x83, 0x47, 0x72, 0x8c, 0x2f, 0x1e, - 0xc9, 0x31, 0x7c, 0x00, 0x89, 0x3f, 0x96, 0x63, 0x3c, 0xf1, 0x58, 0x8e, 0x91, 0x4b, 0x38, 0x39, - 0x3f, 0x57, 0x0f, 0xcd, 0x56, 0x27, 0x21, 0x14, 0x3b, 0x03, 0x40, 0xc2, 0x01, 0x8c, 0x51, 0xac, - 0x25, 0x95, 0x05, 0xa9, 0xc5, 0x8b, 0x98, 0x98, 0xdd, 0x03, 0x9c, 0x56, 0x31, 0xc9, 0xb9, 0x43, - 0x34, 0x05, 0x40, 0x35, 0xe9, 0x85, 0xa7, 0xe6, 0xe4, 0x78, 0xe7, 0xe5, 0x97, 0xe7, 0x85, 0x80, - 0x94, 0x25, 0xb1, 0x81, 0x4d, 0x33, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xb8, 0x37, 0x2a, 0xa1, - 0xf9, 0x00, 0x00, 0x00, -} - -func (this *SourceContext) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*SourceContext) - if !ok { - that2, ok := that.(SourceContext) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.FileName != that1.FileName { - if this.FileName < that1.FileName { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *SourceContext) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*SourceContext) - if !ok { - that2, ok := that.(SourceContext) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.FileName != that1.FileName { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *SourceContext) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.SourceContext{") - s = append(s, "FileName: "+fmt.Sprintf("%#v", this.FileName)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringSourceContext(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *SourceContext) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *SourceContext) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *SourceContext) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.FileName) > 0 { - i -= len(m.FileName) - copy(dAtA[i:], m.FileName) - i = encodeVarintSourceContext(dAtA, i, uint64(len(m.FileName))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarintSourceContext(dAtA []byte, offset int, v uint64) int { - offset -= sovSourceContext(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedSourceContext(r randySourceContext, easy bool) *SourceContext { - this := &SourceContext{} - this.FileName = string(randStringSourceContext(r)) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedSourceContext(r, 2) - } - return this -} - -type randySourceContext interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneSourceContext(r randySourceContext) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringSourceContext(r randySourceContext) string { - v1 := r.Intn(100) - tmps := make([]rune, v1) - for i := 0; i < v1; i++ { - tmps[i] = randUTF8RuneSourceContext(r) - } - return string(tmps) -} -func randUnrecognizedSourceContext(r randySourceContext, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldSourceContext(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldSourceContext(dAtA []byte, r randySourceContext, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) - v2 := r.Int63() - if r.Intn(2) == 0 { - v2 *= -1 - } - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(v2)) - case 1: - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateSourceContext(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateSourceContext(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *SourceContext) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.FileName) - if l > 0 { - n += 1 + l + sovSourceContext(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovSourceContext(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozSourceContext(x uint64) (n int) { - return sovSourceContext(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *SourceContext) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&SourceContext{`, - `FileName:` + fmt.Sprintf("%v", this.FileName) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringSourceContext(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *SourceContext) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSourceContext - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: SourceContext: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: SourceContext: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field FileName", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowSourceContext - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthSourceContext - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthSourceContext - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.FileName = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipSourceContext(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthSourceContext - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipSourceContext(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowSourceContext - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowSourceContext - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowSourceContext - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthSourceContext - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupSourceContext - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthSourceContext - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthSourceContext = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowSourceContext = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupSourceContext = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/struct.pb.go b/vendor/github.com/gogo/protobuf/types/struct.pb.go deleted file mode 100644 index c0457312e67f..000000000000 --- a/vendor/github.com/gogo/protobuf/types/struct.pb.go +++ /dev/null @@ -1,2271 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/struct.proto - -package types - -import ( - bytes "bytes" - encoding_binary "encoding/binary" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strconv "strconv" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// `NullValue` is a singleton enumeration to represent the null value for the -// `Value` type union. -// -// The JSON representation for `NullValue` is JSON `null`. -type NullValue int32 - -const ( - // Null value. - NullValue_NULL_VALUE NullValue = 0 -) - -var NullValue_name = map[int32]string{ - 0: "NULL_VALUE", -} - -var NullValue_value = map[string]int32{ - "NULL_VALUE": 0, -} - -func (NullValue) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_df322afd6c9fb402, []int{0} -} - -func (NullValue) XXX_WellKnownType() string { return "NullValue" } - -// `Struct` represents a structured data value, consisting of fields -// which map to dynamically typed values. In some languages, `Struct` -// might be supported by a native representation. For example, in -// scripting languages like JS a struct is represented as an -// object. The details of that representation are described together -// with the proto support for the language. -// -// The JSON representation for `Struct` is JSON object. -type Struct struct { - // Unordered map of dynamically typed values. - Fields map[string]*Value `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Struct) Reset() { *m = Struct{} } -func (*Struct) ProtoMessage() {} -func (*Struct) Descriptor() ([]byte, []int) { - return fileDescriptor_df322afd6c9fb402, []int{0} -} -func (*Struct) XXX_WellKnownType() string { return "Struct" } -func (m *Struct) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Struct) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Struct.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Struct) XXX_Merge(src proto.Message) { - xxx_messageInfo_Struct.Merge(m, src) -} -func (m *Struct) XXX_Size() int { - return m.Size() -} -func (m *Struct) XXX_DiscardUnknown() { - xxx_messageInfo_Struct.DiscardUnknown(m) -} - -var xxx_messageInfo_Struct proto.InternalMessageInfo - -func (m *Struct) GetFields() map[string]*Value { - if m != nil { - return m.Fields - } - return nil -} - -func (*Struct) XXX_MessageName() string { - return "google.protobuf.Struct" -} - -// `Value` represents a dynamically typed value which can be either -// null, a number, a string, a boolean, a recursive struct value, or a -// list of values. A producer of value is expected to set one of that -// variants, absence of any variant indicates an error. -// -// The JSON representation for `Value` is JSON value. -type Value struct { - // The kind of value. - // - // Types that are valid to be assigned to Kind: - // *Value_NullValue - // *Value_NumberValue - // *Value_StringValue - // *Value_BoolValue - // *Value_StructValue - // *Value_ListValue - Kind isValue_Kind `protobuf_oneof:"kind"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Value) Reset() { *m = Value{} } -func (*Value) ProtoMessage() {} -func (*Value) Descriptor() ([]byte, []int) { - return fileDescriptor_df322afd6c9fb402, []int{1} -} -func (*Value) XXX_WellKnownType() string { return "Value" } -func (m *Value) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Value.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Value) XXX_Merge(src proto.Message) { - xxx_messageInfo_Value.Merge(m, src) -} -func (m *Value) XXX_Size() int { - return m.Size() -} -func (m *Value) XXX_DiscardUnknown() { - xxx_messageInfo_Value.DiscardUnknown(m) -} - -var xxx_messageInfo_Value proto.InternalMessageInfo - -type isValue_Kind interface { - isValue_Kind() - Equal(interface{}) bool - MarshalTo([]byte) (int, error) - Size() int - Compare(interface{}) int -} - -type Value_NullValue struct { - NullValue NullValue `protobuf:"varint,1,opt,name=null_value,json=nullValue,proto3,enum=google.protobuf.NullValue,oneof" json:"null_value,omitempty"` -} -type Value_NumberValue struct { - NumberValue float64 `protobuf:"fixed64,2,opt,name=number_value,json=numberValue,proto3,oneof" json:"number_value,omitempty"` -} -type Value_StringValue struct { - StringValue string `protobuf:"bytes,3,opt,name=string_value,json=stringValue,proto3,oneof" json:"string_value,omitempty"` -} -type Value_BoolValue struct { - BoolValue bool `protobuf:"varint,4,opt,name=bool_value,json=boolValue,proto3,oneof" json:"bool_value,omitempty"` -} -type Value_StructValue struct { - StructValue *Struct `protobuf:"bytes,5,opt,name=struct_value,json=structValue,proto3,oneof" json:"struct_value,omitempty"` -} -type Value_ListValue struct { - ListValue *ListValue `protobuf:"bytes,6,opt,name=list_value,json=listValue,proto3,oneof" json:"list_value,omitempty"` -} - -func (*Value_NullValue) isValue_Kind() {} -func (*Value_NumberValue) isValue_Kind() {} -func (*Value_StringValue) isValue_Kind() {} -func (*Value_BoolValue) isValue_Kind() {} -func (*Value_StructValue) isValue_Kind() {} -func (*Value_ListValue) isValue_Kind() {} - -func (m *Value) GetKind() isValue_Kind { - if m != nil { - return m.Kind - } - return nil -} - -func (m *Value) GetNullValue() NullValue { - if x, ok := m.GetKind().(*Value_NullValue); ok { - return x.NullValue - } - return NullValue_NULL_VALUE -} - -func (m *Value) GetNumberValue() float64 { - if x, ok := m.GetKind().(*Value_NumberValue); ok { - return x.NumberValue - } - return 0 -} - -func (m *Value) GetStringValue() string { - if x, ok := m.GetKind().(*Value_StringValue); ok { - return x.StringValue - } - return "" -} - -func (m *Value) GetBoolValue() bool { - if x, ok := m.GetKind().(*Value_BoolValue); ok { - return x.BoolValue - } - return false -} - -func (m *Value) GetStructValue() *Struct { - if x, ok := m.GetKind().(*Value_StructValue); ok { - return x.StructValue - } - return nil -} - -func (m *Value) GetListValue() *ListValue { - if x, ok := m.GetKind().(*Value_ListValue); ok { - return x.ListValue - } - return nil -} - -// XXX_OneofWrappers is for the internal use of the proto package. -func (*Value) XXX_OneofWrappers() []interface{} { - return []interface{}{ - (*Value_NullValue)(nil), - (*Value_NumberValue)(nil), - (*Value_StringValue)(nil), - (*Value_BoolValue)(nil), - (*Value_StructValue)(nil), - (*Value_ListValue)(nil), - } -} - -func (*Value) XXX_MessageName() string { - return "google.protobuf.Value" -} - -// `ListValue` is a wrapper around a repeated field of values. -// -// The JSON representation for `ListValue` is JSON array. -type ListValue struct { - // Repeated field of dynamically typed values. - Values []*Value `protobuf:"bytes,1,rep,name=values,proto3" json:"values,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *ListValue) Reset() { *m = ListValue{} } -func (*ListValue) ProtoMessage() {} -func (*ListValue) Descriptor() ([]byte, []int) { - return fileDescriptor_df322afd6c9fb402, []int{2} -} -func (*ListValue) XXX_WellKnownType() string { return "ListValue" } -func (m *ListValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ListValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_ListValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *ListValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_ListValue.Merge(m, src) -} -func (m *ListValue) XXX_Size() int { - return m.Size() -} -func (m *ListValue) XXX_DiscardUnknown() { - xxx_messageInfo_ListValue.DiscardUnknown(m) -} - -var xxx_messageInfo_ListValue proto.InternalMessageInfo - -func (m *ListValue) GetValues() []*Value { - if m != nil { - return m.Values - } - return nil -} - -func (*ListValue) XXX_MessageName() string { - return "google.protobuf.ListValue" -} -func init() { - proto.RegisterEnum("google.protobuf.NullValue", NullValue_name, NullValue_value) - proto.RegisterType((*Struct)(nil), "google.protobuf.Struct") - proto.RegisterMapType((map[string]*Value)(nil), "google.protobuf.Struct.FieldsEntry") - proto.RegisterType((*Value)(nil), "google.protobuf.Value") - proto.RegisterType((*ListValue)(nil), "google.protobuf.ListValue") -} - -func init() { proto.RegisterFile("google/protobuf/struct.proto", fileDescriptor_df322afd6c9fb402) } - -var fileDescriptor_df322afd6c9fb402 = []byte{ - // 443 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x91, 0xb1, 0x6f, 0xd3, 0x40, - 0x14, 0xc6, 0xfd, 0x9c, 0xc6, 0x22, 0xcf, 0xa8, 0x54, 0x87, 0x04, 0x51, 0x41, 0x47, 0x94, 0x2e, - 0x11, 0x42, 0xae, 0x14, 0x16, 0x44, 0x58, 0x88, 0x54, 0x5a, 0x89, 0xa8, 0x32, 0x86, 0x16, 0x89, - 0x25, 0xc2, 0xae, 0x1b, 0x59, 0xbd, 0xde, 0x55, 0xf6, 0x1d, 0x28, 0x1b, 0x0b, 0xff, 0x03, 0x33, - 0x13, 0x62, 0xe4, 0xaf, 0xe8, 0xc8, 0xc8, 0x48, 0xdc, 0x85, 0xb1, 0x63, 0x47, 0x74, 0x77, 0xb6, - 0x41, 0x8d, 0xb2, 0xf9, 0x7d, 0xf7, 0x7b, 0xdf, 0x7b, 0xdf, 0x33, 0xde, 0x9f, 0x09, 0x31, 0x63, - 0xe9, 0xf6, 0x59, 0x2e, 0xa4, 0x88, 0xd5, 0xf1, 0x76, 0x21, 0x73, 0x95, 0xc8, 0xc0, 0xd4, 0xe4, - 0x96, 0x7d, 0x0d, 0xea, 0xd7, 0xfe, 0x17, 0x40, 0xef, 0xb5, 0x21, 0xc8, 0x08, 0xbd, 0xe3, 0x2c, - 0x65, 0x47, 0x45, 0x17, 0x7a, 0xad, 0x81, 0x3f, 0xdc, 0x0a, 0xae, 0xc1, 0x81, 0x05, 0x83, 0x17, - 0x86, 0xda, 0xe1, 0x32, 0x9f, 0x47, 0x55, 0xcb, 0xe6, 0x2b, 0xf4, 0xff, 0x93, 0xc9, 0x06, 0xb6, - 0x4e, 0xd2, 0x79, 0x17, 0x7a, 0x30, 0xe8, 0x44, 0xfa, 0x93, 0x3c, 0xc2, 0xf6, 0x87, 0xf7, 0x4c, - 0xa5, 0x5d, 0xb7, 0x07, 0x03, 0x7f, 0x78, 0x67, 0xc9, 0xfc, 0x50, 0xbf, 0x46, 0x16, 0x7a, 0xea, - 0x3e, 0x81, 0xfe, 0x0f, 0x17, 0xdb, 0x46, 0x24, 0x23, 0x44, 0xae, 0x18, 0x9b, 0x5a, 0x03, 0x6d, - 0xba, 0x3e, 0xdc, 0x5c, 0x32, 0xd8, 0x57, 0x8c, 0x19, 0x7e, 0xcf, 0x89, 0x3a, 0xbc, 0x2e, 0xc8, - 0x16, 0xde, 0xe4, 0xea, 0x34, 0x4e, 0xf3, 0xe9, 0xbf, 0xf9, 0xb0, 0xe7, 0x44, 0xbe, 0x55, 0x1b, - 0xa8, 0x90, 0x79, 0xc6, 0x67, 0x15, 0xd4, 0xd2, 0x8b, 0x6b, 0xc8, 0xaa, 0x16, 0x7a, 0x80, 0x18, - 0x0b, 0x51, 0xaf, 0xb1, 0xd6, 0x83, 0xc1, 0x0d, 0x3d, 0x4a, 0x6b, 0x16, 0x78, 0x66, 0x5c, 0x54, - 0x22, 0x2b, 0xa4, 0x6d, 0xa2, 0xde, 0x5d, 0x71, 0xc7, 0xca, 0x5e, 0x25, 0xb2, 0x49, 0xc9, 0xb2, - 0xa2, 0xee, 0xf5, 0x4c, 0xef, 0x72, 0xca, 0x49, 0x56, 0xc8, 0x26, 0x25, 0xab, 0x8b, 0xb1, 0x87, - 0x6b, 0x27, 0x19, 0x3f, 0xea, 0x8f, 0xb0, 0xd3, 0x10, 0x24, 0x40, 0xcf, 0x98, 0xd5, 0x7f, 0x74, - 0xd5, 0xd1, 0x2b, 0xea, 0xe1, 0x3d, 0xec, 0x34, 0x47, 0x24, 0xeb, 0x88, 0xfb, 0x07, 0x93, 0xc9, - 0xf4, 0xf0, 0xf9, 0xe4, 0x60, 0x67, 0xc3, 0x19, 0x7f, 0x86, 0x5f, 0x0b, 0xea, 0x5c, 0x2e, 0x28, - 0x5c, 0x2d, 0x28, 0x7c, 0x2a, 0x29, 0x7c, 0x2b, 0x29, 0x9c, 0x97, 0x14, 0x7e, 0x96, 0x14, 0x7e, - 0x97, 0x14, 0xfe, 0x94, 0xd4, 0xb9, 0xd4, 0xfa, 0x05, 0x85, 0xf3, 0x0b, 0x0a, 0x78, 0x3b, 0x11, - 0xa7, 0xd7, 0x47, 0x8e, 0x7d, 0x9b, 0x3e, 0xd4, 0x75, 0x08, 0xef, 0xda, 0x72, 0x7e, 0x96, 0x16, - 0x57, 0x00, 0x5f, 0xdd, 0xd6, 0x6e, 0x38, 0xfe, 0xee, 0xd2, 0x5d, 0xdb, 0x10, 0xd6, 0x3b, 0xbe, - 0x4d, 0x19, 0x7b, 0xc9, 0xc5, 0x47, 0xfe, 0x46, 0x93, 0xb1, 0x67, 0x9c, 0x1e, 0xff, 0x0d, 0x00, - 0x00, 0xff, 0xff, 0x26, 0x30, 0xdb, 0xbe, 0xe9, 0x02, 0x00, 0x00, -} - -func (this *Struct) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Struct) - if !ok { - that2, ok := that.(Struct) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if len(this.Fields) != len(that1.Fields) { - if len(this.Fields) < len(that1.Fields) { - return -1 - } - return 1 - } - for i := range this.Fields { - if c := this.Fields[i].Compare(that1.Fields[i]); c != 0 { - return c - } - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Value) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value) - if !ok { - that2, ok := that.(Value) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if that1.Kind == nil { - if this.Kind != nil { - return 1 - } - } else if this.Kind == nil { - return -1 - } else { - thisType := -1 - switch this.Kind.(type) { - case *Value_NullValue: - thisType = 0 - case *Value_NumberValue: - thisType = 1 - case *Value_StringValue: - thisType = 2 - case *Value_BoolValue: - thisType = 3 - case *Value_StructValue: - thisType = 4 - case *Value_ListValue: - thisType = 5 - default: - panic(fmt.Sprintf("compare: unexpected type %T in oneof", this.Kind)) - } - that1Type := -1 - switch that1.Kind.(type) { - case *Value_NullValue: - that1Type = 0 - case *Value_NumberValue: - that1Type = 1 - case *Value_StringValue: - that1Type = 2 - case *Value_BoolValue: - that1Type = 3 - case *Value_StructValue: - that1Type = 4 - case *Value_ListValue: - that1Type = 5 - default: - panic(fmt.Sprintf("compare: unexpected type %T in oneof", that1.Kind)) - } - if thisType == that1Type { - if c := this.Kind.Compare(that1.Kind); c != 0 { - return c - } - } else if thisType < that1Type { - return -1 - } else if thisType > that1Type { - return 1 - } - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Value_NullValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_NullValue) - if !ok { - that2, ok := that.(Value_NullValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.NullValue != that1.NullValue { - if this.NullValue < that1.NullValue { - return -1 - } - return 1 - } - return 0 -} -func (this *Value_NumberValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_NumberValue) - if !ok { - that2, ok := that.(Value_NumberValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.NumberValue != that1.NumberValue { - if this.NumberValue < that1.NumberValue { - return -1 - } - return 1 - } - return 0 -} -func (this *Value_StringValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_StringValue) - if !ok { - that2, ok := that.(Value_StringValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.StringValue != that1.StringValue { - if this.StringValue < that1.StringValue { - return -1 - } - return 1 - } - return 0 -} -func (this *Value_BoolValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_BoolValue) - if !ok { - that2, ok := that.(Value_BoolValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.BoolValue != that1.BoolValue { - if !this.BoolValue { - return -1 - } - return 1 - } - return 0 -} -func (this *Value_StructValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_StructValue) - if !ok { - that2, ok := that.(Value_StructValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if c := this.StructValue.Compare(that1.StructValue); c != 0 { - return c - } - return 0 -} -func (this *Value_ListValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Value_ListValue) - if !ok { - that2, ok := that.(Value_ListValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if c := this.ListValue.Compare(that1.ListValue); c != 0 { - return c - } - return 0 -} -func (this *ListValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*ListValue) - if !ok { - that2, ok := that.(ListValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if len(this.Values) != len(that1.Values) { - if len(this.Values) < len(that1.Values) { - return -1 - } - return 1 - } - for i := range this.Values { - if c := this.Values[i].Compare(that1.Values[i]); c != 0 { - return c - } - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (x NullValue) String() string { - s, ok := NullValue_name[int32(x)] - if ok { - return s - } - return strconv.Itoa(int(x)) -} -func (this *Struct) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Struct) - if !ok { - that2, ok := that.(Struct) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if len(this.Fields) != len(that1.Fields) { - return false - } - for i := range this.Fields { - if !this.Fields[i].Equal(that1.Fields[i]) { - return false - } - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Value) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value) - if !ok { - that2, ok := that.(Value) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if that1.Kind == nil { - if this.Kind != nil { - return false - } - } else if this.Kind == nil { - return false - } else if !this.Kind.Equal(that1.Kind) { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Value_NullValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_NullValue) - if !ok { - that2, ok := that.(Value_NullValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.NullValue != that1.NullValue { - return false - } - return true -} -func (this *Value_NumberValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_NumberValue) - if !ok { - that2, ok := that.(Value_NumberValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.NumberValue != that1.NumberValue { - return false - } - return true -} -func (this *Value_StringValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_StringValue) - if !ok { - that2, ok := that.(Value_StringValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.StringValue != that1.StringValue { - return false - } - return true -} -func (this *Value_BoolValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_BoolValue) - if !ok { - that2, ok := that.(Value_BoolValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.BoolValue != that1.BoolValue { - return false - } - return true -} -func (this *Value_StructValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_StructValue) - if !ok { - that2, ok := that.(Value_StructValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if !this.StructValue.Equal(that1.StructValue) { - return false - } - return true -} -func (this *Value_ListValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Value_ListValue) - if !ok { - that2, ok := that.(Value_ListValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if !this.ListValue.Equal(that1.ListValue) { - return false - } - return true -} -func (this *ListValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*ListValue) - if !ok { - that2, ok := that.(ListValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if len(this.Values) != len(that1.Values) { - return false - } - for i := range this.Values { - if !this.Values[i].Equal(that1.Values[i]) { - return false - } - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Struct) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.Struct{") - keysForFields := make([]string, 0, len(this.Fields)) - for k := range this.Fields { - keysForFields = append(keysForFields, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForFields) - mapStringForFields := "map[string]*Value{" - for _, k := range keysForFields { - mapStringForFields += fmt.Sprintf("%#v: %#v,", k, this.Fields[k]) - } - mapStringForFields += "}" - if this.Fields != nil { - s = append(s, "Fields: "+mapStringForFields+",\n") - } - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Value) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 10) - s = append(s, "&types.Value{") - if this.Kind != nil { - s = append(s, "Kind: "+fmt.Sprintf("%#v", this.Kind)+",\n") - } - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Value_NullValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_NullValue{` + - `NullValue:` + fmt.Sprintf("%#v", this.NullValue) + `}`}, ", ") - return s -} -func (this *Value_NumberValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_NumberValue{` + - `NumberValue:` + fmt.Sprintf("%#v", this.NumberValue) + `}`}, ", ") - return s -} -func (this *Value_StringValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_StringValue{` + - `StringValue:` + fmt.Sprintf("%#v", this.StringValue) + `}`}, ", ") - return s -} -func (this *Value_BoolValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_BoolValue{` + - `BoolValue:` + fmt.Sprintf("%#v", this.BoolValue) + `}`}, ", ") - return s -} -func (this *Value_StructValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_StructValue{` + - `StructValue:` + fmt.Sprintf("%#v", this.StructValue) + `}`}, ", ") - return s -} -func (this *Value_ListValue) GoString() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&types.Value_ListValue{` + - `ListValue:` + fmt.Sprintf("%#v", this.ListValue) + `}`}, ", ") - return s -} -func (this *ListValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.ListValue{") - if this.Values != nil { - s = append(s, "Values: "+fmt.Sprintf("%#v", this.Values)+",\n") - } - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringStruct(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Struct) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Struct) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Struct) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Fields) > 0 { - for k := range m.Fields { - v := m.Fields[k] - baseI := i - if v != nil { - { - size, err := v.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintStruct(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarintStruct(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarintStruct(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - -func (m *Value) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Value) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Kind != nil { - { - size := m.Kind.Size() - i -= size - if _, err := m.Kind.MarshalTo(dAtA[i:]); err != nil { - return 0, err - } - } - } - return len(dAtA) - i, nil -} - -func (m *Value_NullValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_NullValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - i = encodeVarintStruct(dAtA, i, uint64(m.NullValue)) - i-- - dAtA[i] = 0x8 - return len(dAtA) - i, nil -} -func (m *Value_NumberValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_NumberValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - i -= 8 - encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.NumberValue)))) - i-- - dAtA[i] = 0x11 - return len(dAtA) - i, nil -} -func (m *Value_StringValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_StringValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - i -= len(m.StringValue) - copy(dAtA[i:], m.StringValue) - i = encodeVarintStruct(dAtA, i, uint64(len(m.StringValue))) - i-- - dAtA[i] = 0x1a - return len(dAtA) - i, nil -} -func (m *Value_BoolValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_BoolValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - i-- - if m.BoolValue { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x20 - return len(dAtA) - i, nil -} -func (m *Value_StructValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_StructValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - if m.StructValue != nil { - { - size, err := m.StructValue.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintStruct(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x2a - } - return len(dAtA) - i, nil -} -func (m *Value_ListValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Value_ListValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - if m.ListValue != nil { - { - size, err := m.ListValue.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintStruct(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x32 - } - return len(dAtA) - i, nil -} -func (m *ListValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ListValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *ListValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Values) > 0 { - for iNdEx := len(m.Values) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Values[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintStruct(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - -func encodeVarintStruct(dAtA []byte, offset int, v uint64) int { - offset -= sovStruct(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedStruct(r randyStruct, easy bool) *Struct { - this := &Struct{} - if r.Intn(5) == 0 { - v1 := r.Intn(10) - this.Fields = make(map[string]*Value) - for i := 0; i < v1; i++ { - this.Fields[randStringStruct(r)] = NewPopulatedValue(r, easy) - } - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedStruct(r, 2) - } - return this -} - -func NewPopulatedValue(r randyStruct, easy bool) *Value { - this := &Value{} - oneofNumber_Kind := []int32{1, 2, 3, 4, 5, 6}[r.Intn(6)] - switch oneofNumber_Kind { - case 1: - this.Kind = NewPopulatedValue_NullValue(r, easy) - case 2: - this.Kind = NewPopulatedValue_NumberValue(r, easy) - case 3: - this.Kind = NewPopulatedValue_StringValue(r, easy) - case 4: - this.Kind = NewPopulatedValue_BoolValue(r, easy) - case 5: - this.Kind = NewPopulatedValue_StructValue(r, easy) - case 6: - this.Kind = NewPopulatedValue_ListValue(r, easy) - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedStruct(r, 7) - } - return this -} - -func NewPopulatedValue_NullValue(r randyStruct, easy bool) *Value_NullValue { - this := &Value_NullValue{} - this.NullValue = NullValue([]int32{0}[r.Intn(1)]) - return this -} -func NewPopulatedValue_NumberValue(r randyStruct, easy bool) *Value_NumberValue { - this := &Value_NumberValue{} - this.NumberValue = float64(r.Float64()) - if r.Intn(2) == 0 { - this.NumberValue *= -1 - } - return this -} -func NewPopulatedValue_StringValue(r randyStruct, easy bool) *Value_StringValue { - this := &Value_StringValue{} - this.StringValue = string(randStringStruct(r)) - return this -} -func NewPopulatedValue_BoolValue(r randyStruct, easy bool) *Value_BoolValue { - this := &Value_BoolValue{} - this.BoolValue = bool(bool(r.Intn(2) == 0)) - return this -} -func NewPopulatedValue_StructValue(r randyStruct, easy bool) *Value_StructValue { - this := &Value_StructValue{} - this.StructValue = NewPopulatedStruct(r, easy) - return this -} -func NewPopulatedValue_ListValue(r randyStruct, easy bool) *Value_ListValue { - this := &Value_ListValue{} - this.ListValue = NewPopulatedListValue(r, easy) - return this -} -func NewPopulatedListValue(r randyStruct, easy bool) *ListValue { - this := &ListValue{} - if r.Intn(5) == 0 { - v2 := r.Intn(5) - this.Values = make([]*Value, v2) - for i := 0; i < v2; i++ { - this.Values[i] = NewPopulatedValue(r, easy) - } - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedStruct(r, 2) - } - return this -} - -type randyStruct interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneStruct(r randyStruct) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringStruct(r randyStruct) string { - v3 := r.Intn(100) - tmps := make([]rune, v3) - for i := 0; i < v3; i++ { - tmps[i] = randUTF8RuneStruct(r) - } - return string(tmps) -} -func randUnrecognizedStruct(r randyStruct, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldStruct(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldStruct(dAtA []byte, r randyStruct, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) - v4 := r.Int63() - if r.Intn(2) == 0 { - v4 *= -1 - } - dAtA = encodeVarintPopulateStruct(dAtA, uint64(v4)) - case 1: - dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateStruct(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateStruct(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateStruct(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *Struct) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Fields) > 0 { - for k, v := range m.Fields { - _ = k - _ = v - l = 0 - if v != nil { - l = v.Size() - l += 1 + sovStruct(uint64(l)) - } - mapEntrySize := 1 + len(k) + sovStruct(uint64(len(k))) + l - n += mapEntrySize + 1 + sovStruct(uint64(mapEntrySize)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Value) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Kind != nil { - n += m.Kind.Size() - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Value_NullValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - n += 1 + sovStruct(uint64(m.NullValue)) - return n -} -func (m *Value_NumberValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - n += 9 - return n -} -func (m *Value_StringValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.StringValue) - n += 1 + l + sovStruct(uint64(l)) - return n -} -func (m *Value_BoolValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - n += 2 - return n -} -func (m *Value_StructValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.StructValue != nil { - l = m.StructValue.Size() - n += 1 + l + sovStruct(uint64(l)) - } - return n -} -func (m *Value_ListValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.ListValue != nil { - l = m.ListValue.Size() - n += 1 + l + sovStruct(uint64(l)) - } - return n -} -func (m *ListValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Values) > 0 { - for _, e := range m.Values { - l = e.Size() - n += 1 + l + sovStruct(uint64(l)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovStruct(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozStruct(x uint64) (n int) { - return sovStruct(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *Struct) String() string { - if this == nil { - return "nil" - } - keysForFields := make([]string, 0, len(this.Fields)) - for k := range this.Fields { - keysForFields = append(keysForFields, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForFields) - mapStringForFields := "map[string]*Value{" - for _, k := range keysForFields { - mapStringForFields += fmt.Sprintf("%v: %v,", k, this.Fields[k]) - } - mapStringForFields += "}" - s := strings.Join([]string{`&Struct{`, - `Fields:` + mapStringForFields + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Value) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value{`, - `Kind:` + fmt.Sprintf("%v", this.Kind) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Value_NullValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_NullValue{`, - `NullValue:` + fmt.Sprintf("%v", this.NullValue) + `,`, - `}`, - }, "") - return s -} -func (this *Value_NumberValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_NumberValue{`, - `NumberValue:` + fmt.Sprintf("%v", this.NumberValue) + `,`, - `}`, - }, "") - return s -} -func (this *Value_StringValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_StringValue{`, - `StringValue:` + fmt.Sprintf("%v", this.StringValue) + `,`, - `}`, - }, "") - return s -} -func (this *Value_BoolValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_BoolValue{`, - `BoolValue:` + fmt.Sprintf("%v", this.BoolValue) + `,`, - `}`, - }, "") - return s -} -func (this *Value_StructValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_StructValue{`, - `StructValue:` + strings.Replace(fmt.Sprintf("%v", this.StructValue), "Struct", "Struct", 1) + `,`, - `}`, - }, "") - return s -} -func (this *Value_ListValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Value_ListValue{`, - `ListValue:` + strings.Replace(fmt.Sprintf("%v", this.ListValue), "ListValue", "ListValue", 1) + `,`, - `}`, - }, "") - return s -} -func (this *ListValue) String() string { - if this == nil { - return "nil" - } - repeatedStringForValues := "[]*Value{" - for _, f := range this.Values { - repeatedStringForValues += strings.Replace(f.String(), "Value", "Value", 1) + "," - } - repeatedStringForValues += "}" - s := strings.Join([]string{`&ListValue{`, - `Values:` + repeatedStringForValues + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringStruct(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *Struct) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Struct: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Struct: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Fields", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthStruct - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthStruct - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Fields == nil { - m.Fields = make(map[string]*Value) - } - var mapkey string - var mapvalue *Value - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthStruct - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthStruct - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapmsglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapmsglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if mapmsglen < 0 { - return ErrInvalidLengthStruct - } - postmsgIndex := iNdEx + mapmsglen - if postmsgIndex < 0 { - return ErrInvalidLengthStruct - } - if postmsgIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = &Value{} - if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil { - return err - } - iNdEx = postmsgIndex - } else { - iNdEx = entryPreIndex - skippy, err := skipStruct(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthStruct - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Fields[mapkey] = mapvalue - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipStruct(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthStruct - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Value) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Value: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Value: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field NullValue", wireType) - } - var v NullValue - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= NullValue(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.Kind = &Value_NullValue{v} - case 2: - if wireType != 1 { - return fmt.Errorf("proto: wrong wireType = %d for field NumberValue", wireType) - } - var v uint64 - if (iNdEx + 8) > l { - return io.ErrUnexpectedEOF - } - v = uint64(encoding_binary.LittleEndian.Uint64(dAtA[iNdEx:])) - iNdEx += 8 - m.Kind = &Value_NumberValue{float64(math.Float64frombits(v))} - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthStruct - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthStruct - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Kind = &Value_StringValue{string(dAtA[iNdEx:postIndex])} - iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - b := bool(v != 0) - m.Kind = &Value_BoolValue{b} - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field StructValue", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthStruct - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthStruct - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - v := &Struct{} - if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - m.Kind = &Value_StructValue{v} - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ListValue", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthStruct - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthStruct - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - v := &ListValue{} - if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - m.Kind = &Value_ListValue{v} - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipStruct(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthStruct - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ListValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ListValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ListValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowStruct - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthStruct - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthStruct - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Values = append(m.Values, &Value{}) - if err := m.Values[len(m.Values)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipStruct(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthStruct - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipStruct(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowStruct - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowStruct - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowStruct - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthStruct - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupStruct - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthStruct - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthStruct = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowStruct = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupStruct = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/timestamp.go b/vendor/github.com/gogo/protobuf/types/timestamp.go deleted file mode 100644 index 232ada57ce42..000000000000 --- a/vendor/github.com/gogo/protobuf/types/timestamp.go +++ /dev/null @@ -1,130 +0,0 @@ -// Go support for Protocol Buffers - Google's data interchange format -// -// Copyright 2016 The Go Authors. All rights reserved. -// https://github.com/golang/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// * Neither the name of Google Inc. nor the names of its -// contributors may be used to endorse or promote products derived from -// this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -// This file implements operations on google.protobuf.Timestamp. - -import ( - "errors" - "fmt" - "time" -) - -const ( - // Seconds field of the earliest valid Timestamp. - // This is time.Date(1, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). - minValidSeconds = -62135596800 - // Seconds field just after the latest valid Timestamp. - // This is time.Date(10000, 1, 1, 0, 0, 0, 0, time.UTC).Unix(). - maxValidSeconds = 253402300800 -) - -// validateTimestamp determines whether a Timestamp is valid. -// A valid timestamp represents a time in the range -// [0001-01-01, 10000-01-01) and has a Nanos field -// in the range [0, 1e9). -// -// If the Timestamp is valid, validateTimestamp returns nil. -// Otherwise, it returns an error that describes -// the problem. -// -// Every valid Timestamp can be represented by a time.Time, but the converse is not true. -func validateTimestamp(ts *Timestamp) error { - if ts == nil { - return errors.New("timestamp: nil Timestamp") - } - if ts.Seconds < minValidSeconds { - return fmt.Errorf("timestamp: %#v before 0001-01-01", ts) - } - if ts.Seconds >= maxValidSeconds { - return fmt.Errorf("timestamp: %#v after 10000-01-01", ts) - } - if ts.Nanos < 0 || ts.Nanos >= 1e9 { - return fmt.Errorf("timestamp: %#v: nanos not in range [0, 1e9)", ts) - } - return nil -} - -// TimestampFromProto converts a google.protobuf.Timestamp proto to a time.Time. -// It returns an error if the argument is invalid. -// -// Unlike most Go functions, if Timestamp returns an error, the first return value -// is not the zero time.Time. Instead, it is the value obtained from the -// time.Unix function when passed the contents of the Timestamp, in the UTC -// locale. This may or may not be a meaningful time; many invalid Timestamps -// do map to valid time.Times. -// -// A nil Timestamp returns an error. The first return value in that case is -// undefined. -func TimestampFromProto(ts *Timestamp) (time.Time, error) { - // Don't return the zero value on error, because corresponds to a valid - // timestamp. Instead return whatever time.Unix gives us. - var t time.Time - if ts == nil { - t = time.Unix(0, 0).UTC() // treat nil like the empty Timestamp - } else { - t = time.Unix(ts.Seconds, int64(ts.Nanos)).UTC() - } - return t, validateTimestamp(ts) -} - -// TimestampNow returns a google.protobuf.Timestamp for the current time. -func TimestampNow() *Timestamp { - ts, err := TimestampProto(time.Now()) - if err != nil { - panic("ptypes: time.Now() out of Timestamp range") - } - return ts -} - -// TimestampProto converts the time.Time to a google.protobuf.Timestamp proto. -// It returns an error if the resulting Timestamp is invalid. -func TimestampProto(t time.Time) (*Timestamp, error) { - ts := &Timestamp{ - Seconds: t.Unix(), - Nanos: int32(t.Nanosecond()), - } - if err := validateTimestamp(ts); err != nil { - return nil, err - } - return ts, nil -} - -// TimestampString returns the RFC 3339 string for valid Timestamps. For invalid -// Timestamps, it returns an error message in parentheses. -func TimestampString(ts *Timestamp) string { - t, err := TimestampFromProto(ts) - if err != nil { - return fmt.Sprintf("(%v)", err) - } - return t.Format(time.RFC3339Nano) -} diff --git a/vendor/github.com/gogo/protobuf/types/timestamp.pb.go b/vendor/github.com/gogo/protobuf/types/timestamp.pb.go deleted file mode 100644 index 45db7b3bb1c8..000000000000 --- a/vendor/github.com/gogo/protobuf/types/timestamp.pb.go +++ /dev/null @@ -1,539 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/timestamp.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// A Timestamp represents a point in time independent of any time zone or local -// calendar, encoded as a count of seconds and fractions of seconds at -// nanosecond resolution. The count is relative to an epoch at UTC midnight on -// January 1, 1970, in the proleptic Gregorian calendar which extends the -// Gregorian calendar backwards to year one. -// -// All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap -// second table is needed for interpretation, using a [24-hour linear -// smear](https://developers.google.com/time/smear). -// -// The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By -// restricting to that range, we ensure that we can convert to and from [RFC -// 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings. -// -// # Examples -// -// Example 1: Compute Timestamp from POSIX `time()`. -// -// Timestamp timestamp; -// timestamp.set_seconds(time(NULL)); -// timestamp.set_nanos(0); -// -// Example 2: Compute Timestamp from POSIX `gettimeofday()`. -// -// struct timeval tv; -// gettimeofday(&tv, NULL); -// -// Timestamp timestamp; -// timestamp.set_seconds(tv.tv_sec); -// timestamp.set_nanos(tv.tv_usec * 1000); -// -// Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. -// -// FILETIME ft; -// GetSystemTimeAsFileTime(&ft); -// UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; -// -// // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z -// // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. -// Timestamp timestamp; -// timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); -// timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); -// -// Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. -// -// long millis = System.currentTimeMillis(); -// -// Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) -// .setNanos((int) ((millis % 1000) * 1000000)).build(); -// -// -// Example 5: Compute Timestamp from current time in Python. -// -// timestamp = Timestamp() -// timestamp.GetCurrentTime() -// -// # JSON Mapping -// -// In JSON format, the Timestamp type is encoded as a string in the -// [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the -// format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z" -// where {year} is always expressed using four digits while {month}, {day}, -// {hour}, {min}, and {sec} are zero-padded to two digits each. The fractional -// seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), -// are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone -// is required. A proto3 JSON serializer should always use UTC (as indicated by -// "Z") when printing the Timestamp type and a proto3 JSON parser should be -// able to accept both UTC and other timezones (as indicated by an offset). -// -// For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past -// 01:30 UTC on January 15, 2017. -// -// In JavaScript, one can convert a Date object to this format using the -// standard -// [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString) -// method. In Python, a standard `datetime.datetime` object can be converted -// to this format using -// [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with -// the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use -// the Joda Time's [`ISODateTimeFormat.dateTime()`]( -// http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D -// ) to obtain a formatter capable of generating timestamps in this format. -// -// -type Timestamp struct { - // Represents seconds of UTC time since Unix epoch - // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to - // 9999-12-31T23:59:59Z inclusive. - Seconds int64 `protobuf:"varint,1,opt,name=seconds,proto3" json:"seconds,omitempty"` - // Non-negative fractions of a second at nanosecond resolution. Negative - // second values with fractions must still have non-negative nanos values - // that count forward in time. Must be from 0 to 999,999,999 - // inclusive. - Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Timestamp) Reset() { *m = Timestamp{} } -func (*Timestamp) ProtoMessage() {} -func (*Timestamp) Descriptor() ([]byte, []int) { - return fileDescriptor_292007bbfe81227e, []int{0} -} -func (*Timestamp) XXX_WellKnownType() string { return "Timestamp" } -func (m *Timestamp) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Timestamp) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Timestamp.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Timestamp) XXX_Merge(src proto.Message) { - xxx_messageInfo_Timestamp.Merge(m, src) -} -func (m *Timestamp) XXX_Size() int { - return m.Size() -} -func (m *Timestamp) XXX_DiscardUnknown() { - xxx_messageInfo_Timestamp.DiscardUnknown(m) -} - -var xxx_messageInfo_Timestamp proto.InternalMessageInfo - -func (m *Timestamp) GetSeconds() int64 { - if m != nil { - return m.Seconds - } - return 0 -} - -func (m *Timestamp) GetNanos() int32 { - if m != nil { - return m.Nanos - } - return 0 -} - -func (*Timestamp) XXX_MessageName() string { - return "google.protobuf.Timestamp" -} -func init() { - proto.RegisterType((*Timestamp)(nil), "google.protobuf.Timestamp") -} - -func init() { proto.RegisterFile("google/protobuf/timestamp.proto", fileDescriptor_292007bbfe81227e) } - -var fileDescriptor_292007bbfe81227e = []byte{ - // 212 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4f, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0xc9, 0xcc, 0x4d, - 0x2d, 0x2e, 0x49, 0xcc, 0x2d, 0xd0, 0x03, 0x0b, 0x09, 0xf1, 0x43, 0x14, 0xe8, 0xc1, 0x14, 0x28, - 0x59, 0x73, 0x71, 0x86, 0xc0, 0xd4, 0x08, 0x49, 0x70, 0xb1, 0x17, 0xa7, 0x26, 0xe7, 0xe7, 0xa5, - 0x14, 0x4b, 0x30, 0x2a, 0x30, 0x6a, 0x30, 0x07, 0xc1, 0xb8, 0x42, 0x22, 0x5c, 0xac, 0x79, 0x89, - 0x79, 0xf9, 0xc5, 0x12, 0x4c, 0x0a, 0x8c, 0x1a, 0xac, 0x41, 0x10, 0x8e, 0x53, 0x03, 0xe3, 0x8d, - 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xae, 0x78, 0x24, 0xc7, 0x78, 0xe2, 0x91, 0x1c, 0xe3, - 0x85, 0x47, 0x72, 0x8c, 0x0f, 0x1e, 0xc9, 0x31, 0xbe, 0x78, 0x24, 0xc7, 0xf0, 0xe1, 0x91, 0x1c, - 0xe3, 0x8a, 0xc7, 0x72, 0x8c, 0x27, 0x1e, 0xcb, 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, - 0x59, 0xee, 0xc4, 0x07, 0xb7, 0x3a, 0x00, 0x24, 0x14, 0xc0, 0x18, 0xc5, 0x5a, 0x52, 0x59, 0x90, - 0x5a, 0xfc, 0x83, 0x91, 0x71, 0x11, 0x13, 0xb3, 0x7b, 0x80, 0xd3, 0x2a, 0x26, 0x39, 0x77, 0x88, - 0x9e, 0x00, 0xa8, 0x1e, 0xbd, 0xf0, 0xd4, 0x9c, 0x1c, 0xef, 0xbc, 0xfc, 0xf2, 0xbc, 0x10, 0x90, - 0xca, 0x24, 0x36, 0xb0, 0x61, 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x0b, 0x23, 0x83, 0xdd, - 0xfa, 0x00, 0x00, 0x00, -} - -func (this *Timestamp) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Timestamp) - if !ok { - that2, ok := that.(Timestamp) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Seconds != that1.Seconds { - if this.Seconds < that1.Seconds { - return -1 - } - return 1 - } - if this.Nanos != that1.Nanos { - if this.Nanos < that1.Nanos { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Timestamp) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Timestamp) - if !ok { - that2, ok := that.(Timestamp) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Seconds != that1.Seconds { - return false - } - if this.Nanos != that1.Nanos { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Timestamp) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 6) - s = append(s, "&types.Timestamp{") - s = append(s, "Seconds: "+fmt.Sprintf("%#v", this.Seconds)+",\n") - s = append(s, "Nanos: "+fmt.Sprintf("%#v", this.Nanos)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringTimestamp(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Timestamp) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Timestamp) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Timestamp) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Nanos != 0 { - i = encodeVarintTimestamp(dAtA, i, uint64(m.Nanos)) - i-- - dAtA[i] = 0x10 - } - if m.Seconds != 0 { - i = encodeVarintTimestamp(dAtA, i, uint64(m.Seconds)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func encodeVarintTimestamp(dAtA []byte, offset int, v uint64) int { - offset -= sovTimestamp(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func (m *Timestamp) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Seconds != 0 { - n += 1 + sovTimestamp(uint64(m.Seconds)) - } - if m.Nanos != 0 { - n += 1 + sovTimestamp(uint64(m.Nanos)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovTimestamp(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozTimestamp(x uint64) (n int) { - return sovTimestamp(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (m *Timestamp) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowTimestamp - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Timestamp: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Timestamp: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Seconds", wireType) - } - m.Seconds = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowTimestamp - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Seconds |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Nanos", wireType) - } - m.Nanos = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowTimestamp - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Nanos |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipTimestamp(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthTimestamp - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipTimestamp(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowTimestamp - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowTimestamp - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowTimestamp - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthTimestamp - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupTimestamp - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthTimestamp - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthTimestamp = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowTimestamp = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupTimestamp = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go b/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go deleted file mode 100644 index e03fa1315830..000000000000 --- a/vendor/github.com/gogo/protobuf/types/timestamp_gogo.go +++ /dev/null @@ -1,94 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2016, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -import ( - "time" -) - -func NewPopulatedTimestamp(r interface { - Int63() int64 -}, easy bool) *Timestamp { - this := &Timestamp{} - ns := int64(r.Int63()) - this.Seconds = ns / 1e9 - this.Nanos = int32(ns % 1e9) - return this -} - -func (ts *Timestamp) String() string { - return TimestampString(ts) -} - -func NewPopulatedStdTime(r interface { - Int63() int64 -}, easy bool) *time.Time { - timestamp := NewPopulatedTimestamp(r, easy) - t, err := TimestampFromProto(timestamp) - if err != nil { - return nil - } - return &t -} - -func SizeOfStdTime(t time.Time) int { - ts, err := TimestampProto(t) - if err != nil { - return 0 - } - return ts.Size() -} - -func StdTimeMarshal(t time.Time) ([]byte, error) { - size := SizeOfStdTime(t) - buf := make([]byte, size) - _, err := StdTimeMarshalTo(t, buf) - return buf, err -} - -func StdTimeMarshalTo(t time.Time, data []byte) (int, error) { - ts, err := TimestampProto(t) - if err != nil { - return 0, err - } - return ts.MarshalTo(data) -} - -func StdTimeUnmarshal(t *time.Time, data []byte) error { - ts := &Timestamp{} - if err := ts.Unmarshal(data); err != nil { - return err - } - tt, err := TimestampFromProto(ts) - if err != nil { - return err - } - *t = tt - return nil -} diff --git a/vendor/github.com/gogo/protobuf/types/type.pb.go b/vendor/github.com/gogo/protobuf/types/type.pb.go deleted file mode 100644 index 791427bb228a..000000000000 --- a/vendor/github.com/gogo/protobuf/types/type.pb.go +++ /dev/null @@ -1,3355 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/type.proto - -package types - -import ( - bytes "bytes" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strconv "strconv" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// The syntax in which a protocol buffer element is defined. -type Syntax int32 - -const ( - // Syntax `proto2`. - Syntax_SYNTAX_PROTO2 Syntax = 0 - // Syntax `proto3`. - Syntax_SYNTAX_PROTO3 Syntax = 1 -) - -var Syntax_name = map[int32]string{ - 0: "SYNTAX_PROTO2", - 1: "SYNTAX_PROTO3", -} - -var Syntax_value = map[string]int32{ - "SYNTAX_PROTO2": 0, - "SYNTAX_PROTO3": 1, -} - -func (Syntax) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{0} -} - -// Basic field types. -type Field_Kind int32 - -const ( - // Field type unknown. - Field_TYPE_UNKNOWN Field_Kind = 0 - // Field type double. - Field_TYPE_DOUBLE Field_Kind = 1 - // Field type float. - Field_TYPE_FLOAT Field_Kind = 2 - // Field type int64. - Field_TYPE_INT64 Field_Kind = 3 - // Field type uint64. - Field_TYPE_UINT64 Field_Kind = 4 - // Field type int32. - Field_TYPE_INT32 Field_Kind = 5 - // Field type fixed64. - Field_TYPE_FIXED64 Field_Kind = 6 - // Field type fixed32. - Field_TYPE_FIXED32 Field_Kind = 7 - // Field type bool. - Field_TYPE_BOOL Field_Kind = 8 - // Field type string. - Field_TYPE_STRING Field_Kind = 9 - // Field type group. Proto2 syntax only, and deprecated. - Field_TYPE_GROUP Field_Kind = 10 - // Field type message. - Field_TYPE_MESSAGE Field_Kind = 11 - // Field type bytes. - Field_TYPE_BYTES Field_Kind = 12 - // Field type uint32. - Field_TYPE_UINT32 Field_Kind = 13 - // Field type enum. - Field_TYPE_ENUM Field_Kind = 14 - // Field type sfixed32. - Field_TYPE_SFIXED32 Field_Kind = 15 - // Field type sfixed64. - Field_TYPE_SFIXED64 Field_Kind = 16 - // Field type sint32. - Field_TYPE_SINT32 Field_Kind = 17 - // Field type sint64. - Field_TYPE_SINT64 Field_Kind = 18 -) - -var Field_Kind_name = map[int32]string{ - 0: "TYPE_UNKNOWN", - 1: "TYPE_DOUBLE", - 2: "TYPE_FLOAT", - 3: "TYPE_INT64", - 4: "TYPE_UINT64", - 5: "TYPE_INT32", - 6: "TYPE_FIXED64", - 7: "TYPE_FIXED32", - 8: "TYPE_BOOL", - 9: "TYPE_STRING", - 10: "TYPE_GROUP", - 11: "TYPE_MESSAGE", - 12: "TYPE_BYTES", - 13: "TYPE_UINT32", - 14: "TYPE_ENUM", - 15: "TYPE_SFIXED32", - 16: "TYPE_SFIXED64", - 17: "TYPE_SINT32", - 18: "TYPE_SINT64", -} - -var Field_Kind_value = map[string]int32{ - "TYPE_UNKNOWN": 0, - "TYPE_DOUBLE": 1, - "TYPE_FLOAT": 2, - "TYPE_INT64": 3, - "TYPE_UINT64": 4, - "TYPE_INT32": 5, - "TYPE_FIXED64": 6, - "TYPE_FIXED32": 7, - "TYPE_BOOL": 8, - "TYPE_STRING": 9, - "TYPE_GROUP": 10, - "TYPE_MESSAGE": 11, - "TYPE_BYTES": 12, - "TYPE_UINT32": 13, - "TYPE_ENUM": 14, - "TYPE_SFIXED32": 15, - "TYPE_SFIXED64": 16, - "TYPE_SINT32": 17, - "TYPE_SINT64": 18, -} - -func (Field_Kind) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{1, 0} -} - -// Whether a field is optional, required, or repeated. -type Field_Cardinality int32 - -const ( - // For fields with unknown cardinality. - Field_CARDINALITY_UNKNOWN Field_Cardinality = 0 - // For optional fields. - Field_CARDINALITY_OPTIONAL Field_Cardinality = 1 - // For required fields. Proto2 syntax only. - Field_CARDINALITY_REQUIRED Field_Cardinality = 2 - // For repeated fields. - Field_CARDINALITY_REPEATED Field_Cardinality = 3 -) - -var Field_Cardinality_name = map[int32]string{ - 0: "CARDINALITY_UNKNOWN", - 1: "CARDINALITY_OPTIONAL", - 2: "CARDINALITY_REQUIRED", - 3: "CARDINALITY_REPEATED", -} - -var Field_Cardinality_value = map[string]int32{ - "CARDINALITY_UNKNOWN": 0, - "CARDINALITY_OPTIONAL": 1, - "CARDINALITY_REQUIRED": 2, - "CARDINALITY_REPEATED": 3, -} - -func (Field_Cardinality) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{1, 1} -} - -// A protocol buffer message type. -type Type struct { - // The fully qualified message name. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The list of fields. - Fields []*Field `protobuf:"bytes,2,rep,name=fields,proto3" json:"fields,omitempty"` - // The list of types appearing in `oneof` definitions in this type. - Oneofs []string `protobuf:"bytes,3,rep,name=oneofs,proto3" json:"oneofs,omitempty"` - // The protocol buffer options. - Options []*Option `protobuf:"bytes,4,rep,name=options,proto3" json:"options,omitempty"` - // The source context. - SourceContext *SourceContext `protobuf:"bytes,5,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` - // The source syntax. - Syntax Syntax `protobuf:"varint,6,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Type) Reset() { *m = Type{} } -func (*Type) ProtoMessage() {} -func (*Type) Descriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{0} -} -func (m *Type) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Type) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Type.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Type) XXX_Merge(src proto.Message) { - xxx_messageInfo_Type.Merge(m, src) -} -func (m *Type) XXX_Size() int { - return m.Size() -} -func (m *Type) XXX_DiscardUnknown() { - xxx_messageInfo_Type.DiscardUnknown(m) -} - -var xxx_messageInfo_Type proto.InternalMessageInfo - -func (m *Type) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Type) GetFields() []*Field { - if m != nil { - return m.Fields - } - return nil -} - -func (m *Type) GetOneofs() []string { - if m != nil { - return m.Oneofs - } - return nil -} - -func (m *Type) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (m *Type) GetSourceContext() *SourceContext { - if m != nil { - return m.SourceContext - } - return nil -} - -func (m *Type) GetSyntax() Syntax { - if m != nil { - return m.Syntax - } - return Syntax_SYNTAX_PROTO2 -} - -func (*Type) XXX_MessageName() string { - return "google.protobuf.Type" -} - -// A single field of a message type. -type Field struct { - // The field type. - Kind Field_Kind `protobuf:"varint,1,opt,name=kind,proto3,enum=google.protobuf.Field_Kind" json:"kind,omitempty"` - // The field cardinality. - Cardinality Field_Cardinality `protobuf:"varint,2,opt,name=cardinality,proto3,enum=google.protobuf.Field_Cardinality" json:"cardinality,omitempty"` - // The field number. - Number int32 `protobuf:"varint,3,opt,name=number,proto3" json:"number,omitempty"` - // The field name. - Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` - // The field type URL, without the scheme, for message or enumeration - // types. Example: `"type.googleapis.com/google.protobuf.Timestamp"`. - TypeUrl string `protobuf:"bytes,6,opt,name=type_url,json=typeUrl,proto3" json:"type_url,omitempty"` - // The index of the field type in `Type.oneofs`, for message or enumeration - // types. The first type has index 1; zero means the type is not in the list. - OneofIndex int32 `protobuf:"varint,7,opt,name=oneof_index,json=oneofIndex,proto3" json:"oneof_index,omitempty"` - // Whether to use alternative packed wire representation. - Packed bool `protobuf:"varint,8,opt,name=packed,proto3" json:"packed,omitempty"` - // The protocol buffer options. - Options []*Option `protobuf:"bytes,9,rep,name=options,proto3" json:"options,omitempty"` - // The field JSON name. - JsonName string `protobuf:"bytes,10,opt,name=json_name,json=jsonName,proto3" json:"json_name,omitempty"` - // The string value of the default value of this field. Proto2 syntax only. - DefaultValue string `protobuf:"bytes,11,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Field) Reset() { *m = Field{} } -func (*Field) ProtoMessage() {} -func (*Field) Descriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{1} -} -func (m *Field) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Field) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Field.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Field) XXX_Merge(src proto.Message) { - xxx_messageInfo_Field.Merge(m, src) -} -func (m *Field) XXX_Size() int { - return m.Size() -} -func (m *Field) XXX_DiscardUnknown() { - xxx_messageInfo_Field.DiscardUnknown(m) -} - -var xxx_messageInfo_Field proto.InternalMessageInfo - -func (m *Field) GetKind() Field_Kind { - if m != nil { - return m.Kind - } - return Field_TYPE_UNKNOWN -} - -func (m *Field) GetCardinality() Field_Cardinality { - if m != nil { - return m.Cardinality - } - return Field_CARDINALITY_UNKNOWN -} - -func (m *Field) GetNumber() int32 { - if m != nil { - return m.Number - } - return 0 -} - -func (m *Field) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Field) GetTypeUrl() string { - if m != nil { - return m.TypeUrl - } - return "" -} - -func (m *Field) GetOneofIndex() int32 { - if m != nil { - return m.OneofIndex - } - return 0 -} - -func (m *Field) GetPacked() bool { - if m != nil { - return m.Packed - } - return false -} - -func (m *Field) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (m *Field) GetJsonName() string { - if m != nil { - return m.JsonName - } - return "" -} - -func (m *Field) GetDefaultValue() string { - if m != nil { - return m.DefaultValue - } - return "" -} - -func (*Field) XXX_MessageName() string { - return "google.protobuf.Field" -} - -// Enum type definition. -type Enum struct { - // Enum type name. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // Enum value definitions. - Enumvalue []*EnumValue `protobuf:"bytes,2,rep,name=enumvalue,proto3" json:"enumvalue,omitempty"` - // Protocol buffer options. - Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` - // The source context. - SourceContext *SourceContext `protobuf:"bytes,4,opt,name=source_context,json=sourceContext,proto3" json:"source_context,omitempty"` - // The source syntax. - Syntax Syntax `protobuf:"varint,5,opt,name=syntax,proto3,enum=google.protobuf.Syntax" json:"syntax,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Enum) Reset() { *m = Enum{} } -func (*Enum) ProtoMessage() {} -func (*Enum) Descriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{2} -} -func (m *Enum) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Enum) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Enum.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Enum) XXX_Merge(src proto.Message) { - xxx_messageInfo_Enum.Merge(m, src) -} -func (m *Enum) XXX_Size() int { - return m.Size() -} -func (m *Enum) XXX_DiscardUnknown() { - xxx_messageInfo_Enum.DiscardUnknown(m) -} - -var xxx_messageInfo_Enum proto.InternalMessageInfo - -func (m *Enum) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Enum) GetEnumvalue() []*EnumValue { - if m != nil { - return m.Enumvalue - } - return nil -} - -func (m *Enum) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (m *Enum) GetSourceContext() *SourceContext { - if m != nil { - return m.SourceContext - } - return nil -} - -func (m *Enum) GetSyntax() Syntax { - if m != nil { - return m.Syntax - } - return Syntax_SYNTAX_PROTO2 -} - -func (*Enum) XXX_MessageName() string { - return "google.protobuf.Enum" -} - -// Enum value definition. -type EnumValue struct { - // Enum value name. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // Enum value number. - Number int32 `protobuf:"varint,2,opt,name=number,proto3" json:"number,omitempty"` - // Protocol buffer options. - Options []*Option `protobuf:"bytes,3,rep,name=options,proto3" json:"options,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *EnumValue) Reset() { *m = EnumValue{} } -func (*EnumValue) ProtoMessage() {} -func (*EnumValue) Descriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{3} -} -func (m *EnumValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *EnumValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_EnumValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *EnumValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_EnumValue.Merge(m, src) -} -func (m *EnumValue) XXX_Size() int { - return m.Size() -} -func (m *EnumValue) XXX_DiscardUnknown() { - xxx_messageInfo_EnumValue.DiscardUnknown(m) -} - -var xxx_messageInfo_EnumValue proto.InternalMessageInfo - -func (m *EnumValue) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *EnumValue) GetNumber() int32 { - if m != nil { - return m.Number - } - return 0 -} - -func (m *EnumValue) GetOptions() []*Option { - if m != nil { - return m.Options - } - return nil -} - -func (*EnumValue) XXX_MessageName() string { - return "google.protobuf.EnumValue" -} - -// A protocol buffer option, which can be attached to a message, field, -// enumeration, etc. -type Option struct { - // The option's name. For protobuf built-in options (options defined in - // descriptor.proto), this is the short name. For example, `"map_entry"`. - // For custom options, it should be the fully-qualified name. For example, - // `"google.api.http"`. - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The option's value packed in an Any message. If the value is a primitive, - // the corresponding wrapper type defined in google/protobuf/wrappers.proto - // should be used. If the value is an enum, it should be stored as an int32 - // value using the google.protobuf.Int32Value type. - Value *Any `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Option) Reset() { *m = Option{} } -func (*Option) ProtoMessage() {} -func (*Option) Descriptor() ([]byte, []int) { - return fileDescriptor_dd271cc1e348c538, []int{4} -} -func (m *Option) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Option) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Option.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Option) XXX_Merge(src proto.Message) { - xxx_messageInfo_Option.Merge(m, src) -} -func (m *Option) XXX_Size() int { - return m.Size() -} -func (m *Option) XXX_DiscardUnknown() { - xxx_messageInfo_Option.DiscardUnknown(m) -} - -var xxx_messageInfo_Option proto.InternalMessageInfo - -func (m *Option) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *Option) GetValue() *Any { - if m != nil { - return m.Value - } - return nil -} - -func (*Option) XXX_MessageName() string { - return "google.protobuf.Option" -} -func init() { - proto.RegisterEnum("google.protobuf.Syntax", Syntax_name, Syntax_value) - proto.RegisterEnum("google.protobuf.Field_Kind", Field_Kind_name, Field_Kind_value) - proto.RegisterEnum("google.protobuf.Field_Cardinality", Field_Cardinality_name, Field_Cardinality_value) - proto.RegisterType((*Type)(nil), "google.protobuf.Type") - proto.RegisterType((*Field)(nil), "google.protobuf.Field") - proto.RegisterType((*Enum)(nil), "google.protobuf.Enum") - proto.RegisterType((*EnumValue)(nil), "google.protobuf.EnumValue") - proto.RegisterType((*Option)(nil), "google.protobuf.Option") -} - -func init() { proto.RegisterFile("google/protobuf/type.proto", fileDescriptor_dd271cc1e348c538) } - -var fileDescriptor_dd271cc1e348c538 = []byte{ - // 840 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xcf, 0x73, 0xda, 0x46, - 0x14, 0xf6, 0x0a, 0x21, 0xa3, 0x87, 0xc1, 0x9b, 0x4d, 0x26, 0x51, 0x9c, 0x19, 0x95, 0xa1, 0x3d, - 0x30, 0x39, 0xe0, 0x29, 0x78, 0x3c, 0xbd, 0x82, 0x91, 0x29, 0x63, 0x22, 0xa9, 0x8b, 0x68, 0xe2, - 0x5e, 0x18, 0x0c, 0x72, 0x86, 0x44, 0xac, 0x18, 0x24, 0x5a, 0x73, 0xeb, 0x4c, 0xcf, 0xfd, 0x27, - 0x7a, 0xea, 0xf4, 0xdc, 0x3f, 0xc2, 0xc7, 0x1e, 0x7b, 0xac, 0xc9, 0xa5, 0xc7, 0x1c, 0x73, 0x6b, - 0x67, 0x57, 0x20, 0x8b, 0x1f, 0x9d, 0x49, 0xdb, 0x1b, 0xef, 0xfb, 0xbe, 0xf7, 0x73, 0x9f, 0x1e, - 0x70, 0xf4, 0xda, 0xf7, 0x5f, 0x7b, 0xee, 0xf1, 0x64, 0xea, 0x87, 0xfe, 0xd5, 0xec, 0xfa, 0x38, - 0x9c, 0x4f, 0xdc, 0xb2, 0xb0, 0xc8, 0x61, 0xc4, 0x95, 0x57, 0xdc, 0xd1, 0xd3, 0x4d, 0x71, 0x9f, - 0xcd, 0x23, 0xf6, 0xe8, 0xb3, 0x4d, 0x2a, 0xf0, 0x67, 0xd3, 0x81, 0xdb, 0x1b, 0xf8, 0x2c, 0x74, - 0x6f, 0xc2, 0x48, 0x55, 0xfc, 0x51, 0x02, 0xd9, 0x99, 0x4f, 0x5c, 0x42, 0x40, 0x66, 0xfd, 0xb1, - 0xab, 0xa1, 0x02, 0x2a, 0xa9, 0x54, 0xfc, 0x26, 0x65, 0x50, 0xae, 0x47, 0xae, 0x37, 0x0c, 0x34, - 0xa9, 0x90, 0x2a, 0x65, 0x2b, 0x8f, 0xcb, 0x1b, 0xf9, 0xcb, 0xe7, 0x9c, 0xa6, 0x4b, 0x15, 0x79, - 0x0c, 0x8a, 0xcf, 0x5c, 0xff, 0x3a, 0xd0, 0x52, 0x85, 0x54, 0x49, 0xa5, 0x4b, 0x8b, 0x7c, 0x0e, - 0xfb, 0xfe, 0x24, 0x1c, 0xf9, 0x2c, 0xd0, 0x64, 0x11, 0xe8, 0xc9, 0x56, 0x20, 0x4b, 0xf0, 0x74, - 0xa5, 0x23, 0x06, 0xe4, 0xd7, 0xeb, 0xd5, 0xd2, 0x05, 0x54, 0xca, 0x56, 0xf4, 0x2d, 0xcf, 0x8e, - 0x90, 0x9d, 0x45, 0x2a, 0x9a, 0x0b, 0x92, 0x26, 0x39, 0x06, 0x25, 0x98, 0xb3, 0xb0, 0x7f, 0xa3, - 0x29, 0x05, 0x54, 0xca, 0xef, 0x48, 0xdc, 0x11, 0x34, 0x5d, 0xca, 0x8a, 0xbf, 0x2a, 0x90, 0x16, - 0x4d, 0x91, 0x63, 0x90, 0xdf, 0x8e, 0xd8, 0x50, 0x0c, 0x24, 0x5f, 0x79, 0xb6, 0xbb, 0xf5, 0xf2, - 0xc5, 0x88, 0x0d, 0xa9, 0x10, 0x92, 0x06, 0x64, 0x07, 0xfd, 0xe9, 0x70, 0xc4, 0xfa, 0xde, 0x28, - 0x9c, 0x6b, 0x92, 0xf0, 0x2b, 0xfe, 0x83, 0xdf, 0xd9, 0xbd, 0x92, 0x26, 0xdd, 0xf8, 0x0c, 0xd9, - 0x6c, 0x7c, 0xe5, 0x4e, 0xb5, 0x54, 0x01, 0x95, 0xd2, 0x74, 0x69, 0xc5, 0xef, 0x23, 0x27, 0xde, - 0xe7, 0x29, 0x64, 0xf8, 0x72, 0xf4, 0x66, 0x53, 0x4f, 0xf4, 0xa7, 0xd2, 0x7d, 0x6e, 0x77, 0xa7, - 0x1e, 0xf9, 0x04, 0xb2, 0x62, 0xf8, 0xbd, 0x11, 0x1b, 0xba, 0x37, 0xda, 0xbe, 0x88, 0x05, 0x02, - 0x6a, 0x71, 0x84, 0xe7, 0x99, 0xf4, 0x07, 0x6f, 0xdd, 0xa1, 0x96, 0x29, 0xa0, 0x52, 0x86, 0x2e, - 0xad, 0xe4, 0x5b, 0xa9, 0x1f, 0xf9, 0x56, 0xcf, 0x40, 0x7d, 0x13, 0xf8, 0xac, 0x27, 0xea, 0x03, - 0x51, 0x47, 0x86, 0x03, 0x26, 0xaf, 0xf1, 0x53, 0xc8, 0x0d, 0xdd, 0xeb, 0xfe, 0xcc, 0x0b, 0x7b, - 0xdf, 0xf6, 0xbd, 0x99, 0xab, 0x65, 0x85, 0xe0, 0x60, 0x09, 0x7e, 0xcd, 0xb1, 0xe2, 0xad, 0x04, - 0x32, 0x9f, 0x24, 0xc1, 0x70, 0xe0, 0x5c, 0xda, 0x46, 0xaf, 0x6b, 0x5e, 0x98, 0xd6, 0x4b, 0x13, - 0xef, 0x91, 0x43, 0xc8, 0x0a, 0xa4, 0x61, 0x75, 0xeb, 0x6d, 0x03, 0x23, 0x92, 0x07, 0x10, 0xc0, - 0x79, 0xdb, 0xaa, 0x39, 0x58, 0x8a, 0xed, 0x96, 0xe9, 0x9c, 0x9e, 0xe0, 0x54, 0xec, 0xd0, 0x8d, - 0x00, 0x39, 0x29, 0xa8, 0x56, 0x70, 0x3a, 0xce, 0x71, 0xde, 0x7a, 0x65, 0x34, 0x4e, 0x4f, 0xb0, - 0xb2, 0x8e, 0x54, 0x2b, 0x78, 0x9f, 0xe4, 0x40, 0x15, 0x48, 0xdd, 0xb2, 0xda, 0x38, 0x13, 0xc7, - 0xec, 0x38, 0xb4, 0x65, 0x36, 0xb1, 0x1a, 0xc7, 0x6c, 0x52, 0xab, 0x6b, 0x63, 0x88, 0x23, 0xbc, - 0x30, 0x3a, 0x9d, 0x5a, 0xd3, 0xc0, 0xd9, 0x58, 0x51, 0xbf, 0x74, 0x8c, 0x0e, 0x3e, 0x58, 0x2b, - 0xab, 0x5a, 0xc1, 0xb9, 0x38, 0x85, 0x61, 0x76, 0x5f, 0xe0, 0x3c, 0x79, 0x00, 0xb9, 0x28, 0xc5, - 0xaa, 0x88, 0xc3, 0x0d, 0xe8, 0xf4, 0x04, 0xe3, 0xfb, 0x42, 0xa2, 0x28, 0x0f, 0xd6, 0x80, 0xd3, - 0x13, 0x4c, 0x8a, 0x21, 0x64, 0x13, 0xbb, 0x45, 0x9e, 0xc0, 0xc3, 0xb3, 0x1a, 0x6d, 0xb4, 0xcc, - 0x5a, 0xbb, 0xe5, 0x5c, 0x26, 0xe6, 0xaa, 0xc1, 0xa3, 0x24, 0x61, 0xd9, 0x4e, 0xcb, 0x32, 0x6b, - 0x6d, 0x8c, 0x36, 0x19, 0x6a, 0x7c, 0xd5, 0x6d, 0x51, 0xa3, 0x81, 0xa5, 0x6d, 0xc6, 0x36, 0x6a, - 0x8e, 0xd1, 0xc0, 0xa9, 0xe2, 0x5f, 0x08, 0x64, 0x83, 0xcd, 0xc6, 0x3b, 0xcf, 0xc8, 0x17, 0xa0, - 0xba, 0x6c, 0x36, 0x8e, 0x9e, 0x3f, 0xba, 0x24, 0x47, 0x5b, 0x4b, 0xc5, 0xbd, 0xc5, 0x32, 0xd0, - 0x7b, 0x71, 0x72, 0x19, 0x53, 0xff, 0xf9, 0x70, 0xc8, 0xff, 0xef, 0x70, 0xa4, 0x3f, 0xee, 0x70, - 0xbc, 0x01, 0x35, 0x6e, 0x61, 0xe7, 0x14, 0xee, 0x3f, 0x6c, 0x69, 0xed, 0xc3, 0xfe, 0xf7, 0x3d, - 0x16, 0xbf, 0x04, 0x25, 0x82, 0x76, 0x26, 0x7a, 0x0e, 0xe9, 0xd5, 0xa8, 0x79, 0xe3, 0x8f, 0xb6, - 0xc2, 0xd5, 0xd8, 0x9c, 0x46, 0x92, 0xe7, 0x65, 0x50, 0xa2, 0x3e, 0xf8, 0xb2, 0x75, 0x2e, 0x4d, - 0xa7, 0xf6, 0xaa, 0x67, 0x53, 0xcb, 0xb1, 0x2a, 0x78, 0x6f, 0x13, 0xaa, 0x62, 0x54, 0xff, 0x01, - 0xfd, 0x7e, 0xa7, 0xef, 0xbd, 0xbf, 0xd3, 0xd1, 0x87, 0x3b, 0x1d, 0x7d, 0xbf, 0xd0, 0xd1, 0xcf, - 0x0b, 0x1d, 0xdd, 0x2e, 0x74, 0xf4, 0xdb, 0x42, 0x47, 0x7f, 0x2c, 0x74, 0xf4, 0xe7, 0x42, 0xdf, - 0x7b, 0xcf, 0xf1, 0x77, 0x3a, 0xba, 0x7d, 0xa7, 0x23, 0x78, 0x38, 0xf0, 0xc7, 0x9b, 0x25, 0xd4, - 0x55, 0xfe, 0x9f, 0x63, 0x73, 0xcb, 0x46, 0xdf, 0xa4, 0xf9, 0xd1, 0x0a, 0x3e, 0x20, 0xf4, 0x93, - 0x94, 0x6a, 0xda, 0xf5, 0x5f, 0x24, 0xbd, 0x19, 0xc9, 0xed, 0x55, 0xc5, 0x2f, 0x5d, 0xcf, 0xbb, - 0x60, 0xfe, 0x77, 0x8c, 0xbb, 0x05, 0x57, 0x8a, 0x88, 0x53, 0xfd, 0x3b, 0x00, 0x00, 0xff, 0xff, - 0xbc, 0x2a, 0x5e, 0x82, 0x2b, 0x07, 0x00, 0x00, -} - -func (this *Type) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Type) - if !ok { - that2, ok := that.(Type) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if len(this.Fields) != len(that1.Fields) { - if len(this.Fields) < len(that1.Fields) { - return -1 - } - return 1 - } - for i := range this.Fields { - if c := this.Fields[i].Compare(that1.Fields[i]); c != 0 { - return c - } - } - if len(this.Oneofs) != len(that1.Oneofs) { - if len(this.Oneofs) < len(that1.Oneofs) { - return -1 - } - return 1 - } - for i := range this.Oneofs { - if this.Oneofs[i] != that1.Oneofs[i] { - if this.Oneofs[i] < that1.Oneofs[i] { - return -1 - } - return 1 - } - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { - return c - } - if this.Syntax != that1.Syntax { - if this.Syntax < that1.Syntax { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Field) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Field) - if !ok { - that2, ok := that.(Field) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Kind != that1.Kind { - if this.Kind < that1.Kind { - return -1 - } - return 1 - } - if this.Cardinality != that1.Cardinality { - if this.Cardinality < that1.Cardinality { - return -1 - } - return 1 - } - if this.Number != that1.Number { - if this.Number < that1.Number { - return -1 - } - return 1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if this.TypeUrl != that1.TypeUrl { - if this.TypeUrl < that1.TypeUrl { - return -1 - } - return 1 - } - if this.OneofIndex != that1.OneofIndex { - if this.OneofIndex < that1.OneofIndex { - return -1 - } - return 1 - } - if this.Packed != that1.Packed { - if !this.Packed { - return -1 - } - return 1 - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if this.JsonName != that1.JsonName { - if this.JsonName < that1.JsonName { - return -1 - } - return 1 - } - if this.DefaultValue != that1.DefaultValue { - if this.DefaultValue < that1.DefaultValue { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Enum) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Enum) - if !ok { - that2, ok := that.(Enum) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if len(this.Enumvalue) != len(that1.Enumvalue) { - if len(this.Enumvalue) < len(that1.Enumvalue) { - return -1 - } - return 1 - } - for i := range this.Enumvalue { - if c := this.Enumvalue[i].Compare(that1.Enumvalue[i]); c != 0 { - return c - } - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if c := this.SourceContext.Compare(that1.SourceContext); c != 0 { - return c - } - if this.Syntax != that1.Syntax { - if this.Syntax < that1.Syntax { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *EnumValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*EnumValue) - if !ok { - that2, ok := that.(EnumValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if this.Number != that1.Number { - if this.Number < that1.Number { - return -1 - } - return 1 - } - if len(this.Options) != len(that1.Options) { - if len(this.Options) < len(that1.Options) { - return -1 - } - return 1 - } - for i := range this.Options { - if c := this.Options[i].Compare(that1.Options[i]); c != 0 { - return c - } - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Option) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Option) - if !ok { - that2, ok := that.(Option) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Name != that1.Name { - if this.Name < that1.Name { - return -1 - } - return 1 - } - if c := this.Value.Compare(that1.Value); c != 0 { - return c - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (x Syntax) String() string { - s, ok := Syntax_name[int32(x)] - if ok { - return s - } - return strconv.Itoa(int(x)) -} -func (x Field_Kind) String() string { - s, ok := Field_Kind_name[int32(x)] - if ok { - return s - } - return strconv.Itoa(int(x)) -} -func (x Field_Cardinality) String() string { - s, ok := Field_Cardinality_name[int32(x)] - if ok { - return s - } - return strconv.Itoa(int(x)) -} -func (this *Type) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Type) - if !ok { - that2, ok := that.(Type) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if len(this.Fields) != len(that1.Fields) { - return false - } - for i := range this.Fields { - if !this.Fields[i].Equal(that1.Fields[i]) { - return false - } - } - if len(this.Oneofs) != len(that1.Oneofs) { - return false - } - for i := range this.Oneofs { - if this.Oneofs[i] != that1.Oneofs[i] { - return false - } - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if !this.SourceContext.Equal(that1.SourceContext) { - return false - } - if this.Syntax != that1.Syntax { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Field) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Field) - if !ok { - that2, ok := that.(Field) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Kind != that1.Kind { - return false - } - if this.Cardinality != that1.Cardinality { - return false - } - if this.Number != that1.Number { - return false - } - if this.Name != that1.Name { - return false - } - if this.TypeUrl != that1.TypeUrl { - return false - } - if this.OneofIndex != that1.OneofIndex { - return false - } - if this.Packed != that1.Packed { - return false - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if this.JsonName != that1.JsonName { - return false - } - if this.DefaultValue != that1.DefaultValue { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Enum) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Enum) - if !ok { - that2, ok := that.(Enum) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if len(this.Enumvalue) != len(that1.Enumvalue) { - return false - } - for i := range this.Enumvalue { - if !this.Enumvalue[i].Equal(that1.Enumvalue[i]) { - return false - } - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if !this.SourceContext.Equal(that1.SourceContext) { - return false - } - if this.Syntax != that1.Syntax { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *EnumValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*EnumValue) - if !ok { - that2, ok := that.(EnumValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if this.Number != that1.Number { - return false - } - if len(this.Options) != len(that1.Options) { - return false - } - for i := range this.Options { - if !this.Options[i].Equal(that1.Options[i]) { - return false - } - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Option) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Option) - if !ok { - that2, ok := that.(Option) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Name != that1.Name { - return false - } - if !this.Value.Equal(that1.Value) { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Type) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 10) - s = append(s, "&types.Type{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - if this.Fields != nil { - s = append(s, "Fields: "+fmt.Sprintf("%#v", this.Fields)+",\n") - } - s = append(s, "Oneofs: "+fmt.Sprintf("%#v", this.Oneofs)+",\n") - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - if this.SourceContext != nil { - s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") - } - s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Field) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 14) - s = append(s, "&types.Field{") - s = append(s, "Kind: "+fmt.Sprintf("%#v", this.Kind)+",\n") - s = append(s, "Cardinality: "+fmt.Sprintf("%#v", this.Cardinality)+",\n") - s = append(s, "Number: "+fmt.Sprintf("%#v", this.Number)+",\n") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - s = append(s, "TypeUrl: "+fmt.Sprintf("%#v", this.TypeUrl)+",\n") - s = append(s, "OneofIndex: "+fmt.Sprintf("%#v", this.OneofIndex)+",\n") - s = append(s, "Packed: "+fmt.Sprintf("%#v", this.Packed)+",\n") - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - s = append(s, "JsonName: "+fmt.Sprintf("%#v", this.JsonName)+",\n") - s = append(s, "DefaultValue: "+fmt.Sprintf("%#v", this.DefaultValue)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Enum) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 9) - s = append(s, "&types.Enum{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - if this.Enumvalue != nil { - s = append(s, "Enumvalue: "+fmt.Sprintf("%#v", this.Enumvalue)+",\n") - } - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - if this.SourceContext != nil { - s = append(s, "SourceContext: "+fmt.Sprintf("%#v", this.SourceContext)+",\n") - } - s = append(s, "Syntax: "+fmt.Sprintf("%#v", this.Syntax)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *EnumValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 7) - s = append(s, "&types.EnumValue{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - s = append(s, "Number: "+fmt.Sprintf("%#v", this.Number)+",\n") - if this.Options != nil { - s = append(s, "Options: "+fmt.Sprintf("%#v", this.Options)+",\n") - } - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Option) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 6) - s = append(s, "&types.Option{") - s = append(s, "Name: "+fmt.Sprintf("%#v", this.Name)+",\n") - if this.Value != nil { - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - } - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringType(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *Type) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Type) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Type) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Syntax != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Syntax)) - i-- - dAtA[i] = 0x30 - } - if m.SourceContext != nil { - { - size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x2a - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x22 - } - } - if len(m.Oneofs) > 0 { - for iNdEx := len(m.Oneofs) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Oneofs[iNdEx]) - copy(dAtA[i:], m.Oneofs[iNdEx]) - i = encodeVarintType(dAtA, i, uint64(len(m.Oneofs[iNdEx]))) - i-- - dAtA[i] = 0x1a - } - } - if len(m.Fields) > 0 { - for iNdEx := len(m.Fields) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Fields[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintType(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *Field) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Field) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Field) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.DefaultValue) > 0 { - i -= len(m.DefaultValue) - copy(dAtA[i:], m.DefaultValue) - i = encodeVarintType(dAtA, i, uint64(len(m.DefaultValue))) - i-- - dAtA[i] = 0x5a - } - if len(m.JsonName) > 0 { - i -= len(m.JsonName) - copy(dAtA[i:], m.JsonName) - i = encodeVarintType(dAtA, i, uint64(len(m.JsonName))) - i-- - dAtA[i] = 0x52 - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x4a - } - } - if m.Packed { - i-- - if m.Packed { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x40 - } - if m.OneofIndex != 0 { - i = encodeVarintType(dAtA, i, uint64(m.OneofIndex)) - i-- - dAtA[i] = 0x38 - } - if len(m.TypeUrl) > 0 { - i -= len(m.TypeUrl) - copy(dAtA[i:], m.TypeUrl) - i = encodeVarintType(dAtA, i, uint64(len(m.TypeUrl))) - i-- - dAtA[i] = 0x32 - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintType(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0x22 - } - if m.Number != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Number)) - i-- - dAtA[i] = 0x18 - } - if m.Cardinality != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Cardinality)) - i-- - dAtA[i] = 0x10 - } - if m.Kind != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Kind)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *Enum) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Enum) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Enum) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Syntax != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Syntax)) - i-- - dAtA[i] = 0x28 - } - if m.SourceContext != nil { - { - size, err := m.SourceContext.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x22 - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x1a - } - } - if len(m.Enumvalue) > 0 { - for iNdEx := len(m.Enumvalue) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Enumvalue[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintType(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *EnumValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *EnumValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *EnumValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Options) > 0 { - for iNdEx := len(m.Options) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.Options[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x1a - } - } - if m.Number != 0 { - i = encodeVarintType(dAtA, i, uint64(m.Number)) - i-- - dAtA[i] = 0x10 - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintType(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *Option) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Option) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Option) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != nil { - { - size, err := m.Value.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintType(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintType(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarintType(dAtA []byte, offset int, v uint64) int { - offset -= sovType(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedType(r randyType, easy bool) *Type { - this := &Type{} - this.Name = string(randStringType(r)) - if r.Intn(5) != 0 { - v1 := r.Intn(5) - this.Fields = make([]*Field, v1) - for i := 0; i < v1; i++ { - this.Fields[i] = NewPopulatedField(r, easy) - } - } - v2 := r.Intn(10) - this.Oneofs = make([]string, v2) - for i := 0; i < v2; i++ { - this.Oneofs[i] = string(randStringType(r)) - } - if r.Intn(5) != 0 { - v3 := r.Intn(5) - this.Options = make([]*Option, v3) - for i := 0; i < v3; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - if r.Intn(5) != 0 { - this.SourceContext = NewPopulatedSourceContext(r, easy) - } - this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedType(r, 7) - } - return this -} - -func NewPopulatedField(r randyType, easy bool) *Field { - this := &Field{} - this.Kind = Field_Kind([]int32{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18}[r.Intn(19)]) - this.Cardinality = Field_Cardinality([]int32{0, 1, 2, 3}[r.Intn(4)]) - this.Number = int32(r.Int31()) - if r.Intn(2) == 0 { - this.Number *= -1 - } - this.Name = string(randStringType(r)) - this.TypeUrl = string(randStringType(r)) - this.OneofIndex = int32(r.Int31()) - if r.Intn(2) == 0 { - this.OneofIndex *= -1 - } - this.Packed = bool(bool(r.Intn(2) == 0)) - if r.Intn(5) != 0 { - v4 := r.Intn(5) - this.Options = make([]*Option, v4) - for i := 0; i < v4; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - this.JsonName = string(randStringType(r)) - this.DefaultValue = string(randStringType(r)) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedType(r, 12) - } - return this -} - -func NewPopulatedEnum(r randyType, easy bool) *Enum { - this := &Enum{} - this.Name = string(randStringType(r)) - if r.Intn(5) != 0 { - v5 := r.Intn(5) - this.Enumvalue = make([]*EnumValue, v5) - for i := 0; i < v5; i++ { - this.Enumvalue[i] = NewPopulatedEnumValue(r, easy) - } - } - if r.Intn(5) != 0 { - v6 := r.Intn(5) - this.Options = make([]*Option, v6) - for i := 0; i < v6; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - if r.Intn(5) != 0 { - this.SourceContext = NewPopulatedSourceContext(r, easy) - } - this.Syntax = Syntax([]int32{0, 1}[r.Intn(2)]) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedType(r, 6) - } - return this -} - -func NewPopulatedEnumValue(r randyType, easy bool) *EnumValue { - this := &EnumValue{} - this.Name = string(randStringType(r)) - this.Number = int32(r.Int31()) - if r.Intn(2) == 0 { - this.Number *= -1 - } - if r.Intn(5) != 0 { - v7 := r.Intn(5) - this.Options = make([]*Option, v7) - for i := 0; i < v7; i++ { - this.Options[i] = NewPopulatedOption(r, easy) - } - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedType(r, 4) - } - return this -} - -func NewPopulatedOption(r randyType, easy bool) *Option { - this := &Option{} - this.Name = string(randStringType(r)) - if r.Intn(5) != 0 { - this.Value = NewPopulatedAny(r, easy) - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedType(r, 3) - } - return this -} - -type randyType interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneType(r randyType) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringType(r randyType) string { - v8 := r.Intn(100) - tmps := make([]rune, v8) - for i := 0; i < v8; i++ { - tmps[i] = randUTF8RuneType(r) - } - return string(tmps) -} -func randUnrecognizedType(r randyType, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldType(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldType(dAtA []byte, r randyType, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateType(dAtA, uint64(key)) - v9 := r.Int63() - if r.Intn(2) == 0 { - v9 *= -1 - } - dAtA = encodeVarintPopulateType(dAtA, uint64(v9)) - case 1: - dAtA = encodeVarintPopulateType(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateType(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateType(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateType(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateType(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *Type) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if len(m.Fields) > 0 { - for _, e := range m.Fields { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - if len(m.Oneofs) > 0 { - for _, s := range m.Oneofs { - l = len(s) - n += 1 + l + sovType(uint64(l)) - } - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - if m.SourceContext != nil { - l = m.SourceContext.Size() - n += 1 + l + sovType(uint64(l)) - } - if m.Syntax != 0 { - n += 1 + sovType(uint64(m.Syntax)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Field) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Kind != 0 { - n += 1 + sovType(uint64(m.Kind)) - } - if m.Cardinality != 0 { - n += 1 + sovType(uint64(m.Cardinality)) - } - if m.Number != 0 { - n += 1 + sovType(uint64(m.Number)) - } - l = len(m.Name) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - l = len(m.TypeUrl) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if m.OneofIndex != 0 { - n += 1 + sovType(uint64(m.OneofIndex)) - } - if m.Packed { - n += 2 - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - l = len(m.JsonName) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - l = len(m.DefaultValue) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Enum) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if len(m.Enumvalue) > 0 { - for _, e := range m.Enumvalue { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - if m.SourceContext != nil { - l = m.SourceContext.Size() - n += 1 + l + sovType(uint64(l)) - } - if m.Syntax != 0 { - n += 1 + sovType(uint64(m.Syntax)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *EnumValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if m.Number != 0 { - n += 1 + sovType(uint64(m.Number)) - } - if len(m.Options) > 0 { - for _, e := range m.Options { - l = e.Size() - n += 1 + l + sovType(uint64(l)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Option) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - if l > 0 { - n += 1 + l + sovType(uint64(l)) - } - if m.Value != nil { - l = m.Value.Size() - n += 1 + l + sovType(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovType(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozType(x uint64) (n int) { - return sovType(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *Type) String() string { - if this == nil { - return "nil" - } - repeatedStringForFields := "[]*Field{" - for _, f := range this.Fields { - repeatedStringForFields += strings.Replace(f.String(), "Field", "Field", 1) + "," - } - repeatedStringForFields += "}" - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - s := strings.Join([]string{`&Type{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Fields:` + repeatedStringForFields + `,`, - `Oneofs:` + fmt.Sprintf("%v", this.Oneofs) + `,`, - `Options:` + repeatedStringForOptions + `,`, - `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, - `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Field) String() string { - if this == nil { - return "nil" - } - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - s := strings.Join([]string{`&Field{`, - `Kind:` + fmt.Sprintf("%v", this.Kind) + `,`, - `Cardinality:` + fmt.Sprintf("%v", this.Cardinality) + `,`, - `Number:` + fmt.Sprintf("%v", this.Number) + `,`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `TypeUrl:` + fmt.Sprintf("%v", this.TypeUrl) + `,`, - `OneofIndex:` + fmt.Sprintf("%v", this.OneofIndex) + `,`, - `Packed:` + fmt.Sprintf("%v", this.Packed) + `,`, - `Options:` + repeatedStringForOptions + `,`, - `JsonName:` + fmt.Sprintf("%v", this.JsonName) + `,`, - `DefaultValue:` + fmt.Sprintf("%v", this.DefaultValue) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Enum) String() string { - if this == nil { - return "nil" - } - repeatedStringForEnumvalue := "[]*EnumValue{" - for _, f := range this.Enumvalue { - repeatedStringForEnumvalue += strings.Replace(f.String(), "EnumValue", "EnumValue", 1) + "," - } - repeatedStringForEnumvalue += "}" - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - s := strings.Join([]string{`&Enum{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Enumvalue:` + repeatedStringForEnumvalue + `,`, - `Options:` + repeatedStringForOptions + `,`, - `SourceContext:` + strings.Replace(fmt.Sprintf("%v", this.SourceContext), "SourceContext", "SourceContext", 1) + `,`, - `Syntax:` + fmt.Sprintf("%v", this.Syntax) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *EnumValue) String() string { - if this == nil { - return "nil" - } - repeatedStringForOptions := "[]*Option{" - for _, f := range this.Options { - repeatedStringForOptions += strings.Replace(f.String(), "Option", "Option", 1) + "," - } - repeatedStringForOptions += "}" - s := strings.Join([]string{`&EnumValue{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Number:` + fmt.Sprintf("%v", this.Number) + `,`, - `Options:` + repeatedStringForOptions + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Option) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Option{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `Value:` + strings.Replace(fmt.Sprintf("%v", this.Value), "Any", "Any", 1) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringType(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *Type) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Type: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Type: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Fields", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Fields = append(m.Fields, &Field{}) - if err := m.Fields[len(m.Fields)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Oneofs", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Oneofs = append(m.Oneofs, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.SourceContext == nil { - m.SourceContext = &SourceContext{} - } - if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) - } - m.Syntax = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Syntax |= Syntax(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipType(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthType - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Field) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Field: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Field: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Kind", wireType) - } - m.Kind = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Kind |= Field_Kind(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Cardinality", wireType) - } - m.Cardinality = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Cardinality |= Field_Cardinality(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType) - } - m.Number = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Number |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TypeUrl", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TypeUrl = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field OneofIndex", wireType) - } - m.OneofIndex = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.OneofIndex |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 8: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Packed", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.Packed = bool(v != 0) - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field JsonName", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.JsonName = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DefaultValue", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.DefaultValue = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipType(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthType - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Enum) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Enum: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Enum: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Enumvalue", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Enumvalue = append(m.Enumvalue, &EnumValue{}) - if err := m.Enumvalue[len(m.Enumvalue)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SourceContext", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.SourceContext == nil { - m.SourceContext = &SourceContext{} - } - if err := m.SourceContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Syntax", wireType) - } - m.Syntax = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Syntax |= Syntax(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipType(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthType - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *EnumValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: EnumValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: EnumValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType) - } - m.Number = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Number |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Options = append(m.Options, &Option{}) - if err := m.Options[len(m.Options)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipType(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthType - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Option) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Option: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Option: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowType - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthType - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthType - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Value == nil { - m.Value = &Any{} - } - if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipType(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthType - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipType(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowType - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowType - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowType - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthType - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupType - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthType - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthType = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowType = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupType = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/wrappers.pb.go b/vendor/github.com/gogo/protobuf/types/wrappers.pb.go deleted file mode 100644 index 8d415420a74d..000000000000 --- a/vendor/github.com/gogo/protobuf/types/wrappers.pb.go +++ /dev/null @@ -1,2703 +0,0 @@ -// Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: google/protobuf/wrappers.proto - -package types - -import ( - bytes "bytes" - encoding_binary "encoding/binary" - fmt "fmt" - proto "github.com/gogo/protobuf/proto" - io "io" - math "math" - math_bits "math/bits" - reflect "reflect" - strings "strings" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package - -// Wrapper message for `double`. -// -// The JSON representation for `DoubleValue` is JSON number. -type DoubleValue struct { - // The double value. - Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *DoubleValue) Reset() { *m = DoubleValue{} } -func (*DoubleValue) ProtoMessage() {} -func (*DoubleValue) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{0} -} -func (*DoubleValue) XXX_WellKnownType() string { return "DoubleValue" } -func (m *DoubleValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *DoubleValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_DoubleValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *DoubleValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_DoubleValue.Merge(m, src) -} -func (m *DoubleValue) XXX_Size() int { - return m.Size() -} -func (m *DoubleValue) XXX_DiscardUnknown() { - xxx_messageInfo_DoubleValue.DiscardUnknown(m) -} - -var xxx_messageInfo_DoubleValue proto.InternalMessageInfo - -func (m *DoubleValue) GetValue() float64 { - if m != nil { - return m.Value - } - return 0 -} - -func (*DoubleValue) XXX_MessageName() string { - return "google.protobuf.DoubleValue" -} - -// Wrapper message for `float`. -// -// The JSON representation for `FloatValue` is JSON number. -type FloatValue struct { - // The float value. - Value float32 `protobuf:"fixed32,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *FloatValue) Reset() { *m = FloatValue{} } -func (*FloatValue) ProtoMessage() {} -func (*FloatValue) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{1} -} -func (*FloatValue) XXX_WellKnownType() string { return "FloatValue" } -func (m *FloatValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *FloatValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_FloatValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *FloatValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_FloatValue.Merge(m, src) -} -func (m *FloatValue) XXX_Size() int { - return m.Size() -} -func (m *FloatValue) XXX_DiscardUnknown() { - xxx_messageInfo_FloatValue.DiscardUnknown(m) -} - -var xxx_messageInfo_FloatValue proto.InternalMessageInfo - -func (m *FloatValue) GetValue() float32 { - if m != nil { - return m.Value - } - return 0 -} - -func (*FloatValue) XXX_MessageName() string { - return "google.protobuf.FloatValue" -} - -// Wrapper message for `int64`. -// -// The JSON representation for `Int64Value` is JSON string. -type Int64Value struct { - // The int64 value. - Value int64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Int64Value) Reset() { *m = Int64Value{} } -func (*Int64Value) ProtoMessage() {} -func (*Int64Value) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{2} -} -func (*Int64Value) XXX_WellKnownType() string { return "Int64Value" } -func (m *Int64Value) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Int64Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Int64Value.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Int64Value) XXX_Merge(src proto.Message) { - xxx_messageInfo_Int64Value.Merge(m, src) -} -func (m *Int64Value) XXX_Size() int { - return m.Size() -} -func (m *Int64Value) XXX_DiscardUnknown() { - xxx_messageInfo_Int64Value.DiscardUnknown(m) -} - -var xxx_messageInfo_Int64Value proto.InternalMessageInfo - -func (m *Int64Value) GetValue() int64 { - if m != nil { - return m.Value - } - return 0 -} - -func (*Int64Value) XXX_MessageName() string { - return "google.protobuf.Int64Value" -} - -// Wrapper message for `uint64`. -// -// The JSON representation for `UInt64Value` is JSON string. -type UInt64Value struct { - // The uint64 value. - Value uint64 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *UInt64Value) Reset() { *m = UInt64Value{} } -func (*UInt64Value) ProtoMessage() {} -func (*UInt64Value) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{3} -} -func (*UInt64Value) XXX_WellKnownType() string { return "UInt64Value" } -func (m *UInt64Value) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *UInt64Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_UInt64Value.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *UInt64Value) XXX_Merge(src proto.Message) { - xxx_messageInfo_UInt64Value.Merge(m, src) -} -func (m *UInt64Value) XXX_Size() int { - return m.Size() -} -func (m *UInt64Value) XXX_DiscardUnknown() { - xxx_messageInfo_UInt64Value.DiscardUnknown(m) -} - -var xxx_messageInfo_UInt64Value proto.InternalMessageInfo - -func (m *UInt64Value) GetValue() uint64 { - if m != nil { - return m.Value - } - return 0 -} - -func (*UInt64Value) XXX_MessageName() string { - return "google.protobuf.UInt64Value" -} - -// Wrapper message for `int32`. -// -// The JSON representation for `Int32Value` is JSON number. -type Int32Value struct { - // The int32 value. - Value int32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Int32Value) Reset() { *m = Int32Value{} } -func (*Int32Value) ProtoMessage() {} -func (*Int32Value) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{4} -} -func (*Int32Value) XXX_WellKnownType() string { return "Int32Value" } -func (m *Int32Value) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *Int32Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_Int32Value.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *Int32Value) XXX_Merge(src proto.Message) { - xxx_messageInfo_Int32Value.Merge(m, src) -} -func (m *Int32Value) XXX_Size() int { - return m.Size() -} -func (m *Int32Value) XXX_DiscardUnknown() { - xxx_messageInfo_Int32Value.DiscardUnknown(m) -} - -var xxx_messageInfo_Int32Value proto.InternalMessageInfo - -func (m *Int32Value) GetValue() int32 { - if m != nil { - return m.Value - } - return 0 -} - -func (*Int32Value) XXX_MessageName() string { - return "google.protobuf.Int32Value" -} - -// Wrapper message for `uint32`. -// -// The JSON representation for `UInt32Value` is JSON number. -type UInt32Value struct { - // The uint32 value. - Value uint32 `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *UInt32Value) Reset() { *m = UInt32Value{} } -func (*UInt32Value) ProtoMessage() {} -func (*UInt32Value) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{5} -} -func (*UInt32Value) XXX_WellKnownType() string { return "UInt32Value" } -func (m *UInt32Value) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *UInt32Value) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_UInt32Value.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *UInt32Value) XXX_Merge(src proto.Message) { - xxx_messageInfo_UInt32Value.Merge(m, src) -} -func (m *UInt32Value) XXX_Size() int { - return m.Size() -} -func (m *UInt32Value) XXX_DiscardUnknown() { - xxx_messageInfo_UInt32Value.DiscardUnknown(m) -} - -var xxx_messageInfo_UInt32Value proto.InternalMessageInfo - -func (m *UInt32Value) GetValue() uint32 { - if m != nil { - return m.Value - } - return 0 -} - -func (*UInt32Value) XXX_MessageName() string { - return "google.protobuf.UInt32Value" -} - -// Wrapper message for `bool`. -// -// The JSON representation for `BoolValue` is JSON `true` and `false`. -type BoolValue struct { - // The bool value. - Value bool `protobuf:"varint,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *BoolValue) Reset() { *m = BoolValue{} } -func (*BoolValue) ProtoMessage() {} -func (*BoolValue) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{6} -} -func (*BoolValue) XXX_WellKnownType() string { return "BoolValue" } -func (m *BoolValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *BoolValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_BoolValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *BoolValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_BoolValue.Merge(m, src) -} -func (m *BoolValue) XXX_Size() int { - return m.Size() -} -func (m *BoolValue) XXX_DiscardUnknown() { - xxx_messageInfo_BoolValue.DiscardUnknown(m) -} - -var xxx_messageInfo_BoolValue proto.InternalMessageInfo - -func (m *BoolValue) GetValue() bool { - if m != nil { - return m.Value - } - return false -} - -func (*BoolValue) XXX_MessageName() string { - return "google.protobuf.BoolValue" -} - -// Wrapper message for `string`. -// -// The JSON representation for `StringValue` is JSON string. -type StringValue struct { - // The string value. - Value string `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *StringValue) Reset() { *m = StringValue{} } -func (*StringValue) ProtoMessage() {} -func (*StringValue) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{7} -} -func (*StringValue) XXX_WellKnownType() string { return "StringValue" } -func (m *StringValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *StringValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_StringValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *StringValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_StringValue.Merge(m, src) -} -func (m *StringValue) XXX_Size() int { - return m.Size() -} -func (m *StringValue) XXX_DiscardUnknown() { - xxx_messageInfo_StringValue.DiscardUnknown(m) -} - -var xxx_messageInfo_StringValue proto.InternalMessageInfo - -func (m *StringValue) GetValue() string { - if m != nil { - return m.Value - } - return "" -} - -func (*StringValue) XXX_MessageName() string { - return "google.protobuf.StringValue" -} - -// Wrapper message for `bytes`. -// -// The JSON representation for `BytesValue` is JSON string. -type BytesValue struct { - // The bytes value. - Value []byte `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *BytesValue) Reset() { *m = BytesValue{} } -func (*BytesValue) ProtoMessage() {} -func (*BytesValue) Descriptor() ([]byte, []int) { - return fileDescriptor_5377b62bda767935, []int{8} -} -func (*BytesValue) XXX_WellKnownType() string { return "BytesValue" } -func (m *BytesValue) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *BytesValue) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_BytesValue.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *BytesValue) XXX_Merge(src proto.Message) { - xxx_messageInfo_BytesValue.Merge(m, src) -} -func (m *BytesValue) XXX_Size() int { - return m.Size() -} -func (m *BytesValue) XXX_DiscardUnknown() { - xxx_messageInfo_BytesValue.DiscardUnknown(m) -} - -var xxx_messageInfo_BytesValue proto.InternalMessageInfo - -func (m *BytesValue) GetValue() []byte { - if m != nil { - return m.Value - } - return nil -} - -func (*BytesValue) XXX_MessageName() string { - return "google.protobuf.BytesValue" -} -func init() { - proto.RegisterType((*DoubleValue)(nil), "google.protobuf.DoubleValue") - proto.RegisterType((*FloatValue)(nil), "google.protobuf.FloatValue") - proto.RegisterType((*Int64Value)(nil), "google.protobuf.Int64Value") - proto.RegisterType((*UInt64Value)(nil), "google.protobuf.UInt64Value") - proto.RegisterType((*Int32Value)(nil), "google.protobuf.Int32Value") - proto.RegisterType((*UInt32Value)(nil), "google.protobuf.UInt32Value") - proto.RegisterType((*BoolValue)(nil), "google.protobuf.BoolValue") - proto.RegisterType((*StringValue)(nil), "google.protobuf.StringValue") - proto.RegisterType((*BytesValue)(nil), "google.protobuf.BytesValue") -} - -func init() { proto.RegisterFile("google/protobuf/wrappers.proto", fileDescriptor_5377b62bda767935) } - -var fileDescriptor_5377b62bda767935 = []byte{ - // 285 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4b, 0xcf, 0xcf, 0x4f, - 0xcf, 0x49, 0xd5, 0x2f, 0x28, 0xca, 0x2f, 0xc9, 0x4f, 0x2a, 0x4d, 0xd3, 0x2f, 0x2f, 0x4a, 0x2c, - 0x28, 0x48, 0x2d, 0x2a, 0xd6, 0x03, 0x8b, 0x08, 0xf1, 0x43, 0xe4, 0xf5, 0x60, 0xf2, 0x4a, 0xca, - 0x5c, 0xdc, 0x2e, 0xf9, 0xa5, 0x49, 0x39, 0xa9, 0x61, 0x89, 0x39, 0xa5, 0xa9, 0x42, 0x22, 0x5c, - 0xac, 0x65, 0x20, 0x86, 0x04, 0xa3, 0x02, 0xa3, 0x06, 0x63, 0x10, 0x84, 0xa3, 0xa4, 0xc4, 0xc5, - 0xe5, 0x96, 0x93, 0x9f, 0x58, 0x82, 0x45, 0x0d, 0x13, 0x92, 0x1a, 0xcf, 0xbc, 0x12, 0x33, 0x13, - 0x2c, 0x6a, 0x98, 0x61, 0x6a, 0x94, 0xb9, 0xb8, 0x43, 0x71, 0x29, 0x62, 0x41, 0x35, 0xc8, 0xd8, - 0x08, 0x8b, 0x1a, 0x56, 0x34, 0x83, 0xb0, 0x2a, 0xe2, 0x85, 0x29, 0x52, 0xe4, 0xe2, 0x74, 0xca, - 0xcf, 0xcf, 0xc1, 0xa2, 0x84, 0x03, 0xc9, 0x9c, 0xe0, 0x92, 0xa2, 0xcc, 0xbc, 0x74, 0x2c, 0x8a, - 0x38, 0x91, 0x1c, 0xe4, 0x54, 0x59, 0x92, 0x5a, 0x8c, 0x45, 0x0d, 0x0f, 0x54, 0x8d, 0x53, 0x3b, - 0xe3, 0x8d, 0x87, 0x72, 0x0c, 0x1f, 0x1e, 0xca, 0x31, 0xfe, 0x78, 0x28, 0xc7, 0xd8, 0xf0, 0x48, - 0x8e, 0x71, 0xc5, 0x23, 0x39, 0xc6, 0x13, 0x8f, 0xe4, 0x18, 0x2f, 0x3c, 0x92, 0x63, 0x7c, 0xf0, - 0x48, 0x8e, 0xf1, 0xc5, 0x23, 0x39, 0x86, 0x0f, 0x20, 0xf1, 0xc7, 0x72, 0x8c, 0x27, 0x1e, 0xcb, - 0x31, 0x72, 0x09, 0x27, 0xe7, 0xe7, 0xea, 0xa1, 0x45, 0x87, 0x13, 0x6f, 0x38, 0x34, 0xbe, 0x02, - 0x40, 0x22, 0x01, 0x8c, 0x51, 0xac, 0x25, 0x95, 0x05, 0xa9, 0xc5, 0x3f, 0x18, 0x19, 0x17, 0x31, - 0x31, 0xbb, 0x07, 0x38, 0xad, 0x62, 0x92, 0x73, 0x87, 0x68, 0x09, 0x80, 0x6a, 0xd1, 0x0b, 0x4f, - 0xcd, 0xc9, 0xf1, 0xce, 0xcb, 0x2f, 0xcf, 0x0b, 0x01, 0xa9, 0x4c, 0x62, 0x03, 0x9b, 0x65, 0x0c, - 0x08, 0x00, 0x00, 0xff, 0xff, 0x31, 0x55, 0x64, 0x90, 0x0a, 0x02, 0x00, 0x00, -} - -func (this *DoubleValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*DoubleValue) - if !ok { - that2, ok := that.(DoubleValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *FloatValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*FloatValue) - if !ok { - that2, ok := that.(FloatValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Int64Value) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Int64Value) - if !ok { - that2, ok := that.(Int64Value) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *UInt64Value) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*UInt64Value) - if !ok { - that2, ok := that.(UInt64Value) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *Int32Value) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*Int32Value) - if !ok { - that2, ok := that.(Int32Value) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *UInt32Value) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*UInt32Value) - if !ok { - that2, ok := that.(UInt32Value) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *BoolValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*BoolValue) - if !ok { - that2, ok := that.(BoolValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if !this.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *StringValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*StringValue) - if !ok { - that2, ok := that.(StringValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if this.Value != that1.Value { - if this.Value < that1.Value { - return -1 - } - return 1 - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *BytesValue) Compare(that interface{}) int { - if that == nil { - if this == nil { - return 0 - } - return 1 - } - - that1, ok := that.(*BytesValue) - if !ok { - that2, ok := that.(BytesValue) - if ok { - that1 = &that2 - } else { - return 1 - } - } - if that1 == nil { - if this == nil { - return 0 - } - return 1 - } else if this == nil { - return -1 - } - if c := bytes.Compare(this.Value, that1.Value); c != 0 { - return c - } - if c := bytes.Compare(this.XXX_unrecognized, that1.XXX_unrecognized); c != 0 { - return c - } - return 0 -} -func (this *DoubleValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*DoubleValue) - if !ok { - that2, ok := that.(DoubleValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *FloatValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*FloatValue) - if !ok { - that2, ok := that.(FloatValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Int64Value) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Int64Value) - if !ok { - that2, ok := that.(Int64Value) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *UInt64Value) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*UInt64Value) - if !ok { - that2, ok := that.(UInt64Value) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *Int32Value) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*Int32Value) - if !ok { - that2, ok := that.(Int32Value) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *UInt32Value) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*UInt32Value) - if !ok { - that2, ok := that.(UInt32Value) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *BoolValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*BoolValue) - if !ok { - that2, ok := that.(BoolValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *StringValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*StringValue) - if !ok { - that2, ok := that.(StringValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if this.Value != that1.Value { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *BytesValue) Equal(that interface{}) bool { - if that == nil { - return this == nil - } - - that1, ok := that.(*BytesValue) - if !ok { - that2, ok := that.(BytesValue) - if ok { - that1 = &that2 - } else { - return false - } - } - if that1 == nil { - return this == nil - } else if this == nil { - return false - } - if !bytes.Equal(this.Value, that1.Value) { - return false - } - if !bytes.Equal(this.XXX_unrecognized, that1.XXX_unrecognized) { - return false - } - return true -} -func (this *DoubleValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.DoubleValue{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *FloatValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.FloatValue{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Int64Value) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.Int64Value{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *UInt64Value) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.UInt64Value{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *Int32Value) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.Int32Value{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *UInt32Value) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.UInt32Value{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *BoolValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.BoolValue{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *StringValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.StringValue{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func (this *BytesValue) GoString() string { - if this == nil { - return "nil" - } - s := make([]string, 0, 5) - s = append(s, "&types.BytesValue{") - s = append(s, "Value: "+fmt.Sprintf("%#v", this.Value)+",\n") - if this.XXX_unrecognized != nil { - s = append(s, "XXX_unrecognized:"+fmt.Sprintf("%#v", this.XXX_unrecognized)+",\n") - } - s = append(s, "}") - return strings.Join(s, "") -} -func valueToGoStringWrappers(v interface{}, typ string) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("func(v %v) *%v { return &v } ( %#v )", typ, typ, pv) -} -func (m *DoubleValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *DoubleValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *DoubleValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i -= 8 - encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.Value)))) - i-- - dAtA[i] = 0x9 - } - return len(dAtA) - i, nil -} - -func (m *FloatValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *FloatValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *FloatValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i -= 4 - encoding_binary.LittleEndian.PutUint32(dAtA[i:], uint32(math.Float32bits(float32(m.Value)))) - i-- - dAtA[i] = 0xd - } - return len(dAtA) - i, nil -} - -func (m *Int64Value) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Int64Value) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Int64Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *UInt64Value) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *UInt64Value) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *UInt64Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *Int32Value) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Int32Value) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *Int32Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *UInt32Value) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *UInt32Value) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *UInt32Value) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value != 0 { - i = encodeVarintWrappers(dAtA, i, uint64(m.Value)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *BoolValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *BoolValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *BoolValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if m.Value { - i-- - if m.Value { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *StringValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *StringValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *StringValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Value) > 0 { - i -= len(m.Value) - copy(dAtA[i:], m.Value) - i = encodeVarintWrappers(dAtA, i, uint64(len(m.Value))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *BytesValue) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *BytesValue) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *BytesValue) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Value) > 0 { - i -= len(m.Value) - copy(dAtA[i:], m.Value) - i = encodeVarintWrappers(dAtA, i, uint64(len(m.Value))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarintWrappers(dAtA []byte, offset int, v uint64) int { - offset -= sovWrappers(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func NewPopulatedDoubleValue(r randyWrappers, easy bool) *DoubleValue { - this := &DoubleValue{} - this.Value = float64(r.Float64()) - if r.Intn(2) == 0 { - this.Value *= -1 - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedFloatValue(r randyWrappers, easy bool) *FloatValue { - this := &FloatValue{} - this.Value = float32(r.Float32()) - if r.Intn(2) == 0 { - this.Value *= -1 - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedInt64Value(r randyWrappers, easy bool) *Int64Value { - this := &Int64Value{} - this.Value = int64(r.Int63()) - if r.Intn(2) == 0 { - this.Value *= -1 - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedUInt64Value(r randyWrappers, easy bool) *UInt64Value { - this := &UInt64Value{} - this.Value = uint64(uint64(r.Uint32())) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedInt32Value(r randyWrappers, easy bool) *Int32Value { - this := &Int32Value{} - this.Value = int32(r.Int31()) - if r.Intn(2) == 0 { - this.Value *= -1 - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedUInt32Value(r randyWrappers, easy bool) *UInt32Value { - this := &UInt32Value{} - this.Value = uint32(r.Uint32()) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedBoolValue(r randyWrappers, easy bool) *BoolValue { - this := &BoolValue{} - this.Value = bool(bool(r.Intn(2) == 0)) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedStringValue(r randyWrappers, easy bool) *StringValue { - this := &StringValue{} - this.Value = string(randStringWrappers(r)) - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -func NewPopulatedBytesValue(r randyWrappers, easy bool) *BytesValue { - this := &BytesValue{} - v1 := r.Intn(100) - this.Value = make([]byte, v1) - for i := 0; i < v1; i++ { - this.Value[i] = byte(r.Intn(256)) - } - if !easy && r.Intn(10) != 0 { - this.XXX_unrecognized = randUnrecognizedWrappers(r, 2) - } - return this -} - -type randyWrappers interface { - Float32() float32 - Float64() float64 - Int63() int64 - Int31() int32 - Uint32() uint32 - Intn(n int) int -} - -func randUTF8RuneWrappers(r randyWrappers) rune { - ru := r.Intn(62) - if ru < 10 { - return rune(ru + 48) - } else if ru < 36 { - return rune(ru + 55) - } - return rune(ru + 61) -} -func randStringWrappers(r randyWrappers) string { - v2 := r.Intn(100) - tmps := make([]rune, v2) - for i := 0; i < v2; i++ { - tmps[i] = randUTF8RuneWrappers(r) - } - return string(tmps) -} -func randUnrecognizedWrappers(r randyWrappers, maxFieldNumber int) (dAtA []byte) { - l := r.Intn(5) - for i := 0; i < l; i++ { - wire := r.Intn(4) - if wire == 3 { - wire = 5 - } - fieldNumber := maxFieldNumber + r.Intn(100) - dAtA = randFieldWrappers(dAtA, r, fieldNumber, wire) - } - return dAtA -} -func randFieldWrappers(dAtA []byte, r randyWrappers, fieldNumber int, wire int) []byte { - key := uint32(fieldNumber)<<3 | uint32(wire) - switch wire { - case 0: - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) - v3 := r.Int63() - if r.Intn(2) == 0 { - v3 *= -1 - } - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(v3)) - case 1: - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - case 2: - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) - ll := r.Intn(100) - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(ll)) - for j := 0; j < ll; j++ { - dAtA = append(dAtA, byte(r.Intn(256))) - } - default: - dAtA = encodeVarintPopulateWrappers(dAtA, uint64(key)) - dAtA = append(dAtA, byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256)), byte(r.Intn(256))) - } - return dAtA -} -func encodeVarintPopulateWrappers(dAtA []byte, v uint64) []byte { - for v >= 1<<7 { - dAtA = append(dAtA, uint8(uint64(v)&0x7f|0x80)) - v >>= 7 - } - dAtA = append(dAtA, uint8(v)) - return dAtA -} -func (m *DoubleValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 9 - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *FloatValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 5 - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Int64Value) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 1 + sovWrappers(uint64(m.Value)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *UInt64Value) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 1 + sovWrappers(uint64(m.Value)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *Int32Value) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 1 + sovWrappers(uint64(m.Value)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *UInt32Value) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value != 0 { - n += 1 + sovWrappers(uint64(m.Value)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *BoolValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Value { - n += 2 - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *StringValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Value) - if l > 0 { - n += 1 + l + sovWrappers(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *BytesValue) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Value) - if l > 0 { - n += 1 + l + sovWrappers(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func sovWrappers(x uint64) (n int) { - return (math_bits.Len64(x|1) + 6) / 7 -} -func sozWrappers(x uint64) (n int) { - return sovWrappers(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (this *DoubleValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&DoubleValue{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *FloatValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&FloatValue{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Int64Value) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Int64Value{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *UInt64Value) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&UInt64Value{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *Int32Value) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&Int32Value{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *UInt32Value) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&UInt32Value{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *BoolValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&BoolValue{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *StringValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&StringValue{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func (this *BytesValue) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&BytesValue{`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`, - `}`, - }, "") - return s -} -func valueToStringWrappers(v interface{}) string { - rv := reflect.ValueOf(v) - if rv.IsNil() { - return "nil" - } - pv := reflect.Indirect(rv).Interface() - return fmt.Sprintf("*%v", pv) -} -func (m *DoubleValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: DoubleValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: DoubleValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 1 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var v uint64 - if (iNdEx + 8) > l { - return io.ErrUnexpectedEOF - } - v = uint64(encoding_binary.LittleEndian.Uint64(dAtA[iNdEx:])) - iNdEx += 8 - m.Value = float64(math.Float64frombits(v)) - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *FloatValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: FloatValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: FloatValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 5 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var v uint32 - if (iNdEx + 4) > l { - return io.ErrUnexpectedEOF - } - v = uint32(encoding_binary.LittleEndian.Uint32(dAtA[iNdEx:])) - iNdEx += 4 - m.Value = float32(math.Float32frombits(v)) - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Int64Value) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Int64Value: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Int64Value: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - m.Value = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Value |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *UInt64Value) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: UInt64Value: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: UInt64Value: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - m.Value = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Value |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Int32Value) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Int32Value: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Int32Value: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - m.Value = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Value |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *UInt32Value) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: UInt32Value: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: UInt32Value: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - m.Value = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Value |= uint32(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *BoolValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: BoolValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: BoolValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.Value = bool(v != 0) - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *StringValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: StringValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: StringValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthWrappers - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthWrappers - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Value = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *BytesValue) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: BytesValue: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: BytesValue: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowWrappers - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLengthWrappers - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLengthWrappers - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...) - if m.Value == nil { - m.Value = []byte{} - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipWrappers(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthWrappers - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func skipWrappers(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowWrappers - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowWrappers - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflowWrappers - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLengthWrappers - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroupWrappers - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLengthWrappers - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLengthWrappers = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflowWrappers = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroupWrappers = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go b/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go deleted file mode 100644 index d905df36055d..000000000000 --- a/vendor/github.com/gogo/protobuf/types/wrappers_gogo.go +++ /dev/null @@ -1,300 +0,0 @@ -// Protocol Buffers for Go with Gadgets -// -// Copyright (c) 2018, The GoGo Authors. All rights reserved. -// http://github.com/gogo/protobuf -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are -// met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following disclaimer -// in the documentation and/or other materials provided with the -// distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package types - -func NewPopulatedStdDouble(r randyWrappers, easy bool) *float64 { - v := NewPopulatedDoubleValue(r, easy) - return &v.Value -} - -func SizeOfStdDouble(v float64) int { - pv := &DoubleValue{Value: v} - return pv.Size() -} - -func StdDoubleMarshal(v float64) ([]byte, error) { - size := SizeOfStdDouble(v) - buf := make([]byte, size) - _, err := StdDoubleMarshalTo(v, buf) - return buf, err -} - -func StdDoubleMarshalTo(v float64, data []byte) (int, error) { - pv := &DoubleValue{Value: v} - return pv.MarshalTo(data) -} - -func StdDoubleUnmarshal(v *float64, data []byte) error { - pv := &DoubleValue{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdFloat(r randyWrappers, easy bool) *float32 { - v := NewPopulatedFloatValue(r, easy) - return &v.Value -} - -func SizeOfStdFloat(v float32) int { - pv := &FloatValue{Value: v} - return pv.Size() -} - -func StdFloatMarshal(v float32) ([]byte, error) { - size := SizeOfStdFloat(v) - buf := make([]byte, size) - _, err := StdFloatMarshalTo(v, buf) - return buf, err -} - -func StdFloatMarshalTo(v float32, data []byte) (int, error) { - pv := &FloatValue{Value: v} - return pv.MarshalTo(data) -} - -func StdFloatUnmarshal(v *float32, data []byte) error { - pv := &FloatValue{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdInt64(r randyWrappers, easy bool) *int64 { - v := NewPopulatedInt64Value(r, easy) - return &v.Value -} - -func SizeOfStdInt64(v int64) int { - pv := &Int64Value{Value: v} - return pv.Size() -} - -func StdInt64Marshal(v int64) ([]byte, error) { - size := SizeOfStdInt64(v) - buf := make([]byte, size) - _, err := StdInt64MarshalTo(v, buf) - return buf, err -} - -func StdInt64MarshalTo(v int64, data []byte) (int, error) { - pv := &Int64Value{Value: v} - return pv.MarshalTo(data) -} - -func StdInt64Unmarshal(v *int64, data []byte) error { - pv := &Int64Value{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdUInt64(r randyWrappers, easy bool) *uint64 { - v := NewPopulatedUInt64Value(r, easy) - return &v.Value -} - -func SizeOfStdUInt64(v uint64) int { - pv := &UInt64Value{Value: v} - return pv.Size() -} - -func StdUInt64Marshal(v uint64) ([]byte, error) { - size := SizeOfStdUInt64(v) - buf := make([]byte, size) - _, err := StdUInt64MarshalTo(v, buf) - return buf, err -} - -func StdUInt64MarshalTo(v uint64, data []byte) (int, error) { - pv := &UInt64Value{Value: v} - return pv.MarshalTo(data) -} - -func StdUInt64Unmarshal(v *uint64, data []byte) error { - pv := &UInt64Value{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdInt32(r randyWrappers, easy bool) *int32 { - v := NewPopulatedInt32Value(r, easy) - return &v.Value -} - -func SizeOfStdInt32(v int32) int { - pv := &Int32Value{Value: v} - return pv.Size() -} - -func StdInt32Marshal(v int32) ([]byte, error) { - size := SizeOfStdInt32(v) - buf := make([]byte, size) - _, err := StdInt32MarshalTo(v, buf) - return buf, err -} - -func StdInt32MarshalTo(v int32, data []byte) (int, error) { - pv := &Int32Value{Value: v} - return pv.MarshalTo(data) -} - -func StdInt32Unmarshal(v *int32, data []byte) error { - pv := &Int32Value{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdUInt32(r randyWrappers, easy bool) *uint32 { - v := NewPopulatedUInt32Value(r, easy) - return &v.Value -} - -func SizeOfStdUInt32(v uint32) int { - pv := &UInt32Value{Value: v} - return pv.Size() -} - -func StdUInt32Marshal(v uint32) ([]byte, error) { - size := SizeOfStdUInt32(v) - buf := make([]byte, size) - _, err := StdUInt32MarshalTo(v, buf) - return buf, err -} - -func StdUInt32MarshalTo(v uint32, data []byte) (int, error) { - pv := &UInt32Value{Value: v} - return pv.MarshalTo(data) -} - -func StdUInt32Unmarshal(v *uint32, data []byte) error { - pv := &UInt32Value{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdBool(r randyWrappers, easy bool) *bool { - v := NewPopulatedBoolValue(r, easy) - return &v.Value -} - -func SizeOfStdBool(v bool) int { - pv := &BoolValue{Value: v} - return pv.Size() -} - -func StdBoolMarshal(v bool) ([]byte, error) { - size := SizeOfStdBool(v) - buf := make([]byte, size) - _, err := StdBoolMarshalTo(v, buf) - return buf, err -} - -func StdBoolMarshalTo(v bool, data []byte) (int, error) { - pv := &BoolValue{Value: v} - return pv.MarshalTo(data) -} - -func StdBoolUnmarshal(v *bool, data []byte) error { - pv := &BoolValue{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdString(r randyWrappers, easy bool) *string { - v := NewPopulatedStringValue(r, easy) - return &v.Value -} - -func SizeOfStdString(v string) int { - pv := &StringValue{Value: v} - return pv.Size() -} - -func StdStringMarshal(v string) ([]byte, error) { - size := SizeOfStdString(v) - buf := make([]byte, size) - _, err := StdStringMarshalTo(v, buf) - return buf, err -} - -func StdStringMarshalTo(v string, data []byte) (int, error) { - pv := &StringValue{Value: v} - return pv.MarshalTo(data) -} - -func StdStringUnmarshal(v *string, data []byte) error { - pv := &StringValue{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} -func NewPopulatedStdBytes(r randyWrappers, easy bool) *[]byte { - v := NewPopulatedBytesValue(r, easy) - return &v.Value -} - -func SizeOfStdBytes(v []byte) int { - pv := &BytesValue{Value: v} - return pv.Size() -} - -func StdBytesMarshal(v []byte) ([]byte, error) { - size := SizeOfStdBytes(v) - buf := make([]byte, size) - _, err := StdBytesMarshalTo(v, buf) - return buf, err -} - -func StdBytesMarshalTo(v []byte, data []byte) (int, error) { - pv := &BytesValue{Value: v} - return pv.MarshalTo(data) -} - -func StdBytesUnmarshal(v *[]byte, data []byte) error { - pv := &BytesValue{} - if err := pv.Unmarshal(data); err != nil { - return err - } - *v = pv.Value - return nil -} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go index d6723635d4a8..4a6129fdc8d8 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go @@ -49,8 +49,7 @@ func (node *Node) Location() []Range { // Dump dumps the AST defined by `node` as a list of sexps. // Returns a string suitable for printing. func (node *Node) Dump() string { - str := "" - str += strings.ToLower(node.Value) + str := strings.ToLower(node.Value) if len(node.Flags) > 0 { str += fmt.Sprintf(" %q", node.Flags) diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go index bf0887f236b6..f9aca5d9ef08 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go @@ -4,8 +4,8 @@ package shell // EqualEnvKeys compare two strings and returns true if they are equal. -// On Unix this comparison is case sensitive. -// On Windows this comparison is case insensitive. +// On Unix this comparison is case-sensitive. +// On Windows this comparison is case-insensitive. func EqualEnvKeys(from, to string) bool { return from == to } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go index 010569bbaa06..7bbed9b20731 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go @@ -3,8 +3,8 @@ package shell import "strings" // EqualEnvKeys compare two strings and returns true if they are equal. -// On Unix this comparison is case sensitive. -// On Windows this comparison is case insensitive. +// On Unix this comparison is case-sensitive. +// On Windows this comparison is case-insensitive. func EqualEnvKeys(from, to string) bool { - return strings.ToUpper(from) == strings.ToUpper(to) + return strings.EqualFold(from, to) } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go index b930ab32601a..80806f8ba778 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go @@ -335,39 +335,23 @@ func (sw *shellWord) processDollar() (string, error) { } name := sw.processName() ch := sw.scanner.Next() + chs := string(ch) + nullIsUnset := false + switch ch { case '}': // Normal ${xx} case - value, found := sw.getEnv(name) - if !found && sw.skipUnsetEnv { + value, set := sw.getEnv(name) + if !set && sw.skipUnsetEnv { return fmt.Sprintf("${%s}", name), nil } return value, nil - case '?': - word, _, err := sw.processStopOn('}') - if err != nil { - if sw.scanner.Peek() == scanner.EOF { - return "", errors.New("syntax error: missing '}'") - } - return "", err - } - newValue, found := sw.getEnv(name) - if !found { - if sw.skipUnsetEnv { - return fmt.Sprintf("${%s?%s}", name, word), nil - } - message := "is not allowed to be unset" - if word != "" { - message = word - } - return "", errors.Errorf("%s: %s", name, message) - } - return newValue, nil case ':': - // Special ${xx:...} format processing - // Yes it allows for recursive $'s in the ... spot - modifier := sw.scanner.Next() - + nullIsUnset = true + ch = sw.scanner.Next() + chs += string(ch) + fallthrough + case '+', '-', '?': word, _, err := sw.processStopOn('}') if err != nil { if sw.scanner.Peek() == scanner.EOF { @@ -378,53 +362,44 @@ func (sw *shellWord) processDollar() (string, error) { // Grab the current value of the variable in question so we // can use it to determine what to do based on the modifier - newValue, found := sw.getEnv(name) - - switch modifier { - case '+': - if newValue != "" { - newValue = word - } - if !found && sw.skipUnsetEnv { - return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil - } - return newValue, nil + value, set := sw.getEnv(name) + if sw.skipUnsetEnv && !set { + return fmt.Sprintf("${%s%s%s}", name, chs, word), nil + } + switch ch { case '-': - if newValue == "" { - newValue = word + if !set || (nullIsUnset && value == "") { + return word, nil } - if !found && sw.skipUnsetEnv { - return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil + return value, nil + case '+': + if !set || (nullIsUnset && value == "") { + return "", nil } - - return newValue, nil - + return word, nil case '?': - if !found { - if sw.skipUnsetEnv { - return fmt.Sprintf("${%s:%s%s}", name, string(modifier), word), nil - } + if !set { message := "is not allowed to be unset" if word != "" { message = word } return "", errors.Errorf("%s: %s", name, message) } - if newValue == "" { + if nullIsUnset && value == "" { message := "is not allowed to be empty" if word != "" { message = word } return "", errors.Errorf("%s: %s", name, message) } - return newValue, nil - + return value, nil default: - return "", errors.Errorf("unsupported modifier (%c) in substitution", modifier) + return "", errors.Errorf("unsupported modifier (%s) in substitution", chs) } + default: + return "", errors.Errorf("unsupported modifier (%s) in substitution", chs) } - return "", errors.Errorf("missing ':' in substitution") } func (sw *shellWord) processName() string { diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.go b/vendor/github.com/moby/buildkit/util/stack/stack.go index 18d03630b47e..fb9fc3ddf54c 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.go @@ -9,7 +9,7 @@ import ( "strings" "sync" - "github.com/containerd/typeurl" + "github.com/containerd/typeurl/v2" "github.com/pkg/errors" ) diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go index c4a73a68f485..43809d487610 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.28.1 +// protoc-gen-go v1.30.0 // protoc v3.11.4 // source: stack.proto diff --git a/vendor/modules.txt b/vendor/modules.txt index 2bae766e5bd6..85069bae7d06 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -120,9 +120,9 @@ github.com/containerd/log ## explicit; go 1.19 github.com/containerd/stargz-snapshotter/estargz github.com/containerd/stargz-snapshotter/estargz/errorutil -# github.com/containerd/typeurl v1.0.2 +# github.com/containerd/typeurl/v2 v2.1.1 ## explicit; go 1.13 -github.com/containerd/typeurl +github.com/containerd/typeurl/v2 # github.com/containernetworking/cni v1.1.2 ## explicit; go 1.14 github.com/containernetworking/cni/libcni @@ -138,7 +138,7 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.3.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/buildah v1.33.1 +# github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c ## explicit; go 1.20 github.com/containers/buildah github.com/containers/buildah/bind @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.1-0.20231121105603-d54dcfe962d6 +# github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -234,7 +234,7 @@ github.com/containers/conmon/runner/config # github.com/containers/gvisor-tap-vsock v0.7.1 ## explicit; go 1.20 github.com/containers/gvisor-tap-vsock/pkg/types -# github.com/containers/image/v5 v5.29.0 +# github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 ## explicit; go 1.19 github.com/containers/image/v5/copy github.com/containers/image/v5/directory @@ -344,7 +344,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.51.0 +# github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc ## explicit; go 1.19 github.com/containers/storage github.com/containers/storage/drivers @@ -509,8 +509,8 @@ github.com/felixge/httpsnoop # github.com/fsnotify/fsnotify v1.7.0 ## explicit; go 1.17 github.com/fsnotify/fsnotify -# github.com/fsouza/go-dockerclient v1.9.7 -## explicit; go 1.19 +# github.com/fsouza/go-dockerclient v1.10.0 +## explicit; go 1.20 github.com/fsouza/go-dockerclient # github.com/gabriel-vasile/mimetype v1.4.2 ## explicit; go 1.20 @@ -619,8 +619,6 @@ github.com/godbus/dbus/v5 # github.com/gogo/protobuf v1.3.2 ## explicit; go 1.15 github.com/gogo/protobuf/proto -github.com/gogo/protobuf/sortkeys -github.com/gogo/protobuf/types # github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da ## explicit github.com/golang/groupcache/lru @@ -775,13 +773,13 @@ github.com/mistifyio/go-zfs/v3 # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 github.com/mitchellh/mapstructure -# github.com/moby/buildkit v0.11.4 -## explicit; go 1.18 +# github.com/moby/buildkit v0.12.3 +## explicit; go 1.20 github.com/moby/buildkit/frontend/dockerfile/command github.com/moby/buildkit/frontend/dockerfile/parser github.com/moby/buildkit/frontend/dockerfile/shell github.com/moby/buildkit/util/stack -# github.com/moby/patternmatcher v0.5.0 +# github.com/moby/patternmatcher v0.6.0 ## explicit; go 1.19 github.com/moby/patternmatcher # github.com/moby/sys/mountinfo v0.7.1 From e85cedf43f70c7add9a86825ff579a470b7b7def Mon Sep 17 00:00:00 2001 From: Arthur Sengileyev Date: Tue, 21 Nov 2023 16:36:46 +0200 Subject: [PATCH 055/170] Use configured timeout in list_test.go Signed-off-by: Arthur Sengileyev --- pkg/machine/e2e/list_test.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkg/machine/e2e/list_test.go b/pkg/machine/e2e/list_test.go index 2c94a8582cca..22592578f39e 100644 --- a/pkg/machine/e2e/list_test.go +++ b/pkg/machine/e2e/list_test.go @@ -94,7 +94,9 @@ var _ = Describe("podman machine list", func() { s := new(startMachine) startSession, err := mb.setCmd(s).runWithoutWait() Expect(err).ToNot(HaveOccurred()) - for i := 0; i < 30; i++ { + wait := 3 + retries := (int)(mb.timeout/time.Second) / wait + for i := 0; i < retries; i++ { listSession, err := mb.setCmd(l).run() Expect(listSession).To(Exit(0)) Expect(err).ToNot(HaveOccurred()) @@ -103,7 +105,7 @@ var _ = Describe("podman machine list", func() { } else { break } - time.Sleep(3 * time.Second) + time.Sleep(time.Duration(wait) * time.Second) } Expect(startSession).To(Exit(0)) listSession, err = mb.setCmd(l).run() From ddd6cdfd772aa34721c6e49ec77f1e9545e5c8b3 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 22 Nov 2023 08:53:55 -0500 Subject: [PATCH 056/170] Ignore SELinux relabel on unsupported file systems We were ignoreing relabel requests on certain unsupported file systems and not on others, this changes to consistently logrus.Debug ENOTSUP file systems. Fixes: https://github.com/containers/podman/discussions/20745 Still needs some work on the Buildah side. Signed-off-by: Daniel J Walsh --- libpod/container_internal.go | 2 +- libpod/container_internal_common.go | 13 +++++++++---- libpod/networking_linux.go | 5 ++++- libpod/util.go | 6 ++++++ libpod/util_linux.go | 3 ++- test/system/410-selinux.bats | 27 +++++++++++++++++++++++++++ 6 files changed, 49 insertions(+), 7 deletions(-) diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 48c5c970caa2..90f9234aa3c0 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -2514,7 +2514,7 @@ func (c *Container) extractSecretToCtrStorage(secr *ContainerSecret) error { if err := os.Chmod(secretFile, os.FileMode(secr.Mode)); err != nil { return err } - if err := label.Relabel(secretFile, c.config.MountLabel, false); err != nil { + if err := c.relabel(secretFile, c.config.MountLabel, false); err != nil { return err } return nil diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index 81b0fbf337b2..fc5978942ca1 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -869,7 +869,7 @@ func (c *Container) mountNotifySocket(g generate.Generator) error { return fmt.Errorf("unable to create notify %q dir: %w", notifyDir, err) } } - if err := label.Relabel(notifyDir, c.MountLabel(), true); err != nil { + if err := c.relabel(notifyDir, c.MountLabel(), true); err != nil { return fmt.Errorf("relabel failed %q: %w", notifyDir, err) } logrus.Debugf("Add bindmount notify %q dir", notifyDir) @@ -2288,7 +2288,7 @@ func (c *Container) bindMountRootFile(source, dest string) error { if err := os.Chown(source, c.RootUID(), c.RootGID()); err != nil { return err } - if err := label.Relabel(source, c.MountLabel(), false); err != nil { + if err := c.relabel(source, c.MountLabel(), false); err != nil { return err } @@ -2824,7 +2824,7 @@ func (c *Container) createSecretMountDir(runPath string) error { if err := umask.MkdirAllIgnoreUmask(src, os.FileMode(0o755)); err != nil { return err } - if err := label.Relabel(src, c.config.MountLabel, false); err != nil { + if err := c.relabel(src, c.config.MountLabel, false); err != nil { return err } if err := os.Chown(src, c.RootUID(), c.RootGID()); err != nil { @@ -2927,7 +2927,12 @@ func (c *Container) relabel(src, mountLabel string, shared bool) error { return nil } } - return label.Relabel(src, mountLabel, shared) + err := label.Relabel(src, mountLabel, shared) + if errors.Is(err, unix.ENOTSUP) { + logrus.Debugf("Labeling not supported on %q", src) + return nil + } + return err } func (c *Container) ChangeHostPathOwnership(src string, recurse bool, uid, gid int) error { diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 601d9a49bf25..592f55cb24e3 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -440,7 +440,10 @@ func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) { // this is important, otherwise the iptables command will fail err = label.Relabel(runDir, "system_u:object_r:iptables_var_run_t:s0", false) if err != nil { - return nil, fmt.Errorf("could not create relabel rootless-netns run directory: %w", err) + if !errors.Is(err, unix.ENOTSUP) { + return nil, fmt.Errorf("could not create relabel rootless-netns run directory: %w", err) + } + logrus.Debugf("Labeling not supported on %q", runDir) } // create systemd run directory err = os.MkdirAll(filepath.Join(runDir, "systemd"), 0700) diff --git a/libpod/util.go b/libpod/util.go index ed7c1260f699..106925b2587f 100644 --- a/libpod/util.go +++ b/libpod/util.go @@ -6,6 +6,7 @@ package libpod import ( "bufio" "encoding/binary" + "errors" "fmt" "io" "net/http" @@ -23,6 +24,7 @@ import ( spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" "github.com/sirupsen/logrus" + "golang.org/x/sys/unix" ) // FuncTimer helps measure the execution time of a function @@ -273,6 +275,10 @@ func writeStringToPath(path, contents, mountLabel string, uid, gid int) error { } // Relabel runDirResolv for the container if err := label.Relabel(path, mountLabel, false); err != nil { + if errors.Is(err, unix.ENOTSUP) { + logrus.Debugf("Labeling not supported on %q", path) + return nil + } return err } diff --git a/libpod/util_linux.go b/libpod/util_linux.go index ac5fdeeb1b90..0c11fba0184c 100644 --- a/libpod/util_linux.go +++ b/libpod/util_linux.go @@ -4,6 +4,7 @@ package libpod import ( + "errors" "fmt" "os" "path/filepath" @@ -146,7 +147,7 @@ func LabelVolumePath(path, mountLabel string) error { } if err := lvpRelabel(path, mountLabel, true); err != nil { - if err == syscall.ENOTSUP { + if errors.Is(err, unix.ENOTSUP) { logrus.Debugf("Labeling not supported on %q", path) } else { return fmt.Errorf("setting selinux label for %s to %q as shared: %w", path, mountLabel, err) diff --git a/test/system/410-selinux.bats b/test/system/410-selinux.bats index a8b0fbc604c5..c7d71643b4e5 100644 --- a/test/system/410-selinux.bats +++ b/test/system/410-selinux.bats @@ -355,4 +355,31 @@ EOF is "$output" "$user:system_r:container_t:$level" "Confined with role override label Correctly" } +@test "podman selinux: check unsupported relabel" { + skip_if_no_selinux + skip_if_rootless + + LABEL="system_u:object_r:tmp_t:s0" + RELABEL="system_u:object_r:container_file_t:s0" + tmpdir=$PODMAN_TMPDIR/vol + mkdir -p $tmpdir + + mount --type tmpfs -o "context=\"$LABEL\"" tmpfs $tmpdir + + run ls -dZ ${tmpdir} + is "$output" "${LABEL} ${tmpdir}" "No Relabel Correctly" + run_podman run --rm -v $tmpdir:/test:z --privileged $IMAGE true + run ls -dZ $tmpdir + is "$output" "${LABEL} $tmpdir" "Ignored shared relabel Correctly" + + run_podman run --rm -v $tmpdir:/test:Z --privileged $IMAGE true + run ls -dZ $tmpdir + is "$output" "${LABEL} $tmpdir" "Ignored private relabel Correctly"} + umount $tmpdir + + run_podman run --rm -v $tmpdir:/test:z --privileged $IMAGE true + run ls -dZ $tmpdir + is "$output" "${RELABEL} $tmpdir" "Ignored private relabel Correctly"} +} + # vim: filetype=sh From 414642efdb21ab13a0b52b0fc9f327b2b0244746 Mon Sep 17 00:00:00 2001 From: Urvashi Mohnani Date: Tue, 19 Sep 2023 21:32:41 -0400 Subject: [PATCH 057/170] [CI:DOCS] Add podman farm build doc Move the options for the podman build doc to a common md that can be used by both podman build and podman farm build. Signed-off-by: Urvashi Mohnani --- .../markdown/options/annotation.image.md | 11 + docs/source/markdown/options/authfile.md | 2 +- .../source/markdown/options/build-arg-file.md | 22 + docs/source/markdown/options/build-arg.md | 8 + docs/source/markdown/options/build-context.md | 30 + docs/source/markdown/options/cache-from.md | 21 + docs/source/markdown/options/cache-to.md | 19 + docs/source/markdown/options/cache-ttl.md | 12 + docs/source/markdown/options/cap-add.image.md | 10 + .../source/markdown/options/cap-drop.image.md | 16 + docs/source/markdown/options/cert-dir.md | 2 +- docs/source/markdown/options/cgroup-parent.md | 2 +- .../source/markdown/options/cgroupns.image.md | 10 + docs/source/markdown/options/cpp-flag.md | 7 + docs/source/markdown/options/cpu-period.md | 2 +- docs/source/markdown/options/cpu-quota.md | 2 +- docs/source/markdown/options/cpu-shares.md | 2 +- docs/source/markdown/options/cpuset-cpus.md | 2 +- docs/source/markdown/options/cpuset-mems.md | 2 +- docs/source/markdown/options/creds.md | 2 +- .../source/markdown/options/decryption-key.md | 2 +- docs/source/markdown/options/device.md | 2 +- .../markdown/options/disable-compression.md | 12 + .../markdown/options/dns-option.image.md | 7 + .../markdown/options/dns-search.image.md | 7 + docs/source/markdown/options/dns.md | 2 +- docs/source/markdown/options/env.image.md | 11 + docs/source/markdown/options/file.md | 16 + docs/source/markdown/options/force-rm.md | 7 + docs/source/markdown/options/format.md | 12 + docs/source/markdown/options/from.md | 13 + docs/source/markdown/options/group-add.md | 2 +- docs/source/markdown/options/help.md | 7 + docs/source/markdown/options/hooks-dir.md | 15 + docs/source/markdown/options/http-proxy.md | 2 +- .../source/markdown/options/identity-label.md | 7 + docs/source/markdown/options/ignorefile.md | 7 + docs/source/markdown/options/iidfile.md | 7 + docs/source/markdown/options/ipc.image.md | 12 + docs/source/markdown/options/isolation.md | 17 + docs/source/markdown/options/jobs.md | 9 + docs/source/markdown/options/label.image.md | 18 + docs/source/markdown/options/layer-label.md | 11 + docs/source/markdown/options/layers.md | 10 + docs/source/markdown/options/logfile.md | 9 + docs/source/markdown/options/manifest.md | 7 + docs/source/markdown/options/memory-swap.md | 2 +- docs/source/markdown/options/memory.md | 2 +- docs/source/markdown/options/network.image.md | 63 + docs/source/markdown/options/no-cache.md | 7 + docs/source/markdown/options/no-hosts.md | 2 +- docs/source/markdown/options/omit-history.md | 12 + docs/source/markdown/options/os-feature.md | 9 + .../markdown/options/os-version.image.md | 7 + docs/source/markdown/options/os.md | 7 + docs/source/markdown/options/pid.image.md | 9 + docs/source/markdown/options/pull.image.md | 12 + docs/source/markdown/options/quiet.md | 7 + docs/source/markdown/options/retry-delay.md | 7 + docs/source/markdown/options/retry.md | 8 + docs/source/markdown/options/rm.md | 7 + docs/source/markdown/options/runtime-flag.md | 9 + docs/source/markdown/options/runtime.md | 10 + docs/source/markdown/options/secret.image.md | 13 + .../markdown/options/security-opt.image.md | 22 + docs/source/markdown/options/shm-size.md | 2 +- .../markdown/options/skip-unused-stages.md | 7 + docs/source/markdown/options/squash-all.md | 7 + docs/source/markdown/options/squash.md | 7 + docs/source/markdown/options/ssh.md | 12 + docs/source/markdown/options/tag.md | 8 + docs/source/markdown/options/target.md | 7 + docs/source/markdown/options/timestamp.md | 10 + docs/source/markdown/options/ulimit.image.md | 22 + .../source/markdown/options/unsetenv.image.md | 7 + docs/source/markdown/options/unsetlabel.md | 7 + .../markdown/options/userns-gid-map-group.md | 14 + .../source/markdown/options/userns-gid-map.md | 19 + .../markdown/options/userns-uid-map-user.md | 14 + .../source/markdown/options/userns-uid-map.md | 19 + docs/source/markdown/options/userns.image.md | 8 + docs/source/markdown/options/uts.md | 8 + docs/source/markdown/options/volume.image.md | 124 ++ docs/source/markdown/podman-build.1.md.in | 790 +--------- docs/source/markdown/podman-farm-build.1.md | 1322 +++++++++++++++++ .../source/markdown/podman-farm-build.1.md.in | 233 +++ docs/source/markdown/podman-farm.1.md | 13 +- 87 files changed, 2545 insertions(+), 745 deletions(-) create mode 100644 docs/source/markdown/options/annotation.image.md create mode 100644 docs/source/markdown/options/build-arg-file.md create mode 100644 docs/source/markdown/options/build-arg.md create mode 100644 docs/source/markdown/options/build-context.md create mode 100644 docs/source/markdown/options/cache-from.md create mode 100644 docs/source/markdown/options/cache-to.md create mode 100644 docs/source/markdown/options/cache-ttl.md create mode 100644 docs/source/markdown/options/cap-add.image.md create mode 100644 docs/source/markdown/options/cap-drop.image.md create mode 100644 docs/source/markdown/options/cgroupns.image.md create mode 100644 docs/source/markdown/options/cpp-flag.md create mode 100644 docs/source/markdown/options/disable-compression.md create mode 100644 docs/source/markdown/options/dns-option.image.md create mode 100644 docs/source/markdown/options/dns-search.image.md create mode 100644 docs/source/markdown/options/env.image.md create mode 100644 docs/source/markdown/options/file.md create mode 100644 docs/source/markdown/options/force-rm.md create mode 100644 docs/source/markdown/options/format.md create mode 100644 docs/source/markdown/options/from.md create mode 100644 docs/source/markdown/options/help.md create mode 100644 docs/source/markdown/options/hooks-dir.md create mode 100644 docs/source/markdown/options/identity-label.md create mode 100644 docs/source/markdown/options/ignorefile.md create mode 100644 docs/source/markdown/options/iidfile.md create mode 100644 docs/source/markdown/options/ipc.image.md create mode 100644 docs/source/markdown/options/isolation.md create mode 100644 docs/source/markdown/options/jobs.md create mode 100644 docs/source/markdown/options/label.image.md create mode 100644 docs/source/markdown/options/layer-label.md create mode 100644 docs/source/markdown/options/layers.md create mode 100644 docs/source/markdown/options/logfile.md create mode 100644 docs/source/markdown/options/manifest.md create mode 100644 docs/source/markdown/options/network.image.md create mode 100644 docs/source/markdown/options/no-cache.md create mode 100644 docs/source/markdown/options/omit-history.md create mode 100644 docs/source/markdown/options/os-feature.md create mode 100644 docs/source/markdown/options/os-version.image.md create mode 100644 docs/source/markdown/options/os.md create mode 100644 docs/source/markdown/options/pid.image.md create mode 100644 docs/source/markdown/options/pull.image.md create mode 100644 docs/source/markdown/options/quiet.md create mode 100644 docs/source/markdown/options/retry-delay.md create mode 100644 docs/source/markdown/options/retry.md create mode 100644 docs/source/markdown/options/rm.md create mode 100644 docs/source/markdown/options/runtime-flag.md create mode 100644 docs/source/markdown/options/runtime.md create mode 100644 docs/source/markdown/options/secret.image.md create mode 100644 docs/source/markdown/options/security-opt.image.md create mode 100644 docs/source/markdown/options/skip-unused-stages.md create mode 100644 docs/source/markdown/options/squash-all.md create mode 100644 docs/source/markdown/options/squash.md create mode 100644 docs/source/markdown/options/ssh.md create mode 100644 docs/source/markdown/options/tag.md create mode 100644 docs/source/markdown/options/target.md create mode 100644 docs/source/markdown/options/timestamp.md create mode 100644 docs/source/markdown/options/ulimit.image.md create mode 100644 docs/source/markdown/options/unsetenv.image.md create mode 100644 docs/source/markdown/options/unsetlabel.md create mode 100644 docs/source/markdown/options/userns-gid-map-group.md create mode 100644 docs/source/markdown/options/userns-gid-map.md create mode 100644 docs/source/markdown/options/userns-uid-map-user.md create mode 100644 docs/source/markdown/options/userns-uid-map.md create mode 100644 docs/source/markdown/options/userns.image.md create mode 100644 docs/source/markdown/options/uts.md create mode 100644 docs/source/markdown/options/volume.image.md create mode 100644 docs/source/markdown/podman-farm-build.1.md create mode 100644 docs/source/markdown/podman-farm-build.1.md.in diff --git a/docs/source/markdown/options/annotation.image.md b/docs/source/markdown/options/annotation.image.md new file mode 100644 index 000000000000..13964ec23d21 --- /dev/null +++ b/docs/source/markdown/options/annotation.image.md @@ -0,0 +1,11 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--annotation**=*annotation=value* + +Add an image *annotation* (e.g. annotation=*value*) to the image metadata. Can +be used multiple times. + +Note: this information is not present in Docker image formats, so it is +discarded when writing images in Docker formats. diff --git a/docs/source/markdown/options/authfile.md b/docs/source/markdown/options/authfile.md index 57416efe91a2..005573b1a95c 100644 --- a/docs/source/markdown/options/authfile.md +++ b/docs/source/markdown/options/authfile.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman auto update, build, container runlabel, create, image sign, kube play, login, logout, manifest add, manifest inspect, manifest push, pull, push, run, search +####> podman auto update, build, container runlabel, create, farm build, image sign, kube play, login, logout, manifest add, manifest inspect, manifest push, pull, push, run, search ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--authfile**=*path* diff --git a/docs/source/markdown/options/build-arg-file.md b/docs/source/markdown/options/build-arg-file.md new file mode 100644 index 000000000000..cdae3877760c --- /dev/null +++ b/docs/source/markdown/options/build-arg-file.md @@ -0,0 +1,22 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--build-arg-file**=*path* + +Specifies a file containing lines of build arguments of the form `arg=value`. +The suggested file name is `argfile.conf`. + +Comment lines beginning with `#` are ignored, along with blank lines. +All others must be of the `arg=value` format passed to `--build-arg`. + +If several arguments are provided via the `--build-arg-file` +and `--build-arg` options, the build arguments are merged across all +of the provided files and command line arguments. + +Any file provided in a `--build-arg-file` option is read before +the arguments supplied via the `--build-arg` option. + +When a given argument name is specified several times, the last instance +is the one that is passed to the resulting builds. This means `--build-arg` +values always override those in a `--build-arg-file`. diff --git a/docs/source/markdown/options/build-arg.md b/docs/source/markdown/options/build-arg.md new file mode 100644 index 000000000000..64ee690b9085 --- /dev/null +++ b/docs/source/markdown/options/build-arg.md @@ -0,0 +1,8 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--build-arg**=*arg=value* + +Specifies a build argument and its value, which is interpolated in +instructions read from the Containerfiles in the same way that environment variables are, but which are not added to environment variable list in the resulting image's configuration. diff --git a/docs/source/markdown/options/build-context.md b/docs/source/markdown/options/build-context.md new file mode 100644 index 000000000000..a56a468d0db7 --- /dev/null +++ b/docs/source/markdown/options/build-context.md @@ -0,0 +1,30 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--build-context**=*name=value* + +Specify an additional build context using its short name and its location. +Additional build contexts can be referenced in the same manner as we access +different stages in COPY instruction. + +Valid values are: + +* Local directory – e.g. --build-context project2=../path/to/project2/src (This option is not available with the remote Podman client. On Podman machine setup (i.e macOS and Winows) path must exists on the machine VM) +* HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar +* Container image – specified with a container-image:// prefix, e.g. --build-context alpine=container-image://alpine:3.15, (also accepts docker://, docker-image://) + +On the Containerfile side, reference the build context on all +commands that accept the “from” parameter. Here’s how that might look: + +```dockerfile +FROM [name] +COPY --from=[name] ... +RUN --mount=from=[name] … +``` + +The value of [name] is matched with the following priority order: + +* Named build context defined with --build-context [name]=.. +* Stage defined with AS [name] inside Containerfile +* Image [name], either local or in a remote registry diff --git a/docs/source/markdown/options/cache-from.md b/docs/source/markdown/options/cache-from.md new file mode 100644 index 000000000000..d120683421ee --- /dev/null +++ b/docs/source/markdown/options/cache-from.md @@ -0,0 +1,21 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cache-from**=*image* + +Repository to utilize as a potential cache source. When specified, Buildah tries to look for +cache images in the specified repository and attempts to pull cache images instead of actually +executing the build steps locally. Buildah only attempts to pull previously cached images if they +are considered as valid cache hits. + +Use the `--cache-to` option to populate a remote repository with cache content. + +Example + +```bash +# populate a cache and also consult it +buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . +``` + +Note: `--cache-from` option is ignored unless `--layers` is specified. diff --git a/docs/source/markdown/options/cache-to.md b/docs/source/markdown/options/cache-to.md new file mode 100644 index 000000000000..521498b64a75 --- /dev/null +++ b/docs/source/markdown/options/cache-to.md @@ -0,0 +1,19 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cache-to**=*image* + +Set this flag to specify a remote repository that is used to store cache images. Buildah attempts to +push newly built cache image to the remote repository. + +Note: Use the `--cache-from` option in order to use cache content in a remote repository. + +Example + +```bash +# populate a cache and also consult it +buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . +``` + +Note: `--cache-to` option is ignored unless `--layers` is specified. diff --git a/docs/source/markdown/options/cache-ttl.md b/docs/source/markdown/options/cache-ttl.md new file mode 100644 index 000000000000..831cd7bec9b0 --- /dev/null +++ b/docs/source/markdown/options/cache-ttl.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cache-ttl** + +Limit the use of cached images to only consider images with created timestamps less than *duration* ago. +For example if `--cache-ttl=1h` is specified, Buildah considers intermediate cache images which are created +under the duration of one hour, and intermediate cache images outside this duration is ignored. + +Note: Setting `--cache-ttl=0` manually is equivalent to using `--no-cache` in the +implementation since this means that the user dones not want to use cache at all. diff --git a/docs/source/markdown/options/cap-add.image.md b/docs/source/markdown/options/cap-add.image.md new file mode 100644 index 000000000000..1874f558b86c --- /dev/null +++ b/docs/source/markdown/options/cap-add.image.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cap-add**=*CAP\_xxx* + +When executing RUN instructions, run the command specified in the instruction +with the specified capability added to its capability set. +Certain capabilities are granted by default; this option can be used to add +more. diff --git a/docs/source/markdown/options/cap-drop.image.md b/docs/source/markdown/options/cap-drop.image.md new file mode 100644 index 000000000000..e003bc605c60 --- /dev/null +++ b/docs/source/markdown/options/cap-drop.image.md @@ -0,0 +1,16 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cap-drop**=*CAP\_xxx* + +When executing RUN instructions, run the command specified in the instruction +with the specified capability removed from its capability set. +The CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, +CAP\_FSETID, CAP\_KILL, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, +CAP\_SETGID, CAP\_SETPCAP, and CAP\_SETUID capabilities are +granted by default; this option can be used to remove them. + +If a capability is specified to both the **--cap-add** and **--cap-drop** +options, it is dropped, regardless of the order in which the options were +given. diff --git a/docs/source/markdown/options/cert-dir.md b/docs/source/markdown/options/cert-dir.md index 5fdb8602a5ee..dbb008a2d09f 100644 --- a/docs/source/markdown/options/cert-dir.md +++ b/docs/source/markdown/options/cert-dir.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container runlabel, image sign, kube play, login, manifest add, manifest push, pull, push, search +####> podman build, container runlabel, farm build, image sign, kube play, login, manifest add, manifest push, pull, push, search ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cert-dir**=*path* diff --git a/docs/source/markdown/options/cgroup-parent.md b/docs/source/markdown/options/cgroup-parent.md index ce9f28fdfba2..cb8989f5755b 100644 --- a/docs/source/markdown/options/cgroup-parent.md +++ b/docs/source/markdown/options/cgroup-parent.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, pod clone, pod create, run +####> podman build, create, farm build, pod clone, pod create, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cgroup-parent**=*path* diff --git a/docs/source/markdown/options/cgroupns.image.md b/docs/source/markdown/options/cgroupns.image.md new file mode 100644 index 000000000000..b4dbaa86463b --- /dev/null +++ b/docs/source/markdown/options/cgroupns.image.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cgroupns**=*how* + +Sets the configuration for cgroup namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "private" to indicate +that a new cgroup namespace is created, or it can be "host" to indicate +that the cgroup namespace in which `buildah` itself is being run is reused. diff --git a/docs/source/markdown/options/cpp-flag.md b/docs/source/markdown/options/cpp-flag.md new file mode 100644 index 000000000000..d6ff25b8153d --- /dev/null +++ b/docs/source/markdown/options/cpp-flag.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--cpp-flag**=*flags* + +Set additional flags to pass to the C Preprocessor cpp(1). Containerfiles ending with a ".in" suffix is preprocessed via cpp(1). This option can be used to pass additional flags to cpp.Note: You can also set default CPPFLAGS by setting the BUILDAH_CPPFLAGS environment variable (e.g., export BUILDAH_CPPFLAGS="-DDEBUG"). diff --git a/docs/source/markdown/options/cpu-period.md b/docs/source/markdown/options/cpu-period.md index 6177adf61214..8a749db66b75 100644 --- a/docs/source/markdown/options/cpu-period.md +++ b/docs/source/markdown/options/cpu-period.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, run, update +####> podman build, container clone, create, farm build, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cpu-period**=*limit* diff --git a/docs/source/markdown/options/cpu-quota.md b/docs/source/markdown/options/cpu-quota.md index 4875f7362550..13629af9c851 100644 --- a/docs/source/markdown/options/cpu-quota.md +++ b/docs/source/markdown/options/cpu-quota.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, run, update +####> podman build, container clone, create, farm build, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cpu-quota**=*limit* diff --git a/docs/source/markdown/options/cpu-shares.md b/docs/source/markdown/options/cpu-shares.md index e3bec007ee1f..de2e809bd933 100644 --- a/docs/source/markdown/options/cpu-shares.md +++ b/docs/source/markdown/options/cpu-shares.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, pod clone, pod create, run, update +####> podman build, container clone, create, farm build, pod clone, pod create, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cpu-shares**, **-c**=*shares* diff --git a/docs/source/markdown/options/cpuset-cpus.md b/docs/source/markdown/options/cpuset-cpus.md index f8e167e4c740..1728a9ab5a59 100644 --- a/docs/source/markdown/options/cpuset-cpus.md +++ b/docs/source/markdown/options/cpuset-cpus.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, pod clone, pod create, run, update +####> podman build, container clone, create, farm build, pod clone, pod create, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cpuset-cpus**=*number* diff --git a/docs/source/markdown/options/cpuset-mems.md b/docs/source/markdown/options/cpuset-mems.md index 751a1a0219b2..57f37f4cafbe 100644 --- a/docs/source/markdown/options/cpuset-mems.md +++ b/docs/source/markdown/options/cpuset-mems.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, pod clone, pod create, run, update +####> podman build, container clone, create, farm build, pod clone, pod create, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--cpuset-mems**=*nodes* diff --git a/docs/source/markdown/options/creds.md b/docs/source/markdown/options/creds.md index 313d0e75ffc7..910895c20e3e 100644 --- a/docs/source/markdown/options/creds.md +++ b/docs/source/markdown/options/creds.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container runlabel, kube play, manifest add, manifest push, pull, push, search +####> podman build, container runlabel, farm build, kube play, manifest add, manifest push, pull, push, search ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--creds**=*[username[:password]]* diff --git a/docs/source/markdown/options/decryption-key.md b/docs/source/markdown/options/decryption-key.md index 0fe8527a871a..67d653508643 100644 --- a/docs/source/markdown/options/decryption-key.md +++ b/docs/source/markdown/options/decryption-key.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman create, pull, run +####> podman build, create, farm build, pull, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--decryption-key**=*key[:passphrase]* diff --git a/docs/source/markdown/options/device.md b/docs/source/markdown/options/device.md index 3209f3e0ae6f..8875645b93e0 100644 --- a/docs/source/markdown/options/device.md +++ b/docs/source/markdown/options/device.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, pod clone, pod create, run +####> podman build, create, farm build, pod clone, pod create, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--device**=*host-device[:container-device][:permissions]* diff --git a/docs/source/markdown/options/disable-compression.md b/docs/source/markdown/options/disable-compression.md new file mode 100644 index 000000000000..c039259df8fb --- /dev/null +++ b/docs/source/markdown/options/disable-compression.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--disable-compression**, **-D** + +Don't compress filesystem layers when building the image unless it is required +by the location where the image is being written. This is the default setting, +because image layers are compressed automatically when they are pushed to +registries, and images being written to local storage only need to be +decompressed again to be stored. Compression can be forced in all cases by +specifying **--disable-compression=false**. diff --git a/docs/source/markdown/options/dns-option.image.md b/docs/source/markdown/options/dns-option.image.md new file mode 100644 index 000000000000..345efd47c4d0 --- /dev/null +++ b/docs/source/markdown/options/dns-option.image.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--dns-option**=*option* + +Set custom DNS options to be used during the build. diff --git a/docs/source/markdown/options/dns-search.image.md b/docs/source/markdown/options/dns-search.image.md new file mode 100644 index 000000000000..5e75afde5393 --- /dev/null +++ b/docs/source/markdown/options/dns-search.image.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--dns-search**=*domain* + +Set custom DNS search domains to be used during the build. diff --git a/docs/source/markdown/options/dns.md b/docs/source/markdown/options/dns.md index 1d016a3b5366..ece952fc874a 100644 --- a/docs/source/markdown/options/dns.md +++ b/docs/source/markdown/options/dns.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, run +####> podman build, create, farm build, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--dns**=*ipaddr* diff --git a/docs/source/markdown/options/env.image.md b/docs/source/markdown/options/env.image.md new file mode 100644 index 000000000000..d214291d53e6 --- /dev/null +++ b/docs/source/markdown/options/env.image.md @@ -0,0 +1,11 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--env**=*env[=value]* + +Add a value (e.g. env=*value*) to the built image. Can be used multiple times. +If neither `=` nor a *value* are specified, but *env* is set in the current +environment, the value from the current environment is added to the image. +To remove an environment variable from the built image, use the `--unsetenv` +option. diff --git a/docs/source/markdown/options/file.md b/docs/source/markdown/options/file.md new file mode 100644 index 000000000000..60c3aea5ad26 --- /dev/null +++ b/docs/source/markdown/options/file.md @@ -0,0 +1,16 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--file**, **-f**=*Containerfile* + +Specifies a Containerfile which contains instructions for building the image, +either a local file or an **http** or **https** URL. If more than one +Containerfile is specified, *FROM* instructions are only be accepted from the +last specified file. + +If a build context is not specified, and at least one Containerfile is a +local file, the directory in which it resides is used as the build +context. + +Specifying the option `-f -` causes the Containerfile contents to be read from stdin. diff --git a/docs/source/markdown/options/force-rm.md b/docs/source/markdown/options/force-rm.md new file mode 100644 index 000000000000..5af1f5a8af08 --- /dev/null +++ b/docs/source/markdown/options/force-rm.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--force-rm** + +Always remove intermediate containers after a build, even if the build fails (default true). diff --git a/docs/source/markdown/options/format.md b/docs/source/markdown/options/format.md new file mode 100644 index 000000000000..c864ef71f8dd --- /dev/null +++ b/docs/source/markdown/options/format.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--format** + +Control the format for the built image's manifest and configuration data. +Recognized formats include *oci* (OCI image-spec v1.0, the default) and +*docker* (version 2, using schema format 2 for the manifest). + +Note: You can also override the default format by setting the BUILDAH\_FORMAT +environment variable. `export BUILDAH_FORMAT=docker` diff --git a/docs/source/markdown/options/from.md b/docs/source/markdown/options/from.md new file mode 100644 index 000000000000..d5d058537be1 --- /dev/null +++ b/docs/source/markdown/options/from.md @@ -0,0 +1,13 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--from** + +Overrides the first `FROM` instruction within the Containerfile. If there are multiple +FROM instructions in a Containerfile, only the first is changed. + +With the remote podman client, not all container transports work as +expected. For example, oci-archive:/x.tar references /x.tar on the remote +machine instead of on the client. When using podman remote clients it is +best to restrict use to *containers-storage*, and *docker:// transports*. diff --git a/docs/source/markdown/options/group-add.md b/docs/source/markdown/options/group-add.md index 4640e88ea34a..dadb8b4f1c98 100644 --- a/docs/source/markdown/options/group-add.md +++ b/docs/source/markdown/options/group-add.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman create, run +####> podman build, create, farm build, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--group-add**=*group* | *keep-groups* diff --git a/docs/source/markdown/options/help.md b/docs/source/markdown/options/help.md new file mode 100644 index 000000000000..a9a8e3aa2b1b --- /dev/null +++ b/docs/source/markdown/options/help.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--help**, **-h** + +Print usage statement diff --git a/docs/source/markdown/options/hooks-dir.md b/docs/source/markdown/options/hooks-dir.md new file mode 100644 index 000000000000..2149aed43124 --- /dev/null +++ b/docs/source/markdown/options/hooks-dir.md @@ -0,0 +1,15 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--hooks-dir**=*path* + +Each *.json file in the path configures a hook for buildah build containers. For more details on the syntax of the JSON files and the semantics of hook injection. Buildah currently support both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is deprecated. + +This option may be set multiple times; paths from later options have higher precedence. + +For the annotation conditions, buildah uses any annotations set in the generated OCI configuration. + +For the bind-mount conditions, only mounts explicitly requested by the caller via --volume are considered. Bind mounts that buildah inserts by default (e.g. /dev/shm) are not considered. + +If --hooks-dir is unset for root callers, Buildah currently defaults to /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d in order of increasing precedence. Using these defaults is deprecated. Migrate to explicitly setting --hooks-dir. diff --git a/docs/source/markdown/options/http-proxy.md b/docs/source/markdown/options/http-proxy.md index 8bfbbcdca16b..ac15af438207 100644 --- a/docs/source/markdown/options/http-proxy.md +++ b/docs/source/markdown/options/http-proxy.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, run +####> podman build, create, farm build, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--http-proxy** diff --git a/docs/source/markdown/options/identity-label.md b/docs/source/markdown/options/identity-label.md new file mode 100644 index 000000000000..5408ce3ec536 --- /dev/null +++ b/docs/source/markdown/options/identity-label.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--identity-label** + +Adds default identity label `io.buildah.version` if set. (default true). diff --git a/docs/source/markdown/options/ignorefile.md b/docs/source/markdown/options/ignorefile.md new file mode 100644 index 000000000000..cf37ca5449b7 --- /dev/null +++ b/docs/source/markdown/options/ignorefile.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--ignorefile** + +Path to an alternative .containerignore file. diff --git a/docs/source/markdown/options/iidfile.md b/docs/source/markdown/options/iidfile.md new file mode 100644 index 000000000000..57d516c201bc --- /dev/null +++ b/docs/source/markdown/options/iidfile.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--iidfile**=*ImageIDfile* + +Write the built image's ID to the file. When `--platform` is specified more than once, attempting to use this option triggers an error. diff --git a/docs/source/markdown/options/ipc.image.md b/docs/source/markdown/options/ipc.image.md new file mode 100644 index 000000000000..6b389b70a100 --- /dev/null +++ b/docs/source/markdown/options/ipc.image.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--ipc**=*how* + +Sets the configuration for IPC namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate +that a new IPC namespace is created, or it can be "host" to indicate +that the IPC namespace in which `podman` itself is being run is reused, +or it can be the path to an IPC namespace which is already in use by +another process. diff --git a/docs/source/markdown/options/isolation.md b/docs/source/markdown/options/isolation.md new file mode 100644 index 000000000000..e4641967df39 --- /dev/null +++ b/docs/source/markdown/options/isolation.md @@ -0,0 +1,17 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--isolation**=*type* + +Controls what type of isolation is used for running processes as part of `RUN` +instructions. Recognized types include *oci* (OCI-compatible runtime, the +default), *rootless* (OCI-compatible runtime invoked using a modified +configuration and its --rootless option enabled, with *--no-new-keyring +--no-pivot* added to its *create* invocation, with network and UTS namespaces +disabled, and IPC, PID, and user namespaces enabled; the default for +unprivileged users), and *chroot* (an internal wrapper that leans more toward +chroot(1) than container technology). + +Note: You can also override the default isolation type by setting the +BUILDAH\_ISOLATION environment variable. `export BUILDAH_ISOLATION=oci` diff --git a/docs/source/markdown/options/jobs.md b/docs/source/markdown/options/jobs.md new file mode 100644 index 000000000000..ec9c7e0203d9 --- /dev/null +++ b/docs/source/markdown/options/jobs.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--jobs**=*number* + +Run up to N concurrent stages in parallel. If the number of jobs is greater +than 1, stdin is read from /dev/null. If 0 is specified, then there is +no limit in the number of jobs that run in parallel. diff --git a/docs/source/markdown/options/label.image.md b/docs/source/markdown/options/label.image.md new file mode 100644 index 000000000000..d119c43625aa --- /dev/null +++ b/docs/source/markdown/options/label.image.md @@ -0,0 +1,18 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--label**=*label* + +Add an image *label* (e.g. label=*value*) to the image metadata. Can be used +multiple times. + +Users can set a special LABEL **io.containers.capabilities=CAP1,CAP2,CAP3** in +a Containerfile that specifies the list of Linux capabilities required for the +container to run properly. This label specified in a container image tells +Podman to run the container with just these capabilities. Podman launches the +container with just the specified capabilities, as long as this list of +capabilities is a subset of the default list. + +If the specified capabilities are not in the default set, Podman prints an error +message and runs the container with the default capabilities. diff --git a/docs/source/markdown/options/layer-label.md b/docs/source/markdown/options/layer-label.md new file mode 100644 index 000000000000..5d66d97c925c --- /dev/null +++ b/docs/source/markdown/options/layer-label.md @@ -0,0 +1,11 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--layer-label**=*label[=value]* + +Add an intermediate image *label* (e.g. label=*value*) to the intermediate +image metadata. It can be used multiple times. + +If *label* is named, but neither `=` nor a `value` is provided, then +the *label* is set to an empty value. diff --git a/docs/source/markdown/options/layers.md b/docs/source/markdown/options/layers.md new file mode 100644 index 000000000000..1abe50f06885 --- /dev/null +++ b/docs/source/markdown/options/layers.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--layers** + +Cache intermediate images during the build process (Default is `true`). + +Note: You can also override the default value of layers by setting the +BUILDAH\_LAYERS environment variable. `export BUILDAH_LAYERS=true` diff --git a/docs/source/markdown/options/logfile.md b/docs/source/markdown/options/logfile.md new file mode 100644 index 000000000000..fa5e74312442 --- /dev/null +++ b/docs/source/markdown/options/logfile.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--logfile**=*filename* + +Log output which is sent to standard output and standard error to the +specified file instead of to standard output and standard error. +This option is not supported on the remote client, including Mac and Windows (excluding WSL2) machines. diff --git a/docs/source/markdown/options/manifest.md b/docs/source/markdown/options/manifest.md new file mode 100644 index 000000000000..86a0982a6fd1 --- /dev/null +++ b/docs/source/markdown/options/manifest.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--manifest**=*manifest* + +Name of the manifest list to which the image is added. Creates the manifest list if it does not exist. This option is useful for building multi architecture images. diff --git a/docs/source/markdown/options/memory-swap.md b/docs/source/markdown/options/memory-swap.md index ecfb5c96f8fb..1bf8542fbb12 100644 --- a/docs/source/markdown/options/memory-swap.md +++ b/docs/source/markdown/options/memory-swap.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, pod clone, pod create, run, update +####> podman build, container clone, create, farm build, pod clone, pod create, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--memory-swap**=*number[unit]* diff --git a/docs/source/markdown/options/memory.md b/docs/source/markdown/options/memory.md index 3d1a4b776264..dd53d8d8e6cf 100644 --- a/docs/source/markdown/options/memory.md +++ b/docs/source/markdown/options/memory.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, container clone, create, pod clone, pod create, run, update +####> podman build, container clone, create, farm build, pod clone, pod create, run, update ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--memory**, **-m**=*number[unit]* diff --git a/docs/source/markdown/options/network.image.md b/docs/source/markdown/options/network.image.md new file mode 100644 index 000000000000..9184c784fad6 --- /dev/null +++ b/docs/source/markdown/options/network.image.md @@ -0,0 +1,63 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--network**=*mode*, **--net** + +Sets the configuration for network namespaces when handling `RUN` instructions. + +Valid _mode_ values are: + +- **none**: no networking. +- **host**: use the Podman host network stack. Note: the host mode gives the +container full access to local system services such as D-bus and is therefore +considered insecure. +- **ns:**_path_: path to a network namespace to join. +- **private**: create a new namespace for the container (default) +- **\**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootful users. +- **slirp4netns[:OPTIONS,...]**: use **slirp4netns**(1) to create a user network stack. This is the default for rootless containers. It is possible to specify these additional options, they can also be set with `network_cmd_options` in containers.conf: + - **allow_host_loopback=true|false**: Allow slirp4netns to reach the host loopback IP (default is 10.0.2.2 or the second IP from slirp4netns cidr subnet when changed, see the cidr option below). The default is false. + - **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`). + - **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`). + - **enable_ipv6=true|false**: Enable IPv6. Default is true. (Required for `outbound_addr6`). + - **outbound_addr=INTERFACE**: Specify the outbound interface slirp binds to (ipv4 traffic only). + - **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp binds to. + - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp binds to (ipv6 traffic only). + - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp binds to. +- **pasta[:OPTIONS,...]**: use **pasta**(1) to create a user-mode networking + stack. \ + This is only supported in rootless mode. \ + By default, IPv4 and IPv6 addresses and routes, as well as the pod interface + name, are copied from the host. If port forwarding isn't configured, ports + are forwarded dynamically as services are bound on either side (init + namespace or container namespace). Port forwarding preserves the original + source IP address. Options described in pasta(1) can be specified as + comma-separated arguments. \ + In terms of pasta(1) options, **--config-net** is given by default, in + order to configure networking when the container is started, and + **--no-map-gw** is also assumed by default, to avoid direct access from + container to host using the gateway address. The latter can be overridden + by passing **--map-gw** in the pasta-specific options (despite not being an + actual pasta(1) option). \ + Also, **-t none** and **-u none** are passed to disable + automatic port forwarding based on bound ports. Similarly, **-T none** and + **-U none** are given to disable the same functionality from container to + host. \ + Some examples: + - **pasta:--map-gw**: Allow the container to directly reach the host using the + gateway address. + - **pasta:--mtu,1500**: Specify a 1500 bytes MTU for the _tap_ interface in + the container. + - **pasta:--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,-m,1500,--no-ndp,--no-dhcpv6,--no-dhcp**, + equivalent to default slirp4netns(1) options: disable IPv6, assign + `10.0.2.0/24` to the `tap0` interface in the container, with gateway + `10.0.2.3`, enable DNS forwarder reachable at `10.0.2.3`, set MTU to 1500 + bytes, disable NDP, DHCPv6 and DHCP support. + - **pasta:-I,tap0,--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,--no-ndp,--no-dhcpv6,--no-dhcp**, + equivalent to default slirp4netns(1) options with Podman overrides: same as + above, but leave the MTU to 65520 bytes + - **pasta:-t,auto,-u,auto,-T,auto,-U,auto**: enable automatic port forwarding + based on observed bound ports from both host and container sides + - **pasta:-T,5201**: enable forwarding of TCP port 5201 from container to + host, using the loopback interface instead of the tap interface for improved + performance diff --git a/docs/source/markdown/options/no-cache.md b/docs/source/markdown/options/no-cache.md new file mode 100644 index 000000000000..e1771866b7a0 --- /dev/null +++ b/docs/source/markdown/options/no-cache.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--no-cache** + +Do not use existing cached images for the container build. Build from the start with a new set of cached layers. diff --git a/docs/source/markdown/options/no-hosts.md b/docs/source/markdown/options/no-hosts.md index 68eace9c8825..9ed32be7a528 100644 --- a/docs/source/markdown/options/no-hosts.md +++ b/docs/source/markdown/options/no-hosts.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, kube play, pod create, run +####> podman build, create, farm build, kube play, pod create, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--no-hosts** diff --git a/docs/source/markdown/options/omit-history.md b/docs/source/markdown/options/omit-history.md new file mode 100644 index 000000000000..2446e147b3d6 --- /dev/null +++ b/docs/source/markdown/options/omit-history.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--omit-history** + +Omit build history information in the built image. (default false). + +This option is useful for the cases where end users explicitly +want to set `--omit-history` to omit the optional `History` from +built images or when working with images built using build tools that +do not include `History` information in their images. diff --git a/docs/source/markdown/options/os-feature.md b/docs/source/markdown/options/os-feature.md new file mode 100644 index 000000000000..5d87e1759b6a --- /dev/null +++ b/docs/source/markdown/options/os-feature.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--os-feature**=*feature* + +Set the name of a required operating system *feature* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS feature list is kept, if the base image specified any. This option is typically only meaningful when the image's OS is Windows. + +If *feature* has a trailing `-`, then the *feature* is removed from the set of required features which is listed in the image. diff --git a/docs/source/markdown/options/os-version.image.md b/docs/source/markdown/options/os-version.image.md new file mode 100644 index 000000000000..a63f059875ba --- /dev/null +++ b/docs/source/markdown/options/os-version.image.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--os-version**=*version* + +Set the exact required operating system *version* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS version is kept, if the base image specified one. This option is typically only meaningful when the image's OS is Windows, and is typically set in Windows base images, so using this option is usually unnecessary. diff --git a/docs/source/markdown/options/os.md b/docs/source/markdown/options/os.md new file mode 100644 index 000000000000..ff388f5826a2 --- /dev/null +++ b/docs/source/markdown/options/os.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--os**=*string* + +Set the OS of the image to be built, and that of the base image to be pulled, if the build uses one, instead of using the current operating system of the build host. Unless overridden, subsequent lookups of the same image in the local storage matches this OS, regardless of the host. diff --git a/docs/source/markdown/options/pid.image.md b/docs/source/markdown/options/pid.image.md new file mode 100644 index 000000000000..085f2b5a9228 --- /dev/null +++ b/docs/source/markdown/options/pid.image.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--pid**=*pid* + +Sets the configuration for PID namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new PID namespace is created, or it can be "host" to indicate that the PID namespace in which `podman` itself is being run is reused, or it can be the path to a PID namespace which is already in use by another +process. diff --git a/docs/source/markdown/options/pull.image.md b/docs/source/markdown/options/pull.image.md new file mode 100644 index 000000000000..0b0a6ccfda55 --- /dev/null +++ b/docs/source/markdown/options/pull.image.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--pull**=*policy* + +Pull image policy. The default is **always**. + +- **always**, **true**: Always pull the image and throw an error if the pull fails. +- **missing**: Only pull the image when it does not exist in the local containers storage. Throw an error if no image is found and the pull fails. +- **never**, **false**: Never pull the image but use the one from the local containers storage. Throw an error when no image is found. +- **newer**: Pull if the image on the registry is newer than the one in the local containers storage. An image is considered to be newer when the digests are different. Comparing the time stamps is prone to errors. Pull errors are suppressed if a local image was found. diff --git a/docs/source/markdown/options/quiet.md b/docs/source/markdown/options/quiet.md new file mode 100644 index 000000000000..73ecf7adfc55 --- /dev/null +++ b/docs/source/markdown/options/quiet.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--quiet**, **-q** + +Suppress output messages which indicate which instruction is being processed, and of progress when pulling images from a registry, and when writing the output image. diff --git a/docs/source/markdown/options/retry-delay.md b/docs/source/markdown/options/retry-delay.md new file mode 100644 index 000000000000..8271f4d6a828 --- /dev/null +++ b/docs/source/markdown/options/retry-delay.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--retry-delay**=*duration* + +Duration of delay between retry attempts in case of failure when performing pull of images from registry. Default is **2s**. diff --git a/docs/source/markdown/options/retry.md b/docs/source/markdown/options/retry.md new file mode 100644 index 000000000000..fd13b6e4e1db --- /dev/null +++ b/docs/source/markdown/options/retry.md @@ -0,0 +1,8 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--retry**=*attempts* + +Number of times to retry in case of failure when performing pull of +images from registry. Default is **3**. diff --git a/docs/source/markdown/options/rm.md b/docs/source/markdown/options/rm.md new file mode 100644 index 000000000000..432c2e50ac80 --- /dev/null +++ b/docs/source/markdown/options/rm.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--rm** + +Remove intermediate containers after a successful build (default true). diff --git a/docs/source/markdown/options/runtime-flag.md b/docs/source/markdown/options/runtime-flag.md new file mode 100644 index 000000000000..6d14f6c68dff --- /dev/null +++ b/docs/source/markdown/options/runtime-flag.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--runtime-flag**=*flag* + +Adds global flags for the container rutime. To list the supported flags, please consult the manpages of the selected container runtime. + +Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json. diff --git a/docs/source/markdown/options/runtime.md b/docs/source/markdown/options/runtime.md new file mode 100644 index 000000000000..2371af70132d --- /dev/null +++ b/docs/source/markdown/options/runtime.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--runtime**=*path* + +The *path* to an alternate OCI-compatible runtime, which is used to run +commands specified by the **RUN** instruction. + +Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc` diff --git a/docs/source/markdown/options/secret.image.md b/docs/source/markdown/options/secret.image.md new file mode 100644 index 000000000000..a8267801d703 --- /dev/null +++ b/docs/source/markdown/options/secret.image.md @@ -0,0 +1,13 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--secret**=**id=id,src=path** + +Pass secret information used in the Containerfile for building images +in a safe way that are not stored in the final image, or be seen in other stages. +The secret is mounted in the container at the default location of `/run/secrets/id`. + +To later use the secret, use the --mount option in a `RUN` instruction within a `Containerfile`: + +`RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret` diff --git a/docs/source/markdown/options/security-opt.image.md b/docs/source/markdown/options/security-opt.image.md new file mode 100644 index 000000000000..05d0e47d6ed1 --- /dev/null +++ b/docs/source/markdown/options/security-opt.image.md @@ -0,0 +1,22 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--security-opt**=*option* + +Security Options + +- `apparmor=unconfined` : Turn off apparmor confinement for the container +- `apparmor=alternate-profile` : Set the apparmor confinement profile for the +container + +- `label=user:USER` : Set the label user for the container processes +- `label=role:ROLE` : Set the label role for the container processes +- `label=type:TYPE` : Set the label process type for the container processes +- `label=level:LEVEL` : Set the label level for the container processes +- `label=filetype:TYPE` : Set the label file type for the container files +- `label=disable` : Turn off label separation for the container +- `no-new-privileges` : Not supported + +- `seccomp=unconfined` : Turn off seccomp confinement for the container +- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter diff --git a/docs/source/markdown/options/shm-size.md b/docs/source/markdown/options/shm-size.md index 381a12381960..0f51a3f19393 100644 --- a/docs/source/markdown/options/shm-size.md +++ b/docs/source/markdown/options/shm-size.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, pod clone, pod create, run +####> podman build, create, farm build, pod clone, pod create, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--shm-size**=*number[unit]* diff --git a/docs/source/markdown/options/skip-unused-stages.md b/docs/source/markdown/options/skip-unused-stages.md new file mode 100644 index 000000000000..980d889d72ae --- /dev/null +++ b/docs/source/markdown/options/skip-unused-stages.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--skip-unused-stages** + +Skip stages in multi-stage builds which don't affect the target stage. (Default: **true**). diff --git a/docs/source/markdown/options/squash-all.md b/docs/source/markdown/options/squash-all.md new file mode 100644 index 000000000000..dea777761646 --- /dev/null +++ b/docs/source/markdown/options/squash-all.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--squash-all** + +Squash all of the new image's layers (including those inherited from a base image) into a single new layer. diff --git a/docs/source/markdown/options/squash.md b/docs/source/markdown/options/squash.md new file mode 100644 index 000000000000..e072fc42ae3c --- /dev/null +++ b/docs/source/markdown/options/squash.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--squash** + +Squash all of the image's new layers into a single new layer; any preexisting layers are not squashed. diff --git a/docs/source/markdown/options/ssh.md b/docs/source/markdown/options/ssh.md new file mode 100644 index 000000000000..0cd03c8b9e9e --- /dev/null +++ b/docs/source/markdown/options/ssh.md @@ -0,0 +1,12 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--ssh**=*default* | *id[=socket>* + +SSH agent socket or keys to expose to the build. +The socket path can be left empty to use the value of `default=$SSH_AUTH_SOCK` + +To later use the ssh agent, use the --mount option in a `RUN` instruction within a `Containerfile`: + +`RUN --mount=type=ssh,id=id mycmd` diff --git a/docs/source/markdown/options/tag.md b/docs/source/markdown/options/tag.md new file mode 100644 index 000000000000..63a24e59a5ec --- /dev/null +++ b/docs/source/markdown/options/tag.md @@ -0,0 +1,8 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--tag**, **-t**=*imageName* + +Specifies the name which is assigned to the resulting image if the build process completes successfully. +If _imageName_ does not include a registry name, the registry name *localhost* is prepended to the image name. diff --git a/docs/source/markdown/options/target.md b/docs/source/markdown/options/target.md new file mode 100644 index 000000000000..5c5646a91582 --- /dev/null +++ b/docs/source/markdown/options/target.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--target**=*stageName* + +Set the target build stage to build. When building a Containerfile with multiple build stages, --target can be used to specify an intermediate build stage by name as the final stage for the resulting image. Commands after the target stage is skipped. diff --git a/docs/source/markdown/options/timestamp.md b/docs/source/markdown/options/timestamp.md new file mode 100644 index 000000000000..f72cb818f640 --- /dev/null +++ b/docs/source/markdown/options/timestamp.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--timestamp**=*seconds* + +Set the create timestamp to seconds since epoch to allow for deterministic builds (defaults to current time). By default, the created timestamp is changed and written into the image manifest with every commit, causing the image's sha256 hash to be different even if the sources are exactly the same otherwise. +When --timestamp is set, the created timestamp is always set to the time specified and therefore not changed, allowing the image's sha256 hash to remain the same. All files committed to the layers of the image is created with the timestamp. + +If the only instruction in a Containerfile is `FROM`, this flag has no effect. diff --git a/docs/source/markdown/options/ulimit.image.md b/docs/source/markdown/options/ulimit.image.md new file mode 100644 index 000000000000..a5a6ed0bc0f8 --- /dev/null +++ b/docs/source/markdown/options/ulimit.image.md @@ -0,0 +1,22 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--ulimit**=*type=soft-limit[:hard-limit]* + +Specifies resource limits to apply to processes launched when processing `RUN` instructions. This option can be specified multiple times. Recognized resource types include: + "core": maximum core dump size (ulimit -c) + "cpu": maximum CPU time (ulimit -t) + "data": maximum size of a process's data segment (ulimit -d) + "fsize": maximum size of new files (ulimit -f) + "locks": maximum number of file locks (ulimit -x) + "memlock": maximum amount of locked memory (ulimit -l) + "msgqueue": maximum amount of data in message queues (ulimit -q) + "nice": niceness adjustment (nice -n, ulimit -e) + "nofile": maximum number of open files (ulimit -n) + "nproc": maximum number of processes (ulimit -u) + "rss": maximum size of a process's (ulimit -m) + "rtprio": maximum real-time scheduling priority (ulimit -r) + "rttime": maximum amount of real-time execution between blocking syscalls + "sigpending": maximum number of pending signals (ulimit -i) + "stack": maximum stack size (ulimit -s) diff --git a/docs/source/markdown/options/unsetenv.image.md b/docs/source/markdown/options/unsetenv.image.md new file mode 100644 index 000000000000..5a8d9014a9ce --- /dev/null +++ b/docs/source/markdown/options/unsetenv.image.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--unsetenv**=*env* + +Unset environment variables from the final image. diff --git a/docs/source/markdown/options/unsetlabel.md b/docs/source/markdown/options/unsetlabel.md new file mode 100644 index 000000000000..8288d837c03e --- /dev/null +++ b/docs/source/markdown/options/unsetlabel.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--unsetlabel**=*label* + +Unset the image label, causing the label not to be inherited from the base image. diff --git a/docs/source/markdown/options/userns-gid-map-group.md b/docs/source/markdown/options/userns-gid-map-group.md new file mode 100644 index 000000000000..bd987ba0647c --- /dev/null +++ b/docs/source/markdown/options/userns-gid-map-group.md @@ -0,0 +1,14 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--userns-gid-map-group**=*group* + +Specifies that a GID mapping to be used to set ownership, at the +filesystem level, on the working container's contents, can be found in entries in the `/etc/subgid` file which correspond to the specified group. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. +If --userns-uid-map-user is specified, but --userns-gid-map-group is not specified, `podman` assumes that the specified user name is also a +suitable group name to use as the default setting for this option. + +**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. diff --git a/docs/source/markdown/options/userns-gid-map.md b/docs/source/markdown/options/userns-gid-map.md new file mode 100644 index 000000000000..88ffbcc93013 --- /dev/null +++ b/docs/source/markdown/options/userns-gid-map.md @@ -0,0 +1,19 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--userns-gid-map**=*mapping* + +Directly specifies a GID mapping to be used to set ownership, at the +filesystem level, on the working container's contents. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. + +Entries in this map take the form of one or more triples of a starting +in-container GID, a corresponding starting host-level GID, and the number of consecutive IDs which the map entry represents. + +This option overrides the *remap-gids* setting in the *options* section of /etc/containers/storage.conf. + +If this option is not specified, but a global --userns-gid-map setting is supplied, settings from the global option is used. + +If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-gid-map are specified, but --userns-uid-map is specified, the GID map is set to use the same numeric values as the UID map. diff --git a/docs/source/markdown/options/userns-uid-map-user.md b/docs/source/markdown/options/userns-uid-map-user.md new file mode 100644 index 000000000000..271a2cc56d6d --- /dev/null +++ b/docs/source/markdown/options/userns-uid-map-user.md @@ -0,0 +1,14 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--userns-uid-map-user**=*user* + +Specifies that a UID mapping to be used to set ownership, at the +filesystem level, on the working container's contents, can be found in entries in the `/etc/subuid` file which correspond to the specified user. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. +If --userns-gid-map-group is specified, but --userns-uid-map-user is not specified, `podman` assumes that the specified group name is also a +suitable user name to use as the default setting for this option. + +**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. diff --git a/docs/source/markdown/options/userns-uid-map.md b/docs/source/markdown/options/userns-uid-map.md new file mode 100644 index 000000000000..748945394357 --- /dev/null +++ b/docs/source/markdown/options/userns-uid-map.md @@ -0,0 +1,19 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--userns-uid-map**=*mapping* + +Directly specifies a UID mapping to be used to set ownership, at the +filesystem level, on the working container's contents. +Commands run when handling `RUN` instructions default to being run in +their own user namespaces, configured using the UID and GID maps. + +Entries in this map take the form of one or more triples of a starting +in-container UID, a corresponding starting host-level UID, and the number of consecutive IDs which the map entry represents. + +This option overrides the *remap-uids* setting in the *options* section of /etc/containers/storage.conf. + +If this option is not specified, but a global --userns-uid-map setting is supplied, settings from the global option is used. + +If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-uid-map are specified, but --userns-gid-map is specified, the UID map is set to use the same numeric values as the GID map. diff --git a/docs/source/markdown/options/userns.image.md b/docs/source/markdown/options/userns.image.md new file mode 100644 index 000000000000..48d428e70934 --- /dev/null +++ b/docs/source/markdown/options/userns.image.md @@ -0,0 +1,8 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--userns**=*how* + +Sets the configuration for user namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new user namespace is created, it can be "host" to indicate that the user namespace in which `podman` itself is being run is reused, or it can be the path to a user namespace which is already in use by another process. diff --git a/docs/source/markdown/options/uts.md b/docs/source/markdown/options/uts.md new file mode 100644 index 000000000000..dc2cb58913dd --- /dev/null +++ b/docs/source/markdown/options/uts.md @@ -0,0 +1,8 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--uts**=*how* + +Sets the configuration for UTS namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new UTS namespace to be created, or it can be "host" to indicate that the UTS namespace in which `podman` itself is being run is reused, or it can be the path to a UTS namespace which is already in use by another process. diff --git a/docs/source/markdown/options/volume.image.md b/docs/source/markdown/options/volume.image.md new file mode 100644 index 000000000000..7549b47ea321 --- /dev/null +++ b/docs/source/markdown/options/volume.image.md @@ -0,0 +1,124 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--volume**, **-v**=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]* + +Create a bind mount. Specifying the `-v /HOST-DIR:/CONTAINER-DIR` option, Podman +bind mounts `/HOST-DIR` from the host to `/CONTAINER-DIR` in the Podman +container. + +The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) + + * [rw|ro] + * [z|Z|O] + * [U] + * [`[r]shared`|`[r]slave`|`[r]private`] + +The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` +must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the +specified path. For example, when specifying the host path `/foo`, +Podman copies the contents of `/foo` to the container filesystem on the host +and bind mounts that into the container. + +You can specify multiple **-v** options to mount one or more mounts to a +container. + +You can add the `:ro` or `:rw` suffix to a volume to mount it read-only or +read-write mode, respectively. By default, the volumes are mounted read-write. +See examples. + + `Chowning Volume Mounts` + +By default, Podman does not change the owner and group of source volume +directories mounted. When running using user namespaces, the UID and GID inside +the namespace may correspond to another UID and GID on the host. + +The `:U` suffix tells Podman to use the correct host UID and GID based on the +UID and GID within the namespace, to change recursively the owner and group of +the source volume. + +**Warning** use with caution since this modifies the host filesystem. + + `Labeling Volume Mounts` + +Labeling systems like SELinux require that proper labels are placed on volume +content mounted into a container. Without a label, the security system might +prevent the processes running inside the container from using the content. By +default, Podman does not change the labels set by the OS. + +To change a label in the container context, add one of these two suffixes +`:z` or `:Z` to the volume mount. These suffixes tell Podman to relabel file +objects on the shared volumes. The `z` option tells Podman that two containers +share the volume content. As a result, Podman labels the content with a shared +content label. Shared volume labels allow all containers to read/write content. +The `Z` option tells Podman to label the content with a private unshared label. +Only the current container can use a private volume. + +Note: Do not relabel system files and directories. Relabeling system content +might cause other confined services on the host machine to fail. For these types +of containers, disabling SELinux separation is recommended. The option +`--security-opt label=disable` disables SELinux separation for the container. +For example, if a user wanted to volume mount their entire home directory into the build containers, they need to disable SELinux separation. + + $ podman build --security-opt label=disable -v $HOME:/home/user . + + `Overlay Volume Mounts` + + The `:O` flag tells Podman to mount the directory from the host as a +temporary storage using the Overlay file system. The `RUN` command containers +are allowed to modify contents within the mountpoint and are stored in the +container storage in a separate directory. In Overlay FS terms the source +directory is the lower, and the container storage directory is the +upper. Modifications to the mount point are destroyed when the `RUN` command +finishes executing, similar to a tmpfs mount point. + + Any subsequent execution of `RUN` commands sees the original source directory +content, any changes from previous RUN commands no longer exists. + + One use case of the `overlay` mount is sharing the package cache from the +host into the container to allow speeding up builds. + + Note: + + - Overlay mounts are not currently supported in rootless mode. + - The `O` flag is not allowed to be specified with the `Z` or `z` flags. +Content mounted into the container is labeled with the private label. + On SELinux systems, labels in the source directory needs to be readable +by the container label. If not, SELinux container separation must be disabled +for the container to work. + - Modification of the directory volume mounted into the container with an +overlay mount can cause unexpected failures. Do not modify the directory until +the container finishes running. + +By default bind mounted volumes are `private`. That means any mounts done +inside containers are not be visible on the host and vice versa. This behavior +can be changed by specifying a volume mount propagation property. + +When the mount propagation policy is set to `shared`, any mounts completed +inside the container on that volume is visible to both the host and +container. When the mount propagation policy is set to `slave`, one way mount +propagation is enabled and any mounts completed on the host for that volume is +visible only inside of the container. To control the mount propagation +property of volume use the `:[r]shared`, `:[r]slave` or `:[r]private` +propagation flag. For mount propagation to work on the source mount point (mount +point where source dir is mounted on) has to have the right propagation properties. +For shared volumes, the source mount point has to be shared. And for slave volumes, +the source mount has to be either shared or slave. [[1]](#Footnote1) + +Use `df ` to determine the source mount and then use +`findmnt -o TARGET,PROPAGATION ` to determine propagation +properties of source mount, if `findmnt` utility is not available, the source +mount point can be determined by looking at the mount entry in +`/proc/self/mountinfo`. Look at `optional fields` and see if any propagation +properties are specified. +`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` +and if nothing is there that means the mount is `private`. [[1]](#Footnote1) + +To change propagation properties of a mount point use the `mount` command. For +example, to bind mount the source directory `/foo` do +`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This +converts /foo into a `shared` mount point. The propagation properties of +the source mount can be changed directly. For instance if `/` is the source +mount for `/foo`, then use `mount --make-shared /` to convert `/` into a +`shared` mount. diff --git a/docs/source/markdown/podman-build.1.md.in b/docs/source/markdown/podman-build.1.md.in index a711a13fff83..26a0ea51e5c3 100644 --- a/docs/source/markdown/podman-build.1.md.in +++ b/docs/source/markdown/podman-build.1.md.in @@ -55,13 +55,7 @@ command to see these containers. External containers can be removed with the Instead of building for a set of platforms specified using the **--platform** option, inspect the build's base images, and build for all of the platforms for which they are all available. Stages that use *scratch* as a starting point can not be inspected, so at least one non-*scratch* stage must be present for detection to work usefully. -#### **--annotation**=*annotation* - -Add an image *annotation* (e.g. annotation=*value*) to the image metadata. Can -be used multiple times. - -Note: this information is not present in Docker image formats, so it is -discarded when writing images in Docker formats. +@@option annotation.image #### **--arch**=*arch* @@ -73,132 +67,27 @@ host. (Examples: arm, arm64, 386, amd64, ppc64le, s390x) @@option authfile -#### **--build-arg**=*arg=value* - -Specifies a build argument and its value, which is interpolated in -instructions read from the Containerfiles in the same way that environment -variables are, but which are not added to environment variable list in the -resulting image's configuration. - -#### **--build-arg-file**=*path* - -Specifies a file containing lines of build arguments of the form `arg=value`. -The suggested file name is `argfile.conf`. - -Comment lines beginning with `#` are ignored, along with blank lines. -All others must be of the `arg=value` format passed to `--build-arg`. - -If several arguments are provided via the `--build-arg-file` -and `--build-arg` options, the build arguments are merged across all -of the provided files and command line arguments. - -Any file provided in a `--build-arg-file` option is read before -the arguments supplied via the `--build-arg` option. - -When a given argument name is specified several times, the last instance -is the one that is passed to the resulting builds. This means `--build-arg` -values always override those in a `--build-arg-file`. - -#### **--build-context**=*name=value* - -Specify an additional build context using its short name and its location. -Additional build contexts can be referenced in the same manner as we access -different stages in COPY instruction. - -Valid values are: - -* Local directory – e.g. --build-context project2=../path/to/project2/src (This option is not available with the remote Podman client. On Podman machine setup (i.e macOS and Winows) path must exists on the machine VM) -* HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar -* Container image – specified with a container-image:// prefix, e.g. --build-context alpine=container-image://alpine:3.15, (also accepts docker://, docker-image://) - -On the Containerfile side, reference the build context on all -commands that accept the “from” parameter. Here’s how that might look: +@@option build-arg -```dockerfile -FROM [name] -COPY --from=[name] ... -RUN --mount=from=[name] … -``` - -The value of [name] is matched with the following priority order: - -* Named build context defined with --build-context [name]=.. -* Stage defined with AS [name] inside Containerfile -* Image [name], either local or in a remote registry - -#### **--cache-from** - -Repository to utilize as a potential cache source. When specified, Buildah tries to look for -cache images in the specified repository and attempts to pull cache images instead of actually -executing the build steps locally. Buildah only attempts to pull previously cached images if they -are considered as valid cache hits. - -Use the `--cache-to` option to populate a remote repository with cache content. - -Example +@@option build-arg-file -```bash -# populate a cache and also consult it -buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . -``` - -Note: `--cache-from` option is ignored unless `--layers` is specified. - -#### **--cache-to** - -Set this flag to specify a remote repository that is used to store cache images. Buildah attempts to -push newly built cache image to the remote repository. +@@option build-context -Note: Use the `--cache-from` option in order to use cache content in a remote repository. - -Example - -```bash -# populate a cache and also consult it -buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . -``` +@@option cache-from -Note: `--cache-to` option is ignored unless `--layers` is specified. +@@option cache-to -#### **--cache-ttl** +@@option cache-ttl -Limit the use of cached images to only consider images with created timestamps less than *duration* ago. -For example if `--cache-ttl=1h` is specified, Buildah considers intermediate cache images which are created -under the duration of one hour, and intermediate cache images outside this duration is ignored. +@@option cap-add.image -Note: Setting `--cache-ttl=0` manually is equivalent to using `--no-cache` in the -implementation since this means that the user dones not want to use cache at all. - -#### **--cap-add**=*CAP\_xxx* - -When executing RUN instructions, run the command specified in the instruction -with the specified capability added to its capability set. -Certain capabilities are granted by default; this option can be used to add -more. - -#### **--cap-drop**=*CAP\_xxx* - -When executing RUN instructions, run the command specified in the instruction -with the specified capability removed from its capability set. -The CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, -CAP\_FSETID, CAP\_KILL, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, -CAP\_SETGID, CAP\_SETPCAP, and CAP\_SETUID capabilities are -granted by default; this option can be used to remove them. - -If a capability is specified to both the **--cap-add** and **--cap-drop** -options, it is dropped, regardless of the order in which the options were -given. +@@option cap-drop.image @@option cert-dir @@option cgroup-parent -#### **--cgroupns**=*how* - -Sets the configuration for cgroup namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "private" to indicate -that a new cgroup namespace is created, or it can be "host" to indicate -that the cgroup namespace in which `buildah` itself is being run is reused. +@@option cgroupns.image #### **--compress** @@ -206,9 +95,7 @@ This option is added to be aligned with other containers CLIs. Podman doesn't communicate with a daemon or a remote server. Thus, compressing the data before sending it is irrelevant to Podman. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) -#### **--cpp-flag**=*flags* - -Set additional flags to pass to the C Preprocessor cpp(1). Containerfiles ending with a ".in" suffix is preprocessed via cpp(1). This option can be used to pass additional flags to cpp.Note: You can also set default CPPFLAGS by setting the BUILDAH_CPPFLAGS environment variable (e.g., export BUILDAH_CPPFLAGS="-DDEBUG"). +@@option cpp-flag @@option cpu-period @@ -282,12 +169,7 @@ This option is not supported on the remote client, including Mac and Windows (excluding WSL2) machines. -#### **--decryption-key**=*key[:passphrase]* - -The [key[:passphrase]] to be used for decryption of images. Key can point to -keys and/or certificates. Decryption is tried with all keys. If the key is -protected by a passphrase, it is required to be passed in the argument and -omitted otherwise. +@@option decryption-key @@option device @@ -296,14 +178,7 @@ from inside a rootless container fails. The **[crun(1)](https://github.com/conta workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. -#### **--disable-compression**, **-D** - -Don't compress filesystem layers when building the image unless it is required -by the location where the image is being written. This is the default setting, -because image layers are compressed automatically when they are pushed to -registries, and images being written to local storage only need to be -decompressed again to be stored. Compression can be forced in all cases by -specifying **--disable-compression=false**. +@@option disable-compression @@option disable-content-trust @@ -314,169 +189,47 @@ This option cannot be combined with **--network** that is set to **none**. Note: this option takes effect only during *RUN* instructions in the build. It does not affect _/etc/resolv.conf_ in the final image. -#### **--dns-option**=*option* - -Set custom DNS options to be used during the build. - -#### **--dns-search**=*domain* - -Set custom DNS search domains to be used during the build. - -#### **--env**=*env[=value]* - -Add a value (e.g. env=*value*) to the built image. Can be used multiple times. -If neither `=` nor a *value* are specified, but *env* is set in the current -environment, the value from the current environment is added to the image. -To remove an environment variable from the built image, use the `--unsetenv` -option. - -#### **--file**, **-f**=*Containerfile* - -Specifies a Containerfile which contains instructions for building the image, -either a local file or an **http** or **https** URL. If more than one -Containerfile is specified, *FROM* instructions are only be accepted from the -last specified file. - -If a build context is not specified, and at least one Containerfile is a -local file, the directory in which it resides is used as the build -context. - -Specifying the option `-f -` causes the Containerfile contents to be read from stdin. - -#### **--force-rm** - -Always remove intermediate containers after a build, even if the build fails -(default true). - -#### **--format** - -Control the format for the built image's manifest and configuration data. -Recognized formats include *oci* (OCI image-spec v1.0, the default) and -*docker* (version 2, using schema format 2 for the manifest). - -Note: You can also override the default format by setting the BUILDAH\_FORMAT -environment variable. `export BUILDAH_FORMAT=docker` - -#### **--from** - -Overrides the first `FROM` instruction within the Containerfile. If there are multiple -FROM instructions in a Containerfile, only the first is changed. +@@option dns-option.image -With the remote podman client, not all container transports work as -expected. For example, oci-archive:/x.tar references /x.tar on the remote -machine instead of on the client. When using podman remote clients it is -best to restrict use to *containers-storage*, and *docker:// transports*. +@@option dns-search.image -#### **--group-add**=*group* | *keep-groups* +@@option env.image -Assign additional groups to the primary user running within the container -process. +@@option file -- `keep-groups` is a special value that tells Buildah to keep the supplementary -group access. +@@option force-rm -Allows container to use the user's supplementary group access. If file systems -or devices are only accessible by the rootless user's group, this flag tells the -OCI runtime to pass the group access into the container. Currently only -available with the `crun` OCI runtime. Note: `keep-groups` is exclusive, other -groups cannot be specified with this flag. +@@option format -#### **--help**, **-h** +@@option from -Print usage statement +@@option group-add -#### **--hooks-dir**=*path* +@@option help -Each *.json file in the path configures a hook for buildah build containers. For more details on the syntax of the JSON files and the semantics of hook injection. Buildah currently support both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is deprecated. - -This option may be set multiple times; paths from later options have higher precedence. - -For the annotation conditions, buildah uses any annotations set in the generated OCI configuration. - -For the bind-mount conditions, only mounts explicitly requested by the caller via --volume are considered. Bind mounts that buildah inserts by default (e.g. /dev/shm) are not considered. - -If --hooks-dir is unset for root callers, Buildah currently defaults to /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d in order of increasing precedence. Using these defaults is deprecated. Migrate to explicitly setting --hooks-dir. +@@option hooks-dir @@option http-proxy -#### **--identity-label** - -Adds default identity label `io.buildah.version` if set. (default true). - -#### **--ignorefile** - -Path to an alternative .containerignore file. - -#### **--iidfile**=*ImageIDfile* - -Write the built image's ID to the file. When `--platform` is specified more -than once, attempting to use this option triggers an error. - -#### **--ipc**=*how* - -Sets the configuration for IPC namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate -that a new IPC namespace is created, or it can be "host" to indicate -that the IPC namespace in which `podman` itself is being run is reused, -or it can be the path to an IPC namespace which is already in use by -another process. - -#### **--isolation**=*type* - -Controls what type of isolation is used for running processes as part of `RUN` -instructions. Recognized types include *oci* (OCI-compatible runtime, the -default), *rootless* (OCI-compatible runtime invoked using a modified -configuration and its --rootless option enabled, with *--no-new-keyring ---no-pivot* added to its *create* invocation, with network and UTS namespaces -disabled, and IPC, PID, and user namespaces enabled; the default for -unprivileged users), and *chroot* (an internal wrapper that leans more toward -chroot(1) than container technology). - -Note: You can also override the default isolation type by setting the -BUILDAH\_ISOLATION environment variable. `export BUILDAH_ISOLATION=oci` +@@option identity-label -#### **--jobs**=*number* +@@option ignorefile -Run up to N concurrent stages in parallel. If the number of jobs is greater -than 1, stdin is read from /dev/null. If 0 is specified, then there is -no limit in the number of jobs that run in parallel. +@@option iidfile -#### **--label**=*label* +@@option ipc.image -Add an image *label* (e.g. label=*value*) to the image metadata. Can be used -multiple times. +@@option isolation -Users can set a special LABEL **io.containers.capabilities=CAP1,CAP2,CAP3** in -a Containerfile that specifies the list of Linux capabilities required for the -container to run properly. This label specified in a container image tells -Podman to run the container with just these capabilities. Podman launches the -container with just the specified capabilities, as long as this list of -capabilities is a subset of the default list. +@@option jobs -If the specified capabilities are not in the default set, Podman prints an error -message and runs the container with the default capabilities. +@@option label.image -#### **--layer-label**=*label[=value]* +@@option layer-label -Add an intermediate image *label* (e.g. label=*value*) to the intermediate -image metadata. It can be used multiple times. +@@option layers -If *label* is named, but neither `=` nor a `value` is provided, then -the *label* is set to an empty value. - -#### **--layers** - -Cache intermediate images during the build process (Default is `true`). - -Note: You can also override the default value of layers by setting the -BUILDAH\_LAYERS environment variable. `export BUILDAH_LAYERS=true` - -#### **--logfile**=*filename* - -Log output which is sent to standard output and standard error to the -specified file instead of to standard output and standard error. -This option is not supported on the remote client, including Mac and Windows -(excluding WSL2) machines. +@@option logfile #### **--logsplit**=*bool-value* @@ -486,80 +239,15 @@ following format: `${logfile}_${platform-os}_${platform-arch}`. This option is not supported on the remote client, including Mac and Windows (excluding WSL2) machines. -#### **--manifest**=*manifest* - -Name of the manifest list to which the image is added. Creates the manifest list -if it does not exist. This option is useful for building multi architecture images. +@@option manifest @@option memory @@option memory-swap -#### **--network**=*mode*, **--net** - -Sets the configuration for network namespaces when handling `RUN` instructions. - -Valid _mode_ values are: - -- **none**: no networking. -- **host**: use the Podman host network stack. Note: the host mode gives the -container full access to local system services such as D-bus and is therefore -considered insecure. -- **ns:**_path_: path to a network namespace to join. -- **private**: create a new namespace for the container (default) -- **\**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootful users. -- **slirp4netns[:OPTIONS,...]**: use **slirp4netns**(1) to create a user network stack. This is the default for rootless containers. It is possible to specify these additional options, they can also be set with `network_cmd_options` in containers.conf: - - **allow_host_loopback=true|false**: Allow slirp4netns to reach the host loopback IP (default is 10.0.2.2 or the second IP from slirp4netns cidr subnet when changed, see the cidr option below). The default is false. - - **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`). - - **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`). - - **enable_ipv6=true|false**: Enable IPv6. Default is true. (Required for `outbound_addr6`). - - **outbound_addr=INTERFACE**: Specify the outbound interface slirp binds to (ipv4 traffic only). - - **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp binds to. - - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp binds to (ipv6 traffic only). - - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp binds to. -- **pasta[:OPTIONS,...]**: use **pasta**(1) to create a user-mode networking - stack. \ - This is only supported in rootless mode. \ - By default, IPv4 and IPv6 addresses and routes, as well as the pod interface - name, are copied from the host. If port forwarding isn't configured, ports - are forwarded dynamically as services are bound on either side (init - namespace or container namespace). Port forwarding preserves the original - source IP address. Options described in pasta(1) can be specified as - comma-separated arguments. \ - In terms of pasta(1) options, **--config-net** is given by default, in - order to configure networking when the container is started, and - **--no-map-gw** is also assumed by default, to avoid direct access from - container to host using the gateway address. The latter can be overridden - by passing **--map-gw** in the pasta-specific options (despite not being an - actual pasta(1) option). \ - Also, **-t none** and **-u none** are passed to disable - automatic port forwarding based on bound ports. Similarly, **-T none** and - **-U none** are given to disable the same functionality from container to - host. \ - Some examples: - - **pasta:--map-gw**: Allow the container to directly reach the host using the - gateway address. - - **pasta:--mtu,1500**: Specify a 1500 bytes MTU for the _tap_ interface in - the container. - - **pasta:--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,-m,1500,--no-ndp,--no-dhcpv6,--no-dhcp**, - equivalent to default slirp4netns(1) options: disable IPv6, assign - `10.0.2.0/24` to the `tap0` interface in the container, with gateway - `10.0.2.3`, enable DNS forwarder reachable at `10.0.2.3`, set MTU to 1500 - bytes, disable NDP, DHCPv6 and DHCP support. - - **pasta:-I,tap0,--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,--no-ndp,--no-dhcpv6,--no-dhcp**, - equivalent to default slirp4netns(1) options with Podman overrides: same as - above, but leave the MTU to 65520 bytes - - **pasta:-t,auto,-u,auto,-T,auto,-U,auto**: enable automatic port forwarding - based on observed bound ports from both host and container sides - - **pasta:-T,5201**: enable forwarding of TCP port 5201 from container to - host, using the loopback interface instead of the tap interface for improved - performance - -#### **--no-cache** - -Do not use existing cached images for the container build. Build from the start -with a new set of cached layers. +@@option network.image +@@option no-cache #### **--no-hostname** @@ -571,38 +259,13 @@ By default, Buildah manages the _/etc/hostname_ file, adding the container's own This option conflicts with **--add-host**. -#### **--omit-history** - -Omit build history information in the built image. (default false). - -This option is useful for the cases where end users explicitly -want to set `--omit-history` to omit the optional `History` from -built images or when working with images built using build tools that -do not include `History` information in their images. - -#### **--os**=*string* - -Set the OS of the image to be built, and that of the base image to be pulled, -if the build uses one, instead of using the current operating system of the -build host. Unless overridden, subsequent lookups of the same image in the -local storage matches this OS, regardless of the host. - -#### **--os-feature**=*feature* +@@option omit-history -Set the name of a required operating system *feature* for the image which is built. By default, if the image is not based on *scratch*, the base image's -required OS feature list is kept, if the base image specified any. This option -is typically only meaningful when the image's OS is Windows. +@@option os -If *feature* has a trailing `-`, then the *feature* is removed from the set of -required features which is listed in the image. +@@option os-feature -#### **--os-version**=*version* - -Set the exact required operating system *version* for the image which is -built. By default, if the image is not based on *scratch*, the base image's -required OS version is kept, if the base image specified one. This option is -typically only meaningful when the image's OS is Windows, and is typically set in -Windows base images, so using this option is usually unnecessary. +@@option os-version.image #### **--output**, **-o**=*output-opts* @@ -623,14 +286,7 @@ Valid _type_ values are: If no type is specified, the value defaults to **local**. Alternatively, instead of a comma-separated sequence, the value of **--output** can be just a destination (in the **dest** format) (e.g. `--output some-path`, `--output -`) where `--output some-path` is treated as if **type=local** and `--output -` is treated as if **type=tar**. -#### **--pid**=*pid* - -Sets the configuration for PID namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate -that a new PID namespace is created, or it can be "host" to indicate -that the PID namespace in which `podman` itself is being run is reused, -or it can be the path to a PID namespace which is already in use by another -process. +@@option pid.image #### **--platform**=*os/arch[/variant][,...]* @@ -658,78 +314,25 @@ While `podman build` is happy to use base images and build images for any platform that exists, `RUN` instructions are able to succeed without the help of emulation provided by packages like `qemu-user-static`. -#### **--pull**=*policy* +@@option pull.image Pull image policy. The default is **missing**. -- **always**, **true**: Always pull the image and throw an error if the pull fails. -- **missing**: Only pull the image when it does not exist in the local containers storage. Throw an error if no image is found and the pull fails. -- **never**, **false**: Never pull the image but use the one from the local containers storage. Throw an error when no image is found. -- **newer**: Pull if the image on the registry is newer than the one in the local containers storage. An image is considered to be newer when the digests are different. Comparing the time stamps is prone to errors. Pull errors are suppressed if a local image was found. - -#### **--quiet**, **-q** - -Suppress output messages which indicate which instruction is being processed, -and of progress when pulling images from a registry, and when writing the -output image. - -#### **--retry**=*attempts* - -Number of times to retry in case of failure when performing pull of -images from registry. Default is **3**. - -#### **--retry-delay**=*duration* - -Duration of delay between retry attempts in case of failure when performing -pull of images from registry. Default is **2s**. - -#### **--rm** - -Remove intermediate containers after a successful build (default true). - -#### **--runtime**=*path* - -The *path* to an alternate OCI-compatible runtime, which is used to run -commands specified by the **RUN** instruction. - -Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME -environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc` - -#### **--runtime-flag**=*flag* +@@option quiet -Adds global flags for the container rutime. To list the supported flags, please consult the manpages of the selected container runtime. +@@option retry -Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json. +@@option retry-delay -#### **--secret**=**id=id,src=path** +@@option rm -Pass secret information used in the Containerfile for building images -in a safe way that are not stored in the final image, or be seen in other stages. -The secret is mounted in the container at the default location of `/run/secrets/id`. +@@option runtime -To later use the secret, use the --mount option in a `RUN` instruction within a `Containerfile`: +@@option runtime-flag -`RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret` +@@option secret.image -#### **--security-opt**=*option* - -Security Options - -- `apparmor=unconfined` : Turn off apparmor confinement for the container -- `apparmor=alternate-profile` : Set the apparmor confinement profile for the -container - -- `label=user:USER` : Set the label user for the container processes -- `label=role:ROLE` : Set the label role for the container processes -- `label=type:TYPE` : Set the label process type for the container processes -- `label=level:LEVEL` : Set the label level for the container processes -- `label=filetype:TYPE` : Set the label file type for the container files -- `label=disable` : Turn off label separation for the container -- `no-new-privileges` : Not supported - -- `seccomp=unconfined` : Turn off seccomp confinement for the container -- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used -as a seccomp filter +@@option security-opt.image @@option shm-size @@ -737,28 +340,13 @@ as a seccomp filter Sign the image using a GPG key with the specified FINGERPRINT. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines,) -#### **--skip-unused-stages** - -Skip stages in multi-stage builds which don't affect the target stage. (Default: **true**). - -#### **--squash** - -Squash all of the image's new layers into a single new layer; any preexisting -layers are not squashed. +@@option skip-unused-stages -#### **--squash-all** +@@option squash -Squash all of the new image's layers (including those inherited from a base -image) into a single new layer. +@@option squash-all -#### **--ssh**=*default* | *id[=socket>* - -SSH agent socket or keys to expose to the build. -The socket path can be left empty to use the value of `default=$SSH_AUTH_SOCK` - -To later use the ssh agent, use the --mount option in a `RUN` instruction within a `Containerfile`: - -`RUN --mount=type=ssh,id=id mycmd` +@@option ssh #### **--stdin** @@ -766,152 +354,31 @@ Pass stdin into the RUN containers. Sometime commands being RUN within a Contain want to request information from the user. For example apt asking for a confirmation for install. Use --stdin to be able to interact from the terminal during the build. -#### **--tag**, **-t**=*imageName* +@@option tag -Specifies the name which is assigned to the resulting image if the build -process completes successfully. -If _imageName_ does not include a registry name, the registry name *localhost* -is prepended to the image name. Can be used multiple times. +@@option target -#### **--target**=*stageName* +@@option timestamp -Set the target build stage to build. When building a Containerfile with -multiple build stages, --target can be used to specify an intermediate build -stage by name as the final stage for the resulting image. Commands after the target stage is skipped. +@@option tls-verify -#### **--timestamp**=*seconds* +@@option ulimit.image -Set the create timestamp to seconds since epoch to allow for deterministic -builds (defaults to current time). By default, the created timestamp is changed -and written into the image manifest with every commit, causing the image's -sha256 hash to be different even if the sources are exactly the same otherwise. -When --timestamp is set, the created timestamp is always set to the time -specified and therefore not changed, allowing the image's sha256 hash to remain the -same. All files committed to the layers of the image is created with the -timestamp. +@@option unsetenv.image -If the only instruction in a Containerfile is `FROM`, this flag has no effect. +@@option unsetlabel -@@option tls-verify +@@option userns.image + +@@option userns-gid-map -#### **--ulimit**=*type=soft-limit[:hard-limit]* +@@option userns-gid-map-group -Specifies resource limits to apply to processes launched when processing `RUN` -instructions. This option can be specified multiple times. Recognized resource -types include: - "core": maximum core dump size (ulimit -c) - "cpu": maximum CPU time (ulimit -t) - "data": maximum size of a process's data segment (ulimit -d) - "fsize": maximum size of new files (ulimit -f) - "locks": maximum number of file locks (ulimit -x) - "memlock": maximum amount of locked memory (ulimit -l) - "msgqueue": maximum amount of data in message queues (ulimit -q) - "nice": niceness adjustment (nice -n, ulimit -e) - "nofile": maximum number of open files (ulimit -n) - "nproc": maximum number of processes (ulimit -u) - "rss": maximum size of a process's (ulimit -m) - "rtprio": maximum real-time scheduling priority (ulimit -r) - "rttime": maximum amount of real-time execution between blocking syscalls - "sigpending": maximum number of pending signals (ulimit -i) - "stack": maximum stack size (ulimit -s) - -#### **--unsetenv**=*env* - -Unset environment variables from the final image. - -#### **--unsetlabel**=*label* - -Unset the image label, causing the label not to be inherited from the base image. - -#### **--userns**=*how* - -Sets the configuration for user namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate -that a new user namespace is created, it can be "host" to indicate that -the user namespace in which `podman` itself is being run is reused, or -it can be the path to a user namespace which is already in use by another -process. - -#### **--userns-gid-map**=*mapping* - -Directly specifies a GID mapping to be used to set ownership, at the -filesystem level, on the working container's contents. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. - -Entries in this map take the form of one or more triples of a starting -in-container GID, a corresponding starting host-level GID, and the number of -consecutive IDs which the map entry represents. - -This option overrides the *remap-gids* setting in the *options* section of -/etc/containers/storage.conf. - -If this option is not specified, but a global --userns-gid-map setting is -supplied, settings from the global option is used. - -If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-gid-map -are specified, but --userns-uid-map is specified, the GID map is set to -use the same numeric values as the UID map. - -#### **--userns-gid-map-group**=*group* - -Specifies that a GID mapping to be used to set ownership, at the -filesystem level, on the working container's contents, can be found in entries -in the `/etc/subgid` file which correspond to the specified group. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. -If --userns-uid-map-user is specified, but --userns-gid-map-group is not -specified, `podman` assumes that the specified user name is also a -suitable group name to use as the default setting for this option. - -**NOTE:** When this option is specified by a rootless user, the specified -mappings are relative to the rootless user namespace in the container, rather -than being relative to the host as it is when run rootful. - -#### **--userns-uid-map**=*mapping* - -Directly specifies a UID mapping to be used to set ownership, at the -filesystem level, on the working container's contents. -Commands run when handling `RUN` instructions default to being run in -their own user namespaces, configured using the UID and GID maps. - -Entries in this map take the form of one or more triples of a starting -in-container UID, a corresponding starting host-level UID, and the number of -consecutive IDs which the map entry represents. - -This option overrides the *remap-uids* setting in the *options* section of -/etc/containers/storage.conf. - -If this option is not specified, but a global --userns-uid-map setting is -supplied, settings from the global option is used. - -If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-uid-map -are specified, but --userns-gid-map is specified, the UID map is set to -use the same numeric values as the GID map. - -#### **--userns-uid-map-user**=*user* - -Specifies that a UID mapping to be used to set ownership, at the -filesystem level, on the working container's contents, can be found in entries -in the `/etc/subuid` file which correspond to the specified user. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. -If --userns-gid-map-group is specified, but --userns-uid-map-user is not -specified, `podman` assumes that the specified group name is also a -suitable user name to use as the default setting for this option. - -**NOTE:** When this option is specified by a rootless user, the specified -mappings are relative to the rootless user namespace in the container, rather -than being relative to the host as it is when run rootful. +@@option userns-uid-map -#### **--uts**=*how* +@@option userns-uid-map-user -Sets the configuration for UTS namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate -that a new UTS namespace to be created, or it can be "host" to indicate -that the UTS namespace in which `podman` itself is being run is reused, -or it can be the path to a UTS namespace which is already in use by another -process. +@@option uts #### **--variant**=*variant* @@ -919,126 +386,7 @@ Set the architecture variant of the image to be built, and that of the base image to be pulled, if the build uses one, to the provided value instead of using the architecture variant of the build host. -#### **--volume**, **-v**=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]* - -Create a bind mount. Specifying the `-v /HOST-DIR:/CONTAINER-DIR` option, Podman -bind mounts `/HOST-DIR` from the host to `/CONTAINER-DIR` in the Podman -container. - -The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) - - * [rw|ro] - * [z|Z|O] - * [U] - * [`[r]shared`|`[r]slave`|`[r]private`] - -The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` -must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the -specified path. For example, when specifying the host path `/foo`, -Podman copies the contents of `/foo` to the container filesystem on the host -and bind mounts that into the container. - -You can specify multiple **-v** options to mount one or more mounts to a -container. - -You can add the `:ro` or `:rw` suffix to a volume to mount it read-only or -read-write mode, respectively. By default, the volumes are mounted read-write. -See examples. - - `Chowning Volume Mounts` - -By default, Podman does not change the owner and group of source volume -directories mounted. When running using user namespaces, the UID and GID inside -the namespace may correspond to another UID and GID on the host. - -The `:U` suffix tells Podman to use the correct host UID and GID based on the -UID and GID within the namespace, to change recursively the owner and group of -the source volume. - -**Warning** use with caution since this modifies the host filesystem. - - `Labeling Volume Mounts` - -Labeling systems like SELinux require that proper labels are placed on volume -content mounted into a container. Without a label, the security system might -prevent the processes running inside the container from using the content. By -default, Podman does not change the labels set by the OS. - -To change a label in the container context, add one of these two suffixes -`:z` or `:Z` to the volume mount. These suffixes tell Podman to relabel file -objects on the shared volumes. The `z` option tells Podman that two containers -share the volume content. As a result, Podman labels the content with a shared -content label. Shared volume labels allow all containers to read/write content. -The `Z` option tells Podman to label the content with a private unshared label. -Only the current container can use a private volume. - -Note: Do not relabel system files and directories. Relabeling system content -might cause other confined services on the host machine to fail. For these types -of containers, disabling SELinux separation is recommended. The option -`--security-opt label=disable` disables SELinux separation for the container. -For example, if a user wanted to volume mount their entire home directory into the build containers, they need to disable SELinux separation. - - $ podman build --security-opt label=disable -v $HOME:/home/user . - - `Overlay Volume Mounts` - - The `:O` flag tells Podman to mount the directory from the host as a -temporary storage using the Overlay file system. The `RUN` command containers -are allowed to modify contents within the mountpoint and are stored in the -container storage in a separate directory. In Overlay FS terms the source -directory is the lower, and the container storage directory is the -upper. Modifications to the mount point are destroyed when the `RUN` command -finishes executing, similar to a tmpfs mount point. - - Any subsequent execution of `RUN` commands sees the original source directory -content, any changes from previous RUN commands no longer exists. - - One use case of the `overlay` mount is sharing the package cache from the -host into the container to allow speeding up builds. - - Note: - - - Overlay mounts are not currently supported in rootless mode. - - The `O` flag is not allowed to be specified with the `Z` or `z` flags. -Content mounted into the container is labeled with the private label. - On SELinux systems, labels in the source directory needs to be readable -by the container label. If not, SELinux container separation must be disabled -for the container to work. - - Modification of the directory volume mounted into the container with an -overlay mount can cause unexpected failures. Do not modify the directory until -the container finishes running. - -By default bind mounted volumes are `private`. That means any mounts done -inside containers are not be visible on the host and vice versa. This behavior -can be changed by specifying a volume mount propagation property. - -When the mount propagation policy is set to `shared`, any mounts completed -inside the container on that volume is visible to both the host and -container. When the mount propagation policy is set to `slave`, one way mount -propagation is enabled and any mounts completed on the host for that volume is -visible only inside of the container. To control the mount propagation -property of volume use the `:[r]shared`, `:[r]slave` or `:[r]private` -propagation flag. For mount propagation to work on the source mount point (mount -point where source dir is mounted on) has to have the right propagation properties. -For shared volumes, the source mount point has to be shared. And for slave volumes, -the source mount has to be either shared or slave. [[1]](#Footnote1) - -Use `df ` to determine the source mount and then use -`findmnt -o TARGET,PROPAGATION ` to determine propagation -properties of source mount, if `findmnt` utility is not available, the source -mount point can be determined by looking at the mount entry in -`/proc/self/mountinfo`. Look at `optional fields` and see if any propagation -properties are specified. -`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` -and if nothing is there that means the mount is `private`. [[1]](#Footnote1) - -To change propagation properties of a mount point use the `mount` command. For -example, to bind mount the source directory `/foo` do -`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This -converts /foo into a `shared` mount point. The propagation properties of -the source mount can be changed directly. For instance if `/` is the source -mount for `/foo`, then use `mount --make-shared /` to convert `/` into a -`shared` mount. +@@option volume.image ## EXAMPLES diff --git a/docs/source/markdown/podman-farm-build.1.md b/docs/source/markdown/podman-farm-build.1.md new file mode 100644 index 000000000000..5bd9105dbd5d --- /dev/null +++ b/docs/source/markdown/podman-farm-build.1.md @@ -0,0 +1,1322 @@ +% podman-farm-build 1 + +## NAME +podman\-farm\-build - Build images on farm nodes, then bundle them into a manifest list + +## SYNOPSIS +**podman farm build** [*options*] [*context*] + +## DESCRIPTION +**podman farm build** Builds an image on all nodes in a farm and bundles them up into a manifest list. +It executes the `podman build` command on the nodes in the farm with the given Containerfile. + +The manifest list will contain an image per native architecture type that is present in the farm. + +The primary function of this command is to create multi-architecture builds that will be faster than doing it +via emulation using `podman build --arch --platform`. + +If no farm is specified, the build will be sent out to all the nodes that `podman system connection` knows of. + +## OPTIONS + + +[//]: # (BEGIN included file options/annotation.image.md) +#### **--annotation**=*annotation=value* + +Add an image *annotation* (e.g. annotation=*value*) to the image metadata. Can +be used multiple times. + +Note: this information is not present in Docker image formats, so it is +discarded when writing images in Docker formats. + +[//]: # (END included file options/annotation.image.md) + + +[//]: # (BEGIN included file options/authfile.md) +#### **--authfile**=*path* + +Path of the authentication file. Default is `${XDG_RUNTIME_DIR}/containers/auth.json` on Linux, and `$HOME/.config/containers/auth.json` on Windows/macOS. +The file is created by **[podman login](podman-login.1.md)**. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using **docker login**. + +Note: There is also the option to override the default path of the authentication file by setting the `REGISTRY_AUTH_FILE` environment variable. This can be done with **export REGISTRY_AUTH_FILE=_path_**. + +[//]: # (END included file options/authfile.md) + + +[//]: # (BEGIN included file options/build-arg.md) +#### **--build-arg**=*arg=value* + +Specifies a build argument and its value, which is interpolated in +instructions read from the Containerfiles in the same way that environment variables are, but which are not added to environment variable list in the resulting image's configuration. + +[//]: # (END included file options/build-arg.md) + + +[//]: # (BEGIN included file options/build-arg-file.md) +#### **--build-arg-file**=*path* + +Specifies a file containing lines of build arguments of the form `arg=value`. +The suggested file name is `argfile.conf`. + +Comment lines beginning with `#` are ignored, along with blank lines. +All others must be of the `arg=value` format passed to `--build-arg`. + +If several arguments are provided via the `--build-arg-file` +and `--build-arg` options, the build arguments are merged across all +of the provided files and command line arguments. + +Any file provided in a `--build-arg-file` option is read before +the arguments supplied via the `--build-arg` option. + +When a given argument name is specified several times, the last instance +is the one that is passed to the resulting builds. This means `--build-arg` +values always override those in a `--build-arg-file`. + +[//]: # (END included file options/build-arg-file.md) + + +[//]: # (BEGIN included file options/build-context.md) +#### **--build-context**=*name=value* + +Specify an additional build context using its short name and its location. +Additional build contexts can be referenced in the same manner as we access +different stages in COPY instruction. + +Valid values are: + +* Local directory – e.g. --build-context project2=../path/to/project2/src (This option is not available with the remote Podman client. On Podman machine setup (i.e macOS and Winows) path must exists on the machine VM) +* HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar +* Container image – specified with a container-image:// prefix, e.g. --build-context alpine=container-image://alpine:3.15, (also accepts docker://, docker-image://) + +On the Containerfile side, reference the build context on all +commands that accept the “from” parameter. Here’s how that might look: + +```dockerfile +FROM [name] +COPY --from=[name] ... +RUN --mount=from=[name] … +``` + +The value of [name] is matched with the following priority order: + +* Named build context defined with --build-context [name]=.. +* Stage defined with AS [name] inside Containerfile +* Image [name], either local or in a remote registry + +[//]: # (END included file options/build-context.md) + + +[//]: # (BEGIN included file options/cache-from.md) +#### **--cache-from**=*image* + +Repository to utilize as a potential cache source. When specified, Buildah tries to look for +cache images in the specified repository and attempts to pull cache images instead of actually +executing the build steps locally. Buildah only attempts to pull previously cached images if they +are considered as valid cache hits. + +Use the `--cache-to` option to populate a remote repository with cache content. + +Example + +```bash +# populate a cache and also consult it +buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . +``` + +Note: `--cache-from` option is ignored unless `--layers` is specified. + +[//]: # (END included file options/cache-from.md) + + +[//]: # (BEGIN included file options/cache-to.md) +#### **--cache-to**=*image* + +Set this flag to specify a remote repository that is used to store cache images. Buildah attempts to +push newly built cache image to the remote repository. + +Note: Use the `--cache-from` option in order to use cache content in a remote repository. + +Example + +```bash +# populate a cache and also consult it +buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . +``` + +Note: `--cache-to` option is ignored unless `--layers` is specified. + +[//]: # (END included file options/cache-to.md) + + +[//]: # (BEGIN included file options/cache-ttl.md) +#### **--cache-ttl** + +Limit the use of cached images to only consider images with created timestamps less than *duration* ago. +For example if `--cache-ttl=1h` is specified, Buildah considers intermediate cache images which are created +under the duration of one hour, and intermediate cache images outside this duration is ignored. + +Note: Setting `--cache-ttl=0` manually is equivalent to using `--no-cache` in the +implementation since this means that the user dones not want to use cache at all. + +[//]: # (END included file options/cache-ttl.md) + + +[//]: # (BEGIN included file options/cap-add.image.md) +#### **--cap-add**=*CAP\_xxx* + +When executing RUN instructions, run the command specified in the instruction +with the specified capability added to its capability set. +Certain capabilities are granted by default; this option can be used to add +more. + +[//]: # (END included file options/cap-add.image.md) + + +[//]: # (BEGIN included file options/cap-drop.image.md) +#### **--cap-drop**=*CAP\_xxx* + +When executing RUN instructions, run the command specified in the instruction +with the specified capability removed from its capability set. +The CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, +CAP\_FSETID, CAP\_KILL, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, +CAP\_SETGID, CAP\_SETPCAP, and CAP\_SETUID capabilities are +granted by default; this option can be used to remove them. + +If a capability is specified to both the **--cap-add** and **--cap-drop** +options, it is dropped, regardless of the order in which the options were +given. + +[//]: # (END included file options/cap-drop.image.md) + + +[//]: # (BEGIN included file options/cert-dir.md) +#### **--cert-dir**=*path* + +Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. (Default: /etc/containers/certs.d) +For details, see **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)**. +(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) + +[//]: # (END included file options/cert-dir.md) + + +[//]: # (BEGIN included file options/cgroup-parent.md) +#### **--cgroup-parent**=*path* + +Path to cgroups under which the cgroup for the container is created. If the +path is not absolute, the path is considered to be relative to the cgroups path +of the init process. Cgroups are created if they do not already exist. + +[//]: # (END included file options/cgroup-parent.md) + + +[//]: # (BEGIN included file options/cgroupns.image.md) +#### **--cgroupns**=*how* + +Sets the configuration for cgroup namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "private" to indicate +that a new cgroup namespace is created, or it can be "host" to indicate +that the cgroup namespace in which `buildah` itself is being run is reused. + +[//]: # (END included file options/cgroupns.image.md) + +#### **--cleanup** + +Remove built images from farm nodes on success (Default: false). + + +[//]: # (BEGIN included file options/cpp-flag.md) +#### **--cpp-flag**=*flags* + +Set additional flags to pass to the C Preprocessor cpp(1). Containerfiles ending with a ".in" suffix is preprocessed via cpp(1). This option can be used to pass additional flags to cpp.Note: You can also set default CPPFLAGS by setting the BUILDAH_CPPFLAGS environment variable (e.g., export BUILDAH_CPPFLAGS="-DDEBUG"). + +[//]: # (END included file options/cpp-flag.md) + + +[//]: # (BEGIN included file options/cpu-period.md) +#### **--cpu-period**=*limit* + +Set the CPU period for the Completely Fair Scheduler (CFS), which is a +duration in microseconds. Once the container's CPU quota is used up, it will not +be scheduled to run until the current period ends. Defaults to 100000 +microseconds. + +On some systems, changing the resource limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/cpu-period.md) + + +[//]: # (BEGIN included file options/cpu-quota.md) +#### **--cpu-quota**=*limit* + +Limit the CPU Completely Fair Scheduler (CFS) quota. + +Limit the container's CPU usage. By default, containers run with the full +CPU resource. The limit is a number in microseconds. If a number is provided, +the container is allowed to use that much CPU time until the CPU period +ends (controllable via **--cpu-period**). + +On some systems, changing the resource limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/cpu-quota.md) + + +[//]: # (BEGIN included file options/cpu-shares.md) +#### **--cpu-shares**, **-c**=*shares* + +CPU shares (relative weight). + +By default, all containers get the same proportion of CPU cycles. This +proportion can be modified by changing the container's CPU share weighting +relative to the combined weight of all the running containers. +Default weight is **1024**. + +The proportion only applies when CPU-intensive processes are running. +When tasks in one container are idle, other containers can use the +left-over CPU time. The actual amount of CPU time varies depending on +the number of containers running on the system. + +For example, consider three containers, one has a cpu-share of 1024 and +two others have a cpu-share setting of 512. When processes in all three +containers attempt to use 100% of CPU, the first container receives +50% of the total CPU time. If a fourth container is added with a cpu-share +of 1024, the first container only gets 33% of the CPU. The remaining containers +receive 16.5%, 16.5% and 33% of the CPU. + +On a multi-core system, the shares of CPU time are distributed over all CPU +cores. Even if a container is limited to less than 100% of CPU time, it can +use 100% of each individual CPU core. + +For example, consider a system with more than three cores. +If the container _C0_ is started with **--cpu-shares=512** running one process, +and another container _C1_ with **--cpu-shares=1024** running two processes, +this can result in the following division of CPU shares: + +| PID | container | CPU | CPU share | +| ---- | ----------- | ------- | ------------ | +| 100 | C0 | 0 | 100% of CPU0 | +| 101 | C1 | 1 | 100% of CPU1 | +| 102 | C1 | 2 | 100% of CPU2 | + +On some systems, changing the resource limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/cpu-shares.md) + + +[//]: # (BEGIN included file options/cpuset-cpus.md) +#### **--cpuset-cpus**=*number* + +CPUs in which to allow execution. Can be specified as a comma-separated list +(e.g. **0,1**), as a range (e.g. **0-3**), or any combination thereof +(e.g. **0-3,7,11-15**). + +On some systems, changing the resource limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/cpuset-cpus.md) + + +[//]: # (BEGIN included file options/cpuset-mems.md) +#### **--cpuset-mems**=*nodes* + +Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on +NUMA systems. + +If there are four memory nodes on the system (0-3), use **--cpuset-mems=0,1** +then processes in the container only uses memory from the first +two memory nodes. + +On some systems, changing the resource limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/cpuset-mems.md) + + +[//]: # (BEGIN included file options/creds.md) +#### **--creds**=*[username[:password]]* + +The [username[:password]] to use to authenticate with the registry, if required. +If one or both values are not supplied, a command line prompt appears and the +value can be entered. The password is entered without echo. + +Note that the specified credentials are only used to authenticate against +target registries. They are not used for mirrors or when the registry gets +rewritten (see `containers-registries.conf(5)`); to authenticate against those +consider using a `containers-auth.json(5)` file. + +[//]: # (END included file options/creds.md) + + +[//]: # (BEGIN included file options/decryption-key.md) +#### **--decryption-key**=*key[:passphrase]* + +The [key[:passphrase]] to be used for decryption of images. Key can point to keys and/or certificates. Decryption is tried with all keys. If the key is protected by a passphrase, it is required to be passed in the argument and omitted otherwise. + +[//]: # (END included file options/decryption-key.md) + + +[//]: # (BEGIN included file options/device.md) +#### **--device**=*host-device[:container-device][:permissions]* + +Add a host device to the container. Optional *permissions* parameter +can be used to specify device permissions by combining +**r** for read, **w** for write, and **m** for **mknod**(2). + +Example: **--device=/dev/sdc:/dev/xvdc:rwm**. + +Note: if *host-device* is a symbolic link then it is resolved first. +The container only stores the major and minor numbers of the host device. + +Podman may load kernel modules required for using the specified +device. The devices that Podman loads modules for when necessary are: +/dev/fuse. + +In rootless mode, the new device is bind mounted in the container from the host +rather than Podman creating it within the container space. Because the bind +mount retains its SELinux label on SELinux systems, the container can get +permission denied when accessing the mounted device. Modify SELinux settings to +allow containers to use all device labels via the following command: + +$ sudo setsebool -P container_use_devices=true + +[//]: # (END included file options/device.md) + +Note: if the user only has access rights via a group, accessing the device +from inside a rootless container fails. The **[crun(1)](https://github.com/containers/crun/tree/main/crun.1.md)** runtime offers a +workaround for this by adding the option +**--annotation run.oci.keep_original_groups=1**. + + +[//]: # (BEGIN included file options/disable-compression.md) +#### **--disable-compression**, **-D** + +Don't compress filesystem layers when building the image unless it is required +by the location where the image is being written. This is the default setting, +because image layers are compressed automatically when they are pushed to +registries, and images being written to local storage only need to be +decompressed again to be stored. Compression can be forced in all cases by +specifying **--disable-compression=false**. + +[//]: # (END included file options/disable-compression.md) + + +[//]: # (BEGIN included file options/dns.md) +#### **--dns**=*ipaddr* + +Set custom DNS servers. + +This option can be used to override the DNS +configuration passed to the container. Typically this is necessary when the +host DNS configuration is invalid for the container (e.g., **127.0.0.1**). When this +is the case the **--dns** flag is necessary for every run. + +The special value **none** can be specified to disable creation of _/etc/resolv.conf_ in the container by Podman. +The _/etc/resolv.conf_ file in the image is used without changes. + +[//]: # (END included file options/dns.md) + +This option cannot be combined with **--network** that is set to **none**. + +Note: this option takes effect only during *RUN* instructions in the build. +It does not affect _/etc/resolv.conf_ in the final image. + + +[//]: # (BEGIN included file options/dns-option.image.md) +#### **--dns-option**=*option* + +Set custom DNS options to be used during the build. + +[//]: # (END included file options/dns-option.image.md) + + +[//]: # (BEGIN included file options/dns-search.image.md) +#### **--dns-search**=*domain* + +Set custom DNS search domains to be used during the build. + +[//]: # (END included file options/dns-search.image.md) + + +[//]: # (BEGIN included file options/env.image.md) +#### **--env**=*env[=value]* + +Add a value (e.g. env=*value*) to the built image. Can be used multiple times. +If neither `=` nor a *value* are specified, but *env* is set in the current +environment, the value from the current environment is added to the image. +To remove an environment variable from the built image, use the `--unsetenv` +option. + +[//]: # (END included file options/env.image.md) + + +[//]: # (BEGIN included file options/file.md) +#### **--file**, **-f**=*Containerfile* + +Specifies a Containerfile which contains instructions for building the image, +either a local file or an **http** or **https** URL. If more than one +Containerfile is specified, *FROM* instructions are only be accepted from the +last specified file. + +If a build context is not specified, and at least one Containerfile is a +local file, the directory in which it resides is used as the build +context. + +Specifying the option `-f -` causes the Containerfile contents to be read from stdin. + +[//]: # (END included file options/file.md) + + +[//]: # (BEGIN included file options/force-rm.md) +#### **--force-rm** + +Always remove intermediate containers after a build, even if the build fails (default true). + +[//]: # (END included file options/force-rm.md) + + +[//]: # (BEGIN included file options/format.md) +#### **--format** + +Control the format for the built image's manifest and configuration data. +Recognized formats include *oci* (OCI image-spec v1.0, the default) and +*docker* (version 2, using schema format 2 for the manifest). + +Note: You can also override the default format by setting the BUILDAH\_FORMAT +environment variable. `export BUILDAH_FORMAT=docker` + +[//]: # (END included file options/format.md) + + +[//]: # (BEGIN included file options/from.md) +#### **--from** + +Overrides the first `FROM` instruction within the Containerfile. If there are multiple +FROM instructions in a Containerfile, only the first is changed. + +With the remote podman client, not all container transports work as +expected. For example, oci-archive:/x.tar references /x.tar on the remote +machine instead of on the client. When using podman remote clients it is +best to restrict use to *containers-storage*, and *docker:// transports*. + +[//]: # (END included file options/from.md) + + +[//]: # (BEGIN included file options/group-add.md) +#### **--group-add**=*group* | *keep-groups* + +Assign additional groups to the primary user running within the container process. + +- `keep-groups` is a special flag that tells Podman to keep the supplementary group access. + +Allows container to use the user's supplementary group access. If file systems or +devices are only accessible by the rootless user's group, this flag tells the OCI +runtime to pass the group access into the container. Currently only available +with the `crun` OCI runtime. Note: `keep-groups` is exclusive, other groups cannot be specified +with this flag. (Not available for remote commands, including Mac and Windows (excluding WSL2) machines) + +[//]: # (END included file options/group-add.md) + + +[//]: # (BEGIN included file options/help.md) +#### **--help**, **-h** + +Print usage statement + +[//]: # (END included file options/help.md) + + +[//]: # (BEGIN included file options/hooks-dir.md) +#### **--hooks-dir**=*path* + +Each *.json file in the path configures a hook for buildah build containers. For more details on the syntax of the JSON files and the semantics of hook injection. Buildah currently support both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is deprecated. + +This option may be set multiple times; paths from later options have higher precedence. + +For the annotation conditions, buildah uses any annotations set in the generated OCI configuration. + +For the bind-mount conditions, only mounts explicitly requested by the caller via --volume are considered. Bind mounts that buildah inserts by default (e.g. /dev/shm) are not considered. + +If --hooks-dir is unset for root callers, Buildah currently defaults to /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d in order of increasing precedence. Using these defaults is deprecated. Migrate to explicitly setting --hooks-dir. + +[//]: # (END included file options/hooks-dir.md) + + +[//]: # (BEGIN included file options/http-proxy.md) +#### **--http-proxy** + +By default proxy environment variables are passed into the container if set +for the Podman process. This can be disabled by setting the value to **false**. +The environment variables passed in include **http_proxy**, +**https_proxy**, **ftp_proxy**, **no_proxy**, and also the upper case versions of +those. This option is only needed when the host system must use a proxy but +the container does not use any proxy. Proxy environment variables specified +for the container in any other way overrides the values that have +been passed through from the host. (Other ways to specify the proxy for the +container include passing the values with the **--env** flag, or hard coding the +proxy environment at container build time.) +When used with the remote client it uses the proxy environment variables +that are set on the server process. + +Defaults to **true**. + +[//]: # (END included file options/http-proxy.md) + + +[//]: # (BEGIN included file options/identity-label.md) +#### **--identity-label** + +Adds default identity label `io.buildah.version` if set. (default true). + +[//]: # (END included file options/identity-label.md) + + +[//]: # (BEGIN included file options/ignorefile.md) +#### **--ignorefile** + +Path to an alternative .containerignore file. + +[//]: # (END included file options/ignorefile.md) + + +[//]: # (BEGIN included file options/iidfile.md) +#### **--iidfile**=*ImageIDfile* + +Write the built image's ID to the file. When `--platform` is specified more than once, attempting to use this option triggers an error. + +[//]: # (END included file options/iidfile.md) + + +[//]: # (BEGIN included file options/ipc.image.md) +#### **--ipc**=*how* + +Sets the configuration for IPC namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate +that a new IPC namespace is created, or it can be "host" to indicate +that the IPC namespace in which `podman` itself is being run is reused, +or it can be the path to an IPC namespace which is already in use by +another process. + +[//]: # (END included file options/ipc.image.md) + + +[//]: # (BEGIN included file options/isolation.md) +#### **--isolation**=*type* + +Controls what type of isolation is used for running processes as part of `RUN` +instructions. Recognized types include *oci* (OCI-compatible runtime, the +default), *rootless* (OCI-compatible runtime invoked using a modified +configuration and its --rootless option enabled, with *--no-new-keyring +--no-pivot* added to its *create* invocation, with network and UTS namespaces +disabled, and IPC, PID, and user namespaces enabled; the default for +unprivileged users), and *chroot* (an internal wrapper that leans more toward +chroot(1) than container technology). + +Note: You can also override the default isolation type by setting the +BUILDAH\_ISOLATION environment variable. `export BUILDAH_ISOLATION=oci` + +[//]: # (END included file options/isolation.md) + + +[//]: # (BEGIN included file options/jobs.md) +#### **--jobs**=*number* + +Run up to N concurrent stages in parallel. If the number of jobs is greater +than 1, stdin is read from /dev/null. If 0 is specified, then there is +no limit in the number of jobs that run in parallel. + +[//]: # (END included file options/jobs.md) + + +[//]: # (BEGIN included file options/label.image.md) +#### **--label**=*label* + +Add an image *label* (e.g. label=*value*) to the image metadata. Can be used +multiple times. + +Users can set a special LABEL **io.containers.capabilities=CAP1,CAP2,CAP3** in +a Containerfile that specifies the list of Linux capabilities required for the +container to run properly. This label specified in a container image tells +Podman to run the container with just these capabilities. Podman launches the +container with just the specified capabilities, as long as this list of +capabilities is a subset of the default list. + +If the specified capabilities are not in the default set, Podman prints an error +message and runs the container with the default capabilities. + +[//]: # (END included file options/label.image.md) + + +[//]: # (BEGIN included file options/layer-label.md) +#### **--layer-label**=*label[=value]* + +Add an intermediate image *label* (e.g. label=*value*) to the intermediate +image metadata. It can be used multiple times. + +If *label* is named, but neither `=` nor a `value` is provided, then +the *label* is set to an empty value. + +[//]: # (END included file options/layer-label.md) + + +[//]: # (BEGIN included file options/layers.md) +#### **--layers** + +Cache intermediate images during the build process (Default is `true`). + +Note: You can also override the default value of layers by setting the +BUILDAH\_LAYERS environment variable. `export BUILDAH_LAYERS=true` + +[//]: # (END included file options/layers.md) + +#### **--local** + +Build image on local machine as well as on farm nodes. + + +[//]: # (BEGIN included file options/logfile.md) +#### **--logfile**=*filename* + +Log output which is sent to standard output and standard error to the +specified file instead of to standard output and standard error. +This option is not supported on the remote client, including Mac and Windows (excluding WSL2) machines. + +[//]: # (END included file options/logfile.md) + + +[//]: # (BEGIN included file options/memory.md) +#### **--memory**, **-m**=*number[unit]* + +Memory limit. A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). + +Allows the memory available to a container to be constrained. If the host +supports swap memory, then the **-m** memory setting can be larger than physical +RAM. If a limit of 0 is specified (not using **-m**), the container's memory is +not limited. The actual limit may be rounded up to a multiple of the operating +system's page size (the value is very large, that's millions of trillions). + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/memory.md) + + +[//]: # (BEGIN included file options/memory-swap.md) +#### **--memory-swap**=*number[unit]* + +A limit value equal to memory plus swap. +A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). + +Must be used with the **-m** (**--memory**) flag. +The argument value must be larger than that of + **-m** (**--memory**) By default, it is set to double +the value of **--memory**. + +Set _number_ to **-1** to enable unlimited swap. + +This option is not supported on cgroups V1 rootless systems. + +[//]: # (END included file options/memory-swap.md) + + +[//]: # (BEGIN included file options/network.image.md) +#### **--network**=*mode*, **--net** + +Sets the configuration for network namespaces when handling `RUN` instructions. + +Valid _mode_ values are: + +- **none**: no networking. +- **host**: use the Podman host network stack. Note: the host mode gives the +container full access to local system services such as D-bus and is therefore +considered insecure. +- **ns:**_path_: path to a network namespace to join. +- **private**: create a new namespace for the container (default) +- **\**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootful users. +- **slirp4netns[:OPTIONS,...]**: use **slirp4netns**(1) to create a user network stack. This is the default for rootless containers. It is possible to specify these additional options, they can also be set with `network_cmd_options` in containers.conf: + - **allow_host_loopback=true|false**: Allow slirp4netns to reach the host loopback IP (default is 10.0.2.2 or the second IP from slirp4netns cidr subnet when changed, see the cidr option below). The default is false. + - **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`). + - **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`). + - **enable_ipv6=true|false**: Enable IPv6. Default is true. (Required for `outbound_addr6`). + - **outbound_addr=INTERFACE**: Specify the outbound interface slirp binds to (ipv4 traffic only). + - **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp binds to. + - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp binds to (ipv6 traffic only). + - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp binds to. +- **pasta[:OPTIONS,...]**: use **pasta**(1) to create a user-mode networking + stack. \ + This is only supported in rootless mode. \ + By default, IPv4 and IPv6 addresses and routes, as well as the pod interface + name, are copied from the host. If port forwarding isn't configured, ports + are forwarded dynamically as services are bound on either side (init + namespace or container namespace). Port forwarding preserves the original + source IP address. Options described in pasta(1) can be specified as + comma-separated arguments. \ + In terms of pasta(1) options, **--config-net** is given by default, in + order to configure networking when the container is started, and + **--no-map-gw** is also assumed by default, to avoid direct access from + container to host using the gateway address. The latter can be overridden + by passing **--map-gw** in the pasta-specific options (despite not being an + actual pasta(1) option). \ + Also, **-t none** and **-u none** are passed to disable + automatic port forwarding based on bound ports. Similarly, **-T none** and + **-U none** are given to disable the same functionality from container to + host. \ + Some examples: + - **pasta:--map-gw**: Allow the container to directly reach the host using the + gateway address. + - **pasta:--mtu,1500**: Specify a 1500 bytes MTU for the _tap_ interface in + the container. + - **pasta:--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,-m,1500,--no-ndp,--no-dhcpv6,--no-dhcp**, + equivalent to default slirp4netns(1) options: disable IPv6, assign + `10.0.2.0/24` to the `tap0` interface in the container, with gateway + `10.0.2.3`, enable DNS forwarder reachable at `10.0.2.3`, set MTU to 1500 + bytes, disable NDP, DHCPv6 and DHCP support. + - **pasta:-I,tap0,--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,--no-ndp,--no-dhcpv6,--no-dhcp**, + equivalent to default slirp4netns(1) options with Podman overrides: same as + above, but leave the MTU to 65520 bytes + - **pasta:-t,auto,-u,auto,-T,auto,-U,auto**: enable automatic port forwarding + based on observed bound ports from both host and container sides + - **pasta:-T,5201**: enable forwarding of TCP port 5201 from container to + host, using the loopback interface instead of the tap interface for improved + performance + +[//]: # (END included file options/network.image.md) + + +[//]: # (BEGIN included file options/no-cache.md) +#### **--no-cache** + +Do not use existing cached images for the container build. Build from the start with a new set of cached layers. + +[//]: # (END included file options/no-cache.md) + + +[//]: # (BEGIN included file options/no-hosts.md) +#### **--no-hosts** + +Do not create _/etc/hosts_ for the container. +By default, Podman manages _/etc/hosts_, adding the container's own IP address and any hosts from **--add-host**. +**--no-hosts** disables this, and the image's _/etc/hosts_ is preserved unmodified. + +[//]: # (END included file options/no-hosts.md) + +This option conflicts with **--add-host**. + + +[//]: # (BEGIN included file options/omit-history.md) +#### **--omit-history** + +Omit build history information in the built image. (default false). + +This option is useful for the cases where end users explicitly +want to set `--omit-history` to omit the optional `History` from +built images or when working with images built using build tools that +do not include `History` information in their images. + +[//]: # (END included file options/omit-history.md) + + +[//]: # (BEGIN included file options/os-feature.md) +#### **--os-feature**=*feature* + +Set the name of a required operating system *feature* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS feature list is kept, if the base image specified any. This option is typically only meaningful when the image's OS is Windows. + +If *feature* has a trailing `-`, then the *feature* is removed from the set of required features which is listed in the image. + +[//]: # (END included file options/os-feature.md) + + +[//]: # (BEGIN included file options/os-version.image.md) +#### **--os-version**=*version* + +Set the exact required operating system *version* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS version is kept, if the base image specified one. This option is typically only meaningful when the image's OS is Windows, and is typically set in Windows base images, so using this option is usually unnecessary. + +[//]: # (END included file options/os-version.image.md) + + +[//]: # (BEGIN included file options/pid.image.md) +#### **--pid**=*pid* + +Sets the configuration for PID namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new PID namespace is created, or it can be "host" to indicate that the PID namespace in which `podman` itself is being run is reused, or it can be the path to a PID namespace which is already in use by another +process. + +[//]: # (END included file options/pid.image.md) + +#### **--platforms**=*p1,p2,p3...* + +Build only on farm nodes that match the given platforms. + + +[//]: # (BEGIN included file options/pull.image.md) +#### **--pull**=*policy* + +Pull image policy. The default is **always**. + +- **always**, **true**: Always pull the image and throw an error if the pull fails. +- **missing**: Only pull the image when it does not exist in the local containers storage. Throw an error if no image is found and the pull fails. +- **never**, **false**: Never pull the image but use the one from the local containers storage. Throw an error when no image is found. +- **newer**: Pull if the image on the registry is newer than the one in the local containers storage. An image is considered to be newer when the digests are different. Comparing the time stamps is prone to errors. Pull errors are suppressed if a local image was found. + +[//]: # (END included file options/pull.image.md) + + +[//]: # (BEGIN included file options/quiet.md) +#### **--quiet**, **-q** + +Suppress output messages which indicate which instruction is being processed, and of progress when pulling images from a registry, and when writing the output image. + +[//]: # (END included file options/quiet.md) + + +[//]: # (BEGIN included file options/retry.md) +#### **--retry**=*attempts* + +Number of times to retry in case of failure when performing pull of +images from registry. Default is **3**. + +[//]: # (END included file options/retry.md) + + +[//]: # (BEGIN included file options/retry-delay.md) +#### **--retry-delay**=*duration* + +Duration of delay between retry attempts in case of failure when performing pull of images from registry. Default is **2s**. + +[//]: # (END included file options/retry-delay.md) + + +[//]: # (BEGIN included file options/rm.md) +#### **--rm** + +Remove intermediate containers after a successful build (default true). + +[//]: # (END included file options/rm.md) + + +[//]: # (BEGIN included file options/runtime.md) +#### **--runtime**=*path* + +The *path* to an alternate OCI-compatible runtime, which is used to run +commands specified by the **RUN** instruction. + +Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc` + +[//]: # (END included file options/runtime.md) + + +[//]: # (BEGIN included file options/runtime-flag.md) +#### **--runtime-flag**=*flag* + +Adds global flags for the container rutime. To list the supported flags, please consult the manpages of the selected container runtime. + +Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json. + +[//]: # (END included file options/runtime-flag.md) + + +[//]: # (BEGIN included file options/secret.image.md) +#### **--secret**=**id=id,src=path** + +Pass secret information used in the Containerfile for building images +in a safe way that are not stored in the final image, or be seen in other stages. +The secret is mounted in the container at the default location of `/run/secrets/id`. + +To later use the secret, use the --mount option in a `RUN` instruction within a `Containerfile`: + +`RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret` + +[//]: # (END included file options/secret.image.md) + + +[//]: # (BEGIN included file options/security-opt.image.md) +#### **--security-opt**=*option* + +Security Options + +- `apparmor=unconfined` : Turn off apparmor confinement for the container +- `apparmor=alternate-profile` : Set the apparmor confinement profile for the +container + +- `label=user:USER` : Set the label user for the container processes +- `label=role:ROLE` : Set the label role for the container processes +- `label=type:TYPE` : Set the label process type for the container processes +- `label=level:LEVEL` : Set the label level for the container processes +- `label=filetype:TYPE` : Set the label file type for the container files +- `label=disable` : Turn off label separation for the container +- `no-new-privileges` : Not supported + +- `seccomp=unconfined` : Turn off seccomp confinement for the container +- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter + +[//]: # (END included file options/security-opt.image.md) + + +[//]: # (BEGIN included file options/shm-size.md) +#### **--shm-size**=*number[unit]* + +Size of _/dev/shm_. A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). +If the unit is omitted, the system uses bytes. If the size is omitted, the default is **64m**. +When _size_ is **0**, there is no limit on the amount of memory used for IPC by the container. +This option conflicts with **--ipc=host**. + +[//]: # (END included file options/shm-size.md) + + +[//]: # (BEGIN included file options/skip-unused-stages.md) +#### **--skip-unused-stages** + +Skip stages in multi-stage builds which don't affect the target stage. (Default: **true**). + +[//]: # (END included file options/skip-unused-stages.md) + + +[//]: # (BEGIN included file options/squash.md) +#### **--squash** + +Squash all of the image's new layers into a single new layer; any preexisting layers are not squashed. + +[//]: # (END included file options/squash.md) + + +[//]: # (BEGIN included file options/squash-all.md) +#### **--squash-all** + +Squash all of the new image's layers (including those inherited from a base image) into a single new layer. + +[//]: # (END included file options/squash-all.md) + + +[//]: # (BEGIN included file options/ssh.md) +#### **--ssh**=*default* | *id[=socket>* + +SSH agent socket or keys to expose to the build. +The socket path can be left empty to use the value of `default=$SSH_AUTH_SOCK` + +To later use the ssh agent, use the --mount option in a `RUN` instruction within a `Containerfile`: + +`RUN --mount=type=ssh,id=id mycmd` + +[//]: # (END included file options/ssh.md) + + +[//]: # (BEGIN included file options/tag.md) +#### **--tag**, **-t**=*imageName* + +Specifies the name which is assigned to the resulting image if the build process completes successfully. +If _imageName_ does not include a registry name, the registry name *localhost* is prepended to the image name. + +[//]: # (END included file options/tag.md) + + +[//]: # (BEGIN included file options/target.md) +#### **--target**=*stageName* + +Set the target build stage to build. When building a Containerfile with multiple build stages, --target can be used to specify an intermediate build stage by name as the final stage for the resulting image. Commands after the target stage is skipped. + +[//]: # (END included file options/target.md) + + +[//]: # (BEGIN included file options/timestamp.md) +#### **--timestamp**=*seconds* + +Set the create timestamp to seconds since epoch to allow for deterministic builds (defaults to current time). By default, the created timestamp is changed and written into the image manifest with every commit, causing the image's sha256 hash to be different even if the sources are exactly the same otherwise. +When --timestamp is set, the created timestamp is always set to the time specified and therefore not changed, allowing the image's sha256 hash to remain the same. All files committed to the layers of the image is created with the timestamp. + +If the only instruction in a Containerfile is `FROM`, this flag has no effect. + +[//]: # (END included file options/timestamp.md) + + +[//]: # (BEGIN included file options/ulimit.image.md) +#### **--ulimit**=*type=soft-limit[:hard-limit]* + +Specifies resource limits to apply to processes launched when processing `RUN` instructions. This option can be specified multiple times. Recognized resource types include: + "core": maximum core dump size (ulimit -c) + "cpu": maximum CPU time (ulimit -t) + "data": maximum size of a process's data segment (ulimit -d) + "fsize": maximum size of new files (ulimit -f) + "locks": maximum number of file locks (ulimit -x) + "memlock": maximum amount of locked memory (ulimit -l) + "msgqueue": maximum amount of data in message queues (ulimit -q) + "nice": niceness adjustment (nice -n, ulimit -e) + "nofile": maximum number of open files (ulimit -n) + "nproc": maximum number of processes (ulimit -u) + "rss": maximum size of a process's (ulimit -m) + "rtprio": maximum real-time scheduling priority (ulimit -r) + "rttime": maximum amount of real-time execution between blocking syscalls + "sigpending": maximum number of pending signals (ulimit -i) + "stack": maximum stack size (ulimit -s) + +[//]: # (END included file options/ulimit.image.md) + + +[//]: # (BEGIN included file options/unsetenv.image.md) +#### **--unsetenv**=*env* + +Unset environment variables from the final image. + +[//]: # (END included file options/unsetenv.image.md) + + +[//]: # (BEGIN included file options/unsetlabel.md) +#### **--unsetlabel**=*label* + +Unset the image label, causing the label not to be inherited from the base image. + +[//]: # (END included file options/unsetlabel.md) + + +[//]: # (BEGIN included file options/userns.image.md) +#### **--userns**=*how* + +Sets the configuration for user namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new user namespace is created, it can be "host" to indicate that the user namespace in which `podman` itself is being run is reused, or it can be the path to a user namespace which is already in use by another process. + +[//]: # (END included file options/userns.image.md) + + +[//]: # (BEGIN included file options/userns-gid-map.md) +#### **--userns-gid-map**=*mapping* + +Directly specifies a GID mapping to be used to set ownership, at the +filesystem level, on the working container's contents. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. + +Entries in this map take the form of one or more triples of a starting +in-container GID, a corresponding starting host-level GID, and the number of consecutive IDs which the map entry represents. + +This option overrides the *remap-gids* setting in the *options* section of /etc/containers/storage.conf. + +If this option is not specified, but a global --userns-gid-map setting is supplied, settings from the global option is used. + +If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-gid-map are specified, but --userns-uid-map is specified, the GID map is set to use the same numeric values as the UID map. + +[//]: # (END included file options/userns-gid-map.md) + + +[//]: # (BEGIN included file options/userns-gid-map-group.md) +#### **--userns-gid-map-group**=*group* + +Specifies that a GID mapping to be used to set ownership, at the +filesystem level, on the working container's contents, can be found in entries in the `/etc/subgid` file which correspond to the specified group. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. +If --userns-uid-map-user is specified, but --userns-gid-map-group is not specified, `podman` assumes that the specified user name is also a +suitable group name to use as the default setting for this option. + +**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. + +[//]: # (END included file options/userns-gid-map-group.md) + + +[//]: # (BEGIN included file options/userns-uid-map.md) +#### **--userns-uid-map**=*mapping* + +Directly specifies a UID mapping to be used to set ownership, at the +filesystem level, on the working container's contents. +Commands run when handling `RUN` instructions default to being run in +their own user namespaces, configured using the UID and GID maps. + +Entries in this map take the form of one or more triples of a starting +in-container UID, a corresponding starting host-level UID, and the number of consecutive IDs which the map entry represents. + +This option overrides the *remap-uids* setting in the *options* section of /etc/containers/storage.conf. + +If this option is not specified, but a global --userns-uid-map setting is supplied, settings from the global option is used. + +If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-uid-map are specified, but --userns-gid-map is specified, the UID map is set to use the same numeric values as the GID map. + +[//]: # (END included file options/userns-uid-map.md) + + +[//]: # (BEGIN included file options/userns-uid-map-user.md) +#### **--userns-uid-map-user**=*user* + +Specifies that a UID mapping to be used to set ownership, at the +filesystem level, on the working container's contents, can be found in entries in the `/etc/subuid` file which correspond to the specified user. +Commands run when handling `RUN` instructions defaults to being run in +their own user namespaces, configured using the UID and GID maps. +If --userns-gid-map-group is specified, but --userns-uid-map-user is not specified, `podman` assumes that the specified group name is also a +suitable user name to use as the default setting for this option. + +**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. + +[//]: # (END included file options/userns-uid-map-user.md) + + +[//]: # (BEGIN included file options/uts.md) +#### **--uts**=*how* + +Sets the configuration for UTS namespaces when handling `RUN` instructions. +The configured value can be "" (the empty string) or "container" to indicate that a new UTS namespace to be created, or it can be "host" to indicate that the UTS namespace in which `podman` itself is being run is reused, or it can be the path to a UTS namespace which is already in use by another process. + +[//]: # (END included file options/uts.md) + + +[//]: # (BEGIN included file options/volume.image.md) +#### **--volume**, **-v**=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]* + +Create a bind mount. Specifying the `-v /HOST-DIR:/CONTAINER-DIR` option, Podman +bind mounts `/HOST-DIR` from the host to `/CONTAINER-DIR` in the Podman +container. + +The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) + + * [rw|ro] + * [z|Z|O] + * [U] + * [`[r]shared`|`[r]slave`|`[r]private`] + +The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` +must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the +specified path. For example, when specifying the host path `/foo`, +Podman copies the contents of `/foo` to the container filesystem on the host +and bind mounts that into the container. + +You can specify multiple **-v** options to mount one or more mounts to a +container. + +You can add the `:ro` or `:rw` suffix to a volume to mount it read-only or +read-write mode, respectively. By default, the volumes are mounted read-write. +See examples. + + `Chowning Volume Mounts` + +By default, Podman does not change the owner and group of source volume +directories mounted. When running using user namespaces, the UID and GID inside +the namespace may correspond to another UID and GID on the host. + +The `:U` suffix tells Podman to use the correct host UID and GID based on the +UID and GID within the namespace, to change recursively the owner and group of +the source volume. + +**Warning** use with caution since this modifies the host filesystem. + + `Labeling Volume Mounts` + +Labeling systems like SELinux require that proper labels are placed on volume +content mounted into a container. Without a label, the security system might +prevent the processes running inside the container from using the content. By +default, Podman does not change the labels set by the OS. + +To change a label in the container context, add one of these two suffixes +`:z` or `:Z` to the volume mount. These suffixes tell Podman to relabel file +objects on the shared volumes. The `z` option tells Podman that two containers +share the volume content. As a result, Podman labels the content with a shared +content label. Shared volume labels allow all containers to read/write content. +The `Z` option tells Podman to label the content with a private unshared label. +Only the current container can use a private volume. + +Note: Do not relabel system files and directories. Relabeling system content +might cause other confined services on the host machine to fail. For these types +of containers, disabling SELinux separation is recommended. The option +`--security-opt label=disable` disables SELinux separation for the container. +For example, if a user wanted to volume mount their entire home directory into the build containers, they need to disable SELinux separation. + + $ podman build --security-opt label=disable -v $HOME:/home/user . + + `Overlay Volume Mounts` + + The `:O` flag tells Podman to mount the directory from the host as a +temporary storage using the Overlay file system. The `RUN` command containers +are allowed to modify contents within the mountpoint and are stored in the +container storage in a separate directory. In Overlay FS terms the source +directory is the lower, and the container storage directory is the +upper. Modifications to the mount point are destroyed when the `RUN` command +finishes executing, similar to a tmpfs mount point. + + Any subsequent execution of `RUN` commands sees the original source directory +content, any changes from previous RUN commands no longer exists. + + One use case of the `overlay` mount is sharing the package cache from the +host into the container to allow speeding up builds. + + Note: + + - Overlay mounts are not currently supported in rootless mode. + - The `O` flag is not allowed to be specified with the `Z` or `z` flags. +Content mounted into the container is labeled with the private label. + On SELinux systems, labels in the source directory needs to be readable +by the container label. If not, SELinux container separation must be disabled +for the container to work. + - Modification of the directory volume mounted into the container with an +overlay mount can cause unexpected failures. Do not modify the directory until +the container finishes running. + +By default bind mounted volumes are `private`. That means any mounts done +inside containers are not be visible on the host and vice versa. This behavior +can be changed by specifying a volume mount propagation property. + +When the mount propagation policy is set to `shared`, any mounts completed +inside the container on that volume is visible to both the host and +container. When the mount propagation policy is set to `slave`, one way mount +propagation is enabled and any mounts completed on the host for that volume is +visible only inside of the container. To control the mount propagation +property of volume use the `:[r]shared`, `:[r]slave` or `:[r]private` +propagation flag. For mount propagation to work on the source mount point (mount +point where source dir is mounted on) has to have the right propagation properties. +For shared volumes, the source mount point has to be shared. And for slave volumes, +the source mount has to be either shared or slave. [[1]](#Footnote1) + +Use `df ` to determine the source mount and then use +`findmnt -o TARGET,PROPAGATION ` to determine propagation +properties of source mount, if `findmnt` utility is not available, the source +mount point can be determined by looking at the mount entry in +`/proc/self/mountinfo`. Look at `optional fields` and see if any propagation +properties are specified. +`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` +and if nothing is there that means the mount is `private`. [[1]](#Footnote1) + +To change propagation properties of a mount point use the `mount` command. For +example, to bind mount the source directory `/foo` do +`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This +converts /foo into a `shared` mount point. The propagation properties of +the source mount can be changed directly. For instance if `/` is the source +mount for `/foo`, then use `mount --make-shared /` to convert `/` into a +`shared` mount. + +[//]: # (END included file options/volume.image.md) + +## EXAMPLES + +``` +$ podman farm build --local -t name -f /path/to/containerfile . + +$ podman farm --farm build myfarm -t name . + +$ podman farm --farm myfarm build --cleanup -t name . + +$ podman farm build --platforms arm64,amd64 --cleanup -t name . +``` + +## SEE ALSO +**[podman(1)](podman.1.md)**, **[podman-farm(1)](podman-farm.1.md)**, **[buildah(1)](https://github.com/containers/buildah/blob/main/docs/buildah.1.md)**, **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)**, **[containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)**, **[crun(1)](https://github.com/containers/crun/blob/main/crun.1.md)**, **[runc(8)](https://github.com/opencontainers/runc/blob/main/man/runc.8.md)**, **[useradd(8)](https://www.unix.com/man-page/redhat/8/useradd)**, **[Containerfile(5)](https://github.com/containers/common/blob/main/docs/Containerfile.5.md)**, **[containerignore(5)](https://github.com/containers/common/blob/main/docs/containerignore.5.md)** + +## HISTORY + +September 2023, Originally compiled by Urvashi Mohnani `` + +## FOOTNOTES +1: The Podman project is committed to inclusivity, a +core value of open source. The `master` and `slave` mount propagation +terminology used here is problematic and divisive, and needs to be changed. +However, these terms are currently used within the Linux kernel and must be +used as-is at this time. When the kernel maintainers rectify this usage, +Podman will follow suit immediately. diff --git a/docs/source/markdown/podman-farm-build.1.md.in b/docs/source/markdown/podman-farm-build.1.md.in new file mode 100644 index 000000000000..64fd8a7c9637 --- /dev/null +++ b/docs/source/markdown/podman-farm-build.1.md.in @@ -0,0 +1,233 @@ +% podman-farm-build 1 + +## NAME +podman\-farm\-build - Build images on farm nodes, then bundle them into a manifest list + +## SYNOPSIS +**podman farm build** [*options*] [*context*] + +## DESCRIPTION +**podman farm build** Builds an image on all nodes in a farm and bundles them up into a manifest list. +It executes the `podman build` command on the nodes in the farm with the given Containerfile. + +The manifest list will contain an image per native architecture type that is present in the farm. + +The primary function of this command is to create multi-architecture builds that will be faster than doing it +via emulation using `podman build --arch --platform`. + +If no farm is specified, the build will be sent out to all the nodes that `podman system connection` knows of. + +## OPTIONS + +@@option annotation.image + +@@option authfile + +@@option build-arg + +@@option build-arg-file + +@@option build-context + +@@option cache-from + +@@option cache-to + +@@option cache-ttl + +@@option cap-add.image + +@@option cap-drop.image + +@@option cert-dir + +@@option cgroup-parent + +@@option cgroupns.image + +#### **--cleanup** + +Remove built images from farm nodes on success (Default: false). + +@@option cpp-flag + +@@option cpu-period + +@@option cpu-quota + +@@option cpu-shares + +@@option cpuset-cpus + +@@option cpuset-mems + +@@option creds + +@@option decryption-key + +@@option device + +Note: if the user only has access rights via a group, accessing the device +from inside a rootless container fails. The **[crun(1)](https://github.com/containers/crun/tree/main/crun.1.md)** runtime offers a +workaround for this by adding the option +**--annotation run.oci.keep_original_groups=1**. + +@@option disable-compression + +@@option dns + +This option cannot be combined with **--network** that is set to **none**. + +Note: this option takes effect only during *RUN* instructions in the build. +It does not affect _/etc/resolv.conf_ in the final image. + +@@option dns-option.image + +@@option dns-search.image + +@@option env.image + +@@option file + +@@option force-rm + +@@option format + +@@option from + +@@option group-add + +@@option help + +@@option hooks-dir + +@@option http-proxy + +@@option identity-label + +@@option ignorefile + +@@option iidfile + +@@option ipc.image + +@@option isolation + +@@option jobs + +@@option label.image + +@@option layer-label + +@@option layers + +#### **--local** + +Build image on local machine as well as on farm nodes. + +@@option logfile + +@@option memory + +@@option memory-swap + +@@option network.image + +@@option no-cache + +@@option no-hosts + +This option conflicts with **--add-host**. + +@@option omit-history + +@@option os-feature + +@@option os-version.image + +@@option pid.image + +#### **--platforms**=*p1,p2,p3...* + +Build only on farm nodes that match the given platforms. + +@@option pull.image + +@@option quiet + +@@option retry + +@@option retry-delay + +@@option rm + +@@option runtime + +@@option runtime-flag + +@@option secret.image + +@@option security-opt.image + +@@option shm-size + +@@option skip-unused-stages + +@@option squash + +@@option squash-all + +@@option ssh + +@@option tag + +@@option target + +@@option timestamp + +@@option ulimit.image + +@@option unsetenv.image + +@@option unsetlabel + +@@option userns.image + +@@option userns-gid-map + +@@option userns-gid-map-group + +@@option userns-uid-map + +@@option userns-uid-map-user + +@@option uts + +@@option volume.image + +## EXAMPLES + +``` +$ podman farm build --local -t name -f /path/to/containerfile . + +$ podman farm --farm build myfarm -t name . + +$ podman farm --farm myfarm build --cleanup -t name . + +$ podman farm build --platforms arm64,amd64 --cleanup -t name . +``` + +## SEE ALSO +**[podman(1)](podman.1.md)**, **[podman-farm(1)](podman-farm.1.md)**, **[buildah(1)](https://github.com/containers/buildah/blob/main/docs/buildah.1.md)**, **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)**, **[containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)**, **[crun(1)](https://github.com/containers/crun/blob/main/crun.1.md)**, **[runc(8)](https://github.com/opencontainers/runc/blob/main/man/runc.8.md)**, **[useradd(8)](https://www.unix.com/man-page/redhat/8/useradd)**, **[Containerfile(5)](https://github.com/containers/common/blob/main/docs/Containerfile.5.md)**, **[containerignore(5)](https://github.com/containers/common/blob/main/docs/containerignore.5.md)** + +## HISTORY + +September 2023, Originally compiled by Urvashi Mohnani `` + +## FOOTNOTES +1: The Podman project is committed to inclusivity, a +core value of open source. The `master` and `slave` mount propagation +terminology used here is problematic and divisive, and needs to be changed. +However, these terms are currently used within the Linux kernel and must be +used as-is at this time. When the kernel maintainers rectify this usage, +Podman will follow suit immediately. diff --git a/docs/source/markdown/podman-farm.1.md b/docs/source/markdown/podman-farm.1.md index 7c08dc4ca5fd..242b174f857a 100644 --- a/docs/source/markdown/podman-farm.1.md +++ b/docs/source/markdown/podman-farm.1.md @@ -13,12 +13,13 @@ Manage farms by creating, updating, and removing them. ## COMMANDS -| Command | Man Page | Description | -| -------- | ------------------------------------------------------------- | ------------------------ | -| create | [podman-farm\-create(1)](podman-farm-create.1.md) | Create a new farm | -| list | [podman-farm\-list(1)](podman-farm-list.1.md) | List the existing farms | -| remove | [podman-farm\-remove(1)](podman-farm-remove.1.md) | Delete one or more farms | -| update | [podman-farm\-update(1)](podman-farm-update.1.md) | Update an existing farm | +| Command | Man Page | Description | +| -------- | ----------------------------------------------------| ----------------------------------------------------------------- | +| build | [podman-farm\-build(1)](podman-farm-build.1.md) | Build images on farm nodes, then bundle them into a manifest list | +| create | [podman-farm\-create(1)](podman-farm-create.1.md) | Create a new farm | +| list | [podman-farm\-list(1)](podman-farm-list.1.md) | List the existing farms | +| remove | [podman-farm\-remove(1)](podman-farm-remove.1.md) | Delete one or more farms | +| update | [podman-farm\-update(1)](podman-farm-update.1.md) | Update an existing farm | ## SEE ALSO **[podman(1)](podman.1.md)** From 75638a72a8bab8c7fafcdcf0cbed1f60a314a94b Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 22 Nov 2023 07:27:43 -0500 Subject: [PATCH 058/170] If API calls for kube play --replace, then replace pod Currently if user specifies podman kube play --replace, the pod is removed on the client side, not the server side. If the API is called with replace=true, the pod was not being removed and this called the API to fail. This PR removes the pod if it exists and the caller specifies replace=true. Fixes: https://github.com/containers/podman/discussions/20705 Signed-off-by: Daniel J Walsh --- pkg/domain/infra/abi/play.go | 5 +++++ test/apiv2/80-kube.at | 7 +++++++ 2 files changed, 12 insertions(+) diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 1d1f3a6407ff..9a1811bd875f 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -714,6 +714,11 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY podSpec.PodSpecGen.ServiceContainerID = serviceContainer.ID() } + if options.Replace { + if _, err := ic.PodRm(ctx, []string{podName}, entities.PodRmOptions{Force: true, Ignore: true}); err != nil { + return nil, nil, fmt.Errorf("replacing pod %v: %w", podName, err) + } + } // Create the Pod pod, err := generate.MakePod(&podSpec, ic.Libpod) if err != nil { diff --git a/test/apiv2/80-kube.at b/test/apiv2/80-kube.at index 91afb2dc089b..ef72171215a1 100644 --- a/test/apiv2/80-kube.at +++ b/test/apiv2/80-kube.at @@ -48,6 +48,13 @@ t POST libpod/kube/play $YAML 200 \ .Pods[0].ContainerErrors=null \ .Pods[0].Containers[0]~[0-9a-f]\\{64\\} +t POST libpod/kube/play $YAML 500 + +t POST 'libpod/kube/play?replace=true' $YAML 200 \ + .Pods[0].ID~[0-9a-f]\\{64\\} \ + .Pods[0].ContainerErrors=null \ + .Pods[0].Containers[0]~[0-9a-f]\\{64\\} + t DELETE libpod/kube/play $YAML 200 \ .StopReport[0].Id~[0-9a-f]\\{64\\} \ .RmReport[0].Id~[0-9a-f]\\{64\\} From da9349ce4271241145e827792206f780ed9b0611 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Wed, 22 Nov 2023 13:17:29 -0600 Subject: [PATCH 059/170] podman machine image from oci updates It makes more sense to key off the hypervisor/provider when pulling disks from oci registries. i.e. quay.io/libpod/podman-machine-images:5.0-qemu Also, now that we are in 5.0-dev, I also removed the overrides always making the podman version 4.6. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude --- pkg/machine/ocipull/oci.go | 10 ++-------- pkg/machine/ocipull/versioned.go | 10 +++++----- pkg/machine/pull.go | 2 +- 3 files changed, 8 insertions(+), 14 deletions(-) diff --git a/pkg/machine/ocipull/oci.go b/pkg/machine/ocipull/oci.go index abc7d4234259..52ac3088080b 100644 --- a/pkg/machine/ocipull/oci.go +++ b/pkg/machine/ocipull/oci.go @@ -67,12 +67,6 @@ func StripOCIReference(input string) string { func getVersion() *OSVersion { v := version.Version - - // OVERRIDES FOR DEV ONLY - v.Minor = 6 - v.Pre = nil - // OVERRIDES FOR DEV ONLY - return &OSVersion{&v} } @@ -80,8 +74,8 @@ func (o *OSVersion) majorMinor() string { return fmt.Sprintf("%d.%d", o.Major, o.Minor) } -func (o *OSVersion) diskImage(diskFlavor define.ImageFormat) string { - return fmt.Sprintf("%s/%s/%s:%s-%s", registry, repo, diskImages, o.majorMinor(), diskFlavor.Kind()) +func (o *OSVersion) diskImage(vmType string) string { + return fmt.Sprintf("%s/%s/%s:%s-%s", registry, repo, diskImages, o.majorMinor(), vmType) } func unpackOCIDir(ociTb, machineImageDir string) (*define.VMFile, error) { diff --git a/pkg/machine/ocipull/versioned.go b/pkg/machine/ocipull/versioned.go index 9cc5e630aa42..59a8d560100a 100644 --- a/pkg/machine/ocipull/versioned.go +++ b/pkg/machine/ocipull/versioned.go @@ -20,20 +20,20 @@ type Versioned struct { blobDirPath string cacheDir string ctx context.Context - imageFormat define.ImageFormat imageName string machineImageDir string machineVersion *OSVersion vmName string + vmType string } -func NewVersioned(ctx context.Context, machineImageDir, vmName string) (*Versioned, error) { +func NewVersioned(ctx context.Context, machineImageDir, vmName string, vmType string) (*Versioned, error) { imageCacheDir := filepath.Join(machineImageDir, "cache") if err := os.MkdirAll(imageCacheDir, 0777); err != nil { return nil, err } o := getVersion() - return &Versioned{ctx: ctx, cacheDir: imageCacheDir, machineImageDir: machineImageDir, machineVersion: o, vmName: vmName}, nil + return &Versioned{ctx: ctx, cacheDir: imageCacheDir, machineImageDir: machineImageDir, machineVersion: o, vmName: vmName, vmType: vmType}, nil } func (d *Versioned) LocalBlob() *types.BlobInfo { @@ -41,7 +41,7 @@ func (d *Versioned) LocalBlob() *types.BlobInfo { } func (d *Versioned) DiskEndpoint() string { - return d.machineVersion.diskImage(d.imageFormat) + return d.machineVersion.diskImage(d.vmType) } func (d *Versioned) versionedOCICacheDir() string { @@ -74,7 +74,7 @@ func (d *Versioned) Pull() error { remoteDescriptor *v1.Descriptor ) - remoteDiskImage := d.machineVersion.diskImage(define.Qcow) + remoteDiskImage := d.machineVersion.diskImage(d.vmType) logrus.Debugf("podman disk image name: %s", remoteDiskImage) // is there a valid oci dir in our cache diff --git a/pkg/machine/pull.go b/pkg/machine/pull.go index 83ae5067478c..538d67f99c71 100644 --- a/pkg/machine/pull.go +++ b/pkg/machine/pull.go @@ -270,7 +270,7 @@ func Pull(input, machineName string, vp VirtProvider) (*define.VMFile, FCOSStrea if len(strippedInput) > 0 { return nil, 0, errors.New("image names are not supported yet") } - disk, err = ocipull.NewVersioned(context.Background(), dataDir, machineName) + disk, err = ocipull.NewVersioned(context.Background(), dataDir, machineName, vp.VMType().String()) if err != nil { return nil, 0, err } From 3ca8b4013ff4d98fdce91de7e72775c5242b5d5a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 Nov 2023 13:07:46 +0000 Subject: [PATCH 060/170] fix(deps): update module github.com/crc-org/vfkit to v0.5.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- vendor/modules.txt | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 9c0bd374f97e..92d70ae5b03e 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( github.com/containers/storage v1.51.0 github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 - github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 + github.com/crc-org/vfkit v0.5.0 github.com/cyphar/filepath-securejoin v0.2.4 github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e github.com/docker/distribution v2.8.3+incompatible diff --git a/go.sum b/go.sum index d2679e2cfe7a..71d2fee1be72 100644 --- a/go.sum +++ b/go.sum @@ -307,8 +307,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:ma github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 h1:QXiiq7uk7RR4t0Urp/OtIibD+6PJHkEE2zy3QTQ42so= -github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420/go.mod h1:OQiqOghCzdgkd/jRoVu4/lcfQSKje7XPVpfW1aO9YvE= +github.com/crc-org/vfkit v0.5.0 h1:co7N/3h5Jl29VfhPIvbF2cSG2bC7vC4DxbBVeppGPY0= +github.com/crc-org/vfkit v0.5.0/go.mod h1:OQiqOghCzdgkd/jRoVu4/lcfQSKje7XPVpfW1aO9YvE= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= diff --git a/vendor/modules.txt b/vendor/modules.txt index 2bae766e5bd6..ef2b0bd13f32 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -415,7 +415,7 @@ github.com/coreos/stream-metadata-go/release github.com/coreos/stream-metadata-go/release/rhcos github.com/coreos/stream-metadata-go/stream github.com/coreos/stream-metadata-go/stream/rhcos -# github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 +# github.com/crc-org/vfkit v0.5.0 ## explicit; go 1.18 github.com/crc-org/vfkit/pkg/cmdline github.com/crc-org/vfkit/pkg/config From 98c525cf966ff8c62c4085fa86ce2dcbf2f767a8 Mon Sep 17 00:00:00 2001 From: Arthur Sengileyev Date: Thu, 23 Nov 2023 16:36:36 +0200 Subject: [PATCH 061/170] Remove unnencessary pregenerated doc Signed-off-by: Arthur Sengileyev --- docs/source/markdown/.gitignore | 1 + docs/source/markdown/podman-farm-build.1.md | 1322 ------------------- 2 files changed, 1 insertion(+), 1322 deletions(-) delete mode 100644 docs/source/markdown/podman-farm-build.1.md diff --git a/docs/source/markdown/.gitignore b/docs/source/markdown/.gitignore index 3aae56e5c6d9..29bbf0b411ca 100644 --- a/docs/source/markdown/.gitignore +++ b/docs/source/markdown/.gitignore @@ -9,6 +9,7 @@ podman-container-runlabel.1.md podman-create.1.md podman-diff.1.md podman-exec.1.md +podman-farm-build.1.md podman-image-sign.1.md podman-image-trust.1.md podman-images.1.md diff --git a/docs/source/markdown/podman-farm-build.1.md b/docs/source/markdown/podman-farm-build.1.md deleted file mode 100644 index 5bd9105dbd5d..000000000000 --- a/docs/source/markdown/podman-farm-build.1.md +++ /dev/null @@ -1,1322 +0,0 @@ -% podman-farm-build 1 - -## NAME -podman\-farm\-build - Build images on farm nodes, then bundle them into a manifest list - -## SYNOPSIS -**podman farm build** [*options*] [*context*] - -## DESCRIPTION -**podman farm build** Builds an image on all nodes in a farm and bundles them up into a manifest list. -It executes the `podman build` command on the nodes in the farm with the given Containerfile. - -The manifest list will contain an image per native architecture type that is present in the farm. - -The primary function of this command is to create multi-architecture builds that will be faster than doing it -via emulation using `podman build --arch --platform`. - -If no farm is specified, the build will be sent out to all the nodes that `podman system connection` knows of. - -## OPTIONS - - -[//]: # (BEGIN included file options/annotation.image.md) -#### **--annotation**=*annotation=value* - -Add an image *annotation* (e.g. annotation=*value*) to the image metadata. Can -be used multiple times. - -Note: this information is not present in Docker image formats, so it is -discarded when writing images in Docker formats. - -[//]: # (END included file options/annotation.image.md) - - -[//]: # (BEGIN included file options/authfile.md) -#### **--authfile**=*path* - -Path of the authentication file. Default is `${XDG_RUNTIME_DIR}/containers/auth.json` on Linux, and `$HOME/.config/containers/auth.json` on Windows/macOS. -The file is created by **[podman login](podman-login.1.md)**. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using **docker login**. - -Note: There is also the option to override the default path of the authentication file by setting the `REGISTRY_AUTH_FILE` environment variable. This can be done with **export REGISTRY_AUTH_FILE=_path_**. - -[//]: # (END included file options/authfile.md) - - -[//]: # (BEGIN included file options/build-arg.md) -#### **--build-arg**=*arg=value* - -Specifies a build argument and its value, which is interpolated in -instructions read from the Containerfiles in the same way that environment variables are, but which are not added to environment variable list in the resulting image's configuration. - -[//]: # (END included file options/build-arg.md) - - -[//]: # (BEGIN included file options/build-arg-file.md) -#### **--build-arg-file**=*path* - -Specifies a file containing lines of build arguments of the form `arg=value`. -The suggested file name is `argfile.conf`. - -Comment lines beginning with `#` are ignored, along with blank lines. -All others must be of the `arg=value` format passed to `--build-arg`. - -If several arguments are provided via the `--build-arg-file` -and `--build-arg` options, the build arguments are merged across all -of the provided files and command line arguments. - -Any file provided in a `--build-arg-file` option is read before -the arguments supplied via the `--build-arg` option. - -When a given argument name is specified several times, the last instance -is the one that is passed to the resulting builds. This means `--build-arg` -values always override those in a `--build-arg-file`. - -[//]: # (END included file options/build-arg-file.md) - - -[//]: # (BEGIN included file options/build-context.md) -#### **--build-context**=*name=value* - -Specify an additional build context using its short name and its location. -Additional build contexts can be referenced in the same manner as we access -different stages in COPY instruction. - -Valid values are: - -* Local directory – e.g. --build-context project2=../path/to/project2/src (This option is not available with the remote Podman client. On Podman machine setup (i.e macOS and Winows) path must exists on the machine VM) -* HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar -* Container image – specified with a container-image:// prefix, e.g. --build-context alpine=container-image://alpine:3.15, (also accepts docker://, docker-image://) - -On the Containerfile side, reference the build context on all -commands that accept the “from” parameter. Here’s how that might look: - -```dockerfile -FROM [name] -COPY --from=[name] ... -RUN --mount=from=[name] … -``` - -The value of [name] is matched with the following priority order: - -* Named build context defined with --build-context [name]=.. -* Stage defined with AS [name] inside Containerfile -* Image [name], either local or in a remote registry - -[//]: # (END included file options/build-context.md) - - -[//]: # (BEGIN included file options/cache-from.md) -#### **--cache-from**=*image* - -Repository to utilize as a potential cache source. When specified, Buildah tries to look for -cache images in the specified repository and attempts to pull cache images instead of actually -executing the build steps locally. Buildah only attempts to pull previously cached images if they -are considered as valid cache hits. - -Use the `--cache-to` option to populate a remote repository with cache content. - -Example - -```bash -# populate a cache and also consult it -buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . -``` - -Note: `--cache-from` option is ignored unless `--layers` is specified. - -[//]: # (END included file options/cache-from.md) - - -[//]: # (BEGIN included file options/cache-to.md) -#### **--cache-to**=*image* - -Set this flag to specify a remote repository that is used to store cache images. Buildah attempts to -push newly built cache image to the remote repository. - -Note: Use the `--cache-from` option in order to use cache content in a remote repository. - -Example - -```bash -# populate a cache and also consult it -buildah build -t test --layers --cache-to registry/myrepo/cache --cache-from registry/myrepo/cache . -``` - -Note: `--cache-to` option is ignored unless `--layers` is specified. - -[//]: # (END included file options/cache-to.md) - - -[//]: # (BEGIN included file options/cache-ttl.md) -#### **--cache-ttl** - -Limit the use of cached images to only consider images with created timestamps less than *duration* ago. -For example if `--cache-ttl=1h` is specified, Buildah considers intermediate cache images which are created -under the duration of one hour, and intermediate cache images outside this duration is ignored. - -Note: Setting `--cache-ttl=0` manually is equivalent to using `--no-cache` in the -implementation since this means that the user dones not want to use cache at all. - -[//]: # (END included file options/cache-ttl.md) - - -[//]: # (BEGIN included file options/cap-add.image.md) -#### **--cap-add**=*CAP\_xxx* - -When executing RUN instructions, run the command specified in the instruction -with the specified capability added to its capability set. -Certain capabilities are granted by default; this option can be used to add -more. - -[//]: # (END included file options/cap-add.image.md) - - -[//]: # (BEGIN included file options/cap-drop.image.md) -#### **--cap-drop**=*CAP\_xxx* - -When executing RUN instructions, run the command specified in the instruction -with the specified capability removed from its capability set. -The CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER, -CAP\_FSETID, CAP\_KILL, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP, -CAP\_SETGID, CAP\_SETPCAP, and CAP\_SETUID capabilities are -granted by default; this option can be used to remove them. - -If a capability is specified to both the **--cap-add** and **--cap-drop** -options, it is dropped, regardless of the order in which the options were -given. - -[//]: # (END included file options/cap-drop.image.md) - - -[//]: # (BEGIN included file options/cert-dir.md) -#### **--cert-dir**=*path* - -Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. (Default: /etc/containers/certs.d) -For details, see **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)**. -(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) - -[//]: # (END included file options/cert-dir.md) - - -[//]: # (BEGIN included file options/cgroup-parent.md) -#### **--cgroup-parent**=*path* - -Path to cgroups under which the cgroup for the container is created. If the -path is not absolute, the path is considered to be relative to the cgroups path -of the init process. Cgroups are created if they do not already exist. - -[//]: # (END included file options/cgroup-parent.md) - - -[//]: # (BEGIN included file options/cgroupns.image.md) -#### **--cgroupns**=*how* - -Sets the configuration for cgroup namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "private" to indicate -that a new cgroup namespace is created, or it can be "host" to indicate -that the cgroup namespace in which `buildah` itself is being run is reused. - -[//]: # (END included file options/cgroupns.image.md) - -#### **--cleanup** - -Remove built images from farm nodes on success (Default: false). - - -[//]: # (BEGIN included file options/cpp-flag.md) -#### **--cpp-flag**=*flags* - -Set additional flags to pass to the C Preprocessor cpp(1). Containerfiles ending with a ".in" suffix is preprocessed via cpp(1). This option can be used to pass additional flags to cpp.Note: You can also set default CPPFLAGS by setting the BUILDAH_CPPFLAGS environment variable (e.g., export BUILDAH_CPPFLAGS="-DDEBUG"). - -[//]: # (END included file options/cpp-flag.md) - - -[//]: # (BEGIN included file options/cpu-period.md) -#### **--cpu-period**=*limit* - -Set the CPU period for the Completely Fair Scheduler (CFS), which is a -duration in microseconds. Once the container's CPU quota is used up, it will not -be scheduled to run until the current period ends. Defaults to 100000 -microseconds. - -On some systems, changing the resource limits may not be allowed for non-root -users. For more details, see -https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/cpu-period.md) - - -[//]: # (BEGIN included file options/cpu-quota.md) -#### **--cpu-quota**=*limit* - -Limit the CPU Completely Fair Scheduler (CFS) quota. - -Limit the container's CPU usage. By default, containers run with the full -CPU resource. The limit is a number in microseconds. If a number is provided, -the container is allowed to use that much CPU time until the CPU period -ends (controllable via **--cpu-period**). - -On some systems, changing the resource limits may not be allowed for non-root -users. For more details, see -https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/cpu-quota.md) - - -[//]: # (BEGIN included file options/cpu-shares.md) -#### **--cpu-shares**, **-c**=*shares* - -CPU shares (relative weight). - -By default, all containers get the same proportion of CPU cycles. This -proportion can be modified by changing the container's CPU share weighting -relative to the combined weight of all the running containers. -Default weight is **1024**. - -The proportion only applies when CPU-intensive processes are running. -When tasks in one container are idle, other containers can use the -left-over CPU time. The actual amount of CPU time varies depending on -the number of containers running on the system. - -For example, consider three containers, one has a cpu-share of 1024 and -two others have a cpu-share setting of 512. When processes in all three -containers attempt to use 100% of CPU, the first container receives -50% of the total CPU time. If a fourth container is added with a cpu-share -of 1024, the first container only gets 33% of the CPU. The remaining containers -receive 16.5%, 16.5% and 33% of the CPU. - -On a multi-core system, the shares of CPU time are distributed over all CPU -cores. Even if a container is limited to less than 100% of CPU time, it can -use 100% of each individual CPU core. - -For example, consider a system with more than three cores. -If the container _C0_ is started with **--cpu-shares=512** running one process, -and another container _C1_ with **--cpu-shares=1024** running two processes, -this can result in the following division of CPU shares: - -| PID | container | CPU | CPU share | -| ---- | ----------- | ------- | ------------ | -| 100 | C0 | 0 | 100% of CPU0 | -| 101 | C1 | 1 | 100% of CPU1 | -| 102 | C1 | 2 | 100% of CPU2 | - -On some systems, changing the resource limits may not be allowed for non-root -users. For more details, see -https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/cpu-shares.md) - - -[//]: # (BEGIN included file options/cpuset-cpus.md) -#### **--cpuset-cpus**=*number* - -CPUs in which to allow execution. Can be specified as a comma-separated list -(e.g. **0,1**), as a range (e.g. **0-3**), or any combination thereof -(e.g. **0-3,7,11-15**). - -On some systems, changing the resource limits may not be allowed for non-root -users. For more details, see -https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/cpuset-cpus.md) - - -[//]: # (BEGIN included file options/cpuset-mems.md) -#### **--cpuset-mems**=*nodes* - -Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on -NUMA systems. - -If there are four memory nodes on the system (0-3), use **--cpuset-mems=0,1** -then processes in the container only uses memory from the first -two memory nodes. - -On some systems, changing the resource limits may not be allowed for non-root -users. For more details, see -https://github.com/containers/podman/blob/main/troubleshooting.md#26-running-containers-with-resource-limits-fails-with-a-permissions-error - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/cpuset-mems.md) - - -[//]: # (BEGIN included file options/creds.md) -#### **--creds**=*[username[:password]]* - -The [username[:password]] to use to authenticate with the registry, if required. -If one or both values are not supplied, a command line prompt appears and the -value can be entered. The password is entered without echo. - -Note that the specified credentials are only used to authenticate against -target registries. They are not used for mirrors or when the registry gets -rewritten (see `containers-registries.conf(5)`); to authenticate against those -consider using a `containers-auth.json(5)` file. - -[//]: # (END included file options/creds.md) - - -[//]: # (BEGIN included file options/decryption-key.md) -#### **--decryption-key**=*key[:passphrase]* - -The [key[:passphrase]] to be used for decryption of images. Key can point to keys and/or certificates. Decryption is tried with all keys. If the key is protected by a passphrase, it is required to be passed in the argument and omitted otherwise. - -[//]: # (END included file options/decryption-key.md) - - -[//]: # (BEGIN included file options/device.md) -#### **--device**=*host-device[:container-device][:permissions]* - -Add a host device to the container. Optional *permissions* parameter -can be used to specify device permissions by combining -**r** for read, **w** for write, and **m** for **mknod**(2). - -Example: **--device=/dev/sdc:/dev/xvdc:rwm**. - -Note: if *host-device* is a symbolic link then it is resolved first. -The container only stores the major and minor numbers of the host device. - -Podman may load kernel modules required for using the specified -device. The devices that Podman loads modules for when necessary are: -/dev/fuse. - -In rootless mode, the new device is bind mounted in the container from the host -rather than Podman creating it within the container space. Because the bind -mount retains its SELinux label on SELinux systems, the container can get -permission denied when accessing the mounted device. Modify SELinux settings to -allow containers to use all device labels via the following command: - -$ sudo setsebool -P container_use_devices=true - -[//]: # (END included file options/device.md) - -Note: if the user only has access rights via a group, accessing the device -from inside a rootless container fails. The **[crun(1)](https://github.com/containers/crun/tree/main/crun.1.md)** runtime offers a -workaround for this by adding the option -**--annotation run.oci.keep_original_groups=1**. - - -[//]: # (BEGIN included file options/disable-compression.md) -#### **--disable-compression**, **-D** - -Don't compress filesystem layers when building the image unless it is required -by the location where the image is being written. This is the default setting, -because image layers are compressed automatically when they are pushed to -registries, and images being written to local storage only need to be -decompressed again to be stored. Compression can be forced in all cases by -specifying **--disable-compression=false**. - -[//]: # (END included file options/disable-compression.md) - - -[//]: # (BEGIN included file options/dns.md) -#### **--dns**=*ipaddr* - -Set custom DNS servers. - -This option can be used to override the DNS -configuration passed to the container. Typically this is necessary when the -host DNS configuration is invalid for the container (e.g., **127.0.0.1**). When this -is the case the **--dns** flag is necessary for every run. - -The special value **none** can be specified to disable creation of _/etc/resolv.conf_ in the container by Podman. -The _/etc/resolv.conf_ file in the image is used without changes. - -[//]: # (END included file options/dns.md) - -This option cannot be combined with **--network** that is set to **none**. - -Note: this option takes effect only during *RUN* instructions in the build. -It does not affect _/etc/resolv.conf_ in the final image. - - -[//]: # (BEGIN included file options/dns-option.image.md) -#### **--dns-option**=*option* - -Set custom DNS options to be used during the build. - -[//]: # (END included file options/dns-option.image.md) - - -[//]: # (BEGIN included file options/dns-search.image.md) -#### **--dns-search**=*domain* - -Set custom DNS search domains to be used during the build. - -[//]: # (END included file options/dns-search.image.md) - - -[//]: # (BEGIN included file options/env.image.md) -#### **--env**=*env[=value]* - -Add a value (e.g. env=*value*) to the built image. Can be used multiple times. -If neither `=` nor a *value* are specified, but *env* is set in the current -environment, the value from the current environment is added to the image. -To remove an environment variable from the built image, use the `--unsetenv` -option. - -[//]: # (END included file options/env.image.md) - - -[//]: # (BEGIN included file options/file.md) -#### **--file**, **-f**=*Containerfile* - -Specifies a Containerfile which contains instructions for building the image, -either a local file or an **http** or **https** URL. If more than one -Containerfile is specified, *FROM* instructions are only be accepted from the -last specified file. - -If a build context is not specified, and at least one Containerfile is a -local file, the directory in which it resides is used as the build -context. - -Specifying the option `-f -` causes the Containerfile contents to be read from stdin. - -[//]: # (END included file options/file.md) - - -[//]: # (BEGIN included file options/force-rm.md) -#### **--force-rm** - -Always remove intermediate containers after a build, even if the build fails (default true). - -[//]: # (END included file options/force-rm.md) - - -[//]: # (BEGIN included file options/format.md) -#### **--format** - -Control the format for the built image's manifest and configuration data. -Recognized formats include *oci* (OCI image-spec v1.0, the default) and -*docker* (version 2, using schema format 2 for the manifest). - -Note: You can also override the default format by setting the BUILDAH\_FORMAT -environment variable. `export BUILDAH_FORMAT=docker` - -[//]: # (END included file options/format.md) - - -[//]: # (BEGIN included file options/from.md) -#### **--from** - -Overrides the first `FROM` instruction within the Containerfile. If there are multiple -FROM instructions in a Containerfile, only the first is changed. - -With the remote podman client, not all container transports work as -expected. For example, oci-archive:/x.tar references /x.tar on the remote -machine instead of on the client. When using podman remote clients it is -best to restrict use to *containers-storage*, and *docker:// transports*. - -[//]: # (END included file options/from.md) - - -[//]: # (BEGIN included file options/group-add.md) -#### **--group-add**=*group* | *keep-groups* - -Assign additional groups to the primary user running within the container process. - -- `keep-groups` is a special flag that tells Podman to keep the supplementary group access. - -Allows container to use the user's supplementary group access. If file systems or -devices are only accessible by the rootless user's group, this flag tells the OCI -runtime to pass the group access into the container. Currently only available -with the `crun` OCI runtime. Note: `keep-groups` is exclusive, other groups cannot be specified -with this flag. (Not available for remote commands, including Mac and Windows (excluding WSL2) machines) - -[//]: # (END included file options/group-add.md) - - -[//]: # (BEGIN included file options/help.md) -#### **--help**, **-h** - -Print usage statement - -[//]: # (END included file options/help.md) - - -[//]: # (BEGIN included file options/hooks-dir.md) -#### **--hooks-dir**=*path* - -Each *.json file in the path configures a hook for buildah build containers. For more details on the syntax of the JSON files and the semantics of hook injection. Buildah currently support both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is deprecated. - -This option may be set multiple times; paths from later options have higher precedence. - -For the annotation conditions, buildah uses any annotations set in the generated OCI configuration. - -For the bind-mount conditions, only mounts explicitly requested by the caller via --volume are considered. Bind mounts that buildah inserts by default (e.g. /dev/shm) are not considered. - -If --hooks-dir is unset for root callers, Buildah currently defaults to /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d in order of increasing precedence. Using these defaults is deprecated. Migrate to explicitly setting --hooks-dir. - -[//]: # (END included file options/hooks-dir.md) - - -[//]: # (BEGIN included file options/http-proxy.md) -#### **--http-proxy** - -By default proxy environment variables are passed into the container if set -for the Podman process. This can be disabled by setting the value to **false**. -The environment variables passed in include **http_proxy**, -**https_proxy**, **ftp_proxy**, **no_proxy**, and also the upper case versions of -those. This option is only needed when the host system must use a proxy but -the container does not use any proxy. Proxy environment variables specified -for the container in any other way overrides the values that have -been passed through from the host. (Other ways to specify the proxy for the -container include passing the values with the **--env** flag, or hard coding the -proxy environment at container build time.) -When used with the remote client it uses the proxy environment variables -that are set on the server process. - -Defaults to **true**. - -[//]: # (END included file options/http-proxy.md) - - -[//]: # (BEGIN included file options/identity-label.md) -#### **--identity-label** - -Adds default identity label `io.buildah.version` if set. (default true). - -[//]: # (END included file options/identity-label.md) - - -[//]: # (BEGIN included file options/ignorefile.md) -#### **--ignorefile** - -Path to an alternative .containerignore file. - -[//]: # (END included file options/ignorefile.md) - - -[//]: # (BEGIN included file options/iidfile.md) -#### **--iidfile**=*ImageIDfile* - -Write the built image's ID to the file. When `--platform` is specified more than once, attempting to use this option triggers an error. - -[//]: # (END included file options/iidfile.md) - - -[//]: # (BEGIN included file options/ipc.image.md) -#### **--ipc**=*how* - -Sets the configuration for IPC namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate -that a new IPC namespace is created, or it can be "host" to indicate -that the IPC namespace in which `podman` itself is being run is reused, -or it can be the path to an IPC namespace which is already in use by -another process. - -[//]: # (END included file options/ipc.image.md) - - -[//]: # (BEGIN included file options/isolation.md) -#### **--isolation**=*type* - -Controls what type of isolation is used for running processes as part of `RUN` -instructions. Recognized types include *oci* (OCI-compatible runtime, the -default), *rootless* (OCI-compatible runtime invoked using a modified -configuration and its --rootless option enabled, with *--no-new-keyring ---no-pivot* added to its *create* invocation, with network and UTS namespaces -disabled, and IPC, PID, and user namespaces enabled; the default for -unprivileged users), and *chroot* (an internal wrapper that leans more toward -chroot(1) than container technology). - -Note: You can also override the default isolation type by setting the -BUILDAH\_ISOLATION environment variable. `export BUILDAH_ISOLATION=oci` - -[//]: # (END included file options/isolation.md) - - -[//]: # (BEGIN included file options/jobs.md) -#### **--jobs**=*number* - -Run up to N concurrent stages in parallel. If the number of jobs is greater -than 1, stdin is read from /dev/null. If 0 is specified, then there is -no limit in the number of jobs that run in parallel. - -[//]: # (END included file options/jobs.md) - - -[//]: # (BEGIN included file options/label.image.md) -#### **--label**=*label* - -Add an image *label* (e.g. label=*value*) to the image metadata. Can be used -multiple times. - -Users can set a special LABEL **io.containers.capabilities=CAP1,CAP2,CAP3** in -a Containerfile that specifies the list of Linux capabilities required for the -container to run properly. This label specified in a container image tells -Podman to run the container with just these capabilities. Podman launches the -container with just the specified capabilities, as long as this list of -capabilities is a subset of the default list. - -If the specified capabilities are not in the default set, Podman prints an error -message and runs the container with the default capabilities. - -[//]: # (END included file options/label.image.md) - - -[//]: # (BEGIN included file options/layer-label.md) -#### **--layer-label**=*label[=value]* - -Add an intermediate image *label* (e.g. label=*value*) to the intermediate -image metadata. It can be used multiple times. - -If *label* is named, but neither `=` nor a `value` is provided, then -the *label* is set to an empty value. - -[//]: # (END included file options/layer-label.md) - - -[//]: # (BEGIN included file options/layers.md) -#### **--layers** - -Cache intermediate images during the build process (Default is `true`). - -Note: You can also override the default value of layers by setting the -BUILDAH\_LAYERS environment variable. `export BUILDAH_LAYERS=true` - -[//]: # (END included file options/layers.md) - -#### **--local** - -Build image on local machine as well as on farm nodes. - - -[//]: # (BEGIN included file options/logfile.md) -#### **--logfile**=*filename* - -Log output which is sent to standard output and standard error to the -specified file instead of to standard output and standard error. -This option is not supported on the remote client, including Mac and Windows (excluding WSL2) machines. - -[//]: # (END included file options/logfile.md) - - -[//]: # (BEGIN included file options/memory.md) -#### **--memory**, **-m**=*number[unit]* - -Memory limit. A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). - -Allows the memory available to a container to be constrained. If the host -supports swap memory, then the **-m** memory setting can be larger than physical -RAM. If a limit of 0 is specified (not using **-m**), the container's memory is -not limited. The actual limit may be rounded up to a multiple of the operating -system's page size (the value is very large, that's millions of trillions). - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/memory.md) - - -[//]: # (BEGIN included file options/memory-swap.md) -#### **--memory-swap**=*number[unit]* - -A limit value equal to memory plus swap. -A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). - -Must be used with the **-m** (**--memory**) flag. -The argument value must be larger than that of - **-m** (**--memory**) By default, it is set to double -the value of **--memory**. - -Set _number_ to **-1** to enable unlimited swap. - -This option is not supported on cgroups V1 rootless systems. - -[//]: # (END included file options/memory-swap.md) - - -[//]: # (BEGIN included file options/network.image.md) -#### **--network**=*mode*, **--net** - -Sets the configuration for network namespaces when handling `RUN` instructions. - -Valid _mode_ values are: - -- **none**: no networking. -- **host**: use the Podman host network stack. Note: the host mode gives the -container full access to local system services such as D-bus and is therefore -considered insecure. -- **ns:**_path_: path to a network namespace to join. -- **private**: create a new namespace for the container (default) -- **\**: Join the network with the given name or ID, e.g. use `--network mynet` to join the network with the name mynet. Only supported for rootful users. -- **slirp4netns[:OPTIONS,...]**: use **slirp4netns**(1) to create a user network stack. This is the default for rootless containers. It is possible to specify these additional options, they can also be set with `network_cmd_options` in containers.conf: - - **allow_host_loopback=true|false**: Allow slirp4netns to reach the host loopback IP (default is 10.0.2.2 or the second IP from slirp4netns cidr subnet when changed, see the cidr option below). The default is false. - - **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`). - - **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`). - - **enable_ipv6=true|false**: Enable IPv6. Default is true. (Required for `outbound_addr6`). - - **outbound_addr=INTERFACE**: Specify the outbound interface slirp binds to (ipv4 traffic only). - - **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp binds to. - - **outbound_addr6=INTERFACE**: Specify the outbound interface slirp binds to (ipv6 traffic only). - - **outbound_addr6=IPv6**: Specify the outbound ipv6 address slirp binds to. -- **pasta[:OPTIONS,...]**: use **pasta**(1) to create a user-mode networking - stack. \ - This is only supported in rootless mode. \ - By default, IPv4 and IPv6 addresses and routes, as well as the pod interface - name, are copied from the host. If port forwarding isn't configured, ports - are forwarded dynamically as services are bound on either side (init - namespace or container namespace). Port forwarding preserves the original - source IP address. Options described in pasta(1) can be specified as - comma-separated arguments. \ - In terms of pasta(1) options, **--config-net** is given by default, in - order to configure networking when the container is started, and - **--no-map-gw** is also assumed by default, to avoid direct access from - container to host using the gateway address. The latter can be overridden - by passing **--map-gw** in the pasta-specific options (despite not being an - actual pasta(1) option). \ - Also, **-t none** and **-u none** are passed to disable - automatic port forwarding based on bound ports. Similarly, **-T none** and - **-U none** are given to disable the same functionality from container to - host. \ - Some examples: - - **pasta:--map-gw**: Allow the container to directly reach the host using the - gateway address. - - **pasta:--mtu,1500**: Specify a 1500 bytes MTU for the _tap_ interface in - the container. - - **pasta:--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,-m,1500,--no-ndp,--no-dhcpv6,--no-dhcp**, - equivalent to default slirp4netns(1) options: disable IPv6, assign - `10.0.2.0/24` to the `tap0` interface in the container, with gateway - `10.0.2.3`, enable DNS forwarder reachable at `10.0.2.3`, set MTU to 1500 - bytes, disable NDP, DHCPv6 and DHCP support. - - **pasta:-I,tap0,--ipv4-only,-a,10.0.2.0,-n,24,-g,10.0.2.2,--dns-forward,10.0.2.3,--no-ndp,--no-dhcpv6,--no-dhcp**, - equivalent to default slirp4netns(1) options with Podman overrides: same as - above, but leave the MTU to 65520 bytes - - **pasta:-t,auto,-u,auto,-T,auto,-U,auto**: enable automatic port forwarding - based on observed bound ports from both host and container sides - - **pasta:-T,5201**: enable forwarding of TCP port 5201 from container to - host, using the loopback interface instead of the tap interface for improved - performance - -[//]: # (END included file options/network.image.md) - - -[//]: # (BEGIN included file options/no-cache.md) -#### **--no-cache** - -Do not use existing cached images for the container build. Build from the start with a new set of cached layers. - -[//]: # (END included file options/no-cache.md) - - -[//]: # (BEGIN included file options/no-hosts.md) -#### **--no-hosts** - -Do not create _/etc/hosts_ for the container. -By default, Podman manages _/etc/hosts_, adding the container's own IP address and any hosts from **--add-host**. -**--no-hosts** disables this, and the image's _/etc/hosts_ is preserved unmodified. - -[//]: # (END included file options/no-hosts.md) - -This option conflicts with **--add-host**. - - -[//]: # (BEGIN included file options/omit-history.md) -#### **--omit-history** - -Omit build history information in the built image. (default false). - -This option is useful for the cases where end users explicitly -want to set `--omit-history` to omit the optional `History` from -built images or when working with images built using build tools that -do not include `History` information in their images. - -[//]: # (END included file options/omit-history.md) - - -[//]: # (BEGIN included file options/os-feature.md) -#### **--os-feature**=*feature* - -Set the name of a required operating system *feature* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS feature list is kept, if the base image specified any. This option is typically only meaningful when the image's OS is Windows. - -If *feature* has a trailing `-`, then the *feature* is removed from the set of required features which is listed in the image. - -[//]: # (END included file options/os-feature.md) - - -[//]: # (BEGIN included file options/os-version.image.md) -#### **--os-version**=*version* - -Set the exact required operating system *version* for the image which is built. By default, if the image is not based on *scratch*, the base image's required OS version is kept, if the base image specified one. This option is typically only meaningful when the image's OS is Windows, and is typically set in Windows base images, so using this option is usually unnecessary. - -[//]: # (END included file options/os-version.image.md) - - -[//]: # (BEGIN included file options/pid.image.md) -#### **--pid**=*pid* - -Sets the configuration for PID namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate that a new PID namespace is created, or it can be "host" to indicate that the PID namespace in which `podman` itself is being run is reused, or it can be the path to a PID namespace which is already in use by another -process. - -[//]: # (END included file options/pid.image.md) - -#### **--platforms**=*p1,p2,p3...* - -Build only on farm nodes that match the given platforms. - - -[//]: # (BEGIN included file options/pull.image.md) -#### **--pull**=*policy* - -Pull image policy. The default is **always**. - -- **always**, **true**: Always pull the image and throw an error if the pull fails. -- **missing**: Only pull the image when it does not exist in the local containers storage. Throw an error if no image is found and the pull fails. -- **never**, **false**: Never pull the image but use the one from the local containers storage. Throw an error when no image is found. -- **newer**: Pull if the image on the registry is newer than the one in the local containers storage. An image is considered to be newer when the digests are different. Comparing the time stamps is prone to errors. Pull errors are suppressed if a local image was found. - -[//]: # (END included file options/pull.image.md) - - -[//]: # (BEGIN included file options/quiet.md) -#### **--quiet**, **-q** - -Suppress output messages which indicate which instruction is being processed, and of progress when pulling images from a registry, and when writing the output image. - -[//]: # (END included file options/quiet.md) - - -[//]: # (BEGIN included file options/retry.md) -#### **--retry**=*attempts* - -Number of times to retry in case of failure when performing pull of -images from registry. Default is **3**. - -[//]: # (END included file options/retry.md) - - -[//]: # (BEGIN included file options/retry-delay.md) -#### **--retry-delay**=*duration* - -Duration of delay between retry attempts in case of failure when performing pull of images from registry. Default is **2s**. - -[//]: # (END included file options/retry-delay.md) - - -[//]: # (BEGIN included file options/rm.md) -#### **--rm** - -Remove intermediate containers after a successful build (default true). - -[//]: # (END included file options/rm.md) - - -[//]: # (BEGIN included file options/runtime.md) -#### **--runtime**=*path* - -The *path* to an alternate OCI-compatible runtime, which is used to run -commands specified by the **RUN** instruction. - -Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc` - -[//]: # (END included file options/runtime.md) - - -[//]: # (BEGIN included file options/runtime-flag.md) -#### **--runtime-flag**=*flag* - -Adds global flags for the container rutime. To list the supported flags, please consult the manpages of the selected container runtime. - -Note: Do not pass the leading -- to the flag. To pass the runc flag --log-format json to buildah build, the option given is --runtime-flag log-format=json. - -[//]: # (END included file options/runtime-flag.md) - - -[//]: # (BEGIN included file options/secret.image.md) -#### **--secret**=**id=id,src=path** - -Pass secret information used in the Containerfile for building images -in a safe way that are not stored in the final image, or be seen in other stages. -The secret is mounted in the container at the default location of `/run/secrets/id`. - -To later use the secret, use the --mount option in a `RUN` instruction within a `Containerfile`: - -`RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret` - -[//]: # (END included file options/secret.image.md) - - -[//]: # (BEGIN included file options/security-opt.image.md) -#### **--security-opt**=*option* - -Security Options - -- `apparmor=unconfined` : Turn off apparmor confinement for the container -- `apparmor=alternate-profile` : Set the apparmor confinement profile for the -container - -- `label=user:USER` : Set the label user for the container processes -- `label=role:ROLE` : Set the label role for the container processes -- `label=type:TYPE` : Set the label process type for the container processes -- `label=level:LEVEL` : Set the label level for the container processes -- `label=filetype:TYPE` : Set the label file type for the container files -- `label=disable` : Turn off label separation for the container -- `no-new-privileges` : Not supported - -- `seccomp=unconfined` : Turn off seccomp confinement for the container -- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter - -[//]: # (END included file options/security-opt.image.md) - - -[//]: # (BEGIN included file options/shm-size.md) -#### **--shm-size**=*number[unit]* - -Size of _/dev/shm_. A _unit_ can be **b** (bytes), **k** (kibibytes), **m** (mebibytes), or **g** (gibibytes). -If the unit is omitted, the system uses bytes. If the size is omitted, the default is **64m**. -When _size_ is **0**, there is no limit on the amount of memory used for IPC by the container. -This option conflicts with **--ipc=host**. - -[//]: # (END included file options/shm-size.md) - - -[//]: # (BEGIN included file options/skip-unused-stages.md) -#### **--skip-unused-stages** - -Skip stages in multi-stage builds which don't affect the target stage. (Default: **true**). - -[//]: # (END included file options/skip-unused-stages.md) - - -[//]: # (BEGIN included file options/squash.md) -#### **--squash** - -Squash all of the image's new layers into a single new layer; any preexisting layers are not squashed. - -[//]: # (END included file options/squash.md) - - -[//]: # (BEGIN included file options/squash-all.md) -#### **--squash-all** - -Squash all of the new image's layers (including those inherited from a base image) into a single new layer. - -[//]: # (END included file options/squash-all.md) - - -[//]: # (BEGIN included file options/ssh.md) -#### **--ssh**=*default* | *id[=socket>* - -SSH agent socket or keys to expose to the build. -The socket path can be left empty to use the value of `default=$SSH_AUTH_SOCK` - -To later use the ssh agent, use the --mount option in a `RUN` instruction within a `Containerfile`: - -`RUN --mount=type=ssh,id=id mycmd` - -[//]: # (END included file options/ssh.md) - - -[//]: # (BEGIN included file options/tag.md) -#### **--tag**, **-t**=*imageName* - -Specifies the name which is assigned to the resulting image if the build process completes successfully. -If _imageName_ does not include a registry name, the registry name *localhost* is prepended to the image name. - -[//]: # (END included file options/tag.md) - - -[//]: # (BEGIN included file options/target.md) -#### **--target**=*stageName* - -Set the target build stage to build. When building a Containerfile with multiple build stages, --target can be used to specify an intermediate build stage by name as the final stage for the resulting image. Commands after the target stage is skipped. - -[//]: # (END included file options/target.md) - - -[//]: # (BEGIN included file options/timestamp.md) -#### **--timestamp**=*seconds* - -Set the create timestamp to seconds since epoch to allow for deterministic builds (defaults to current time). By default, the created timestamp is changed and written into the image manifest with every commit, causing the image's sha256 hash to be different even if the sources are exactly the same otherwise. -When --timestamp is set, the created timestamp is always set to the time specified and therefore not changed, allowing the image's sha256 hash to remain the same. All files committed to the layers of the image is created with the timestamp. - -If the only instruction in a Containerfile is `FROM`, this flag has no effect. - -[//]: # (END included file options/timestamp.md) - - -[//]: # (BEGIN included file options/ulimit.image.md) -#### **--ulimit**=*type=soft-limit[:hard-limit]* - -Specifies resource limits to apply to processes launched when processing `RUN` instructions. This option can be specified multiple times. Recognized resource types include: - "core": maximum core dump size (ulimit -c) - "cpu": maximum CPU time (ulimit -t) - "data": maximum size of a process's data segment (ulimit -d) - "fsize": maximum size of new files (ulimit -f) - "locks": maximum number of file locks (ulimit -x) - "memlock": maximum amount of locked memory (ulimit -l) - "msgqueue": maximum amount of data in message queues (ulimit -q) - "nice": niceness adjustment (nice -n, ulimit -e) - "nofile": maximum number of open files (ulimit -n) - "nproc": maximum number of processes (ulimit -u) - "rss": maximum size of a process's (ulimit -m) - "rtprio": maximum real-time scheduling priority (ulimit -r) - "rttime": maximum amount of real-time execution between blocking syscalls - "sigpending": maximum number of pending signals (ulimit -i) - "stack": maximum stack size (ulimit -s) - -[//]: # (END included file options/ulimit.image.md) - - -[//]: # (BEGIN included file options/unsetenv.image.md) -#### **--unsetenv**=*env* - -Unset environment variables from the final image. - -[//]: # (END included file options/unsetenv.image.md) - - -[//]: # (BEGIN included file options/unsetlabel.md) -#### **--unsetlabel**=*label* - -Unset the image label, causing the label not to be inherited from the base image. - -[//]: # (END included file options/unsetlabel.md) - - -[//]: # (BEGIN included file options/userns.image.md) -#### **--userns**=*how* - -Sets the configuration for user namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate that a new user namespace is created, it can be "host" to indicate that the user namespace in which `podman` itself is being run is reused, or it can be the path to a user namespace which is already in use by another process. - -[//]: # (END included file options/userns.image.md) - - -[//]: # (BEGIN included file options/userns-gid-map.md) -#### **--userns-gid-map**=*mapping* - -Directly specifies a GID mapping to be used to set ownership, at the -filesystem level, on the working container's contents. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. - -Entries in this map take the form of one or more triples of a starting -in-container GID, a corresponding starting host-level GID, and the number of consecutive IDs which the map entry represents. - -This option overrides the *remap-gids* setting in the *options* section of /etc/containers/storage.conf. - -If this option is not specified, but a global --userns-gid-map setting is supplied, settings from the global option is used. - -If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-gid-map are specified, but --userns-uid-map is specified, the GID map is set to use the same numeric values as the UID map. - -[//]: # (END included file options/userns-gid-map.md) - - -[//]: # (BEGIN included file options/userns-gid-map-group.md) -#### **--userns-gid-map-group**=*group* - -Specifies that a GID mapping to be used to set ownership, at the -filesystem level, on the working container's contents, can be found in entries in the `/etc/subgid` file which correspond to the specified group. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. -If --userns-uid-map-user is specified, but --userns-gid-map-group is not specified, `podman` assumes that the specified user name is also a -suitable group name to use as the default setting for this option. - -**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. - -[//]: # (END included file options/userns-gid-map-group.md) - - -[//]: # (BEGIN included file options/userns-uid-map.md) -#### **--userns-uid-map**=*mapping* - -Directly specifies a UID mapping to be used to set ownership, at the -filesystem level, on the working container's contents. -Commands run when handling `RUN` instructions default to being run in -their own user namespaces, configured using the UID and GID maps. - -Entries in this map take the form of one or more triples of a starting -in-container UID, a corresponding starting host-level UID, and the number of consecutive IDs which the map entry represents. - -This option overrides the *remap-uids* setting in the *options* section of /etc/containers/storage.conf. - -If this option is not specified, but a global --userns-uid-map setting is supplied, settings from the global option is used. - -If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-uid-map are specified, but --userns-gid-map is specified, the UID map is set to use the same numeric values as the GID map. - -[//]: # (END included file options/userns-uid-map.md) - - -[//]: # (BEGIN included file options/userns-uid-map-user.md) -#### **--userns-uid-map-user**=*user* - -Specifies that a UID mapping to be used to set ownership, at the -filesystem level, on the working container's contents, can be found in entries in the `/etc/subuid` file which correspond to the specified user. -Commands run when handling `RUN` instructions defaults to being run in -their own user namespaces, configured using the UID and GID maps. -If --userns-gid-map-group is specified, but --userns-uid-map-user is not specified, `podman` assumes that the specified group name is also a -suitable user name to use as the default setting for this option. - -**NOTE:** When this option is specified by a rootless user, the specified mappings are relative to the rootless user namespace in the container, rather than being relative to the host as it is when run rootful. - -[//]: # (END included file options/userns-uid-map-user.md) - - -[//]: # (BEGIN included file options/uts.md) -#### **--uts**=*how* - -Sets the configuration for UTS namespaces when handling `RUN` instructions. -The configured value can be "" (the empty string) or "container" to indicate that a new UTS namespace to be created, or it can be "host" to indicate that the UTS namespace in which `podman` itself is being run is reused, or it can be the path to a UTS namespace which is already in use by another process. - -[//]: # (END included file options/uts.md) - - -[//]: # (BEGIN included file options/volume.image.md) -#### **--volume**, **-v**=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]* - -Create a bind mount. Specifying the `-v /HOST-DIR:/CONTAINER-DIR` option, Podman -bind mounts `/HOST-DIR` from the host to `/CONTAINER-DIR` in the Podman -container. - -The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) - - * [rw|ro] - * [z|Z|O] - * [U] - * [`[r]shared`|`[r]slave`|`[r]private`] - -The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR` -must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the -specified path. For example, when specifying the host path `/foo`, -Podman copies the contents of `/foo` to the container filesystem on the host -and bind mounts that into the container. - -You can specify multiple **-v** options to mount one or more mounts to a -container. - -You can add the `:ro` or `:rw` suffix to a volume to mount it read-only or -read-write mode, respectively. By default, the volumes are mounted read-write. -See examples. - - `Chowning Volume Mounts` - -By default, Podman does not change the owner and group of source volume -directories mounted. When running using user namespaces, the UID and GID inside -the namespace may correspond to another UID and GID on the host. - -The `:U` suffix tells Podman to use the correct host UID and GID based on the -UID and GID within the namespace, to change recursively the owner and group of -the source volume. - -**Warning** use with caution since this modifies the host filesystem. - - `Labeling Volume Mounts` - -Labeling systems like SELinux require that proper labels are placed on volume -content mounted into a container. Without a label, the security system might -prevent the processes running inside the container from using the content. By -default, Podman does not change the labels set by the OS. - -To change a label in the container context, add one of these two suffixes -`:z` or `:Z` to the volume mount. These suffixes tell Podman to relabel file -objects on the shared volumes. The `z` option tells Podman that two containers -share the volume content. As a result, Podman labels the content with a shared -content label. Shared volume labels allow all containers to read/write content. -The `Z` option tells Podman to label the content with a private unshared label. -Only the current container can use a private volume. - -Note: Do not relabel system files and directories. Relabeling system content -might cause other confined services on the host machine to fail. For these types -of containers, disabling SELinux separation is recommended. The option -`--security-opt label=disable` disables SELinux separation for the container. -For example, if a user wanted to volume mount their entire home directory into the build containers, they need to disable SELinux separation. - - $ podman build --security-opt label=disable -v $HOME:/home/user . - - `Overlay Volume Mounts` - - The `:O` flag tells Podman to mount the directory from the host as a -temporary storage using the Overlay file system. The `RUN` command containers -are allowed to modify contents within the mountpoint and are stored in the -container storage in a separate directory. In Overlay FS terms the source -directory is the lower, and the container storage directory is the -upper. Modifications to the mount point are destroyed when the `RUN` command -finishes executing, similar to a tmpfs mount point. - - Any subsequent execution of `RUN` commands sees the original source directory -content, any changes from previous RUN commands no longer exists. - - One use case of the `overlay` mount is sharing the package cache from the -host into the container to allow speeding up builds. - - Note: - - - Overlay mounts are not currently supported in rootless mode. - - The `O` flag is not allowed to be specified with the `Z` or `z` flags. -Content mounted into the container is labeled with the private label. - On SELinux systems, labels in the source directory needs to be readable -by the container label. If not, SELinux container separation must be disabled -for the container to work. - - Modification of the directory volume mounted into the container with an -overlay mount can cause unexpected failures. Do not modify the directory until -the container finishes running. - -By default bind mounted volumes are `private`. That means any mounts done -inside containers are not be visible on the host and vice versa. This behavior -can be changed by specifying a volume mount propagation property. - -When the mount propagation policy is set to `shared`, any mounts completed -inside the container on that volume is visible to both the host and -container. When the mount propagation policy is set to `slave`, one way mount -propagation is enabled and any mounts completed on the host for that volume is -visible only inside of the container. To control the mount propagation -property of volume use the `:[r]shared`, `:[r]slave` or `:[r]private` -propagation flag. For mount propagation to work on the source mount point (mount -point where source dir is mounted on) has to have the right propagation properties. -For shared volumes, the source mount point has to be shared. And for slave volumes, -the source mount has to be either shared or slave. [[1]](#Footnote1) - -Use `df ` to determine the source mount and then use -`findmnt -o TARGET,PROPAGATION ` to determine propagation -properties of source mount, if `findmnt` utility is not available, the source -mount point can be determined by looking at the mount entry in -`/proc/self/mountinfo`. Look at `optional fields` and see if any propagation -properties are specified. -`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` -and if nothing is there that means the mount is `private`. [[1]](#Footnote1) - -To change propagation properties of a mount point use the `mount` command. For -example, to bind mount the source directory `/foo` do -`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This -converts /foo into a `shared` mount point. The propagation properties of -the source mount can be changed directly. For instance if `/` is the source -mount for `/foo`, then use `mount --make-shared /` to convert `/` into a -`shared` mount. - -[//]: # (END included file options/volume.image.md) - -## EXAMPLES - -``` -$ podman farm build --local -t name -f /path/to/containerfile . - -$ podman farm --farm build myfarm -t name . - -$ podman farm --farm myfarm build --cleanup -t name . - -$ podman farm build --platforms arm64,amd64 --cleanup -t name . -``` - -## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-farm(1)](podman-farm.1.md)**, **[buildah(1)](https://github.com/containers/buildah/blob/main/docs/buildah.1.md)**, **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)**, **[containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)**, **[crun(1)](https://github.com/containers/crun/blob/main/crun.1.md)**, **[runc(8)](https://github.com/opencontainers/runc/blob/main/man/runc.8.md)**, **[useradd(8)](https://www.unix.com/man-page/redhat/8/useradd)**, **[Containerfile(5)](https://github.com/containers/common/blob/main/docs/Containerfile.5.md)**, **[containerignore(5)](https://github.com/containers/common/blob/main/docs/containerignore.5.md)** - -## HISTORY - -September 2023, Originally compiled by Urvashi Mohnani `` - -## FOOTNOTES -1: The Podman project is committed to inclusivity, a -core value of open source. The `master` and `slave` mount propagation -terminology used here is problematic and divisive, and needs to be changed. -However, these terms are currently used within the Linux kernel and must be -used as-is at this time. When the kernel maintainers rectify this usage, -Podman will follow suit immediately. From cd21973f476c5716850a32d7dca5526f78c2e1bb Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 30 Oct 2023 10:16:18 +0100 Subject: [PATCH 062/170] pkg/util: use code from c/storage [NO NEW TESTS NEEDED] no new functionalities are added Signed-off-by: Giuseppe Scrivano --- cmd/podman/machine/machine.go | 2 +- cmd/podman/registry/config.go | 2 +- cmd/podman/registry/registry.go | 2 +- cmd/podman/system/service.go | 2 +- contrib/tmpfile/podman.conf | 1 + libpod/container_top_linux.go | 2 +- libpod/networking_linux.go | 2 +- libpod/oci_conmon_common.go | 18 +++--- libpod/reset.go | 2 +- libpod/runtime.go | 2 +- pkg/domain/infra/abi/system.go | 2 +- pkg/machine/qemu/options_linux.go | 2 +- pkg/util/utils.go | 8 --- pkg/util/utils_supported.go | 92 ++----------------------------- pkg/util/utils_windows.go | 4 +- 15 files changed, 28 insertions(+), 115 deletions(-) diff --git a/cmd/podman/machine/machine.go b/cmd/podman/machine/machine.go index 959f8008b6ca..11bebcf26023 100644 --- a/cmd/podman/machine/machine.go +++ b/cmd/podman/machine/machine.go @@ -150,7 +150,7 @@ func resolveEventSock() ([]string, error) { } func eventSockDir() (string, error) { - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index 1f6f6f566c51..fd8f322c457d 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -134,7 +134,7 @@ func setXdgDirs() error { // Set up XDG_RUNTIME_DIR if _, found := os.LookupEnv("XDG_RUNTIME_DIR"); !found { - dir, err := util.GetRuntimeDir() + dir, err := util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/cmd/podman/registry/registry.go b/cmd/podman/registry/registry.go index b45a34ff1740..100856f2fb80 100644 --- a/cmd/podman/registry/registry.go +++ b/cmd/podman/registry/registry.go @@ -99,7 +99,7 @@ func GetContext() context.Context { func DefaultAPIAddress() string { if rootless.IsRootless() { - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { logrus.Warnf("Failed to get rootless runtime dir for DefaultAPIAddress: %s", err) return DefaultRootAPIAddress diff --git a/cmd/podman/system/service.go b/cmd/podman/system/service.go index c2b017e8b3d0..6474e1aa2ac2 100644 --- a/cmd/podman/system/service.go +++ b/cmd/podman/system/service.go @@ -130,7 +130,7 @@ func resolveAPIURI(uri []string) (string, error) { logrus.Info("Using systemd socket activation to determine API endpoint") return "", nil case rootless.IsRootless(): - xdg, err := util.GetRuntimeDir() + xdg, err := util.GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/contrib/tmpfile/podman.conf b/contrib/tmpfile/podman.conf index fad824cfbfad..5cc4c0d70eab 100644 --- a/contrib/tmpfile/podman.conf +++ b/contrib/tmpfile/podman.conf @@ -1,6 +1,7 @@ # /tmp/podman-run-* directory can contain content for Podman containers that have run # for many days. This following line prevents systemd from removing this content. x /tmp/podman-run-* +x /tmp/storage-run-* x /tmp/containers-user-* x /tmp/run-*/libpod D! /var/lib/containers/storage/tmp 0700 root root diff --git a/libpod/container_top_linux.go b/libpod/container_top_linux.go index 85cec315e73e..aa81a8b459db 100644 --- a/libpod/container_top_linux.go +++ b/libpod/container_top_linux.go @@ -328,7 +328,7 @@ func (c *Container) execPS(psArgs []string) ([]string, bool, error) { cmd.Stdout = wPipe cmd.Stderr = &errBuf // nil means use current env so explicitly unset all, to not leak any sensitive env vars - cmd.Env = []string{} + cmd.Env = []string{fmt.Sprintf("HOME=%s", os.Getenv("HOME"))} retryContainerExec := true err = cmd.Run() diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 16c317496695..7d75158efcd5 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -82,7 +82,7 @@ func (r *RootlessNetNS) Do(toRun func() error) error { return fmt.Errorf("cannot create a new mount namespace: %w", err) } - xdgRuntimeDir, err := util.GetRuntimeDir() + xdgRuntimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return fmt.Errorf("could not get runtime directory: %w", err) } diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index 9fc2810496ad..a8514a622b84 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -209,7 +209,7 @@ func (r *ConmonOCIRuntime) CreateContainer(ctr *Container, restoreOptions *Conta // status, but will instead only check for the existence of the conmon exit file // and update state to stopped if it exists. func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -290,7 +290,7 @@ func (r *ConmonOCIRuntime) UpdateContainerStatus(ctr *Container) error { // Sets time the container was started, but does not save it. func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error { // TODO: streams should probably *not* be our STDIN/OUT/ERR - redirect to buffers? - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -309,7 +309,7 @@ func (r *ConmonOCIRuntime) StartContainer(ctr *Container) error { // UpdateContainer updates the given container's cgroup configuration func (r *ConmonOCIRuntime) UpdateContainer(ctr *Container, resources *spec.LinuxResources) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -368,7 +368,7 @@ func (r *ConmonOCIRuntime) KillContainer(ctr *Container, signal uint, all bool) // *bytes.buffer and returned; otherwise, it is set to os.Stderr. func (r *ConmonOCIRuntime) killContainer(ctr *Container, signal uint, all, captureStderr bool) (*bytes.Buffer, error) { logrus.Debugf("Sending signal %d to container %s", signal, ctr.ID()) - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return nil, err } @@ -504,7 +504,7 @@ func (r *ConmonOCIRuntime) StopContainer(ctr *Container, timeout uint, all bool) // DeleteContainer deletes a container from the OCI runtime. func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -514,7 +514,7 @@ func (r *ConmonOCIRuntime) DeleteContainer(ctr *Container) error { // PauseContainer pauses the given container. func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -524,7 +524,7 @@ func (r *ConmonOCIRuntime) PauseContainer(ctr *Container) error { // UnpauseContainer unpauses the given container. func (r *ConmonOCIRuntime) UnpauseContainer(ctr *Container) error { - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } @@ -851,7 +851,7 @@ func (r *ConmonOCIRuntime) CheckpointContainer(ctr *Container, options Container args = append(args, ctr.ID()) logrus.Debugf("the args to checkpoint: %s %s", r.path, strings.Join(args, " ")) - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return 0, err } @@ -1324,7 +1324,7 @@ func (r *ConmonOCIRuntime) configureConmonEnv() ([]string, error) { } res = append(res, v) } - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return nil, err } diff --git a/libpod/reset.go b/libpod/reset.go index 2dac1ae6be73..b80cbe007edb 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -202,7 +202,7 @@ func (r *Runtime) reset(ctx context.Context) error { prevError = err } } - runtimeDir, err := util.GetRuntimeDir() + runtimeDir, err := util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/libpod/runtime.go b/libpod/runtime.go index 9122c7ff34f2..c58b2fb9ecd6 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -134,7 +134,7 @@ func SetXdgDirs() error { if runtimeDir == "" { var err error - runtimeDir, err = util.GetRuntimeDir() + runtimeDir, err = util.GetRootlessRuntimeDir() if err != nil { return err } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 4d2f8c303eb9..8d7a830500d0 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -36,7 +36,7 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { // service may be run with another URI. if ic.Libpod.RemoteURI() == "" { xdg := defaultRunPath - if path, err := util.GetRuntimeDir(); err != nil { + if path, err := util.GetRootlessRuntimeDir(); err != nil { // Info is as good as we can guess... return info, err } else if path != "" { diff --git a/pkg/machine/qemu/options_linux.go b/pkg/machine/qemu/options_linux.go index 8f267dbe236d..15b162aeb4b8 100644 --- a/pkg/machine/qemu/options_linux.go +++ b/pkg/machine/qemu/options_linux.go @@ -9,5 +9,5 @@ func getRuntimeDir() (string, error) { if !rootless.IsRootless() { return "/run", nil } - return util.GetRuntimeDir() + return util.GetRootlessRuntimeDir() } diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 679110df2fe1..0d4fa4ef4c75 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -13,7 +13,6 @@ import ( "sort" "strconv" "strings" - "sync" "syscall" "time" @@ -920,13 +919,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin return &options, nil } -var ( - rootlessConfigHomeDirOnce sync.Once - rootlessConfigHomeDir string - rootlessRuntimeDirOnce sync.Once - rootlessRuntimeDir string -) - type tomlOptionsConfig struct { MountProgram string `toml:"mount_program"` } diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index 406d56ce6fed..58ac795a1fbd 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -7,109 +7,29 @@ package util // should work to take darwin from this import ( - "errors" - "fmt" - "os" "path/filepath" - "strconv" - "syscall" "github.com/containers/podman/v4/pkg/rootless" - "github.com/sirupsen/logrus" + "github.com/containers/storage/pkg/homedir" ) -// GetRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { - var rootlessRuntimeDirError error - +// GetRootlessRuntimeDir returns the runtime directory when running as non root +func GetRootlessRuntimeDir() (string, error) { if !rootless.IsRootless() { return "", nil } - - rootlessRuntimeDirOnce.Do(func() { - runtimeDir := os.Getenv("XDG_RUNTIME_DIR") - - if runtimeDir != "" { - rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir) - return - } - - uid := strconv.Itoa(rootless.GetRootlessUID()) - if runtimeDir == "" { - tmpDir := filepath.Join("/run", "user", uid) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid)) - if err := os.MkdirAll(tmpDir, 0700); err != nil { - logrus.Debug(err) - } - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) { - runtimeDir = tmpDir - } - } - if runtimeDir == "" { - home := os.Getenv("HOME") - if home == "" { - rootlessRuntimeDirError = errors.New("neither XDG_RUNTIME_DIR nor HOME was set non-empty") - return - } - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessRuntimeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) - return - } - runtimeDir = filepath.Join(resolvedHome, "rundir") - } - rootlessRuntimeDir = runtimeDir - }) - - if rootlessRuntimeDirError != nil { - return "", rootlessRuntimeDirError - } - return rootlessRuntimeDir, nil + return homedir.GetRuntimeDir() } // GetRootlessConfigHomeDir returns the config home directory when running as non root func GetRootlessConfigHomeDir() (string, error) { - var rootlessConfigHomeDirError error - - rootlessConfigHomeDirOnce.Do(func() { - cfgHomeDir := os.Getenv("XDG_CONFIG_HOME") - if cfgHomeDir == "" { - home := os.Getenv("HOME") - resolvedHome, err := filepath.EvalSymlinks(home) - if err != nil { - rootlessConfigHomeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) - return - } - tmpDir := filepath.Join(resolvedHome, ".config") - st, err := os.Stat(tmpDir) - if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() >= 0700 { - cfgHomeDir = tmpDir - } - } - rootlessConfigHomeDir = cfgHomeDir - }) - - if rootlessConfigHomeDirError != nil { - return "", rootlessConfigHomeDirError - } - - return rootlessConfigHomeDir, nil + return homedir.GetConfigHome() } // GetRootlessPauseProcessPidPath returns the path to the file that holds the pid for // the pause process. func GetRootlessPauseProcessPidPath() (string, error) { - runtimeDir, err := GetRuntimeDir() + runtimeDir, err := GetRootlessRuntimeDir() if err != nil { return "", err } diff --git a/pkg/util/utils_windows.go b/pkg/util/utils_windows.go index 1e48eb5721cb..3d403e3f47ab 100644 --- a/pkg/util/utils_windows.go +++ b/pkg/util/utils_windows.go @@ -30,8 +30,8 @@ func GetRootlessPauseProcessPidPath() (string, error) { return "", fmt.Errorf("GetRootlessPauseProcessPidPath: %w", errNotImplemented) } -// GetRuntimeDir returns the runtime directory -func GetRuntimeDir() (string, error) { +// GetRootlessRuntimeDir returns the runtime directory +func GetRootlessRuntimeDir() (string, error) { data, err := homedir.GetDataHome() if err != nil { return "", err From fe65f059ab2664b338c8fdcfcabd5112bfdc7e07 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 24 Nov 2023 11:18:48 +0100 Subject: [PATCH 063/170] libpod: drop dead code these functions are not used anymore in the codebase, so drop them. [NO NEW TESTS NEEDED] no new functionalities are added Signed-off-by: Giuseppe Scrivano --- libpod/options.go | 9 --------- libpod/runtime.go | 7 ------- pkg/domain/infra/runtime_libpod.go | 21 --------------------- 3 files changed, 37 deletions(-) diff --git a/libpod/options.go b/libpod/options.go index 827852c0b99d..83f8afba0876 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -365,15 +365,6 @@ func WithTmpDir(dir string) RuntimeOption { } } -// WithNoStore sets a bool on the runtime that we do not need -// any containers storage. -func WithNoStore() RuntimeOption { - return func(rt *Runtime) error { - rt.noStore = true - return nil - } -} - // WithNoPivotRoot sets the runtime to use MS_MOVE instead of PIVOT_ROOT when // starting containers. func WithNoPivotRoot() RuntimeOption { diff --git a/libpod/runtime.go b/libpod/runtime.go index c58b2fb9ecd6..5130eb6fb523 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -115,8 +115,6 @@ type Runtime struct { // mechanism to read and write even logs eventer events.Eventer - // noStore indicates whether we need to interact with a store or not - noStore bool // secretsManager manages secrets secretsManager *secrets.SecretsManager } @@ -350,9 +348,6 @@ func makeRuntime(runtime *Runtime) (retErr error) { } runtime.conmonPath = cPath - if runtime.noStore && runtime.doReset { - return fmt.Errorf("cannot perform system reset if runtime is not creating a store: %w", define.ErrInvalidArg) - } if runtime.doReset && runtime.doRenumber { return fmt.Errorf("cannot perform system reset while renumbering locks: %w", define.ErrInvalidArg) } @@ -462,8 +457,6 @@ func makeRuntime(runtime *Runtime) (retErr error) { var store storage.Store if needsUserns { logrus.Debug("Not configuring container store") - } else if runtime.noStore { - logrus.Debug("No store required. Not opening container store.") } else if err := runtime.configureStore(); err != nil { // Make a best-effort attempt to clean up if performing a // storage reset. diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go index 52c882b8b78b..d598b1dd398a 100644 --- a/pkg/domain/infra/runtime_libpod.go +++ b/pkg/domain/infra/runtime_libpod.go @@ -37,7 +37,6 @@ type engineOpts struct { name string renumber bool migrate bool - noStore bool withFDS bool reset bool config *entities.PodmanConfig @@ -49,7 +48,6 @@ func GetRuntimeMigrate(ctx context.Context, fs *flag.FlagSet, cfg *entities.Podm name: newRuntime, renumber: false, migrate: true, - noStore: false, withFDS: true, reset: false, config: cfg, @@ -61,7 +59,6 @@ func GetRuntimeDisableFDs(ctx context.Context, fs *flag.FlagSet, cfg *entities.P return getRuntime(ctx, fs, &engineOpts{ renumber: false, migrate: false, - noStore: false, withFDS: false, reset: false, config: cfg, @@ -73,7 +70,6 @@ func GetRuntimeRenumber(ctx context.Context, fs *flag.FlagSet, cfg *entities.Pod return getRuntime(ctx, fs, &engineOpts{ renumber: true, migrate: false, - noStore: false, withFDS: true, reset: false, config: cfg, @@ -86,7 +82,6 @@ func GetRuntime(ctx context.Context, flags *flag.FlagSet, cfg *entities.PodmanCo runtimeLib, runtimeErr = getRuntime(ctx, flags, &engineOpts{ renumber: false, migrate: false, - noStore: false, withFDS: true, reset: false, config: cfg, @@ -95,23 +90,10 @@ func GetRuntime(ctx context.Context, flags *flag.FlagSet, cfg *entities.PodmanCo return runtimeLib, runtimeErr } -// GetRuntimeNoStore generates a new libpod runtime configured by command line options -func GetRuntimeNoStore(ctx context.Context, fs *flag.FlagSet, cfg *entities.PodmanConfig) (*libpod.Runtime, error) { - return getRuntime(ctx, fs, &engineOpts{ - renumber: false, - migrate: false, - noStore: true, - withFDS: true, - reset: false, - config: cfg, - }) -} - func GetRuntimeReset(ctx context.Context, fs *flag.FlagSet, cfg *entities.PodmanConfig) (*libpod.Runtime, error) { return getRuntime(ctx, fs, &engineOpts{ renumber: false, migrate: false, - noStore: false, withFDS: true, reset: true, config: cfg, @@ -208,9 +190,6 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo options = append(options, libpod.WithStorageConfig(storageOpts)) } - if !storageSet && opts.noStore { - options = append(options, libpod.WithNoStore()) - } // TODO CLI flags for image config? // TODO CLI flag for signature policy? From e824657738b52111b99590c0d905b7d7a2909253 Mon Sep 17 00:00:00 2001 From: Marta Date: Thu, 23 Nov 2023 20:10:32 +0000 Subject: [PATCH 064/170] Fix Ulimit syntax. Signed-off-by: Marta --- docs/source/markdown/podman-systemd.unit.5.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 01ca6293a0f7..8101338a56b6 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -209,7 +209,7 @@ Valid options for `[Container]` are listed below: | Timezone=local | --tz local | | Tmpfs=/work | --tmpfs /work | | UIDMap=0:10000:10 | --uidmap=0:10000:10 | -| Ulimit=nofile:1000:10000 | --ulimit nofile:1000:10000 | +| Ulimit=nofile=1000:10000 | --ulimit nofile=1000:10000 | | User=bin | --user bin | | UserNS=keep-id:uid=200,gid=210 | --userns keep-id:uid=200,gid=210 | | Volume=/source:/dest | --volume /source:/dest | From 41a6b992aab1ea8e644ea20d4b4be897fe59e921 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 24 Nov 2023 13:19:56 +0100 Subject: [PATCH 065/170] system: enhance check for re-exec into rootless userns Previously, the setup only checked for the CAP_SYS_ADMIN capability, which could be not enough with containerized Podman where CAP_SYS_ADMIN might be set for an unprivileged user. Closes: https://github.com/containers/podman/issues/20766 [NO NEW TESTS NEEDED] needs containerized Podman Signed-off-by: Giuseppe Scrivano --- pkg/domain/infra/abi/system.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 8d7a830500d0..987df8dfb93e 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -88,7 +88,8 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) if err != nil { return err } - if hasCapSysAdmin { + // check for both euid == 0 and CAP_SYS_ADMIN because we may be running in a container with CAP_SYS_ADMIN set. + if os.Geteuid() == 0 && hasCapSysAdmin { ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup() if err != nil { logrus.Infof("Failed to detect the owner for the current cgroup: %v", err) From c7f6844c0299a503a2ec5eed373e70166b23a62a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 05:05:51 +0000 Subject: [PATCH 066/170] fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +-- vendor/github.com/vbauerster/mpb/v8/README.md | 6 ++--- .../vbauerster/mpb/v8/decor/decorator.go | 27 +++++++++---------- vendor/modules.txt | 2 +- 5 files changed, 18 insertions(+), 23 deletions(-) diff --git a/go.mod b/go.mod index a35d5e746dc9..f133335674ac 100644 --- a/go.mod +++ b/go.mod @@ -63,7 +63,7 @@ require ( github.com/stretchr/testify v1.8.4 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 github.com/ulikunitz/xz v0.5.11 - github.com/vbauerster/mpb/v8 v8.6.2 + github.com/vbauerster/mpb/v8 v8.7.0 github.com/vishvananda/netlink v1.2.1-beta.2 go.etcd.io/bbolt v1.3.8 golang.org/x/exp v0.0.0-20231006140011-7918f672742d diff --git a/go.sum b/go.sum index c18a66e25ed1..8e2f02dead6a 100644 --- a/go.sum +++ b/go.sum @@ -1074,8 +1074,8 @@ github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= -github.com/vbauerster/mpb/v8 v8.6.2 h1:9EhnJGQRtvgDVCychJgR96EDCOqgg2NsMuk5JUcX4DA= -github.com/vbauerster/mpb/v8 v8.6.2/go.mod h1:oVJ7T+dib99kZ/VBjoBaC8aPXiSAihnzuKmotuihyFo= +github.com/vbauerster/mpb/v8 v8.7.0 h1:n2LTGyol7qqNBcLQn8FL5Bga2O8CGF75OOYsJVFsfMg= +github.com/vbauerster/mpb/v8 v8.7.0/go.mod h1:0RgdqeTpu6cDbdWeSaDvEvfgm9O598rBnRZ09HKaV0k= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= diff --git a/vendor/github.com/vbauerster/mpb/v8/README.md b/vendor/github.com/vbauerster/mpb/v8/README.md index 09825ca08610..af97c92a759e 100644 --- a/vendor/github.com/vbauerster/mpb/v8/README.md +++ b/vendor/github.com/vbauerster/mpb/v8/README.md @@ -42,11 +42,9 @@ func main() { mpb.BarStyle().Lbound("╢").Filler("▌").Tip("▌").Padding("░").Rbound("╟"), mpb.PrependDecorators( // display our name with one space on the right - decor.Name(name, decor.WC{W: len(name) + 1, C: decor.DidentRight}), + decor.Name(name, decor.WC{C: decor.DindentRight | decor.DextraSpace}), // replace ETA decorator with "done" message, OnComplete event - decor.OnComplete( - decor.AverageETA(decor.ET_STYLE_GO, decor.WC{W: 4}), "done", - ), + decor.OnComplete(decor.AverageETA(decor.ET_STYLE_GO), "done"), ), mpb.AppendDecorators(decor.Percentage()), ) diff --git a/vendor/github.com/vbauerster/mpb/v8/decor/decorator.go b/vendor/github.com/vbauerster/mpb/v8/decor/decorator.go index f537d3f7af4e..31062ebd3a0a 100644 --- a/vendor/github.com/vbauerster/mpb/v8/decor/decorator.go +++ b/vendor/github.com/vbauerster/mpb/v8/decor/decorator.go @@ -8,29 +8,27 @@ import ( ) const ( - // DidentRight bit specifies identation direction. + // DindentRight sets indentation from right to left. // - // |foo |b | With DidentRight - // | foo| b| Without DidentRight - DidentRight = 1 << iota + // |foo |b | DindentRight is set + // | foo| b| DindentRight is not set + DindentRight = 1 << iota - // DextraSpace bit adds extra space, makes sense with DSyncWidth only. - // When DidentRight bit set, the space will be added to the right, - // otherwise to the left. + // DextraSpace bit adds extra indentation space. DextraSpace // DSyncWidth bit enables same column width synchronization. // Effective with multiple bars only. DSyncWidth - // DSyncWidthR is shortcut for DSyncWidth|DidentRight - DSyncWidthR = DSyncWidth | DidentRight + // DSyncWidthR is shortcut for DSyncWidth|DindentRight + DSyncWidthR = DSyncWidth | DindentRight // DSyncSpace is shortcut for DSyncWidth|DextraSpace DSyncSpace = DSyncWidth | DextraSpace - // DSyncSpaceR is shortcut for DSyncWidth|DextraSpace|DidentRight - DSyncSpaceR = DSyncWidth | DextraSpace | DidentRight + // DSyncSpaceR is shortcut for DSyncWidth|DextraSpace|DindentRight + DSyncSpaceR = DSyncWidth | DextraSpace | DindentRight ) // TimeStyle enum. @@ -143,11 +141,10 @@ func (wc WC) Format(str string) (string, int) { viewWidth := runewidth.StringWidth(str) if wc.W > viewWidth { viewWidth = wc.W + } else if (wc.C & DextraSpace) != 0 { + viewWidth++ } if (wc.C & DSyncWidth) != 0 { - if (wc.C & DextraSpace) != 0 { - viewWidth++ - } wc.wsync <- viewWidth viewWidth = <-wc.wsync } @@ -156,7 +153,7 @@ func (wc WC) Format(str string) (string, int) { // Init initializes width related config. func (wc *WC) Init() WC { - if (wc.C & DidentRight) != 0 { + if (wc.C & DindentRight) != 0 { wc.fill = runewidth.FillRight } else { wc.fill = runewidth.FillLeft diff --git a/vendor/modules.txt b/vendor/modules.txt index 1cd5ecdb4261..02819c24f949 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1055,7 +1055,7 @@ github.com/ulikunitz/xz/lzma github.com/vbatts/tar-split/archive/tar github.com/vbatts/tar-split/tar/asm github.com/vbatts/tar-split/tar/storage -# github.com/vbauerster/mpb/v8 v8.6.2 +# github.com/vbauerster/mpb/v8 v8.7.0 ## explicit; go 1.17 github.com/vbauerster/mpb/v8 github.com/vbauerster/mpb/v8/cwriter From f6b2a137810f13d3beabf0f38d20ab318115b191 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 22 Nov 2023 13:22:51 -0700 Subject: [PATCH 067/170] Clean up farm-build miscommit Followup to #20051, which I didn't review in time. Signed-off-by: Ed Santiago --- docs/source/markdown/options/add-host.md | 2 +- docs/source/markdown/options/no-hostname.md | 9 +++++++++ docs/source/markdown/podman-build.1.md.in | 6 +----- docs/source/markdown/podman-farm-build.1.md.in | 6 +++++- docs/source/markdown/podman-farm-list.1.md | 2 +- hack/xref-helpmsgs-manpages | 2 +- 6 files changed, 18 insertions(+), 9 deletions(-) create mode 100644 docs/source/markdown/options/no-hostname.md diff --git a/docs/source/markdown/options/add-host.md b/docs/source/markdown/options/add-host.md index 968665d812ab..6e9f598ca052 100644 --- a/docs/source/markdown/options/add-host.md +++ b/docs/source/markdown/options/add-host.md @@ -1,5 +1,5 @@ ####> This option file is used in: -####> podman build, create, pod create, run +####> podman build, create, farm build, pod create, run ####> If file is edited, make sure the changes ####> are applicable to all of those. #### **--add-host**=*host:ip* diff --git a/docs/source/markdown/options/no-hostname.md b/docs/source/markdown/options/no-hostname.md new file mode 100644 index 000000000000..1cb4d8dfb60f --- /dev/null +++ b/docs/source/markdown/options/no-hostname.md @@ -0,0 +1,9 @@ +####> This option file is used in: +####> podman build, farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--no-hostname** + +Do not create the _/etc/hostname_ file in the container for RUN instructions. + +By default, Buildah manages the _/etc/hostname_ file, adding the container's own hostname. When the **--no-hostname** option is set, the image's _/etc/hostname_ will be preserved unmodified if it exists. diff --git a/docs/source/markdown/podman-build.1.md.in b/docs/source/markdown/podman-build.1.md.in index 26a0ea51e5c3..0e013dea9d9f 100644 --- a/docs/source/markdown/podman-build.1.md.in +++ b/docs/source/markdown/podman-build.1.md.in @@ -249,11 +249,7 @@ This option is not supported on the remote client, including Mac and Windows @@option no-cache -#### **--no-hostname** - -Do not create the _/etc/hostname_ file in the container for RUN instructions. - -By default, Buildah manages the _/etc/hostname_ file, adding the container's own hostname. When the **--no-hostname** option is set, the image's _/etc/hostname_ will be preserved unmodified if it exists. +@@option no-hostname @@option no-hosts diff --git a/docs/source/markdown/podman-farm-build.1.md.in b/docs/source/markdown/podman-farm-build.1.md.in index 64fd8a7c9637..14ef252c890a 100644 --- a/docs/source/markdown/podman-farm-build.1.md.in +++ b/docs/source/markdown/podman-farm-build.1.md.in @@ -19,6 +19,8 @@ If no farm is specified, the build will be sent out to all the nodes that `podma ## OPTIONS +@@option add-host + @@option annotation.image @@option authfile @@ -121,7 +123,7 @@ It does not affect _/etc/resolv.conf_ in the final image. @@option layers -#### **--local** +#### **--local**, **-l** Build image on local machine as well as on farm nodes. @@ -135,6 +137,8 @@ Build image on local machine as well as on farm nodes. @@option no-cache +@@option no-hostname + @@option no-hosts This option conflicts with **--add-host**. diff --git a/docs/source/markdown/podman-farm-list.1.md b/docs/source/markdown/podman-farm-list.1.md index c30a9ec54527..e643bdc1a4ab 100644 --- a/docs/source/markdown/podman-farm-list.1.md +++ b/docs/source/markdown/podman-farm-list.1.md @@ -13,7 +13,7 @@ List all the existing farms. ## OPTIONS -#### **--format**, **-f**=*format* +#### **--format**=*format* Change the default output format. This can be of a supported type like 'json' or a Go template. Valid placeholders for the Go template listed below: diff --git a/hack/xref-helpmsgs-manpages b/hack/xref-helpmsgs-manpages index d8d32847ce92..4b925737ea6a 100755 --- a/hack/xref-helpmsgs-manpages +++ b/hack/xref-helpmsgs-manpages @@ -85,7 +85,7 @@ for my $line (split "\n", $Format_Exceptions) { # added, with a --format option that does not autocomplete '{{.', # let's make sure it gets extra eyeballs. my %Format_Option_Is_Special = map { $_ => 1 } ( - 'build', 'image build', # oci | docker + 'build', 'farm build', 'image build', # oci | docker 'commit', 'container commit', # " " " " 'diff', 'container diff', 'image diff', # only supports "json" 'generate systemd', # " " " " From 386c8d6bfcd699ed62e89caee421972629ad9060 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Mon, 27 Nov 2023 15:42:42 +0100 Subject: [PATCH 068/170] swagger: document play kube annotations param The annotations parameter was not documented, add it. Fixes #20784 Signed-off-by: Paul Holzinger --- pkg/api/server/register_kube.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/api/server/register_kube.go b/pkg/api/server/register_kube.go index 85350fc774e5..a944c52a3bd0 100644 --- a/pkg/api/server/register_kube.go +++ b/pkg/api/server/register_kube.go @@ -17,6 +17,10 @@ func (s *APIServer) registerKubeHandlers(r *mux.Router) error { // description: Create and run pods based on a Kubernetes YAML file (pod or service kind). // parameters: // - in: query + // name: annotations + // type: string + // description: JSON encoded value of annotations (a map[string]string). + // - in: query // name: logDriver // type: string // description: Logging driver for the containers in the pod. From d280e481a5ebc0f21cd4428c5df64bd1f7b6fbd6 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Mon, 27 Nov 2023 18:02:26 +0100 Subject: [PATCH 069/170] test/compose: remove debug leftovers I noticed these old debug code while looking at a log. These were needed to debug a nasty flake[1] in the compose tests. However it has been fixed[2] for a while and I am not aware of any flakes around that logic so we are good to remove it. I still leave the server logs in there as they may be useful for all kinds of issues and are only printed when the test fails so it does not clutter the logs. [1] https://github.com/containers/podman/issues/10052 [2] https://github.com/containers/podman/pull/11091 Signed-off-by: Paul Holzinger --- test/compose/test-compose | 8 -------- 1 file changed, 8 deletions(-) diff --git a/test/compose/test-compose b/test/compose/test-compose index 201cead240e3..83a033dafc43 100755 --- a/test/compose/test-compose +++ b/test/compose/test-compose @@ -173,14 +173,6 @@ function test_port() { if [ $curl_rc -ne 0 ]; then _show_ok 0 "$testname - curl (port $port) failed with status $curl_rc" - echo "# podman ps -a:" - $PODMAN_BIN --storage-driver=vfs --root $WORKDIR/root --runroot $WORKDIR/runroot ps -a - if type -p ss; then - echo "# ss -tulpn:" - ss -tulpn - echo "# podman unshare --rootless-cni ss -tulpn:" - $PODMAN_BIN --storage-driver=vfs --root $WORKDIR/root --runroot $WORKDIR/runroot unshare --rootless-cni ss -tulpn - fi echo "# cat $WORKDIR/server.log:" cat $WORKDIR/server.log echo "# cat $logfile:" From 8e2d5e1912187bac53212833b0819a54c4098bd6 Mon Sep 17 00:00:00 2001 From: "Jason T. Greene" Date: Mon, 13 Nov 2023 18:38:54 -0600 Subject: [PATCH 070/170] Fix wsl.conf generation when user-mode-networking is disabled [NO NEW TESTS NEEDED] Signed-off-by: Jason T. Greene --- pkg/machine/wsl/machine.go | 5 +---- pkg/machine/wsl/usermodenet.go | 6 +++++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go index bd6b391cf4cb..4f6daa9e9cac 100644 --- a/pkg/machine/wsl/machine.go +++ b/pkg/machine/wsl/machine.go @@ -1150,11 +1150,8 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) ([]error, error) { if v.isRunning() { update = false setErrors = append(setErrors, fmt.Errorf("user-mode networking can only be changed when the machine is not running")) - } - - if update && *opts.UserModeNetworking { + } else { dist := toDist(v.Name) - if err := changeDistUserModeNetworking(dist, v.RemoteUsername, v.ImagePath, *opts.UserModeNetworking); err != nil { update = false setErrors = append(setErrors, err) diff --git a/pkg/machine/wsl/usermodenet.go b/pkg/machine/wsl/usermodenet.go index 6da8cdf3dad9..5fb6aa32bc9c 100644 --- a/pkg/machine/wsl/usermodenet.go +++ b/pkg/machine/wsl/usermodenet.go @@ -4,6 +4,7 @@ package wsl import ( + "errors" "fmt" "os" "os/exec" @@ -320,7 +321,10 @@ func (v *MachineVM) obtainUserModeNetLock() (*fileLock, error) { func changeDistUserModeNetworking(dist string, user string, image string, enable bool) error { // Only install if user-mode is being enabled and there was an image path passed - if enable && len(image) > 0 { + if enable { + if len(image) <= 0 { + return errors.New("existing machine configuration is corrupt, no image is defined") + } if err := installUserModeDist(dist, image); err != nil { return err } From f07b15105d749f61d93415f54e298c233d5bd1d5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 18:30:10 +0000 Subject: [PATCH 071/170] fix(deps): update module golang.org/x/net to v0.19.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 8 ++--- go.sum | 16 ++++----- vendor/golang.org/x/crypto/ssh/client_auth.go | 20 ++++++++++- vendor/golang.org/x/crypto/ssh/common.go | 8 +++++ vendor/golang.org/x/crypto/ssh/server.go | 5 +-- vendor/golang.org/x/crypto/ssh/tcpip.go | 35 +++++++++++++++++++ vendor/golang.org/x/sys/unix/fcntl.go | 2 +- vendor/golang.org/x/sys/unix/ioctl_linux.go | 5 +++ vendor/golang.org/x/sys/unix/mkerrors.sh | 3 +- vendor/golang.org/x/sys/unix/syscall_bsd.go | 2 +- vendor/golang.org/x/sys/unix/syscall_linux.go | 28 +++++++++------ .../golang.org/x/sys/unix/syscall_openbsd.go | 14 ++++++++ .../golang.org/x/sys/unix/syscall_solaris.go | 2 +- .../x/sys/unix/syscall_zos_s390x.go | 2 +- vendor/golang.org/x/sys/unix/zerrors_linux.go | 2 +- .../golang.org/x/sys/unix/zsyscall_linux.go | 15 ++++++++ .../x/sys/unix/zsyscall_openbsd_386.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_386.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_amd64.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_amd64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_arm.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_arm.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_arm64.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_arm64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_mips64.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_mips64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_ppc64.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_ppc64.s | 6 ++++ .../x/sys/unix/zsyscall_openbsd_riscv64.go | 26 ++++++++++++++ .../x/sys/unix/zsyscall_openbsd_riscv64.s | 5 +++ vendor/golang.org/x/sys/unix/ztypes_linux.go | 32 +++++++++++++++++ .../x/sys/windows/syscall_windows.go | 2 ++ .../x/sys/windows/zsyscall_windows.go | 19 ++++++++++ vendor/modules.txt | 8 ++--- 34 files changed, 411 insertions(+), 35 deletions(-) diff --git a/go.mod b/go.mod index f133335674ac..a79561bda278 100644 --- a/go.mod +++ b/go.mod @@ -67,10 +67,10 @@ require ( github.com/vishvananda/netlink v1.2.1-beta.2 go.etcd.io/bbolt v1.3.8 golang.org/x/exp v0.0.0-20231006140011-7918f672742d - golang.org/x/net v0.18.0 + golang.org/x/net v0.19.0 golang.org/x/sync v0.5.0 - golang.org/x/sys v0.14.0 - golang.org/x/term v0.14.0 + golang.org/x/sys v0.15.0 + golang.org/x/term v0.15.0 golang.org/x/text v0.14.0 google.golang.org/protobuf v1.31.0 gopkg.in/inf.v0 v0.9.1 @@ -204,7 +204,7 @@ require ( go.opentelemetry.io/otel/metric v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect golang.org/x/arch v0.5.0 // indirect - golang.org/x/crypto v0.15.0 // indirect + golang.org/x/crypto v0.16.0 // indirect golang.org/x/mod v0.13.0 // indirect golang.org/x/oauth2 v0.14.0 // indirect golang.org/x/tools v0.14.0 // indirect diff --git a/go.sum b/go.sum index 8e2f02dead6a..b94dfd9f17a8 100644 --- a/go.sum +++ b/go.sum @@ -1175,8 +1175,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= -golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= -golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= +golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= +golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1264,8 +1264,8 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= -golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= -golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1381,16 +1381,16 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= -golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= -golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go index 5c3bc2572335..34bf089d0bb7 100644 --- a/vendor/golang.org/x/crypto/ssh/client_auth.go +++ b/vendor/golang.org/x/crypto/ssh/client_auth.go @@ -307,7 +307,10 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand } var methods []string var errSigAlgo error - for _, signer := range signers { + + origSignersLen := len(signers) + for idx := 0; idx < len(signers); idx++ { + signer := signers[idx] pub := signer.PublicKey() as, algo, err := pickSignatureAlgorithm(signer, extensions) if err != nil && errSigAlgo == nil { @@ -321,6 +324,21 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand if err != nil { return authFailure, nil, err } + // OpenSSH 7.2-7.7 advertises support for rsa-sha2-256 and rsa-sha2-512 + // in the "server-sig-algs" extension but doesn't support these + // algorithms for certificate authentication, so if the server rejects + // the key try to use the obtained algorithm as if "server-sig-algs" had + // not been implemented if supported from the algorithm signer. + if !ok && idx < origSignersLen && isRSACert(algo) && algo != CertAlgoRSAv01 { + if contains(as.Algorithms(), KeyAlgoRSA) { + // We retry using the compat algorithm after all signers have + // been tried normally. + signers = append(signers, &multiAlgorithmSigner{ + AlgorithmSigner: as, + supportedAlgorithms: []string{KeyAlgoRSA}, + }) + } + } if !ok { continue } diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go index dd2ab0d69a39..7e9c2cbc647e 100644 --- a/vendor/golang.org/x/crypto/ssh/common.go +++ b/vendor/golang.org/x/crypto/ssh/common.go @@ -127,6 +127,14 @@ func isRSA(algo string) bool { return contains(algos, underlyingAlgo(algo)) } +func isRSACert(algo string) bool { + _, ok := certKeyAlgoNames[algo] + if !ok { + return false + } + return isRSA(algo) +} + // supportedPubKeyAuthAlgos specifies the supported client public key // authentication algorithms. Note that this doesn't include certificate types // since those use the underlying algorithm. This list is sent to the client if diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go index 8f1505af9414..7f0c236a9a20 100644 --- a/vendor/golang.org/x/crypto/ssh/server.go +++ b/vendor/golang.org/x/crypto/ssh/server.go @@ -337,7 +337,7 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error { return fmt.Errorf("ssh: remote address %v is not allowed because of source-address restriction", addr) } -func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *connection, +func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, token []byte, s *connection, sessionID []byte, userAuthReq userAuthRequestMsg) (authErr error, perms *Permissions, err error) { gssAPIServer := gssapiConfig.Server defer gssAPIServer.DeleteSecContext() @@ -347,7 +347,7 @@ func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *c outToken []byte needContinue bool ) - outToken, srcName, needContinue, err = gssAPIServer.AcceptSecContext(firstToken) + outToken, srcName, needContinue, err = gssAPIServer.AcceptSecContext(token) if err != nil { return err, nil, nil } @@ -369,6 +369,7 @@ func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *c if err := Unmarshal(packet, userAuthGSSAPITokenReq); err != nil { return nil, nil, err } + token = userAuthGSSAPITokenReq.Token } packet, err := s.transport.readPacket() if err != nil { diff --git a/vendor/golang.org/x/crypto/ssh/tcpip.go b/vendor/golang.org/x/crypto/ssh/tcpip.go index 80d35f5ec187..ef5059a11d79 100644 --- a/vendor/golang.org/x/crypto/ssh/tcpip.go +++ b/vendor/golang.org/x/crypto/ssh/tcpip.go @@ -5,6 +5,7 @@ package ssh import ( + "context" "errors" "fmt" "io" @@ -332,6 +333,40 @@ func (l *tcpListener) Addr() net.Addr { return l.laddr } +// DialContext initiates a connection to the addr from the remote host. +// +// The provided Context must be non-nil. If the context expires before the +// connection is complete, an error is returned. Once successfully connected, +// any expiration of the context will not affect the connection. +// +// See func Dial for additional information. +func (c *Client) DialContext(ctx context.Context, n, addr string) (net.Conn, error) { + if err := ctx.Err(); err != nil { + return nil, err + } + type connErr struct { + conn net.Conn + err error + } + ch := make(chan connErr) + go func() { + conn, err := c.Dial(n, addr) + select { + case ch <- connErr{conn, err}: + case <-ctx.Done(): + if conn != nil { + conn.Close() + } + } + }() + select { + case res := <-ch: + return res.conn, res.err + case <-ctx.Done(): + return nil, ctx.Err() + } +} + // Dial initiates a connection to the addr from the remote host. // The resulting connection has a zero LocalAddr() and RemoteAddr(). func (c *Client) Dial(n, addr string) (net.Conn, error) { diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go index 58c6bfc70f6e..6200876fb28c 100644 --- a/vendor/golang.org/x/sys/unix/fcntl.go +++ b/vendor/golang.org/x/sys/unix/fcntl.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build dragonfly || freebsd || linux || netbsd || openbsd +//go:build dragonfly || freebsd || linux || netbsd package unix diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go index 0d12c0851adf..dbe680eab88a 100644 --- a/vendor/golang.org/x/sys/unix/ioctl_linux.go +++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go @@ -231,3 +231,8 @@ func IoctlLoopGetStatus64(fd int) (*LoopInfo64, error) { func IoctlLoopSetStatus64(fd int, value *LoopInfo64) error { return ioctlPtr(fd, LOOP_SET_STATUS64, unsafe.Pointer(value)) } + +// IoctlLoopConfigure configures all loop device parameters in a single step +func IoctlLoopConfigure(fd int, value *LoopConfig) error { + return ioctlPtr(fd, LOOP_CONFIGURE, unsafe.Pointer(value)) +} diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh index cbe24150a7a8..6202638bae86 100644 --- a/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -519,6 +519,7 @@ ccflags="$@" $2 ~ /^LOCK_(SH|EX|NB|UN)$/ || $2 ~ /^LO_(KEY|NAME)_SIZE$/ || $2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ || + $2 == "LOOP_CONFIGURE" || $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ || $2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ || $2 ~ /^NFC_.*_(MAX)?SIZE$/ || @@ -560,7 +561,7 @@ ccflags="$@" $2 ~ /^RLIMIT_(AS|CORE|CPU|DATA|FSIZE|LOCKS|MEMLOCK|MSGQUEUE|NICE|NOFILE|NPROC|RSS|RTPRIO|RTTIME|SIGPENDING|STACK)|RLIM_INFINITY/ || $2 ~ /^PRIO_(PROCESS|PGRP|USER)/ || $2 ~ /^CLONE_[A-Z_]+/ || - $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+)$/ && + $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+|BPF_F_LINK)$/ && $2 ~ /^(BPF|DLT)_/ || $2 ~ /^AUDIT_/ || $2 ~ /^(CLOCK|TIMER)_/ || diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index 6f328e3a5541..a00c3e5450b3 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -316,7 +316,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } //sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index a5e1c10e341b..0f85e29e621c 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -61,15 +61,23 @@ func FanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname string) ( } //sys fchmodat(dirfd int, path string, mode uint32) (err error) - -func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { - // Linux fchmodat doesn't support the flags parameter. Mimick glibc's behavior - // and check the flags. Otherwise the mode would be applied to the symlink - // destination which is not what the user expects. - if flags&^AT_SYMLINK_NOFOLLOW != 0 { - return EINVAL - } else if flags&AT_SYMLINK_NOFOLLOW != 0 { - return EOPNOTSUPP +//sys fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) + +func Fchmodat(dirfd int, path string, mode uint32, flags int) error { + // Linux fchmodat doesn't support the flags parameter, but fchmodat2 does. + // Try fchmodat2 if flags are specified. + if flags != 0 { + err := fchmodat2(dirfd, path, mode, flags) + if err == ENOSYS { + // fchmodat2 isn't available. If the flags are known to be valid, + // return EOPNOTSUPP to indicate that fchmodat doesn't support them. + if flags&^(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EINVAL + } else if flags&(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EOPNOTSUPP + } + } + return err } return fchmodat(dirfd, path, mode) } @@ -1302,7 +1310,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func GetsockoptTpacketStats(fd, level, opt int) (*TpacketStats, error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index d2882ee04f74..b25343c71a42 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -166,6 +166,20 @@ func Getresgid() (rgid, egid, sgid int) { //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL +//sys fcntl(fd int, cmd int, arg int) (n int, err error) +//sys fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) = SYS_FCNTL + +// FcntlInt performs a fcntl syscall on fd with the provided command and argument. +func FcntlInt(fd uintptr, cmd, arg int) (int, error) { + return fcntl(int(fd), cmd, arg) +} + +// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command. +func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error { + _, err := fcntlPtr(int(fd), cmd, unsafe.Pointer(lk)) + return err +} + //sys ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) func Ppoll(fds []PollFd, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index 60c8142d49ef..21974af064dd 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -158,7 +158,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } const ImplementsGetwd = true diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go index d99d05f1bc14..b473038c6155 100644 --- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go @@ -1104,7 +1104,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) { diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 9c00cbf512c4..c73cfe2f10b7 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -486,7 +486,6 @@ const ( BPF_F_ANY_ALIGNMENT = 0x2 BPF_F_BEFORE = 0x8 BPF_F_ID = 0x20 - BPF_F_LINK = 0x2000 BPF_F_NETFILTER_IP_DEFRAG = 0x1 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 @@ -1802,6 +1801,7 @@ const ( LOCK_SH = 0x1 LOCK_UN = 0x8 LOOP_CLR_FD = 0x4c01 + LOOP_CONFIGURE = 0x4c0a LOOP_CTL_ADD = 0x4c80 LOOP_CTL_GET_FREE = 0x4c82 LOOP_CTL_REMOVE = 0x4c81 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go index faca7a557b10..1488d27128cd 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -37,6 +37,21 @@ func fchmodat(dirfd int, path string, mode uint32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_FCHMODAT2, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ioctl(fd int, req uint, arg uintptr) (err error) { _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index 88bfc2885782..a1d061597ccc 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s index 4cbeff171b2b..41b5617316c0 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index b8a67b99af8d..5b2a74097786 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s index 1123f27571e5..4019a656f6d5 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index af50a65c0cd0..f6eda1344a83 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s index 82badae39fe6..ac4af24f9083 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index 8fb4ff36a7dd..55df20ae9d8d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s index 24d7eecb93ba..f77d532121b9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index f469a83ee6ed..8c1155cbc087 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s index 9a498a067733..fae140b62c9d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index c26ca2e1aa22..7cc80c58d985 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s index 1f224aa4162f..9d1e0ff06d0f 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s @@ -213,6 +213,12 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_fcntl(SB) + RET +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 CALL libc_ppoll(SB) RET diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index bcc920dd2599..0688737f4944 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s index 87a79c7095a6..da115f9a4b69 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 997bcd55ae9f..bbf8399ff586 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -2671,6 +2671,7 @@ const ( BPF_PROG_TYPE_LSM = 0x1d BPF_PROG_TYPE_SK_LOOKUP = 0x1e BPF_PROG_TYPE_SYSCALL = 0x1f + BPF_PROG_TYPE_NETFILTER = 0x20 BPF_CGROUP_INET_INGRESS = 0x0 BPF_CGROUP_INET_EGRESS = 0x1 BPF_CGROUP_INET_SOCK_CREATE = 0x2 @@ -2715,6 +2716,11 @@ const ( BPF_PERF_EVENT = 0x29 BPF_TRACE_KPROBE_MULTI = 0x2a BPF_LSM_CGROUP = 0x2b + BPF_STRUCT_OPS = 0x2c + BPF_NETFILTER = 0x2d + BPF_TCX_INGRESS = 0x2e + BPF_TCX_EGRESS = 0x2f + BPF_TRACE_UPROBE_MULTI = 0x30 BPF_LINK_TYPE_UNSPEC = 0x0 BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 BPF_LINK_TYPE_TRACING = 0x2 @@ -2725,6 +2731,18 @@ const ( BPF_LINK_TYPE_PERF_EVENT = 0x7 BPF_LINK_TYPE_KPROBE_MULTI = 0x8 BPF_LINK_TYPE_STRUCT_OPS = 0x9 + BPF_LINK_TYPE_NETFILTER = 0xa + BPF_LINK_TYPE_TCX = 0xb + BPF_LINK_TYPE_UPROBE_MULTI = 0xc + BPF_PERF_EVENT_UNSPEC = 0x0 + BPF_PERF_EVENT_UPROBE = 0x1 + BPF_PERF_EVENT_URETPROBE = 0x2 + BPF_PERF_EVENT_KPROBE = 0x3 + BPF_PERF_EVENT_KRETPROBE = 0x4 + BPF_PERF_EVENT_TRACEPOINT = 0x5 + BPF_PERF_EVENT_EVENT = 0x6 + BPF_F_KPROBE_MULTI_RETURN = 0x1 + BPF_F_UPROBE_MULTI_RETURN = 0x1 BPF_ANY = 0x0 BPF_NOEXIST = 0x1 BPF_EXIST = 0x2 @@ -2742,6 +2760,8 @@ const ( BPF_F_MMAPABLE = 0x400 BPF_F_PRESERVE_ELEMS = 0x800 BPF_F_INNER_MAP = 0x1000 + BPF_F_LINK = 0x2000 + BPF_F_PATH_FD = 0x4000 BPF_STATS_RUN_TIME = 0x0 BPF_STACK_BUILD_ID_EMPTY = 0x0 BPF_STACK_BUILD_ID_VALID = 0x1 @@ -2762,6 +2782,7 @@ const ( BPF_F_ZERO_CSUM_TX = 0x2 BPF_F_DONT_FRAGMENT = 0x4 BPF_F_SEQ_NUMBER = 0x8 + BPF_F_NO_TUNNEL_KEY = 0x10 BPF_F_TUNINFO_FLAGS = 0x10 BPF_F_INDEX_MASK = 0xffffffff BPF_F_CURRENT_CPU = 0xffffffff @@ -2778,6 +2799,8 @@ const ( BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 BPF_F_ADJ_ROOM_ENCAP_L2_ETH = 0x40 + BPF_F_ADJ_ROOM_DECAP_L3_IPV4 = 0x80 + BPF_F_ADJ_ROOM_DECAP_L3_IPV6 = 0x100 BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 BPF_F_SYSCTL_BASE_NAME = 0x1 @@ -2866,6 +2889,8 @@ const ( BPF_DEVCG_DEV_CHAR = 0x2 BPF_FIB_LOOKUP_DIRECT = 0x1 BPF_FIB_LOOKUP_OUTPUT = 0x2 + BPF_FIB_LOOKUP_SKIP_NEIGH = 0x4 + BPF_FIB_LOOKUP_TBID = 0x8 BPF_FIB_LKUP_RET_SUCCESS = 0x0 BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 @@ -2901,6 +2926,7 @@ const ( BPF_CORE_ENUMVAL_EXISTS = 0xa BPF_CORE_ENUMVAL_VALUE = 0xb BPF_CORE_TYPE_MATCHES = 0xc + BPF_F_TIMER_ABS = 0x1 ) const ( @@ -2979,6 +3005,12 @@ type LoopInfo64 struct { Encrypt_key [32]uint8 Init [2]uint64 } +type LoopConfig struct { + Fd uint32 + Size uint32 + Info LoopInfo64 + _ [8]uint64 +} type TIPCSocketAddr struct { Ref uint32 diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index fb6cfd0462b4..47dc57967690 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -155,6 +155,8 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW //sys GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW //sys SetDefaultDllDirectories(directoryFlags uint32) (err error) +//sys AddDllDirectory(path *uint16) (cookie uintptr, err error) = kernel32.AddDllDirectory +//sys RemoveDllDirectory(cookie uintptr) (err error) = kernel32.RemoveDllDirectory //sys SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW //sys GetVersion() (ver uint32, err error) //sys FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index db6282e00a58..146a1f0196f9 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -184,6 +184,7 @@ var ( procGetAdaptersInfo = modiphlpapi.NewProc("GetAdaptersInfo") procGetBestInterfaceEx = modiphlpapi.NewProc("GetBestInterfaceEx") procGetIfEntry = modiphlpapi.NewProc("GetIfEntry") + procAddDllDirectory = modkernel32.NewProc("AddDllDirectory") procAssignProcessToJobObject = modkernel32.NewProc("AssignProcessToJobObject") procCancelIo = modkernel32.NewProc("CancelIo") procCancelIoEx = modkernel32.NewProc("CancelIoEx") @@ -330,6 +331,7 @@ var ( procReadProcessMemory = modkernel32.NewProc("ReadProcessMemory") procReleaseMutex = modkernel32.NewProc("ReleaseMutex") procRemoveDirectoryW = modkernel32.NewProc("RemoveDirectoryW") + procRemoveDllDirectory = modkernel32.NewProc("RemoveDllDirectory") procResetEvent = modkernel32.NewProc("ResetEvent") procResizePseudoConsole = modkernel32.NewProc("ResizePseudoConsole") procResumeThread = modkernel32.NewProc("ResumeThread") @@ -1605,6 +1607,15 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) { return } +func AddDllDirectory(path *uint16) (cookie uintptr, err error) { + r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + cookie = uintptr(r0) + if cookie == 0 { + err = errnoErr(e1) + } + return +} + func AssignProcessToJobObject(job Handle, process Handle) (err error) { r1, _, e1 := syscall.Syscall(procAssignProcessToJobObject.Addr(), 2, uintptr(job), uintptr(process), 0) if r1 == 0 { @@ -2879,6 +2890,14 @@ func RemoveDirectory(path *uint16) (err error) { return } +func RemoveDllDirectory(cookie uintptr) (err error) { + r1, _, e1 := syscall.Syscall(procRemoveDllDirectory.Addr(), 1, uintptr(cookie), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func ResetEvent(event Handle) (err error) { r1, _, e1 := syscall.Syscall(procResetEvent.Addr(), 1, uintptr(event), 0, 0) if r1 == 0 { diff --git a/vendor/modules.txt b/vendor/modules.txt index 02819c24f949..0a50ac2a1516 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1116,7 +1116,7 @@ go.opentelemetry.io/otel/trace # golang.org/x/arch v0.5.0 ## explicit; go 1.17 golang.org/x/arch/x86/x86asm -# golang.org/x/crypto v0.15.0 +# golang.org/x/crypto v0.16.0 ## explicit; go 1.18 golang.org/x/crypto/argon2 golang.org/x/crypto/blake2b @@ -1156,7 +1156,7 @@ golang.org/x/exp/slices ## explicit; go 1.18 golang.org/x/mod/semver golang.org/x/mod/sumdb/note -# golang.org/x/net v0.18.0 +# golang.org/x/net v0.19.0 ## explicit; go 1.18 golang.org/x/net/bpf golang.org/x/net/context @@ -1180,7 +1180,7 @@ golang.org/x/oauth2/internal ## explicit; go 1.18 golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.14.0 +# golang.org/x/sys v0.15.0 ## explicit; go 1.18 golang.org/x/sys/cpu golang.org/x/sys/execabs @@ -1189,7 +1189,7 @@ golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/registry golang.org/x/sys/windows/svc/eventlog -# golang.org/x/term v0.14.0 +# golang.org/x/term v0.15.0 ## explicit; go 1.18 golang.org/x/term # golang.org/x/text v0.14.0 From 29d18079cba78ad6778f75d9e5740d4c2ad1abd9 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 22 Nov 2023 08:22:49 -0700 Subject: [PATCH 072/170] [systests] new defer-assertion-failure Some system tests run deep loops: for x in a b c; do for y in d e f; do .... check condition $x + $y Normally, if one of these fails, game over. This can be frustrating to a developer looking for failure patterns. Here we introduce a new defer-assertion-failure function, meant to be called before loops like these. Everything is the same, except that tests will continue running even after failure. When test finishes, or if test runs immediate-assertion-failure, a new message indicates that multiple tests failed: FAIL: X test assertions failed. Search for 'FAIL': above this line. Signed-off-by: Ed Santiago --- test/system/005-info.bats | 8 ++++-- test/system/010-images.bats | 11 +++++---- test/system/030-run.bats | 7 ++++++ test/system/065-cp.bats | 12 +++++++++ test/system/075-exec.bats | 3 +++ test/system/110-history.bats | 13 ++++++---- test/system/620-option-conflicts.bats | 3 +++ test/system/helpers.bash | 35 ++++++++++++++++++++++++--- 8 files changed, 77 insertions(+), 15 deletions(-) diff --git a/test/system/005-info.bats b/test/system/005-info.bats index c5fcc3b85c12..1f99c3d55527 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -23,6 +23,8 @@ runRoot: cgroupManager: \\\(systemd\\\|cgroupfs\\\) cgroupVersion: v[12] " + defer-assertion-failures + while read expect; do is "$output" ".*$expect" "output includes '$expect'" done < <(parse_table "$expected_keys") @@ -52,11 +54,13 @@ store.imageStore.number | 1 host.slirp4netns.executable | $expr_path " - parse_table "$tests" | while read field expect; do + defer-assertion-failures + + while read field expect; do actual=$(echo "$output" | jq -r ".$field") dprint "# actual=<$actual> expect=<$expect>" is "$actual" "$expect" "jq .$field" - done + done < <(parse_table "$tests") } @test "podman info - confirm desired runtime" { diff --git a/test/system/010-images.bats b/test/system/010-images.bats index 655f98cb69ff..977c58684daa 100644 --- a/test/system/010-images.bats +++ b/test/system/010-images.bats @@ -26,10 +26,12 @@ load helpers {{.Labels.created_at}} | 20[0-9-]\\\+T[0-9:]\\\+Z " - parse_table "$tests" | while read fmt expect; do + defer-assertion-failures + + while read fmt expect; do run_podman images --format "$fmt" is "$output" "$expect" "podman images --format '$fmt'" - done + done < <(parse_table "$tests") run_podman images --format "{{.ID}}" --no-trunc is "$output" "sha256:[0-9a-f]\\{64\\}\$" "podman images --no-trunc" @@ -49,12 +51,11 @@ Labels.created_at | 20[0-9-]\\\+T[0-9:]\\\+Z run_podman images -a --format json - parse_table "$tests" | while read field expect; do + while read field expect; do actual=$(echo "$output" | jq -r ".[0].$field") dprint "# actual=<$actual> expect=<$expect}>" is "$actual" "$expect" "jq .$field" - done - + done < <(parse_table "$tests") } @test "podman images - history output" { diff --git a/test/system/030-run.bats b/test/system/030-run.bats index ab2abfa37b73..3513e7c925cd 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -21,6 +21,8 @@ echo $rand | 0 | $rand /etc | 126 | $err_no_exec_dir " + defer-assertion-failures + tests_run=0 while read cmd expected_rc expected_output; do if [ "$expected_output" = "''" ]; then expected_output=""; fi @@ -389,6 +391,9 @@ journald | - k8s-file | y json-file | f " + + defer-assertion-failures + while read driver do_check; do msg=$(random_string 15) run_podman run --name myctr --log-driver $driver $IMAGE echo $msg @@ -1285,6 +1290,8 @@ search | $IMAGE | bogus=$PODMAN_TMPDIR/bogus-authfile touch $PODMAN_TMPDIR/Containerfile + defer-assertion-failures + while read command args local_only;do # skip commands that don't work in podman-remote if [[ "$local_only" = "-" ]]; then diff --git a/test/system/065-cp.bats b/test/system/065-cp.bats index 7d4e70c83ae6..a2f1336f8400 100644 --- a/test/system/065-cp.bats +++ b/test/system/065-cp.bats @@ -47,6 +47,8 @@ load helpers 0 | subdir | /srv/subdir/hostfile0 | copy to workdir/subdir " + defer-assertion-failures + # RUNNING container while read id dest dest_fullname description; do run_podman cp $srcdir/hostfile$id destrunning:$dest @@ -192,6 +194,8 @@ load helpers 2 | subdir/containerfile2 | / | /containerfile2 | copy from workdir/subdir (rel path) to srcdir " + defer-assertion-failures + # RUNNING container while read id src dest dest_fullname description; do # dest may be "''" for empty table cells @@ -251,6 +255,8 @@ load helpers 2 | subdir/containerfile2 | / | /containerfile2 | copy from workdir/subdir (rel path) to / " + defer-assertion-failures + # From RUNNING container local -a destcontainers=() while read id src dest dest_fullname description; do @@ -342,6 +348,8 @@ load helpers dir/. | /newdir3 | /newdir3/sub | copy dir/. to newdir3 " + defer-assertion-failures + # RUNNING container while read src dest dest_fullname description; do run_podman cp $srcdir/$src destrunning:$dest @@ -400,6 +408,8 @@ load helpers /tmp/subdir. | | /subdir. | copy /tmp/subdir. " + defer-assertion-failures + # RUNNING container while read src dest dest_fullname description; do if [[ $dest == "''" ]];then @@ -467,6 +477,8 @@ load helpers /tmp/subdir. | / | /subdir. | copy /tmp/subdir. " + defer-assertion-failures + # From RUNNING container local -a destcontainers=() while read src dest dest_fullname description; do diff --git a/test/system/075-exec.bats b/test/system/075-exec.bats index 30a69f852bfa..1c2aa07bce0d 100644 --- a/test/system/075-exec.bats +++ b/test/system/075-exec.bats @@ -167,6 +167,9 @@ load helpers } @test "podman exec --tty" { + # Run all tests, report failures at end + defer-assertion-failures + # Outer loops: different variations on the RUN container for run_opt_t in "" "-t"; do for run_term_env in "" "explicit_RUN_term"; do diff --git a/test/system/110-history.bats b/test/system/110-history.bats index dbb97aacb0ea..17f9546b8a1e 100644 --- a/test/system/110-history.bats +++ b/test/system/110-history.bats @@ -11,14 +11,16 @@ load helpers --no-trunc | .*[0-9a-f]\\\{64\\\} " - parse_table "$tests" | while read options expect; do + defer-assertion-failures + + while read options expect; do if [ "$options" = "''" ]; then options=; fi eval set -- "$options" run_podman history "$@" $IMAGE is "$output" "$expect" "podman history $options" - done + done < <(parse_table "$tests") } @test "podman history - custom format" { @@ -42,7 +44,9 @@ size | -\\\?[0-9]\\\+ run_podman history --format json $IMAGE - parse_table "$tests" | while read field expect; do + defer-assertion-failures + + while read field expect; do # HACK: we can't include '|' in the table if [ "$field" = "id" ]; then expect="$expect\|";fi @@ -54,8 +58,7 @@ size | -\\\?[0-9]\\\+ is "$actual" "$expect\$" "jq .[$i].$field" i=$(expr $i + 1) done - done - + done < <(parse_table "$tests") } @test "podman image history Created" { diff --git a/test/system/620-option-conflicts.bats b/test/system/620-option-conflicts.bats index 26c5d05d74e5..1486c23ca5d9 100644 --- a/test/system/620-option-conflicts.bats +++ b/test/system/620-option-conflicts.bats @@ -18,6 +18,9 @@ container cleanup | --all | --exec=foo container cleanup | --exec=foo | --rmi | foo " + # Run all tests, continue even if any fail + defer-assertion-failures + # FIXME: parse_table is what does all the work, giving us test cases. while read subcommands opt1 opt2 args; do opt1_name=${opt1%=*} diff --git a/test/system/helpers.bash b/test/system/helpers.bash index 69b24e219471..907780c75b37 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -201,6 +201,34 @@ function basic_setup() { # Test filenames must match ###-name.bats; use "[###] " as prefix run expr "$BATS_TEST_FILENAME" : "^.*/\([0-9]\{3\}\)-[^/]\+\.bats\$" BATS_TEST_NAME_PREFIX="[${output}] " + + # By default, assert() and die() cause an immediate test failure. + # Under special circumstances (usually long test loops), tests + # can call defer-assertion-failures() to continue going, the + # idea being that a large number of failures can show patterns. + ASSERTION_FAILURES= + immediate-assertion-failures +} + +function immediate-assertion-failures() { + function bail-now() { + # "false" does not apply to "bail now"! It means "nonzero exit", + # which BATS interprets as "yes, bail immediately". + false + } + + # Any backlog? + if [[ -n "$ASSERTION_FAILURES" ]]; then + local n=${#ASSERTION_FAILURES} + ASSERTION_FAILURES= + die "$n test assertions failed. Search for 'FAIL:' above this line." >&2 + fi +} + +function defer-assertion-failures() { + function bail-now() { + ASSERTION_FAILURES+="!" + } } # Basic teardown: remove all pods and containers @@ -237,6 +265,7 @@ function basic_teardown() { done command rm -rf $PODMAN_TMPDIR + immediate-assertion-failures } @@ -745,7 +774,7 @@ function die() { echo "#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv" >&2 echo "#| FAIL: $*" >&2 echo "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^" >&2 - false + bail-now } ############ @@ -861,7 +890,7 @@ function assert() { printf "#| > %s%s\n" "$ws" "$line" >&2 done printf "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n" >&2 - false + bail-now } ######## @@ -911,7 +940,7 @@ function is() { printf "#| > '%s'\n" "$line" >&2 done printf "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n" >&2 - false + bail-now } #################### From c8f262fec912ed6c0d2d97b4249756f88baf552a Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 27 Nov 2023 20:38:15 -0500 Subject: [PATCH 073/170] Use idtools.SafeChown and SafeLchown everywhere If we get an error chowning a file or directory to a UID/GID pair for something like ENOSUP or EPERM, then we should ignore as long as the UID/GID pair on disk is correct. Fixes: https://github.com/containers/podman/issues/20801 [NO NEW TESTS NEEDED] Since this is difficult to test and existing tests should be sufficient to ensure no regression. Signed-off-by: Daniel J Walsh --- libpod/container_internal.go | 12 ++++++------ libpod/container_internal_common.go | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 90f9234aa3c0..387aea7b8eb7 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -535,11 +535,11 @@ func (c *Container) setupStorage(ctx context.Context) error { c.state.RunDir = containerInfo.RunDir if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 { - if err := os.Chown(containerInfo.RunDir, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(containerInfo.RunDir, c.RootUID(), c.RootGID()); err != nil { return err } - if err := os.Chown(containerInfo.Dir, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(containerInfo.Dir, c.RootUID(), c.RootGID()); err != nil { return err } } @@ -681,7 +681,7 @@ func (c *Container) refresh() error { if err := os.MkdirAll(root, 0755); err != nil { return fmt.Errorf("creating userNS tmpdir for container %s: %w", c.ID(), err) } - if err := os.Chown(root, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(root, c.RootUID(), c.RootGID()); err != nil { return err } } @@ -1578,7 +1578,7 @@ func (c *Container) mountStorage() (_ string, deferredErr error) { if err := c.mountSHM(shmOptions); err != nil { return "", err } - if err := os.Chown(c.config.ShmDir, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(c.config.ShmDir, c.RootUID(), c.RootGID()); err != nil { return "", fmt.Errorf("failed to chown %s: %w", c.config.ShmDir, err) } defer func() { @@ -2325,7 +2325,7 @@ func (c *Container) mount() (string, error) { if err != nil { return "", fmt.Errorf("resolving storage path for container %s: %w", c.ID(), err) } - if err := os.Chown(mountPoint, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(mountPoint, c.RootUID(), c.RootGID()); err != nil { return "", fmt.Errorf("cannot chown %s to %d:%d: %w", mountPoint, c.RootUID(), c.RootGID(), err) } return mountPoint, nil @@ -2508,7 +2508,7 @@ func (c *Container) extractSecretToCtrStorage(secr *ContainerSecret) error { if err != nil { return fmt.Errorf("unable to create %s: %w", secretFile, err) } - if err := os.Lchown(secretFile, int(hostUID), int(hostGID)); err != nil { + if err := idtools.SafeLchown(secretFile, int(hostUID), int(hostGID)); err != nil { return err } if err := os.Chmod(secretFile, os.FileMode(secr.Mode)); err != nil { diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go index fc5978942ca1..b66268765b88 100644 --- a/libpod/container_internal_common.go +++ b/libpod/container_internal_common.go @@ -795,7 +795,7 @@ func (c *Container) resolveWorkDir() error { if err != nil { return fmt.Errorf("looking up %s inside of the container %s: %w", c.User(), c.ID(), err) } - if err := os.Chown(resolvedWorkdir, int(uid), int(gid)); err != nil { + if err := idtools.SafeChown(resolvedWorkdir, int(uid), int(gid)); err != nil { return fmt.Errorf("chowning container %s workdir to container root: %w", c.ID(), err) } @@ -1820,7 +1820,7 @@ func (c *Container) mountIntoRootDirs(mountName string, mountPath string) error // Make standard bind mounts to include in the container func (c *Container) makeBindMounts() error { - if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil { return fmt.Errorf("cannot chown run directory: %w", err) } @@ -2285,7 +2285,7 @@ func (c *Container) addHosts() error { // It will also add the path to the container bind mount map. // source is the path on the host, dest is the path in the container. func (c *Container) bindMountRootFile(source, dest string) error { - if err := os.Chown(source, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(source, c.RootUID(), c.RootGID()); err != nil { return err } if err := c.relabel(source, c.MountLabel(), false); err != nil { @@ -2827,7 +2827,7 @@ func (c *Container) createSecretMountDir(runPath string) error { if err := c.relabel(src, c.config.MountLabel, false); err != nil { return err } - if err := os.Chown(src, c.RootUID(), c.RootGID()); err != nil { + if err := idtools.SafeChown(src, c.RootUID(), c.RootGID()); err != nil { return err } c.state.BindMounts[filepath.Join(runPath, "secrets")] = src @@ -2886,7 +2886,7 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error { return err } - if err := os.Lchown(mountPoint, uid, gid); err != nil { + if err := idtools.SafeLchown(mountPoint, uid, gid); err != nil { return err } @@ -2895,7 +2895,7 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error { st, err := os.Lstat(filepath.Join(c.state.Mountpoint, v.Dest)) if err == nil { if stat, ok := st.Sys().(*syscall.Stat_t); ok { - if err := os.Lchown(mountPoint, int(stat.Uid), int(stat.Gid)); err != nil { + if err := idtools.SafeLchown(mountPoint, int(stat.Uid), int(stat.Gid)); err != nil { return err } } From 07a7b3ae5d692ee84b90f7f4a90b2f7a2c44d2b7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 28 Nov 2023 01:59:00 +0000 Subject: [PATCH 074/170] fix(deps): update module golang.org/x/tools to v0.16.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- test/tools/go.mod | 2 +- test/tools/go.sum | 6 +- .../golang.org/x/sys/execabs/execabs.go | 102 --------- .../golang.org/x/sys/execabs/execabs_go118.go | 17 -- .../golang.org/x/sys/execabs/execabs_go119.go | 20 -- .../x/tools/cmd/goimports/goimports.go | 2 +- .../x/tools/internal/gocommand/invoke.go | 3 +- .../x/tools/internal/gopathwalk/walk.go | 206 +++++++++--------- test/tools/vendor/modules.txt | 3 +- 9 files changed, 115 insertions(+), 246 deletions(-) delete mode 100644 test/tools/vendor/golang.org/x/sys/execabs/execabs.go delete mode 100644 test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go delete mode 100644 test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go diff --git a/test/tools/go.mod b/test/tools/go.mod index cc136d419d72..3937ab459b4f 100644 --- a/test/tools/go.mod +++ b/test/tools/go.mod @@ -6,7 +6,7 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.3 github.com/onsi/ginkgo/v2 v2.13.1 github.com/vbatts/git-validation v1.2.1 - golang.org/x/tools v0.15.0 + golang.org/x/tools v0.16.0 ) require ( diff --git a/test/tools/go.sum b/test/tools/go.sum index 3c23ef1dbe3a..fdb8fe0c4e47 100644 --- a/test/tools/go.sum +++ b/test/tools/go.sum @@ -42,7 +42,7 @@ github.com/vbatts/git-validation v1.2.1 h1:O26LKWEtBOfnxKT/SAiFCAcQglKwyuZEKSq6A github.com/vbatts/git-validation v1.2.1/go.mod h1:isqpXnI2IUKUhoYIsHg5tDmtiEXoA7KJRVsAc4+XoYw= golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -50,8 +50,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= -golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= +golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= +golang.org/x/tools v0.16.0/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/test/tools/vendor/golang.org/x/sys/execabs/execabs.go b/test/tools/vendor/golang.org/x/sys/execabs/execabs.go deleted file mode 100644 index 3bf40fdfecd5..000000000000 --- a/test/tools/vendor/golang.org/x/sys/execabs/execabs.go +++ /dev/null @@ -1,102 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package execabs is a drop-in replacement for os/exec -// that requires PATH lookups to find absolute paths. -// That is, execabs.Command("cmd") runs the same PATH lookup -// as exec.Command("cmd"), but if the result is a path -// which is relative, the Run and Start methods will report -// an error instead of running the executable. -// -// See https://blog.golang.org/path-security for more information -// about when it may be necessary or appropriate to use this package. -package execabs - -import ( - "context" - "fmt" - "os/exec" - "path/filepath" - "reflect" - "unsafe" -) - -// ErrNotFound is the error resulting if a path search failed to find an executable file. -// It is an alias for exec.ErrNotFound. -var ErrNotFound = exec.ErrNotFound - -// Cmd represents an external command being prepared or run. -// It is an alias for exec.Cmd. -type Cmd = exec.Cmd - -// Error is returned by LookPath when it fails to classify a file as an executable. -// It is an alias for exec.Error. -type Error = exec.Error - -// An ExitError reports an unsuccessful exit by a command. -// It is an alias for exec.ExitError. -type ExitError = exec.ExitError - -func relError(file, path string) error { - return fmt.Errorf("%s resolves to executable in current directory (.%c%s)", file, filepath.Separator, path) -} - -// LookPath searches for an executable named file in the directories -// named by the PATH environment variable. If file contains a slash, -// it is tried directly and the PATH is not consulted. The result will be -// an absolute path. -// -// LookPath differs from exec.LookPath in its handling of PATH lookups, -// which are used for file names without slashes. If exec.LookPath's -// PATH lookup would have returned an executable from the current directory, -// LookPath instead returns an error. -func LookPath(file string) (string, error) { - path, err := exec.LookPath(file) - if err != nil && !isGo119ErrDot(err) { - return "", err - } - if filepath.Base(file) == file && !filepath.IsAbs(path) { - return "", relError(file, path) - } - return path, nil -} - -func fixCmd(name string, cmd *exec.Cmd) { - if filepath.Base(name) == name && !filepath.IsAbs(cmd.Path) && !isGo119ErrFieldSet(cmd) { - // exec.Command was called with a bare binary name and - // exec.LookPath returned a path which is not absolute. - // Set cmd.lookPathErr and clear cmd.Path so that it - // cannot be run. - lookPathErr := (*error)(unsafe.Pointer(reflect.ValueOf(cmd).Elem().FieldByName("lookPathErr").Addr().Pointer())) - if *lookPathErr == nil { - *lookPathErr = relError(name, cmd.Path) - } - cmd.Path = "" - } -} - -// CommandContext is like Command but includes a context. -// -// The provided context is used to kill the process (by calling os.Process.Kill) -// if the context becomes done before the command completes on its own. -func CommandContext(ctx context.Context, name string, arg ...string) *exec.Cmd { - cmd := exec.CommandContext(ctx, name, arg...) - fixCmd(name, cmd) - return cmd - -} - -// Command returns the Cmd struct to execute the named program with the given arguments. -// See exec.Command for most details. -// -// Command differs from exec.Command in its handling of PATH lookups, -// which are used when the program name contains no slashes. -// If exec.Command would have returned an exec.Cmd configured to run an -// executable from the current directory, Command instead -// returns an exec.Cmd that will return an error from Start or Run. -func Command(name string, arg ...string) *exec.Cmd { - cmd := exec.Command(name, arg...) - fixCmd(name, cmd) - return cmd -} diff --git a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go deleted file mode 100644 index 5627d70e3985..000000000000 --- a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go118.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2022 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build !go1.19 - -package execabs - -import "os/exec" - -func isGo119ErrDot(err error) bool { - return false -} - -func isGo119ErrFieldSet(cmd *exec.Cmd) bool { - return false -} diff --git a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go b/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go deleted file mode 100644 index d60ab1b41951..000000000000 --- a/test/tools/vendor/golang.org/x/sys/execabs/execabs_go119.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2022 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build go1.19 - -package execabs - -import ( - "errors" - "os/exec" -) - -func isGo119ErrDot(err error) bool { - return errors.Is(err, exec.ErrDot) -} - -func isGo119ErrFieldSet(cmd *exec.Cmd) bool { - return cmd.Err != nil -} diff --git a/test/tools/vendor/golang.org/x/tools/cmd/goimports/goimports.go b/test/tools/vendor/golang.org/x/tools/cmd/goimports/goimports.go index 3b6bd72503ea..dcb5023a2e72 100644 --- a/test/tools/vendor/golang.org/x/tools/cmd/goimports/goimports.go +++ b/test/tools/vendor/golang.org/x/tools/cmd/goimports/goimports.go @@ -11,10 +11,10 @@ import ( "flag" "fmt" "go/scanner" - exec "golang.org/x/sys/execabs" "io" "log" "os" + "os/exec" "path/filepath" "runtime" "runtime/pprof" diff --git a/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go b/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go index c27b91f8c7e6..55312522dc2d 100644 --- a/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go +++ b/test/tools/vendor/golang.org/x/tools/internal/gocommand/invoke.go @@ -13,6 +13,7 @@ import ( "io" "log" "os" + "os/exec" "reflect" "regexp" "runtime" @@ -21,8 +22,6 @@ import ( "sync" "time" - exec "golang.org/x/sys/execabs" - "golang.org/x/tools/internal/event" "golang.org/x/tools/internal/event/keys" "golang.org/x/tools/internal/event/label" diff --git a/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go b/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go index f79dd8cc3f59..52f74e643be7 100644 --- a/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go +++ b/test/tools/vendor/golang.org/x/tools/internal/gopathwalk/walk.go @@ -44,21 +44,18 @@ type Root struct { } // Walk walks Go source directories ($GOROOT, $GOPATH, etc) to find packages. -// For each package found, add will be called (concurrently) with the absolute +// For each package found, add will be called with the absolute // paths of the containing source directory and the package directory. -// add will be called concurrently. func Walk(roots []Root, add func(root Root, dir string), opts Options) { WalkSkip(roots, add, func(Root, string) bool { return false }, opts) } // WalkSkip walks Go source directories ($GOROOT, $GOPATH, etc) to find packages. -// For each package found, add will be called (concurrently) with the absolute +// For each package found, add will be called with the absolute // paths of the containing source directory and the package directory. -// For each directory that will be scanned, skip will be called (concurrently) +// For each directory that will be scanned, skip will be called // with the absolute paths of the containing source directory and the directory. // If skip returns false on a directory it will be processed. -// add will be called concurrently. -// skip will be called concurrently. func WalkSkip(roots []Root, add func(root Root, dir string), skip func(root Root, dir string) bool, opts Options) { for _, root := range roots { walkDir(root, add, skip, opts) @@ -115,7 +112,8 @@ type walker struct { skip func(Root, string) bool // The callback that will be invoked for every dir. dir is skipped if it returns true. opts Options // Options passed to Walk by the user. - ignoredDirs []string + pathSymlinks []os.FileInfo + ignoredDirs []string added map[string]bool } @@ -184,9 +182,24 @@ func (w *walker) shouldSkipDir(dir string) bool { } // walk walks through the given path. +// +// Errors are logged if w.opts.Logf is non-nil, but otherwise ignored: +// walk returns only nil or fs.SkipDir. func (w *walker) walk(path string, d fs.DirEntry, err error) error { - typ := d.Type() - if typ.IsRegular() { + if err != nil { + // We have no way to report errors back through Walk or WalkSkip, + // so just log and ignore them. + if w.opts.Logf != nil { + w.opts.Logf("%v", err) + } + if d == nil { + // Nothing more to do: the error prevents us from knowing + // what path even represents. + return nil + } + } + + if d.Type().IsRegular() { if !strings.HasSuffix(path, ".go") { return nil } @@ -204,118 +217,115 @@ func (w *walker) walk(path string, d fs.DirEntry, err error) error { } return nil } - if typ == os.ModeDir { + + if d.IsDir() { base := filepath.Base(path) if base == "" || base[0] == '.' || base[0] == '_' || base == "testdata" || (w.root.Type == RootGOROOT && w.opts.ModulesEnabled && base == "vendor") || (!w.opts.ModulesEnabled && base == "node_modules") { - return filepath.SkipDir + return fs.SkipDir } if w.shouldSkipDir(path) { - return filepath.SkipDir + return fs.SkipDir } return nil } - if typ == os.ModeSymlink && err == nil { + + if d.Type()&os.ModeSymlink != 0 { // TODO(bcmills): 'go list all' itself ignores symlinks within GOROOT/src // and GOPATH/src. Do we really need to traverse them here? If so, why? - if os.IsPathSeparator(path[len(path)-1]) { - // The OS was supposed to resolve a directory symlink but didn't. - // - // On macOS this may be caused by a known libc/kernel bug; - // see https://go.dev/issue/59586. - // - // On Windows before Go 1.21, this may be caused by a bug in - // os.Lstat (fixed in https://go.dev/cl/463177). - // - // In either case, we can work around the bug by walking this level - // explicitly: first the symlink target itself, then its contents. - - fi, err := os.Stat(path) - if err != nil || !fi.IsDir() { - return nil - } - err = w.walk(path, fs.FileInfoToDirEntry(fi), nil) - if err == filepath.SkipDir { - return nil - } else if err != nil { - return err - } + fi, err := os.Stat(path) + if err != nil || !fi.IsDir() { + // Not a directory. Just walk the file (or broken link) and be done. + return w.walk(path, fs.FileInfoToDirEntry(fi), err) + } - ents, _ := os.ReadDir(path) // ignore error if unreadable - for _, d := range ents { - nextPath := filepath.Join(path, d.Name()) - var err error - if d.IsDir() { - err = filepath.WalkDir(nextPath, w.walk) - } else { - err = w.walk(nextPath, d, nil) - if err == filepath.SkipDir { - break - } - } - if err != nil { - return err - } + // Avoid walking symlink cycles: if we have already followed a symlink to + // this directory as a parent of itself, don't follow it again. + // + // This doesn't catch the first time through a cycle, but it also minimizes + // the number of extra stat calls we make if we *don't* encounter a cycle. + // Since we don't actually expect to encounter symlink cycles in practice, + // this seems like the right tradeoff. + for _, parent := range w.pathSymlinks { + if os.SameFile(fi, parent) { + return nil } - return nil } - base := filepath.Base(path) - if strings.HasPrefix(base, ".#") { - // Emacs noise. + w.pathSymlinks = append(w.pathSymlinks, fi) + defer func() { + w.pathSymlinks = w.pathSymlinks[:len(w.pathSymlinks)-1] + }() + + // On some platforms the OS (or the Go os package) sometimes fails to + // resolve directory symlinks before a trailing slash + // (even though POSIX requires it to do so). + // + // On macOS that failure may be caused by a known libc/kernel bug; + // see https://go.dev/issue/59586. + // + // On Windows before Go 1.21, it may be caused by a bug in + // os.Lstat (fixed in https://go.dev/cl/463177). + // + // Since we need to handle this explicitly on broken platforms anyway, + // it is simplest to just always do that and not rely on POSIX pathname + // resolution to walk the directory (such as by calling WalkDir with + // a trailing slash appended to the path). + // + // Instead, we make a sequence of walk calls — directly and through + // recursive calls to filepath.WalkDir — simulating what WalkDir would do + // if the symlink were a regular directory. + + // First we call walk on the path as a directory + // (instead of a symlink). + err = w.walk(path, fs.FileInfoToDirEntry(fi), nil) + if err == fs.SkipDir { return nil + } else if err != nil { + // This should be impossible, but handle it anyway in case + // walk is changed to return other errors. + return err } - if w.shouldTraverse(path) { - // Add a trailing separator to traverse the symlink. - nextPath := path + string(filepath.Separator) - return filepath.WalkDir(nextPath, w.walk) - } - } - return nil -} - -// shouldTraverse reports whether the symlink fi, found in dir, -// should be followed. It makes sure symlinks were never visited -// before to avoid symlink loops. -func (w *walker) shouldTraverse(path string) bool { - if w.shouldSkipDir(path) { - return false - } - - ts, err := os.Stat(path) - if err != nil { - logf := w.opts.Logf - if logf == nil { - logf = log.Printf - } - logf("%v", err) - return false - } - if !ts.IsDir() { - return false - } - // Check for symlink loops by statting each directory component - // and seeing if any are the same file as ts. - for { - parent := filepath.Dir(path) - if parent == path { - // Made it to the root without seeing a cycle. - // Use this symlink. - return true - } - parentInfo, err := os.Stat(parent) + // Now read the directory and walk its entries. + ents, err := os.ReadDir(path) if err != nil { - return false + // Report the ReadDir error, as filepath.WalkDir would do. + err = w.walk(path, fs.FileInfoToDirEntry(fi), err) + if err == fs.SkipDir { + return nil + } else if err != nil { + return err // Again, should be impossible. + } + // Fall through and iterate over whatever entries we did manage to get. } - if os.SameFile(ts, parentInfo) { - // Cycle. Don't traverse. - return false + + for _, d := range ents { + nextPath := filepath.Join(path, d.Name()) + if d.IsDir() { + // We want to walk the whole directory tree rooted at nextPath, + // not just the single entry for the directory. + err := filepath.WalkDir(nextPath, w.walk) + if err != nil && w.opts.Logf != nil { + w.opts.Logf("%v", err) + } + } else { + err := w.walk(nextPath, d, nil) + if err == fs.SkipDir { + // Skip the rest of the entries in the parent directory of nextPath + // (that is, path itself). + break + } else if err != nil { + return err // Again, should be impossible. + } + } } - path = parent + return nil } + // Not a file, regular directory, or symlink; skip. + return nil } diff --git a/test/tools/vendor/modules.txt b/test/tools/vendor/modules.txt index e73ecd3ed9d4..812703c961a0 100644 --- a/test/tools/vendor/modules.txt +++ b/test/tools/vendor/modules.txt @@ -63,10 +63,9 @@ golang.org/x/mod/module golang.org/x/mod/semver # golang.org/x/sys v0.14.0 ## explicit; go 1.18 -golang.org/x/sys/execabs golang.org/x/sys/unix golang.org/x/sys/windows -# golang.org/x/tools v0.15.0 +# golang.org/x/tools v0.16.0 ## explicit; go 1.18 golang.org/x/tools/cmd/goimports golang.org/x/tools/go/ast/astutil From b39f76474309911933c29eba29e3b5ac6c874cbd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 28 Nov 2023 10:08:56 +0000 Subject: [PATCH 075/170] fix(deps): update module github.com/gorilla/schema to v1.2.1 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +-- .../github.com/gorilla/schema/.editorconfig | 20 +++++++++++ vendor/github.com/gorilla/schema/.gitignore | 1 + vendor/github.com/gorilla/schema/LICENSE | 2 +- vendor/github.com/gorilla/schema/Makefile | 34 +++++++++++++++++++ vendor/github.com/gorilla/schema/README.md | 12 ++++--- vendor/github.com/gorilla/schema/cache.go | 12 +++---- vendor/github.com/gorilla/schema/decoder.go | 2 +- vendor/github.com/gorilla/schema/encoder.go | 18 ++++++++-- vendor/modules.txt | 4 +-- 11 files changed, 91 insertions(+), 20 deletions(-) create mode 100644 vendor/github.com/gorilla/schema/.editorconfig create mode 100644 vendor/github.com/gorilla/schema/.gitignore create mode 100644 vendor/github.com/gorilla/schema/Makefile diff --git a/go.mod b/go.mod index a79561bda278..9bf99b3c0a8a 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( github.com/google/uuid v1.4.0 github.com/gorilla/handlers v1.5.2 github.com/gorilla/mux v1.8.1 - github.com/gorilla/schema v1.2.0 + github.com/gorilla/schema v1.2.1 github.com/hashicorp/go-multierror v1.1.1 github.com/hugelgupf/p9 v0.3.1-0.20230822151754-54f5c5530921 github.com/json-iterator/go v1.1.12 diff --git a/go.sum b/go.sum index b94dfd9f17a8..0f7e05d4d97c 100644 --- a/go.sum +++ b/go.sum @@ -619,8 +619,8 @@ github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2z github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= -github.com/gorilla/schema v1.2.0 h1:YufUaxZYCKGFuAq3c96BOhjgd5nmXiOY9NGzF247Tsc= -github.com/gorilla/schema v1.2.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU= +github.com/gorilla/schema v1.2.1 h1:tjDxcmdb+siIqkTNoV+qRH2mjYdr2hHe5MKXbp61ziM= +github.com/gorilla/schema v1.2.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= diff --git a/vendor/github.com/gorilla/schema/.editorconfig b/vendor/github.com/gorilla/schema/.editorconfig new file mode 100644 index 000000000000..c6b74c3e0d0c --- /dev/null +++ b/vendor/github.com/gorilla/schema/.editorconfig @@ -0,0 +1,20 @@ +; https://editorconfig.org/ + +root = true + +[*] +insert_final_newline = true +charset = utf-8 +trim_trailing_whitespace = true +indent_style = space +indent_size = 2 + +[{Makefile,go.mod,go.sum,*.go,.gitmodules}] +indent_style = tab +indent_size = 4 + +[*.md] +indent_size = 4 +trim_trailing_whitespace = false + +eclint_indent_style = unset \ No newline at end of file diff --git a/vendor/github.com/gorilla/schema/.gitignore b/vendor/github.com/gorilla/schema/.gitignore new file mode 100644 index 000000000000..84039fec6877 --- /dev/null +++ b/vendor/github.com/gorilla/schema/.gitignore @@ -0,0 +1 @@ +coverage.coverprofile diff --git a/vendor/github.com/gorilla/schema/LICENSE b/vendor/github.com/gorilla/schema/LICENSE index 0e5fb872800d..bb9d80bc9b6b 100644 --- a/vendor/github.com/gorilla/schema/LICENSE +++ b/vendor/github.com/gorilla/schema/LICENSE @@ -1,4 +1,4 @@ -Copyright (c) 2012 Rodrigo Moraes. All rights reserved. +Copyright (c) 2023 The Gorilla Authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are diff --git a/vendor/github.com/gorilla/schema/Makefile b/vendor/github.com/gorilla/schema/Makefile new file mode 100644 index 000000000000..98f5ab75f9d7 --- /dev/null +++ b/vendor/github.com/gorilla/schema/Makefile @@ -0,0 +1,34 @@ +GO_LINT=$(shell which golangci-lint 2> /dev/null || echo '') +GO_LINT_URI=github.com/golangci/golangci-lint/cmd/golangci-lint@latest + +GO_SEC=$(shell which gosec 2> /dev/null || echo '') +GO_SEC_URI=github.com/securego/gosec/v2/cmd/gosec@latest + +GO_VULNCHECK=$(shell which govulncheck 2> /dev/null || echo '') +GO_VULNCHECK_URI=golang.org/x/vuln/cmd/govulncheck@latest + +.PHONY: golangci-lint +golangci-lint: + $(if $(GO_LINT), ,go install $(GO_LINT_URI)) + @echo "##### Running golangci-lint" + golangci-lint run -v + +.PHONY: gosec +gosec: + $(if $(GO_SEC), ,go install $(GO_SEC_URI)) + @echo "##### Running gosec" + gosec ./... + +.PHONY: govulncheck +govulncheck: + $(if $(GO_VULNCHECK), ,go install $(GO_VULNCHECK_URI)) + @echo "##### Running govulncheck" + govulncheck ./... + +.PHONY: verify +verify: golangci-lint gosec govulncheck + +.PHONY: test +test: + @echo "##### Running tests" + go test -race -cover -coverprofile=coverage.coverprofile -covermode=atomic -v ./... \ No newline at end of file diff --git a/vendor/github.com/gorilla/schema/README.md b/vendor/github.com/gorilla/schema/README.md index aefdd669967d..dbeff3d0c8ca 100644 --- a/vendor/github.com/gorilla/schema/README.md +++ b/vendor/github.com/gorilla/schema/README.md @@ -1,8 +1,12 @@ -schema -====== -[![GoDoc](https://godoc.org/github.com/gorilla/schema?status.svg)](https://godoc.org/github.com/gorilla/schema) [![Build Status](https://travis-ci.org/gorilla/schema.png?branch=master)](https://travis-ci.org/gorilla/schema) -[![Sourcegraph](https://sourcegraph.com/github.com/gorilla/schema/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/schema?badge) +# gorilla/schema +![testing](https://github.com/gorilla/schema/actions/workflows/test.yml/badge.svg) +[![codecov](https://codecov.io/github/gorilla/schema/branch/main/graph/badge.svg)](https://codecov.io/github/gorilla/schema) +[![godoc](https://godoc.org/github.com/gorilla/schema?status.svg)](https://godoc.org/github.com/gorilla/schema) +[![sourcegraph](https://sourcegraph.com/github.com/gorilla/schema/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/schema?badge) + + +![Gorilla Logo](https://github.com/gorilla/.github/assets/53367916/d92caabf-98e0-473e-bfbf-ab554ba435e5) Package gorilla/schema converts structs to and from form values. diff --git a/vendor/github.com/gorilla/schema/cache.go b/vendor/github.com/gorilla/schema/cache.go index 0746c1202cba..bf21697cf191 100644 --- a/vendor/github.com/gorilla/schema/cache.go +++ b/vendor/github.com/gorilla/schema/cache.go @@ -12,7 +12,7 @@ import ( "sync" ) -var invalidPath = errors.New("schema: invalid path") +var errInvalidPath = errors.New("schema: invalid path") // newCache returns a new cache. func newCache() *cache { @@ -53,13 +53,13 @@ func (c *cache) parsePath(p string, t reflect.Type) ([]pathPart, error) { keys := strings.Split(p, ".") for i := 0; i < len(keys); i++ { if t.Kind() != reflect.Struct { - return nil, invalidPath + return nil, errInvalidPath } if struc = c.get(t); struc == nil { - return nil, invalidPath + return nil, errInvalidPath } if field = struc.get(keys[i]); field == nil { - return nil, invalidPath + return nil, errInvalidPath } // Valid field. Append index. path = append(path, field.name) @@ -72,10 +72,10 @@ func (c *cache) parsePath(p string, t reflect.Type) ([]pathPart, error) { // So checking i+2 is not necessary anymore. i++ if i+1 > len(keys) { - return nil, invalidPath + return nil, errInvalidPath } if index64, err = strconv.ParseInt(keys[i], 10, 0); err != nil { - return nil, invalidPath + return nil, errInvalidPath } parts = append(parts, pathPart{ path: path, diff --git a/vendor/github.com/gorilla/schema/decoder.go b/vendor/github.com/gorilla/schema/decoder.go index 025e438b561a..28b560bbbb5b 100644 --- a/vendor/github.com/gorilla/schema/decoder.go +++ b/vendor/github.com/gorilla/schema/decoder.go @@ -193,7 +193,7 @@ func (d *Decoder) decode(v reflect.Value, path string, parts []pathPart, values if v.Type().Kind() == reflect.Struct { for i := 0; i < v.NumField(); i++ { field := v.Field(i) - if field.Type().Kind() == reflect.Ptr && field.IsNil() && v.Type().Field(i).Anonymous == true { + if field.Type().Kind() == reflect.Ptr && field.IsNil() && v.Type().Field(i).Anonymous { field.Set(reflect.New(field.Type().Elem())) } } diff --git a/vendor/github.com/gorilla/schema/encoder.go b/vendor/github.com/gorilla/schema/encoder.go index f0ed63121002..51f0a78ca475 100644 --- a/vendor/github.com/gorilla/schema/encoder.go +++ b/vendor/github.com/gorilla/schema/encoder.go @@ -3,6 +3,7 @@ package schema import ( "errors" "fmt" + "log" "reflect" "strconv" ) @@ -93,8 +94,11 @@ func (e *Encoder) encode(v reflect.Value, dst map[string][]string) error { } // Encode struct pointer types if the field is a valid pointer and a struct. - if isValidStructPointer(v.Field(i)) { - e.encode(v.Field(i).Elem(), dst) + if isValidStructPointer(v.Field(i)) && !e.hasCustomEncoder(v.Field(i).Type()) { + err := e.encode(v.Field(i).Elem(), dst) + if err != nil { + log.Fatal(err) + } continue } @@ -112,7 +116,10 @@ func (e *Encoder) encode(v reflect.Value, dst map[string][]string) error { } if v.Field(i).Type().Kind() == reflect.Struct { - e.encode(v.Field(i), dst) + err := e.encode(v.Field(i), dst) + if err != nil { + log.Fatal(err) + } continue } @@ -142,6 +149,11 @@ func (e *Encoder) encode(v reflect.Value, dst map[string][]string) error { return nil } +func (e *Encoder) hasCustomEncoder(t reflect.Type) bool { + _, exists := e.regenc[t] + return exists +} + func typeEncoder(t reflect.Type, reg map[reflect.Type]encoderFunc) encoderFunc { if f, ok := reg[t]; ok { return f diff --git a/vendor/modules.txt b/vendor/modules.txt index 0a50ac2a1516..cf8b0642f42c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -664,8 +664,8 @@ github.com/gorilla/handlers # github.com/gorilla/mux v1.8.1 ## explicit; go 1.20 github.com/gorilla/mux -# github.com/gorilla/schema v1.2.0 -## explicit +# github.com/gorilla/schema v1.2.1 +## explicit; go 1.20 github.com/gorilla/schema # github.com/hashicorp/errwrap v1.1.0 ## explicit From 13e548820e292f67c3b5f1e42b1822133258e3fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erik=20Sj=C3=B6lund?= Date: Mon, 27 Nov 2023 17:07:47 +0100 Subject: [PATCH 076/170] [CI:DOCS] performance: document sometimes slow native overlayfs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Erik Sjölund --- docs/tutorials/performance.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/tutorials/performance.md b/docs/tutorials/performance.md index a2ce912f3c10..62258be3dfff 100644 --- a/docs/tutorials/performance.md +++ b/docs/tutorials/performance.md @@ -65,6 +65,24 @@ The following storage drivers are listed from fastest to slowest: 2. fuse-overlayfs 3. vfs +There is one notable exception to this speed ranking. +Creating a container takes significantly longer with _native overlayfs_ than _fuse-overlayfs_ +when these conditions are all met: + +* rootless Podman is used +* a modified UID/GID mapping is used +* _native overlayfs_ is used +* no container has yet been created with the specified container image and UID/GID mapping + +Runtime speed is not affected. Only __podman create__ and the container creation phases of +__podman run__ and __podman build__ are affected. +For more details, see [GitHub comment](https://github.com/containers/podman/issues/16541#issuecomment-1352790422). +Command-line options that modify the UID/GID mapping are for example __--userns__, __--uidmap__ and __--gidmap__. +The command-line option `--userns auto` is particularly affected by this performance penalty, +because different UID/GID mappings could potentially be used on each invocation. For other uses of +__--userns__, __--uidmap__ and __--gidmap__ the performance penalty is a one-time cost +that only occurs the first time the command is run. + Using native overlayfs as an unprivileged user is only available for Podman version >= 3.1 on a Linux kernel version >= 5.12. To show the current storage driver From c664cfe886c29084dbd6d3d7405c479b74dae361 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Tue, 21 Nov 2023 08:48:33 -0700 Subject: [PATCH 077/170] [systests] podman mount no-dereference: complete rewrite Existing test was very good, but as a multidimensional table it was unmaintainable... and actually missed one corner case. This version isn't much better. It's far longer, codewise. It is a little harder to understand at first glance. It has three uncomfortable magic conditionals. But I believe it is more long-term maintainable: beyond the first glance, it is possible for a human to check it for correctness. It is also extensible, as proved by the new test cases I added. Signed-off-by: Ed Santiago --- test/system/060-mount.bats | 199 +++++++++++++++++++++++++++---------- 1 file changed, 149 insertions(+), 50 deletions(-) diff --git a/test/system/060-mount.bats b/test/system/060-mount.bats index 3bb699421dd1..4cb880feb5a3 100644 --- a/test/system/060-mount.bats +++ b/test/system/060-mount.bats @@ -330,73 +330,172 @@ EOF skip "only crun supports the no-dereference (copy-symlink) mount option" fi - # One directory for testing relative symlinks, another for absolute ones. - rel_dir=$PODMAN_TMPDIR/rel-dir - abs_dir=$PODMAN_TMPDIR/abs-dir - mkdir $rel_dir $abs_dir - - # Create random values to discrimate data in the rel/abs directory and the - # one from the image. - rel_random_host="rel_on_the_host_$(random_string 15)" - abs_random_host="abs_on_the_host_$(random_string 15)" - random_img="on_the_image_$(random_string 15)" - - # Relative symlink - echo "$rel_random_host" > $rel_dir/data - ln -r -s $rel_dir/data $rel_dir/link - # Absolute symlink - echo "$abs_random_host" > $abs_dir/data - ln -s $abs_dir/data $abs_dir/link + # Contents of the file 'data' inside the container image. + declare -A datacontent=( + [img]="data file inside the IMAGE - $(random_string 15)" + ) + # Purpose of the image is so "link -> data" can point to an existing + # file whether or not "data" is mounted. dockerfile=$PODMAN_TMPDIR/Dockerfile cat >$dockerfile < /tmp/data +RUN mkdir /mountroot && echo ${datacontent[img]} > /mountroot/data EOF img="localhost/preserve:symlinks" run_podman build -t $img -f $dockerfile - link_path="/tmp/link" - create_path="/tmp/i/do/not/exist/link" - + # Each test is set up in exactly the same way: + # + # / + # ├── mountdir/ <----- this is always the source dir + # │ ├── data + # │ └── link -> ????? + # └── otherdir/ + # └── data + # + # The test is run in a container that has its own /mountroot/data file, + # so in some situations 'link -> data' will get the container's + # data file, in others it'll be the host's, and in others, ENOENT. + # + # There are four options for 'link': -> data in mountdir (same dir) + # or otherdir, and, relative or absolute. Then, for each of those + # permutations, run with and without no-dereference. (With no-dereference, + # only the first of these options is valid, link->data. The other three + # appear in the container as link->path-not-in-container) + # + # Finally, the table below defines a number of variations of mount + # type (bind, glob); mount source (just the link, a glob, or entire + # directory); and mount destination. These are the variations that + # introduce complexity, hence the special cases in the innermost loop. + # + # Table format: + # + # mount type | mount source | mount destination | what_is_data | enoents + # + # The what_is_data column indicates whether the file "data" in the + # container will be the image's copy ("img") or the one from the host + # ("in", referring to the source directory). "-" means N/A, no data file. + # + # The enoent column is a space-separated list of patterns to search for + # in the test description. When these match, "link" will point to a + # path that does not exist in the directory, and we should expect cat + # to result in ENOENT. + # tests=" -0 | bind | $rel_dir/link | /tmp/link | | /tmp/link | $rel_random_host | $link_path | bind mount relative symlink: mounts target from the host -0 | bind | $abs_dir/link | /tmp/link | | /tmp/link | $abs_random_host | $link_path | bind mount absolute symlink: mounts target from the host -0 | glob | $rel_dir/lin* | /tmp/ | | /tmp/link | $rel_random_host | $link_path | glob mount relative symlink: mounts target from the host -0 | glob | $abs_dir/lin* | /tmp/ | | /tmp/link | $abs_random_host | $link_path | glob mount absolute symlink: mounts target from the host -0 | glob | $rel_dir/* | /tmp/ | | /tmp/link | $rel_random_host | $link_path | glob mount entire directory: mounts relative target from the host -0 | glob | $abs_dir/* | /tmp/ | | /tmp/link | $abs_random_host | $link_path | glob mount entire directory: mounts absolute target from the host -0 | bind | $rel_dir/link | /tmp/link | ,no-dereference | '/tmp/link' -> 'data' | $random_img | $link_path | no_deref: bind mount relative symlink: points to file on the image -0 | glob | $rel_dir/lin* | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $random_img | $link_path | no_deref: glob mount relative symlink: points to file on the image -0 | bind | $rel_dir/ | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $rel_random_host | $link_path | no_deref: bind mount the entire directory: preserves symlink automatically -0 | glob | $rel_dir/* | /tmp/ | ,no-dereference | '/tmp/link' -> 'data' | $rel_random_host | $link_path | no_deref: glob mount the entire directory: preserves symlink automatically -1 | bind | $abs_dir/link | /tmp/link | ,no-dereference | '/tmp/link' -> '$abs_dir/data' | cat: can't open '/tmp/link': No such file or directory | $link_path | bind mount *preserved* absolute symlink: now points to a non-existent file on the container -1 | glob | $abs_dir/lin* | /tmp/ | ,no-dereference | '/tmp/link' -> '$abs_dir/data' | cat: can't open '/tmp/link': No such file or directory | $link_path | glob mount *preserved* absolute symlink: now points to a non-existent file on the container -0 | bind | $rel_dir/link | $create_path | | $create_path | $rel_random_host | $create_path | bind mount relative symlink: creates dirs and mounts target from the host -1 | bind | $rel_dir/link | $create_path | ,no-dereference | '$create_path' -> 'data' | cat: can't open '$create_path': No such file or directory | $create_path | no_deref: bind mount relative symlink: creates dirs and mounts target from the host +bind | /link | /mountroot/link | img +bind | /link | /i/do/not/exist/link | - | relative.*no-dereference +bind | / | /mountroot/ | in | absolute out +glob | /lin* | /mountroot/ | img +glob | /* | /mountroot/ | in " - while read exit_code mount_type mount_src mount_dst mount_opts line_0 line_1 path description; do - if [[ $mount_opts == "''" ]];then - unset mount_opts - fi - run_podman $exit_code run \ - --mount type=$mount_type,src=$mount_src,dst=$mount_dst$mount_opts \ - --rm --privileged $img sh -c "stat -c '%N' $path; cat $path" - assert "${lines[0]}" = "$line_0" "$description" - assert "${lines[1]}" = "$line_1" "$description" + defer-assertion-failures + + while read mount_type mount_source mount_dest what_is_data enoents; do + # link pointing inside the same directory, or outside + for in_out in "in" "out"; do + # relative symlink or absolute + for rel_abs in "relative" "absolute"; do + # Generate fresh new content for each data file (the in & out ones) + datacontent[in]="data file in the SAME DIRECTORY - $(random_string 15)" + datacontent[out]="data file OUTSIDE the tree - $(random_string 15)" + + # Populate data files in and out our tree + local condition="${rel_abs:0:3}-${in_out}" + local sourcedir="$PODMAN_TMPDIR/$condition" + rm -rf $sourcedir $PODMAN_TMPDIR/outside-the-tree + mkdir $sourcedir $PODMAN_TMPDIR/outside-the-tree + echo "${datacontent[in]}" > "$sourcedir/data" + echo "${datacontent[out]}" > "$PODMAN_TMPDIR/outside-the-tree/data" + + # Create the symlink itself (in the in-dir of course) + local target + case "$condition" in + rel-in) target="data" ;; + rel-out) target="../outside-the-tree/data" ;; + abs-in) target="$sourcedir/data" ;; + abs-out) target="$PODMAN_TMPDIR/outside-the-tree/data" ;; + *) die "Internal error, invalid condition '$condition'" ;; + esac + ln -s $target "$sourcedir/link" + + # Absolute path to 'link' inside the container. What we stat & cat. + local containerpath="$mount_dest" + if [[ ! $containerpath =~ /link$ ]]; then + containerpath="${containerpath}link" + fi + + # Now test with no args (mounts link CONTENT) and --no-dereference + # (mounts symlink AS A SYMLINK) + for mount_opts in "" ",no-dereference"; do + local description="$mount_type mount $mount_source -> $mount_dest ($in_out), $rel_abs $mount_opts" + + # Expected exit status. Almost always success. + local exit_code=0 + + # Without --no-dereference, we always expect exactly the same, + # because podman mounts "link" as a data file... + local expect_stat="$containerpath" + local expect_cat="${datacontent[$in_out]}" + # ...except when bind-mounting link's parent directory: "link" + # is mounted as a link, and host's "data" file overrides the image + if [[ $mount_source = '/' ]]; then + expect_stat="'$containerpath' -> '$target'" + fi + + # With --no-dereference... + if [[ -n "$mount_opts" ]]; then + # stat() is always the same (symlink and its target) .... + expect_stat="'$containerpath' -> '$target'" + + # ...and the only valid case for cat is same-dir relative: + if [[ "$condition" = "rel-in" ]]; then + expect_cat="${datacontent[$what_is_data]}" + else + # All others are ENOENT, because link -> nonexistent-path + exit_code=1 + fi + fi + + for ex in $enoents; do + if grep -q -w -E "$ex" <<<"$description"; then + exit_code=1 + fi + done + if [[ $exit_code -eq 1 ]]; then + expect_cat="cat: can't open '$containerpath': No such file or directory" + fi + + run_podman $exit_code run \ + --mount type=$mount_type,src="$sourcedir$mount_source",dst="$mount_dest$mount_opts" \ + --rm --privileged $img sh -c "stat -c '%N' $containerpath; cat $containerpath" + assert "${lines[0]}" = "$expect_stat" "$description -- stat $containerpath" + assert "${lines[1]}" = "$expect_cat" "$description -- cat $containerpath" + done + done + done done < <(parse_table "$tests") - # Make sure that it's presvered across starts and stops - run_podman create --mount type=glob,src=$rel_dir/*,dst=/tmp/,no-dereference --privileged $img sh -c "stat -c '%N' /tmp/link; cat /tmp/link" + immediate-assertion-failures + + # Make sure that links are preserved across starts and stops + local workdir=$PODMAN_TMPDIR/test-restart + mkdir $workdir + local datafile="data-$(random_string 5)" + local datafile_contents="What we expect to see, $(random_string 20)" + echo "$datafile_contents" > $workdir/$datafile + ln -s $datafile $workdir/link + + run_podman create --mount type=glob,src=$workdir/*,dst=/mountroot/,no-dereference --privileged $img sh -c "stat -c '%N' /mountroot/link; cat /mountroot/link" cid="$output" run_podman start -a $cid - assert "${lines[0]}" = "'/tmp/link' -> 'data'" "symlink is preserved" - assert "${lines[1]}" = "$rel_random_host" "glob macthes symlink and host 'data' file" + assert "${lines[0]}" = "'/mountroot/link' -> '$datafile'" "symlink is preserved, on start" + assert "${lines[1]}" = "$datafile_contents" "glob matches symlink and host 'data' file, on start" run_podman start -a $cid - assert "${lines[0]}" = "'/tmp/link' -> 'data'" "symlink is preserved" - assert "${lines[1]}" = "$rel_random_host" "glob macthes symlink and host 'data' file" + assert "${lines[0]}" = "'/mountroot/link' -> '$datafile'" "symlink is preserved, on restart" + assert "${lines[1]}" = "$datafile_contents" "glob matches symlink and host 'data' file, on restart" run_podman rm -f -t=0 $cid run_podman rmi -f $img From 6b2f48129e172d1bea6d174647e21f94a1c63aff Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Thu, 23 Nov 2023 18:26:17 +0200 Subject: [PATCH 078/170] Quadlet - Add support for .pod units Add support for .pod unit files with only PodmanArgs, GlobalArgs, ContainersConfModule and PodName Add support for linking .container units with .pod ones Add e2e and system tests Add to man page Signed-off-by: Ygal Blum --- cmd/quadlet/main.go | 25 +++- docs/source/markdown/podman-systemd.unit.5.md | 97 ++++++++++++- pkg/systemd/quadlet/quadlet.go | 135 +++++++++++++++++- test/e2e/quadlet/basic.pod | 9 ++ test/e2e/quadlet/name.pod | 4 + test/e2e/quadlet/pod.non-quadlet.container | 6 + test/e2e/quadlet/pod.not-found.container | 6 + test/e2e/quadlet/podmanargs.pod | 13 ++ test/e2e/quadlet_test.go | 68 +++++++++ test/system/252-quadlet.bats | 58 ++++++++ test/system/helpers.bash | 28 ++++ test/system/helpers.systemd.bash | 2 + 12 files changed, 444 insertions(+), 7 deletions(-) create mode 100644 test/e2e/quadlet/basic.pod create mode 100644 test/e2e/quadlet/name.pod create mode 100644 test/e2e/quadlet/pod.non-quadlet.container create mode 100644 test/e2e/quadlet/pod.not-found.container create mode 100644 test/e2e/quadlet/podmanargs.pod diff --git a/cmd/quadlet/main.go b/cmd/quadlet/main.go index b36997b32a73..491d8eb3cb87 100644 --- a/cmd/quadlet/main.go +++ b/cmd/quadlet/main.go @@ -54,6 +54,7 @@ var ( ".kube": 3, ".network": 2, ".image": 1, + ".pod": 4, } ) @@ -389,6 +390,23 @@ func warnIfAmbiguousName(unit *parser.UnitFile, group string) { } } +func generatePodsInfoMap(units []*parser.UnitFile) map[string]*quadlet.PodInfo { + podsInfoMap := make(map[string]*quadlet.PodInfo) + for _, unit := range units { + if !strings.HasSuffix(unit.Filename, ".pod") { + continue + } + + serviceName := quadlet.GetPodServiceName(unit) + podsInfoMap[unit.Filename] = &quadlet.PodInfo{ + ServiceName: serviceName, + Containers: make([]string, 0), + } + } + + return podsInfoMap +} + func main() { if err := process(); err != nil { Logf("%s", err.Error()) @@ -478,6 +496,9 @@ func process() error { return getOrder(i) < getOrder(j) }) + // Generate the PodsInfoMap to allow containers to link to their pods and add themselves to the pod's containers list + podsInfoMap := generatePodsInfoMap(units) + // A map of network/volume unit file-names, against their calculated names, as needed by Podman. var resourceNames = make(map[string]string) @@ -489,7 +510,7 @@ func process() error { switch { case strings.HasSuffix(unit.Filename, ".container"): warnIfAmbiguousName(unit, quadlet.ContainerGroup) - service, err = quadlet.ConvertContainer(unit, resourceNames, isUserFlag) + service, err = quadlet.ConvertContainer(unit, resourceNames, isUserFlag, podsInfoMap) case strings.HasSuffix(unit.Filename, ".volume"): warnIfAmbiguousName(unit, quadlet.VolumeGroup) service, name, err = quadlet.ConvertVolume(unit, unit.Filename, resourceNames) @@ -500,6 +521,8 @@ func process() error { case strings.HasSuffix(unit.Filename, ".image"): warnIfAmbiguousName(unit, quadlet.ImageGroup) service, name, err = quadlet.ConvertImage(unit) + case strings.HasSuffix(unit.Filename, ".pod"): + service, err = quadlet.ConvertPod(unit, unit.Filename, podsInfoMap) default: Logf("Unsupported file type %q", unit.Filename) continue diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 79659ded24fa..7f0e7d3f8251 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -6,7 +6,7 @@ podman\-systemd.unit - systemd units using Podman Quadlet ## SYNOPSIS -*name*.container, *name*.volume, *name*.network, *name*.kube *name*.image +*name*.container, *name*.volume, *name*.network, *name*.kube *name*.image, *name*.pod ### Podman unit search path @@ -35,13 +35,11 @@ the [Service] table and [Install] tables pass directly to systemd and are handle See systemd.unit(5) man page for more information. The Podman generator reads the search paths above and reads files with the extensions `.container` -`.volume` and `*.kube`, and for each file generates a similarly named `.service` file. Be aware that +`.volume`, `.network`, `.pod` and `.kube`, and for each file generates a similarly named `.service` file. Be aware that existing vendor services (i.e., in `/usr/`) are replaced if they have the same name. The generated unit files can be started and managed with `systemctl` like any other systemd service. `systemctl {--user} list-unit-files` lists existing unit files on the system. -Files with the `.network` extension are only read if they are mentioned in a `.container` file. See the `Network=` key. - The Podman files use the same format as [regular systemd unit files](https://www.freedesktop.org/software/systemd/man/systemd.syntax.html). Each file type has a custom section (for example, `[Container]`) that is handled by Podman, and all other sections are passed on untouched, allowing the use of any normal systemd configuration options @@ -72,7 +70,8 @@ Quadlet requires the use of cgroup v2, use `podman info --format {{.Host.Cgroups ### Service Type By default, the `Type` field of the `Service` section of the Quadlet file does not need to be set. -Quadlet will set it to `notify` for `.container` and `.kube` files and to `oneshot` for `.volume`, `.network` and `.image` files. +Quadlet will set it to `notify` for `.container` and `.kube` files, +`forking` for `.pod` files, and `oneshot` for `.volume`, `.network` and `.image` files. However, `Type` may be explicitly set to `oneshot` for `.container` and `.kube` files when no containers are expected to run once `podman` exits. @@ -190,6 +189,7 @@ Valid options for `[Container]` are listed below: | Rootfs=/var/lib/rootfs | --rootfs /var/lib/rootfs | | Notify=true | --sdnotify container | | PidsLimit=10000 | --pids-limit 10000 | +| Pod=pod-name | --pod=pod-name | | PodmanArgs=--add-host foobar | --add-host foobar | | PublishPort=50-59 | --publish 50-59 | | Pull=never | --pull=never | @@ -501,6 +501,14 @@ of startup on its own. Tune the container's pids limit. This is equivalent to the Podman `--pids-limit` option. +### `Pod=` + +Specify a Quadlet `.pod` unit to link the container to. +The value must take the form of `.pod` and the `.pod` unit must exist. + +Quadlet will add all the necessary parameters to link between the container and the pod and between their corresponding services. + + ### `PodmanArgs=` This key contains a list of arguments passed directly to the end of the `podman run` command @@ -658,6 +666,69 @@ Working directory inside the container. The default working directory for running binaries within a container is the root directory (/). The image developer can set a different default with the WORKDIR instruction. This option overrides the working directory by using the -w option. +## Pod units [Pod] + +Pod units are named with a `.pod` extension and contain a `[Pod]` section describing +the pod that is created and run as a service. The resulting service file contains a line like +`ExecStartPre=podman pod create …`, and most of the keys in this section control the command-line +options passed to Podman. + +By default, the Podman pod has the same name as the unit, but with a `systemd-` prefix, i.e. +a `$name.pod` file creates a `$name-pod.service` unit and a `systemd-$name` Podman pod. The +`PodName` option allows for overriding this default name with a user-provided one. + +Valid options for `[Container]` are listed below: + +| **[Pod] options** | **podman container create equivalent** | +|-------------------------------------|----------------------------------------| +| ContainersConfModule=/etc/nvd\.conf | --module=/etc/nvd\.conf | +| GlobalArgs=--log-level=debug | --log-level=debug | +| PodmanArgs=\-\-cpus=2 | --cpus=2 | +| PodName=name | --name=name | + +Supported keys in the `[Pod]` section are: + +### `ContainersConfModule=` + +Load the specified containers.conf(5) module. Equivalent to the Podman `--module` option. + +This key can be listed multiple times. + +### `GlobalArgs=` + +This key contains a list of arguments passed directly between `podman` and `kube` +in the generated file (right before the image name in the command line). It can be used to +access Podman features otherwise unsupported by the generator. Since the generator is unaware +of what unexpected interactions can be caused by these arguments, it is not recommended to use +this option. + +The format of this is a space separated list of arguments, which can optionally be individually +escaped to allow inclusion of whitespace and other control characters. + +This key can be listed multiple times. + +### `PodmanArgs=` + +This key contains a list of arguments passed directly to the end of the `podman kube play` command +in the generated file (right before the path to the yaml file in the command line). It can be used to +access Podman features otherwise unsupported by the generator. Since the generator is unaware +of what unexpected interactions can be caused by these arguments, is not recommended to use +this option. + +The format of this is a space separated list of arguments, which can optionally be individually +escaped to allow inclusion of whitespace and other control characters. + +This key can be listed multiple times. + +### `PodName=` + +The (optional) name of the Podman pod. If this is not specified, the default value +of `systemd-%N` is used, which is the same as the service name but with a `systemd-` +prefix to avoid conflicts with user-managed containers. + +Please note that pods and containers cannot have the same name. +So, if PodName is set, it must not conflict with any container. + ## Kube units [Kube] Kube units are named with a `.kube` extension and contain a `[Kube]` section describing @@ -1295,6 +1366,22 @@ IPRange=172.16.0.0/28 Label=org.test.Key=value ``` +Example for Container in a Pod: + +`test.pod` +``` +[Pod] +PodName=test +``` + +`centos.container` +``` +[Container] +Image=quay.io/centos/centos:latest +Exec=sh -c "sleep inf" +Pod=test.pod +``` + ## SEE ALSO **[systemd.unit(5)](https://www.freedesktop.org/software/systemd/man/systemd.unit.html)**, **[systemd.service(5)](https://www.freedesktop.org/software/systemd/man/systemd.service.html)**, diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 26e1745b1e98..93ae66398bf5 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -29,6 +29,7 @@ const ( InstallGroup = "Install" KubeGroup = "Kube" NetworkGroup = "Network" + PodGroup = "Pod" ServiceGroup = "Service" UnitGroup = "Unit" VolumeGroup = "Volume" @@ -36,6 +37,7 @@ const ( XContainerGroup = "X-Container" XKubeGroup = "X-Kube" XNetworkGroup = "X-Network" + XPodGroup = "X-Pod" XVolumeGroup = "X-Volume" XImageGroup = "X-Image" ) @@ -114,6 +116,8 @@ const ( KeyOS = "OS" KeyPidsLimit = "PidsLimit" KeyPodmanArgs = "PodmanArgs" + KeyPodName = "PodName" + KeyPod = "Pod" KeyPublishPort = "PublishPort" KeyPull = "Pull" KeyReadOnly = "ReadOnly" @@ -153,6 +157,11 @@ const ( KeyYaml = "Yaml" ) +type PodInfo struct { + ServiceName string + Containers []string +} + var ( validPortRange = regexp.Delayed(`\d+(-\d+)?(/udp|/tcp)?$`) @@ -199,6 +208,7 @@ var ( KeyNoNewPrivileges: true, KeyNotify: true, KeyPidsLimit: true, + KeyPod: true, KeyPodmanArgs: true, KeyPublishPort: true, KeyPull: true, @@ -307,6 +317,13 @@ var ( KeyTLSVerify: true, KeyVariant: true, } + + supportedPodKeys = map[string]bool{ + KeyContainersConfModule: true, + KeyGlobalArgs: true, + KeyPodmanArgs: true, + KeyPodName: true, + } ) func replaceExtension(name string, extension string, extraPrefix string, extraSuffix string) string { @@ -382,7 +399,7 @@ func usernsOpts(kind string, opts []string) string { // service file (unit file with Service group) based on the options in the // Container group. // The original Container group is kept around as X-Container. -func ConvertContainer(container *parser.UnitFile, names map[string]string, isUser bool) (*parser.UnitFile, error) { +func ConvertContainer(container *parser.UnitFile, names map[string]string, isUser bool, podsInfoMap map[string]*PodInfo) (*parser.UnitFile, error) { service := container.Dup() service.Filename = replaceExtension(container.Filename, ".service", "", "") @@ -767,6 +784,10 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse podman.add("--pull", pull) } + if err := handlePod(container, service, ContainerGroup, podsInfoMap, podman); err != nil { + return nil, err + } + handlePodmanArgs(container, ContainerGroup, podman) if len(image) > 0 { @@ -1225,6 +1246,95 @@ func ConvertImage(image *parser.UnitFile) (*parser.UnitFile, string, error) { return service, imageName, nil } +func GetPodServiceName(podUnit *parser.UnitFile) string { + return replaceExtension(podUnit.Filename, "", "", "-pod") +} + +func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*PodInfo) (*parser.UnitFile, error) { + podInfo, ok := podsInfoMap[podUnit.Filename] + if !ok { + return nil, fmt.Errorf("internal error while processing pod %s", podUnit.Filename) + } + + service := podUnit.Dup() + service.Filename = replaceExtension(podInfo.ServiceName, ".service", "", "") + + if podUnit.Path != "" { + service.Add(UnitGroup, "SourcePath", podUnit.Path) + } + + if err := checkForUnknownKeys(podUnit, PodGroup, supportedPodKeys); err != nil { + return nil, err + } + + // Derive pod name from unit name (with added prefix), or use user-provided name. + podName, ok := podUnit.Lookup(PodGroup, KeyPodName) + if !ok || len(podName) == 0 { + podName = replaceExtension(name, "", "systemd-", "") + } + + /* Rename old Pod group to x-Pod so that systemd ignores it */ + service.RenameGroup(PodGroup, XPodGroup) + + // Need the containers filesystem mounted to start podman + service.Add(UnitGroup, "RequiresMountsFor", "%t/containers") + + for _, containerService := range podInfo.Containers { + service.Add(UnitGroup, "Wants", containerService) + service.Add(UnitGroup, "Before", containerService) + } + + if !podUnit.HasKey(ServiceGroup, "SyslogIdentifier") { + service.Set(ServiceGroup, "SyslogIdentifier", "%N") + } + + execStart := createBasePodmanCommand(podUnit, PodGroup) + execStart.add("pod", "start", "--pod-id-file=%t/%N.pod-id") + service.AddCmdline(ServiceGroup, "ExecStart", execStart.Args) + + execStop := createBasePodmanCommand(podUnit, PodGroup) + execStop.add("pod", "stop") + execStop.add( + "--pod-id-file=%t/%N.pod-id", + "--ignore", + "--time=10", + ) + service.AddCmdline(ServiceGroup, "ExecStop", execStop.Args) + + execStopPost := createBasePodmanCommand(podUnit, PodGroup) + execStopPost.add("pod", "rm") + execStopPost.add( + "--pod-id-file=%t/%N.pod-id", + "--ignore", + "--force", + ) + service.AddCmdline(ServiceGroup, "ExecStopPost", execStopPost.Args) + + execStartPre := createBasePodmanCommand(podUnit, PodGroup) + execStartPre.add("pod", "create") + execStartPre.add( + "--infra-conmon-pidfile=%t/%N.pid", + "--pod-id-file=%t/%N.pod-id", + "--exit-policy=stop", + "--replace", + ) + + execStartPre.addf("--name=%s", podName) + + handlePodmanArgs(podUnit, PodGroup, execStartPre) + + service.AddCmdline(ServiceGroup, "ExecStartPre", execStartPre.Args) + + service.Setv(ServiceGroup, + "Environment", "PODMAN_SYSTEMD_UNIT=%n", + "Type", "forking", + "Restart", "on-failure", + "PIDFile", "%t/%N.pid", + ) + + return service, nil +} + func handleUser(unitFile *parser.UnitFile, groupName string, podman *PodmanCmdline) error { user, hasUser := unitFile.Lookup(groupName, KeyUser) okUser := hasUser && len(user) > 0 @@ -1685,3 +1795,26 @@ func createBasePodmanCommand(unitFile *parser.UnitFile, groupName string) *Podma return podman } + +func handlePod(quadletUnitFile, serviceUnitFile *parser.UnitFile, groupName string, podsInfoMap map[string]*PodInfo, podman *PodmanCmdline) error { + pod, ok := quadletUnitFile.Lookup(groupName, KeyPod) + if ok && len(pod) > 0 { + if !strings.HasSuffix(pod, ".pod") { + return fmt.Errorf("pod %s is not Quadlet based", pod) + } + + podInfo, ok := podsInfoMap[pod] + if !ok { + return fmt.Errorf("quadlet pod unit %s does not exist", pod) + } + + podman.add("--pod-id-file", fmt.Sprintf("%%t/%s.pod-id", podInfo.ServiceName)) + + podServiceName := fmt.Sprintf("%s.service", podInfo.ServiceName) + serviceUnitFile.Add(UnitGroup, "BindsTo", podServiceName) + serviceUnitFile.Add(UnitGroup, "After", podServiceName) + + podInfo.Containers = append(podInfo.Containers, serviceUnitFile.Filename) + } + return nil +} diff --git a/test/e2e/quadlet/basic.pod b/test/e2e/quadlet/basic.pod new file mode 100644 index 000000000000..2b8a7bb1e473 --- /dev/null +++ b/test/e2e/quadlet/basic.pod @@ -0,0 +1,9 @@ +## assert-key-is Unit RequiresMountsFor "%t/containers" +## assert-key-is Service Type forking +## assert-key-is Service SyslogIdentifier "%N" +## assert-key-is-regex Service ExecStartPre ".*/podman pod create --infra-conmon-pidfile=%t/%N.pid --pod-id-file=%t/%N.pod-id --exit-policy=stop --replace --name=systemd-basic" +## assert-key-is-regex Service ExecStart ".*/podman pod start --pod-id-file=%t/%N.pod-id" +## assert-key-is-regex Service ExecStop ".*/podman pod stop --pod-id-file=%t/%N.pod-id --ignore --time=10" +## assert-key-is-regex Service ExecStopPost ".*/podman pod rm --pod-id-file=%t/%N.pod-id --ignore --force" + +[Pod] diff --git a/test/e2e/quadlet/name.pod b/test/e2e/quadlet/name.pod new file mode 100644 index 000000000000..33c528d7bc55 --- /dev/null +++ b/test/e2e/quadlet/name.pod @@ -0,0 +1,4 @@ +## assert-podman-pre-args "--name=test-pod" + +[Pod] +PodName=test-pod diff --git a/test/e2e/quadlet/pod.non-quadlet.container b/test/e2e/quadlet/pod.non-quadlet.container new file mode 100644 index 000000000000..cde0459fb9ab --- /dev/null +++ b/test/e2e/quadlet/pod.non-quadlet.container @@ -0,0 +1,6 @@ +## assert-failed +## assert-stderr-contains "pod test-pod is not Quadlet based" + +[Container] +Image=localhost/imagename +Pod=test-pod diff --git a/test/e2e/quadlet/pod.not-found.container b/test/e2e/quadlet/pod.not-found.container new file mode 100644 index 000000000000..13c64fefe10e --- /dev/null +++ b/test/e2e/quadlet/pod.not-found.container @@ -0,0 +1,6 @@ +## assert-failed +## assert-stderr-contains "quadlet pod unit not-found.pod does not exist" + +[Container] +Image=localhost/imagename +Pod=not-found.pod diff --git a/test/e2e/quadlet/podmanargs.pod b/test/e2e/quadlet/podmanargs.pod new file mode 100644 index 000000000000..4e35532fb759 --- /dev/null +++ b/test/e2e/quadlet/podmanargs.pod @@ -0,0 +1,13 @@ +## assert-podman-pre-args "--foo" +## assert-podman-pre-args "--bar" +## assert-podman-pre-args "--also" +## assert-podman-pre-args "--with-key=value" +## assert-podman-pre-args "--with-space" "yes" + + +[Pod] +PodmanArgs="--foo" \ + --bar +PodmanArgs=--also +PodmanArgs=--with-key=value +PodmanArgs=--with-space yes diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index 34de88293008..a436199f9fda 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -39,6 +39,8 @@ func loadQuadletTestcase(path string) *quadletTestcase { service += "-network" case ".image": service += "-image" + case ".pod": + service += "-pod" } service += ".service" @@ -331,6 +333,46 @@ func (t *quadletTestcase) assertStartPodmanFinalArgsRegex(args []string, unit *p return t.assertPodmanFinalArgsRegex(args, unit, "ExecStart") } +func (t *quadletTestcase) assertStartPrePodmanArgs(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgs(args, unit, "ExecStartPre", false, false) +} + +func (t *quadletTestcase) assertStartPrePodmanArgsRegex(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgs(args, unit, "ExecStartPre", true, false) +} + +func (t *quadletTestcase) assertStartPrePodmanGlobalArgs(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgs(args, unit, "ExecStartPre", false, true) +} + +func (t *quadletTestcase) assertStartPrePodmanGlobalArgsRegex(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgs(args, unit, "ExecStartPre", true, true) +} + +func (t *quadletTestcase) assertStartPrePodmanArgsKeyVal(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgsKeyVal(args, unit, "ExecStartPre", false, false) +} + +func (t *quadletTestcase) assertStartPrePodmanArgsKeyValRegex(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgsKeyVal(args, unit, "ExecStartPre", true, false) +} + +func (t *quadletTestcase) assertStartPrePodmanGlobalArgsKeyVal(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgsKeyVal(args, unit, "ExecStartPre", false, true) +} + +func (t *quadletTestcase) assertStartPrePodmanGlobalArgsKeyValRegex(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanArgsKeyVal(args, unit, "ExecStartPre", true, true) +} + +func (t *quadletTestcase) assertStartPrePodmanFinalArgs(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanFinalArgs(args, unit, "ExecStartPre") +} + +func (t *quadletTestcase) assertStartPrePodmanFinalArgsRegex(args []string, unit *parser.UnitFile) bool { + return t.assertPodmanFinalArgsRegex(args, unit, "ExecStartPre") +} + func (t *quadletTestcase) assertStopPodmanArgs(args []string, unit *parser.UnitFile) bool { return t.assertPodmanArgs(args, unit, "ExecStop", false, false) } @@ -440,6 +482,26 @@ func (t *quadletTestcase) doAssert(check []string, unit *parser.UnitFile, sessio ok = t.assertStartPodmanFinalArgs(args, unit) case "assert-podman-final-args-regex": ok = t.assertStartPodmanFinalArgsRegex(args, unit) + case "assert-podman-pre-args": + ok = t.assertStartPrePodmanArgs(args, unit) + case "assert-podman-pre-args-regex": + ok = t.assertStartPrePodmanArgsRegex(args, unit) + case "assert-podman-pre-args-key-val": + ok = t.assertStartPrePodmanArgsKeyVal(args, unit) + case "assert-podman-pre-args-key-val-regex": + ok = t.assertStartPrePodmanArgsKeyValRegex(args, unit) + case "assert-podman-pre-global-args": + ok = t.assertStartPrePodmanGlobalArgs(args, unit) + case "assert-podman-pre-global-args-regex": + ok = t.assertStartPrePodmanGlobalArgsRegex(args, unit) + case "assert-podman-pre-global-args-key-val": + ok = t.assertStartPrePodmanGlobalArgsKeyVal(args, unit) + case "assert-podman-pre-global-args-key-val-regex": + ok = t.assertStartPrePodmanGlobalArgsKeyValRegex(args, unit) + case "assert-podman-pre-final-args": + ok = t.assertStartPrePodmanFinalArgs(args, unit) + case "assert-podman-pre-final-args-regex": + ok = t.assertStartPrePodmanFinalArgsRegex(args, unit) case "assert-symlink": ok = t.assertSymlink(args, unit) case "assert-podman-stop-args": @@ -714,6 +776,8 @@ BOGUS=foo Entry("notify.container", "notify.container", 0, ""), Entry("oneshot.container", "oneshot.container", 0, ""), Entry("other-sections.container", "other-sections.container", 0, ""), + Entry("pod.non-quadlet.container", "pod.non-quadlet.container", 1, "converting \"pod.non-quadlet.container\": pod test-pod is not Quadlet based"), + Entry("pod.not-found.container", "pod.not-found.container", 1, "converting \"pod.not-found.container\": quadlet pod unit not-found.pod does not exist"), Entry("podmanargs.container", "podmanargs.container", 0, ""), Entry("ports.container", "ports.container", 0, ""), Entry("ports_ipv6.container", "ports_ipv6.container", 0, ""), @@ -821,6 +885,10 @@ BOGUS=foo Entry("Image - Arch and OS", "arch-os.image", 0, ""), Entry("Image - global args", "globalargs.image", 0, ""), Entry("Image - Containers Conf Modules", "containersconfmodule.image", 0, ""), + + Entry("basic.pod", "basic.pod", 0, ""), + Entry("name.pod", "name.pod", 0, ""), + Entry("podmanargs.pod", "podmanargs.pod", 0, ""), ) }) diff --git a/test/system/252-quadlet.bats b/test/system/252-quadlet.bats index 2b57e58edd8d..6780af194feb 100644 --- a/test/system/252-quadlet.bats +++ b/test/system/252-quadlet.bats @@ -1412,4 +1412,62 @@ EOF run_podman rmi --ignore $(pause_image) } +@test "quadlet - pod simple" { + local quadlet_tmpdir=$PODMAN_TMPDIR/quadlets + + local test_pod_name=pod_test_$(random_string) + local quadlet_pod_unit=$test_pod_name.pod + local quadlet_pod_file=$PODMAN_TMPDIR/$quadlet_pod_unit + cat > $quadlet_pod_file < $quadlet_container_file < Date: Tue, 28 Nov 2023 11:36:34 +0100 Subject: [PATCH 079/170] docs: drop default for tmpfs-mode The default is OCI runtime specific, there is no way for Podman to know it. [CI:DOCS] Closes: https://github.com/containers/podman/issues/20754 Signed-off-by: Giuseppe Scrivano --- docs/source/markdown/options/mount.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/markdown/options/mount.md b/docs/source/markdown/options/mount.md index 9ab02cd97ed8..cc684c25566b 100644 --- a/docs/source/markdown/options/mount.md +++ b/docs/source/markdown/options/mount.md @@ -83,7 +83,7 @@ Current supported mount TYPEs are **bind**, **devpts**, **glob**, **image**, **r · tmpfs-size: Size of the tmpfs/ramfs mount in bytes. Unlimited by default in Linux. - · tmpfs-mode: File mode of the tmpfs/ramfs in octal. (e.g. 700 or 0700.) Defaults to 1777 in Linux. + · tmpfs-mode: File mode of the tmpfs/ramfs in octal (e.g. 700 or 0700.). · tmpcopyup: Enable copyup from the image directory at the same location to the tmpfs/ramfs. Used by default. From e26f677b16632e4bf8ae76abcd6859e70d0430ca Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 Nov 2023 14:22:18 +0100 Subject: [PATCH 080/170] sqlite: fix missing Commit() in RemovePodContainers() We have to Commit() the transaction. Note this is only in a rare pod remove code path and very unlikely to ever be used. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger --- libpod/sqlite_state.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index cdd0d25c8840..d63cb2561ea4 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -1697,6 +1697,10 @@ func (s *SQLiteState) RemovePodContainers(pod *Pod) (defErr error) { return err } + if err := tx.Commit(); err != nil { + return fmt.Errorf("committing pod containers %s removal transaction: %w", pod.ID(), err) + } + return nil } From d7b970a4c4325fd93a0c5347b18d7f40b7a253c4 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 28 Nov 2023 13:48:30 +0100 Subject: [PATCH 081/170] sqlite: fix issue in ValidateDBConfig() If a transaction is started it must either be committed or rolled back. The function uses defer to call `tx.Rollback()` if there is an error returned. However it also called `tx.Commit()` and afterwards further errors can be returned which means it tries to roll back a already committed transaction which cannot work. This fix is to make sure tx.Commit() is the last call in that function. see https://github.com/containers/podman/issues/20731 [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger --- libpod/sqlite_state.go | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index cdd0d25c8840..45dde749e749 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -373,10 +373,6 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { return fmt.Errorf("retrieving DB config: %w", err) } - if err := tx.Commit(); err != nil { - return fmt.Errorf("committing database validation row: %w", err) - } - checkField := func(fieldName, dbVal, ourVal string) error { if dbVal != ourVal { return fmt.Errorf("database %s %q does not match our %s %q: %w", fieldName, dbVal, fieldName, ourVal, define.ErrDBBadConfig) @@ -407,6 +403,12 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { return err } + if err := tx.Commit(); err != nil { + return fmt.Errorf("committing database validation row: %w", err) + } + // Do not return any error after the commit call because the defer will + // try to roll back the transaction which results in an logged error. + return nil } From 572f38c0db705bb03a64052f3ac9fc9f393a40be Mon Sep 17 00:00:00 2001 From: Chetan Giradkar Date: Mon, 6 Nov 2023 15:44:57 +0000 Subject: [PATCH 082/170] Set correct exitcode in remove events and change ContainerExitCode from int to int ptr Added additional check for event type to be remove and set the correct exitcode. While it was getting difficult to maintain the omitempty notation for Event->ContainerExitCode, changing the type from int to int ptr gives us the ability to check for ContainerExitCode to be not nil and continue operations from there. closes #19124 Signed-off-by: Chetan Giradkar --- libpod/container_exec.go | 2 +- libpod/events.go | 14 ++++++++++++-- libpod/events/config.go | 2 +- libpod/events/events.go | 3 +++ libpod/events/journal_linux.go | 6 +++--- libpod/sqlite_state.go | 3 +-- pkg/api/handlers/utils/containers.go | 5 ++++- pkg/domain/entities/events.go | 16 +++++++++++----- pkg/domain/infra/abi/containers.go | 3 ++- pkg/domain/infra/tunnel/containers.go | 4 ++-- test/apiv2/27-containersEvents.at | 6 +++++- 11 files changed, 45 insertions(+), 19 deletions(-) diff --git a/libpod/container_exec.go b/libpod/container_exec.go index df52993c193d..f04f369d603b 100644 --- a/libpod/container_exec.go +++ b/libpod/container_exec.go @@ -820,7 +820,7 @@ func (c *Container) exec(config *ExecConfig, streams *define.AttachStreams, resi if err != nil { return -1, fmt.Errorf("retrieving exec session %s exit code: %w", sessionID, err) } - return diedEvent.ContainerExitCode, nil + return *diedEvent.ContainerExitCode, nil } return -1, err } diff --git a/libpod/events.go b/libpod/events.go index 6e8c409e3a1d..8af4f19d1a37 100644 --- a/libpod/events.go +++ b/libpod/events.go @@ -77,6 +77,14 @@ func (c *Container) newContainerEventWithInspectData(status events.Status, inspe e.HealthStatus = containerHealthStatus } + if status == events.Remove { + exitCode, err := c.runtime.state.GetContainerExitCode(c.ID()) + if err == nil { + intExitCode := int(exitCode) + e.ContainerExitCode = &intExitCode + } + } + return c.runtime.eventer.Write(e) } @@ -88,7 +96,8 @@ func (c *Container) newContainerExitedEvent(exitCode int32) { e.Image = c.config.RootfsImageName e.Type = events.Container e.PodID = c.PodID() - e.ContainerExitCode = int(exitCode) + intExitCode := int(exitCode) + e.ContainerExitCode = &intExitCode e.Details = events.Details{ ID: e.ID, @@ -107,7 +116,8 @@ func (c *Container) newExecDiedEvent(sessionID string, exitCode int) { e.Name = c.Name() e.Image = c.config.RootfsImageName e.Type = events.Container - e.ContainerExitCode = exitCode + intExitCode := exitCode + e.ContainerExitCode = &intExitCode e.Attributes = make(map[string]string) e.Attributes["execID"] = sessionID diff --git a/libpod/events/config.go b/libpod/events/config.go index 309a495744de..7b3184209714 100644 --- a/libpod/events/config.go +++ b/libpod/events/config.go @@ -24,7 +24,7 @@ const ( type Event struct { // ContainerExitCode is for storing the exit code of a container which can // be used for "internal" event notification - ContainerExitCode int `json:",omitempty"` + ContainerExitCode *int `json:",omitempty"` // ID can be for the container, image, volume, etc ID string `json:",omitempty"` // Image used where applicable diff --git a/libpod/events/events.go b/libpod/events/events.go index 2105a3b89fdb..bcda07e06e64 100644 --- a/libpod/events/events.go +++ b/libpod/events/events.go @@ -69,6 +69,9 @@ func (e *Event) ToJSONString() (string, error) { // ToHumanReadable returns human-readable event as a formatted string func (e *Event) ToHumanReadable(truncate bool) string { + if e == nil { + return "" + } var humanFormat string id := e.ID if truncate { diff --git a/libpod/events/journal_linux.go b/libpod/events/journal_linux.go index debb49a8dfbe..72c8352202db 100644 --- a/libpod/events/journal_linux.go +++ b/libpod/events/journal_linux.go @@ -48,8 +48,8 @@ func (e EventJournalD) Write(ee Event) error { m["PODMAN_IMAGE"] = ee.Image m["PODMAN_NAME"] = ee.Name m["PODMAN_ID"] = ee.ID - if ee.ContainerExitCode != 0 { - m["PODMAN_EXIT_CODE"] = strconv.Itoa(ee.ContainerExitCode) + if ee.ContainerExitCode != nil { + m["PODMAN_EXIT_CODE"] = strconv.Itoa(*ee.ContainerExitCode) } if ee.PodID != "" { m["PODMAN_POD_ID"] = ee.PodID @@ -206,7 +206,7 @@ func newEventFromJournalEntry(entry *sdjournal.JournalEntry) (*Event, error) { if err != nil { logrus.Errorf("Parsing event exit code %s", code) } else { - newEvent.ContainerExitCode = intCode + newEvent.ContainerExitCode = &intCode } } diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index cdd0d25c8840..76d0b88194b9 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -934,8 +934,7 @@ func (s *SQLiteState) GetContainerExitCode(id string) (int32, error) { } row := s.conn.QueryRow("SELECT ExitCode FROM ContainerExitCode WHERE ID=?;", id) - - var exitCode int32 + var exitCode int32 = -1 if err := row.Scan(&exitCode); err != nil { if errors.Is(err, sql.ErrNoRows) { return -1, fmt.Errorf("getting exit code of container %s from DB: %w", id, define.ErrNoSuchExitCode) diff --git a/pkg/api/handlers/utils/containers.go b/pkg/api/handlers/utils/containers.go index 6491dc402912..00f7242f6610 100644 --- a/pkg/api/handlers/utils/containers.go +++ b/pkg/api/handlers/utils/containers.go @@ -238,7 +238,10 @@ func waitNextExit(ctx context.Context, containerName string) (int32, error) { evt, ok := <-eventChannel if ok { - return int32(evt.ContainerExitCode), nil + if evt.ContainerExitCode != nil { + return int32(*evt.ContainerExitCode), nil + } + return -1, nil } // if ok == false then containerEngine.Events() has exited // it may happen if request was canceled (e.g. client closed connection prematurely) or diff --git a/pkg/domain/entities/events.go b/pkg/domain/entities/events.go index 34a6fe04890d..5a747e117948 100644 --- a/pkg/domain/entities/events.go +++ b/pkg/domain/entities/events.go @@ -19,9 +19,13 @@ type Event struct { // ConvertToLibpodEvent converts an entities event to a libpod one. func ConvertToLibpodEvent(e Event) *libpodEvents.Event { - exitCode, err := strconv.Atoi(e.Actor.Attributes["containerExitCode"]) - if err != nil { - return nil + var exitCode int + if ec, ok := e.Actor.Attributes["containerExitCode"]; ok { + var err error + exitCode, err = strconv.Atoi(ec) + if err != nil { + return nil + } } status, err := libpodEvents.StringToStatus(e.Action) if err != nil { @@ -39,7 +43,7 @@ func ConvertToLibpodEvent(e Event) *libpodEvents.Event { delete(details, "name") delete(details, "containerExitCode") return &libpodEvents.Event{ - ContainerExitCode: exitCode, + ContainerExitCode: &exitCode, ID: e.Actor.ID, Image: image, Name: name, @@ -62,7 +66,9 @@ func ConvertToEntitiesEvent(e libpodEvents.Event) *Event { } attributes["image"] = e.Image attributes["name"] = e.Name - attributes["containerExitCode"] = strconv.Itoa(e.ContainerExitCode) + if e.ContainerExitCode != nil { + attributes["containerExitCode"] = strconv.Itoa(*e.ContainerExitCode) + } attributes["podId"] = e.PodID message := dockerEvents.Message{ // Compatibility with clients that still look for deprecated API elements diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index b495bc91b764..e8cb8e346eb5 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -1192,7 +1192,8 @@ func (ic *ContainerEngine) GetContainerExitCode(ctx context.Context, ctr *libpod exitCode, err := ctr.Wait(ctx) if err != nil { logrus.Errorf("Waiting for container %s: %v", ctr.ID(), err) - return define.ExecErrorCodeNotFound + intExitCode := int(define.ExecErrorCodeNotFound) + return intExitCode } return int(exitCode) } diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 55dc6a0dfb8c..81d092ab4ed4 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -773,7 +773,7 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri logrus.Errorf("Cannot get exit code: %v", err) report.ExitCode = define.ExecErrorCodeNotFound } else { - report.ExitCode = event.ContainerExitCode + report.ExitCode = *event.ContainerExitCode } } else { report.ExitCode = int(exitCode) @@ -962,7 +962,7 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta return &report, nil //nolint: nilerr } - report.ExitCode = lastEvent.ContainerExitCode + report.ExitCode = *lastEvent.ContainerExitCode return &report, err } diff --git a/test/apiv2/27-containersEvents.at b/test/apiv2/27-containersEvents.at index a5b5b24a31d3..aac426218d4b 100644 --- a/test/apiv2/27-containersEvents.at +++ b/test/apiv2/27-containersEvents.at @@ -10,7 +10,7 @@ podman rm -a -f &>/dev/null START=$(date +%s) -podman run $IMAGE false || true +podman run --rm $IMAGE false || true # libpod api t GET "libpod/events?stream=false&since=$START" 200 \ @@ -28,4 +28,8 @@ t GET "events?stream=false&since=$START" 200 \ 'select(.status | contains("die")).Action=die' \ 'select(.status | contains("die")).Actor.Attributes.exitCode=1' +t GET "events?stream=false&since=$START&type=remove" 200 \ + 'select(.status| contains("remove")).Action=remove' \ + 'select(.status | contains("remove")).Actor.Attributes.containerExitCode=1' + # vim: filetype=sh From a2bf8c6d50919b70cd5b60a6ef5ba56d2f14a615 Mon Sep 17 00:00:00 2001 From: Black-Hole1 Date: Tue, 28 Nov 2023 10:10:38 +0800 Subject: [PATCH 083/170] refactor(machine): improve machine marker value 1. Set the marker to the current virtual machine type instead of fixed qemu. 2. Update containers/common [NO NEW TESTS NEEDED] Signed-off-by: Black-Hole1 --- cmd/rootlessport/wsl.go | 2 +- go.mod | 6 ++-- go.sum | 12 +++---- pkg/machine/config.go | 9 +++--- pkg/machine/ignition.go | 7 ++-- pkg/specgen/winpath_linux.go | 2 +- .../containers/common/pkg/machine/machine.go | 24 ++++++-------- vendor/golang.org/x/sys/unix/fcntl.go | 2 +- vendor/golang.org/x/sys/unix/ioctl_linux.go | 5 +++ vendor/golang.org/x/sys/unix/mkerrors.sh | 3 +- vendor/golang.org/x/sys/unix/syscall_bsd.go | 2 +- vendor/golang.org/x/sys/unix/syscall_linux.go | 28 ++++++++++------ .../golang.org/x/sys/unix/syscall_openbsd.go | 14 ++++++++ .../golang.org/x/sys/unix/syscall_solaris.go | 2 +- .../x/sys/unix/syscall_zos_s390x.go | 2 +- vendor/golang.org/x/sys/unix/zerrors_linux.go | 2 +- .../golang.org/x/sys/unix/zsyscall_linux.go | 15 +++++++++ .../x/sys/unix/zsyscall_openbsd_386.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_386.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_amd64.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_amd64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_arm.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_arm.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_arm64.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_arm64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_mips64.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_mips64.s | 5 +++ .../x/sys/unix/zsyscall_openbsd_ppc64.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_ppc64.s | 6 ++++ .../x/sys/unix/zsyscall_openbsd_riscv64.go | 26 +++++++++++++++ .../x/sys/unix/zsyscall_openbsd_riscv64.s | 5 +++ vendor/golang.org/x/sys/unix/ztypes_linux.go | 32 +++++++++++++++++++ .../x/sys/windows/syscall_windows.go | 2 ++ .../x/sys/windows/zsyscall_windows.go | 19 +++++++++++ vendor/modules.txt | 6 ++-- 35 files changed, 362 insertions(+), 52 deletions(-) diff --git a/cmd/rootlessport/wsl.go b/cmd/rootlessport/wsl.go index c1e67ba874d1..01b098189639 100644 --- a/cmd/rootlessport/wsl.go +++ b/cmd/rootlessport/wsl.go @@ -12,7 +12,7 @@ import ( func splitDualStackSpecIfWsl(spec rkport.Spec) []rkport.Spec { specs := []rkport.Spec{spec} protocol := spec.Proto - if machine.MachineHostType() != machine.Wsl || strings.HasSuffix(protocol, "4") || strings.HasSuffix(protocol, "6") { + if machine.HostType() != machine.Wsl || strings.HasSuffix(protocol, "4") || strings.HasSuffix(protocol, "6") { return specs } diff --git a/go.mod b/go.mod index f133335674ac..d856bf602971 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c - github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 + github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 @@ -69,8 +69,8 @@ require ( golang.org/x/exp v0.0.0-20231006140011-7918f672742d golang.org/x/net v0.18.0 golang.org/x/sync v0.5.0 - golang.org/x/sys v0.14.0 - golang.org/x/term v0.14.0 + golang.org/x/sys v0.15.0 + golang.org/x/term v0.15.0 golang.org/x/text v0.14.0 google.golang.org/protobuf v1.31.0 gopkg.in/inf.v0 v0.9.1 diff --git a/go.sum b/go.sum index 8e2f02dead6a..4ad46d13d32f 100644 --- a/go.sum +++ b/go.sum @@ -256,8 +256,8 @@ github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= -github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 h1:JjjvtSd5dwt8CRZX9eZyxNx9IKnE6TT5qYuDqePk2n4= -github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245/go.mod h1:5C4EkX50fgbJZdZPdX3QSVGbXIe3wuhWz1G7e5JBxbs= +github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 h1:CMtIWhUBDpOFPNUDiYUYiWC5ducrYPdynWAsB4jAX8k= +github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105/go.mod h1:9gSqpih8l6jSGOC0D28Bic4Yx1GuYKFH+MUZhr+sGkg= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= @@ -1381,16 +1381,16 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= -golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= -golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/pkg/machine/config.go b/pkg/machine/config.go index 6d071496b7be..b4324e875596 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -15,6 +15,7 @@ import ( "strings" "time" + "github.com/containers/common/pkg/machine" "github.com/containers/podman/v4/pkg/machine/compression" "github.com/containers/podman/v4/pkg/machine/define" "github.com/containers/storage/pkg/homedir" @@ -352,13 +353,13 @@ const ( func (v VMType) String() string { switch v { case WSLVirt: - return "wsl" + return machine.Wsl case AppleHvVirt: - return "applehv" + return machine.AppleHV case HyperVVirt: - return "hyperv" + return machine.HyperV } - return "qemu" + return machine.Qemu } type APIForwardingState int diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 2444249af10b..9eaafe2faf1b 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -100,7 +100,7 @@ func (ign *DynamicIgnition) GenerateIgnitionConfig() error { ignStorage := Storage{ Directories: getDirs(ign.Name), - Files: getFiles(ign.Name, ign.UID, ign.Rootful), + Files: getFiles(ign.Name, ign.UID, ign.Rootful, ign.VMType), Links: getLinks(ign.Name), } @@ -300,7 +300,7 @@ func getDirs(usrName string) []Directory { return dirs } -func getFiles(usrName string, uid int, rootful bool) []File { +func getFiles(usrName string, uid int, rootful bool, vmtype VMType) []File { files := make([]File, 0) lingerExample := `[Unit] @@ -434,8 +434,7 @@ Delegate=memory pids cpu io FileEmbedded1: FileEmbedded1{ Append: nil, Contents: Resource{ - // TODO this should be fixed for all vmtypes - Source: EncodeDataURLPtr("qemu\n"), + Source: EncodeDataURLPtr(fmt.Sprintf("%s\n", vmtype.String())), }, Mode: IntToPtr(0644), }, diff --git a/pkg/specgen/winpath_linux.go b/pkg/specgen/winpath_linux.go index f42ac76399da..16c62492d2ff 100644 --- a/pkg/specgen/winpath_linux.go +++ b/pkg/specgen/winpath_linux.go @@ -7,7 +7,7 @@ import ( ) func shouldResolveWinPaths() bool { - return machine.MachineHostType() == "wsl" + return machine.HostType() == "wsl" } func shouldResolveUnixWinVariant(path string) bool { diff --git a/vendor/github.com/containers/common/pkg/machine/machine.go b/vendor/github.com/containers/common/pkg/machine/machine.go index 36428e58f403..a75a61f38028 100644 --- a/vendor/github.com/containers/common/pkg/machine/machine.go +++ b/vendor/github.com/containers/common/pkg/machine/machine.go @@ -9,10 +9,7 @@ import ( "github.com/sirupsen/logrus" ) -// TODO: change name to MachineMarker since package is already called machine -// -//nolint:revive -type MachineMarker struct { +type Marker struct { Enabled bool Type string } @@ -21,11 +18,13 @@ const ( markerFile = "/etc/containers/podman-machine" Wsl = "wsl" Qemu = "qemu" + AppleHV = "applehv" + HyperV = "hyperv" ) var ( - markerSync sync.Once - machineMarker *MachineMarker + markerSync sync.Once + marker *Marker ) func loadMachineMarker(file string) { @@ -39,7 +38,7 @@ func loadMachineMarker(file string) { kind = strings.TrimSpace(string(content)) } - machineMarker = &MachineMarker{enabled, kind} + marker = &Marker{enabled, kind} } func isLegacyConfigSet() bool { @@ -57,20 +56,17 @@ func IsPodmanMachine() bool { return GetMachineMarker().Enabled } -// TODO: change name to HostType since package is already called machine -// -//nolint:revive -func MachineHostType() string { +func HostType() string { return GetMachineMarker().Type } func IsGvProxyBased() bool { - return IsPodmanMachine() && MachineHostType() != Wsl + return IsPodmanMachine() && HostType() != Wsl } -func GetMachineMarker() *MachineMarker { +func GetMachineMarker() *Marker { markerSync.Do(func() { loadMachineMarker(markerFile) }) - return machineMarker + return marker } diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go index 58c6bfc70f6e..6200876fb28c 100644 --- a/vendor/golang.org/x/sys/unix/fcntl.go +++ b/vendor/golang.org/x/sys/unix/fcntl.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build dragonfly || freebsd || linux || netbsd || openbsd +//go:build dragonfly || freebsd || linux || netbsd package unix diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go index 0d12c0851adf..dbe680eab88a 100644 --- a/vendor/golang.org/x/sys/unix/ioctl_linux.go +++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go @@ -231,3 +231,8 @@ func IoctlLoopGetStatus64(fd int) (*LoopInfo64, error) { func IoctlLoopSetStatus64(fd int, value *LoopInfo64) error { return ioctlPtr(fd, LOOP_SET_STATUS64, unsafe.Pointer(value)) } + +// IoctlLoopConfigure configures all loop device parameters in a single step +func IoctlLoopConfigure(fd int, value *LoopConfig) error { + return ioctlPtr(fd, LOOP_CONFIGURE, unsafe.Pointer(value)) +} diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh index cbe24150a7a8..6202638bae86 100644 --- a/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -519,6 +519,7 @@ ccflags="$@" $2 ~ /^LOCK_(SH|EX|NB|UN)$/ || $2 ~ /^LO_(KEY|NAME)_SIZE$/ || $2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ || + $2 == "LOOP_CONFIGURE" || $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ || $2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ || $2 ~ /^NFC_.*_(MAX)?SIZE$/ || @@ -560,7 +561,7 @@ ccflags="$@" $2 ~ /^RLIMIT_(AS|CORE|CPU|DATA|FSIZE|LOCKS|MEMLOCK|MSGQUEUE|NICE|NOFILE|NPROC|RSS|RTPRIO|RTTIME|SIGPENDING|STACK)|RLIM_INFINITY/ || $2 ~ /^PRIO_(PROCESS|PGRP|USER)/ || $2 ~ /^CLONE_[A-Z_]+/ || - $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+)$/ && + $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+|BPF_F_LINK)$/ && $2 ~ /^(BPF|DLT)_/ || $2 ~ /^AUDIT_/ || $2 ~ /^(CLOCK|TIMER)_/ || diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index 6f328e3a5541..a00c3e5450b3 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -316,7 +316,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } //sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index a5e1c10e341b..0f85e29e621c 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -61,15 +61,23 @@ func FanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname string) ( } //sys fchmodat(dirfd int, path string, mode uint32) (err error) - -func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { - // Linux fchmodat doesn't support the flags parameter. Mimick glibc's behavior - // and check the flags. Otherwise the mode would be applied to the symlink - // destination which is not what the user expects. - if flags&^AT_SYMLINK_NOFOLLOW != 0 { - return EINVAL - } else if flags&AT_SYMLINK_NOFOLLOW != 0 { - return EOPNOTSUPP +//sys fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) + +func Fchmodat(dirfd int, path string, mode uint32, flags int) error { + // Linux fchmodat doesn't support the flags parameter, but fchmodat2 does. + // Try fchmodat2 if flags are specified. + if flags != 0 { + err := fchmodat2(dirfd, path, mode, flags) + if err == ENOSYS { + // fchmodat2 isn't available. If the flags are known to be valid, + // return EOPNOTSUPP to indicate that fchmodat doesn't support them. + if flags&^(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EINVAL + } else if flags&(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EOPNOTSUPP + } + } + return err } return fchmodat(dirfd, path, mode) } @@ -1302,7 +1310,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func GetsockoptTpacketStats(fd, level, opt int) (*TpacketStats, error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index d2882ee04f74..b25343c71a42 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -166,6 +166,20 @@ func Getresgid() (rgid, egid, sgid int) { //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL +//sys fcntl(fd int, cmd int, arg int) (n int, err error) +//sys fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) = SYS_FCNTL + +// FcntlInt performs a fcntl syscall on fd with the provided command and argument. +func FcntlInt(fd uintptr, cmd, arg int) (int, error) { + return fcntl(int(fd), cmd, arg) +} + +// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command. +func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error { + _, err := fcntlPtr(int(fd), cmd, unsafe.Pointer(lk)) + return err +} + //sys ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) func Ppoll(fds []PollFd, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index 60c8142d49ef..21974af064dd 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -158,7 +158,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } const ImplementsGetwd = true diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go index d99d05f1bc14..b473038c6155 100644 --- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go @@ -1104,7 +1104,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) { diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 9c00cbf512c4..c73cfe2f10b7 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -486,7 +486,6 @@ const ( BPF_F_ANY_ALIGNMENT = 0x2 BPF_F_BEFORE = 0x8 BPF_F_ID = 0x20 - BPF_F_LINK = 0x2000 BPF_F_NETFILTER_IP_DEFRAG = 0x1 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 @@ -1802,6 +1801,7 @@ const ( LOCK_SH = 0x1 LOCK_UN = 0x8 LOOP_CLR_FD = 0x4c01 + LOOP_CONFIGURE = 0x4c0a LOOP_CTL_ADD = 0x4c80 LOOP_CTL_GET_FREE = 0x4c82 LOOP_CTL_REMOVE = 0x4c81 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go index faca7a557b10..1488d27128cd 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -37,6 +37,21 @@ func fchmodat(dirfd int, path string, mode uint32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_FCHMODAT2, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ioctl(fd int, req uint, arg uintptr) (err error) { _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index 88bfc2885782..a1d061597ccc 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s index 4cbeff171b2b..41b5617316c0 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index b8a67b99af8d..5b2a74097786 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s index 1123f27571e5..4019a656f6d5 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index af50a65c0cd0..f6eda1344a83 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s index 82badae39fe6..ac4af24f9083 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index 8fb4ff36a7dd..55df20ae9d8d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s index 24d7eecb93ba..f77d532121b9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index f469a83ee6ed..8c1155cbc087 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s index 9a498a067733..fae140b62c9d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index c26ca2e1aa22..7cc80c58d985 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s index 1f224aa4162f..9d1e0ff06d0f 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s @@ -213,6 +213,12 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_fcntl(SB) + RET +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 CALL libc_ppoll(SB) RET diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index bcc920dd2599..0688737f4944 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s index 87a79c7095a6..da115f9a4b69 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 997bcd55ae9f..bbf8399ff586 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -2671,6 +2671,7 @@ const ( BPF_PROG_TYPE_LSM = 0x1d BPF_PROG_TYPE_SK_LOOKUP = 0x1e BPF_PROG_TYPE_SYSCALL = 0x1f + BPF_PROG_TYPE_NETFILTER = 0x20 BPF_CGROUP_INET_INGRESS = 0x0 BPF_CGROUP_INET_EGRESS = 0x1 BPF_CGROUP_INET_SOCK_CREATE = 0x2 @@ -2715,6 +2716,11 @@ const ( BPF_PERF_EVENT = 0x29 BPF_TRACE_KPROBE_MULTI = 0x2a BPF_LSM_CGROUP = 0x2b + BPF_STRUCT_OPS = 0x2c + BPF_NETFILTER = 0x2d + BPF_TCX_INGRESS = 0x2e + BPF_TCX_EGRESS = 0x2f + BPF_TRACE_UPROBE_MULTI = 0x30 BPF_LINK_TYPE_UNSPEC = 0x0 BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 BPF_LINK_TYPE_TRACING = 0x2 @@ -2725,6 +2731,18 @@ const ( BPF_LINK_TYPE_PERF_EVENT = 0x7 BPF_LINK_TYPE_KPROBE_MULTI = 0x8 BPF_LINK_TYPE_STRUCT_OPS = 0x9 + BPF_LINK_TYPE_NETFILTER = 0xa + BPF_LINK_TYPE_TCX = 0xb + BPF_LINK_TYPE_UPROBE_MULTI = 0xc + BPF_PERF_EVENT_UNSPEC = 0x0 + BPF_PERF_EVENT_UPROBE = 0x1 + BPF_PERF_EVENT_URETPROBE = 0x2 + BPF_PERF_EVENT_KPROBE = 0x3 + BPF_PERF_EVENT_KRETPROBE = 0x4 + BPF_PERF_EVENT_TRACEPOINT = 0x5 + BPF_PERF_EVENT_EVENT = 0x6 + BPF_F_KPROBE_MULTI_RETURN = 0x1 + BPF_F_UPROBE_MULTI_RETURN = 0x1 BPF_ANY = 0x0 BPF_NOEXIST = 0x1 BPF_EXIST = 0x2 @@ -2742,6 +2760,8 @@ const ( BPF_F_MMAPABLE = 0x400 BPF_F_PRESERVE_ELEMS = 0x800 BPF_F_INNER_MAP = 0x1000 + BPF_F_LINK = 0x2000 + BPF_F_PATH_FD = 0x4000 BPF_STATS_RUN_TIME = 0x0 BPF_STACK_BUILD_ID_EMPTY = 0x0 BPF_STACK_BUILD_ID_VALID = 0x1 @@ -2762,6 +2782,7 @@ const ( BPF_F_ZERO_CSUM_TX = 0x2 BPF_F_DONT_FRAGMENT = 0x4 BPF_F_SEQ_NUMBER = 0x8 + BPF_F_NO_TUNNEL_KEY = 0x10 BPF_F_TUNINFO_FLAGS = 0x10 BPF_F_INDEX_MASK = 0xffffffff BPF_F_CURRENT_CPU = 0xffffffff @@ -2778,6 +2799,8 @@ const ( BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 BPF_F_ADJ_ROOM_ENCAP_L2_ETH = 0x40 + BPF_F_ADJ_ROOM_DECAP_L3_IPV4 = 0x80 + BPF_F_ADJ_ROOM_DECAP_L3_IPV6 = 0x100 BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 BPF_F_SYSCTL_BASE_NAME = 0x1 @@ -2866,6 +2889,8 @@ const ( BPF_DEVCG_DEV_CHAR = 0x2 BPF_FIB_LOOKUP_DIRECT = 0x1 BPF_FIB_LOOKUP_OUTPUT = 0x2 + BPF_FIB_LOOKUP_SKIP_NEIGH = 0x4 + BPF_FIB_LOOKUP_TBID = 0x8 BPF_FIB_LKUP_RET_SUCCESS = 0x0 BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 @@ -2901,6 +2926,7 @@ const ( BPF_CORE_ENUMVAL_EXISTS = 0xa BPF_CORE_ENUMVAL_VALUE = 0xb BPF_CORE_TYPE_MATCHES = 0xc + BPF_F_TIMER_ABS = 0x1 ) const ( @@ -2979,6 +3005,12 @@ type LoopInfo64 struct { Encrypt_key [32]uint8 Init [2]uint64 } +type LoopConfig struct { + Fd uint32 + Size uint32 + Info LoopInfo64 + _ [8]uint64 +} type TIPCSocketAddr struct { Ref uint32 diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index fb6cfd0462b4..47dc57967690 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -155,6 +155,8 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW //sys GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW //sys SetDefaultDllDirectories(directoryFlags uint32) (err error) +//sys AddDllDirectory(path *uint16) (cookie uintptr, err error) = kernel32.AddDllDirectory +//sys RemoveDllDirectory(cookie uintptr) (err error) = kernel32.RemoveDllDirectory //sys SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW //sys GetVersion() (ver uint32, err error) //sys FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index db6282e00a58..146a1f0196f9 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -184,6 +184,7 @@ var ( procGetAdaptersInfo = modiphlpapi.NewProc("GetAdaptersInfo") procGetBestInterfaceEx = modiphlpapi.NewProc("GetBestInterfaceEx") procGetIfEntry = modiphlpapi.NewProc("GetIfEntry") + procAddDllDirectory = modkernel32.NewProc("AddDllDirectory") procAssignProcessToJobObject = modkernel32.NewProc("AssignProcessToJobObject") procCancelIo = modkernel32.NewProc("CancelIo") procCancelIoEx = modkernel32.NewProc("CancelIoEx") @@ -330,6 +331,7 @@ var ( procReadProcessMemory = modkernel32.NewProc("ReadProcessMemory") procReleaseMutex = modkernel32.NewProc("ReleaseMutex") procRemoveDirectoryW = modkernel32.NewProc("RemoveDirectoryW") + procRemoveDllDirectory = modkernel32.NewProc("RemoveDllDirectory") procResetEvent = modkernel32.NewProc("ResetEvent") procResizePseudoConsole = modkernel32.NewProc("ResizePseudoConsole") procResumeThread = modkernel32.NewProc("ResumeThread") @@ -1605,6 +1607,15 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) { return } +func AddDllDirectory(path *uint16) (cookie uintptr, err error) { + r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + cookie = uintptr(r0) + if cookie == 0 { + err = errnoErr(e1) + } + return +} + func AssignProcessToJobObject(job Handle, process Handle) (err error) { r1, _, e1 := syscall.Syscall(procAssignProcessToJobObject.Addr(), 2, uintptr(job), uintptr(process), 0) if r1 == 0 { @@ -2879,6 +2890,14 @@ func RemoveDirectory(path *uint16) (err error) { return } +func RemoveDllDirectory(cookie uintptr) (err error) { + r1, _, e1 := syscall.Syscall(procRemoveDllDirectory.Addr(), 1, uintptr(cookie), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func ResetEvent(event Handle) (err error) { r1, _, e1 := syscall.Syscall(procResetEvent.Addr(), 1, uintptr(event), 0, 0) if r1 == 0 { diff --git a/vendor/modules.txt b/vendor/modules.txt index 02819c24f949..c6620586d77b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.1-0.20231121115347-e2da7bec2245 +# github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -1180,7 +1180,7 @@ golang.org/x/oauth2/internal ## explicit; go 1.18 golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.14.0 +# golang.org/x/sys v0.15.0 ## explicit; go 1.18 golang.org/x/sys/cpu golang.org/x/sys/execabs @@ -1189,7 +1189,7 @@ golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/registry golang.org/x/sys/windows/svc/eventlog -# golang.org/x/term v0.14.0 +# golang.org/x/term v0.15.0 ## explicit; go 1.18 golang.org/x/term # golang.org/x/text v0.14.0 From 7b4d6a295e651bc95a196b929cac3c4a24baca05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erik=20Sj=C3=B6lund?= Date: Tue, 28 Nov 2023 17:16:43 +0100 Subject: [PATCH 084/170] [CI:DOCS] Fix markdown bugs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Erik Sjölund --- docs/source/locale/ja/LC_MESSAGES/markdown.po | 2 +- docs/source/markdown/podman-manifest-push.1.md.in | 2 +- docs/source/markdown/podman-push.1.md.in | 2 +- docs/source/markdown/podman-volume-inspect.1.md | 2 ++ 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/source/locale/ja/LC_MESSAGES/markdown.po b/docs/source/locale/ja/LC_MESSAGES/markdown.po index e24d41068d63..9f8ba2a10b7d 100644 --- a/docs/source/locale/ja/LC_MESSAGES/markdown.po +++ b/docs/source/locale/ja/LC_MESSAGES/markdown.po @@ -19280,7 +19280,7 @@ msgstr "" #: ../../source/markdown/podman-manifest-push.1.md:123 #: ../../source/markdown/podman-push.1.md:161 -msgid "**--sign-by-sigstore**=*param-file***" +msgid "**--sign-by-sigstore**=*param-file*" msgstr "" #: ../../source/markdown/podman-manifest-push.1.md:125 diff --git a/docs/source/markdown/podman-manifest-push.1.md.in b/docs/source/markdown/podman-manifest-push.1.md.in index d8cc8702aea8..fa49a29be4ff 100644 --- a/docs/source/markdown/podman-manifest-push.1.md.in +++ b/docs/source/markdown/podman-manifest-push.1.md.in @@ -64,7 +64,7 @@ Delete the manifest list or image index from local storage if pushing succeeds. Sign the pushed images with a “simple signing” signature using the specified key. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) -#### **--sign-by-sigstore**=*param-file*** +#### **--sign-by-sigstore**=*param-file* Add a sigstore signature based on further options specified in a container's sigstore signing parameter file *param-file*. See containers-sigstore-signing-params.yaml(5) for details about the file format. diff --git a/docs/source/markdown/podman-push.1.md.in b/docs/source/markdown/podman-push.1.md.in index 49f08da6fee7..ffa1de761ced 100644 --- a/docs/source/markdown/podman-push.1.md.in +++ b/docs/source/markdown/podman-push.1.md.in @@ -88,7 +88,7 @@ Discard any pre-existing signatures in the image. Add a “simple signing” signature at the destination using the specified key. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) -#### **--sign-by-sigstore**=*param-file*** +#### **--sign-by-sigstore**=*param-file* Add a sigstore signature based on further options specified in a container's sigstore signing parameter file *param-file*. See containers-sigstore-signing-params.yaml(5) for details about the file format. diff --git a/docs/source/markdown/podman-volume-inspect.1.md b/docs/source/markdown/podman-volume-inspect.1.md index 1f0d4096fa72..07485fe7ca1a 100644 --- a/docs/source/markdown/podman-volume-inspect.1.md +++ b/docs/source/markdown/podman-volume-inspect.1.md @@ -69,6 +69,8 @@ $ podman volume inspect myvol "NeedsChown": true } ] +``` + ``` $ podman volume inspect --all [ From 4314b1c34489b369704b79419ae945e4d4076962 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Tue, 28 Nov 2023 20:44:17 +0100 Subject: [PATCH 085/170] Fix transferring data using tar MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Instead of relying on the remote server to create tar files with the right account IDs (which the remote server doesn't even know, when the client and server run under different accounts), have the remote client ignore the account IDs when unpacking. Then just hard-code 0 in the remote server, so that the remote server's account identity does not leak in the tar file contents. Compare https://github.com/containers/image/issues/1627 . [NO NEW TESTS NEEDED] : https://github.com/containers/podman/pull/18563 suggests that existing tests already cover these code paths / properties. Signed-off-by: Miloslav Trmač --- pkg/api/handlers/libpod/images.go | 6 +----- pkg/domain/infra/tunnel/images.go | 2 +- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 8cef020bda55..5fd6eeaeec08 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -27,7 +27,6 @@ import ( "github.com/containers/podman/v4/pkg/domain/infra/abi" domainUtils "github.com/containers/podman/v4/pkg/domain/utils" "github.com/containers/podman/v4/pkg/errorhandling" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" utils2 "github.com/containers/podman/v4/utils" "github.com/containers/storage" @@ -330,10 +329,7 @@ func ExportImages(w http.ResponseWriter, r *http.Request) { } tarOptions := &archive.TarOptions{ - ChownOpts: &idtools.IDPair{ - UID: rootless.GetRootlessUID(), - GID: rootless.GetRootlessGID(), - }, + ChownOpts: &idtools.IDPair{UID: 0, GID: 0}, } tar, err := chrootarchive.Tar(output, tarOptions, output) if err != nil { diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go index 304c99ccd7d7..985125979089 100644 --- a/pkg/domain/infra/tunnel/images.go +++ b/pkg/domain/infra/tunnel/images.go @@ -336,7 +336,7 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrID string, tags []string, return err } - return archive.Untar(f, opts.Output, nil) + return archive.Untar(f, opts.Output, &archive.TarOptions{NoLchown: true}) } func (ir *ImageEngine) Search(ctx context.Context, term string, opts entities.ImageSearchOptions) ([]entities.ImageSearchReport, error) { From cf1ad300bb32c30d2175f3f074606866d6960f1c Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Tue, 28 Nov 2023 15:45:14 -0500 Subject: [PATCH 086/170] utils: close a couple of ReadClosers utils.Tar() and utils.TarWithChroot() both return ReadClosers, but when we called them from utils.TarToFilesystem() and utils.TarChrootToFilesystem() respectively, they were not being closed. [NO NEW TESTS NEEDED] Signed-off-by: Nalin Dahyabhai --- utils/utils.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils/utils.go b/utils/utils.go index f73672c7a4fd..08b2fa37a0f0 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -77,6 +77,7 @@ func TarToFilesystem(source string, tarball *os.File) error { if err != nil { return err } + defer tb.Close() _, err = io.Copy(tarball, tb) if err != nil { return err @@ -98,6 +99,7 @@ func TarChrootToFilesystem(source string, tarball *os.File) error { if err != nil { return err } + defer tb.Close() _, err = io.Copy(tarball, tb) if err != nil { return err From 93bcd2a25d84cb8430e2c30cf378f77e039400e7 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 29 Nov 2023 13:06:50 +0100 Subject: [PATCH 087/170] fix podman-remote exec regression with v4.8 Commit f48a706abc added a new API endpoint to remove exec session correctly. And the bindings try to call that endpoint for exec every time. Now since client and server must not be the same version this causes a problem if a new 4.8 client calls an older 4.7 server as it has no idea about such endpoint and throws an ugly error. This is a common scenario for podman machine setups. The client does know the server version so it should make sure to not call such endpoint if the server is older than 4.8. I added a exec test to the machine tests as this can be reproduced with podman machine as at the moment at least the VM image does not contain podman 4.8. And it should at least make sure podman exec keeps working for podman machine without regressions. Fixes #20821 Signed-off-by: Paul Holzinger --- pkg/bindings/containers/exec.go | 7 ++++++- pkg/machine/e2e/basic_test.go | 8 +++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/pkg/bindings/containers/exec.go b/pkg/bindings/containers/exec.go index 9a73a656eae0..a536213a2231 100644 --- a/pkg/bindings/containers/exec.go +++ b/pkg/bindings/containers/exec.go @@ -114,10 +114,15 @@ func ExecStart(ctx context.Context, sessionID string, options *ExecStartOptions) // ExecRemove removes a given exec session. func ExecRemove(ctx context.Context, sessionID string, options *ExecRemoveOptions) error { + v := bindings.ServiceVersion(ctx) + // The exec remove endpoint was added in 4.8. + if v.Major < 4 || (v.Major == 4 && v.Minor < 8) { + // Do no call this endpoint as it will not be supported on the server and throw an "NOT FOUND" error. + return nil + } if options == nil { options = new(ExecRemoveOptions) } - _ = options conn, err := bindings.GetClient(ctx) if err != nil { return err diff --git a/pkg/machine/e2e/basic_test.go b/pkg/machine/e2e/basic_test.go index a1cfb71ef577..ab5c5c63127f 100644 --- a/pkg/machine/e2e/basic_test.go +++ b/pkg/machine/e2e/basic_test.go @@ -62,12 +62,18 @@ var _ = Describe("run basic podman commands", func() { Expect(err).ToNot(HaveOccurred()) Expect(session).To(Exit(0)) + ctrName := "test" bm := basicMachine{} - runAlp, err := mb.setCmd(bm.withPodmanCommand([]string{"run", "-dt", "-p", "62544:80", "quay.io/libpod/alpine_nginx"})).run() + runAlp, err := mb.setCmd(bm.withPodmanCommand([]string{"run", "-dt", "--name", ctrName, "-p", "62544:80", "quay.io/libpod/alpine_nginx"})).run() Expect(err).ToNot(HaveOccurred()) Expect(runAlp).To(Exit(0)) testHTTPServer("62544", false, "podman rulez") + // Test exec in machine scenario: https://github.com/containers/podman/issues/20821 + exec, err := mb.setCmd(bm.withPodmanCommand([]string{"exec", ctrName, "true"})).run() + Expect(err).ToNot(HaveOccurred()) + Expect(exec).To(Exit(0)) + out, err := pgrep("gvproxy") Expect(err).ToNot(HaveOccurred()) Expect(out).ToNot(BeEmpty()) From 8ee26220281bc5bbb6a2b72ab0cf5a2f120b1afa Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Wed, 29 Nov 2023 10:57:42 +0100 Subject: [PATCH 088/170] quadlet: Support systemd style dropin files For a source file like `foo.container`, look for drop in named `foo.container.d/*.conf` and merged them into the main file. The dropins are applied in alphabetical order, and files in earlier diretories override later files with same name. This is similar to how systemd dropins work, see: https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html Also adds some tests for these Signed-off-by: Alexander Larsson --- cmd/quadlet/main.go | 67 +++++++++++++++++++ docs/source/markdown/podman-systemd.unit.5.md | 7 ++ pkg/systemd/parser/unitfile.go | 4 +- test/e2e/quadlet/merged-override.container | 8 +++ .../merged-override.container.d/10-first.conf | 2 + .../20-second.conf | 4 ++ test/e2e/quadlet/merged.container | 8 +++ .../quadlet/merged.container.d/10-first.conf | 2 + .../quadlet/merged.container.d/20-second.conf | 2 + test/e2e/quadlet_test.go | 12 ++++ 10 files changed, 114 insertions(+), 2 deletions(-) create mode 100644 test/e2e/quadlet/merged-override.container create mode 100644 test/e2e/quadlet/merged-override.container.d/10-first.conf create mode 100644 test/e2e/quadlet/merged-override.container.d/20-second.conf create mode 100644 test/e2e/quadlet/merged.container create mode 100644 test/e2e/quadlet/merged.container.d/10-first.conf create mode 100644 test/e2e/quadlet/merged.container.d/20-second.conf diff --git a/cmd/quadlet/main.go b/cmd/quadlet/main.go index b36997b32a73..9c032427b0a4 100644 --- a/cmd/quadlet/main.go +++ b/cmd/quadlet/main.go @@ -242,6 +242,67 @@ func loadUnitsFromDir(sourcePath string) ([]*parser.UnitFile, error) { return units, prevError } +func loadUnitDropins(unit *parser.UnitFile, sourcePaths []string) error { + var prevError error + reportError := func(err error) { + if prevError != nil { + err = fmt.Errorf("%s\n%s", prevError, err) + } + prevError = err + } + + var dropinPaths = make(map[string]string) + for _, sourcePath := range sourcePaths { + dropinDir := path.Join(sourcePath, unit.Filename+".d") + + dropinFiles, err := os.ReadDir(dropinDir) + if err != nil { + if !errors.Is(err, os.ErrNotExist) { + reportError(fmt.Errorf("error reading directory %q, %w", dropinDir, err)) + } + + continue + } + + for _, dropinFile := range dropinFiles { + dropinName := dropinFile.Name() + if filepath.Ext(dropinName) != ".conf" { + continue // Only *.conf supported + } + + if _, ok := dropinPaths[dropinName]; ok { + continue // We already saw this name + } + + dropinPaths[dropinName] = path.Join(dropinDir, dropinName) + } + } + + dropinFiles := make([]string, len(dropinPaths)) + i := 0 + for k := range dropinPaths { + dropinFiles[i] = k + i++ + } + + // Merge in alpha-numerical order + sort.Strings(dropinFiles) + + for _, dropinFile := range dropinFiles { + dropinPath := dropinPaths[dropinFile] + + Debugf("Loading source drop-in file %s", dropinPath) + + if f, err := parser.ParseUnitFile(dropinPath); err != nil { + reportError(fmt.Errorf("error loading %q, %w", dropinPath, err)) + } else { + unit.Merge(f) + } + } + + return prevError +} + func generateServiceFile(service *parser.UnitFile) error { Debugf("writing %q", service.Path) @@ -456,6 +517,12 @@ func process() error { return prevError } + for _, unit := range units { + if err := loadUnitDropins(unit, sourcePaths); err != nil { + reportError(err) + } + } + if !dryRunFlag { err := os.MkdirAll(outputPath, os.ModePerm) if err != nil { diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 8101338a56b6..4969a84aca7b 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -47,6 +47,13 @@ Each file type has a custom section (for example, `[Container]`) that is handled other sections are passed on untouched, allowing the use of any normal systemd configuration options like dependencies or cgroup limits. +The source files also support drop-ins in the same [way systemd does](https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html). +For a given source file (say `foo.container`), the corresponding `.d`directory (in this +case `foo.container.d`) will be scanned for files with a `.conf` extension that are merged into +the base file in alphabetical order. The format of these drop-in files is the same as the base file. +This is useful to alter or add configuration settings for a unit, without having to modify unit +files. + For rootless containers, when administrators place Quadlet files in the /etc/containers/systemd/users directory, all users' sessions execute the Quadlet when the login session begins. If the administrator places a Quadlet diff --git a/pkg/systemd/parser/unitfile.go b/pkg/systemd/parser/unitfile.go index 963909f9d876..732daa2be4fb 100644 --- a/pkg/systemd/parser/unitfile.go +++ b/pkg/systemd/parser/unitfile.go @@ -182,7 +182,7 @@ func (f *UnitFile) ensureGroup(groupName string) *unitGroup { return g } -func (f *UnitFile) merge(source *UnitFile) { +func (f *UnitFile) Merge(source *UnitFile) { for _, srcGroup := range source.groups { group := f.ensureGroup(srcGroup.name) group.merge(srcGroup) @@ -193,7 +193,7 @@ func (f *UnitFile) merge(source *UnitFile) { func (f *UnitFile) Dup() *UnitFile { copy := NewUnitFile() - copy.merge(f) + copy.Merge(f) copy.Filename = f.Filename return copy } diff --git a/test/e2e/quadlet/merged-override.container b/test/e2e/quadlet/merged-override.container new file mode 100644 index 000000000000..d93a53b340a9 --- /dev/null +++ b/test/e2e/quadlet/merged-override.container @@ -0,0 +1,8 @@ +## assert-podman-final-args localhost/imagename +## !assert-podman-args --env "MAIN=mainvalue" +## !assert-podman-args --env "FIRST=value" +## assert-podman-args --env "SECOND=othervalue" + +[Container] +Image=localhost/imagename +Environment=MAIN=mainvalue diff --git a/test/e2e/quadlet/merged-override.container.d/10-first.conf b/test/e2e/quadlet/merged-override.container.d/10-first.conf new file mode 100644 index 000000000000..f6164d631e05 --- /dev/null +++ b/test/e2e/quadlet/merged-override.container.d/10-first.conf @@ -0,0 +1,2 @@ +[Container] +Environment=FIRST=value diff --git a/test/e2e/quadlet/merged-override.container.d/20-second.conf b/test/e2e/quadlet/merged-override.container.d/20-second.conf new file mode 100644 index 000000000000..5bfcdd44dcc8 --- /dev/null +++ b/test/e2e/quadlet/merged-override.container.d/20-second.conf @@ -0,0 +1,4 @@ +[Container] +# Empty previous +Environment= +Environment=SECOND=othervalue diff --git a/test/e2e/quadlet/merged.container b/test/e2e/quadlet/merged.container new file mode 100644 index 000000000000..3d19987fd0ca --- /dev/null +++ b/test/e2e/quadlet/merged.container @@ -0,0 +1,8 @@ +## assert-podman-final-args localhost/imagename +## assert-podman-args --env "MAIN=mainvalue" +## assert-podman-args --env "FIRST=value" +## assert-podman-args --env "SECOND=othervalue" + +[Container] +Image=localhost/imagename +Environment=MAIN=mainvalue diff --git a/test/e2e/quadlet/merged.container.d/10-first.conf b/test/e2e/quadlet/merged.container.d/10-first.conf new file mode 100644 index 000000000000..f6164d631e05 --- /dev/null +++ b/test/e2e/quadlet/merged.container.d/10-first.conf @@ -0,0 +1,2 @@ +[Container] +Environment=FIRST=value diff --git a/test/e2e/quadlet/merged.container.d/20-second.conf b/test/e2e/quadlet/merged.container.d/20-second.conf new file mode 100644 index 000000000000..f1dcaa61fc93 --- /dev/null +++ b/test/e2e/quadlet/merged.container.d/20-second.conf @@ -0,0 +1,2 @@ +[Container] +Environment=SECOND=othervalue diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index ad3061f4cdd2..c9c43d284971 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -664,6 +664,16 @@ BOGUS=foo err = os.WriteFile(filepath.Join(quadletDir, fileName), testcase.data, 0644) Expect(err).ToNot(HaveOccurred()) + // Also copy any extra snippets + dotdDir := filepath.Join("quadlet", fileName+".d") + if s, err := os.Stat(dotdDir); err == nil && s.IsDir() { + dotdDirDest := filepath.Join(quadletDir, fileName+".d") + err = os.Mkdir(dotdDirDest, os.ModePerm) + Expect(err).ToNot(HaveOccurred()) + err = CopyDirectory(dotdDir, dotdDirDest) + Expect(err).ToNot(HaveOccurred()) + } + // Run quadlet to convert the file session := podmanTest.Quadlet([]string{"--user", "--no-kmsg-log", generatedDir}, quadletDir) session.WaitWithDefaultTimeout() @@ -748,6 +758,8 @@ BOGUS=foo Entry("workingdir.container", "workingdir.container", 0, ""), Entry("Container - global args", "globalargs.container", 0, ""), Entry("Container - Containers Conf Modules", "containersconfmodule.container", 0, ""), + Entry("merged.container", "merged.container", 0, ""), + Entry("merged-override.container", "merged-override.container", 0, ""), Entry("basic.volume", "basic.volume", 0, ""), Entry("device-copy.volume", "device-copy.volume", 0, ""), From f35d1c1c2544e251bfbadb1ec217a88577636319 Mon Sep 17 00:00:00 2001 From: Urvashi Mohnani Date: Mon, 27 Nov 2023 10:07:31 -0500 Subject: [PATCH 089/170] Don't update health check status during initialDelaySeconds When InitialDelaySeconds in the kube yaml is set for a helthcheck, don't update the healthcheck status till those initial delay seconds are over. We were waiting to update for a failing healtcheck, but when the healthcheck was successful during the initial delay time, the status was being updated as healthy immediately. This is misleading to the users wondering why their healthcheck takes much longer to fail for a failing case while it is quick to succeed for a healthy case. It also doesn't match what the k8s InitialDelaySeconds does. This change is only for kube play, podman healthcheck run is unaffected. Signed-off-by: Urvashi Mohnani --- libpod/define/annotations.go | 4 ++ libpod/healthcheck.go | 11 +++- pkg/specgen/generate/kube/kube.go | 2 + test/system/700-play.bats | 106 ++++++++++++++++++++++++++++++ 4 files changed, 121 insertions(+), 2 deletions(-) diff --git a/libpod/define/annotations.go b/libpod/define/annotations.go index 29796533bd1f..f805b31daff7 100644 --- a/libpod/define/annotations.go +++ b/libpod/define/annotations.go @@ -153,6 +153,10 @@ const ( // of the container UlimitAnnotation = "io.podman.annotations.ulimit" + // KubeHealthCheckAnnotation is used by kube play to tell podman that any health checks should follow + // the k8s behavior of waiting for the intialDelaySeconds to be over before updating the status + KubeHealthCheckAnnotation = "io.podman.annotations.kube.health.check" + // MaxKubeAnnotation is the max length of annotations allowed by Kubernetes. MaxKubeAnnotation = 63 ) diff --git a/libpod/healthcheck.go b/libpod/healthcheck.go index f906562bc9cd..2df8b670e1ef 100644 --- a/libpod/healthcheck.go +++ b/libpod/healthcheck.go @@ -167,7 +167,7 @@ func (c *Container) runHealthCheck(ctx context.Context, isStartup bool) (define. } hcl := newHealthCheckLog(timeStart, timeEnd, returnCode, eventLog) - logStatus, err := c.updateHealthCheckLog(hcl, inStartPeriod) + logStatus, err := c.updateHealthCheckLog(hcl, inStartPeriod, isStartup) if err != nil { return hcResult, "", fmt.Errorf("unable to update health check log %s for %s: %w", c.healthCheckLogPath(), c.ID(), err) } @@ -375,10 +375,17 @@ func (c *Container) isUnhealthy() (bool, error) { } // UpdateHealthCheckLog parses the health check results and writes the log -func (c *Container) updateHealthCheckLog(hcl define.HealthCheckLog, inStartPeriod bool) (string, error) { +func (c *Container) updateHealthCheckLog(hcl define.HealthCheckLog, inStartPeriod, isStartup bool) (string, error) { c.lock.Lock() defer c.lock.Unlock() + // If we are playing a kube yaml then let's honor the start period time for + // both failing and succeeding cases to match kube behavior. + // So don't update the health check log till the start period is over + if _, ok := c.config.Spec.Annotations[define.KubeHealthCheckAnnotation]; ok && inStartPeriod && !isStartup { + return "", nil + } + healthCheck, err := c.getHealthCheckLog() if err != nil { return "", err diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index cebf3e5d13a3..f3e0b4920e0c 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -431,6 +431,8 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener s.Annotations[define.InspectAnnotationPublishAll] = publishAll } + s.Annotations[define.KubeHealthCheckAnnotation] = "true" + // Environment Variables envs := map[string]string{} for _, env := range imageData.Config.Env { diff --git a/test/system/700-play.bats b/test/system/700-play.bats index f58ebe729710..bb8d85ff4bae 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -821,3 +821,109 @@ EOF run_podman rmi $local_image } + +@test "podman kube play healthcheck should wait initialDelaySeconds before updating status (healthy)" { + fname="$PODMAN_TMPDIR/play_kube_healthy_$(random_string 6).yaml" + echo " +apiVersion: v1 +kind: Pod +metadata: + labels: + name: liveness-exec +spec: + containers: + - name: liveness + image: $IMAGE + args: + - /bin/sh + - -c + - touch /tmp/healthy && sleep 100 + livenessProbe: + exec: + command: + - cat + - /tmp/healthy + initialDelaySeconds: 3 + failureThreshold: 1 + periodSeconds: 1 +" > $fname + + run_podman kube play $fname + ctrName="liveness-exec-liveness" + + # Keep checking status. For the first 2 seconds it must be 'starting' + t0=$SECONDS + while [[ $SECONDS -le $((t0 + 2)) ]]; do + run_podman inspect $ctrName --format "1-{{.State.Health.Status}}" + assert "$output" == "1-starting" "Health.Status at $((SECONDS - t0))" + sleep 0.5 + done + + # After 3 seconds it may take another second to go healthy. Wait. + t0=$SECONDS + while [[ $SECONDS -le $((t0 + 3)) ]]; do + run_podman inspect $ctrName --format "2-{{.State.Health.Status}}" + if [[ "$output" = "2-healthy" ]]; then + break; + fi + sleep 0.5 + done + assert $output == "2-healthy" "After 3 seconds" + + run_podman kube down $fname + run_podman pod rm -a + run_podman rm -a +} + +@test "podman kube play healthcheck should wait initialDelaySeconds before updating status (unhealthy)" { + fname="$PODMAN_TMPDIR/play_kube_unhealthy_$(random_string 6).yaml" + echo " +apiVersion: v1 +kind: Pod +metadata: + labels: + name: liveness-exec +spec: + containers: + - name: liveness + image: $IMAGE + args: + - /bin/sh + - -c + - touch /tmp/healthy && sleep 100 + livenessProbe: + exec: + command: + - cat + - /tmp/randomfile + initialDelaySeconds: 3 + failureThreshold: 1 + periodSeconds: 1 +" > $fname + + run_podman kube play $fname + ctrName="liveness-exec-liveness" + + # Keep checking status. For the first 2 seconds it must be 'starting' + t0=$SECONDS + while [[ $SECONDS -le $((t0 + 2)) ]]; do + run_podman inspect $ctrName --format "1-{{.State.Health.Status}}" + assert "$output" == "1-starting" "Health.Status at $((SECONDS - t0))" + sleep 0.5 + done + + # After 3 seconds it may take another second to go unhealthy. Wait. + t0=$SECONDS + while [[ $SECONDS -le $((t0 + 3)) ]]; do + run_podman inspect $ctrName --format "2-{{.State.Health.Status}}" + if [[ "$output" = "2-unhealthy" ]]; then + break; + fi + sleep 0.5 + done + assert $output == "2-unhealthy" "After 3 seconds" + + run_podman kube down $fname + run_podman pod rm -a + run_podman rm -a +} From a5d11f40417bbf1cfa7fd702d6c45366e9303a77 Mon Sep 17 00:00:00 2001 From: Sander Maijers <3374183+sanmai-NL@users.noreply.github.com> Date: Wed, 29 Nov 2023 14:45:21 +0100 Subject: [PATCH 090/170] Set `BUILDAH_ISOLATION=chroot` within Podman containers See: https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container See: https://github.com/containers/podman/blob/06c41b614db11382579ff2931b9dd145f241b485/docs/source/markdown/options/isolation.md Signed-off-by: Sander Maijers <3374183+sanmai-NL@users.noreply.github.com> --- contrib/podmanimage/upstream/Containerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/contrib/podmanimage/upstream/Containerfile b/contrib/podmanimage/upstream/Containerfile index d5ddef106e3a..e31b94746f3b 100644 --- a/contrib/podmanimage/upstream/Containerfile +++ b/contrib/podmanimage/upstream/Containerfile @@ -64,4 +64,5 @@ RUN mkdir -p /var/lib/shared/overlay-images \ touch /var/lib/shared/vfs-images/images.lock && \ touch /var/lib/shared/vfs-layers/layers.lock -ENV _CONTAINERS_USERNS_CONFIGURED="" +ENV _CONTAINERS_USERNS_CONFIGURED="" \ + BUILDAH_ISOLATION=chroot From 86296ff8da2dc33e5d11907c4207447a6289ec5a Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 29 Nov 2023 15:27:25 +0100 Subject: [PATCH 091/170] pkg/bindings: add new APIVersionError error type When a new API call is added to the bindings we should guard it based on the version and throw a useful error. Right now an old server that does not implement a given endpoint would throw a "NOT FOUND" error which is not good for callers. Instead implement a custom error type to give a usefule error instead. This allows bindings users to call errors.As() to know if they call and to old version. Signed-off-by: Paul Holzinger --- pkg/bindings/containers/exec.go | 2 +- pkg/bindings/errors.go | 24 ++++++++++++++++++++++++ pkg/domain/infra/tunnel/containers.go | 6 ++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/pkg/bindings/containers/exec.go b/pkg/bindings/containers/exec.go index a536213a2231..395ef06dda45 100644 --- a/pkg/bindings/containers/exec.go +++ b/pkg/bindings/containers/exec.go @@ -118,7 +118,7 @@ func ExecRemove(ctx context.Context, sessionID string, options *ExecRemoveOption // The exec remove endpoint was added in 4.8. if v.Major < 4 || (v.Major == 4 && v.Minor < 8) { // Do no call this endpoint as it will not be supported on the server and throw an "NOT FOUND" error. - return nil + return bindings.NewAPIVersionError("/exec/{id}/remove", v, "4.8.0") } if options == nil { options = new(ExecRemoveOptions) diff --git a/pkg/bindings/errors.go b/pkg/bindings/errors.go index 039d2187b4a0..a7cbeb30ae91 100644 --- a/pkg/bindings/errors.go +++ b/pkg/bindings/errors.go @@ -6,6 +6,7 @@ import ( "fmt" "io" + "github.com/blang/semver/v4" "github.com/containers/podman/v4/pkg/errorhandling" ) @@ -61,3 +62,26 @@ func CheckResponseCode(inError error) (int, error) { return -1, errors.New("is not type ErrorModel") } } + +type APIVersionError struct { + endpoint string + serverVersion *semver.Version + requiredVersion string +} + +// NewAPIVersionError create bindings error when the endpoint on the server is not supported +// because the version is to old. +// - endpoint is the name fo the endpoint (e.g. /containers/json) +// - version is the server API version +// - requiredVersion is the server version need to use said endpoint +func NewAPIVersionError(endpoint string, version *semver.Version, requiredVersion string) *APIVersionError { + return &APIVersionError{ + endpoint: endpoint, + serverVersion: version, + requiredVersion: requiredVersion, + } +} + +func (e *APIVersionError) Error() string { + return fmt.Sprintf("API server version is %s, need at least %s to call %s", e.serverVersion.String(), e.requiredVersion, e.endpoint) +} diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 81d092ab4ed4..34ca1a91fd00 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -17,6 +17,7 @@ import ( "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/libpod/events" "github.com/containers/podman/v4/pkg/api/handlers" + "github.com/containers/podman/v4/pkg/bindings" "github.com/containers/podman/v4/pkg/bindings/containers" "github.com/containers/podman/v4/pkg/bindings/images" "github.com/containers/podman/v4/pkg/domain/entities" @@ -588,6 +589,11 @@ func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrID string, o } defer func() { if err := containers.ExecRemove(ic.ClientCtx, sessionID, nil); err != nil { + apiErr := new(bindings.APIVersionError) + if errors.As(err, &apiErr) { + // if the API is to old do not throw an error + return + } if retErr == nil { exitCode = -1 retErr = err From 3e70415089a403167ef569a08b2ff770ea924da2 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 29 Nov 2023 06:58:20 -0700 Subject: [PATCH 092/170] Gating test fixes Two newly-added tests, fail in gating: - system connection: difference in how sockets are set up between CI and gating - ulimit: gating seems to run with ulimit -c -H 0. Check, and skip if ulimit is less than what we need Signed-off-by: Ed Santiago --- test/system/030-run.bats | 3 +++ test/system/272-system-connection.bats | 21 ++++++++++++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 3513e7c925cd..6729a0f5a7ea 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -1159,6 +1159,9 @@ EOF if is_rootless; then run ulimit -c -H max=$output + if [[ "$max" != "unlimited" ]] && [[ $max -lt 1000 ]]; then + skip "ulimit -c == $max, test requires >= 1000" + fi fi run_podman run --ulimit core=-1:-1 --rm $IMAGE grep core /proc/self/limits diff --git a/test/system/272-system-connection.bats b/test/system/272-system-connection.bats index d146d6cd5ab3..028bd4b0a121 100644 --- a/test/system/272-system-connection.bats +++ b/test/system/272-system-connection.bats @@ -187,6 +187,10 @@ $c2[ ]\+tcp://localhost:54321[ ]\+true" \ # 3. ActiveService from containers.conf # 4. RemoteURI + # Prerequisite check: there must be no defined system connections + run_podman system connection ls -q + assert "$output" = "" "This test requires an empty list of system connections" + # setup run_podman 0+w system connection add defaultconnection unix:///run/user/defaultconnection/podman/podman.sock run_podman 0+w system connection add env-override unix:///run/user/env-override/podman/podman.sock @@ -232,9 +236,20 @@ $c2[ ]\+tcp://localhost:54321[ ]\+true" \ run_podman system connection rm env-override run_podman system connection rm cli-override - _run_podman_remote 125 --remote ps - assert "$output" =~ "/run/[a-z0-9/]*podman/podman.sock"\ - "test absence of default connection" + # With all system connections removed, test the default connection. + # This only works in upstream CI, where we run with a nonstandard socket. + # In gating we use the default /run/... + run_podman info --format '{{.Host.RemoteSocket.Path}}' + local sock="$output" + if [[ "$sock" =~ //run/ ]]; then + _run_podman_remote --remote info --format '{{.Host.RemoteSocket.Path}}' + assert "$output" = "$sock" "podman-remote is using default socket path" + else + # Nonstandard socket + _run_podman_remote 125 --remote ps + assert "$output" =~ "/run/[a-z0-9/]*podman/podman.sock"\ + "test absence of default connection" + fi } # vim: filetype=sh From 55373dcce0b26c125c140ce174b33ef541b680ba Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Wed, 29 Nov 2023 10:17:54 -0500 Subject: [PATCH 093/170] Vendor c/common Vendor c/common@main Signed-off-by: Ashley Cui --- go.mod | 4 ++-- go.sum | 8 ++++---- .../containers/common/libnetwork/netavark/exec.go | 3 +++ .../containers/common/libnetwork/netavark/network.go | 7 +++++++ .../containers/common/libnetwork/network/interface.go | 1 + vendor/github.com/containers/common/pkg/config/config.go | 3 +++ .../containers/common/pkg/config/config_darwin.go | 4 ++-- .../containers/common/pkg/config/containers.conf | 8 ++++++++ vendor/github.com/containers/common/pkg/config/default.go | 4 +++- vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md | 6 ++++++ .../onsi/ginkgo/v2/ginkgo/internal/test_suite.go | 6 +++--- .../onsi/ginkgo/v2/ginkgo/watch/dependencies.go | 2 +- .../onsi/ginkgo/v2/ginkgo/watch/package_hash.go | 4 ++-- vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go | 6 ++++-- vendor/github.com/onsi/ginkgo/v2/types/code_location.go | 2 +- vendor/github.com/onsi/ginkgo/v2/types/version.go | 2 +- vendor/modules.txt | 4 ++-- 17 files changed, 53 insertions(+), 21 deletions(-) diff --git a/go.mod b/go.mod index 7f660bd15082..c9b1d5f2eced 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c - github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 + github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 @@ -46,7 +46,7 @@ require ( github.com/mdlayher/vsock v1.2.1 github.com/moby/term v0.5.0 github.com/nxadm/tail v1.4.11 - github.com/onsi/ginkgo/v2 v2.13.1 + github.com/onsi/ginkgo/v2 v2.13.2 github.com/onsi/gomega v1.30.0 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0-rc5 diff --git a/go.sum b/go.sum index e80530dfd01d..41a14393602e 100644 --- a/go.sum +++ b/go.sum @@ -256,8 +256,8 @@ github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= -github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 h1:CMtIWhUBDpOFPNUDiYUYiWC5ducrYPdynWAsB4jAX8k= -github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105/go.mod h1:9gSqpih8l6jSGOC0D28Bic4Yx1GuYKFH+MUZhr+sGkg= +github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f h1:palKvEWcNCW+mhh4hmOI/IpFthhnVwoRGOTlbTDpqE0= +github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f/go.mod h1:FlJBjxfbI9s1o7VROe/2fiN8kvgO29/qa3dPDCaX3og= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= @@ -833,8 +833,8 @@ github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= -github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= +github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= diff --git a/vendor/github.com/containers/common/libnetwork/netavark/exec.go b/vendor/github.com/containers/common/libnetwork/netavark/exec.go index 20934a3f9abc..f2c82359adbb 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/exec.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/exec.go @@ -86,6 +86,9 @@ func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, re if n.dnsBindPort != 0 { env = append(env, "NETAVARK_DNS_PORT="+strconv.Itoa(int(n.dnsBindPort))) } + if n.firewallDriver != "" { + env = append(env, "NETAVARK_FW="+n.firewallDriver) + } return n.execBinary(n.netavarkBinary, append(n.getCommonNetavarkOptions(needPlugin), args...), stdin, result, env) } diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index 0d323db28b13..5921167491e2 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -36,6 +36,9 @@ type netavarkNetwork struct { // aardvarkBinary is the path to the aardvark binary. aardvarkBinary string + // firewallDriver sets the firewall driver to use + firewallDriver string + // defaultNetwork is the name for the default network. defaultNetwork string // defaultSubnet is the default subnet for the default network. @@ -79,6 +82,9 @@ type InitConfig struct { // NetworkRunDir is where temporary files are stored, i.e.the ipam db, aardvark config NetworkRunDir string + // FirewallDriver sets the firewall driver to use + FirewallDriver string + // DefaultNetwork is the name for the default network. DefaultNetwork string // DefaultSubnet is the default subnet for the default network. @@ -146,6 +152,7 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { aardvarkBinary: conf.AardvarkBinary, networkRootless: unshare.IsRootless(), ipamDBPath: filepath.Join(conf.NetworkRunDir, "ipam.db"), + firewallDriver: conf.FirewallDriver, defaultNetwork: defaultNetworkName, defaultSubnet: defaultNet, defaultsubnetPools: defaultSubnetPools, diff --git a/vendor/github.com/containers/common/libnetwork/network/interface.go b/vendor/github.com/containers/common/libnetwork/network/interface.go index aeac8d9c15bb..b3a5f2aec352 100644 --- a/vendor/github.com/containers/common/libnetwork/network/interface.go +++ b/vendor/github.com/containers/common/libnetwork/network/interface.go @@ -82,6 +82,7 @@ func NetworkBackend(store storage.Store, conf *config.Config, syslog bool) (type NetavarkBinary: netavarkBin, AardvarkBinary: aardvarkBin, PluginDirs: conf.Network.NetavarkPluginDirs.Get(), + FirewallDriver: conf.Network.FirewallDriver, DefaultNetwork: conf.Network.DefaultNetwork, DefaultSubnet: conf.Network.DefaultSubnet, DefaultsubnetPools: conf.Network.DefaultSubnetPools, diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go index 75b917f013ea..d25dd019a26d 100644 --- a/vendor/github.com/containers/common/pkg/config/config.go +++ b/vendor/github.com/containers/common/pkg/config/config.go @@ -567,6 +567,9 @@ type NetworkConfig struct { // NetavarkPluginDirs is a list of directories which contain netavark plugins. NetavarkPluginDirs attributedstring.Slice `toml:"netavark_plugin_dirs,omitempty"` + // FirewallDriver is the firewall driver to be used + FirewallDriver string `toml:"firewall_driver,omitempty"` + // DefaultNetwork is the network name of the default network // to attach pods to. DefaultNetwork string `toml:"default_network,omitempty"` diff --git a/vendor/github.com/containers/common/pkg/config/config_darwin.go b/vendor/github.com/containers/common/pkg/config/config_darwin.go index eb83733d46b8..1b40e2bae70c 100644 --- a/vendor/github.com/containers/common/pkg/config/config_darwin.go +++ b/vendor/github.com/containers/common/pkg/config/config_darwin.go @@ -32,6 +32,8 @@ func ifRootlessConfigPath() (string, error) { } var defaultHelperBinariesDir = []string{ + // Relative to the binary directory + "$BINDIR/../libexec/podman", // Homebrew install paths "/usr/local/opt/podman/libexec/podman", "/opt/homebrew/opt/podman/libexec/podman", @@ -42,6 +44,4 @@ var defaultHelperBinariesDir = []string{ "/usr/local/lib/podman", "/usr/libexec/podman", "/usr/lib/podman", - // Relative to the binary directory - "$BINDIR/../libexec/podman", } diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf index 8c532f0798c4..22c4339718f7 100644 --- a/vendor/github.com/containers/common/pkg/config/containers.conf +++ b/vendor/github.com/containers/common/pkg/config/containers.conf @@ -340,6 +340,14 @@ default_sysctls = [ # "/usr/lib/netavark", #] +# The firewall driver to be used by netavark. +# The default is empty which means netavark will pick one accordingly. Current supported +# drivers are "iptables", "none" (no firewall rules will be created) and "firewalld" (firewalld is +# experimental at the moment and not recommend outside of testing). In the future we are +# planning to add support for a "nftables" driver. +#firewall_driver = "" + + # The network name of the default network to attach pods to. # #default_network = "podman" diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go index 3b0bf913bd63..9e65d5c2014f 100644 --- a/vendor/github.com/containers/common/pkg/config/default.go +++ b/vendor/github.com/containers/common/pkg/config/default.go @@ -253,6 +253,7 @@ func defaultConfig() (*Config, error) { Volumes: attributedstring.Slice{}, }, Network: NetworkConfig{ + FirewallDriver: "", DefaultNetwork: "podman", DefaultSubnet: DefaultSubnet, DefaultSubnetPools: DefaultSubnetPools, @@ -339,7 +340,8 @@ func defaultEngineConfig() (*EngineConfig, error) { c.HelperBinariesDir.Set(defaultHelperBinariesDir) if additionalHelperBinariesDir != "" { - c.HelperBinariesDir.Set(append(c.HelperBinariesDir.Get(), additionalHelperBinariesDir)) + // Prioritize addtionalHelperBinariesDir over defaults. + c.HelperBinariesDir.Set(append([]string{additionalHelperBinariesDir}, c.HelperBinariesDir.Get()...)) } c.HooksDir.Set(DefaultHooksDirs) c.ImageDefaultTransport = _defaultTransport diff --git a/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md b/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md index 102bb529fd5b..ec91408f9903 100644 --- a/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md +++ b/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md @@ -1,3 +1,9 @@ +## 2.13.2 + +### Fixes +- Fix file handler leak (#1309) [e2e81c8] +- Avoid allocations with `(*regexp.Regexp).MatchString` (#1302) [3b2a2a7] + ## 2.13.1 ### Fixes diff --git a/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go b/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go index f3ae13bb144c..df99875be204 100644 --- a/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go +++ b/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go @@ -226,7 +226,7 @@ func suitesInDir(dir string, recurse bool) TestSuites { files, _ := os.ReadDir(dir) re := regexp.MustCompile(`^[^._].*_test\.go$`) for _, file := range files { - if !file.IsDir() && re.Match([]byte(file.Name())) { + if !file.IsDir() && re.MatchString(file.Name()) { suite := TestSuite{ Path: relPath(dir), PackageName: packageNameForSuite(dir), @@ -241,7 +241,7 @@ func suitesInDir(dir string, recurse bool) TestSuites { if recurse { re = regexp.MustCompile(`^[._]`) for _, file := range files { - if file.IsDir() && !re.Match([]byte(file.Name())) { + if file.IsDir() && !re.MatchString(file.Name()) { suites = append(suites, suitesInDir(dir+"/"+file.Name(), recurse)...) } } @@ -272,7 +272,7 @@ func filesHaveGinkgoSuite(dir string, files []os.DirEntry) bool { reGinkgo := regexp.MustCompile(`package ginkgo|\/ginkgo"|\/ginkgo\/v2"|\/ginkgo\/v2/dsl/`) for _, file := range files { - if !file.IsDir() && reTestFile.Match([]byte(file.Name())) { + if !file.IsDir() && reTestFile.MatchString(file.Name()) { contents, _ := os.ReadFile(dir + "/" + file.Name()) if reGinkgo.Match(contents) { return true diff --git a/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go b/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go index f5ddff30fc76..a34d94354d9b 100644 --- a/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go +++ b/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go @@ -78,7 +78,7 @@ func (d Dependencies) resolveAndAdd(deps []string, depth int) { if err != nil { continue } - if !pkg.Goroot && (!ginkgoAndGomegaFilter.Match([]byte(pkg.Dir)) || ginkgoIntegrationTestFilter.Match([]byte(pkg.Dir))) { + if !pkg.Goroot && (!ginkgoAndGomegaFilter.MatchString(pkg.Dir) || ginkgoIntegrationTestFilter.MatchString(pkg.Dir)) { d.addDepIfNotPresent(pkg.Dir, depth) } } diff --git a/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go b/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go index e9f7ec0cb3b0..17d052bdc3c1 100644 --- a/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go +++ b/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go @@ -79,7 +79,7 @@ func (p *PackageHash) computeHashes() (codeHash string, codeModifiedTime time.Ti continue } - if goTestRegExp.Match([]byte(info.Name())) { + if goTestRegExp.MatchString(info.Name()) { testHash += p.hashForFileInfo(info) if info.ModTime().After(testModifiedTime) { testModifiedTime = info.ModTime() @@ -87,7 +87,7 @@ func (p *PackageHash) computeHashes() (codeHash string, codeModifiedTime time.Ti continue } - if p.watchRegExp.Match([]byte(info.Name())) { + if p.watchRegExp.MatchString(info.Name()) { codeHash += p.hashForFileInfo(info) if info.ModTime().After(codeModifiedTime) { codeModifiedTime = info.ModTime() diff --git a/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go b/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go index be506f9b472d..5d3e8db994bb 100644 --- a/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go +++ b/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go @@ -18,6 +18,7 @@ func GenerateJSONReport(report types.Report, destination string) error { if err != nil { return err } + defer f.Close() enc := json.NewEncoder(f) enc.SetIndent("", " ") err = enc.Encode([]types.Report{ @@ -26,7 +27,7 @@ func GenerateJSONReport(report types.Report, destination string) error { if err != nil { return err } - return f.Close() + return nil } // MergeJSONReports produces a single JSON-formatted report at the passed in destination by merging the JSON-formatted reports provided in sources @@ -57,11 +58,12 @@ func MergeAndCleanupJSONReports(sources []string, destination string) ([]string, if err != nil { return messages, err } + defer f.Close() enc := json.NewEncoder(f) enc.SetIndent("", " ") err = enc.Encode(allReports) if err != nil { return messages, err } - return messages, f.Close() + return messages, nil } diff --git a/vendor/github.com/onsi/ginkgo/v2/types/code_location.go b/vendor/github.com/onsi/ginkgo/v2/types/code_location.go index 9cd5768170a4..57e87517e076 100644 --- a/vendor/github.com/onsi/ginkgo/v2/types/code_location.go +++ b/vendor/github.com/onsi/ginkgo/v2/types/code_location.go @@ -149,7 +149,7 @@ func PruneStack(fullStackTrace string, skip int) string { re := regexp.MustCompile(`\/ginkgo\/|\/pkg\/testing\/|\/pkg\/runtime\/`) for i := 0; i < len(stack)/2; i++ { // We filter out based on the source code file name. - if !re.Match([]byte(stack[i*2+1])) { + if !re.MatchString(stack[i*2+1]) { prunedStack = append(prunedStack, stack[i*2]) prunedStack = append(prunedStack, stack[i*2+1]) } diff --git a/vendor/github.com/onsi/ginkgo/v2/types/version.go b/vendor/github.com/onsi/ginkgo/v2/types/version.go index 7a794d87a1e1..a4a1524b4fd0 100644 --- a/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.13.1" +const VERSION = "2.13.2" diff --git a/vendor/modules.txt b/vendor/modules.txt index a348c03d9e5e..652b100c642f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.1-0.20231127171932-3cec82a37105 +# github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -811,7 +811,7 @@ github.com/nxadm/tail/winfile # github.com/oklog/ulid v1.3.1 ## explicit github.com/oklog/ulid -# github.com/onsi/ginkgo/v2 v2.13.1 +# github.com/onsi/ginkgo/v2 v2.13.2 ## explicit; go 1.18 github.com/onsi/ginkgo/v2 github.com/onsi/ginkgo/v2/config From d4ac2f3dd52b8962f238fcb48ab5b00d8dd3aab1 Mon Sep 17 00:00:00 2001 From: Doug Rabson Date: Wed, 29 Nov 2023 16:07:03 +0000 Subject: [PATCH 094/170] libpod: Allow using just one jail per container on FreeBSD In FreeBSD-14.0, it is possible to configure a jail's network settings from outside the jail using ifconfig and route's new '-j' option. This removes the need for a separate jail to own the container's vnet. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson --- libpod/container_internal_freebsd.go | 19 ++++---- libpod/networking_freebsd.go | 50 ++++++++++++++-------- pkg/specgen/generate/namespaces.go | 2 +- pkg/specgen/generate/namespaces_freebsd.go | 8 ++++ pkg/specgen/generate/namespaces_linux.go | 4 ++ 5 files changed, 56 insertions(+), 27 deletions(-) diff --git a/libpod/container_internal_freebsd.go b/libpod/container_internal_freebsd.go index 2ecb931f2d67..6ad8dd853e9f 100644 --- a/libpod/container_internal_freebsd.go +++ b/libpod/container_internal_freebsd.go @@ -194,15 +194,18 @@ func openDirectory(path string) (fd int, err error) { func (c *Container) addNetworkNamespace(g *generate.Generator) error { if c.config.CreateNetNS { - if c.state.NetNS == "" { - // This should not happen since network setup - // errors should be propagated correctly from - // (*Runtime).createNetNS. Check for it anyway - // since it caused nil pointer dereferences in - // the past (see #16333). - return fmt.Errorf("Inconsistent state: c.config.CreateNetNS is set but c.state.NetNS is nil") + // If PostConfigureNetNS is set (which is true on FreeBSD 13.3 + // and later), we can manage a container's network settings + // without an extra parent jail to own the vnew. + // + // In this case, the OCI runtime creates a new vnet for the + // container jail, otherwise it creates the container jail as a + // child of the jail owning the vnet. + if c.config.PostConfigureNetNS { + g.AddAnnotation("org.freebsd.jail.vnet", "new") + } else { + g.AddAnnotation("org.freebsd.parentJail", c.state.NetNS) } - g.AddAnnotation("org.freebsd.parentJail", c.state.NetNS) } return nil } diff --git a/libpod/networking_freebsd.go b/libpod/networking_freebsd.go index 75cb4fc80d0e..a81551f6ecba 100644 --- a/libpod/networking_freebsd.go +++ b/libpod/networking_freebsd.go @@ -109,10 +109,14 @@ func getSlirp4netnsIP(subnet *net.IPNet) (*net.IP, error) { return nil, errors.New("not implemented GetSlirp4netnsIP") } -// While there is code in container_internal.go which calls this, in -// my testing network creation always seems to go through createNetNS. +// This is called after the container's jail is created but before its +// started. We can use this to initialise the container's vnet when we don't +// have a separate vnet jail (which is the case in FreeBSD 13.3 and later). func (r *Runtime) setupNetNS(ctr *Container) error { - return errors.New("not implemented (*Runtime) setupNetNS") + networkStatus, err := r.configureNetNS(ctr, ctr.ID()) + ctr.state.NetNS = ctr.ID() + ctr.state.NetworkStatus = networkStatus + return err } // Create and configure a new network namespace for a container @@ -197,22 +201,24 @@ func (r *Runtime) teardownNetNS(ctr *Container) error { } if ctr.state.NetNS != "" { - // Rather than destroying the jail immediately, reset the - // persist flag so that it will live until the container is - // done. - netjail, err := jail.FindByName(ctr.state.NetNS) - if err != nil { - return fmt.Errorf("finding network jail %s: %w", ctr.state.NetNS, err) - } - jconf := jail.NewConfig() - jconf.Set("persist", false) - if err := netjail.Set(jconf); err != nil { - return fmt.Errorf("releasing network jail %s: %w", ctr.state.NetNS, err) + // If PostConfigureNetNS is false, then we are running with a + // separate vnet jail so we need to clean that up now. + if !ctr.config.PostConfigureNetNS { + // Rather than destroying the jail immediately, reset the + // persist flag so that it will live until the container is + // done. + netjail, err := jail.FindByName(ctr.state.NetNS) + if err != nil { + return fmt.Errorf("finding network jail %s: %w", ctr.state.NetNS, err) + } + jconf := jail.NewConfig() + jconf.Set("persist", false) + if err := netjail.Set(jconf); err != nil { + return fmt.Errorf("releasing network jail %s: %w", ctr.state.NetNS, err) + } } - ctr.state.NetNS = "" } - return nil } @@ -226,10 +232,18 @@ func getContainerNetIO(ctr *Container) (*LinkStatistics64, error) { return nil, nil } - cmd := exec.Command("jexec", ctr.state.NetNS, "netstat", "-bi", "--libxo", "json") + // First try running 'netstat -j' - this lets us retrieve stats from + // containers which don't have a separate vnet jail. + cmd := exec.Command("netstat", "-j", ctr.state.NetNS, "-bi", "--libxo", "json") out, err := cmd.Output() if err != nil { - return nil, err + // Fall back to using jexec so that this still works on 13.2 + // which does not have the -j flag. + cmd := exec.Command("jexec", ctr.state.NetNS, "netstat", "-bi", "--libxo", "json") + out, err = cmd.Output() + } + if err != nil { + return nil, fmt.Errorf("failed to read network stats: %v", err) } stats := Netstat{} if err := jdec.Unmarshal(out, &stats); err != nil { diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go index f8c827c626bc..c151738d1cb3 100644 --- a/pkg/specgen/generate/namespaces.go +++ b/pkg/specgen/generate/namespaces.go @@ -296,7 +296,7 @@ func namespaceOptions(s *specgen.SpecGenerator, rt *libpod.Runtime, pod *libpod. toReturn = append(toReturn, libpod.WithCgroupsMode(s.CgroupsMode)) } - postConfigureNetNS := !s.UserNS.IsHost() + postConfigureNetNS := needPostConfigureNetNS(s) switch s.NetNS.NSMode { case specgen.FromPod: diff --git a/pkg/specgen/generate/namespaces_freebsd.go b/pkg/specgen/generate/namespaces_freebsd.go index 4fb6a4c51de9..40ac22964d97 100644 --- a/pkg/specgen/generate/namespaces_freebsd.go +++ b/pkg/specgen/generate/namespaces_freebsd.go @@ -7,6 +7,7 @@ import ( "fmt" "os" + "github.com/containers/buildah/pkg/jail" "github.com/containers/podman/v4/libpod" "github.com/containers/podman/v4/pkg/specgen" "github.com/opencontainers/runtime-tools/generate" @@ -52,3 +53,10 @@ func specConfigureNamespaces(s *specgen.SpecGenerator, g *generate.Generator, rt return nil } + +// On FreeBSD 13.3 and later, we can avoid creating a separate vnet jail but +// only if we can initialise the network after the OCI container is created - +// the OCI container will own the vnet in this case. +func needPostConfigureNetNS(s *specgen.SpecGenerator) bool { + return jail.NeedVnetJail() == false +} diff --git a/pkg/specgen/generate/namespaces_linux.go b/pkg/specgen/generate/namespaces_linux.go index 1ff539ac4a48..265937e0ba11 100644 --- a/pkg/specgen/generate/namespaces_linux.go +++ b/pkg/specgen/generate/namespaces_linux.go @@ -159,3 +159,7 @@ func specConfigureNamespaces(s *specgen.SpecGenerator, g *generate.Generator, rt return nil } + +func needPostConfigureNetNS(s *specgen.SpecGenerator) bool { + return !s.UserNS.IsHost() +} From 5b3d82f9bcb0170aa1fcb8695f101dbb4db898b5 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 29 Nov 2023 17:03:28 +0100 Subject: [PATCH 095/170] sqlite: set busy timeout to 100s Only one process can write to the sqlite db at the same time, if another process tries to use it at that time it fails and a database is locked error is returned. If this happens sqlite should keep retrying until it can write. To do that we can just set the _busy_timeout option. A 100s timeout should be enough even on slower systems but not to much in case there is a deadlock so it still returns in a reasonable time. [NO NEW TESTS NEEDED] I think we strongly need to consider some form of parallel stress testing to catch bugs like this. Fixes #20809 Signed-off-by: Paul Holzinger --- libpod/sqlite_state.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index e3bd5022fe37..2dc1bb384fe3 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -40,13 +40,17 @@ const ( sqliteOptionForeignKeys = "&_foreign_keys=1" // Make sure that transactions happen exclusively. sqliteOptionTXLock = "&_txlock=exclusive" + // Make sure busy timeout is set to high value to keep retying when the db is locked. + // Timeout is in ms, so set it to 100s to have enough time to retry the operations. + sqliteOptionBusyTimeout = "&_busy_timeout=100000" // Assembled sqlite options used when opening the database. sqliteOptions = "db.sql?" + sqliteOptionLocation + sqliteOptionSynchronous + sqliteOptionForeignKeys + - sqliteOptionTXLock + sqliteOptionTXLock + + sqliteOptionBusyTimeout ) // NewSqliteState creates a new SQLite-backed state database. From d5cf46e80748bf85a853fc3a72229269f14e7d64 Mon Sep 17 00:00:00 2001 From: kaivol Date: Mon, 20 Nov 2023 17:21:11 +0100 Subject: [PATCH 096/170] support lookup of intermediate IDs in gidmapping/uidmapping options in userns=auto Closes #20699 Signed-off-by: kaivol --- .../markdown/options/userns.container.md | 4 + pkg/domain/infra/runtime_libpod.go | 2 +- pkg/namespaces/namespaces.go | 44 ----- pkg/util/utils.go | 158 +++++++++++++++++- pkg/util/utils_test.go | 36 ++++ 5 files changed, 198 insertions(+), 46 deletions(-) diff --git a/docs/source/markdown/options/userns.container.md b/docs/source/markdown/options/userns.container.md index ff975ccf2b8d..515e9302fd93 100644 --- a/docs/source/markdown/options/userns.container.md +++ b/docs/source/markdown/options/userns.container.md @@ -48,6 +48,10 @@ Using `--userns=auto` when starting new containers does not work as long as any - *size*=_SIZE_: to specify an explicit size for the automatic user namespace. e.g. `--userns=auto:size=8192`. If `size` is not specified, `auto` estimates a size for the user namespace. - *uidmapping*=_CONTAINER\_UID:HOST\_UID:SIZE_: to force a UID mapping to be present in the user namespace. +The host UID and GID in *gidmapping* and *uidmapping* can optionally be prefixed with the `@` symbol. +In this case, podman will look up the intermediate ID corresponding to host ID and it will map the found intermediate ID to the container id. +For details see **--uidmap**. + **container:**_id_: join the user namespace of the specified container. **host** or **""** (empty string): run in the user namespace of the caller. The processes running in the container have the same privileges on the host as any other process launched by the calling user. diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go index d598b1dd398a..098efea6f67b 100644 --- a/pkg/domain/infra/runtime_libpod.go +++ b/pkg/domain/infra/runtime_libpod.go @@ -282,7 +282,7 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin options.HostUIDMapping = false options.HostGIDMapping = false options.AutoUserNs = true - opts, err := mode.GetAutoOptions() + opts, err := util.GetAutoOptions(mode) if err != nil { return nil, err } diff --git a/pkg/namespaces/namespaces.go b/pkg/namespaces/namespaces.go index 1ca1f9a2e00a..2731fe95ad17 100644 --- a/pkg/namespaces/namespaces.go +++ b/pkg/namespaces/namespaces.go @@ -4,8 +4,6 @@ import ( "fmt" "strconv" "strings" - - "github.com/containers/storage/types" ) const ( @@ -122,48 +120,6 @@ func (n UsernsMode) IsDefaultValue() bool { return n == "" || n == defaultType } -// GetAutoOptions returns an AutoUserNsOptions with the settings to automatically set up -// a user namespace. -func (n UsernsMode) GetAutoOptions() (*types.AutoUserNsOptions, error) { - parts := strings.SplitN(string(n), ":", 2) - if parts[0] != "auto" { - return nil, fmt.Errorf("wrong user namespace mode") - } - options := types.AutoUserNsOptions{} - if len(parts) == 1 { - return &options, nil - } - for _, o := range strings.Split(parts[1], ",") { - v := strings.SplitN(o, "=", 2) - if len(v) != 2 { - return nil, fmt.Errorf("invalid option specified: %q", o) - } - switch v[0] { - case "size": - s, err := strconv.ParseUint(v[1], 10, 32) - if err != nil { - return nil, err - } - options.Size = uint32(s) - case "uidmapping": - mapping, err := types.ParseIDMapping([]string{v[1]}, nil, "", "") - if err != nil { - return nil, err - } - options.AdditionalUIDMappings = append(options.AdditionalUIDMappings, mapping.UIDMap...) - case "gidmapping": - mapping, err := types.ParseIDMapping(nil, []string{v[1]}, "", "") - if err != nil { - return nil, err - } - options.AdditionalGIDMappings = append(options.AdditionalGIDMappings, mapping.GIDMap...) - default: - return nil, fmt.Errorf("unknown option specified: %q", v[0]) - } - } - return &options, nil -} - // GetKeepIDOptions returns a KeepIDUserNsOptions with the settings to keepIDmatically set up // a user namespace. func (n UsernsMode) GetKeepIDOptions() (*KeepIDUserNsOptions, error) { diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 0d4fa4ef4c75..04abffa36fcc 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -830,6 +830,162 @@ func sortAndMergeConsecutiveMappings(idmap []idtools.IDMap) (finalIDMap []idtool return finalIDMap } +// Extension of idTools.parseAutoTriple that parses idmap triples. +// The triple should be a length 3 string array, containing: +// - Flags and ContainerID +// - HostID +// - Size +// +// parseAutoTriple returns the parsed mapping and any possible error. +// If the error is not-nil, the mapping is not well-defined. +// +// idTools.parseAutoTriple is extended here with the following enhancements: +// +// HostID @ syntax: +// ================= +// HostID may use the "@" syntax: The "101001:@1001:1" mapping +// means "take the 1001 id from the parent namespace and map it to 101001" +func parseAutoTriple(spec []string, parentMapping []ruser.IDMap, mapSetting string) (mappings []idtools.IDMap, err error) { + if len(spec[0]) == 0 { + return mappings, fmt.Errorf("invalid empty container id at %s map: %v", mapSetting, spec) + } + var cids, hids, sizes []uint64 + var cid, hid uint64 + var hidIsParent bool + // Parse the container ID, which must be an integer: + cid, err = strconv.ParseUint(spec[0][0:], 10, 32) + if err != nil { + return mappings, fmt.Errorf("parsing id map value %q: %w", spec[0], err) + } + // Parse the host id, which may be integer or @ + if len(spec[1]) == 0 { + return mappings, fmt.Errorf("invalid empty host id at %s map: %v", mapSetting, spec) + } + if spec[1][0] != '@' { + hidIsParent = false + hid, err = strconv.ParseUint(spec[1], 10, 32) + } else { + // Parse @, where is an integer corresponding to the parent mapping + hidIsParent = true + hid, err = strconv.ParseUint(spec[1][1:], 10, 32) + } + if err != nil { + return mappings, fmt.Errorf("parsing id map value %q: %w", spec[1], err) + } + // Parse the size of the mapping, which must be an integer + sz, err := strconv.ParseUint(spec[2], 10, 32) + if err != nil { + return mappings, fmt.Errorf("parsing id map value %q: %w", spec[2], err) + } + + if hidIsParent { + for i := uint64(0); i < sz; i++ { + cids = append(cids, cid+i) + mappedID, err := mapIDwithMapping(hid+i, parentMapping, mapSetting) + if err != nil { + return mappings, err + } + hids = append(hids, mappedID) + sizes = append(sizes, 1) + } + } else { + cids = []uint64{cid} + hids = []uint64{hid} + sizes = []uint64{sz} + } + + // Avoid possible integer overflow on 32bit builds + if bits.UintSize == 32 { + for i := range cids { + if cids[i] > math.MaxInt32 || hids[i] > math.MaxInt32 || sizes[i] > math.MaxInt32 { + return mappings, fmt.Errorf("initializing ID mappings: %s setting is malformed expected [\"[+ug]uint32:[@]uint32[:uint32]\"] : %q", mapSetting, spec) + } + } + } + for i := range cids { + mappings = append(mappings, idtools.IDMap{ + ContainerID: int(cids[i]), + HostID: int(hids[i]), + Size: int(sizes[i]), + }) + } + return mappings, nil +} + +// Extension of idTools.ParseIDMap that parses idmap triples from string. +// This extension accepts additional flags that control how the mapping is done +func parseAutoIDMap(mapSpec string, mapSetting string, parentMapping []ruser.IDMap) (idmap []idtools.IDMap, err error) { + stdErr := fmt.Errorf("initializing ID mappings: %s setting is malformed expected [\"uint32:[@]uint32[:uint32]\"] : %q", mapSetting, mapSpec) + idSpec := strings.Split(mapSpec, ":") + // if it's a length-2 list assume the size is 1: + if len(idSpec) == 2 { + idSpec = append(idSpec, "1") + } + if len(idSpec) != 3 { + return nil, stdErr + } + // Parse this mapping: + mappings, err := parseAutoTriple(idSpec, parentMapping, mapSetting) + if err != nil { + return nil, err + } + idmap = sortAndMergeConsecutiveMappings(mappings) + return idmap, nil +} + +// GetAutoOptions returns an AutoUserNsOptions with the settings to automatically set up +// a user namespace. +func GetAutoOptions(n namespaces.UsernsMode) (*stypes.AutoUserNsOptions, error) { + parts := strings.SplitN(string(n), ":", 2) + if parts[0] != "auto" { + return nil, fmt.Errorf("wrong user namespace mode") + } + options := stypes.AutoUserNsOptions{} + if len(parts) == 1 { + return &options, nil + } + + parentUIDMap, parentGIDMap, err := rootless.GetAvailableIDMaps() + if err != nil { + if errors.Is(err, fs.ErrNotExist) { + // The kernel-provided files only exist if user namespaces are supported + logrus.Debugf("User or group ID mappings not available: %s", err) + } else { + return nil, err + } + } + + for _, o := range strings.Split(parts[1], ",") { + v := strings.SplitN(o, "=", 2) + if len(v) != 2 { + return nil, fmt.Errorf("invalid option specified: %q", o) + } + switch v[0] { + case "size": + s, err := strconv.ParseUint(v[1], 10, 32) + if err != nil { + return nil, err + } + options.Size = uint32(s) + case "uidmapping": + mapping, err := parseAutoIDMap(v[1], "UID", parentUIDMap) + if err != nil { + return nil, err + } + options.AdditionalUIDMappings = append(options.AdditionalUIDMappings, mapping...) + case "gidmapping": + mapping, err := parseAutoIDMap(v[1], "GID", parentGIDMap) + if err != nil { + return nil, err + } + options.AdditionalGIDMappings = append(options.AdditionalGIDMappings, mapping...) + default: + return nil, fmt.Errorf("unknown option specified: %q", v[0]) + } + } + return &options, nil +} + // ParseIDMapping takes idmappings and subuid and subgid maps and returns a storage mapping func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []string, subUIDMap, subGIDMap string) (*stypes.IDMappingOptions, error) { options := stypes.IDMappingOptions{ @@ -842,7 +998,7 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin options.HostUIDMapping = false options.HostGIDMapping = false options.AutoUserNs = true - opts, err := mode.GetAutoOptions() + opts, err := GetAutoOptions(mode) if err != nil { return nil, err } diff --git a/pkg/util/utils_test.go b/pkg/util/utils_test.go index 993cea74ecd6..e3c303a6e9db 100644 --- a/pkg/util/utils_test.go +++ b/pkg/util/utils_test.go @@ -391,6 +391,42 @@ func TestParseIDMapUserGroupFlags(t *testing.T) { assert.Equal(t, expectedResultGroup, result) } +func TestParseAutoIDMap(t *testing.T) { + result, err := parseAutoIDMap("3:4:5", "UID", []ruser.IDMap{}) + assert.Equal(t, err, nil) + assert.Equal(t, result, []idtools.IDMap{ + { + ContainerID: 3, + HostID: 4, + Size: 5, + }, + }) +} + +func TestParseAutoIDMapRelative(t *testing.T) { + parentMapping := []ruser.IDMap{ + { + ID: 0, + ParentID: 1000, + Count: 1, + }, + { + ID: 1, + ParentID: 100000, + Count: 65536, + }, + } + result, err := parseAutoIDMap("100:@100000:1", "UID", parentMapping) + assert.Equal(t, err, nil) + assert.Equal(t, result, []idtools.IDMap{ + { + ContainerID: 100, + HostID: 1, + Size: 1, + }, + }) +} + func TestFillIDMap(t *testing.T) { availableRanges := [][2]int{{0, 10}, {10000, 20000}} idmap := []idtools.IDMap{ From 42ea211211b7c0f8a873a2d167f2e33f801b0dc1 Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Wed, 29 Nov 2023 16:09:12 -0500 Subject: [PATCH 097/170] Fix locking error in WSL machine rm -f Fixed a bug where `podman machine rm -f` would cause a deadlock when running with WSL. The deadlock is caused by the Remove() function calling the Stop() function after Remove() locks the VM. Stop() also has a lock call, which fails and deadlocks because Remove() already claimed lock. Fix this by moving the stop call before the lock [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui --- pkg/machine/wsl/machine.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go index 4f6daa9e9cac..9f7ad76885df 100644 --- a/pkg/machine/wsl/machine.go +++ b/pkg/machine/wsl/machine.go @@ -1591,9 +1591,6 @@ func readWinProxyTid(v *MachineVM) (uint32, uint32, string, error) { func (v *MachineVM) Remove(name string, opts machine.RemoveOptions) (string, func() error, error) { var files []string - v.lock.Lock() - defer v.lock.Unlock() - if v.isRunning() { if !opts.Force { return "", nil, &machine.ErrVMRunningCannotDestroyed{Name: v.Name} @@ -1603,6 +1600,9 @@ func (v *MachineVM) Remove(name string, opts machine.RemoveOptions) (string, fun } } + v.lock.Lock() + defer v.lock.Unlock() + // Collect all the files that need to be destroyed if !opts.SaveKeys { files = append(files, v.IdentityPath, v.IdentityPath+".pub") From f95dd21d5d72ac85976471de7a41dca1758593a3 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 30 Nov 2023 06:29:33 -0700 Subject: [PATCH 098/170] deferred test failures: handle a corner case Followup to #20797 (defer assertion failures). The bail-now() helper was being defined only in setup() ... and some tests, particularly 001-basic.bats, define their own minimalist setup(). Symptom was "bail-now: command not found", which still caused test to fail (so no failures were hidden) but led to concern and wasted time when analyzing failures. Solution: add one more definition of bail-now(), in outer scope. There is still one pathological case I'm not addressing: a bats file that defines its own teardown() which does not invoke basic_teardown(), then has a test that runs defer-assertion-failures without a followup immediate-assertion-failures. This would lead to failures that are never seen. Since teardown() without basic_teardown() is invalid, I choose not to worry about this case. Signed-off-by: Ed Santiago --- test/system/505-networking-pasta.bats | 4 ---- test/system/helpers.bash | 17 +++++++++++++++-- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/test/system/505-networking-pasta.bats b/test/system/505-networking-pasta.bats index af342ddc8433..944ea6b4e35b 100644 --- a/test/system/505-networking-pasta.bats +++ b/test/system/505-networking-pasta.bats @@ -254,10 +254,6 @@ function pasta_test_do() { assert "${output}" = "${expect}" "Mismatch between data sent and received" } -function teardown() { - rm -f "${XFER_FILE}" -} - ### Addresses ################################################################## @test "IPv4 default address assignment" { diff --git a/test/system/helpers.bash b/test/system/helpers.bash index d69b71720594..ded6de642579 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -210,10 +210,20 @@ function basic_setup() { immediate-assertion-failures } +# bail-now is how we terminate a test upon assertion failure. +# By default, and the vast majority of the time, it just triggers +# immediate test termination; but see defer-assertion-failures, below. +function bail-now() { + # "false" does not apply to "bail now"! It means "nonzero exit", + # which BATS interprets as "yes, bail immediately". + false +} + +# Invoked on teardown: will terminate immediately if there have been +# any deferred test failures; otherwise will reset back to immediate +# test termination on future assertions. function immediate-assertion-failures() { function bail-now() { - # "false" does not apply to "bail now"! It means "nonzero exit", - # which BATS interprets as "yes, bail immediately". false } @@ -225,6 +235,9 @@ function immediate-assertion-failures() { fi } +# Used in special test circumstances--typically multi-condition loops--to +# continue going even on assertion failures. The test will fail afterward, +# usually in teardown. This can be useful to show failure patterns. function defer-assertion-failures() { function bail-now() { ASSERTION_FAILURES+="!" From e197cf57da5ff7beff556da6ea5261c6589d8c7d Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Fri, 10 Nov 2023 14:32:11 -0500 Subject: [PATCH 099/170] container create: use ParseUserNamespace to parse a user namespace setting Use ParseUserNamespace instead of ParseNamespace to parse a passed-in user namespace setting. Signed-off-by: Nalin Dahyabhai --- cmd/podman/containers/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 2da313c68abe..6d97ea7d656a 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -400,7 +400,7 @@ func createPodIfNecessary(cmd *cobra.Command, s *specgen.SpecGenerator, netOpts var err error uns := specgen.Namespace{NSMode: specgen.Default} if cliVals.UserNS != "" { - uns, err = specgen.ParseNamespace(cliVals.UserNS) + uns, err = specgen.ParseUserNamespace(cliVals.UserNS) if err != nil { return err } From 426db6fcc1e11114132af4c5fe1c1a257ffe5549 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Fri, 10 Nov 2023 16:26:18 -0500 Subject: [PATCH 100/170] Accept a config blob alongside the "changes" slice when committing When committing containers to create new images, accept a container config blob being passed in the body of the API request by adding a Config field to our API structures. Populate it from the body of requests that we receive, and use its contents as the body of requests that we make. Make the libpod commit endpoint split changes values at newlines, just like the compat endpoint does. Pass both the config blob and the "changes" slice to buildah's Commit() API, so that it can handle cases where they overlap or conflict. Signed-off-by: Nalin Dahyabhai --- cmd/podman/containers/commit.go | 18 +++++- docs/source/markdown/podman-commit.1.md | 7 +++ libpod/container_commit.go | 55 ++---------------- pkg/api/handlers/changes.go | 34 +++++++++++ pkg/api/handlers/changes_test.go | 52 +++++++++++++++++ pkg/api/handlers/compat/images.go | 16 +++--- pkg/api/handlers/libpod/images.go | 9 ++- pkg/bindings/containers/commit.go | 6 +- pkg/bindings/containers/types.go | 1 + .../containers/types_commit_options.go | 16 ++++++ pkg/domain/entities/containers.go | 1 + pkg/domain/infra/abi/config.go | 22 ++++++++ pkg/domain/infra/abi/config_test.go | 56 +++++++++++++++++++ pkg/domain/infra/abi/containers.go | 15 ++++- pkg/domain/infra/tunnel/containers.go | 11 +++- test/apiv2/14-commit.at | 30 ++++++++++ test/e2e/commit_test.go | 41 +++++++++++++- 17 files changed, 325 insertions(+), 65 deletions(-) create mode 100644 pkg/api/handlers/changes.go create mode 100644 pkg/api/handlers/changes_test.go create mode 100644 pkg/domain/infra/abi/config.go create mode 100644 pkg/domain/infra/abi/config_test.go create mode 100644 test/apiv2/14-commit.at diff --git a/cmd/podman/containers/commit.go b/cmd/podman/containers/commit.go index fa0621a4cc55..c771d4c788ef 100644 --- a/cmd/podman/containers/commit.go +++ b/cmd/podman/containers/commit.go @@ -9,6 +9,7 @@ import ( "github.com/containers/common/pkg/completion" "github.com/containers/podman/v4/cmd/podman/common" "github.com/containers/podman/v4/cmd/podman/registry" + "github.com/containers/podman/v4/pkg/api/handlers" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/spf13/cobra" ) @@ -47,7 +48,7 @@ var ( commitOptions = entities.CommitOptions{ ImageName: "", } - iidFile string + configFile, iidFile string ) func commitFlags(cmd *cobra.Command) { @@ -57,6 +58,10 @@ func commitFlags(cmd *cobra.Command) { flags.StringArrayVarP(&commitOptions.Changes, changeFlagName, "c", []string{}, "Apply the following possible instructions to the created image (default []): "+strings.Join(common.ChangeCmds, " | ")) _ = cmd.RegisterFlagCompletionFunc(changeFlagName, common.AutocompleteChangeInstructions) + configFileFlagName := "config" + flags.StringVar(&configFile, configFileFlagName, "", "`file` containing a container configuration to merge into the image") + _ = cmd.RegisterFlagCompletionFunc(configFileFlagName, completion.AutocompleteDefault) + formatFlagName := "format" flags.StringVarP(&commitOptions.Format, formatFlagName, "f", "oci", "`Format` of the image manifest and metadata") _ = cmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteImageFormat) @@ -100,7 +105,16 @@ func commit(cmd *cobra.Command, args []string) error { if !commitOptions.Quiet { commitOptions.Writer = os.Stderr } - + if len(commitOptions.Changes) > 0 { + commitOptions.Changes = handlers.DecodeChanges(commitOptions.Changes) + } + if len(configFile) > 0 { + cfg, err := os.ReadFile(configFile) + if err != nil { + return fmt.Errorf("--config: %w", err) + } + commitOptions.Config = cfg + } response, err := registry.ContainerEngine().ContainerCommit(context.Background(), container, commitOptions) if err != nil { return err diff --git a/docs/source/markdown/podman-commit.1.md b/docs/source/markdown/podman-commit.1.md index 23e6bac2f02f..ba66a745e261 100644 --- a/docs/source/markdown/podman-commit.1.md +++ b/docs/source/markdown/podman-commit.1.md @@ -36,6 +36,13 @@ Apply the following possible instructions to the created image: Can be set multiple times. +#### **--config**=*ConfigBlobFile* + +Merge the container configuration from the specified file into the configuration for the image +as it is being committed. The file contents should be a JSON-encoded version of +a Schema2Config structure, which is defined at +https://github.com/containers/image/blob/v5.29.0/manifest/docker_schema2.go#L67. + #### **--format**, **-f**=**oci** | *docker* Set the format of the image manifest and metadata. The currently supported formats are **oci** and *docker*.\ diff --git a/libpod/container_commit.go b/libpod/container_commit.go index 00063c2c288e..5817f3a18914 100644 --- a/libpod/container_commit.go +++ b/libpod/container_commit.go @@ -20,16 +20,16 @@ import ( // ContainerCommitOptions is a struct used to commit a container to an image // It uses buildah's CommitOptions as a base. Long-term we might wish to -// add these to the buildah struct once buildah is more integrated with -// libpod +// decouple these because it includes duplicates of fields that are in, or +// could later be added, to buildah's CommitOptions, which gets confusing type ContainerCommitOptions struct { buildah.CommitOptions Pause bool IncludeVolumes bool Author string Message string - Changes []string - Squash bool + Changes []string // gets merged with CommitOptions.OverrideChanges + Squash bool // always used instead of CommitOptions.Squash } // Commit commits the changes between a container and its image, creating a new @@ -69,6 +69,8 @@ func (c *Container) Commit(ctx context.Context, destImage string, options Contai Squash: options.Squash, SystemContext: c.runtime.imageContext, PreferredManifestType: options.PreferredManifestType, + OverrideChanges: append(append([]string{}, options.Changes...), options.CommitOptions.OverrideChanges...), + OverrideConfig: options.CommitOptions.OverrideConfig, } importBuilder, err := buildah.ImportBuilder(ctx, c.runtime.store, builderOptions) importBuilder.Format = options.PreferredManifestType @@ -150,51 +152,6 @@ func (c *Container) Commit(ctx context.Context, destImage string, options Contai // Workdir importBuilder.SetWorkDir(c.config.Spec.Process.Cwd) - // Process user changes - newImageConfig, err := libimage.ImageConfigFromChanges(options.Changes) - if err != nil { - return nil, err - } - if newImageConfig.User != "" { - importBuilder.SetUser(newImageConfig.User) - } - // EXPOSE only appends - for port := range newImageConfig.ExposedPorts { - importBuilder.SetPort(port) - } - // ENV only appends - for _, env := range newImageConfig.Env { - splitEnv := strings.SplitN(env, "=", 2) - key := splitEnv[0] - value := "" - if len(splitEnv) == 2 { - value = splitEnv[1] - } - importBuilder.SetEnv(key, value) - } - if newImageConfig.Entrypoint != nil { - importBuilder.SetEntrypoint(newImageConfig.Entrypoint) - } - if newImageConfig.Cmd != nil { - importBuilder.SetCmd(newImageConfig.Cmd) - } - // VOLUME only appends - for vol := range newImageConfig.Volumes { - importBuilder.AddVolume(vol) - } - if newImageConfig.WorkingDir != "" { - importBuilder.SetWorkDir(newImageConfig.WorkingDir) - } - for k, v := range newImageConfig.Labels { - importBuilder.SetLabel(k, v) - } - if newImageConfig.StopSignal != "" { - importBuilder.SetStopSignal(newImageConfig.StopSignal) - } - for _, onbuild := range newImageConfig.OnBuild { - importBuilder.SetOnBuild(onbuild) - } - var commitRef types.ImageReference if destImage != "" { // Now resolve the name. diff --git a/pkg/api/handlers/changes.go b/pkg/api/handlers/changes.go new file mode 100644 index 000000000000..58e3a739adfb --- /dev/null +++ b/pkg/api/handlers/changes.go @@ -0,0 +1,34 @@ +package handlers + +import ( + "strings" + "unicode" +) + +// DecodeChanges reads one or more changes from a slice and cleans them up, +// since what we've advertised as being acceptable in the past isn't really. +func DecodeChanges(changes []string) []string { + result := make([]string, 0, len(changes)) + for _, possiblyMultilineChange := range changes { + for _, change := range strings.Split(possiblyMultilineChange, "\n") { + // In particular, we document that we accept values + // like "CMD=/bin/sh", which is not valid Dockerfile + // syntax, so we can't just pass such a value directly + // to a parser that's going to rightfully reject it. + // If we trim the string of whitespace at both ends, + // and the first occurrence of "=" is before the first + // whitespace, replace that "=" with whitespace. + change = strings.TrimSpace(change) + if change == "" { + continue + } + firstEqualIndex := strings.Index(change, "=") + firstSpaceIndex := strings.IndexFunc(change, unicode.IsSpace) + if firstEqualIndex != -1 && (firstSpaceIndex == -1 || firstEqualIndex < firstSpaceIndex) { + change = change[:firstEqualIndex] + " " + change[firstEqualIndex+1:] + } + result = append(result, change) + } + } + return result +} diff --git a/pkg/api/handlers/changes_test.go b/pkg/api/handlers/changes_test.go new file mode 100644 index 000000000000..03ff1523e77e --- /dev/null +++ b/pkg/api/handlers/changes_test.go @@ -0,0 +1,52 @@ +package handlers + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestDecodeChanges(t *testing.T) { + testCases := []struct { + description string + input string + output []string + }{ + { + description: "nothing", + input: "", + output: []string{}, + }, + { + description: "space", + input: `CMD=/bin/bash`, + output: []string{"CMD /bin/bash"}, + }, + { + description: "equal", + input: `CMD=/bin/bash`, + output: []string{"CMD /bin/bash"}, + }, + { + description: "both-but-right-first", + input: `LABEL A=B`, + output: []string{"LABEL A=B"}, + }, + { + description: "both-but-right-second", + input: `LABEL A=B C=D`, + output: []string{"LABEL A=B C=D"}, + }, + { + description: "both-but-wrong", + input: `LABEL=A=B C=D`, + output: []string{"LABEL A=B C=D"}, + }, + } + for _, testCase := range testCases { + t.Run(testCase.description, func(t *testing.T) { + output := DecodeChanges([]string{testCase.input}) + assert.Equalf(t, testCase.output, output, "decoded value was not what we expected") + }) + } +} diff --git a/pkg/api/handlers/compat/images.go b/pkg/api/handlers/compat/images.go index ff25e8180884..a2a252ea1856 100644 --- a/pkg/api/handlers/compat/images.go +++ b/pkg/api/handlers/compat/images.go @@ -2,7 +2,6 @@ package compat import ( "context" - "encoding/json" "errors" "fmt" "net/http" @@ -133,18 +132,17 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { PreferredManifestType: manifest.DockerV2Schema2MediaType, } - input := handlers.CreateContainerConfig{} - if err := json.NewDecoder(r.Body).Decode(&input); err != nil { - utils.Error(w, http.StatusInternalServerError, fmt.Errorf("Decode(): %w", err)) - return - } - options.Message = query.Comment options.Author = query.Author options.Pause = query.Pause options.Squash = query.Squash - for _, change := range query.Changes { - options.Changes = append(options.Changes, strings.Split(change, "\n")...) + options.Changes = handlers.DecodeChanges(query.Changes) + if r.Body != nil { + defer r.Body.Close() + if options.CommitOptions.OverrideConfig, err = abi.DecodeOverrideConfig(r.Body); err != nil { + utils.Error(w, http.StatusBadRequest, err) + return + } } ctr, err := runtime.LookupContainer(query.Container) if err != nil { diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 5fd6eeaeec08..31bd08267dca 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -483,6 +483,13 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { SystemContext: sc, PreferredManifestType: mimeType, } + if r.Body != nil { + defer r.Body.Close() + if options.CommitOptions.OverrideConfig, err = abi.DecodeOverrideConfig(r.Body); err != nil { + utils.Error(w, http.StatusBadRequest, err) + return + } + } if len(query.Tag) > 0 { tag = query.Tag } @@ -490,7 +497,7 @@ func CommitContainer(w http.ResponseWriter, r *http.Request) { options.Author = query.Author options.Pause = query.Pause options.Squash = query.Squash - options.Changes = query.Changes + options.Changes = handlers.DecodeChanges(query.Changes) ctr, err := runtime.LookupContainer(query.Container) if err != nil { utils.Error(w, http.StatusNotFound, err) diff --git a/pkg/bindings/containers/commit.go b/pkg/bindings/containers/commit.go index 5138b13cb67d..6d094a2ff82c 100644 --- a/pkg/bindings/containers/commit.go +++ b/pkg/bindings/containers/commit.go @@ -33,7 +33,11 @@ func Commit(ctx context.Context, nameOrID string, options *CommitOptions) (entit return entities.IDResponse{}, err } params.Set("container", nameOrID) - response, err := conn.DoRequest(ctx, nil, http.MethodPost, "/commit", params, nil) + var requestBody io.Reader + if options.Config != nil { + requestBody = *options.Config + } + response, err := conn.DoRequest(ctx, requestBody, http.MethodPost, "/commit", params, nil) if err != nil { return id, err } diff --git a/pkg/bindings/containers/types.go b/pkg/bindings/containers/types.go index 6678a86ff34c..ee2fe4b94b97 100644 --- a/pkg/bindings/containers/types.go +++ b/pkg/bindings/containers/types.go @@ -29,6 +29,7 @@ type LogOptions struct { type CommitOptions struct { Author *string Changes []string + Config *io.Reader `schema:"-"` Comment *string Format *string Pause *bool diff --git a/pkg/bindings/containers/types_commit_options.go b/pkg/bindings/containers/types_commit_options.go index d58630b924ef..20e59f4d50ed 100644 --- a/pkg/bindings/containers/types_commit_options.go +++ b/pkg/bindings/containers/types_commit_options.go @@ -2,6 +2,7 @@ package containers import ( + "io" "net/url" "github.com/containers/podman/v4/pkg/bindings/internal/util" @@ -47,6 +48,21 @@ func (o *CommitOptions) GetChanges() []string { return o.Changes } +// WithConfig set field Config to given value +func (o *CommitOptions) WithConfig(value io.Reader) *CommitOptions { + o.Config = &value + return o +} + +// GetConfig returns value of field Config +func (o *CommitOptions) GetConfig() io.Reader { + if o.Config == nil { + var z io.Reader + return z + } + return *o.Config +} + // WithComment set field Comment to given value func (o *CommitOptions) WithComment(value string) *CommitOptions { o.Comment = &value diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index a47b9ed20c97..44cf3fc51765 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -164,6 +164,7 @@ type ContainerStatReport struct { type CommitOptions struct { Author string Changes []string + Config []byte Format string ImageName string IncludeVolumes bool diff --git a/pkg/domain/infra/abi/config.go b/pkg/domain/infra/abi/config.go new file mode 100644 index 000000000000..ae564cf44287 --- /dev/null +++ b/pkg/domain/infra/abi/config.go @@ -0,0 +1,22 @@ +package abi + +import ( + "encoding/json" + "errors" + "io" + + "github.com/containers/image/v5/manifest" +) + +// DecodeOverrideConfig reads a Schema2Config from a Reader, suppressing EOF +// errors. +func DecodeOverrideConfig(reader io.Reader) (*manifest.Schema2Config, error) { + config := manifest.Schema2Config{} + if reader != nil { + err := json.NewDecoder(reader).Decode(&config) + if err != nil && !errors.Is(err, io.EOF) { + return nil, err + } + } + return &config, nil +} diff --git a/pkg/domain/infra/abi/config_test.go b/pkg/domain/infra/abi/config_test.go new file mode 100644 index 000000000000..4a9af42e43de --- /dev/null +++ b/pkg/domain/infra/abi/config_test.go @@ -0,0 +1,56 @@ +package abi + +import ( + "strings" + "testing" + + "github.com/containers/image/v5/manifest" + "github.com/stretchr/testify/assert" +) + +func TestDecodeOverrideConfig(t *testing.T) { + testCases := []struct { + description string + body string + expectedValue *manifest.Schema2Config + expectedError bool + }{ + { + description: "nothing", + body: ``, + expectedValue: &manifest.Schema2Config{}, + }, + { + description: "empty", + body: `{}`, + expectedValue: &manifest.Schema2Config{}, + }, + { + description: "user", + body: `{"User":"0:0"}`, + expectedValue: &manifest.Schema2Config{User: "0:0"}, + }, + { + description: "malformed", + body: `{"User":`, + expectedError: true, + }, + } + t.Run("no reader", func(t *testing.T) { + value, err := DecodeOverrideConfig(nil) + assert.NoErrorf(t, err, "decoding nothing") + assert.NotNilf(t, value, "decoded value was unexpectedly nil") + }) + for _, testCase := range testCases { + t.Run(testCase.description, func(t *testing.T) { + value, err := DecodeOverrideConfig(strings.NewReader(testCase.body)) + if testCase.expectedError { + assert.Errorf(t, err, "decoding sample data") + } else { + assert.NoErrorf(t, err, "decoding sample data") + assert.NotNilf(t, value, "decoded value was unexpectedly nil") + assert.Equalf(t, *testCase.expectedValue, *value, "decoded value was not what we expected") + } + }) + } +} diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index e8cb8e346eb5..a3d3a5e8f0e1 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -1,6 +1,7 @@ package abi import ( + "bytes" "context" "errors" "fmt" @@ -17,6 +18,7 @@ import ( "github.com/containers/podman/v4/libpod" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/libpod/logs" + "github.com/containers/podman/v4/pkg/api/handlers" "github.com/containers/podman/v4/pkg/checkpoint" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/entities/reports" @@ -581,18 +583,29 @@ func (ic *ContainerEngine) ContainerCommit(ctx context.Context, nameOrID string, } sc := ic.Libpod.SystemContext() + var changes []string + if len(options.Changes) > 0 { + changes = handlers.DecodeChanges(options.Changes) + } + var overrideConfig *manifest.Schema2Config + if len(options.Config) > 0 { + if overrideConfig, err = DecodeOverrideConfig(bytes.NewReader(options.Config)); err != nil { + return nil, err + } + } coptions := buildah.CommitOptions{ SignaturePolicyPath: rtc.Engine.SignaturePolicyPath, ReportWriter: options.Writer, SystemContext: sc, PreferredManifestType: mimeType, + OverrideConfig: overrideConfig, } opts := libpod.ContainerCommitOptions{ CommitOptions: coptions, Pause: options.Pause, IncludeVolumes: options.IncludeVolumes, Message: options.Message, - Changes: options.Changes, + Changes: changes, Author: options.Author, Squash: options.Squash, } diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go index 81d092ab4ed4..758fe698946f 100644 --- a/pkg/domain/infra/tunnel/containers.go +++ b/pkg/domain/infra/tunnel/containers.go @@ -1,6 +1,7 @@ package tunnel import ( + "bytes" "context" "errors" "fmt" @@ -346,7 +347,15 @@ func (ic *ContainerEngine) ContainerCommit(ctx context.Context, nameOrID string, return nil, fmt.Errorf("invalid image name %q", opts.ImageName) } } - options := new(containers.CommitOptions).WithAuthor(opts.Author).WithChanges(opts.Changes).WithComment(opts.Message).WithSquash(opts.Squash).WithStream(!opts.Quiet) + var changes []string + if len(opts.Changes) > 0 { + changes = handlers.DecodeChanges(opts.Changes) + } + var configReader io.Reader + if len(opts.Config) > 0 { + configReader = bytes.NewReader(opts.Config) + } + options := new(containers.CommitOptions).WithAuthor(opts.Author).WithChanges(changes).WithComment(opts.Message).WithConfig(configReader).WithSquash(opts.Squash).WithStream(!opts.Quiet) options.WithFormat(opts.Format).WithPause(opts.Pause).WithRepo(repo).WithTag(tag) response, err := containers.Commit(ic.ClientCtx, nameOrID, options) if err != nil { diff --git a/test/apiv2/14-commit.at b/test/apiv2/14-commit.at new file mode 100644 index 000000000000..1c4b11314f86 --- /dev/null +++ b/test/apiv2/14-commit.at @@ -0,0 +1,30 @@ +# Create a container for testing the container initializing later +podman create -t -i --name myctr $IMAGE ls + +config=$(mktemp -t config.XXXXXXXXXX.json) +cat > "$config" <<- EOF +{ + "Entrypoint": ["/bin/crash"], + "Cmd": ["and", "burn"], + "Labels": {"for": "ever", "and": "ever"} +} +EOF + +# Create a new image based on the container +t POST 'libpod/commit?container=myctr&repo=nativeimage&tag=1' $config 200 + +# Check some things +t GET libpod/images/nativeimage:1/json 200 ".Config.Cmd=$(jq .Cmd $config)" ".Config.Entrypoint=$(jq .Entrypoint $config)" + +# Create a new image based on the container +t POST 'commit?container=myctr&repo=compatimage&tag=1' $config 201 + +# Check some things +t GET images/compatimage:1/json 200 ".Config.Cmd=$(jq .Cmd $config)" ".Config.Entrypoint=$(jq .Entrypoint $config)" + +# Clean up +t DELETE containers/myctr 204 +t DELETE images/nativeimage:1 200 +t DELETE images/compatimage:1 200 +rm -f "$config" +unset config diff --git a/test/e2e/commit_test.go b/test/e2e/commit_test.go index 6a9a7e614fbf..b1bbb29b61b4 100644 --- a/test/e2e/commit_test.go +++ b/test/e2e/commit_test.go @@ -21,7 +21,7 @@ var _ = Describe("Podman commit", func() { session := podmanTest.Podman([]string{"commit", "test1", "--change", "BOGUS=foo", "foobar.com/test1-image:latest"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(125)) - Expect(session.ErrorToString()).To(Equal("Error: invalid change \"BOGUS=foo\" - invalid instruction BOGUS")) + Expect(session.ErrorToString()).To(HaveSuffix(`applying changes: processing change "BOGUS foo": did not understand change instruction "BOGUS foo"`)) session = podmanTest.Podman([]string{"commit", "test1", "foobar.com/test1-image:latest"}) session.WaitWithDefaultTimeout() @@ -127,6 +127,45 @@ var _ = Describe("Podman commit", func() { Expect(inspectResults[0].Labels).To(HaveKeyWithValue("image", "blue")) }) + It("podman commit container with --config flag", func() { + test := podmanTest.Podman([]string{"run", "--name", "test1", "-d", ALPINE, "ls"}) + test.WaitWithDefaultTimeout() + Expect(test).Should(ExitCleanly()) + Expect(podmanTest.NumberOfContainers()).To(Equal(1)) + + configFile, err := os.CreateTemp(podmanTest.TempDir, "") + Expect(err).Should(Succeed()) + _, err = configFile.WriteString(`{"Labels":{"image":"green"}}`) + Expect(err).Should(Succeed()) + configFile.Close() + + session := podmanTest.Podman([]string{"commit", "-q", "--config", configFile.Name(), "test1", "foobar.com/test1-image:latest"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(ExitCleanly()) + + check := podmanTest.Podman([]string{"inspect", "foobar.com/test1-image:latest"}) + check.WaitWithDefaultTimeout() + inspectResults := check.InspectImageJSON() + Expect(inspectResults[0].Labels).To(HaveKeyWithValue("image", "green")) + }) + + It("podman commit container with --config pointing to trash", func() { + test := podmanTest.Podman([]string{"run", "--name", "test1", "-d", ALPINE, "ls"}) + test.WaitWithDefaultTimeout() + Expect(test).Should(ExitCleanly()) + Expect(podmanTest.NumberOfContainers()).To(Equal(1)) + + configFile, err := os.CreateTemp(podmanTest.TempDir, "") + Expect(err).Should(Succeed()) + _, err = configFile.WriteString("this is not valid JSON\n") + Expect(err).Should(Succeed()) + configFile.Close() + + session := podmanTest.Podman([]string{"commit", "-q", "--config", configFile.Name(), "test1", "foobar.com/test1-image:latest"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Not(ExitCleanly())) + }) + It("podman commit container with --squash", func() { test := podmanTest.Podman([]string{"run", "--name", "test1", "-d", ALPINE, "ls"}) test.WaitWithDefaultTimeout() From fa0aa9113222f677d53843448f72fe039d07e74e Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Thu, 30 Nov 2023 08:59:35 -0500 Subject: [PATCH 101/170] @@option volume.image: be specific that -v only affects RUN Be specific that the `-v` flag only affects RUN instructions. The previous wording left it ambiguous, and people might have concluded that it applied to ADD and COPY as well. Signed-off-by: Nalin Dahyabhai --- docs/source/markdown/options/volume.image.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/docs/source/markdown/options/volume.image.md b/docs/source/markdown/options/volume.image.md index 7549b47ea321..b4715f85452d 100644 --- a/docs/source/markdown/options/volume.image.md +++ b/docs/source/markdown/options/volume.image.md @@ -4,9 +4,8 @@ ####> are applicable to all of those. #### **--volume**, **-v**=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]* -Create a bind mount. Specifying the `-v /HOST-DIR:/CONTAINER-DIR` option, Podman -bind mounts `/HOST-DIR` from the host to `/CONTAINER-DIR` in the Podman -container. +Mount a host directory into containers when executing RUN instructions during +the build. The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) @@ -17,12 +16,9 @@ The `OPTIONS` are a comma-separated list and can be: [[1]](#Footnote1) Date: Tue, 28 Nov 2023 15:50:27 +0000 Subject: [PATCH 102/170] Move the --farm flag to farm build command The option `farm` which is used to specify the farm to be used, is moved to farm build command from farm command. closes #20752 Signed-off-by: Chetan Giradkar --- cmd/podman/farm/build.go | 15 +++++++++++++-- cmd/podman/farm/farm.go | 18 ------------------ docs/source/markdown/options/farm.md | 7 +++++++ docs/source/markdown/podman-farm-build.1.md.in | 8 ++++++-- test/farm/001-farm.bats | 2 +- 5 files changed, 27 insertions(+), 23 deletions(-) create mode 100644 docs/source/markdown/options/farm.md diff --git a/cmd/podman/farm/build.go b/cmd/podman/farm/build.go index 7ecb75baf172..197e299566cf 100644 --- a/cmd/podman/farm/build.go +++ b/cmd/podman/farm/build.go @@ -19,6 +19,7 @@ type buildOptions struct { buildOptions common.BuildFlagsWrapper local bool platforms []string + farm string } var ( @@ -55,6 +56,16 @@ func init() { buildCommand.PersistentFlags().StringSliceVar(&buildOpts.platforms, platformsFlag, nil, "Build only on farm nodes that match the given platforms") common.DefineBuildFlags(buildCommand, &buildOpts.buildOptions, true) + + podmanConfig := registry.PodmanConfig() + + farmFlagName := "farm" + // If remote, don't read the client's containers.conf file + defaultFarm := "" + if !registry.IsRemote() { + defaultFarm = podmanConfig.ContainersConfDefaultsRO.Farms.Default + } + flags.StringVar(&buildOpts.farm, farmFlagName, defaultFarm, "Farm to use for builds") } func build(cmd *cobra.Command, args []string) error { @@ -98,8 +109,8 @@ func build(cmd *cobra.Command, args []string) error { } defaultFarm := cfg.Farms.Default - if farmCmd.Flags().Changed("farm") { - f, err := farmCmd.Flags().GetString("farm") + if cmd.Flags().Changed("farm") { + f, err := cmd.Flags().GetString("farm") if err != nil { return err } diff --git a/cmd/podman/farm/farm.go b/cmd/podman/farm/farm.go index c27ac2237cee..de4903c6a502 100644 --- a/cmd/podman/farm/farm.go +++ b/cmd/podman/farm/farm.go @@ -16,27 +16,9 @@ var ( } ) -var ( - // Temporary struct to hold cli values. - farmOpts = struct { - Farm string - }{} -) - func init() { registry.Commands = append(registry.Commands, registry.CliCommand{ Command: farmCmd, }) farmCmd.Hidden = true - - flags := farmCmd.Flags() - podmanConfig := registry.PodmanConfig() - - farmFlagName := "farm" - // If remote, don't read the client's containers.conf file - defaultFarm := "" - if !registry.IsRemote() { - defaultFarm = podmanConfig.ContainersConfDefaultsRO.Farms.Default - } - flags.StringVarP(&farmOpts.Farm, farmFlagName, "f", defaultFarm, "Farm to use for builds") } diff --git a/docs/source/markdown/options/farm.md b/docs/source/markdown/options/farm.md new file mode 100644 index 000000000000..8ba605d0f714 --- /dev/null +++ b/docs/source/markdown/options/farm.md @@ -0,0 +1,7 @@ +####> This option file is used in: +####> podman farm build +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--farm** + +This option specifies the name of the farm to be used in the build process. diff --git a/docs/source/markdown/podman-farm-build.1.md.in b/docs/source/markdown/podman-farm-build.1.md.in index 14ef252c890a..36624f6eccdf 100644 --- a/docs/source/markdown/podman-farm-build.1.md.in +++ b/docs/source/markdown/podman-farm-build.1.md.in @@ -89,6 +89,10 @@ It does not affect _/etc/resolv.conf_ in the final image. @@option env.image +@@option farm + +This option specifies the name of the farm to be used in the build process. + @@option file @@option force-rm @@ -214,9 +218,9 @@ Build only on farm nodes that match the given platforms. ``` $ podman farm build --local -t name -f /path/to/containerfile . -$ podman farm --farm build myfarm -t name . +$ podman farm build --farm myfarm -t name . -$ podman farm --farm myfarm build --cleanup -t name . +$ podman farm build --farm myfarm --cleanup -t name . $ podman farm build --platforms arm64,amd64 --cleanup -t name . ``` diff --git a/test/farm/001-farm.bats b/test/farm/001-farm.bats index afddbd09ef8b..73c47f5ba270 100644 --- a/test/farm/001-farm.bats +++ b/test/farm/001-farm.bats @@ -17,7 +17,7 @@ load helpers.bash empty_farm="empty-farm" # create an empty farm run_podman farm create $empty_farm - run_podman farm --farm $empty_farm build -t $iname $PODMAN_TMPDIR + run_podman farm build --farm $empty_farm -t $iname $PODMAN_TMPDIR assert "$output" =~ "Local builder ready" # get the system architecture From c1eea91a01ac16cfc6ba96024fea08f8606882ce Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 14:48:27 +0000 Subject: [PATCH 103/170] fix(deps): update common, image, and storage deps Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 10 +-- go.sum | 20 ++--- .../containers/image/v5/copy/manifest.go | 82 +++++++++++++------ .../containers/image/v5/copy/single.go | 1 + .../image/v5/internal/manifest/manifest.go | 26 +++++- .../image/v5/manifest/docker_schema1.go | 15 ++++ .../containers/image/v5/manifest/manifest.go | 2 +- .../image/v5/oci/archive/oci_dest.go | 8 +- .../containers/storage/pkg/archive/archive.go | 4 + .../storage/pkg/chunked/cache_linux.go | 16 +++- vendor/github.com/containers/storage/store.go | 5 ++ vendor/modules.txt | 10 +-- 12 files changed, 151 insertions(+), 48 deletions(-) diff --git a/go.mod b/go.mod index c9b1d5f2eced..9a65b76177db 100644 --- a/go.mod +++ b/go.mod @@ -12,14 +12,14 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.3.0 github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c - github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f + github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 - github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 + github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 github.com/containers/libhvee v0.5.0 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 - github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc + github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 github.com/crc-org/vfkit v0.5.0 @@ -93,7 +93,7 @@ require ( github.com/chenzhuoyu/iasm v0.9.0 // indirect github.com/chzyer/readline v1.5.1 // indirect github.com/containerd/cgroups/v3 v3.0.2 // indirect - github.com/containerd/containerd v1.7.9 // indirect + github.com/containerd/containerd v1.7.10 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect github.com/containerd/typeurl/v2 v2.1.1 // indirect @@ -206,7 +206,7 @@ require ( golang.org/x/arch v0.5.0 // indirect golang.org/x/crypto v0.16.0 // indirect golang.org/x/mod v0.13.0 // indirect - golang.org/x/oauth2 v0.14.0 // indirect + golang.org/x/oauth2 v0.15.0 // indirect golang.org/x/tools v0.14.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect diff --git a/go.sum b/go.sum index 41a14393602e..95df02f6df60 100644 --- a/go.sum +++ b/go.sum @@ -193,8 +193,8 @@ github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09Zvgq github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= -github.com/containerd/containerd v1.7.9 h1:KOhK01szQbM80YfW1H6RZKh85PHGqY/9OcEZ35Je8sc= -github.com/containerd/containerd v1.7.9/go.mod h1:0/W44LWEYfSHoxBtsHIiNU/duEkgpMokemafHVCpq9Y= +github.com/containerd/containerd v1.7.10 h1:2nfZyT8BV0C3iKu/SsGxKVAf9dp5W7l9nA8JmWmDGuo= +github.com/containerd/containerd v1.7.10/go.mod h1:0/W44LWEYfSHoxBtsHIiNU/duEkgpMokemafHVCpq9Y= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -256,14 +256,14 @@ github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= -github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f h1:palKvEWcNCW+mhh4hmOI/IpFthhnVwoRGOTlbTDpqE0= -github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f/go.mod h1:FlJBjxfbI9s1o7VROe/2fiN8kvgO29/qa3dPDCaX3og= +github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 h1:56pMgYcYyhTlmPPhRmG34NBmT5S/IwMMmOq0o4LJAMo= +github.com/containers/common v0.57.1-0.20231130092720-630c929caef9/go.mod h1:1TyelTjZvU4ZVSq6tGl0ImFlMKIbE8QkzpACQCdcs4U= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= -github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 h1:Dz4ryT8VDKn6U+oWPtsihAV2eG7uFc+LYS7UjHjLcwk= -github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166/go.mod h1:0uOgAiVgmF8+VCXltRYmncWjkDYc+jFma49NKNz0cS4= +github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 h1:NeakBfEUoMzlCK1t1xkigEu/p4luDhfPtVLdrlhVhkA= +github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96/go.mod h1:viinaAODpZKsuvRIecjkmgV890VxszevaGiH+m8Qcug= github.com/containers/libhvee v0.5.0 h1:rDhfG2NI8Q+VgeXht2dXezanxEdpj9pHqYX3vWfOGUw= github.com/containers/libhvee v0.5.0/go.mod h1:yvU3Em2u1ZLl2VLd2glMIBWriBwfhWsDaRJsvixUIB0= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= @@ -278,8 +278,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= -github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc h1:K+fKkKkqwwY3YYM+RejJ6OcbCRZfDRZLoKsMMBAT2Bw= -github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc/go.mod h1:oz9n9uia9xtxDQhw7nnlpMID5YKbHmMZsVFy4rR+5+s= +github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a h1:YuHrRNrIAZ+b1yTzoTdNiAEBNqhBmnakrVxfXcH8SC8= +github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a/go.mod h1:FHXkEBvKRmsTeB1JQIFfXnSyXCp+wVrt172O2ZlSzM4= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -1271,8 +1271,8 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= -golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= +golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= +golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/vendor/github.com/containers/image/v5/copy/manifest.go b/vendor/github.com/containers/image/v5/copy/manifest.go index 6f01cf5cc3b3..8844ac8e7eb9 100644 --- a/vendor/github.com/containers/image/v5/copy/manifest.go +++ b/vendor/github.com/containers/image/v5/copy/manifest.go @@ -6,8 +6,10 @@ import ( "fmt" "strings" + internalManifest "github.com/containers/image/v5/internal/manifest" "github.com/containers/image/v5/internal/set" "github.com/containers/image/v5/manifest" + compressiontypes "github.com/containers/image/v5/pkg/compression/types" "github.com/containers/image/v5/types" v1 "github.com/opencontainers/image-spec/specs-go/v1" "github.com/sirupsen/logrus" @@ -19,8 +21,8 @@ import ( // Include v2s1 signed but not v2s1 unsigned, because docker/distribution requires a signature even if the unsigned MIME type is used. var preferredManifestMIMETypes = []string{manifest.DockerV2Schema2MediaType, manifest.DockerV2Schema1SignedMediaType} -// ociEncryptionMIMETypes lists manifest MIME types that are known to support OCI encryption. -var ociEncryptionMIMETypes = []string{v1.MediaTypeImageManifest} +// allManifestMIMETypes lists all possible manifest MIME types. +var allManifestMIMETypes = []string{v1.MediaTypeImageManifest, manifest.DockerV2Schema2MediaType, manifest.DockerV2Schema1SignedMediaType, manifest.DockerV2Schema1MediaType} // orderedSet is a list of strings (MIME types or platform descriptors in our case), with each string appearing at most once. type orderedSet struct { @@ -51,9 +53,10 @@ type determineManifestConversionInputs struct { destSupportedManifestMIMETypes []string // MIME types supported by the destination, per types.ImageDestination.SupportedManifestMIMETypes() - forceManifestMIMEType string // User’s choice of forced manifest MIME type - requiresOCIEncryption bool // Restrict to manifest formats that can support OCI encryption - cannotModifyManifestReason string // The reason the manifest cannot be modified, or an empty string if it can + forceManifestMIMEType string // User’s choice of forced manifest MIME type + requestedCompressionFormat *compressiontypes.Algorithm // Compression algorithm to use, if the user _explictily_ requested one. + requiresOCIEncryption bool // Restrict to manifest formats that can support OCI encryption + cannotModifyManifestReason string // The reason the manifest cannot be modified, or an empty string if it can } // manifestConversionPlan contains the decisions made by determineManifestConversion. @@ -80,41 +83,74 @@ func determineManifestConversion(in determineManifestConversionInputs) (manifest destSupportedManifestMIMETypes = []string{in.forceManifestMIMEType} } + restrictiveCompressionRequired := in.requestedCompressionFormat != nil && !internalManifest.CompressionAlgorithmIsUniversallySupported(*in.requestedCompressionFormat) if len(destSupportedManifestMIMETypes) == 0 { - if !in.requiresOCIEncryption || manifest.MIMETypeSupportsEncryption(srcType) { + if (!in.requiresOCIEncryption || manifest.MIMETypeSupportsEncryption(srcType)) && + (!restrictiveCompressionRequired || internalManifest.MIMETypeSupportsCompressionAlgorithm(srcType, *in.requestedCompressionFormat)) { return manifestConversionPlan{ // Anything goes; just use the original as is, do not try any conversions. preferredMIMEType: srcType, otherMIMETypeCandidates: []string{}, }, nil } - destSupportedManifestMIMETypes = ociEncryptionMIMETypes + destSupportedManifestMIMETypes = allManifestMIMETypes } supportedByDest := set.New[string]() for _, t := range destSupportedManifestMIMETypes { - if !in.requiresOCIEncryption || manifest.MIMETypeSupportsEncryption(t) { - supportedByDest.Add(t) + if in.requiresOCIEncryption && !manifest.MIMETypeSupportsEncryption(t) { + continue } + if restrictiveCompressionRequired && !internalManifest.MIMETypeSupportsCompressionAlgorithm(t, *in.requestedCompressionFormat) { + continue + } + supportedByDest.Add(t) } if supportedByDest.Empty() { - if len(destSupportedManifestMIMETypes) == 0 { // Coverage: This should never happen, empty values were replaced by ociEncryptionMIMETypes + if len(destSupportedManifestMIMETypes) == 0 { // Coverage: This should never happen, empty values were replaced by allManifestMIMETypes return manifestConversionPlan{}, errors.New("internal error: destSupportedManifestMIMETypes is empty") } - // We know, and have verified, that destSupportedManifestMIMETypes is not empty, so encryption must have been involved. - if !in.requiresOCIEncryption { // Coverage: This should never happen, destSupportedManifestMIMETypes was not empty, so we should have filtered for encryption. - return manifestConversionPlan{}, errors.New("internal error: supportedByDest is empty but destSupportedManifestMIMETypes is not, and not encrypting") - } + // We know, and have verified, that destSupportedManifestMIMETypes is not empty, so some filtering of supported MIME types must have been involved. + // destSupportedManifestMIMETypes has three possible origins: if in.forceManifestMIMEType != "" { // 1. forceManifestType specified - return manifestConversionPlan{}, fmt.Errorf("encryption required together with format %s, which does not support encryption", - in.forceManifestMIMEType) + switch { + case in.requiresOCIEncryption && restrictiveCompressionRequired: + return manifestConversionPlan{}, fmt.Errorf("compression using %s, and encryption, required together with format %s, which does not support both", + in.requestedCompressionFormat.Name(), in.forceManifestMIMEType) + case in.requiresOCIEncryption: + return manifestConversionPlan{}, fmt.Errorf("encryption required together with format %s, which does not support encryption", + in.forceManifestMIMEType) + case restrictiveCompressionRequired: + return manifestConversionPlan{}, fmt.Errorf("compression using %s required together with format %s, which does not support it", + in.requestedCompressionFormat.Name(), in.forceManifestMIMEType) + default: + return manifestConversionPlan{}, errors.New("internal error: forceManifestMIMEType was rejected for an unknown reason") + } + } + if len(in.destSupportedManifestMIMETypes) == 0 { // 2. destination accepts anything and we have chosen allManifestTypes + if !restrictiveCompressionRequired { + // Coverage: This should never happen. + // If we have not rejected for encryption reasons, we must have rejected due to encryption, but + // allManifestTypes includes OCI, which supports encryption. + return manifestConversionPlan{}, errors.New("internal error: in.destSupportedManifestMIMETypes is empty but supportedByDest is empty as well") + } + // This can legitimately happen when the user asks for completely unsupported formats like Bzip2 or Xz. + return manifestConversionPlan{}, fmt.Errorf("compression using %s required, but none of the known manifest formats support it", in.requestedCompressionFormat.Name()) } - if len(in.destSupportedManifestMIMETypes) == 0 { // 2. destination accepts anything and we have chosen ociEncryptionMIMETypes - // Coverage: This should never happen, ociEncryptionMIMETypes all support encryption - return manifestConversionPlan{}, errors.New("internal error: in.destSupportedManifestMIMETypes is empty but supportedByDest is empty as well") + // 3. destination accepts a restricted list of mime types + destMIMEList := strings.Join(destSupportedManifestMIMETypes, ", ") + switch { + case in.requiresOCIEncryption && restrictiveCompressionRequired: + return manifestConversionPlan{}, fmt.Errorf("compression using %s, and encryption, required but the destination only supports MIME types [%s], none of which support both", + in.requestedCompressionFormat.Name(), destMIMEList) + case in.requiresOCIEncryption: + return manifestConversionPlan{}, fmt.Errorf("encryption required but the destination only supports MIME types [%s], none of which support encryption", + destMIMEList) + case restrictiveCompressionRequired: + return manifestConversionPlan{}, fmt.Errorf("compression using %s required but the destination only supports MIME types [%s], none of which support it", + in.requestedCompressionFormat.Name(), destMIMEList) + default: // Coverage: This should never happen, we only filter for in.requiresOCIEncryption || restrictiveCompressionRequired + return manifestConversionPlan{}, errors.New("internal error: supportedByDest is empty but destSupportedManifestMIMETypes is not, and we are neither encrypting nor requiring a restrictive compression algorithm") } - // 3. destination does not support encryption. - return manifestConversionPlan{}, fmt.Errorf("encryption required but the destination only supports MIME types [%s], none of which support encryption", - strings.Join(destSupportedManifestMIMETypes, ", ")) } // destSupportedManifestMIMETypes is a static guess; a particular registry may still only support a subset of the types. @@ -156,7 +192,7 @@ func determineManifestConversion(in determineManifestConversionInputs) (manifest } logrus.Debugf("Manifest has MIME type %s, ordered candidate list [%s]", srcType, strings.Join(prioritizedTypes.list, ", ")) - if len(prioritizedTypes.list) == 0 { // Coverage: destSupportedManifestMIMETypes and supportedByDest, which is a subset, is not empty (or we would have exited above), so this should never happen. + if len(prioritizedTypes.list) == 0 { // Coverage: destSupportedManifestMIMETypes and supportedByDest, which is a subset, is not empty (or we would have exited above), so this should never happen. return manifestConversionPlan{}, errors.New("Internal error: no candidate MIME types") } res := manifestConversionPlan{ diff --git a/vendor/github.com/containers/image/v5/copy/single.go b/vendor/github.com/containers/image/v5/copy/single.go index 67ca43f7bcf7..b9ea05970c1c 100644 --- a/vendor/github.com/containers/image/v5/copy/single.go +++ b/vendor/github.com/containers/image/v5/copy/single.go @@ -167,6 +167,7 @@ func (c *copier) copySingleImage(ctx context.Context, unparsedImage *image.Unpar srcMIMEType: ic.src.ManifestMIMEType, destSupportedManifestMIMETypes: ic.c.dest.SupportedManifestMIMETypes(), forceManifestMIMEType: c.options.ForceManifestMIMEType, + requestedCompressionFormat: ic.compressionFormat, requiresOCIEncryption: destRequiresOciEncryption, cannotModifyManifestReason: ic.cannotModifyManifestReason, }) diff --git a/vendor/github.com/containers/image/v5/internal/manifest/manifest.go b/vendor/github.com/containers/image/v5/internal/manifest/manifest.go index 1dbcc14182aa..6f7bc8bbe6d2 100644 --- a/vendor/github.com/containers/image/v5/internal/manifest/manifest.go +++ b/vendor/github.com/containers/image/v5/internal/manifest/manifest.go @@ -3,6 +3,7 @@ package manifest import ( "encoding/json" + compressiontypes "github.com/containers/image/v5/pkg/compression/types" "github.com/containers/libtrust" digest "github.com/opencontainers/go-digest" imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1" @@ -14,7 +15,7 @@ import ( const ( // DockerV2Schema1MediaType MIME type represents Docker manifest schema 1 DockerV2Schema1MediaType = "application/vnd.docker.distribution.manifest.v1+json" - // DockerV2Schema1MediaType MIME type represents Docker manifest schema 1 with a JWS signature + // DockerV2Schema1SignedMediaType MIME type represents Docker manifest schema 1 with a JWS signature DockerV2Schema1SignedMediaType = "application/vnd.docker.distribution.manifest.v1+prettyjws" // DockerV2Schema2MediaType MIME type represents Docker manifest schema 2 DockerV2Schema2MediaType = "application/vnd.docker.distribution.manifest.v2+json" @@ -165,3 +166,26 @@ func NormalizedMIMEType(input string) string { return DockerV2Schema1SignedMediaType } } + +// CompressionAlgorithmIsUniversallySupported returns true if MIMETypeSupportsCompressionAlgorithm(mimeType, algo) returns true for all mimeType values. +func CompressionAlgorithmIsUniversallySupported(algo compressiontypes.Algorithm) bool { + switch algo.Name() { // Should this use InternalUnstableUndocumentedMIMEQuestionMark() ? + case compressiontypes.GzipAlgorithmName: + return true + default: + return false + } +} + +// MIMETypeSupportsCompressionAlgorithm returns true if mimeType can represent algo. +func MIMETypeSupportsCompressionAlgorithm(mimeType string, algo compressiontypes.Algorithm) bool { + if CompressionAlgorithmIsUniversallySupported(algo) { + return true + } + switch algo.Name() { // Should this use InternalUnstableUndocumentedMIMEQuestionMark() ? + case compressiontypes.ZstdAlgorithmName, compressiontypes.ZstdChunkedAlgorithmName: + return mimeType == imgspecv1.MediaTypeImageManifest + default: // Includes Bzip2AlgorithmName and XzAlgorithmName, which are defined names but are not supported anywhere + return false + } +} diff --git a/vendor/github.com/containers/image/v5/manifest/docker_schema1.go b/vendor/github.com/containers/image/v5/manifest/docker_schema1.go index a80af701afdf..762815570cd0 100644 --- a/vendor/github.com/containers/image/v5/manifest/docker_schema1.go +++ b/vendor/github.com/containers/image/v5/manifest/docker_schema1.go @@ -10,6 +10,7 @@ import ( "github.com/containers/image/v5/docker/reference" "github.com/containers/image/v5/internal/manifest" "github.com/containers/image/v5/internal/set" + compressiontypes "github.com/containers/image/v5/pkg/compression/types" "github.com/containers/image/v5/types" "github.com/containers/storage/pkg/regexp" "github.com/docker/docker/api/types/versions" @@ -142,6 +143,15 @@ func (m *Schema1) LayerInfos() []LayerInfo { return layers } +const fakeSchema1MIMEType = DockerV2Schema2LayerMediaType // Used only in schema1CompressionMIMETypeSets +var schema1CompressionMIMETypeSets = []compressionMIMETypeSet{ + { + mtsUncompressed: fakeSchema1MIMEType, + compressiontypes.GzipAlgorithmName: fakeSchema1MIMEType, + compressiontypes.ZstdAlgorithmName: mtsUnsupportedMIMEType, + }, +} + // UpdateLayerInfos replaces the original layers with the specified BlobInfos (size+digest+urls), in order (the root layer first, and then successive layered layers) func (m *Schema1) UpdateLayerInfos(layerInfos []types.BlobInfo) error { // Our LayerInfos includes empty layers (where m.ExtractedV1Compatibility[].ThrowAway), so expect them to be included here as well. @@ -150,6 +160,11 @@ func (m *Schema1) UpdateLayerInfos(layerInfos []types.BlobInfo) error { } m.FSLayers = make([]Schema1FSLayers, len(layerInfos)) for i, info := range layerInfos { + // There are no MIME types in schema1, but we do a “conversion” here to reject unsupported compression algorithms, + // in a way that is consistent with the other schema implementations. + if _, err := updatedMIMEType(schema1CompressionMIMETypeSets, fakeSchema1MIMEType, info); err != nil { + return fmt.Errorf("preparing updated manifest, layer %q: %w", info.Digest, err) + } // (docker push) sets up m.ExtractedV1Compatibility[].{Id,Parent} based on values of info.Digest, // but (docker pull) ignores them in favor of computing DiffIDs from uncompressed data, except verifying the child->parent links and uniqueness. // So, we don't bother recomputing the IDs in m.History.V1Compatibility. diff --git a/vendor/github.com/containers/image/v5/manifest/manifest.go b/vendor/github.com/containers/image/v5/manifest/manifest.go index 959aac935ebc..828b8da0b7f2 100644 --- a/vendor/github.com/containers/image/v5/manifest/manifest.go +++ b/vendor/github.com/containers/image/v5/manifest/manifest.go @@ -16,7 +16,7 @@ import ( const ( // DockerV2Schema1MediaType MIME type represents Docker manifest schema 1 DockerV2Schema1MediaType = manifest.DockerV2Schema1MediaType - // DockerV2Schema1MediaType MIME type represents Docker manifest schema 1 with a JWS signature + // DockerV2Schema1SignedMediaType MIME type represents Docker manifest schema 1 with a JWS signature DockerV2Schema1SignedMediaType = manifest.DockerV2Schema1SignedMediaType // DockerV2Schema2MediaType MIME type represents Docker manifest schema 2 DockerV2Schema2MediaType = manifest.DockerV2Schema2MediaType diff --git a/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go b/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go index 8386c47a3fca..6ca618e3519b 100644 --- a/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go +++ b/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go @@ -13,6 +13,7 @@ import ( "github.com/containers/image/v5/internal/signature" "github.com/containers/image/v5/types" "github.com/containers/storage/pkg/archive" + "github.com/containers/storage/pkg/idtools" digest "github.com/opencontainers/go-digest" "github.com/sirupsen/logrus" ) @@ -169,10 +170,15 @@ func (d *ociArchiveImageDestination) Commit(ctx context.Context, unparsedTopleve // tar converts the directory at src and saves it to dst func tarDirectory(src, dst string) error { // input is a stream of bytes from the archive of the directory at path - input, err := archive.Tar(src, archive.Uncompressed) + input, err := archive.TarWithOptions(src, &archive.TarOptions{ + Compression: archive.Uncompressed, + // Don’t include the data about the user account this code is running under. + ChownOpts: &idtools.IDPair{UID: 0, GID: 0}, + }) if err != nil { return fmt.Errorf("retrieving stream of bytes from %q: %w", src, err) } + defer input.Close() // creates the tar file outFile, err := os.Create(dst) diff --git a/vendor/github.com/containers/storage/pkg/archive/archive.go b/vendor/github.com/containers/storage/pkg/archive/archive.go index 05d257118279..85c91690d0d3 100644 --- a/vendor/github.com/containers/storage/pkg/archive/archive.go +++ b/vendor/github.com/containers/storage/pkg/archive/archive.go @@ -534,6 +534,10 @@ func (ta *tarAppender) addTarFile(path, name string) error { if ta.ChownOpts != nil { hdr.Uid = ta.ChownOpts.UID hdr.Gid = ta.ChownOpts.GID + // Don’t expose the user names from the local system; they probably don’t match the ta.ChownOpts value anyway, + // and they unnecessarily give recipients of the tar file potentially private data. + hdr.Uname = "" + hdr.Gname = "" } maybeTruncateHeaderModTime(hdr) diff --git a/vendor/github.com/containers/storage/pkg/chunked/cache_linux.go b/vendor/github.com/containers/storage/pkg/chunked/cache_linux.go index 5d4befc2348e..aa4f57e6fbcb 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/cache_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/cache_linux.go @@ -578,7 +578,10 @@ func unmarshalToc(manifest []byte) (*internal.TOC, error) { return byteSliceAsString(buf.Bytes()[from:to]) } - iter = jsoniter.ParseBytes(jsoniter.ConfigFastest, manifest) + pool := iter.Pool() + pool.ReturnIterator(iter) + iter = pool.BorrowIterator(manifest) + for field := iter.ReadObject(); field != ""; field = iter.ReadObject() { if strings.ToLower(field) == "version" { toc.Version = iter.ReadInt() @@ -657,8 +660,17 @@ func unmarshalToc(manifest []byte) (*internal.TOC, error) { } toc.Entries = append(toc.Entries, m) } - break } + + // validate there is no extra data in the provided input. This is a security measure to avoid + // that the digest we calculate for the TOC refers to the entire document. + if iter.Error != nil && iter.Error != io.EOF { + return nil, iter.Error + } + if iter.WhatIsNext() != jsoniter.InvalidValue || !errors.Is(iter.Error, io.EOF) { + return nil, fmt.Errorf("unexpected data after manifest") + } + toc.StringsBuf = buf return &toc, nil } diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go index 41f3a9e9b21d..62a9c9ea1b72 100644 --- a/vendor/github.com/containers/storage/store.go +++ b/vendor/github.com/containers/storage/store.go @@ -11,6 +11,7 @@ import ( "reflect" "strings" "sync" + "syscall" "time" // register all of the built-in drivers @@ -961,6 +962,10 @@ func (s *store) load() error { } else { ris, err = newROImageStore(gipath) if err != nil { + if errors.Is(err, syscall.EROFS) { + logrus.Debugf("Ignoring creation of lockfiles on read-only file systems %q, %v", gipath, err) + continue + } return err } } diff --git a/vendor/modules.txt b/vendor/modules.txt index 652b100c642f..e4bb48dcde70 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -107,7 +107,7 @@ github.com/chzyer/readline # github.com/containerd/cgroups/v3 v3.0.2 ## explicit; go 1.18 github.com/containerd/cgroups/v3/cgroup1/stats -# github.com/containerd/containerd v1.7.9 +# github.com/containerd/containerd v1.7.10 ## explicit; go 1.19 github.com/containerd/containerd/errdefs github.com/containerd/containerd/log @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.1-0.20231129142626-3b9abaa8806f +# github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -234,7 +234,7 @@ github.com/containers/conmon/runner/config # github.com/containers/gvisor-tap-vsock v0.7.1 ## explicit; go 1.20 github.com/containers/gvisor-tap-vsock/pkg/types -# github.com/containers/image/v5 v5.29.1-0.20231120202631-293b00ba7166 +# github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 ## explicit; go 1.19 github.com/containers/image/v5/copy github.com/containers/image/v5/directory @@ -344,7 +344,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.51.1-0.20231120144510-2cf61989a5bc +# github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a ## explicit; go 1.19 github.com/containers/storage github.com/containers/storage/drivers @@ -1172,7 +1172,7 @@ golang.org/x/net/internal/socks golang.org/x/net/internal/timeseries golang.org/x/net/proxy golang.org/x/net/trace -# golang.org/x/oauth2 v0.14.0 +# golang.org/x/oauth2 v0.15.0 ## explicit; go 1.18 golang.org/x/oauth2 golang.org/x/oauth2/internal From 269f8ff066ad426a9b07e24a172a94a5fdb985e6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 14:53:34 +0000 Subject: [PATCH 104/170] fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.2 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- test/tools/go.mod | 2 +- test/tools/go.sum | 4 ++-- .../github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go | 6 +++--- .../github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go | 2 +- .../github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go | 4 ++-- .../github.com/onsi/ginkgo/v2/reporters/json_report.go | 6 ++++-- .../vendor/github.com/onsi/ginkgo/v2/types/code_location.go | 2 +- .../tools/vendor/github.com/onsi/ginkgo/v2/types/version.go | 2 +- test/tools/vendor/modules.txt | 2 +- 9 files changed, 16 insertions(+), 14 deletions(-) diff --git a/test/tools/go.mod b/test/tools/go.mod index 3937ab459b4f..47ac6ebe5aa6 100644 --- a/test/tools/go.mod +++ b/test/tools/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/cpuguy83/go-md2man/v2 v2.0.3 - github.com/onsi/ginkgo/v2 v2.13.1 + github.com/onsi/ginkgo/v2 v2.13.2 github.com/vbatts/git-validation v1.2.1 golang.org/x/tools v0.16.0 ) diff --git a/test/tools/go.sum b/test/tools/go.sum index fdb8fe0c4e47..52be60c3a4d2 100644 --- a/test/tools/go.sum +++ b/test/tools/go.sum @@ -25,8 +25,8 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= -github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= +github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go index f3ae13bb144c..df99875be204 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/internal/test_suite.go @@ -226,7 +226,7 @@ func suitesInDir(dir string, recurse bool) TestSuites { files, _ := os.ReadDir(dir) re := regexp.MustCompile(`^[^._].*_test\.go$`) for _, file := range files { - if !file.IsDir() && re.Match([]byte(file.Name())) { + if !file.IsDir() && re.MatchString(file.Name()) { suite := TestSuite{ Path: relPath(dir), PackageName: packageNameForSuite(dir), @@ -241,7 +241,7 @@ func suitesInDir(dir string, recurse bool) TestSuites { if recurse { re = regexp.MustCompile(`^[._]`) for _, file := range files { - if file.IsDir() && !re.Match([]byte(file.Name())) { + if file.IsDir() && !re.MatchString(file.Name()) { suites = append(suites, suitesInDir(dir+"/"+file.Name(), recurse)...) } } @@ -272,7 +272,7 @@ func filesHaveGinkgoSuite(dir string, files []os.DirEntry) bool { reGinkgo := regexp.MustCompile(`package ginkgo|\/ginkgo"|\/ginkgo\/v2"|\/ginkgo\/v2/dsl/`) for _, file := range files { - if !file.IsDir() && reTestFile.Match([]byte(file.Name())) { + if !file.IsDir() && reTestFile.MatchString(file.Name()) { contents, _ := os.ReadFile(dir + "/" + file.Name()) if reGinkgo.Match(contents) { return true diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go index f5ddff30fc76..a34d94354d9b 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/dependencies.go @@ -78,7 +78,7 @@ func (d Dependencies) resolveAndAdd(deps []string, depth int) { if err != nil { continue } - if !pkg.Goroot && (!ginkgoAndGomegaFilter.Match([]byte(pkg.Dir)) || ginkgoIntegrationTestFilter.Match([]byte(pkg.Dir))) { + if !pkg.Goroot && (!ginkgoAndGomegaFilter.MatchString(pkg.Dir) || ginkgoIntegrationTestFilter.MatchString(pkg.Dir)) { d.addDepIfNotPresent(pkg.Dir, depth) } } diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go index e9f7ec0cb3b0..17d052bdc3c1 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/ginkgo/watch/package_hash.go @@ -79,7 +79,7 @@ func (p *PackageHash) computeHashes() (codeHash string, codeModifiedTime time.Ti continue } - if goTestRegExp.Match([]byte(info.Name())) { + if goTestRegExp.MatchString(info.Name()) { testHash += p.hashForFileInfo(info) if info.ModTime().After(testModifiedTime) { testModifiedTime = info.ModTime() @@ -87,7 +87,7 @@ func (p *PackageHash) computeHashes() (codeHash string, codeModifiedTime time.Ti continue } - if p.watchRegExp.Match([]byte(info.Name())) { + if p.watchRegExp.MatchString(info.Name()) { codeHash += p.hashForFileInfo(info) if info.ModTime().After(codeModifiedTime) { codeModifiedTime = info.ModTime() diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go index be506f9b472d..5d3e8db994bb 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/reporters/json_report.go @@ -18,6 +18,7 @@ func GenerateJSONReport(report types.Report, destination string) error { if err != nil { return err } + defer f.Close() enc := json.NewEncoder(f) enc.SetIndent("", " ") err = enc.Encode([]types.Report{ @@ -26,7 +27,7 @@ func GenerateJSONReport(report types.Report, destination string) error { if err != nil { return err } - return f.Close() + return nil } // MergeJSONReports produces a single JSON-formatted report at the passed in destination by merging the JSON-formatted reports provided in sources @@ -57,11 +58,12 @@ func MergeAndCleanupJSONReports(sources []string, destination string) ([]string, if err != nil { return messages, err } + defer f.Close() enc := json.NewEncoder(f) enc.SetIndent("", " ") err = enc.Encode(allReports) if err != nil { return messages, err } - return messages, f.Close() + return messages, nil } diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/code_location.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/code_location.go index 9cd5768170a4..57e87517e076 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/code_location.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/code_location.go @@ -149,7 +149,7 @@ func PruneStack(fullStackTrace string, skip int) string { re := regexp.MustCompile(`\/ginkgo\/|\/pkg\/testing\/|\/pkg\/runtime\/`) for i := 0; i < len(stack)/2; i++ { // We filter out based on the source code file name. - if !re.Match([]byte(stack[i*2+1])) { + if !re.MatchString(stack[i*2+1]) { prunedStack = append(prunedStack, stack[i*2]) prunedStack = append(prunedStack, stack[i*2+1]) } diff --git a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go index 7a794d87a1e1..a4a1524b4fd0 100644 --- a/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/test/tools/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.13.1" +const VERSION = "2.13.2" diff --git a/test/tools/vendor/modules.txt b/test/tools/vendor/modules.txt index 812703c961a0..d2ab6665a476 100644 --- a/test/tools/vendor/modules.txt +++ b/test/tools/vendor/modules.txt @@ -23,7 +23,7 @@ github.com/mattn/go-colorable # github.com/mattn/go-isatty v0.0.17 ## explicit; go 1.15 github.com/mattn/go-isatty -# github.com/onsi/ginkgo/v2 v2.13.1 +# github.com/onsi/ginkgo/v2 v2.13.2 ## explicit; go 1.18 github.com/onsi/ginkgo/v2/config github.com/onsi/ginkgo/v2/formatter From f9e8585c5354748b2a77ed65d214adfe7c6ae5fe Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 30 Nov 2023 10:13:35 -0500 Subject: [PATCH 105/170] Enable win podman-machine test failure Intended to serve as motivation to fix them. Removed from status aggregator so the failures don't block PR merging. Updated comment text to reference related open issue, #20548. Signed-off-by: Chris Evich --- .cirrus.yml | 7 +++---- contrib/cirrus/cirrus_yaml_test.py | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index ae58bc18f584..ce84526bee3a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -764,9 +764,6 @@ podman_machine_aarch64_task: podman_machine_windows_task: name: *std_name_fmt alias: podman_machine_windows - # TODO: These tests are new and mostly fail. Disable all failures impacting overall CI status - # until the tests, scripts, and environment stabalize. - allow_failures: $CI == $CI # Only run for non-docs/copr PRs and non-release branch builds # and never for tags. Docs: ./contrib/cirrus/CIModes.md only_if: >- @@ -1061,7 +1058,9 @@ success_task: - rootless_integration_test - podman_machine - podman_machine_aarch64 - - podman_machine_windows + # TODO: issue #20548; These tests are new and mostly fail. + # Ignore status until tests, scripts, and/or environment stabalize. + # - podman_machine_windows - local_system_test - local_system_test_aarch64 - remote_system_test diff --git a/contrib/cirrus/cirrus_yaml_test.py b/contrib/cirrus/cirrus_yaml_test.py index 262ea4d2eb6e..196b745a2dec 100755 --- a/contrib/cirrus/cirrus_yaml_test.py +++ b/contrib/cirrus/cirrus_yaml_test.py @@ -27,7 +27,7 @@ class TestDependsOn(TestCaseBase): ALL_TASK_NAMES = None SUCCESS_DEPS_EXCLUDE = set(['success', 'bench_stuff', 'artifacts', - 'release', 'release_test']) + 'release', 'release_test', 'podman_machine_windows']) def setUp(self): super().setUp() From b1acb43d719d57a4698b96a7c5338c9df98ed9ec Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 30 Nov 2023 14:45:47 -0700 Subject: [PATCH 106/170] CI: fix system_test_aarch64 dependencies It should depend on aarch64 *validate*, not just build. (Noticed by accident while reviewing Macintosh CI graph) Signed-off-by: Ed Santiago --- .cirrus.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.cirrus.yml b/.cirrus.yml index ae58bc18f584..8c4e0e266deb 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -823,6 +823,7 @@ local_system_test_aarch64_task: &local_system_test_task_aarch64 only_if: *not_tag_build_docs depends_on: - build_aarch64 + - validate_aarch64 - unit_test ec2_instance: *standard_build_ec2_aarch64 env: From 00d96c2b997561e8226494a29ce63cc23c3fa9f0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 1 Dec 2023 09:35:36 +0000 Subject: [PATCH 107/170] fix(deps): update github.com/openshift/imagebuilder digest to ef2a5fe Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- .../openshift/imagebuilder/dispatchers.go | 21 +++++++++++++++++++ vendor/modules.txt | 2 +- 4 files changed, 25 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 9a65b76177db..2c494ff37f0f 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 - github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 + github.com/openshift/imagebuilder v1.2.6-0.20231127234745-ef2a5fe47510 github.com/rootless-containers/rootlesskit v1.1.1 github.com/shirou/gopsutil/v3 v3.23.10 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index 95df02f6df60..bf4aeb600e55 100644 --- a/go.sum +++ b/go.sum @@ -876,8 +876,8 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 h1:vhEmg+NeucmSYnT2j9ukkZLrR/ZOFUuUiGhxlBAlW8U= -github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722/go.mod h1:+rSifDZnwJPSW2uYHl7ePSVxq4DEu1VlhNR1uIz/Lm4= +github.com/openshift/imagebuilder v1.2.6-0.20231127234745-ef2a5fe47510 h1:ILAESc7vHTVNKctTiR10XC+vACPlR4NbS6570G6QQmY= +github.com/openshift/imagebuilder v1.2.6-0.20231127234745-ef2a5fe47510/go.mod h1:nOaQJMj7VZgdqATqES4GxZX/p6gwK2r7bpE3Ry63+jM= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index fdb2aded64dd..f43adacb43f9 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -184,6 +184,9 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin switch { case strings.HasPrefix(arg, "--chown="): chown = strings.TrimPrefix(arg, "--chown=") + if chown == "" { + return fmt.Errorf("no value specified for --chown=") + } case strings.HasPrefix(arg, "--chmod="): chmod = strings.TrimPrefix(arg, "--chmod=") err = checkChmodConversion(chmod) @@ -192,6 +195,9 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin } case strings.HasPrefix(arg, "--checksum="): checksum = strings.TrimPrefix(arg, "--checksum=") + if checksum == "" { + return fmt.Errorf("no value specified for --checksum=") + } default: return fmt.Errorf("ADD only supports the --chmod=, --chown=, and --checksum= flags") } @@ -232,6 +238,9 @@ func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArg switch { case strings.HasPrefix(arg, "--chown="): chown = strings.TrimPrefix(arg, "--chown=") + if chown == "" { + return fmt.Errorf("no value specified for --chown=") + } case strings.HasPrefix(arg, "--chmod="): chmod = strings.TrimPrefix(arg, "--chmod=") err = checkChmodConversion(chmod) @@ -240,6 +249,9 @@ func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArg } case strings.HasPrefix(arg, "--from="): from = strings.TrimPrefix(arg, "--from=") + if from == "" { + return fmt.Errorf("no value specified for --from=") + } default: return fmt.Errorf("COPY only supports the --chmod= --chown= and the --from= flags") } @@ -302,6 +314,9 @@ func from(b *Builder, args []string, attributes map[string]bool, flagArgs []stri switch { case strings.HasPrefix(arg, "--platform="): platformString := strings.TrimPrefix(arg, "--platform=") + if platformString == "" { + return fmt.Errorf("no value specified for --platform=") + } b.Platform = platformString default: return fmt.Errorf("FROM only supports the --platform flag") @@ -393,9 +408,15 @@ func run(b *Builder, args []string, attributes map[string]bool, flagArgs []strin switch { case strings.HasPrefix(arg, "--mount="): mount := strings.TrimPrefix(arg, "--mount=") + if mount == "" { + return fmt.Errorf("no value specified for --mount=") + } mounts = append(mounts, mount) case strings.HasPrefix(arg, "--network="): network = strings.TrimPrefix(arg, "--network=") + if network == "" { + return fmt.Errorf("no value specified for --network=") + } default: return fmt.Errorf("RUN only supports the --mount and --network flag") } diff --git a/vendor/modules.txt b/vendor/modules.txt index e4bb48dcde70..d213e4163e70 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -883,7 +883,7 @@ github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 +# github.com/openshift/imagebuilder v1.2.6-0.20231127234745-ef2a5fe47510 ## explicit; go 1.19 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerfile/command From 45e53ed7b0e262e1ba0c2874265f812f1ece53b8 Mon Sep 17 00:00:00 2001 From: Doug Rabson Date: Fri, 1 Dec 2023 11:37:27 +0000 Subject: [PATCH 108/170] libpod: Detect whether we have a private UTS namespace on FreeBSD Right now, we always use a private UTS namespace on FreeBSD. This should be made optional but implementing that cleanly needs a FreeBSD extension to the OCI runtime config. The process for that is starting (https://github.com/opencontainers/tob/pull/133) but in the meantime, assume that the UTS namespace is private on FreeBSD. This moves the Linux-specific namespace logic to container_internal_linux.go and adds a FreeBSD stub. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson --- libpod/container.go | 10 +--------- libpod/container_internal_freebsd.go | 7 +++++++ libpod/container_internal_linux.go | 13 +++++++++++++ 3 files changed, 21 insertions(+), 9 deletions(-) diff --git a/libpod/container.go b/libpod/container.go index bc904f0ba4b8..9bd8028367d2 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -688,15 +688,7 @@ func (c *Container) Hostname() string { // if the container is not running in a private UTS namespace, // return the host's hostname. - privateUTS := false - if c.config.Spec.Linux != nil { - for _, ns := range c.config.Spec.Linux.Namespaces { - if ns.Type == spec.UTSNamespace { - privateUTS = true - break - } - } - } + privateUTS := c.hasPrivateUTS() if !privateUTS { hostname, err := os.Hostname() if err == nil { diff --git a/libpod/container_internal_freebsd.go b/libpod/container_internal_freebsd.go index 6ad8dd853e9f..430e16d3fa9a 100644 --- a/libpod/container_internal_freebsd.go +++ b/libpod/container_internal_freebsd.go @@ -392,3 +392,10 @@ func (c *Container) getPlatformRunPath() (string, error) { func (c *Container) addMaskedPaths(g *generate.Generator) { // There are currently no FreeBSD-specific masked paths } + +func (c *Container) hasPrivateUTS() bool { + // Currently we always use a private UTS namespace on FreeBSD. This + // should be optional but needs a FreeBSD section in the OCI runtime + // specification. + return true +} diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 6a8774b26589..7f6508d38058 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -811,3 +811,16 @@ func (c *Container) addMaskedPaths(g *generate.Generator) { g.AddLinuxMaskedPaths("/sys/devices/virtual/powercap") } } + +func (c *Container) hasPrivateUTS() bool { + privateUTS := false + if c.config.Spec.Linux != nil { + for _, ns := range c.config.Spec.Linux.Namespaces { + if ns.Type == spec.UTSNamespace { + privateUTS = true + break + } + } + } + return privateUTS +} From 4e21ce5ba0eae9291deff900e3be8c26fae562e8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 1 Dec 2023 13:13:11 +0000 Subject: [PATCH 109/170] fix(deps): update module github.com/shirou/gopsutil/v3 to v3.23.11 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 5 ++--- .../github.com/shirou/gopsutil/v3/process/process_freebsd.go | 4 ++-- vendor/modules.txt | 2 +- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index 9a65b76177db..0dd0fbe85317 100644 --- a/go.mod +++ b/go.mod @@ -56,7 +56,7 @@ require ( github.com/opencontainers/selinux v1.11.0 github.com/openshift/imagebuilder v1.2.6-0.20231110114814-35a50d57f722 github.com/rootless-containers/rootlesskit v1.1.1 - github.com/shirou/gopsutil/v3 v3.23.10 + github.com/shirou/gopsutil/v3 v3.23.11 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 95df02f6df60..aa723771e4be 100644 --- a/go.sum +++ b/go.sum @@ -964,8 +964,8 @@ github.com/secure-systems-lab/go-securesystemslib v0.7.0/go.mod h1:/2gYnlnHVQ6xe github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= -github.com/shirou/gopsutil/v3 v3.23.10 h1:/N42opWlYzegYaVkWejXWJpbzKv2JDy3mrgGzKsh9hM= -github.com/shirou/gopsutil/v3 v3.23.10/go.mod h1:JIE26kpucQi+innVlAUnIEOSBhBUkirr5b44yr55+WE= +github.com/shirou/gopsutil/v3 v3.23.11 h1:i3jP9NjCPUz7FiZKxlMnODZkdSIp2gnzfrvsu9CuWEQ= +github.com/shirou/gopsutil/v3 v3.23.11/go.mod h1:1FrWgea594Jp7qmjHUUPlJDTPgcsb9mGnXDxavtikzM= github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM= github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ= github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= @@ -1380,7 +1380,6 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= diff --git a/vendor/github.com/shirou/gopsutil/v3/process/process_freebsd.go b/vendor/github.com/shirou/gopsutil/v3/process/process_freebsd.go index 85134b7ee642..40b10e14fcd3 100644 --- a/vendor/github.com/shirou/gopsutil/v3/process/process_freebsd.go +++ b/vendor/github.com/shirou/gopsutil/v3/process/process_freebsd.go @@ -286,11 +286,11 @@ func (p *Process) ChildrenWithContext(ctx context.Context) ([]*Process, error) { } func (p *Process) ConnectionsWithContext(ctx context.Context) ([]net.ConnectionStat, error) { - return nil, common.ErrNotImplementedError + return net.ConnectionsPidWithContext(ctx, "all", p.Pid) } func (p *Process) ConnectionsMaxWithContext(ctx context.Context, max int) ([]net.ConnectionStat, error) { - return nil, common.ErrNotImplementedError + return net.ConnectionsPidMaxWithContext(ctx, "all", p.Pid, max) } func ProcessesWithContext(ctx context.Context) ([]*Process, error) { diff --git a/vendor/modules.txt b/vendor/modules.txt index e4bb48dcde70..73c0aee06f94 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -948,7 +948,7 @@ github.com/secure-systems-lab/go-securesystemslib/encrypted # github.com/segmentio/ksuid v1.0.4 ## explicit; go 1.12 github.com/segmentio/ksuid -# github.com/shirou/gopsutil/v3 v3.23.10 +# github.com/shirou/gopsutil/v3 v3.23.11 ## explicit; go 1.15 github.com/shirou/gopsutil/v3/common github.com/shirou/gopsutil/v3/cpu From 6efba48e2243382098a8201fd82ec6bbad927b06 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 2 Dec 2023 00:37:33 +0000 Subject: [PATCH 110/170] fix(deps): update github.com/containers/image/v5 digest to 671ab94 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +- .../image/v5/signature/fulcio_cert.go | 3 ++ .../image/v5/signature/fulcio_cert_stub.go | 28 ++++++++++++ .../image/v5/signature/internal/rekor_set.go | 3 ++ .../v5/signature/internal/rekor_set_stub.go | 15 +++++++ .../v5/signature/sigstore/fulcio/fulcio.go | 3 ++ .../signature/sigstore/fulcio/fulcio_stub.go | 45 +++++++++++++++++++ .../v5/signature/sigstore/rekor/rekor.go | 3 ++ .../v5/signature/sigstore/rekor/rekor_stub.go | 17 +++++++ vendor/modules.txt | 2 +- 11 files changed, 121 insertions(+), 4 deletions(-) create mode 100644 vendor/github.com/containers/image/v5/signature/fulcio_cert_stub.go create mode 100644 vendor/github.com/containers/image/v5/signature/internal/rekor_set_stub.go create mode 100644 vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio_stub.go create mode 100644 vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor_stub.go diff --git a/go.mod b/go.mod index 9a65b76177db..f1076f7c10fe 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 - github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 + github.com/containers/image/v5 v5.29.1-0.20231201205726-671ab94a09ea github.com/containers/libhvee v0.5.0 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 diff --git a/go.sum b/go.sum index 95df02f6df60..9dc130afdd9a 100644 --- a/go.sum +++ b/go.sum @@ -262,8 +262,8 @@ github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6J github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= -github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 h1:NeakBfEUoMzlCK1t1xkigEu/p4luDhfPtVLdrlhVhkA= -github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96/go.mod h1:viinaAODpZKsuvRIecjkmgV890VxszevaGiH+m8Qcug= +github.com/containers/image/v5 v5.29.1-0.20231201205726-671ab94a09ea h1:tsXGDybhfKVnQ3vgsuPYhhNu5VnxNlDdLFwx5X1ruSo= +github.com/containers/image/v5 v5.29.1-0.20231201205726-671ab94a09ea/go.mod h1:viinaAODpZKsuvRIecjkmgV890VxszevaGiH+m8Qcug= github.com/containers/libhvee v0.5.0 h1:rDhfG2NI8Q+VgeXht2dXezanxEdpj9pHqYX3vWfOGUw= github.com/containers/libhvee v0.5.0/go.mod h1:yvU3Em2u1ZLl2VLd2glMIBWriBwfhWsDaRJsvixUIB0= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= diff --git a/vendor/github.com/containers/image/v5/signature/fulcio_cert.go b/vendor/github.com/containers/image/v5/signature/fulcio_cert.go index ef5d3df6f040..c11fa46a9d91 100644 --- a/vendor/github.com/containers/image/v5/signature/fulcio_cert.go +++ b/vendor/github.com/containers/image/v5/signature/fulcio_cert.go @@ -1,3 +1,6 @@ +//go:build !containers_image_fulcio_stub +// +build !containers_image_fulcio_stub + package signature import ( diff --git a/vendor/github.com/containers/image/v5/signature/fulcio_cert_stub.go b/vendor/github.com/containers/image/v5/signature/fulcio_cert_stub.go new file mode 100644 index 000000000000..ee79b031ddfa --- /dev/null +++ b/vendor/github.com/containers/image/v5/signature/fulcio_cert_stub.go @@ -0,0 +1,28 @@ +//go:build containers_image_fulcio_stub +// +build containers_image_fulcio_stub + +package signature + +import ( + "crypto" + "crypto/ecdsa" + "crypto/x509" + "errors" +) + +type fulcioTrustRoot struct { + caCertificates *x509.CertPool + oidcIssuer string + subjectEmail string +} + +func (f *fulcioTrustRoot) validate() error { + return errors.New("fulcio disabled at compile-time") +} + +func verifyRekorFulcio(rekorPublicKey *ecdsa.PublicKey, fulcioTrustRoot *fulcioTrustRoot, untrustedRekorSET []byte, + untrustedCertificateBytes []byte, untrustedIntermediateChainBytes []byte, untrustedBase64Signature string, + untrustedPayloadBytes []byte) (crypto.PublicKey, error) { + return nil, errors.New("fulcio diabled at compile-time") + +} diff --git a/vendor/github.com/containers/image/v5/signature/internal/rekor_set.go b/vendor/github.com/containers/image/v5/signature/internal/rekor_set.go index d439b5f7a7d9..d86e98a45b83 100644 --- a/vendor/github.com/containers/image/v5/signature/internal/rekor_set.go +++ b/vendor/github.com/containers/image/v5/signature/internal/rekor_set.go @@ -1,3 +1,6 @@ +//go:build !containers_image_rekor_stub +// +build !containers_image_rekor_stub + package internal import ( diff --git a/vendor/github.com/containers/image/v5/signature/internal/rekor_set_stub.go b/vendor/github.com/containers/image/v5/signature/internal/rekor_set_stub.go new file mode 100644 index 000000000000..7c121cc2eecf --- /dev/null +++ b/vendor/github.com/containers/image/v5/signature/internal/rekor_set_stub.go @@ -0,0 +1,15 @@ +//go:build containers_image_rekor_stub +// +build containers_image_rekor_stub + +package internal + +import ( + "crypto/ecdsa" + "time" +) + +// VerifyRekorSET verifies that unverifiedRekorSET is correctly signed by publicKey and matches the rest of the data. +// Returns bundle upload time on success. +func VerifyRekorSET(publicKey *ecdsa.PublicKey, unverifiedRekorSET []byte, unverifiedKeyOrCertBytes []byte, unverifiedBase64Signature string, unverifiedPayloadBytes []byte) (time.Time, error) { + return time.Time{}, NewInvalidSignatureError("rekor disabled at compile-time") +} diff --git a/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio.go b/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio.go index 0e6746abb364..4ba98b98653b 100644 --- a/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio.go +++ b/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio.go @@ -1,3 +1,6 @@ +//go:build !containers_image_fulcio_stub +// +build !containers_image_fulcio_stub + package fulcio import ( diff --git a/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio_stub.go b/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio_stub.go new file mode 100644 index 000000000000..4f4d435c1d18 --- /dev/null +++ b/vendor/github.com/containers/image/v5/signature/sigstore/fulcio/fulcio_stub.go @@ -0,0 +1,45 @@ +//go:build containers_image_fulcio_stub +// +build containers_image_fulcio_stub + +package fulcio + +import ( + "fmt" + "io" + "net/url" + + "github.com/containers/image/v5/signature/sigstore/internal" +) + +func WithFulcioAndPreexistingOIDCIDToken(fulcioURL *url.URL, oidcIDToken string) internal.Option { + return func(s *internal.SigstoreSigner) error { + return fmt.Errorf("fulcio disabled at compile time") + } +} + +// WithFulcioAndDeviceAuthorizationGrantOIDC sets up signing to use a short-lived key and a Fulcio-issued certificate +// based on an OIDC ID token obtained using a device authorization grant (RFC 8628). +// +// interactiveOutput must be directly accessible to a human user in real time (i.e. not be just a log file). +func WithFulcioAndDeviceAuthorizationGrantOIDC(fulcioURL *url.URL, oidcIssuerURL *url.URL, oidcClientID, oidcClientSecret string, + interactiveOutput io.Writer) internal.Option { + return func(s *internal.SigstoreSigner) error { + return fmt.Errorf("fulcio disabled at compile time") + } +} + +// WithFulcioAndInterativeOIDC sets up signing to use a short-lived key and a Fulcio-issued certificate +// based on an interactively-obtained OIDC ID token. +// The token is obtained +// - directly using a browser, listening on localhost, automatically opening a browser to the OIDC issuer, +// to be redirected on localhost. (I.e. the current environment must allow launching a browser that connect back to the current process; +// either or both may be impossible in a container or a remote VM). +// - or by instructing the user to manually open a browser, obtain the OIDC code, and interactively input it as text. +// +// interactiveInput and interactiveOutput must both be directly operable by a human user in real time (i.e. not be just a log file). +func WithFulcioAndInteractiveOIDC(fulcioURL *url.URL, oidcIssuerURL *url.URL, oidcClientID, oidcClientSecret string, + interactiveInput io.Reader, interactiveOutput io.Writer) internal.Option { + return func(s *internal.SigstoreSigner) error { + return fmt.Errorf("fulcio disabled at compile time") + } +} diff --git a/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor.go b/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor.go index 0236f0aabb59..f8ba6dc3fa83 100644 --- a/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor.go +++ b/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor.go @@ -1,3 +1,6 @@ +//go:build !containers_image_rekor_stub +// +build !containers_image_rekor_stub + package rekor import ( diff --git a/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor_stub.go b/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor_stub.go new file mode 100644 index 000000000000..d61926530f53 --- /dev/null +++ b/vendor/github.com/containers/image/v5/signature/sigstore/rekor/rekor_stub.go @@ -0,0 +1,17 @@ +//go:build containers_image_rekor_stub +// +build containers_image_rekor_stub + +package rekor + +import ( + "fmt" + "net/url" + + signerInternal "github.com/containers/image/v5/signature/sigstore/internal" +) + +func WithRekor(rekorURL *url.URL) signerInternal.Option { + return func(s *signerInternal.SigstoreSigner) error { + return fmt.Errorf("rekor disabled at build time") + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index e4bb48dcde70..c1a41da56ed1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -234,7 +234,7 @@ github.com/containers/conmon/runner/config # github.com/containers/gvisor-tap-vsock v0.7.1 ## explicit; go 1.20 github.com/containers/gvisor-tap-vsock/pkg/types -# github.com/containers/image/v5 v5.29.1-0.20231130112833-c43036d4fc96 +# github.com/containers/image/v5 v5.29.1-0.20231201205726-671ab94a09ea ## explicit; go 1.19 github.com/containers/image/v5/copy github.com/containers/image/v5/directory From e14aa09bb9ca30954b5c1e2c054e7e5bc9505855 Mon Sep 17 00:00:00 2001 From: Daniel Mendizabal Date: Sat, 2 Dec 2023 23:53:07 +1100 Subject: [PATCH 111/170] Update podman-systemd.unit.5.md Correction of typos and copy pastes Signed-off-by: Daniel Mendizabal --- docs/source/markdown/podman-systemd.unit.5.md | 29 +++++++------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 49282bbb6f1f..a518af74102d 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -341,8 +341,7 @@ This key can be listed multiple times. ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `run` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. @@ -688,7 +687,7 @@ By default, the Podman pod has the same name as the unit, but with a `systemd-` a `$name.pod` file creates a `$name-pod.service` unit and a `systemd-$name` Podman pod. The `PodName` option allows for overriding this default name with a user-provided one. -Valid options for `[Container]` are listed below: +Valid options for `[Pod]` are listed below: | **[Pod] options** | **podman container create equivalent** | |-------------------------------------|----------------------------------------| @@ -707,9 +706,8 @@ This key can be listed multiple times. ### `GlobalArgs=` -This key contains a list of arguments passed directly between `podman` and `kube` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +This key contains a list of arguments passed directly between `podman` and `pod` +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. @@ -720,9 +718,8 @@ This key can be listed multiple times. ### `PodmanArgs=` -This key contains a list of arguments passed directly to the end of the `podman kube play` command -in the generated file (right before the path to the yaml file in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +This key contains a list of arguments passed directly to the end of the `podman pod create` command +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, is not recommended to use this option. @@ -805,8 +802,7 @@ The current default value is `none`. ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `kube` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. @@ -976,8 +972,7 @@ This key can be listed multiple times. ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `network` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. @@ -1111,8 +1106,7 @@ This is equivalent to the Podman `--driver` option. ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `volume` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. @@ -1153,7 +1147,7 @@ The mount options to use for a filesystem as used by the **mount(8)** command `- ### `PodmanArgs=` This key contains a list of arguments passed directly to the end of the `podman volume create` command -in the generated file (right before the name of the network in the command line). It can be used to +in the generated file (right before the name of the volume in the command line). It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, is not recommended to use this option. @@ -1250,8 +1244,7 @@ This is equivalent to the Podman `--decryption-key` option. ### `GlobalArgs=` This key contains a list of arguments passed directly between `podman` and `image` -in the generated file (right before the image name in the command line). It can be used to -access Podman features otherwise unsupported by the generator. Since the generator is unaware +in the generated file. It can be used to access Podman features otherwise unsupported by the generator. Since the generator is unaware of what unexpected interactions can be caused by these arguments, it is not recommended to use this option. From f384bdf66be32a6f853acccd9d98326b7c5aabd2 Mon Sep 17 00:00:00 2001 From: Matt Heon Date: Fri, 1 Dec 2023 12:19:27 -0500 Subject: [PATCH 112/170] Handle symlinks when checking DB vs runtime configs When Podman starts, it checks a number of critical runtime paths against stored values in the database to make sure that existing containers are not broken by a configuration change. We recently made some changes to this logic to make our handling of the some options more sane (StaticDir in particular was set based on other passed options in a way that was not particularly sane) which has made the logic more sensitive to paths with symlinks. As a simple fix, handle symlinks properly in our DB vs runtime comparisons. The BoltDB bits are uglier because very, very old Podman versions sometimes did not stuff a proper value in the database and instead used the empty string. SQLite is new enough that we don't have to worry about such things. Fixes #20872 Signed-off-by: Matt Heon --- libpod/boltdb_state_internal.go | 41 ++++++++++++++++++++++--- libpod/sqlite_state.go | 54 ++++++++++++++++++++++----------- test/system/005-info.bats | 15 +++++++++ 3 files changed, 89 insertions(+), 21 deletions(-) diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 91907abbefab..954a848daa39 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -4,7 +4,9 @@ package libpod import ( + "errors" "fmt" + "io/fs" "os" "path/filepath" "runtime" @@ -93,6 +95,7 @@ type dbConfigValidation struct { runtimeValue string key []byte defaultValue string + isPath bool } // Check if the configuration of the database is compatible with the @@ -111,42 +114,49 @@ func checkRuntimeConfig(db *bolt.DB, rt *Runtime) error { runtime.GOOS, osKey, runtime.GOOS, + false, }, { "libpod root directory (staticdir)", filepath.Clean(rt.config.Engine.StaticDir), staticDirKey, "", + true, }, { "libpod temporary files directory (tmpdir)", filepath.Clean(rt.config.Engine.TmpDir), tmpDirKey, "", + true, }, { "storage temporary directory (runroot)", filepath.Clean(rt.StorageConfig().RunRoot), runRootKey, storeOpts.RunRoot, + true, }, { "storage graph root directory (graphroot)", filepath.Clean(rt.StorageConfig().GraphRoot), graphRootKey, storeOpts.GraphRoot, + true, }, { "storage graph driver", rt.StorageConfig().GraphDriverName, graphDriverKey, storeOpts.GraphDriverName, + false, }, { "volume path", rt.config.Engine.VolumePath, volPathKey, "", + true, }, } @@ -221,22 +231,45 @@ func readOnlyValidateConfig(bucket *bolt.Bucket, toCheck dbConfigValidation) (bo } dbValue := string(keyBytes) + ourValue := toCheck.runtimeValue + + // Tolerate symlinks when possible - most relevant for OStree systems + // and rootless containers, where we want to put containers in /home, + // which is symlinked to /var/home. + if toCheck.isPath { + if dbValue != "" { + // Ignore ENOENT on both, on a fresh system some paths + // may not exist this early in Libpod init. + dbVal, err := filepath.EvalSymlinks(dbValue) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return false, fmt.Errorf("evaluating symlinks on DB %s path %q: %w", toCheck.name, dbValue, err) + } + dbValue = dbVal + } + if ourValue != "" { + ourVal, err := filepath.EvalSymlinks(ourValue) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return false, fmt.Errorf("evaluating symlinks on configured %s path %q: %w", toCheck.name, ourValue, err) + } + ourValue = ourVal + } + } - if toCheck.runtimeValue != dbValue { + if ourValue != dbValue { // If the runtime value is the empty string and default is not, // check against default. - if toCheck.runtimeValue == "" && toCheck.defaultValue != "" && dbValue == toCheck.defaultValue { + if ourValue == "" && toCheck.defaultValue != "" && dbValue == toCheck.defaultValue { return true, nil } // If the DB value is the empty string, check that the runtime // value is the default. - if dbValue == "" && toCheck.defaultValue != "" && toCheck.runtimeValue == toCheck.defaultValue { + if dbValue == "" && toCheck.defaultValue != "" && ourValue == toCheck.defaultValue { return true, nil } return true, fmt.Errorf("database %s %q does not match our %s %q: %w", - toCheck.name, dbValue, toCheck.name, toCheck.runtimeValue, define.ErrDBBadConfig) + toCheck.name, dbValue, toCheck.name, ourValue, define.ErrDBBadConfig) } return true, nil diff --git a/libpod/sqlite_state.go b/libpod/sqlite_state.go index 2dc1bb384fe3..4cbccd75f99f 100644 --- a/libpod/sqlite_state.go +++ b/libpod/sqlite_state.go @@ -7,6 +7,7 @@ import ( "database/sql" "errors" "fmt" + "io/fs" "os" "path/filepath" goruntime "runtime" @@ -315,14 +316,14 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { );` var ( - os, staticDir, tmpDir, graphRoot, runRoot, graphDriver, volumePath string - runtimeOS = goruntime.GOOS - runtimeStaticDir = filepath.Clean(s.runtime.config.Engine.StaticDir) - runtimeTmpDir = filepath.Clean(s.runtime.config.Engine.TmpDir) - runtimeGraphRoot = filepath.Clean(s.runtime.StorageConfig().GraphRoot) - runtimeRunRoot = filepath.Clean(s.runtime.StorageConfig().RunRoot) - runtimeGraphDriver = s.runtime.StorageConfig().GraphDriverName - runtimeVolumePath = filepath.Clean(s.runtime.config.Engine.VolumePath) + dbOS, staticDir, tmpDir, graphRoot, runRoot, graphDriver, volumePath string + runtimeOS = goruntime.GOOS + runtimeStaticDir = filepath.Clean(s.runtime.config.Engine.StaticDir) + runtimeTmpDir = filepath.Clean(s.runtime.config.Engine.TmpDir) + runtimeGraphRoot = filepath.Clean(s.runtime.StorageConfig().GraphRoot) + runtimeRunRoot = filepath.Clean(s.runtime.StorageConfig().RunRoot) + runtimeGraphDriver = s.runtime.StorageConfig().GraphDriverName + runtimeVolumePath = filepath.Clean(s.runtime.config.Engine.VolumePath) ) // Some fields may be empty, indicating they are set to the default. @@ -359,7 +360,7 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { row := tx.QueryRow("SELECT Os, StaticDir, TmpDir, GraphRoot, RunRoot, GraphDriver, VolumeDir FROM DBConfig;") - if err := row.Scan(&os, &staticDir, &tmpDir, &graphRoot, &runRoot, &graphDriver, &volumePath); err != nil { + if err := row.Scan(&dbOS, &staticDir, &tmpDir, &graphRoot, &runRoot, &graphDriver, &volumePath); err != nil { if errors.Is(err, sql.ErrNoRows) { if _, err := tx.Exec(createRow, 1, schemaVersion, runtimeOS, runtimeStaticDir, runtimeTmpDir, runtimeGraphRoot, @@ -377,7 +378,26 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { return fmt.Errorf("retrieving DB config: %w", err) } - checkField := func(fieldName, dbVal, ourVal string) error { + checkField := func(fieldName, dbVal, ourVal string, isPath bool) error { + if isPath { + // Evaluate symlinks. Ignore ENOENT. No guarantee all + // directories exist this early in Libpod init. + if dbVal != "" { + dbValClean, err := filepath.EvalSymlinks(dbVal) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return fmt.Errorf("cannot evaluate symlinks on DB %s path %q: %w", fieldName, dbVal, err) + } + dbVal = dbValClean + } + if ourVal != "" { + ourValClean, err := filepath.EvalSymlinks(ourVal) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return fmt.Errorf("cannot evaluate symlinks on our %s path %q: %w", fieldName, ourVal, err) + } + ourVal = ourValClean + } + } + if dbVal != ourVal { return fmt.Errorf("database %s %q does not match our %s %q: %w", fieldName, dbVal, fieldName, ourVal, define.ErrDBBadConfig) } @@ -385,25 +405,25 @@ func (s *SQLiteState) ValidateDBConfig(runtime *Runtime) (defErr error) { return nil } - if err := checkField("os", os, runtimeOS); err != nil { + if err := checkField("os", dbOS, runtimeOS, false); err != nil { return err } - if err := checkField("static dir", staticDir, runtimeStaticDir); err != nil { + if err := checkField("static dir", staticDir, runtimeStaticDir, true); err != nil { return err } - if err := checkField("tmp dir", tmpDir, runtimeTmpDir); err != nil { + if err := checkField("tmp dir", tmpDir, runtimeTmpDir, true); err != nil { return err } - if err := checkField("graph root", graphRoot, runtimeGraphRoot); err != nil { + if err := checkField("graph root", graphRoot, runtimeGraphRoot, true); err != nil { return err } - if err := checkField("run root", runRoot, runtimeRunRoot); err != nil { + if err := checkField("run root", runRoot, runtimeRunRoot, true); err != nil { return err } - if err := checkField("graph driver", graphDriver, runtimeGraphDriver); err != nil { + if err := checkField("graph driver", graphDriver, runtimeGraphDriver, false); err != nil { return err } - if err := checkField("volume path", volumePath, runtimeVolumePath); err != nil { + if err := checkField("volume path", volumePath, runtimeVolumePath, true); err != nil { return err } diff --git a/test/system/005-info.bats b/test/system/005-info.bats index 1f99c3d55527..200d81f06065 100644 --- a/test/system/005-info.bats +++ b/test/system/005-info.bats @@ -187,6 +187,21 @@ host.slirp4netns.executable | $expr_path fi } +@test "rootless podman with symlinked $HOME" { + # This is only needed as rootless, but we don't have a skip_if_root + # And it will not hurt to run as root. + skip_if_remote "path validation is only done in libpod, does not effect remote" + + new_home=$PODMAN_TMPDIR/home + + ln -s /home $new_home + + # Just need the command to run cleanly + HOME=$PODMAN_TMPDIR/$HOME run_podman info + + rm $new_home +} + @test "podman --root PATH --volumepath info - basic output" { volumePath=${PODMAN_TMPDIR}/volumesGoHere if ! is_remote; then From 04519234e8bd66be3296b8329d9ade0ded84115c Mon Sep 17 00:00:00 2001 From: Anchit Bajaj Date: Sat, 2 Dec 2023 23:00:24 +0100 Subject: [PATCH 113/170] Add support for the userns annotation in kube play [NO NEW TESTS NEEDED] Signed-off-by: Anchit Bajaj --- docs/source/markdown/podman-kube-play.1.md.in | 2 ++ libpod/define/annotations.go | 4 ++++ pkg/domain/infra/abi/play.go | 6 +++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/source/markdown/podman-kube-play.1.md.in b/docs/source/markdown/podman-kube-play.1.md.in index d7ffb1a5aef6..a2c07a459c0b 100644 --- a/docs/source/markdown/podman-kube-play.1.md.in +++ b/docs/source/markdown/podman-kube-play.1.md.in @@ -39,6 +39,8 @@ Note: When playing a kube YAML with init containers, the init container is creat Note: *hostPath* volume types created by kube play is given an SELinux shared label (z), bind mounts are not relabeled (use `chcon -t container_file_t -R `). +Note: To set userns of a pod, use the **io.podman.annotations.userns** annotation in the pod/deployment definition. This can be overridden with the `--userns` flag. + Note: If the `:latest` tag is used, Podman attempts to pull the image from a registry. If the image was built locally with Podman or Buildah, it has `localhost` as the domain, in that case, Podman uses the image from the local store even if it has the `:latest` tag. Note: The command `podman play kube` is an alias of `podman kube play`, and performs the same function. diff --git a/libpod/define/annotations.go b/libpod/define/annotations.go index 29796533bd1f..6a73e2f8f05d 100644 --- a/libpod/define/annotations.go +++ b/libpod/define/annotations.go @@ -149,6 +149,10 @@ const ( // pod creation InfraNameAnnotation = "io.podman.annotations.infra.name" + // UserNsAnnotation is used by play kube when playing a kube yaml to specify userns + // of the container + UserNsAnnotation = "io.podman.annotations.userns" + // UlimitAnnotation is used by kube play when playing a kube yaml to specify the ulimits // of the container UlimitAnnotation = "io.podman.annotations.ulimit" diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 9a1811bd875f..cf782b29e877 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -509,7 +509,11 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY } if options.Userns == "" { - options.Userns = "host" + if v, ok := annotations[define.UserNsAnnotation]; ok { + options.Userns = v + } else { + options.Userns = "host" + } if podYAML.Spec.HostUsers != nil && !*podYAML.Spec.HostUsers { options.Userns = "auto" } From 0d260bdc1fff34d0c1f993d8e53c543230e8a431 Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Sun, 3 Dec 2023 09:53:52 +0200 Subject: [PATCH 114/170] Quadlet - fix pod service file name Using replaceExtension breaks when the service name has a dot Just add .service Signed-off-by: Ygal Blum --- pkg/systemd/quadlet/quadlet.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 59f2e56e080c..eeb40bc74736 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -1260,7 +1260,7 @@ func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*P } service := podUnit.Dup() - service.Filename = replaceExtension(podInfo.ServiceName, ".service", "", "") + service.Filename = fmt.Sprintf("%s.service", podInfo.ServiceName) if podUnit.Path != "" { service.Add(UnitGroup, "SourcePath", podUnit.Path) From 212b4c9e93c4f0c3908eb06cf9872e19b378b139 Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Sun, 3 Dec 2023 09:57:24 +0200 Subject: [PATCH 115/170] Quadlet .pod - add support for the Network Key Add e2e tests Update documentation Signed-off-by: Ygal Blum --- cmd/quadlet/main.go | 2 +- docs/source/markdown/podman-systemd.unit.5.md | 14 ++++++++++++++ pkg/systemd/quadlet/quadlet.go | 5 ++++- test/e2e/quadlet/network.pod | 4 ++++ test/e2e/quadlet/network.quadlet.pod | 6 ++++++ test/e2e/quadlet_test.go | 2 ++ 6 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 test/e2e/quadlet/network.pod create mode 100644 test/e2e/quadlet/network.quadlet.pod diff --git a/cmd/quadlet/main.go b/cmd/quadlet/main.go index e2b021b669eb..457b3f0a4e1e 100644 --- a/cmd/quadlet/main.go +++ b/cmd/quadlet/main.go @@ -589,7 +589,7 @@ func process() error { warnIfAmbiguousName(unit, quadlet.ImageGroup) service, name, err = quadlet.ConvertImage(unit) case strings.HasSuffix(unit.Filename, ".pod"): - service, err = quadlet.ConvertPod(unit, unit.Filename, podsInfoMap) + service, err = quadlet.ConvertPod(unit, unit.Filename, podsInfoMap, resourceNames) default: Logf("Unsupported file type %q", unit.Filename) continue diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 49282bbb6f1f..fd11811e31f0 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -694,6 +694,7 @@ Valid options for `[Container]` are listed below: |-------------------------------------|----------------------------------------| | ContainersConfModule=/etc/nvd\.conf | --module=/etc/nvd\.conf | | GlobalArgs=--log-level=debug | --log-level=debug | +| Network=host | --network host | | PodmanArgs=\-\-cpus=2 | --cpus=2 | | PodName=name | --name=name | @@ -718,6 +719,19 @@ escaped to allow inclusion of whitespace and other control characters. This key can be listed multiple times. +### `Network=` + +Specify a custom network for the pod. +This has the same format as the `--network` option to `podman pod create`. +For example, use `host` to use the host network in the pod, or `none` to not set up networking in the pod. + +As a special case, if the `name` of the network ends with `.network`, Quadlet will look for the corresponding `.network` Quadlet unit. +If found, Quadlet will use the name of the Network set in the Unit, otherwise, `systemd-$name` is used. +The generated systemd service contains a dependency on the service unit generated for that `.network` unit, +or on `$name-network.service` if the `.network` unit is not found + +This key can be listed multiple times. + ### `PodmanArgs=` This key contains a list of arguments passed directly to the end of the `podman kube play` command diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index eeb40bc74736..74d1c33c7412 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -321,6 +321,7 @@ var ( supportedPodKeys = map[string]bool{ KeyContainersConfModule: true, KeyGlobalArgs: true, + KeyNetwork: true, KeyPodmanArgs: true, KeyPodName: true, } @@ -1253,7 +1254,7 @@ func GetPodServiceName(podUnit *parser.UnitFile) string { return replaceExtension(podUnit.Filename, "", "", "-pod") } -func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*PodInfo) (*parser.UnitFile, error) { +func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*PodInfo, names map[string]string) (*parser.UnitFile, error) { podInfo, ok := podsInfoMap[podUnit.Filename] if !ok { return nil, fmt.Errorf("internal error while processing pod %s", podUnit.Filename) @@ -1322,6 +1323,8 @@ func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*P "--replace", ) + addNetworks(podUnit, PodGroup, service, names, execStartPre) + execStartPre.addf("--name=%s", podName) handlePodmanArgs(podUnit, PodGroup, execStartPre) diff --git a/test/e2e/quadlet/network.pod b/test/e2e/quadlet/network.pod new file mode 100644 index 000000000000..edc89fcacf5f --- /dev/null +++ b/test/e2e/quadlet/network.pod @@ -0,0 +1,4 @@ +## assert-podman-pre-args "--network=host" + +[Pod] +Network=host diff --git a/test/e2e/quadlet/network.quadlet.pod b/test/e2e/quadlet/network.quadlet.pod new file mode 100644 index 000000000000..4c2b0bf7d61f --- /dev/null +++ b/test/e2e/quadlet/network.quadlet.pod @@ -0,0 +1,6 @@ +## assert-podman-pre-args "--network=systemd-basic" +## assert-key-is "Unit" "Requires" "basic-network.service" +## assert-key-is "Unit" "After" "basic-network.service" + +[Pod] +Network=basic.network diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index b887e5cf979c..ee71cd62313d 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -901,6 +901,8 @@ BOGUS=foo Entry("basic.pod", "basic.pod", 0, ""), Entry("name.pod", "name.pod", 0, ""), + Entry("network.pod", "network.pod", 0, ""), + Entry("network-quadlet.pod", "network.quadlet.pod", 0, ""), Entry("podmanargs.pod", "podmanargs.pod", 0, ""), ) From 7e2a8d58abaf56f8f81ac2bfa213a40a5f7f967c Mon Sep 17 00:00:00 2001 From: Ygal Blum Date: Sun, 3 Dec 2023 10:23:13 +0200 Subject: [PATCH 116/170] Quadlet .pod - add support for the Volume Key Add e2e tests Update documentation Signed-off-by: Ygal Blum --- docs/source/markdown/podman-systemd.unit.5.md | 15 ++++ pkg/systemd/quadlet/quadlet.go | 75 +++++++++++-------- test/e2e/quadlet/volume.pod | 15 ++++ test/e2e/quadlet_test.go | 1 + 4 files changed, 75 insertions(+), 31 deletions(-) create mode 100644 test/e2e/quadlet/volume.pod diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index fd11811e31f0..b90695d2bab4 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -697,6 +697,7 @@ Valid options for `[Container]` are listed below: | Network=host | --network host | | PodmanArgs=\-\-cpus=2 | --cpus=2 | | PodName=name | --name=name | +| Volume=/source:/dest | --volume /source:/dest | Supported keys in the `[Pod]` section are: @@ -754,6 +755,20 @@ prefix to avoid conflicts with user-managed containers. Please note that pods and containers cannot have the same name. So, if PodName is set, it must not conflict with any container. +### `Volume=` + +Mount a volume in the pod. This is equivalent to the Podman `--volume` option, and +generally has the form `[[SOURCE-VOLUME|HOST-DIR:]CONTAINER-DIR[:OPTIONS]]`. + +If `SOURCE-VOLUME` starts with `.`, Quadlet resolves the path relative to the location of the unit file. + +As a special case, if `SOURCE-VOLUME` ends with `.volume`, Quadlet will look for the corresponding `.volume` Quadlet unit. +If found, Quadlet will use the name of the Volume set in the Unit, otherwise, `systemd-$name` is used. +The generated systemd service contains a dependency on the service unit generated for that `.volume` unit, +or on `$name-volume.service` if the `.volume` unit is not found + +This key can be listed multiple times. + ## Kube units [Kube] Kube units are named with a `.kube` extension and contain a `[Kube]` section describing diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 74d1c33c7412..349d55bc7926 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -324,6 +324,7 @@ var ( KeyNetwork: true, KeyPodmanArgs: true, KeyPodName: true, + KeyVolume: true, } ) @@ -667,37 +668,8 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse podman.add("--tmpfs", tmpfs) } - volumes := container.LookupAll(ContainerGroup, KeyVolume) - for _, volume := range volumes { - parts := strings.SplitN(volume, ":", 3) - - source := "" - var dest string - options := "" - if len(parts) >= 2 { - source = parts[0] - dest = parts[1] - } else { - dest = parts[0] - } - if len(parts) >= 3 { - options = ":" + parts[2] - } - - if source != "" { - var err error - source, err = handleStorageSource(container, service, source, names) - if err != nil { - return nil, err - } - } - - podman.add("-v") - if source == "" { - podman.add(dest) - } else { - podman.addf("%s:%s%s", source, dest, options) - } + if err := addVolumes(container, service, ContainerGroup, names, podman); err != nil { + return nil, err } update, ok := container.Lookup(ContainerGroup, KeyAutoUpdate) @@ -1325,6 +1297,10 @@ func ConvertPod(podUnit *parser.UnitFile, name string, podsInfoMap map[string]*P addNetworks(podUnit, PodGroup, service, names, execStartPre) + if err := addVolumes(podUnit, service, PodGroup, names, execStartPre); err != nil { + return nil, err + } + execStartPre.addf("--name=%s", podName) handlePodmanArgs(podUnit, PodGroup, execStartPre) @@ -1824,3 +1800,40 @@ func handlePod(quadletUnitFile, serviceUnitFile *parser.UnitFile, groupName stri } return nil } + +func addVolumes(quadletUnitFile, serviceUnitFile *parser.UnitFile, groupName string, names map[string]string, podman *PodmanCmdline) error { + volumes := quadletUnitFile.LookupAll(groupName, KeyVolume) + for _, volume := range volumes { + parts := strings.SplitN(volume, ":", 3) + + source := "" + var dest string + options := "" + if len(parts) >= 2 { + source = parts[0] + dest = parts[1] + } else { + dest = parts[0] + } + if len(parts) >= 3 { + options = ":" + parts[2] + } + + if source != "" { + var err error + source, err = handleStorageSource(quadletUnitFile, serviceUnitFile, source, names) + if err != nil { + return err + } + } + + podman.add("-v") + if source == "" { + podman.add(dest) + } else { + podman.addf("%s:%s%s", source, dest, options) + } + } + + return nil +} diff --git a/test/e2e/quadlet/volume.pod b/test/e2e/quadlet/volume.pod new file mode 100644 index 000000000000..7950b0ab549d --- /dev/null +++ b/test/e2e/quadlet/volume.pod @@ -0,0 +1,15 @@ +## assert-podman-pre-args -v /host/dir:/container/volume +## assert-podman-pre-args -v /host/dir2:/container/volume2:Z +## assert-podman-pre-args-regex -v .*/podman_test.*/quadlet/host/dir3:/container/volume3 +## assert-podman-pre-args -v named:/container/named +## assert-podman-pre-args -v systemd-quadlet:/container/quadlet +## assert-podman-pre-args -v %h/container:/container/volume4 + +[Pod] +Volume=/host/dir:/container/volume +Volume=/host/dir2:/container/volume2:Z +Volume=./host/dir3:/container/volume3 +Volume=/container/empty +Volume=named:/container/named +Volume=quadlet.volume:/container/quadlet +Volume=%h/container:/container/volume4 diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index ee71cd62313d..a89107e13d8e 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -904,6 +904,7 @@ BOGUS=foo Entry("network.pod", "network.pod", 0, ""), Entry("network-quadlet.pod", "network.quadlet.pod", 0, ""), Entry("podmanargs.pod", "podmanargs.pod", 0, ""), + Entry("volume.pod", "volume.pod", 0, ""), ) }) From 0a72e3dadf221a64a5f7f65850abc179149ab614 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 02:04:47 +0000 Subject: [PATCH 117/170] fix(deps): update github.com/docker/go-connections digest to fa09c95 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 +- .../docker/go-connections/nat/nat.go | 14 ++--- .../docker/go-connections/nat/parse.go | 28 +-------- .../go-connections/sockets/sockets_unix.go | 4 +- .../go-connections/sockets/unix_socket.go | 10 ++-- .../{certpool_go17.go => certpool.go} | 2 - .../tlsconfig/certpool_other.go | 13 ----- .../docker/go-connections/tlsconfig/config.go | 58 ++++++++++++------- .../tlsconfig/config_client_ciphers.go | 3 - .../tlsconfig/config_legacy_client_ciphers.go | 15 ----- .../tlsconfig/versions_go113.go | 16 ----- .../tlsconfig/versions_other.go | 15 ----- vendor/modules.txt | 4 +- 14 files changed, 58 insertions(+), 130 deletions(-) rename vendor/github.com/docker/go-connections/tlsconfig/{certpool_go17.go => certpool.go} (95%) delete mode 100644 vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go delete mode 100644 vendor/github.com/docker/go-connections/tlsconfig/config_legacy_client_ciphers.go delete mode 100644 vendor/github.com/docker/go-connections/tlsconfig/versions_go113.go delete mode 100644 vendor/github.com/docker/go-connections/tlsconfig/versions_other.go diff --git a/go.mod b/go.mod index 05d6b5db97f9..3dd230930963 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e github.com/docker/distribution v2.8.3+incompatible github.com/docker/docker v24.0.7+incompatible - github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0 + github.com/docker/go-connections v0.4.1-0.20231110212414-fa09c952e3ea github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651 github.com/docker/go-units v0.5.0 github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 diff --git a/go.sum b/go.sum index 79e44575271b..47f5b6300ac6 100644 --- a/go.sum +++ b/go.sum @@ -352,8 +352,8 @@ github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avu github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8= github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0 h1:dPD5pdqsujF9jz2NQMQCDzrBSAF3M6kIxmfU98IOp9c= -github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0/go.mod h1:a6bNUGTbQBsY6VRHTr4h/rkOXjl244DyRD0tx3fgq4Q= +github.com/docker/go-connections v0.4.1-0.20231110212414-fa09c952e3ea h1:+4n+kUVbPdu6qMI9SUnSKMC+D50gNW4L7Lhk9tI2lVo= +github.com/docker/go-connections v0.4.1-0.20231110212414-fa09c952e3ea/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= diff --git a/vendor/github.com/docker/go-connections/nat/nat.go b/vendor/github.com/docker/go-connections/nat/nat.go index 296c96a63349..4049d780c54a 100644 --- a/vendor/github.com/docker/go-connections/nat/nat.go +++ b/vendor/github.com/docker/go-connections/nat/nat.go @@ -177,27 +177,27 @@ func ParsePortSpec(rawPort string) ([]PortMapping, error) { // Strip [] from IPV6 addresses rawIP, _, err := net.SplitHostPort(ip + ":") if err != nil { - return nil, fmt.Errorf("Invalid ip address %v: %s", ip, err) + return nil, fmt.Errorf("invalid IP address %v: %w", ip, err) } ip = rawIP } if ip != "" && net.ParseIP(ip) == nil { - return nil, fmt.Errorf("Invalid ip address: %s", ip) + return nil, fmt.Errorf("invalid IP address: %s", ip) } if containerPort == "" { - return nil, fmt.Errorf("No port specified: %s", rawPort) + return nil, fmt.Errorf("no port specified: %s", rawPort) } startPort, endPort, err := ParsePortRange(containerPort) if err != nil { - return nil, fmt.Errorf("Invalid containerPort: %s", containerPort) + return nil, fmt.Errorf("invalid containerPort: %s", containerPort) } var startHostPort, endHostPort uint64 = 0, 0 if len(hostPort) > 0 { startHostPort, endHostPort, err = ParsePortRange(hostPort) if err != nil { - return nil, fmt.Errorf("Invalid hostPort: %s", hostPort) + return nil, fmt.Errorf("invalid hostPort: %s", hostPort) } } @@ -206,12 +206,12 @@ func ParsePortSpec(rawPort string) ([]PortMapping, error) { // In this case, use the host port range as the dynamic // host port range to allocate into. if endPort != startPort { - return nil, fmt.Errorf("Invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort) + return nil, fmt.Errorf("invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort) } } if !validateProto(strings.ToLower(proto)) { - return nil, fmt.Errorf("Invalid proto: %s", proto) + return nil, fmt.Errorf("invalid proto: %s", proto) } ports := []PortMapping{} diff --git a/vendor/github.com/docker/go-connections/nat/parse.go b/vendor/github.com/docker/go-connections/nat/parse.go index 892adf8c6673..e4b53e8a3242 100644 --- a/vendor/github.com/docker/go-connections/nat/parse.go +++ b/vendor/github.com/docker/go-connections/nat/parse.go @@ -6,34 +6,10 @@ import ( "strings" ) -// PartParser parses and validates the specified string (data) using the specified template -// e.g. ip:public:private -> 192.168.0.1:80:8000 -// DEPRECATED: do not use, this function may be removed in a future version -func PartParser(template, data string) (map[string]string, error) { - // ip:public:private - var ( - templateParts = strings.Split(template, ":") - parts = strings.Split(data, ":") - out = make(map[string]string, len(templateParts)) - ) - if len(parts) != len(templateParts) { - return nil, fmt.Errorf("Invalid format to parse. %s should match template %s", data, template) - } - - for i, t := range templateParts { - value := "" - if len(parts) > i { - value = parts[i] - } - out[t] = value - } - return out, nil -} - // ParsePortRange parses and validates the specified string as a port-range (8000-9000) func ParsePortRange(ports string) (uint64, uint64, error) { if ports == "" { - return 0, 0, fmt.Errorf("Empty string specified for ports.") + return 0, 0, fmt.Errorf("empty string specified for ports") } if !strings.Contains(ports, "-") { start, err := strconv.ParseUint(ports, 10, 16) @@ -51,7 +27,7 @@ func ParsePortRange(ports string) (uint64, uint64, error) { return 0, 0, err } if end < start { - return 0, 0, fmt.Errorf("Invalid range specified for the Port: %s", ports) + return 0, 0, fmt.Errorf("invalid range specified for port: %s", ports) } return start, end, nil } diff --git a/vendor/github.com/docker/go-connections/sockets/sockets_unix.go b/vendor/github.com/docker/go-connections/sockets/sockets_unix.go index 5b65c546ab1c..78a34a980d28 100644 --- a/vendor/github.com/docker/go-connections/sockets/sockets_unix.go +++ b/vendor/github.com/docker/go-connections/sockets/sockets_unix.go @@ -1,4 +1,4 @@ -// +build !windows +//go:build !windows package sockets @@ -15,7 +15,7 @@ const maxUnixSocketPathSize = len(syscall.RawSockaddrUnix{}.Path) func configureUnixTransport(tr *http.Transport, proto, addr string) error { if len(addr) > maxUnixSocketPathSize { - return fmt.Errorf("Unix socket path %q is too long", addr) + return fmt.Errorf("unix socket path %q is too long", addr) } // No need for compression in local communications. tr.DisableCompression = true diff --git a/vendor/github.com/docker/go-connections/sockets/unix_socket.go b/vendor/github.com/docker/go-connections/sockets/unix_socket.go index e7591e6edbf4..b9233521e49a 100644 --- a/vendor/github.com/docker/go-connections/sockets/unix_socket.go +++ b/vendor/github.com/docker/go-connections/sockets/unix_socket.go @@ -1,9 +1,9 @@ -// +build !windows +//go:build !windows /* Package sockets is a simple unix domain socket wrapper. -Usage +# Usage For example: @@ -42,7 +42,7 @@ For example: if _, err := conn.Read(buf); err != nil { panic(err) } else if string(buf) != echoStr { - panic(fmt.Errorf("Msg may lost")) + panic(fmt.Errorf("msg may lost")) } } */ @@ -103,7 +103,7 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error // We don't use "defer" here, to reset the umask to its original value as soon // as possible. Ideally we'd be able to detect if WithChmod() was passed as // an option, and skip changing umask if default permissions are used. - origUmask := syscall.Umask(0777) + origUmask := syscall.Umask(0o777) l, err := net.Listen("unix", path) syscall.Umask(origUmask) if err != nil { @@ -122,5 +122,5 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error // NewUnixSocket creates a unix socket with the specified path and group. func NewUnixSocket(path string, gid int) (net.Listener, error) { - return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0660)) + return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0o660)) } diff --git a/vendor/github.com/docker/go-connections/tlsconfig/certpool_go17.go b/vendor/github.com/docker/go-connections/tlsconfig/certpool.go similarity index 95% rename from vendor/github.com/docker/go-connections/tlsconfig/certpool_go17.go rename to vendor/github.com/docker/go-connections/tlsconfig/certpool.go index 1ca0965e06ea..f84c624ba0ba 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/certpool_go17.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/certpool.go @@ -1,5 +1,3 @@ -// +build go1.7 - package tlsconfig import ( diff --git a/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go b/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go deleted file mode 100644 index 1ff81c333c36..000000000000 --- a/vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go +++ /dev/null @@ -1,13 +0,0 @@ -// +build !go1.7 - -package tlsconfig - -import ( - "crypto/x509" -) - -// SystemCertPool returns an new empty cert pool, -// accessing system cert pool is supported in go 1.7 -func SystemCertPool() (*x509.CertPool, error) { - return x509.NewCertPool(), nil -} diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config.go b/vendor/github.com/docker/go-connections/tlsconfig/config.go index 992968373eb7..606c98a38b51 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/config.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/config.go @@ -1,6 +1,7 @@ // Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. // // As a reminder from https://golang.org/pkg/crypto/tls/#Config: +// // A Config structure is used to configure a TLS client or server. After one has been passed to a TLS function it must not be modified. // A Config may be reused; the tls package will also not modify it. package tlsconfig @@ -9,11 +10,9 @@ import ( "crypto/tls" "crypto/x509" "encoding/pem" + "errors" "fmt" - "io/ioutil" "os" - - "github.com/pkg/errors" ) // Options represents the information needed to create client and server TLS configurations. @@ -36,7 +35,12 @@ type Options struct { ExclusiveRootPools bool MinVersion uint16 // If Passphrase is set, it will be used to decrypt a TLS private key - // if the key is encrypted + // if the key is encrypted. + // + // Deprecated: Use of encrypted TLS private keys has been deprecated, and + // will be removed in a future release. Golang has deprecated support for + // legacy PEM encryption (as specified in RFC 1423), as it is insecure by + // design (see https://go-review.googlesource.com/c/go/+/264159). Passphrase string } @@ -99,7 +103,7 @@ func certPool(caFile string, exclusivePool bool) (*x509.CertPool, error) { return nil, fmt.Errorf("failed to read system certificates: %v", err) } } - pemData, err := ioutil.ReadFile(caFile) + pemData, err := os.ReadFile(caFile) if err != nil { return nil, fmt.Errorf("could not read CA certificate %q: %v", caFile, err) } @@ -109,6 +113,15 @@ func certPool(caFile string, exclusivePool bool) (*x509.CertPool, error) { return certPool, nil } +// allTLSVersions lists all the TLS versions and is used by the code that validates +// a uint16 value as a TLS version. +var allTLSVersions = map[uint16]struct{}{ + tls.VersionTLS10: {}, + tls.VersionTLS11: {}, + tls.VersionTLS12: {}, + tls.VersionTLS13: {}, +} + // isValidMinVersion checks that the input value is a valid tls minimum version func isValidMinVersion(version uint16) bool { _, ok := allTLSVersions[version] @@ -120,10 +133,10 @@ func isValidMinVersion(version uint16) bool { func adjustMinVersion(options Options, config *tls.Config) error { if options.MinVersion > 0 { if !isValidMinVersion(options.MinVersion) { - return fmt.Errorf("Invalid minimum TLS version: %x", options.MinVersion) + return fmt.Errorf("invalid minimum TLS version: %x", options.MinVersion) } if options.MinVersion < config.MinVersion { - return fmt.Errorf("Requested minimum TLS version is too low. Should be at-least: %x", config.MinVersion) + return fmt.Errorf("requested minimum TLS version is too low. Should be at-least: %x", config.MinVersion) } config.MinVersion = options.MinVersion } @@ -132,9 +145,14 @@ func adjustMinVersion(options Options, config *tls.Config) error { } // IsErrEncryptedKey returns true if the 'err' is an error of incorrect -// password when trying to decrypt a TLS private key +// password when trying to decrypt a TLS private key. +// +// Deprecated: Use of encrypted TLS private keys has been deprecated, and +// will be removed in a future release. Golang has deprecated support for +// legacy PEM encryption (as specified in RFC 1423), as it is insecure by +// design (see https://go-review.googlesource.com/c/go/+/264159). func IsErrEncryptedKey(err error) bool { - return errors.Cause(err) == x509.IncorrectPasswordError + return errors.Is(err, x509.IncorrectPasswordError) } // getPrivateKey returns the private key in 'keyBytes', in PEM-encoded format. @@ -151,7 +169,7 @@ func getPrivateKey(keyBytes []byte, passphrase string) ([]byte, error) { if x509.IsEncryptedPEMBlock(pemBlock) { //nolint:staticcheck // Ignore SA1019 (IsEncryptedPEMBlock is deprecated) keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(passphrase)) //nolint:staticcheck // Ignore SA1019 (DecryptPEMBlock is deprecated) if err != nil { - return nil, errors.Wrap(err, "private key is encrypted, but could not decrypt it") + return nil, fmt.Errorf("private key is encrypted, but could not decrypt it: %w", err) } keyBytes = pem.EncodeToMemory(&pem.Block{Type: pemBlock.Type, Bytes: keyBytes}) } @@ -167,26 +185,24 @@ func getCert(options Options) ([]tls.Certificate, error) { return nil, nil } - errMessage := "Could not load X509 key pair" - - cert, err := ioutil.ReadFile(options.CertFile) + cert, err := os.ReadFile(options.CertFile) if err != nil { - return nil, errors.Wrap(err, errMessage) + return nil, err } - prKeyBytes, err := ioutil.ReadFile(options.KeyFile) + prKeyBytes, err := os.ReadFile(options.KeyFile) if err != nil { - return nil, errors.Wrap(err, errMessage) + return nil, err } prKeyBytes, err = getPrivateKey(prKeyBytes, options.Passphrase) if err != nil { - return nil, errors.Wrap(err, errMessage) + return nil, err } tlsCert, err := tls.X509KeyPair(cert, prKeyBytes) if err != nil { - return nil, errors.Wrap(err, errMessage) + return nil, err } return []tls.Certificate{tlsCert}, nil @@ -206,7 +222,7 @@ func Client(options Options) (*tls.Config, error) { tlsCerts, err := getCert(options) if err != nil { - return nil, err + return nil, fmt.Errorf("could not load X509 key pair: %w", err) } tlsConfig.Certificates = tlsCerts @@ -224,9 +240,9 @@ func Server(options Options) (*tls.Config, error) { tlsCert, err := tls.LoadX509KeyPair(options.CertFile, options.KeyFile) if err != nil { if os.IsNotExist(err) { - return nil, fmt.Errorf("Could not load X509 key pair (cert: %q, key: %q): %v", options.CertFile, options.KeyFile, err) + return nil, fmt.Errorf("could not load X509 key pair (cert: %q, key: %q): %v", options.CertFile, options.KeyFile, err) } - return nil, fmt.Errorf("Error reading X509 key pair (cert: %q, key: %q): %v. Make sure the key is not encrypted.", options.CertFile, options.KeyFile, err) + return nil, fmt.Errorf("error reading X509 key pair - make sure the key is not encrypted (cert: %q, key: %q): %v", options.CertFile, options.KeyFile, err) } tlsConfig.Certificates = []tls.Certificate{tlsCert} if options.ClientAuth >= tls.VerifyClientCertIfGiven && options.CAFile != "" { diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go b/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go index 6b4c6a7c0d06..a82f9fa52e2e 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go @@ -1,7 +1,4 @@ -// +build go1.5 - // Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. -// package tlsconfig import ( diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config_legacy_client_ciphers.go b/vendor/github.com/docker/go-connections/tlsconfig/config_legacy_client_ciphers.go deleted file mode 100644 index ee22df47cb29..000000000000 --- a/vendor/github.com/docker/go-connections/tlsconfig/config_legacy_client_ciphers.go +++ /dev/null @@ -1,15 +0,0 @@ -// +build !go1.5 - -// Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. -// -package tlsconfig - -import ( - "crypto/tls" -) - -// Client TLS cipher suites (dropping CBC ciphers for client preferred suite set) -var clientCipherSuites = []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, -} diff --git a/vendor/github.com/docker/go-connections/tlsconfig/versions_go113.go b/vendor/github.com/docker/go-connections/tlsconfig/versions_go113.go deleted file mode 100644 index d8215f8e78a4..000000000000 --- a/vendor/github.com/docker/go-connections/tlsconfig/versions_go113.go +++ /dev/null @@ -1,16 +0,0 @@ -// +build go1.13 - -package tlsconfig - -import ( - "crypto/tls" -) - -// allTLSVersions lists all the TLS versions and is used by the code that validates -// a uint16 value as a TLS version. -var allTLSVersions = map[uint16]struct{}{ - tls.VersionTLS10: {}, - tls.VersionTLS11: {}, - tls.VersionTLS12: {}, - tls.VersionTLS13: {}, -} diff --git a/vendor/github.com/docker/go-connections/tlsconfig/versions_other.go b/vendor/github.com/docker/go-connections/tlsconfig/versions_other.go deleted file mode 100644 index a5ba7f4a3880..000000000000 --- a/vendor/github.com/docker/go-connections/tlsconfig/versions_other.go +++ /dev/null @@ -1,15 +0,0 @@ -// +build !go1.13 - -package tlsconfig - -import ( - "crypto/tls" -) - -// allTLSVersions lists all the TLS versions and is used by the code that validates -// a uint16 value as a TLS version. -var allTLSVersions = map[uint16]struct{}{ - tls.VersionTLS10: {}, - tls.VersionTLS11: {}, - tls.VersionTLS12: {}, -} diff --git a/vendor/modules.txt b/vendor/modules.txt index b8d1aade0f3c..467f2479367b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -491,8 +491,8 @@ github.com/docker/docker/pkg/system ## explicit; go 1.19 github.com/docker/docker-credential-helpers/client github.com/docker/docker-credential-helpers/credentials -# github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0 -## explicit; go 1.13 +# github.com/docker/go-connections v0.4.1-0.20231110212414-fa09c952e3ea +## explicit; go 1.18 github.com/docker/go-connections/nat github.com/docker/go-connections/sockets github.com/docker/go-connections/tlsconfig From 07104fb2728c928b160404c3ab1bba2ac7d1d05d Mon Sep 17 00:00:00 2001 From: Paul Nettleton Date: Mon, 4 Dec 2023 00:45:03 -0600 Subject: [PATCH 118/170] fix podman-systemd.unit.5 Mask/Unmask placement When the `Mask=` and `Unmask=` quadlet options were initially added, they were mistakenly placed in the [Kube] section when they should be in the [Container] section. This commit corrects the mistake and adds example usage to the [Container] options table. Signed-off-by: Paul Nettleton --- docs/source/markdown/podman-systemd.unit.5.md | 30 ++++++++++--------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index a518af74102d..be6a969ef9cc 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -190,6 +190,7 @@ Valid options for `[Container]` are listed below: | IP6=2001:db8::1 | --ip6 2001:db8::1 | | Label="XYZ" | --label "XYZ" | | LogDriver=journald | --log-driver journald | +| Mask=/proc/sys/foo\:/proc/sys/bar | --security-opt mask=/proc/sys/foo:/proc/sys/bar | | Mount=type=... | --mount type=... | | Network=host | --net host | | NoNewPrivileges=true | --security-opt no-new-privileges | @@ -217,6 +218,7 @@ Valid options for `[Container]` are listed below: | Tmpfs=/work | --tmpfs /work | | UIDMap=0:10000:10 | --uidmap=0:10000:10 | | Ulimit=nofile=1000:10000 | --ulimit nofile=1000:10000 | +| Unmask=ALL | --security-opt unmask=ALL | | User=bin | --user bin | | UserNS=keep-id:uid=200,gid=210 | --userns keep-id:uid=200,gid=210 | | Volume=/source:/dest | --volume /source:/dest | @@ -454,6 +456,10 @@ This key can be listed multiple times. Set the log-driver used by Podman when running the container. Equivalent to the Podman `--log-driver` option. +### `Mask=` + +Specify the paths to mask separated by a colon. `Mask=/path/1:/path/2`. A masked path cannot be accessed inside the container. + ### `Mount=` Attach a filesystem mount to the container. @@ -646,6 +652,16 @@ This key can be listed multiple times. Ulimit options. Sets the ulimits values inside of the container. +### `Unmask=` + +Specify the paths to unmask separated by a colon. unmask=ALL or /path/1:/path/2, or shell expanded paths (/proc/*): + +If set to `ALL`, Podman will unmask all the paths that are masked or made read-only by default. + +The default masked paths are /proc/acpi, /proc/kcore, /proc/keys, /proc/latency_stats, /proc/sched_debug, /proc/scsi, /proc/timer_list, /proc/timer_stats, /sys/firmware, and /sys/fs/selinux. + +The default paths that are read-only are /proc/asound, /proc/bus, /proc/fs, /proc/irq, /proc/sys, /proc/sysrq-trigger, /sys/fs/cgroup. + ### `User=` The (numeric) UID to run as inside the container. This does not need to match the UID on the host, @@ -821,10 +837,6 @@ Equivalent to the Podman `--force` option. Set the log-driver Podman uses when running the container. Equivalent to the Podman `--log-driver` option. -### `Mask=` - -Specify the paths to mask separated by a colon. `Mask=/path/1:/path/2`. A masked path cannot be accessed inside the container. - ### `Network=` Specify a custom network for the container. This has the same format as the `--network` option @@ -878,16 +890,6 @@ Alternatively, users can explicitly set the `WorkingDirectory` field of the `Ser Please note that if the `WorkingDirectory` field of the `Service` group is set, Quadlet will not set it even if `SetWorkingDirectory` is set -### `Unmask=` - -Specify the paths to unmask separated by a colon. unmask=ALL or /path/1:/path/2, or shell expanded paths (/proc/*): - -If set to `ALL`, Podman will unmask all the paths that are masked or made read-only by default. - -The default masked paths are /proc/acpi, /proc/kcore, /proc/keys, /proc/latency_stats, /proc/sched_debug, /proc/scsi, /proc/timer_list, /proc/timer_stats, /sys/firmware, and /sys/fs/selinux. - -The default paths that are read-only are /proc/asound, /proc/bus, /proc/fs, /proc/irq, /proc/sys, /proc/sysrq-trigger, /sys/fs/cgroup. - ### `UserNS=` Set the user namespace mode for the container. This is equivalent to the Podman `--userns` option and From bb1307970d52582394da089f606c1a4f2e3a098a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 08:53:33 +0000 Subject: [PATCH 119/170] fix(deps): update github.com/opencontainers/runtime-spec digest to 0625254 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 3 +-- vendor/modules.txt | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 05d6b5db97f9..8f06ccf1d1dd 100644 --- a/go.mod +++ b/go.mod @@ -51,7 +51,7 @@ require ( github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0-rc5 github.com/opencontainers/runc v1.1.10 - github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a + github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4 github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 github.com/openshift/imagebuilder v1.2.6-0.20231127234745-ef2a5fe47510 diff --git a/go.sum b/go.sum index 79e44575271b..19bfdf19ebcf 100644 --- a/go.sum +++ b/go.sum @@ -864,9 +864,8 @@ github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.m github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4 h1:EctkgBjZ1y4q+sibyuuIgiKpa0QSd2elFtSSdNvBVow= github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a h1:ekgJlqTI6efJ57J7tqvIOYtdPnJRe8MxUZHbZAC021Y= -github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc h1:d2hUh5O6MRBvStV55MQ8we08t42zSTqBbscoQccWmMc= github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc/go.mod h1:8tx1helyqhUC65McMm3x7HmOex8lO2/v9zPuxmKHurs= diff --git a/vendor/modules.txt b/vendor/modules.txt index b8d1aade0f3c..672ca2374f55 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -869,7 +869,7 @@ github.com/opencontainers/runc/libcontainer/devices github.com/opencontainers/runc/libcontainer/user github.com/opencontainers/runc/libcontainer/userns github.com/opencontainers/runc/libcontainer/utils -# github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a +# github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4 ## explicit github.com/opencontainers/runtime-spec/specs-go # github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc From b1eccedf5ee5da7ed21769e135c757081682dffb Mon Sep 17 00:00:00 2001 From: Urvashi Mohnani Date: Mon, 4 Dec 2023 05:26:56 -0500 Subject: [PATCH 120/170] [CI:DOCS] Update health-start-periods docs Update the health-start-period docs to clarify what exactly the health-start-period flag does based on whether the health check command succeeds or fails. Signed-off-by: Urvashi Mohnani --- docs/source/markdown/options/health-start-period.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/source/markdown/options/health-start-period.md b/docs/source/markdown/options/health-start-period.md index 7559f9461326..5b1fde4bd5b3 100644 --- a/docs/source/markdown/options/health-start-period.md +++ b/docs/source/markdown/options/health-start-period.md @@ -6,3 +6,9 @@ The initialization time needed for a container to bootstrap. The value can be expressed in time format like **2m3s**. The default value is **0s**. + +Note: The health check command is executed as soon as a container is started, if the health check is successful +the container's health state will be updated to `healthy`. However, if the health check fails, the health state will +stay as `starting` until either the health check is successful or until the `--health-start-period` time is over. If the +health check command fails after the `--health-start-period` time is over, the health state will be updated to `unhealthy`. +The health check command is executed periodically based on the value of `--health-interval`. From ca66a90b87b8f7c975191d7f8147f862c18992ec Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 15:24:36 +0000 Subject: [PATCH 121/170] [skip-ci] Update actions/labeler action to v5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/labeler.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 64505bbfee3a..9bc8a13b3af4 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -10,6 +10,6 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@v5 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" From b7a81c1ce1144de98565f01783d1d8b81c4f9be4 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 30 Nov 2023 15:01:44 -0500 Subject: [PATCH 122/170] Fix command failure not resulting in task failure For whatever reason (I don't understand this stuff well) the `win-podman-machine-main.ps1` script exits successfully despite the final `Check-Exit` showing a non-zero exit code was detected. Attempt to fix this by throwing an exception instead of calling `Exit`. Signed-off-by: Chris Evich --- contrib/cirrus/win-lib.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/cirrus/win-lib.ps1 b/contrib/cirrus/win-lib.ps1 index 4d87ba23dfd5..63f0cc32f926 100644 --- a/contrib/cirrus/win-lib.ps1 +++ b/contrib/cirrus/win-lib.ps1 @@ -51,7 +51,7 @@ function Check-Exit { # https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.callstackframe $caller = (Get-PSCallStack)[1] Write-Host "Exit code = '$result' from $($caller.ScriptName):$($caller.ScriptLineNumber)" - Exit $result + Throw "Non-zero exit code" } } From 2d46d0537361c44e349004634523cdc11b933b0f Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 17 Oct 2023 14:52:59 -0400 Subject: [PATCH 123/170] Implement bare-metal Mac M1 podman-machine testing Setup and execute podman machine testing on bare-metal M1 Macs using a pool of shared and semi-persistent hosts. Automated and manual processes outside this repository are responsible for providing and maintaining all hosts. Ref. https://github.com/containers/automation/tree/main/mac_pw_pool Update the `localmachine` make target to standardize execution across platforms. Update/simplify podman-machine e2e README to reflect current reality. Warning: This CI setup and supporting infrastructure was developed in favor of expediency vs reliability and stability. There are many possible failure-modes (known and unknown) which may lead to undefined test behaviors. Future work may address some of these as they are encountered or discovered. [NO NEW TESTS NEEDED] Signed-off-by: Chris Evich --- .cirrus.yml | 85 ++++++++++++++++++++++++++++------- Makefile | 4 +- contrib/cirrus/mac_cleanup.sh | 26 +++++++++++ contrib/cirrus/mac_env.sh | 26 +++++++++++ contrib/cirrus/mac_setup.sh | 33 ++++++++++++++ pkg/machine/e2e/README.md | 80 ++++++++++++++++----------------- 6 files changed, 194 insertions(+), 60 deletions(-) create mode 100755 contrib/cirrus/mac_cleanup.sh create mode 100755 contrib/cirrus/mac_env.sh create mode 100755 contrib/cirrus/mac_setup.sh diff --git a/.cirrus.yml b/.cirrus.yml index c0ba7841e831..24fe708cd582 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -446,19 +446,25 @@ osx_alt_build_task: only_if: *no_rhel_release depends_on: - build - env: - DISTRO_NV: macos-ventura - VM_IMAGE_NAME: ghcr.io/cirruslabs/${DISTRO_NV}-base:latest - CTR_FQIN: notused - # OSX platform variation prevents this being included in alt_build_task - TEST_FLAVOR: "altbuild" - ALT_NAME: 'OSX Cross' - osx_instance: - image: $VM_IMAGE_NAME - setup_script: - - brew install go - - brew install go-md2man - - go version + persistent_worker: &mac_pw + labels: + os: darwin + arch: arm64 + env: &mac_env + CIRRUS_SHELL: "/bin/bash" # sh is the default + CIRRUS_WORKING_DIR: "$HOME/ci/task-${CIRRUS_TASK_ID}" # Isolation: $HOME will be set to "ci" dir. + # Prevent cache-pollution fron one task to the next. + GOPATH: "$CIRRUS_WORKING_DIR/.go" + GOCACHE: "$CIRRUS_WORKING_DIR/.go/cache" + GOENV: "$CIRRUS_WORKING_DIR/.go/support" + GOSRC: "$HOME/ci/task-${CIRRUS_TASK_ID}" + # This host is/was shared with potentially many other CI tasks. + # The previous task may have been canceled or aborted. + prep_script: &mac_cleanup "contrib/cirrus/mac_cleanup.sh" + basic_build_script: + - make .install.ginkgo + - make podman-remote + - make podman-mac-helper build_amd64_script: - make podman-remote-release-darwin_amd64.zip build_arm64_script: @@ -467,11 +473,13 @@ osx_alt_build_task: - cd contrib/pkginstaller - make ARCH=amd64 NO_CODESIGN=1 pkginstaller - make ARCH=aarch64 NO_CODESIGN=1 pkginstaller - # This task cannot make use of the shared repo.tbz artifact and must - # produce a new repo.tbz artifact for consumption by 'artifacts' task. + # Produce a new repo.tbz artifact for consumption by dependent tasks. repo_prep_script: *repo_prep repo_artifacts: *repo_artifacts - always: *runner_stats + # This host is/was shared with potentially many other CI tasks. + # Ensure nothing is left running while waiting for the next task. + always: + task_cleanup_script: *mac_cleanup # Build freebsd release natively on a FreeBSD VM. @@ -793,6 +801,50 @@ podman_machine_windows_task: main_script: ".\\repo\\contrib\\cirrus\\win-podman-machine-main.ps1" +podman_machine_mac_task: + name: *std_name_fmt + alias: podman_machine_mac + only_if: *no_rhel_release + depends_on: + - osx_alt_build + - local_integration_test + - remote_integration_test + - container_integration_test + - rootless_integration_test + persistent_worker: *mac_pw + env: + <<: *mac_env + # Consumed by podman-machine ginkgo tests + CONTAINERS_MACHINE_PROVIDER: "applehv" + # TODO: Should not require a special image, for now it does. + # Simply remove the line below when a mac image is GA. + MACHINE_IMAGE: "https://fedorapeople.org/groups/podman/testing/applehv/arm64/fedora-coreos-38.20230925.dev.0-applehv.aarch64.raw.gz" + # Values necessary to populate std_name_fmt alias + TEST_FLAVOR: "machine-mac" + DISTRO_NV: "darwin" + PRIV_NAME: "rootless" # intended use-case + clone_script: # artifacts from osx_alt_build_task + - mkdir -p $CIRRUS_WORKING_DIR + - cd $CIRRUS_WORKING_DIR + - $ARTCURL/OSX%20Cross/repo/repo.tbz + - tar xjf repo.tbz + # This host is/was shared with potentially many other CI tasks. + # The previous task may have been canceled or aborted. + prep_script: *mac_cleanup + setup_script: "contrib/cirrus/mac_setup.sh" + env_script: "contrib/cirrus/mac_env.sh" + # TODO: Timeout bumped b/c initial image download (~5min) and VM + # resize (~2min) causes test-timeout (90s default). Should + # tests deal with this internally? + smoke_test_script: + - MACHINE_TEST_TIMEOUT=500 make localmachine FOCUS_FILE="basic_test.go" + test_script: + - make localmachine + # This host is/was shared with potentially many other CI tasks. + # Ensure nothing is left running while waiting for the next task. + always: + task_cleanup_script: *mac_cleanup + # Always run subsequent to integration tests. While parallelism is lost # with runtime, debugging system-test failures can be more challenging # for some golang developers. Otherwise the following tasks run across @@ -1062,6 +1114,7 @@ success_task: # TODO: issue #20548; These tests are new and mostly fail. # Ignore status until tests, scripts, and/or environment stabalize. # - podman_machine_windows + - podman_machine_mac - local_system_test - local_system_test_aarch64 - remote_system_test diff --git a/Makefile b/Makefile index 8af2a19e9eac..76753b88805a 100644 --- a/Makefile +++ b/Makefile @@ -624,8 +624,8 @@ localintegration: test-binaries ginkgo remoteintegration: test-binaries ginkgo-remote .PHONY: localmachine -localmachine: test-binaries .install.ginkgo - $(MAKE) ginkgo-run GINKGO_PARALLEL=n GINKGOWHAT=pkg/machine/e2e/. HACK= +localmachine: + $(MAKE) ginkgo-run GINKGO_PARALLEL=n TAGS="$(REMOTETAGS)" GINKGO_FLAKE_ATTEMPTS=0 FOCUS_FILE=$(FOCUS_FILE) GINKGOWHAT=pkg/machine/e2e/. HACK= .PHONY: localsystem localsystem: diff --git a/contrib/cirrus/mac_cleanup.sh b/contrib/cirrus/mac_cleanup.sh new file mode 100755 index 000000000000..37e8081b8f4f --- /dev/null +++ b/contrib/cirrus/mac_cleanup.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# This script is intended to be called by Cirrus-CI on a Mac M1 persistent worker. +# It performs a best-effort attempt at cleaning up from one task execution to the next. +# Since it run both before and after tasks, it must exit cleanly if there was a cleanup +# failure (i.e. file or directory not found). + +# Help anybody debugging side-effects, since failures are ignored (by necessity). +set +e -x + +# These are the main processes which could leak out of testing. +killall podman vfkit gvproxy make go ginkgo + +# This is defined as $TMPDIR during setup. Name must be kept +# "short" as sockets may reside here. Darwin suffers from +# the same limited socket-pathname character-length restriction +# as Linux. +rm -rf /private/tmp/ci/* /private/tmp/ci/.??* + +# Don't clobber the $CIRRUS_WORKING_DIR for this (running) task. +# shellcheck disable=SC2154 +find "${ORIGINAL_HOME:-$HOME}/ci" -mindepth 1 -maxdepth 1 \ + -not -name "*task-${CIRRUS_TASK_ID}*" -prune -exec rm -rf '{}' + + +# Bash scripts exit with the status of the last command. +true diff --git a/contrib/cirrus/mac_env.sh b/contrib/cirrus/mac_env.sh new file mode 100755 index 000000000000..35431de5ff88 --- /dev/null +++ b/contrib/cirrus/mac_env.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +set -euo pipefail + +# This script is intended to be called by Cirrus-CI on a Mac M1 persistent worker. +# It runs /after/ `mac_setup.sh` to help developers debug any environment +# related issues. It must not make any actualy changes to the environment. + +# Many variables can affect operations, make them all known to assist debugging. +echo "Selection of current env. vars:" +for env_var_name in $(awk 'BEGIN{for(v in ENVIRON) print v}' | grep -Eiv '(^PATH$)|(^BASH_FUNC)|(^_.*)' | sort) +do + echo " ${env_var_name}=${!env_var_name}" +done + +# The latest toolchain is always installed when instances are created. Make it known +# what version that actually is. +go version + +# Golang is sensitive to a collection of key variables. Make them known to assist +# with any debugging. N/B: Most filepath values should point somewhere under $HOME/ci/ +go env + +# The latest version is installed system-wide when instances are created. Make the +# current version known. +vfkit --version diff --git a/contrib/cirrus/mac_setup.sh b/contrib/cirrus/mac_setup.sh new file mode 100755 index 000000000000..3ab9163baf23 --- /dev/null +++ b/contrib/cirrus/mac_setup.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# This script is intended to be called by Cirrus-CI on a Mac M1 persistent worker. +# It runs after the preparatory `mac_cleanup.sh` to performs all the user-level +# environment setup required to execute testing. It assumes whatever system-wide +# setup is required, has already happened and was successful. + +set -euo pipefail + +# The otherwise standard `/etc/ci_environment` file cannot be used in this +# context, because the system is shared for multiple tasks. Instead, persist +# env. vars required during /subsequent/ testing steps via a "magic" Cirrus-CI +# mechanism. These cannot be set in the task YAML because they would interfere +# with repo. cloning and task preparation. +# Ref: +# https://cirrus-ci.org/guide/tips-and-tricks/#setting-environment-variables-from-scripts + +# Tests expect to call compiled binaries first, make sure they're found first. +# shellcheck disable=SC2154 +echo "PATH=$CIRRUS_WORKING_DIR/bin/darwin:$PATH" >> $CIRRUS_ENV + +# Post-task cleanup needs to know the actual user home directory +# shellcheck disable=SC2154 +echo "ORIGINAL_HOME=$HOME" >> $CIRRUS_ENV + +# Help isolate CI-operations from system-operations and simplify task cleanup. +# shellcheck disable=SC2154 +echo "HOME=$HOME/ci" >> $CIRRUS_ENV +# shellcheck disable=SC2154 +echo "TMPDIR=/private/tmp/ci" >> $CIRRUS_ENV + +# Removed completely during cleanup. +mkdir -p /private/tmp/ci diff --git a/pkg/machine/e2e/README.md b/pkg/machine/e2e/README.md index 7b0637a1d436..5a1e324a20c9 100644 --- a/pkg/machine/e2e/README.md +++ b/pkg/machine/e2e/README.md @@ -1,42 +1,38 @@ -# Working README for running the machine tests - -Note: you must not have any machines defined before running tests -## Linux - -### QEMU - -`make localmachine` - -## Microsoft Windows - -### HyperV - -1. Open a powershell as admin -1. $env:CONTAINERS_MACHINE_PROVIDER="hyperv" -1. `./winmake localmachine` - -Note: To run specific test files, add the test files to the end of the winmake command: - -`./winmake localmachine "basic_test.go start_test.go"` - -### WSL -1. Open a powershell as a regular user -1. Build and copy win-sshproxy into bin/ -1. `./winmake localmachine` - -Note: To run specific test files, add the test files to the end of the winmake command: - -`./winmake localmachine "basic_test.go start_test.go"` - -## MacOS - -### Apple Hypervisor - -1. `make podman-remote` -1. `make .install.ginkgo` -1. `export TMPDIR=/Users/` -1. `export CONTAINERS_MACHINE_PROVIDER="applehv"` -1. `export MACHINE_IMAGE="https://fedorapeople.org/groups/podman/testing/applehv/arm64/fedora-coreos-38.20230925.dev.0-applehv.aarch64.raw.gz"` -1. `./test/tools/build/ginkgo -vv --tags "remote exclude_graphdriver_btrfs btrfs_noversion exclude_graphdriver_devicemapper containers_image_openpgp remote" -timeout=90m --trace --no-color pkg/machine/e2e/.` - -Note: Add `--focus-file "basic_test.go" ` to only run basic test +# Working README for running the machine tests + +Note: you must not have any machines defined before running tests +## Linux + +### QEMU + +`make localmachine` + +## Microsoft Windows + +### HyperV + +1. Open a powershell as admin +1. $env:CONTAINERS_MACHINE_PROVIDER="hyperv" +1. `./winmake localmachine` + +Note: To run specific test files, add the test files to the end of the winmake command: + +`./winmake localmachine "basic_test.go start_test.go"` + +### WSL +1. Open a powershell as a regular user +1. Build and copy win-sshproxy into bin/ +1. `./winmake localmachine` + +Note: To run specific test files, add the test files to the end of the winmake command: + +`./winmake localmachine "basic_test.go start_test.go"` + +## MacOS + +### Apple Hypervisor + +1. `make podman-remote` +1. `export CONTAINERS_MACHINE_PROVIDER="applehv"` +1. `export MACHINE_IMAGE="https://fedorapeople.org/groups/podman/testing/applehv/arm64/fedora-coreos-38.20230925.dev.0-applehv.aarch64.raw.gz"` +1. `make localmachine` (Add `FOCUS_FILE=basic_test.go` to only run basic test) From f1dc126bf6c3a33d72e3a49e81630fd1ce5c73f5 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 30 Nov 2023 11:00:10 -0500 Subject: [PATCH 124/170] Do not aggregate failing mac test status Issue Ref: #20853 Allow the tests to fail, but don't block merging PRs. This commit should be reverted when #20853 is resolved. Signed-off-by: Chris Evich --- .cirrus.yml | 3 ++- contrib/cirrus/cirrus_yaml_test.py | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 24fe708cd582..f22e0bc34bf9 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -1114,7 +1114,8 @@ success_task: # TODO: issue #20548; These tests are new and mostly fail. # Ignore status until tests, scripts, and/or environment stabalize. # - podman_machine_windows - - podman_machine_mac + # TODO: Issue #20853; Tests mostly fail then timeout after an hour. + # - podman_machine_mac - local_system_test - local_system_test_aarch64 - remote_system_test diff --git a/contrib/cirrus/cirrus_yaml_test.py b/contrib/cirrus/cirrus_yaml_test.py index 196b745a2dec..b21a3fd792fd 100755 --- a/contrib/cirrus/cirrus_yaml_test.py +++ b/contrib/cirrus/cirrus_yaml_test.py @@ -27,7 +27,7 @@ class TestDependsOn(TestCaseBase): ALL_TASK_NAMES = None SUCCESS_DEPS_EXCLUDE = set(['success', 'bench_stuff', 'artifacts', - 'release', 'release_test', 'podman_machine_windows']) + 'release', 'release_test', 'podman_machine_windows', 'podman_machine_mac']) def setUp(self): super().setUp() From 7f4b0f20877ca5c1d372e12775d5c204785bf272 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Mon, 4 Dec 2023 09:13:53 -0700 Subject: [PATCH 125/170] apiv2 tests: fix race Test flaking because (I think) one-second resolution isn't good enough for --since. Use NS resolution. Also, more test-name cleanup: strip off timestamps in 'since='. This yields consistent test names in logs, which makes it easier for me to categorize flakes. Fixes: #20896 Signed-off-by: Ed Santiago --- test/apiv2/27-containersEvents.at | 2 +- test/apiv2/test-apiv2 | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/test/apiv2/27-containersEvents.at b/test/apiv2/27-containersEvents.at index aac426218d4b..082cfabf451c 100644 --- a/test/apiv2/27-containersEvents.at +++ b/test/apiv2/27-containersEvents.at @@ -8,7 +8,7 @@ podman pull $IMAGE &>/dev/null # Ensure clean slate podman rm -a -f &>/dev/null -START=$(date +%s) +START=$(date +%s.%N) podman run --rm $IMAGE false || true diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index 102c2a477b78..c1ec290df687 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -147,7 +147,8 @@ function like() { function _show_ok() { local ok=$1 # Exec tests include control characters; filter them out - local testname=$(tr -d \\012 <<<"$2"|cat -vT) + # Also filter out timestamps, to get consistent test names in logs + local testname=$(tr -d \\012 <<<"$2"|sed -e 's/since=[0-9.]\+/since=(T)/'|cat -vT) # If output is a tty, colorize pass/fail local red= From 1f42aff93301973724e1b7c3c600ae064ff2b9bd Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Sun, 5 Nov 2023 10:59:52 -0700 Subject: [PATCH 126/170] systests: debug systemd failures When a systemd-related system test fails, we usually get: systemctl start foo FAILED exit status 1, try 'systemctl --status' or 'journalctl -xe' That makes it impossible to debug flakes. Solution: new systemctl_start() [note underscore], to be used instead of systemctl start. On failure, will run log commands. Signed-off-by: Ed Santiago --- test/system/250-systemd.bats | 10 +++----- test/system/252-quadlet.bats | 7 ++---- test/system/255-auto-update.bats | 7 +++--- test/system/270-socket-activation.bats | 2 +- test/system/helpers.systemd.bash | 35 ++++++++++++++++++++++++++ 5 files changed, 45 insertions(+), 16 deletions(-) diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index 87c3cfe3cfb6..5cf6a0978c3b 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -46,8 +46,7 @@ function service_setup() { run systemctl enable "$SERVICE_NAME" assert $status -eq 0 "Error enabling systemd unit $SERVICE_NAME: $output" - run systemctl start "$SERVICE_NAME" - assert $status -eq 0 "Error starting systemd unit $SERVICE_NAME: $output" + systemctl_start "$SERVICE_NAME" run systemctl status "$SERVICE_NAME" assert $status -eq 0 "systemctl status $SERVICE_NAME: $output" @@ -230,8 +229,7 @@ LISTEN_FDNAMES=listen_fdnames" | sort) systemctl daemon-reload INSTANCE="$SERVICE_NAME@1.service" - run systemctl start "$INSTANCE" - assert $status -eq 0 "Error starting systemd unit $INSTANCE: $output" + systemctl_start "$INSTANCE" run systemctl status "$INSTANCE" assert $status -eq 0 "systemctl status $INSTANCE: $output" @@ -401,7 +399,7 @@ EOF # Dispatch the YAML file service_name="podman-kube@$(systemd-escape $yaml_source).service" - systemctl start $service_name + systemctl_start $service_name systemctl is-active $service_name # Make sure that Podman is the service's MainPID @@ -456,7 +454,7 @@ $name stderr" "logs work with passthrough" # Now stop and start the service again. systemctl stop $service_name - systemctl start $service_name + systemctl_start $service_name systemctl is-active $service_name run_podman container inspect $service_container --format "{{.State.Running}}" is "$output" "true" diff --git a/test/system/252-quadlet.bats b/test/system/252-quadlet.bats index 6780af194feb..912b6be08c13 100644 --- a/test/system/252-quadlet.bats +++ b/test/system/252-quadlet.bats @@ -91,10 +91,7 @@ function service_setup() { local activestate="inactive" fi - echo "$_LOG_PROMPT systemctl $startargs start $service" - run systemctl $startargs start "$service" - echo "$output" - assert $status -eq 0 "Error starting systemd unit $service" + systemctl_start $startargs "$service" # FIXME FIXME FIXME: this is racy with short-lived containers! echo "$_LOG_PROMPT systemctl status $service" @@ -798,7 +795,7 @@ ExecStart=/bin/bash -c "echo %T >$percent_t_file" Type=oneshot EOF systemctl daemon-reload - systemctl --wait start $service + systemctl_start --wait $service percent_t=$(< $percent_t_file) # Clean up. Don't bother to systemctl-reload, service_setup does that below. rm -f $unitfile diff --git a/test/system/255-auto-update.bats b/test/system/255-auto-update.bats index 75e0a7fca857..6540ea1e06eb 100644 --- a/test/system/255-auto-update.bats +++ b/test/system/255-auto-update.bats @@ -92,7 +92,7 @@ function generate_service() { run_podman rm -t 0 -f $cname systemctl daemon-reload - systemctl start container-$cname + systemctl_start container-$cname systemctl status container-$cname # Original image ID. @@ -530,7 +530,7 @@ EOF # Dispatch the YAML file service_name="podman-kube@$(systemd-escape $yaml_source).service" - systemctl start $service_name + systemctl_start $service_name systemctl is-active $service_name # Make sure the containers are properly configured @@ -588,8 +588,7 @@ EOF systemctl daemon-reload - run systemctl start pod-$podname.service - assert $status -eq 0 "Error starting pod systemd unit: $output" + systemctl_start pod-$podname.service _wait_service_ready container-$ctrname.service run_podman pod inspect --format "{{.State}}" $podname diff --git a/test/system/270-socket-activation.bats b/test/system/270-socket-activation.bats index a8ae2343315f..0073000b086c 100644 --- a/test/system/270-socket-activation.bats +++ b/test/system/270-socket-activation.bats @@ -59,7 +59,7 @@ EOF rm -f $pause_pid_file fi fi - systemctl start "$SERVICE_NAME.socket" + systemctl_start "$SERVICE_NAME.socket" } function teardown() { diff --git a/test/system/helpers.systemd.bash b/test/system/helpers.systemd.bash index 52581bfc6ec7..bda601c15370 100644 --- a/test/system/helpers.systemd.bash +++ b/test/system/helpers.systemd.bash @@ -33,6 +33,41 @@ systemd-run() { timeout --foreground -v --kill=10 $PODMAN_TIMEOUT systemd-run $_DASHUSER "$@"; } +# "systemctl start" is special: when it fails, it doesn't give any useful info. +# This helper fixes that. +systemctl_start() { + # Arg processing. First arg might be "--wait"... + local wait= + if [[ "$1" = "--wait" ]]; then + wait="$1" + shift + fi + # ...but beyond that, only one arg is allowed + local unit="$1" + shift + assert "$*" = "" "systemctl_start invoked with spurious args" + + echo "$_LOG_PROMPT systemctl $wait start $unit" + run systemctl $wait start "$unit" + echo "$output" + if [[ $status -eq 0 ]]; then + return + fi + + # Failed. This is our value added. + echo + echo "***** systemctl start $unit -- FAILED!" + echo + echo "$_LOG_PROMPT systemctl status $unit" + run systemctl status "$unit" + echo "$output" + echo + echo "$_LOG_PROMPT journalctl -xeu $unit" + run journalctl -xeu "$unit" + echo "$output" + false +} + install_kube_template() { # If running from a podman source directory, build and use the source # version of the play-kube-@ unit file From 94e67cfc71786a485e0b235643fa8ec5e6e77a2b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 18:01:56 +0000 Subject: [PATCH 127/170] fix(deps): update module github.com/containernetworking/plugins to v1.4.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- vendor/modules.txt | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 3dd230930963..78be6a17d231 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/checkpoint-restore/checkpointctl v1.1.0 github.com/checkpoint-restore/go-criu/v7 v7.0.0 github.com/containernetworking/cni v1.1.2 - github.com/containernetworking/plugins v1.3.0 + github.com/containernetworking/plugins v1.4.0 github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 github.com/containers/conmon v2.0.20+incompatible diff --git a/go.sum b/go.sum index 47f5b6300ac6..5182544bd882 100644 --- a/go.sum +++ b/go.sum @@ -252,8 +252,8 @@ github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl3 github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= -github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= +github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7wwSv9iTbXzzic= +github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 h1:56pMgYcYyhTlmPPhRmG34NBmT5S/IwMMmOq0o4LJAMo= diff --git a/vendor/modules.txt b/vendor/modules.txt index 467f2479367b..33a7b3be572b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -135,7 +135,7 @@ github.com/containernetworking/cni/pkg/types/create github.com/containernetworking/cni/pkg/types/internal github.com/containernetworking/cni/pkg/utils github.com/containernetworking/cni/pkg/version -# github.com/containernetworking/plugins v1.3.0 +# github.com/containernetworking/plugins v1.4.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns # github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c From 972ffaca4d5047c139bb821ac74f756298a6204c Mon Sep 17 00:00:00 2001 From: Odilon Sousa Date: Mon, 4 Dec 2023 23:32:39 -0300 Subject: [PATCH 128/170] Add support for Entrypoint in quadlet This PR closes #20585 Add Inital support for Entrypoint on quadlets Add Bats Tests for Entrypoint Updates the documentation with one example to use the Entrypoint option Signed-off-by: Odilon Sousa --- docs/source/markdown/podman-systemd.unit.5.md | 7 +++++++ pkg/systemd/quadlet/quadlet.go | 7 +++++++ test/system/252-quadlet.bats | 18 ++++++++++++++++++ 3 files changed, 32 insertions(+) diff --git a/docs/source/markdown/podman-systemd.unit.5.md b/docs/source/markdown/podman-systemd.unit.5.md index 5bbc2b6974ab..269c7ffd3b2a 100644 --- a/docs/source/markdown/podman-systemd.unit.5.md +++ b/docs/source/markdown/podman-systemd.unit.5.md @@ -168,6 +168,7 @@ Valid options for `[Container]` are listed below: | Environment=foo=bar | --env foo=bar | | EnvironmentFile=/tmp/env | --env-file /tmp/env | | EnvironmentHost=true | --env-host | +| Entrypoint=/foo.sh | --entrypoint=/foo.sh | | Exec=/usr/bin/command | Command after image specification - /usr/bin/command | | ExposeHostPort=50-59 | --expose 50-59 | | GIDMap=0:10000:10 | --gidmap=0:10000:10 | @@ -320,6 +321,12 @@ This key may be used multiple times, and the order persists when passed to `podm Use the host environment inside of the container. +#### `Entrypoint=` + +Override the default ENTRYPOINT from the image. +Equivalent to the Podman `--entrypoint` option. +Specify multi option commands in the form of a json string. + ### `Exec=` If this is set then it defines what command line to run in the container. If it is not set the diff --git a/pkg/systemd/quadlet/quadlet.go b/pkg/systemd/quadlet/quadlet.go index 349d55bc7926..c484ec66d0e1 100644 --- a/pkg/systemd/quadlet/quadlet.go +++ b/pkg/systemd/quadlet/quadlet.go @@ -72,6 +72,7 @@ const ( KeyEnvironment = "Environment" KeyEnvironmentFile = "EnvironmentFile" KeyEnvironmentHost = "EnvironmentHost" + KeyEntrypoint = "Entrypoint" KeyExec = "Exec" KeyExitCodePropagation = "ExitCodePropagation" KeyExposeHostPort = "ExposeHostPort" @@ -180,6 +181,7 @@ var ( KeyEnvironment: true, KeyEnvironmentFile: true, KeyEnvironmentHost: true, + KeyEntrypoint: true, KeyExec: true, KeyExposeHostPort: true, KeyGIDMap: true, @@ -628,6 +630,11 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse podman.addf("--shm-size=%s", shmSize) } + entrypoint, hasEntrypoint := container.Lookup(ContainerGroup, KeyEntrypoint) + if hasEntrypoint { + podman.addf("--entrypoint=%s", entrypoint) + } + sysctl := container.LookupAllStrv(ContainerGroup, KeySysctl) for _, sysctlItem := range sysctl { podman.addf("--sysctl=%s", sysctlItem) diff --git a/test/system/252-quadlet.bats b/test/system/252-quadlet.bats index 912b6be08c13..e8b6727a785c 100644 --- a/test/system/252-quadlet.bats +++ b/test/system/252-quadlet.bats @@ -1467,4 +1467,22 @@ EOF run_podman rmi $(pause_image) } +@test "quadlet - entrypoint" { + local quadlet_file=$PODMAN_TMPDIR/basic_$(random_string).container + cat > $quadlet_file < Date: Sun, 3 Dec 2023 11:25:29 +0200 Subject: [PATCH 129/170] Kube Play - set ReportWriter when building an image Add test for a specific crash Update play build test to expect message in stderr Signed-off-by: Ygal Blum --- pkg/domain/infra/abi/play.go | 1 + test/e2e/play_build_test.go | 21 ++++++++--- test/system/252-quadlet.bats | 67 ++++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 4 deletions(-) diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 9a1811bd875f..ffa174d584d6 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -1023,6 +1023,7 @@ func (ic *ContainerEngine) getImageAndLabelInfo(ctx context.Context, cwd string, buildOpts.CommonBuildOpts = commonOpts buildOpts.Output = container.Image buildOpts.ContextDirectory = filepath.Dir(buildFile) + buildOpts.ReportWriter = writer if _, _, err := ic.Libpod.Build(ctx, *buildOpts, []string{buildFile}...); err != nil { return nil, nil, err } diff --git a/test/e2e/play_build_test.go b/test/e2e/play_build_test.go index 7e18fcb7c5ac..fbd9f799b2f3 100644 --- a/test/e2e/play_build_test.go +++ b/test/e2e/play_build_test.go @@ -12,6 +12,7 @@ import ( . "github.com/containers/podman/v4/test/utils" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + . "github.com/onsi/gomega/gexec" ) var _ = Describe("Podman play kube with build", func() { @@ -85,7 +86,10 @@ LABEL marge=mom session := podmanTest.Podman([]string{"kube", "play", "top.yaml"}) session.WaitWithDefaultTimeout() - Expect(session).Should(ExitCleanly()) + Expect(session).Should(Exit(0)) + stdErrString := session.ErrorToString() + Expect(stdErrString).To(ContainSubstring("Getting image source signatures")) + Expect(stdErrString).To(ContainSubstring("Writing manifest to image destination")) exists := podmanTest.Podman([]string{"image", "exists", "foobar"}) exists.WaitWithDefaultTimeout() @@ -122,7 +126,10 @@ LABEL marge=mom session := podmanTest.Podman([]string{"kube", "play", "top.yaml"}) session.WaitWithDefaultTimeout() - Expect(session).Should(ExitCleanly()) + Expect(session).Should(Exit(0)) + stdErrString := session.ErrorToString() + Expect(stdErrString).To(ContainSubstring("Getting image source signatures")) + Expect(stdErrString).To(ContainSubstring("Writing manifest to image destination")) exists := podmanTest.Podman([]string{"image", "exists", "foobar"}) exists.WaitWithDefaultTimeout() @@ -266,7 +273,10 @@ LABEL marge=mom session := podmanTest.Podman([]string{"kube", "play", "--build", "top.yaml"}) session.WaitWithDefaultTimeout() - Expect(session).Should(ExitCleanly()) + Expect(session).Should(Exit(0)) + stdErrString := session.ErrorToString() + Expect(stdErrString).To(ContainSubstring("Getting image source signatures")) + Expect(stdErrString).To(ContainSubstring("Writing manifest to image destination")) inspect := podmanTest.Podman([]string{"container", "inspect", "top_pod-foobar"}) inspect.WaitWithDefaultTimeout() @@ -351,7 +361,10 @@ echo GOT-HERE session := podmanTest.Podman([]string{"kube", "play", "echo.yaml"}) session.WaitWithDefaultTimeout() - Expect(session).Should(ExitCleanly()) + Expect(session).Should(Exit(0)) + stdErrString := session.ErrorToString() + Expect(stdErrString).To(ContainSubstring("Getting image source signatures")) + Expect(stdErrString).To(ContainSubstring("Writing manifest to image destination")) cid := "echo_pod-foobar" wait := podmanTest.Podman([]string{"wait", cid}) diff --git a/test/system/252-quadlet.bats b/test/system/252-quadlet.bats index 6780af194feb..3d9f1717e4b8 100644 --- a/test/system/252-quadlet.bats +++ b/test/system/252-quadlet.bats @@ -1470,4 +1470,71 @@ EOF run_podman rmi $(pause_image) } + +# This test reproduces https://github.com/containers/podman/issues/20432 +# In order to reproduce the issue, the image in the FROM must no be available locally +# and must not have a tag. The first forces Pull and the second the resolution where the crash occurs +# Using a local registry does not work since kube play does not pass the autofile and tls-verify flags to the build +@test "quadlet - kube build from unavailable image with no tag" { + local quadlet_tmpdir=$PODMAN_TMPDIR/quadlets + + local untagged_image=quay.io/libpod/busybox + local built_image=test_image + local yaml_dir=$quadlet_tmpdir/$built_image + local build_dir=$yaml_dir/$built_image + + # Use the same directory for all quadlet files to make sure later steps access previous ones + mkdir -p $build_dir + + container_file_path=$build_dir/Containerfile + cat >$container_file_path << EOF +FROM $untagged_image +EOF + + # Create the YAMl file + pod_name="test_pod" + container_name="test" + yaml_source="$yaml_dir/build_$(random_string).yaml" + cat >$yaml_source < $quadlet_file < Date: Fri, 1 Dec 2023 11:49:29 +0100 Subject: [PATCH 130/170] podman: new option --preserve-fd add a new option --preserve-fd that allows to specify a list of FDs to pass down to the container. It is similar to --preserve-fds but it allows to specify a list of FDs instead of the maximum FD number to preserve. --preserve-fd and --preserve-fds are mutually exclusive. It requires crun since runc would complain if any fd below --preserve-fds is not preserved. Closes: https://github.com/containers/podman/issues/20844 Signed-off-by: Giuseppe Scrivano --- cmd/podman/containers/exec.go | 10 ++++ cmd/podman/containers/run.go | 15 +++++- docs/source/markdown/options/preserve-fd.md | 10 ++++ docs/source/markdown/podman-exec.1.md.in | 2 + docs/source/markdown/podman-run.1.md.in | 2 + libpod/container_config.go | 3 ++ libpod/container_exec.go | 4 ++ libpod/oci.go | 3 ++ libpod/oci_conmon_common.go | 51 +++++++++++++++++---- libpod/oci_conmon_exec_common.go | 20 ++++---- libpod/options.go | 12 +++++ pkg/domain/entities/containers.go | 2 + pkg/domain/entities/pods.go | 1 + pkg/domain/infra/abi/containers.go | 2 + pkg/specgen/generate/container_create.go | 4 ++ pkg/specgen/specgen.go | 5 ++ pkg/specgenutil/specgen.go | 8 ++++ test/system/030-run.bats | 19 ++++++++ test/system/075-exec.bats | 22 +++++++++ 19 files changed, 172 insertions(+), 23 deletions(-) create mode 100644 docs/source/markdown/options/preserve-fd.md diff --git a/cmd/podman/containers/exec.go b/cmd/podman/containers/exec.go index 36be01479a65..e8eb557bd088 100644 --- a/cmd/podman/containers/exec.go +++ b/cmd/podman/containers/exec.go @@ -83,6 +83,10 @@ func execFlags(cmd *cobra.Command) { flags.UintVar(&execOpts.PreserveFDs, preserveFdsFlagName, 0, "Pass N additional file descriptors to the container") _ = cmd.RegisterFlagCompletionFunc(preserveFdsFlagName, completion.AutocompleteNone) + preserveFdFlagName := "preserve-fd" + flags.UintSliceVar(&execOpts.PreserveFD, preserveFdFlagName, nil, "Pass a list of additional file descriptors to the container") + _ = cmd.RegisterFlagCompletionFunc(preserveFdFlagName, completion.AutocompleteNone) + workdirFlagName := "workdir" flags.StringVarP(&execOpts.WorkDir, workdirFlagName, "w", "", "Working directory inside the container") _ = cmd.RegisterFlagCompletionFunc(workdirFlagName, completion.AutocompleteDefault) @@ -139,6 +143,12 @@ func exec(cmd *cobra.Command, args []string) error { execOpts.Envs = envLib.Join(execOpts.Envs, cliEnv) + for _, fd := range execOpts.PreserveFD { + if !rootless.IsFdInherited(int(fd)) { + return fmt.Errorf("file descriptor %d is not available - the preserve-fd option requires that file descriptors must be passed", fd) + } + } + for fd := 3; fd < int(3+execOpts.PreserveFDs); fd++ { if !rootless.IsFdInherited(fd) { return fmt.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd) diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go index 09c9df8742d2..3ce6ada180d1 100644 --- a/cmd/podman/containers/run.go +++ b/cmd/podman/containers/run.go @@ -67,9 +67,13 @@ func runFlags(cmd *cobra.Command) { flags.BoolVar(&runRmi, "rmi", false, "Remove image unless used by other containers, implies --rm") preserveFdsFlagName := "preserve-fds" - flags.UintVar(&runOpts.PreserveFDs, "preserve-fds", 0, "Pass a number of additional file descriptors into the container") + flags.UintVar(&runOpts.PreserveFDs, preserveFdsFlagName, 0, "Pass a number of additional file descriptors into the container") _ = cmd.RegisterFlagCompletionFunc(preserveFdsFlagName, completion.AutocompleteNone) + preserveFdFlagName := "preserve-fd" + flags.UintSliceVar(&runOpts.PreserveFD, preserveFdFlagName, nil, "Pass a file descriptor into the container") + _ = cmd.RegisterFlagCompletionFunc(preserveFdFlagName, completion.AutocompleteNone) + flags.BoolVarP(&runOpts.Detach, "detach", "d", false, "Run container in background and print container ID") detachKeysFlagName := "detach-keys" @@ -85,7 +89,8 @@ func runFlags(cmd *cobra.Command) { flags.BoolVar(&runOpts.Passwd, passwdFlagName, true, "add entries to /etc/passwd and /etc/group") if registry.IsRemote() { - _ = flags.MarkHidden("preserve-fds") + _ = flags.MarkHidden(preserveFdsFlagName) + _ = flags.MarkHidden(preserveFdFlagName) _ = flags.MarkHidden("conmon-pidfile") _ = flags.MarkHidden("pidfile") } @@ -135,6 +140,11 @@ func run(cmd *cobra.Command, args []string) error { return err } + for _, fd := range runOpts.PreserveFD { + if !rootless.IsFdInherited(int(fd)) { + return fmt.Errorf("file descriptor %d is not available - the preserve-fd option requires that file descriptors must be passed", fd) + } + } for fd := 3; fd < int(3+runOpts.PreserveFDs); fd++ { if !rootless.IsFdInherited(fd) { return fmt.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd) @@ -196,6 +206,7 @@ func run(cmd *cobra.Command, args []string) error { } cliVals.PreserveFDs = runOpts.PreserveFDs + cliVals.PreserveFD = runOpts.PreserveFD s := specgen.NewSpecGenerator(imageName, cliVals.RootFS) if err := specgenutil.FillOutSpecGen(s, &cliVals, args); err != nil { return err diff --git a/docs/source/markdown/options/preserve-fd.md b/docs/source/markdown/options/preserve-fd.md new file mode 100644 index 000000000000..42530dcfe433 --- /dev/null +++ b/docs/source/markdown/options/preserve-fd.md @@ -0,0 +1,10 @@ +####> This option file is used in: +####> podman exec, run +####> If file is edited, make sure the changes +####> are applicable to all of those. +#### **--preserve-fd**=*FD1[,FD2,...]* + +Pass down to the process the additional file descriptors specified in the comma separated list. It can be specified multiple times. +This option is only supported with the crun OCI runtime. It might be a security risk to use this option with other OCI runtimes. + +(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines) diff --git a/docs/source/markdown/podman-exec.1.md.in b/docs/source/markdown/podman-exec.1.md.in index cf54d2d2257b..d1cdb7a905c0 100644 --- a/docs/source/markdown/podman-exec.1.md.in +++ b/docs/source/markdown/podman-exec.1.md.in @@ -27,6 +27,8 @@ Start the exec session, but do not attach to it. The command runs in the backgro @@option latest +@@option preserve-fd + @@option preserve-fds @@option privileged diff --git a/docs/source/markdown/podman-run.1.md.in b/docs/source/markdown/podman-run.1.md.in index 76e5ea5351e0..7132673861bf 100644 --- a/docs/source/markdown/podman-run.1.md.in +++ b/docs/source/markdown/podman-run.1.md.in @@ -308,6 +308,8 @@ This is used to override the Podman provided user setup in favor of entrypoint c @@option pod-id-file.container +@@option preserve-fd + @@option preserve-fds @@option privileged diff --git a/libpod/container_config.go b/libpod/container_config.go index aefce67219b1..7df0c2c396c1 100644 --- a/libpod/container_config.go +++ b/libpod/container_config.go @@ -416,6 +416,9 @@ type ContainerMiscConfig struct { // to 0, 1, 2) that will be passed to the executed process. The total FDs // passed will be 3 + PreserveFDs. PreserveFDs uint `json:"preserveFds,omitempty"` + // PreserveFD is a list of additional file descriptors (in addition + // to 0, 1, 2) that will be passed to the executed process. + PreserveFD []uint `json:"preserveFd,omitempty"` // Timezone is the timezone inside the container. // Local means it has the same timezone as the host machine Timezone string `json:"timezone,omitempty"` diff --git a/libpod/container_exec.go b/libpod/container_exec.go index f04f369d603b..babfca09e88a 100644 --- a/libpod/container_exec.go +++ b/libpod/container_exec.go @@ -66,6 +66,9 @@ type ExecConfig struct { // given is the number that will be passed into the exec session, // starting at 3. PreserveFDs uint `json:"preserveFds,omitempty"` + // PreserveFD is a list of additional file descriptors (in addition + // to 0, 1, 2) that will be passed to the executed process. + PreserveFD []uint `json:"preserveFd,omitempty"` // ExitCommand is the exec session's exit command. // This command will be executed when the exec session exits. // If unset, no command will be executed. @@ -1092,6 +1095,7 @@ func prepareForExec(c *Container, session *ExecSession) (*ExecOptions, error) { opts.Cwd = session.Config.WorkDir opts.User = session.Config.User opts.PreserveFDs = session.Config.PreserveFDs + opts.PreserveFD = session.Config.PreserveFD opts.DetachKeys = session.Config.DetachKeys opts.ExitCommand = session.Config.ExitCommand opts.ExitCommandDelay = session.Config.ExitCommandDelay diff --git a/libpod/oci.go b/libpod/oci.go index 8b55e58adc99..59264dfe7d63 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -202,6 +202,9 @@ type ExecOptions struct { // to 0, 1, 2) that will be passed to the executed process. The total FDs // passed will be 3 + PreserveFDs. PreserveFDs uint + // PreserveFD is a list of additional file descriptors (in addition + // to 0, 1, 2) that will be passed to the executed process. + PreserveFD []uint // DetachKeys is a set of keys that, when pressed in sequence, will // detach from the container. // If not provided, the default keys will be used. diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index a8514a622b84..e40c8438334a 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -1038,6 +1038,39 @@ func (r *ConmonOCIRuntime) getLogTag(ctr *Container) (string, error) { return b.String(), nil } +func getPreserveFdExtraFiles(preserveFD []uint, preserveFDs uint) (uint, []*os.File, []*os.File, error) { + var filesToClose []*os.File + var extraFiles []*os.File + + preserveFDsMap := make(map[uint]struct{}) + for _, i := range preserveFD { + if i < 3 { + return 0, nil, nil, fmt.Errorf("cannot preserve FD %d, consider using the passthrough log-driver to pass STDIO streams into the container: %w", i, define.ErrInvalidArg) + } + if i-2 > preserveFDs { + // preserveFDs is the number of FDs above 2 to keep around. + // e.g. if the user specified FD=3, then preserveFDs must be 1. + preserveFDs = i - 2 + } + preserveFDsMap[i] = struct{}{} + } + + if preserveFDs > 0 { + for fd := 3; fd < int(3+preserveFDs); fd++ { + if len(preserveFDsMap) > 0 { + if _, ok := preserveFDsMap[uint(fd)]; !ok { + extraFiles = append(extraFiles, nil) + continue + } + } + f := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)) + filesToClose = append(filesToClose, f) + extraFiles = append(extraFiles, f) + } + } + return preserveFDs, filesToClose, extraFiles, nil +} + // createOCIContainer generates this container's main conmon instance and prepares it for starting func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *ContainerCheckpointOptions) (int64, error) { var stderrBuf bytes.Buffer @@ -1114,10 +1147,11 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co args = append(args, []string{"--exit-command-arg", arg}...) } - // Pass down the LISTEN_* environment (see #10443). preserveFDs := ctr.config.PreserveFDs + + // Pass down the LISTEN_* environment (see #10443). if val := os.Getenv("LISTEN_FDS"); val != "" { - if ctr.config.PreserveFDs > 0 { + if preserveFDs > 0 || len(ctr.config.PreserveFD) > 0 { logrus.Warnf("Ignoring LISTEN_FDS to preserve custom user-specified FDs") } else { fds, err := strconv.Atoi(val) @@ -1128,6 +1162,10 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co } } + preserveFDs, filesToClose, extraFiles, err := getPreserveFdExtraFiles(ctr.config.PreserveFD, preserveFDs) + if err != nil { + return 0, err + } if preserveFDs > 0 { args = append(args, formatRuntimeOpts("--preserve-fds", strconv.FormatUint(uint64(preserveFDs), 10))...) } @@ -1189,14 +1227,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co return 0, fmt.Errorf("configuring conmon env: %w", err) } - var filesToClose []*os.File - if preserveFDs > 0 { - for fd := 3; fd < int(3+preserveFDs); fd++ { - f := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)) - filesToClose = append(filesToClose, f) - cmd.ExtraFiles = append(cmd.ExtraFiles, f) - } - } + cmd.ExtraFiles = extraFiles cmd.Env = r.conmonEnv // we don't want to step on users fds they asked to preserve diff --git a/libpod/oci_conmon_exec_common.go b/libpod/oci_conmon_exec_common.go index b44dbe0efa75..ec44b215549a 100644 --- a/libpod/oci_conmon_exec_common.go +++ b/libpod/oci_conmon_exec_common.go @@ -391,8 +391,13 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex args := r.sharedConmonArgs(c, sessionID, c.execBundlePath(sessionID), c.execPidPath(sessionID), c.execLogPath(sessionID), c.execExitFileDir(sessionID), ociLog, define.NoLogging, c.config.LogTag) - if options.PreserveFDs > 0 { - args = append(args, formatRuntimeOpts("--preserve-fds", strconv.FormatUint(uint64(options.PreserveFDs), 10))...) + preserveFDs, filesToClose, extraFiles, err := getPreserveFdExtraFiles(options.PreserveFD, options.PreserveFDs) + if err != nil { + return nil, nil, err + } + + if preserveFDs > 0 { + args = append(args, formatRuntimeOpts("--preserve-fds", strconv.FormatUint(uint64(preserveFDs), 10))...) } if options.Terminal { @@ -442,19 +447,12 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex return nil, nil, fmt.Errorf("configuring conmon env: %w", err) } - var filesToClose []*os.File - if options.PreserveFDs > 0 { - for fd := 3; fd < int(3+options.PreserveFDs); fd++ { - f := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)) - filesToClose = append(filesToClose, f) - execCmd.ExtraFiles = append(execCmd.ExtraFiles, f) - } - } + execCmd.ExtraFiles = extraFiles // we don't want to step on users fds they asked to preserve // Since 0-2 are used for stdio, start the fds we pass in at preserveFDs+3 execCmd.Env = r.conmonEnv - execCmd.Env = append(execCmd.Env, fmt.Sprintf("_OCI_SYNCPIPE=%d", options.PreserveFDs+3), fmt.Sprintf("_OCI_STARTPIPE=%d", options.PreserveFDs+4), fmt.Sprintf("_OCI_ATTACHPIPE=%d", options.PreserveFDs+5)) + execCmd.Env = append(execCmd.Env, fmt.Sprintf("_OCI_SYNCPIPE=%d", preserveFDs+3), fmt.Sprintf("_OCI_STARTPIPE=%d", preserveFDs+4), fmt.Sprintf("_OCI_ATTACHPIPE=%d", preserveFDs+5)) execCmd.Env = append(execCmd.Env, conmonEnv...) execCmd.ExtraFiles = append(execCmd.ExtraFiles, childSyncPipe, childStartPipe, childAttachPipe) diff --git a/libpod/options.go b/libpod/options.go index 83f8afba0876..09a833a4a743 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1555,6 +1555,18 @@ func WithPreserveFDs(fd uint) CtrCreateOption { } } +// WithPreserveFD forwards from the process running Libpod into the container +// the given list of extra FDs to the created container +func WithPreserveFD(fds []uint) CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return define.ErrCtrFinalized + } + ctr.config.PreserveFD = fds + return nil + } +} + // WithCreateCommand adds the full command plus arguments of the current // process to the container config. func WithCreateCommand(cmd []string) CtrCreateOption { diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go index a47b9ed20c97..1b646000829b 100644 --- a/pkg/domain/entities/containers.go +++ b/pkg/domain/entities/containers.go @@ -297,6 +297,7 @@ type ExecOptions struct { Interactive bool Latest bool PreserveFDs uint + PreserveFD []uint Privileged bool Tty bool User string @@ -360,6 +361,7 @@ type ContainerRunOptions struct { InputStream *os.File OutputStream *os.File PreserveFDs uint + PreserveFD []uint Rm bool SigProxy bool Spec *specgen.SpecGenerator diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 0baff93a66b2..d57dedee40b3 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -250,6 +250,7 @@ type ContainerCreateOptions struct { PodIDFile string Personality string PreserveFDs uint + PreserveFD []uint Privileged bool PublishAll bool Pull string diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index e8cb8e346eb5..1a6d044656bf 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -809,6 +809,7 @@ func makeExecConfig(options entities.ExecOptions, rt *libpod.Runtime) (*libpod.E execConfig.WorkDir = options.WorkDir execConfig.DetachKeys = &options.DetachKeys execConfig.PreserveFDs = options.PreserveFDs + execConfig.PreserveFD = options.PreserveFD execConfig.AttachStdin = options.Interactive // Make an exit command @@ -858,6 +859,7 @@ func (ic *ContainerEngine) ContainerExec(ctx context.Context, nameOrID string, o if err != nil { return ec, err } + containers, err := getContainers(ic.Libpod, getContainersOptions{latest: options.Latest, names: []string{nameOrID}}) if err != nil { return ec, err diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 940fefae0860..ea5fa1e7c3c7 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -355,6 +355,10 @@ func createContainerOptions(rt *libpod.Runtime, s *specgen.SpecGenerator, pod *l options = append(options, libpod.WithPreserveFDs(s.PreserveFDs)) } + if s.PreserveFD != nil { + options = append(options, libpod.WithPreserveFD(s.PreserveFD)) + } + if s.Stdin { options = append(options, libpod.WithStdin()) } diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 9568ddc04841..80b68999023b 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -180,6 +180,11 @@ type ContainerBasicConfig struct { // set tags as `json:"-"` for not supported remote // Optional. PreserveFDs uint `json:"-"` + // PreserveFD is a list of additional file descriptors (in addition + // to 0, 1, 2) that will be passed to the executed process. + // set tags as `json:"-"` for not supported remote + // Optional. + PreserveFD []uint `json:"-"` // Timezone is the timezone inside the container. // Local means it has the same timezone as the host machine // Optional. diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go index c15c560314bc..306a19b394e8 100644 --- a/pkg/specgenutil/specgen.go +++ b/pkg/specgenutil/specgen.go @@ -838,9 +838,17 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions if len(s.Name) == 0 || len(c.Name) != 0 { s.Name = c.Name } + + if c.PreserveFDs != 0 && c.PreserveFD != nil { + return errors.New("cannot specify both --preserve-fds and --preserve-fd") + } + if s.PreserveFDs == 0 || c.PreserveFDs != 0 { s.PreserveFDs = c.PreserveFDs } + if s.PreserveFD == nil || c.PreserveFD != nil { + s.PreserveFD = c.PreserveFD + } if s.OOMScoreAdj == nil || c.OOMScoreAdj != nil { s.OOMScoreAdj = c.OOMScoreAdj diff --git a/test/system/030-run.bats b/test/system/030-run.bats index 6729a0f5a7ea..30949e390d51 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -80,6 +80,25 @@ echo $rand | 0 | $rand is "$output" "$content" "container read input from fd 4" } +# 'run --preserve-fd' passes a list of additional file descriptors into the container +@test "podman run --preserve-fd" { + skip_if_remote "preserve-fd is meaningless over remote" + + runtime=$(podman_runtime) + if [[ $runtime != "crun" ]]; then + skip "runtime is $runtime; preserve-fd requires crun" + fi + + content=$(random_string 20) + echo "$content" > $PODMAN_TMPDIR/tempfile + + # /proc/self/fd will have 0 1 2, possibly 3 & 4, but no 2-digit fds other than 40 + run_podman run --rm -i --preserve-fd=9,40 $IMAGE sh -c '/bin/ls -C -w999 /proc/self/fd; cat <&9; cat <&40' 9<<<"fd9" 10 $PODMAN_TMPDIR/tempfile + + # /proc/self/fd will have 0 1 2, possibly 3 & 4, but no 2-digit fds other than 40 + run_podman exec --preserve-fd=9,40 $cid sh -c '/bin/ls -C -w999 /proc/self/fd; cat <&9; cat <&40' 9<<<"fd9" 10 Date: Tue, 5 Dec 2023 09:51:39 -0300 Subject: [PATCH 131/170] Add e2e tests for quadlet Entrypoint option Drop bats tests for quadlet Entrypoint Signed-off-by: Odilon Sousa --- test/e2e/quadlet/entrypoint.container | 6 ++++++ test/e2e/quadlet_test.go | 1 + test/system/252-quadlet.bats | 18 ------------------ 3 files changed, 7 insertions(+), 18 deletions(-) create mode 100644 test/e2e/quadlet/entrypoint.container diff --git a/test/e2e/quadlet/entrypoint.container b/test/e2e/quadlet/entrypoint.container new file mode 100644 index 000000000000..035783500bd8 --- /dev/null +++ b/test/e2e/quadlet/entrypoint.container @@ -0,0 +1,6 @@ +## assert-podman-final-args localhost/imagename +## assert-podman-args "--entrypoint=top" + +[Container] +Image=localhost/imagename +Entrypoint=top diff --git a/test/e2e/quadlet_test.go b/test/e2e/quadlet_test.go index a89107e13d8e..a4e76edccb5e 100644 --- a/test/e2e/quadlet_test.go +++ b/test/e2e/quadlet_test.go @@ -765,6 +765,7 @@ BOGUS=foo Entry("env-host-false.container", "env-host-false.container", 0, ""), Entry("env-host.container", "env-host.container", 0, ""), Entry("env.container", "env.container", 0, ""), + Entry("entrypoint.container", "entrypoint.container", 0, ""), Entry("escapes.container", "escapes.container", 0, ""), Entry("exec.container", "exec.container", 0, ""), Entry("health.container", "health.container", 0, ""), diff --git a/test/system/252-quadlet.bats b/test/system/252-quadlet.bats index e8b6727a785c..912b6be08c13 100644 --- a/test/system/252-quadlet.bats +++ b/test/system/252-quadlet.bats @@ -1467,22 +1467,4 @@ EOF run_podman rmi $(pause_image) } -@test "quadlet - entrypoint" { - local quadlet_file=$PODMAN_TMPDIR/basic_$(random_string).container - cat > $quadlet_file < Date: Tue, 5 Dec 2023 09:54:50 -0700 Subject: [PATCH 132/170] systests: cp: add wait_for_ready Some of the tests were doing "podman run -d" without wait_for_ready. This may be the cause of some of the CI flakes. Maybe even all? It's not clear why the tests have been working reliably for years under overlay, and only started failing under vfs, but shrug. Thanks to Chris for making that astute observation. Fixes: #20282 (I hope) Signed-off-by: Ed Santiago --- test/system/065-cp.bats | 45 +++++++++++++++++++++++++++++++---------- 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/test/system/065-cp.bats b/test/system/065-cp.bats index a2f1336f8400..0a2b15537460 100644 --- a/test/system/065-cp.bats +++ b/test/system/065-cp.bats @@ -22,7 +22,8 @@ load helpers mkdir -p $srcdir/subdir echo "${randomcontent[2]}" > $srcdir/subdir/dotfile. - run_podman run -d --name destrunning --workdir=/srv $IMAGE sh -c "mkdir /srv/subdir; sleep infinity" + run_podman run -d --name destrunning --workdir=/srv $IMAGE sh -c "mkdir /srv/subdir; echo READY; sleep infinity" + wait_for_ready destrunning # Commit the image for testing non-running containers run_podman commit -q destrunning @@ -177,7 +178,9 @@ load helpers echo ${randomcontent[0]} > /tmp/dotfile.; echo ${randomcontent[1]} > /srv/containerfile1; echo ${randomcontent[2]} > /srv/subdir/containerfile2; + echo READY; sleep infinity" + wait_for_ready srcrunning # Commit the image for testing non-running containers run_podman commit -q srcrunning @@ -238,7 +241,9 @@ load helpers echo ${randomcontent[0]} > /tmp/dotfile.; echo ${randomcontent[1]} > /srv/containerfile1; echo ${randomcontent[2]} > /srv/subdir/containerfile2; + echo READY; sleep infinity" + wait_for_ready srcrunning # Commit the image for testing non-running containers run_podman commit -q srcrunning @@ -329,7 +334,8 @@ load helpers mkdir -p $srcdir/dir. cp -r $srcdir/dir/* $srcdir/dir. - run_podman run -d --name destrunning --workdir=/srv $IMAGE sh -c "mkdir /srv/subdir; sleep infinity" + run_podman run -d --name destrunning --workdir=/srv $IMAGE sh -c "mkdir /srv/subdir; echo READY;sleep infinity" + wait_for_ready destrunning # Commit the image for testing non-running containers run_podman commit -q destrunning @@ -391,7 +397,9 @@ load helpers echo ${randomcontent[0]} > /srv/subdir/containerfile0; \ echo ${randomcontent[1]} > /srv/subdir/containerfile1; \ mkdir /tmp/subdir.; cp /srv/subdir/* /tmp/subdir./; \ + echo READY; sleep infinity" + wait_for_ready srcrunning # Commit the image for testing non-running containers run_podman commit -q srcrunning @@ -460,7 +468,9 @@ load helpers echo ${randomcontent[0]} > /srv/subdir/containerfile0; \ echo ${randomcontent[1]} > /srv/subdir/containerfile1; \ mkdir /tmp/subdir.; cp /srv/subdir/* /tmp/subdir./; \ + echo READY; sleep infinity" + wait_for_ready srcrunning # Commit the image for testing non-running containers run_podman commit -q srcrunning @@ -549,7 +559,9 @@ load helpers run_podman run -d --name srcrunning $IMAGE sh -c "echo ${randomcontent[0]} > /tmp/containerfile0; \ echo ${randomcontent[1]} > /tmp/containerfile1; \ mkdir /tmp/sub && cd /tmp/sub && ln -s .. weirdlink; \ + echo READY; sleep infinity" + wait_for_ready srcrunning # Commit the image for testing non-running containers run_podman commit -q srcrunning @@ -749,7 +761,8 @@ load helpers sh -c "mkdir /tmp/d1;ln -s /tmp/nonesuch1 /tmp/d1/x; mkdir /tmp/d2;ln -s /tmp/nonesuch2 /tmp/d2/x; mkdir /tmp/d3; - trap 'exit 0' 15;while :;do sleep 0.5;done" + trap 'exit 0' 15;echo READY;while :;do sleep 0.5;done" + wait_for_ready cpcontainer # Copy file from host into container, into a file named 'x' # Note that the second has a trailing slash, implying a directory. @@ -912,8 +925,10 @@ load helpers rand_content_file=$(random_string 50) rand_content_dir=$(random_string 50) - run_podman run -d --name ctr-file $IMAGE sh -c "echo '$rand_content_file' > /tmp/foo; sleep infinity" - run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; echo '$rand_content_dir' > /tmp/foo/file.txt; sleep infinity" + run_podman run -d --name ctr-file $IMAGE sh -c "echo '$rand_content_file' > /tmp/foo; echo READY; sleep infinity" + run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; echo '$rand_content_dir' > /tmp/foo/file.txt; echo READY; sleep infinity" + wait_for_ready ctr-file + wait_for_ready ctr-dir # overwrite a directory with a file run_podman 125 cp ctr-file:/tmp/foo ctr-dir:/tmp @@ -946,8 +961,10 @@ load helpers rand_content_file=$(random_string 50) rand_content_dir=$(random_string 50) - run_podman run -d --name ctr-file $IMAGE sh -c "echo '$rand_content_file' > /tmp/foo; sleep infinity" - run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; echo '$rand_content_dir' > /tmp/foo/file.txt; sleep infinity" + run_podman run -d --name ctr-file $IMAGE sh -c "echo '$rand_content_file' > /tmp/foo; echo READY; sleep infinity" + run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; echo '$rand_content_dir' > /tmp/foo/file.txt; echo READY; sleep infinity" + wait_for_ready ctr-file + wait_for_ready ctr-dir # overwrite a directory with a file mkdir $hostdir/foo @@ -978,8 +995,10 @@ load helpers rand_content_file=$(random_string 50) rand_content_dir=$(random_string 50) - run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; sleep infinity" - run_podman run -d --name ctr-file $IMAGE sh -c "touch /tmp/foo; sleep infinity" + run_podman run -d --name ctr-dir $IMAGE sh -c "mkdir /tmp/foo; echo READY; sleep infinity" + run_podman run -d --name ctr-file $IMAGE sh -c "touch /tmp/foo; echo READY; sleep infinity" + wait_for_ready ctr-dir + wait_for_ready ctr-file # overwrite a directory with a file echo "$rand_content_file" > $hostdir/foo @@ -1025,7 +1044,9 @@ load helpers dstdir=$PODMAN_TMPDIR/dst mkdir -p $dstdir - run_podman run -d --name=test-ctr --rm $IMAGE sh -c "mkdir -p /foo/test1. /foo/test2; touch /foo/test1./file1 /foo/test2/file2; sleep infinity" + run_podman run -d --name=test-ctr --rm $IMAGE sh -c "mkdir -p /foo/test1. /foo/test2; touch /foo/test1./file1 /foo/test2/file2; echo READY;sleep infinity" + wait_for_ready test-ctr + run_podman cp test-ctr:/foo/test1. $dstdir/foo run /bin/ls -1 $dstdir/foo assert "$output" = "file1" "ls [local]/foo: only file1 was copied, nothing more" @@ -1034,7 +1055,9 @@ load helpers } @test "podman cp - dot notation - container to container" { - run_podman run -d --name=src-ctr --rm $IMAGE sh -c "mkdir -p /foo/test1. /foo/test2; touch /foo/test1./file1 /foo/test2/file2; sleep infinity" + run_podman run -d --name=src-ctr --rm $IMAGE sh -c "mkdir -p /foo/test1. /foo/test2; touch /foo/test1./file1 /foo/test2/file2; echo READY;sleep infinity" + wait_for_ready src-ctr + run_podman run -d --name=dest-ctr --rm $IMAGE sleep infinity run_podman cp src-ctr:/foo/test1. dest-ctr:/foo From 8d8fb726f35743521360dba2fb5008af31d5031b Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 6 Dec 2023 16:02:15 +0100 Subject: [PATCH 133/170] fix broken labeler.yml config Commit ca66a90b87 was merged without fixing the config. Please read changelogs before merging renovate PRs, especially when it is a major version bump. Signed-off-by: Paul Holzinger --- .github/labeler.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index 4d00baca9d6b..34a436514a42 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,4 +1,5 @@ # Add labels based on file paths in PR # https://github.com/actions/labeler kind/api-change: - - pkg/api/**/* + - changed-files: + - any-glob-to-any-file: pkg/api/** From 10db6442de2b79181a8a4ef2c51739863ac8a224 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 6 Dec 2023 15:39:02 +0000 Subject: [PATCH 134/170] [skip-ci] Update actions/setup-go action to v5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/mac-pkg.yml | 2 +- .github/workflows/upload-win-installer.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mac-pkg.yml b/.github/workflows/mac-pkg.yml index c21f2906d9bc..3ddecb0e92e6 100644 --- a/.github/workflows/mac-pkg.yml +++ b/.github/workflows/mac-pkg.yml @@ -97,7 +97,7 @@ jobs: steps.check.outputs.buildamd == 'true' || steps.check.outputs.buildarm == 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: stable - name: Create Keychain diff --git a/.github/workflows/upload-win-installer.yml b/.github/workflows/upload-win-installer.yml index 88125e328b80..80fdd6992b7e 100644 --- a/.github/workflows/upload-win-installer.yml +++ b/.github/workflows/upload-win-installer.yml @@ -85,7 +85,7 @@ jobs: Write-Output "::error::check.ps1 script failed to find manually uploaded podman-remote-release-windows_md64.zip github release asset for version ${{steps.getversion.outputs.version}}." Exit 1 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 # N/B: already-exists may be an empty-string or "false", handle both cases. if: steps.check.outputs.already-exists != 'true' || steps.actual_dryrun.outputs.dryrun == 'true' with: From 98df5b3978d24d8c885597ba50f40baaca9e2526 Mon Sep 17 00:00:00 2001 From: "Jason T. Greene" Date: Wed, 6 Dec 2023 14:46:12 -0600 Subject: [PATCH 135/170] Fix user-mode net init flag on first time install Previously the WSL user-mode networking distribution was only installed as part of a change, when it should have been also applied installs. This mean that the init flag usage only worked after a previous set command. [NO NEW TESTS NEEDED] Signed-off-by: Jason T. Greene --- pkg/machine/wsl/machine.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go index 9f7ad76885df..e97baf51cb17 100644 --- a/pkg/machine/wsl/machine.go +++ b/pkg/machine/wsl/machine.go @@ -671,7 +671,7 @@ func configureSystem(v *MachineVM, dist string) error { return err } - return changeDistUserModeNetworking(dist, user, "", v.UserModeNetworking) + return changeDistUserModeNetworking(dist, user, v.ImagePath, v.UserModeNetworking) } func configureBindMounts(dist string, user string) error { From d78212a009ab6efa1bd2af4468e7ba2447727347 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 6 Dec 2023 16:13:43 -0500 Subject: [PATCH 136/170] Update vendor of containers/storage Signed-off-by: Daniel J Walsh --- go.mod | 4 +- go.sum | 8 +- .../containers/storage/drivers/driver.go | 11 +- .../storage/drivers/overlay/overlay.go | 6 +- .../github.com/containers/storage/layers.go | 108 +++++++++++++----- vendor/github.com/containers/storage/store.go | 19 ++- .../klauspost/compress/huff0/bytereader.go | 44 ------- .../klauspost/compress/huff0/compress.go | 5 +- .../klauspost/compress/huff0/huff0.go | 4 +- .../klauspost/compress/zstd/README.md | 2 +- vendor/modules.txt | 4 +- 11 files changed, 119 insertions(+), 96 deletions(-) delete mode 100644 vendor/github.com/klauspost/compress/huff0/bytereader.go diff --git a/go.mod b/go.mod index e50aebd60923..66e532674303 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/containers/libhvee v0.5.0 github.com/containers/ocicrypt v1.1.9 github.com/containers/psgo v1.8.0 - github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a + github.com/containers/storage v1.51.1-0.20231205203947-fe005407c7d5 github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/coreos/stream-metadata-go v0.4.3 github.com/crc-org/vfkit v0.5.0 @@ -145,7 +145,7 @@ require ( github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect - github.com/klauspost/compress v1.17.3 // indirect + github.com/klauspost/compress v1.17.4 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/klauspost/pgzip v1.2.6 // indirect github.com/kr/fs v0.1.0 // indirect diff --git a/go.sum b/go.sum index 8ec0ea20756e..f0c411e43063 100644 --- a/go.sum +++ b/go.sum @@ -278,8 +278,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= -github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a h1:YuHrRNrIAZ+b1yTzoTdNiAEBNqhBmnakrVxfXcH8SC8= -github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a/go.mod h1:FHXkEBvKRmsTeB1JQIFfXnSyXCp+wVrt172O2ZlSzM4= +github.com/containers/storage v1.51.1-0.20231205203947-fe005407c7d5 h1:eiCkAt+i9BYRjR7KEKPI3iORCSABhY+spM/w8BkI2lo= +github.com/containers/storage v1.51.1-0.20231205203947-fe005407c7d5/go.mod h1:pMhG1O3eMGlQKpuEuv7ves+K3BsK8/UJs8ctV5fEaoI= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -699,8 +699,8 @@ github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdY github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= -github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= -github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= +github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= +github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= diff --git a/vendor/github.com/containers/storage/drivers/driver.go b/vendor/github.com/containers/storage/drivers/driver.go index ab32d652e7da..f71ee69325e7 100644 --- a/vendor/github.com/containers/storage/drivers/driver.go +++ b/vendor/github.com/containers/storage/drivers/driver.go @@ -73,6 +73,13 @@ type ApplyDiffOpts struct { ForceMask *os.FileMode } +// ApplyDiffWithDifferOpts contains optional arguments for ApplyDiffWithDiffer methods. +type ApplyDiffWithDifferOpts struct { + ApplyDiffOpts + + Flags map[string]interface{} +} + // InitFunc initializes the storage driver. type InitFunc func(homedir string, options Options) (Driver, error) @@ -223,9 +230,9 @@ type DriverWithDiffer interface { Driver // ApplyDiffWithDiffer applies the changes using the callback function. // If id is empty, then a staging directory is created. The staging directory is guaranteed to be usable with ApplyDiffFromStagingDirectory. - ApplyDiffWithDiffer(id, parent string, options *ApplyDiffOpts, differ Differ) (output DriverWithDifferOutput, err error) + ApplyDiffWithDiffer(id, parent string, options *ApplyDiffWithDifferOpts, differ Differ) (output DriverWithDifferOutput, err error) // ApplyDiffFromStagingDirectory applies the changes using the specified staging directory. - ApplyDiffFromStagingDirectory(id, parent, stagingDirectory string, diffOutput *DriverWithDifferOutput, options *ApplyDiffOpts) error + ApplyDiffFromStagingDirectory(id, parent, stagingDirectory string, diffOutput *DriverWithDifferOutput, options *ApplyDiffWithDifferOpts) error // CleanupStagingDirectory cleanups the staging directory. It can be used to cleanup the staging directory on errors CleanupStagingDirectory(stagingDirectory string) error // DifferTarget gets the location where files are stored for the layer. diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go index 04ecf871fd05..f1c742d0aca8 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go +++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go @@ -2049,7 +2049,7 @@ func (d *Driver) useComposeFs() bool { } // ApplyDiff applies the changes in the new layer using the specified function -func (d *Driver) ApplyDiffWithDiffer(id, parent string, options *graphdriver.ApplyDiffOpts, differ graphdriver.Differ) (output graphdriver.DriverWithDifferOutput, err error) { +func (d *Driver) ApplyDiffWithDiffer(id, parent string, options *graphdriver.ApplyDiffWithDifferOpts, differ graphdriver.Differ) (output graphdriver.DriverWithDifferOutput, err error) { var idMappings *idtools.IDMappings if options != nil { idMappings = options.Mappings @@ -2100,7 +2100,7 @@ func (d *Driver) ApplyDiffWithDiffer(id, parent string, options *graphdriver.App } // ApplyDiffFromStagingDirectory applies the changes using the specified staging directory. -func (d *Driver) ApplyDiffFromStagingDirectory(id, parent, stagingDirectory string, diffOutput *graphdriver.DriverWithDifferOutput, options *graphdriver.ApplyDiffOpts) error { +func (d *Driver) ApplyDiffFromStagingDirectory(id, parent, stagingDirectory string, diffOutput *graphdriver.DriverWithDifferOutput, options *graphdriver.ApplyDiffWithDifferOpts) error { if filepath.Dir(stagingDirectory) != d.getStagingDir() { return fmt.Errorf("%q is not a staging directory", stagingDirectory) } @@ -2125,8 +2125,6 @@ func (d *Driver) ApplyDiffFromStagingDirectory(id, parent, stagingDirectory stri return err } - diffOutput.UncompressedDigest = diffOutput.TOCDigest - return os.Rename(stagingDirectory, diffPath) } diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go index d105e73f6cd0..130de5444fd3 100644 --- a/vendor/github.com/containers/storage/layers.go +++ b/vendor/github.com/containers/storage/layers.go @@ -126,6 +126,13 @@ type Layer struct { // as a DiffID. UncompressedDigest digest.Digest `json:"diff-digest,omitempty"` + // TOCDigest represents the digest of the Table of Contents (TOC) of the blob. + // This digest is utilized when the UncompressedDigest is not + // validated during the partial image pull process, but the + // TOC itself is validated. + // It serves as an alternative reference under these specific conditions. + TOCDigest digest.Digest `json:"toc-digest,omitempty"` + // UncompressedSize is the length of the blob that was last passed to // ApplyDiff() or create(), after we decompressed it. If // UncompressedDigest is not set, this should be treated as if it were @@ -228,6 +235,10 @@ type roLayerStore interface { // specified uncompressed digest value recorded for them. LayersByUncompressedDigest(d digest.Digest) ([]Layer, error) + // LayersByTOCDigest returns a slice of the layers with the + // specified uncompressed digest value recorded for them. + LayersByTOCDigest(d digest.Digest) ([]Layer, error) + // Layers returns a slice of the known layers. Layers() ([]Layer, error) } @@ -296,13 +307,13 @@ type rwLayerStore interface { // ApplyDiffWithDiffer applies the changes through the differ callback function. // If to is the empty string, then a staging directory is created by the driver. - ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) + ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffWithDifferOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) // CleanupStagingDirectory cleanups the staging directory. It can be used to cleanup the staging directory on errors CleanupStagingDirectory(stagingDirectory string) error // ApplyDiffFromStagingDirectory uses stagingDirectory to create the diff. - ApplyDiffFromStagingDirectory(id, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffOpts) error + ApplyDiffFromStagingDirectory(id, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffWithDifferOpts) error // DifferTarget gets the location where files are stored for the layer. DifferTarget(id string) (string, error) @@ -337,6 +348,7 @@ type layerStore struct { bymount map[string]*Layer bycompressedsum map[digest.Digest][]string byuncompressedsum map[digest.Digest][]string + bytocsum map[digest.Digest][]string layerspathsModified [numLayerLocationIndex]time.Time // FIXME: This field is only set when constructing layerStore, but locking rules of the driver @@ -366,6 +378,7 @@ func copyLayer(l *Layer) *Layer { CompressedSize: l.CompressedSize, UncompressedDigest: l.UncompressedDigest, UncompressedSize: l.UncompressedSize, + TOCDigest: l.TOCDigest, CompressionType: l.CompressionType, ReadOnly: l.ReadOnly, volatileStore: l.volatileStore, @@ -745,6 +758,7 @@ func (r *layerStore) load(lockedForWriting bool) (bool, error) { names := make(map[string]*Layer) compressedsums := make(map[digest.Digest][]string) uncompressedsums := make(map[digest.Digest][]string) + tocsums := make(map[digest.Digest][]string) var errorToResolveBySaving error // == nil; if there are multiple errors, this is one of them. if r.lockfile.IsReadWrite() { selinux.ClearLabels() @@ -765,6 +779,9 @@ func (r *layerStore) load(lockedForWriting bool) (bool, error) { if layer.UncompressedDigest != "" { uncompressedsums[layer.UncompressedDigest] = append(uncompressedsums[layer.UncompressedDigest], layer.ID) } + if layer.TOCDigest != "" { + tocsums[layer.TOCDigest] = append(tocsums[layer.TOCDigest], layer.ID) + } if layer.MountLabel != "" { selinux.ReserveLabel(layer.MountLabel) } @@ -792,6 +809,7 @@ func (r *layerStore) load(lockedForWriting bool) (bool, error) { r.byname = names r.bycompressedsum = compressedsums r.byuncompressedsum = uncompressedsums + r.bytocsum = tocsums // Load and merge information about which layers are mounted, and where. if r.lockfile.IsReadWrite() { @@ -1112,7 +1130,7 @@ func (r *layerStore) Size(name string) (int64, error) { // We use the presence of a non-empty digest as an indicator that the size value was intentionally set, and that // a zero value is not just present because it was never set to anything else (which can happen if the layer was // created by a version of this library that didn't keep track of digest and size information). - if layer.UncompressedDigest != "" { + if layer.TOCDigest != "" || layer.UncompressedDigest != "" { return layer.UncompressedSize, nil } return -1, nil @@ -1201,6 +1219,9 @@ func (r *layerStore) PutAdditionalLayer(id string, parentLayer *Layer, names []s if layer.UncompressedDigest != "" { r.byuncompressedsum[layer.UncompressedDigest] = append(r.byuncompressedsum[layer.UncompressedDigest], layer.ID) } + if layer.TOCDigest != "" { + r.bytocsum[layer.TOCDigest] = append(r.bytocsum[layer.TOCDigest], layer.ID) + } if err := r.saveFor(layer); err != nil { if e := r.Delete(layer.ID); e != nil { logrus.Errorf("While recovering from a failure to save layers, error deleting layer %#v: %v", id, e) @@ -1251,6 +1272,7 @@ func (r *layerStore) create(id string, parentLayer *Layer, names []string, mount templateCompressedDigest digest.Digest templateCompressedSize int64 templateUncompressedDigest digest.Digest + templateTOCDigest digest.Digest templateUncompressedSize int64 templateCompressionType archive.Compression templateUIDs, templateGIDs []uint32 @@ -1263,6 +1285,7 @@ func (r *layerStore) create(id string, parentLayer *Layer, names []string, mount } templateMetadata = templateLayer.Metadata templateIDMappings = idtools.NewIDMappingsFromMaps(templateLayer.UIDMap, templateLayer.GIDMap) + templateTOCDigest = templateLayer.TOCDigest templateCompressedDigest, templateCompressedSize = templateLayer.CompressedDigest, templateLayer.CompressedSize templateUncompressedDigest, templateUncompressedSize = templateLayer.UncompressedDigest, templateLayer.UncompressedSize templateCompressionType = templateLayer.CompressionType @@ -1291,6 +1314,7 @@ func (r *layerStore) create(id string, parentLayer *Layer, names []string, mount CompressedDigest: templateCompressedDigest, CompressedSize: templateCompressedSize, UncompressedDigest: templateUncompressedDigest, + TOCDigest: templateTOCDigest, UncompressedSize: templateUncompressedSize, CompressionType: templateCompressionType, UIDs: templateUIDs, @@ -1413,6 +1437,9 @@ func (r *layerStore) create(id string, parentLayer *Layer, names []string, mount if layer.UncompressedDigest != "" { r.byuncompressedsum[layer.UncompressedDigest] = append(r.byuncompressedsum[layer.UncompressedDigest], layer.ID) } + if layer.TOCDigest != "" { + r.bytocsum[layer.TOCDigest] = append(r.bytocsum[layer.TOCDigest], layer.ID) + } } delete(layer.Flags, incompleteFlag) @@ -2197,6 +2224,25 @@ func (r *layerStore) DiffSize(from, to string) (size int64, err error) { return r.driver.DiffSize(to, r.layerMappings(toLayer), from, r.layerMappings(fromLayer), toLayer.MountLabel) } +func updateDigestMap(m *map[digest.Digest][]string, oldvalue, newvalue digest.Digest, id string) { + var newList []string + if oldvalue != "" { + for _, value := range (*m)[oldvalue] { + if value != id { + newList = append(newList, value) + } + } + if len(newList) > 0 { + (*m)[oldvalue] = newList + } else { + delete(*m, oldvalue) + } + } + if newvalue != "" { + (*m)[newvalue] = append((*m)[newvalue], id) + } +} + // Requires startWriting. func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error) { return r.applyDiffWithOptions(to, nil, diff) @@ -2313,24 +2359,6 @@ func (r *layerStore) applyDiffWithOptions(to string, layerOptions *LayerOptions, uncompressedDigest = uncompressedDigester.Digest() } - updateDigestMap := func(m *map[digest.Digest][]string, oldvalue, newvalue digest.Digest, id string) { - var newList []string - if oldvalue != "" { - for _, value := range (*m)[oldvalue] { - if value != id { - newList = append(newList, value) - } - } - if len(newList) > 0 { - (*m)[oldvalue] = newList - } else { - delete(*m, oldvalue) - } - } - if newvalue != "" { - (*m)[newvalue] = append((*m)[newvalue], id) - } - } updateDigestMap(&r.bycompressedsum, layer.CompressedDigest, compressedDigest, layer.ID) layer.CompressedDigest = compressedDigest layer.CompressedSize = compressedCounter.Count @@ -2372,7 +2400,7 @@ func (r *layerStore) DifferTarget(id string) (string, error) { } // Requires startWriting. -func (r *layerStore) ApplyDiffFromStagingDirectory(id, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffOpts) error { +func (r *layerStore) ApplyDiffFromStagingDirectory(id, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffWithDifferOpts) error { ddriver, ok := r.driver.(drivers.DriverWithDiffer) if !ok { return ErrNotSupported @@ -2382,20 +2410,35 @@ func (r *layerStore) ApplyDiffFromStagingDirectory(id, stagingDirectory string, return ErrLayerUnknown } if options == nil { - options = &drivers.ApplyDiffOpts{ - Mappings: r.layerMappings(layer), - MountLabel: layer.MountLabel, + options = &drivers.ApplyDiffWithDifferOpts{ + ApplyDiffOpts: drivers.ApplyDiffOpts{ + Mappings: r.layerMappings(layer), + MountLabel: layer.MountLabel, + }, + Flags: nil, } } + err := ddriver.ApplyDiffFromStagingDirectory(layer.ID, layer.Parent, stagingDirectory, diffOutput, options) if err != nil { return err } layer.UIDs = diffOutput.UIDs layer.GIDs = diffOutput.GIDs + updateDigestMap(&r.byuncompressedsum, layer.UncompressedDigest, diffOutput.UncompressedDigest, layer.ID) layer.UncompressedDigest = diffOutput.UncompressedDigest + updateDigestMap(&r.bytocsum, diffOutput.TOCDigest, diffOutput.TOCDigest, layer.ID) + layer.TOCDigest = diffOutput.TOCDigest layer.UncompressedSize = diffOutput.Size layer.Metadata = diffOutput.Metadata + if options != nil && options.Flags != nil { + if layer.Flags == nil { + layer.Flags = make(map[string]interface{}) + } + for k, v := range options.Flags { + layer.Flags[k] = v + } + } if len(diffOutput.TarSplit) != 0 { tsdata := bytes.Buffer{} compressor, err := pgzip.NewWriterLevel(&tsdata, pgzip.BestSpeed) @@ -2432,7 +2475,7 @@ func (r *layerStore) ApplyDiffFromStagingDirectory(id, stagingDirectory string, } // Requires startWriting. -func (r *layerStore) ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) { +func (r *layerStore) ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffWithDifferOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) { ddriver, ok := r.driver.(drivers.DriverWithDiffer) if !ok { return nil, ErrNotSupported @@ -2448,9 +2491,11 @@ func (r *layerStore) ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffOp return nil, ErrLayerUnknown } if options == nil { - options = &drivers.ApplyDiffOpts{ - Mappings: r.layerMappings(layer), - MountLabel: layer.MountLabel, + options = &drivers.ApplyDiffWithDifferOpts{ + ApplyDiffOpts: drivers.ApplyDiffOpts{ + Mappings: r.layerMappings(layer), + MountLabel: layer.MountLabel, + }, } } output, err := ddriver.ApplyDiffWithDiffer(layer.ID, layer.Parent, options, differ) @@ -2494,6 +2539,11 @@ func (r *layerStore) LayersByUncompressedDigest(d digest.Digest) ([]Layer, error return r.layersByDigestMap(r.byuncompressedsum, d) } +// Requires startReading or startWriting. +func (r *layerStore) LayersByTOCDigest(d digest.Digest) ([]Layer, error) { + return r.layersByDigestMap(r.bytocsum, d) +} + func closeAll(closes ...func() error) (rErr error) { for _, f := range closes { if err := f(); err != nil { diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go index 62a9c9ea1b72..49a4ff1118b7 100644 --- a/vendor/github.com/containers/storage/store.go +++ b/vendor/github.com/containers/storage/store.go @@ -315,10 +315,10 @@ type Store interface { // ApplyDiffer applies a diff to a layer. // It is the caller responsibility to clean the staging directory if it is not // successfully applied with ApplyDiffFromStagingDirectory. - ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) + ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffWithDifferOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) // ApplyDiffFromStagingDirectory uses stagingDirectory to create the diff. - ApplyDiffFromStagingDirectory(to, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffOpts) error + ApplyDiffFromStagingDirectory(to, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffWithDifferOpts) error // CleanupStagingDirectory cleanups the staging directory. It can be used to cleanup the staging directory on errors CleanupStagingDirectory(stagingDirectory string) error @@ -334,6 +334,10 @@ type Store interface { // specified uncompressed digest value recorded for them. LayersByUncompressedDigest(d digest.Digest) ([]Layer, error) + // LayersByTOCDigest returns a slice of the layers with the + // specified TOC digest value recorded for them. + LayersByTOCDigest(d digest.Digest) ([]Layer, error) + // LayerSize returns a cached approximation of the layer's size, or -1 // if we don't have a value on hand. LayerSize(id string) (int64, error) @@ -2927,7 +2931,7 @@ func (s *store) Diff(from, to string, options *DiffOptions) (io.ReadCloser, erro return nil, ErrLayerUnknown } -func (s *store) ApplyDiffFromStagingDirectory(to, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffOpts) error { +func (s *store) ApplyDiffFromStagingDirectory(to, stagingDirectory string, diffOutput *drivers.DriverWithDifferOutput, options *drivers.ApplyDiffWithDifferOpts) error { _, err := writeToLayerStore(s, func(rlstore rwLayerStore) (struct{}, error) { if !rlstore.Exists(to) { return struct{}{}, ErrLayerUnknown @@ -2944,7 +2948,7 @@ func (s *store) CleanupStagingDirectory(stagingDirectory string) error { return err } -func (s *store) ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) { +func (s *store) ApplyDiffWithDiffer(to string, options *drivers.ApplyDiffWithDifferOpts, differ drivers.Differ) (*drivers.DriverWithDifferOutput, error) { return writeToLayerStore(s, func(rlstore rwLayerStore) (*drivers.DriverWithDifferOutput, error) { if to != "" && !rlstore.Exists(to) { return nil, ErrLayerUnknown @@ -3006,6 +3010,13 @@ func (s *store) LayersByUncompressedDigest(d digest.Digest) ([]Layer, error) { return s.layersByMappedDigest(func(r roLayerStore, d digest.Digest) ([]Layer, error) { return r.LayersByUncompressedDigest(d) }, d) } +func (s *store) LayersByTOCDigest(d digest.Digest) ([]Layer, error) { + if err := d.Validate(); err != nil { + return nil, fmt.Errorf("looking for TOC matching digest %q: %w", d, err) + } + return s.layersByMappedDigest(func(r roLayerStore, d digest.Digest) ([]Layer, error) { return r.LayersByTOCDigest(d) }, d) +} + func (s *store) LayerSize(id string) (int64, error) { if res, done, err := readAllLayerStores(s, func(store roLayerStore) (int64, bool, error) { if store.Exists(id) { diff --git a/vendor/github.com/klauspost/compress/huff0/bytereader.go b/vendor/github.com/klauspost/compress/huff0/bytereader.go deleted file mode 100644 index 4dcab8d23277..000000000000 --- a/vendor/github.com/klauspost/compress/huff0/bytereader.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2018 Klaus Post. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// Based on work Copyright (c) 2013, Yann Collet, released under BSD License. - -package huff0 - -// byteReader provides a byte reader that reads -// little endian values from a byte stream. -// The input stream is manually advanced. -// The reader performs no bounds checks. -type byteReader struct { - b []byte - off int -} - -// init will initialize the reader and set the input. -func (b *byteReader) init(in []byte) { - b.b = in - b.off = 0 -} - -// Int32 returns a little endian int32 starting at current offset. -func (b byteReader) Int32() int32 { - v3 := int32(b.b[b.off+3]) - v2 := int32(b.b[b.off+2]) - v1 := int32(b.b[b.off+1]) - v0 := int32(b.b[b.off]) - return (v3 << 24) | (v2 << 16) | (v1 << 8) | v0 -} - -// Uint32 returns a little endian uint32 starting at current offset. -func (b byteReader) Uint32() uint32 { - v3 := uint32(b.b[b.off+3]) - v2 := uint32(b.b[b.off+2]) - v1 := uint32(b.b[b.off+1]) - v0 := uint32(b.b[b.off]) - return (v3 << 24) | (v2 << 16) | (v1 << 8) | v0 -} - -// remain will return the number of bytes remaining. -func (b byteReader) remain() int { - return len(b.b) - b.off -} diff --git a/vendor/github.com/klauspost/compress/huff0/compress.go b/vendor/github.com/klauspost/compress/huff0/compress.go index 518436cf3d44..84aa3d12f004 100644 --- a/vendor/github.com/klauspost/compress/huff0/compress.go +++ b/vendor/github.com/klauspost/compress/huff0/compress.go @@ -350,6 +350,7 @@ func (s *Scratch) compress4Xp(src []byte) ([]byte, error) { // Does not update s.clearCount. func (s *Scratch) countSimple(in []byte) (max int, reuse bool) { reuse = true + _ = s.count // Assert that s != nil to speed up the following loop. for _, v := range in { s.count[v]++ } @@ -415,7 +416,7 @@ func (s *Scratch) validateTable(c cTable) bool { // minTableLog provides the minimum logSize to safely represent a distribution. func (s *Scratch) minTableLog() uint8 { - minBitsSrc := highBit32(uint32(s.br.remain())) + 1 + minBitsSrc := highBit32(uint32(s.srcLen)) + 1 minBitsSymbols := highBit32(uint32(s.symbolLen-1)) + 2 if minBitsSrc < minBitsSymbols { return uint8(minBitsSrc) @@ -427,7 +428,7 @@ func (s *Scratch) minTableLog() uint8 { func (s *Scratch) optimalTableLog() { tableLog := s.TableLog minBits := s.minTableLog() - maxBitsSrc := uint8(highBit32(uint32(s.br.remain()-1))) - 1 + maxBitsSrc := uint8(highBit32(uint32(s.srcLen-1))) - 1 if maxBitsSrc < tableLog { // Accuracy can be reduced tableLog = maxBitsSrc diff --git a/vendor/github.com/klauspost/compress/huff0/huff0.go b/vendor/github.com/klauspost/compress/huff0/huff0.go index e8ad17ad08ef..77ecd68e0a7b 100644 --- a/vendor/github.com/klauspost/compress/huff0/huff0.go +++ b/vendor/github.com/klauspost/compress/huff0/huff0.go @@ -88,7 +88,7 @@ type Scratch struct { // Decoders will return ErrMaxDecodedSizeExceeded is this limit is exceeded. MaxDecodedSize int - br byteReader + srcLen int // MaxSymbolValue will override the maximum symbol value of the next block. MaxSymbolValue uint8 @@ -170,7 +170,7 @@ func (s *Scratch) prepare(in []byte) (*Scratch, error) { if s.fse == nil { s.fse = &fse.Scratch{} } - s.br.init(in) + s.srcLen = len(in) return s, nil } diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md index bdd49c8b25d2..92e2347bbc0e 100644 --- a/vendor/github.com/klauspost/compress/zstd/README.md +++ b/vendor/github.com/klauspost/compress/zstd/README.md @@ -259,7 +259,7 @@ nyc-taxi-data-10M.csv gzkp 1 3325605752 922273214 13929 227.68 ## Decompressor -Staus: STABLE - there may still be subtle bugs, but a wide variety of content has been tested. +Status: STABLE - there may still be subtle bugs, but a wide variety of content has been tested. This library is being continuously [fuzz-tested](https://github.com/klauspost/compress-fuzz), kindly supplied by [fuzzit.dev](https://fuzzit.dev/). diff --git a/vendor/modules.txt b/vendor/modules.txt index 615eda38800f..56fc7fc36b22 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -344,7 +344,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.51.1-0.20231129190156-7d0a0a320f8a +# github.com/containers/storage v1.51.1-0.20231205203947-fe005407c7d5 ## explicit; go 1.19 github.com/containers/storage github.com/containers/storage/drivers @@ -700,7 +700,7 @@ github.com/josharian/intern # github.com/json-iterator/go v1.1.12 ## explicit; go 1.12 github.com/json-iterator/go -# github.com/klauspost/compress v1.17.3 +# github.com/klauspost/compress v1.17.4 ## explicit; go 1.19 github.com/klauspost/compress github.com/klauspost/compress/flate From 3d740674b3d1be9e612ec0988c8bd9623456ea20 Mon Sep 17 00:00:00 2001 From: "Jason T. Greene" Date: Wed, 6 Dec 2023 21:41:26 -0600 Subject: [PATCH 137/170] Improve error handling in win-lib.ps1 - Modified Check-Exit to take a relative stack postition so that reusing functions like Run-Command report on their callers as opposed to the source position of the wrapper. - Record and print the last command executed as it likely scrolled off with test output. [NO NEW TESTS NEEDED] Signed-off-by: Jason T. Greene --- contrib/cirrus/win-lib.ps1 | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/contrib/cirrus/win-lib.ps1 b/contrib/cirrus/win-lib.ps1 index 63f0cc32f926..ce22a69e7408 100644 --- a/contrib/cirrus/win-lib.ps1 +++ b/contrib/cirrus/win-lib.ps1 @@ -46,12 +46,16 @@ if ($Env:CI -eq "true") { # (builtins)! They set '$?' to "True" (failed) or "False" success so calling # this would mask failures. Rely on $ErrorActionPreference = 'Stop' instead. function Check-Exit { + param ( + [int] $stackPos = 1, + [string] $command = 'command' + ) + $result = $LASTEXITCODE # WARNING: might not be a number! if ( ($result -ne $null) -and ($result -ne 0) ) { # https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.callstackframe - $caller = (Get-PSCallStack)[1] - Write-Host "Exit code = '$result' from $($caller.ScriptName):$($caller.ScriptLineNumber)" - Throw "Non-zero exit code" + $caller = (Get-PSCallStack)[$stackPos] + throw "Exit code = '$result' running $command at $($caller.ScriptName):$($caller.ScriptLineNumber)" } } @@ -68,5 +72,5 @@ function Run-Command { Write-Host $command Invoke-Expression $command - Check-Exit + Check-Exit 2 "'$command'" } From a687c38860149e28c34e6ef4113a6e0f116b6ba1 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Fri, 24 Nov 2023 18:00:24 +0100 Subject: [PATCH 138/170] use rootless netns from c/common Use the new rootlessnetns logic from c/common, drop the podman code here and make use of the new much simpler API. ref: https://github.com/containers/common/pull/1761 [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger --- cmd/podman/system/service_abi.go | 3 +- go.mod | 2 +- go.sum | 4 +- libpod/container_internal_linux.go | 3 +- libpod/healthcheck_linux.go | 4 +- libpod/networking_common.go | 43 +- libpod/networking_linux.go | 457 --------------- libpod/oci_conmon_common.go | 3 +- libpod/oci_conmon_linux.go | 4 +- libpod/runtime.go | 4 +- libpod/runtime_pod_linux.go | 5 +- pkg/domain/infra/abi/system.go | 22 +- pkg/specgen/generate/validate.go | 3 +- utils/testdata/cgroup.empty | 0 utils/testdata/cgroup.other | 1 - utils/testdata/cgroup.root | 1 - utils/utils.go | 119 ---- utils/utils_supported.go | 205 ------- utils/utils_test.go | 26 - utils/utils_windows.go | 26 - .../containers/common/libimage/copier.go | 12 +- .../common/libnetwork/cni/cni_exec.go | 12 + .../common/libnetwork/cni/network.go | 36 +- .../containers/common/libnetwork/cni/run.go | 152 +++-- .../internal/rootlessnetns/netns.go | 8 + .../internal/rootlessnetns/netns_freebsd.go | 28 + .../internal/rootlessnetns/netns_linux.go | 545 ++++++++++++++++++ .../common/libnetwork/netavark/exec.go | 10 + .../common/libnetwork/netavark/network.go | 45 +- .../common/libnetwork/netavark/run.go | 40 +- .../common/libnetwork/network/interface.go | 28 +- .../common/libnetwork/types/define.go | 3 + .../common/libnetwork/types/network.go | 4 + .../common/pkg/cgroups/utils_linux.go | 170 ++++++ .../common/pkg/netns/netns_linux.go | 45 +- .../common/pkg/systemd/systemd_linux.go | 151 +++++ .../common/pkg/systemd/systemd_unsupported.go | 15 + vendor/modules.txt | 4 +- 38 files changed, 1171 insertions(+), 1072 deletions(-) delete mode 100644 utils/testdata/cgroup.empty delete mode 100644 utils/testdata/cgroup.other delete mode 100644 utils/testdata/cgroup.root delete mode 100644 utils/utils_supported.go delete mode 100644 utils/utils_test.go delete mode 100644 utils/utils_windows.go create mode 100644 vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns.go create mode 100644 vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_freebsd.go create mode 100644 vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go create mode 100644 vendor/github.com/containers/common/pkg/systemd/systemd_linux.go create mode 100644 vendor/github.com/containers/common/pkg/systemd/systemd_unsupported.go diff --git a/cmd/podman/system/service_abi.go b/cmd/podman/system/service_abi.go index 50bf809c3d40..815d8062bbc5 100644 --- a/cmd/podman/system/service_abi.go +++ b/cmd/podman/system/service_abi.go @@ -18,7 +18,6 @@ import ( "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/infra" "github.com/containers/podman/v4/pkg/rootless" - "github.com/containers/podman/v4/utils" "github.com/coreos/go-systemd/v22/activation" "github.com/sirupsen/logrus" "github.com/spf13/pflag" @@ -131,7 +130,7 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities logrus.Warnf("Running 'system service' in rootless mode without cgroup v2, containers won't survive a 'system service' restart") } - if err := utils.MaybeMoveToSubCgroup(); err != nil { + if err := cgroups.MaybeMoveToSubCgroup(); err != nil { // it is a best effort operation, so just print the // error for debugging purposes. logrus.Debugf("Could not move to subcgroup: %v", err) diff --git a/go.mod b/go.mod index e50aebd60923..fb5330c29bec 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.4.0 github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c - github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 + github.com/containers/common v0.57.1-0.20231206135104-b647eb3a5eea github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.1 github.com/containers/image/v5 v5.29.1-0.20231201205726-671ab94a09ea diff --git a/go.sum b/go.sum index 8ec0ea20756e..e049facb7fac 100644 --- a/go.sum +++ b/go.sum @@ -256,8 +256,8 @@ github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7w github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c h1:E7nxvH3N3kpyson0waJv1X+eY9hAs+x2zQswsK+//yY= github.com/containers/buildah v1.33.2-0.20231121195905-d1a1c53c8e1c/go.mod h1:oMNfVrZGEfWVOxXTNOYPMdZzDfSo2umURK/TO0d8TRk= -github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 h1:56pMgYcYyhTlmPPhRmG34NBmT5S/IwMMmOq0o4LJAMo= -github.com/containers/common v0.57.1-0.20231130092720-630c929caef9/go.mod h1:1TyelTjZvU4ZVSq6tGl0ImFlMKIbE8QkzpACQCdcs4U= +github.com/containers/common v0.57.1-0.20231206135104-b647eb3a5eea h1:PI6EWt76Df+v4KrZ6Wn1Fvz/zQvbAYO+2gAQeBGzj3s= +github.com/containers/common v0.57.1-0.20231206135104-b647eb3a5eea/go.mod h1:WbO7Tl8eLCt/+b35lsuc1NkWy7cZsdgF84EJ7VKhgOU= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 7f6508d38058..d70b9c78a64a 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -21,7 +21,6 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" - "github.com/containers/podman/v4/utils" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" "github.com/opencontainers/selinux/go-selinux/label" @@ -390,7 +389,7 @@ func (c *Container) getOCICgroupPath() (string, error) { case c.config.NoCgroups: return "", nil case c.config.CgroupsMode == cgroupSplit: - selfCgroup, err := utils.GetOwnCgroupDisallowRoot() + selfCgroup, err := cgroups.GetOwnCgroupDisallowRoot() if err != nil { return "", err } diff --git a/libpod/healthcheck_linux.go b/libpod/healthcheck_linux.go index 53ec0c1deeea..08a35415e406 100644 --- a/libpod/healthcheck_linux.go +++ b/libpod/healthcheck_linux.go @@ -10,10 +10,10 @@ import ( "os/exec" "strings" + systemdCommon "github.com/containers/common/pkg/systemd" "github.com/containers/podman/v4/pkg/errorhandling" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/systemd" - "github.com/containers/podman/v4/utils" "github.com/sirupsen/logrus" ) @@ -138,7 +138,7 @@ func (c *Container) removeTransientFiles(ctx context.Context, isStartup bool) er } func (c *Container) disableHealthCheckSystemd(isStartup bool) bool { - if !utils.RunsOnSystemd() || os.Getenv("DISABLE_HC_SYSTEMD") == "true" { + if !systemdCommon.RunsOnSystemd() || os.Getenv("DISABLE_HC_SYSTEMD") == "true" { return true } if isStartup { diff --git a/libpod/networking_common.go b/libpod/networking_common.go index 4e46671fc40e..d3a3981f6908 100644 --- a/libpod/networking_common.go +++ b/libpod/networking_common.go @@ -65,24 +65,7 @@ func (c *Container) getNetworkOptions(networkOpts map[string]types.PerNetworkOpt // setUpNetwork will set up the networks, on error it will also tear down the cni // networks. If rootless it will join/create the rootless network namespace. func (r *Runtime) setUpNetwork(ns string, opts types.NetworkOptions) (map[string]types.StatusBlock, error) { - rootlessNetNS, err := r.GetRootlessNetNs(true) - if err != nil { - return nil, err - } - var results map[string]types.StatusBlock - setUpPod := func() error { - results, err = r.network.Setup(ns, types.SetupOptions{NetworkOptions: opts}) - return err - } - // rootlessNetNS is nil if we are root - if rootlessNetNS != nil { - // execute the setup in the rootless net ns - err = rootlessNetNS.Do(setUpPod) - rootlessNetNS.Lock.Unlock() - } else { - err = setUpPod() - } - return results, err + return r.network.Setup(ns, types.SetupOptions{NetworkOptions: opts}) } // getNetworkPodName return the pod name (hostname) used by dns backend. @@ -100,29 +83,7 @@ func getNetworkPodName(c *Container) string { // Tear down a container's network configuration and joins the // rootless net ns as rootless user func (r *Runtime) teardownNetworkBackend(ns string, opts types.NetworkOptions) error { - rootlessNetNS, err := r.GetRootlessNetNs(false) - if err != nil { - return err - } - tearDownPod := func() error { - if err := r.network.Teardown(ns, types.TeardownOptions{NetworkOptions: opts}); err != nil { - return fmt.Errorf("tearing down network namespace configuration for container %s: %w", opts.ContainerID, err) - } - return nil - } - - // rootlessNetNS is nil if we are root - if rootlessNetNS != nil { - // execute the network setup in the rootless net ns - err = rootlessNetNS.Do(tearDownPod) - if cerr := rootlessNetNS.Cleanup(r); cerr != nil { - logrus.WithError(cerr).Error("failed to clean up rootless netns") - } - rootlessNetNS.Lock.Unlock() - } else { - err = tearDownPod() - } - return err + return r.network.Teardown(ns, types.TeardownOptions{NetworkOptions: opts}) } // Tear down a container's network backend configuration, but do not tear down the diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 6f8299a65787..2c0172f64db1 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -5,479 +5,22 @@ package libpod import ( "crypto/rand" - "crypto/sha256" - "errors" "fmt" "net" "os" "path/filepath" - "strconv" - "strings" - "syscall" "github.com/containernetworking/plugins/pkg/ns" - "github.com/containers/common/libnetwork/resolvconf" - "github.com/containers/common/libnetwork/slirp4netns" "github.com/containers/common/libnetwork/types" netUtil "github.com/containers/common/libnetwork/util" "github.com/containers/common/pkg/netns" - "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" - "github.com/containers/podman/v4/pkg/util" - "github.com/containers/podman/v4/utils" - "github.com/containers/storage/pkg/lockfile" "github.com/opencontainers/runtime-spec/specs-go" - "github.com/opencontainers/selinux/go-selinux/label" "github.com/sirupsen/logrus" "github.com/vishvananda/netlink" "golang.org/x/sys/unix" ) -const ( - // rootlessNetNsName is the file name for the rootless network namespace bind mount - rootlessNetNsName = "rootless-netns" - - // rootlessNetNsSilrp4netnsPidFile is the name of the rootless netns slirp4netns pid file - rootlessNetNsSilrp4netnsPidFile = "rootless-netns-slirp4netns.pid" - - // persistentCNIDir is the directory where the CNI files are stored - persistentCNIDir = "/var/lib/cni" -) - -type RootlessNetNS struct { - ns ns.NetNS - dir string - Lock *lockfile.LockFile -} - -// getPath will join the given path to the rootless netns dir -func (r *RootlessNetNS) getPath(path string) string { - return filepath.Join(r.dir, path) -} - -// Do - run the given function in the rootless netns. -// It does not lock the rootlessCNI lock, the caller -// should only lock when needed, e.g. for network operations. -func (r *RootlessNetNS) Do(toRun func() error) error { - err := r.ns.Do(func(_ ns.NetNS) error { - // Before we can run the given function, - // we have to set up all mounts correctly. - - // The order of the mounts is IMPORTANT. - // The idea of the extra mount ns is to make /run and /var/lib/cni writeable - // for the cni plugins but not affecting the podman user namespace. - // Because the plugins also need access to XDG_RUNTIME_DIR/netns some special setup is needed. - - // The following bind mounts are needed - // 1. XDG_RUNTIME_DIR -> XDG_RUNTIME_DIR/rootless-netns/XDG_RUNTIME_DIR - // 2. /run/systemd -> XDG_RUNTIME_DIR/rootless-netns/run/systemd (only if it exists) - // 3. XDG_RUNTIME_DIR/rootless-netns/resolv.conf -> /etc/resolv.conf or XDG_RUNTIME_DIR/rootless-netns/run/symlink/target - // 4. XDG_RUNTIME_DIR/rootless-netns/var/lib/cni -> /var/lib/cni (if /var/lib/cni does not exist, use the parent dir) - // 5. XDG_RUNTIME_DIR/rootless-netns/run -> /run - - // Create a new mount namespace, - // this must happen inside the netns thread. - err := unix.Unshare(unix.CLONE_NEWNS) - if err != nil { - return fmt.Errorf("cannot create a new mount namespace: %w", err) - } - - xdgRuntimeDir, err := util.GetRootlessRuntimeDir() - if err != nil { - return fmt.Errorf("could not get runtime directory: %w", err) - } - newXDGRuntimeDir := r.getPath(xdgRuntimeDir) - // 1. Mount the netns into the new run to keep them accessible. - // Otherwise cni setup will fail because it cannot access the netns files. - err = unix.Mount(xdgRuntimeDir, newXDGRuntimeDir, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "") - if err != nil { - return fmt.Errorf("failed to mount runtime directory for rootless netns: %w", err) - } - - // 2. Also keep /run/systemd if it exists. - // Many files are symlinked into this dir, for example /dev/log. - runSystemd := "/run/systemd" - _, err = os.Stat(runSystemd) - if err == nil { - newRunSystemd := r.getPath(runSystemd) - err = unix.Mount(runSystemd, newRunSystemd, "none", unix.MS_BIND|unix.MS_REC, "") - if err != nil { - return fmt.Errorf("failed to mount /run/systemd directory for rootless netns: %w", err) - } - } - - // 3. On some distros /etc/resolv.conf is symlinked to somewhere under /run. - // Because the kernel will follow the symlink before mounting, it is not - // possible to mount a file at /etc/resolv.conf. We have to ensure that - // the link target will be available in the mount ns. - // see: https://github.com/containers/podman/issues/10855 - resolvePath := "/etc/resolv.conf" - linkCount := 0 - for i := 1; i < len(resolvePath); i++ { - // Do not use filepath.EvalSymlinks, we only want the first symlink under /run. - // If /etc/resolv.conf has more than one symlink under /run, e.g. - // -> /run/systemd/resolve/stub-resolv.conf -> /run/systemd/resolve/resolv.conf - // we would put the netns resolv.conf file to the last path. However this will - // break dns because the second link does not exist in the mount ns. - // see https://github.com/containers/podman/issues/11222 - // - // We also need to resolve all path components not just the last file. - // see https://github.com/containers/podman/issues/12461 - - if resolvePath[i] != '/' { - // if we are at the last char we need to inc i by one because there is no final slash - if i == len(resolvePath)-1 { - i++ - } else { - // not the end of path, keep going - continue - } - } - path := resolvePath[:i] - - fi, err := os.Lstat(path) - if err != nil { - return fmt.Errorf("failed to stat resolv.conf path: %w", err) - } - - // no link, just continue - if fi.Mode()&os.ModeSymlink == 0 { - continue - } - - link, err := os.Readlink(path) - if err != nil { - return fmt.Errorf("failed to read resolv.conf symlink: %w", err) - } - linkCount++ - if filepath.IsAbs(link) { - // link is as an absolute path - resolvePath = filepath.Join(link, resolvePath[i:]) - } else { - // link is as a relative, join it with the previous path - base := filepath.Dir(path) - resolvePath = filepath.Join(base, link, resolvePath[i:]) - } - // set i back to zero since we now have a new base path - i = 0 - - // we have to stop at the first path under /run because we will have an empty /run and will create the path anyway - // if we would continue we would need to recreate all links under /run - if strings.HasPrefix(resolvePath, "/run/") { - break - } - // make sure wo do not loop forever - if linkCount == 255 { - return errors.New("too many symlinks while resolving /etc/resolv.conf") - } - } - logrus.Debugf("The path of /etc/resolv.conf in the mount ns is %q", resolvePath) - // When /etc/resolv.conf on the host is a symlink to /run/systemd/resolve/stub-resolv.conf, - // we have to mount an empty filesystem on /run/systemd/resolve in the child namespace, - // so as to isolate the directory from the host mount namespace. - // - // Otherwise our bind-mount for /run/systemd/resolve/stub-resolv.conf is unmounted - // when systemd-resolved unlinks and recreates /run/systemd/resolve/stub-resolv.conf on the host. - // see: https://github.com/containers/podman/issues/10929 - if strings.HasPrefix(resolvePath, "/run/systemd/resolve/") { - rsr := r.getPath("/run/systemd/resolve") - err = unix.Mount("", rsr, define.TypeTmpfs, unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV, "") - if err != nil { - return fmt.Errorf("failed to mount tmpfs on %q for rootless netns: %w", rsr, err) - } - } - if strings.HasPrefix(resolvePath, "/run/") { - resolvePath = r.getPath(resolvePath) - err = os.MkdirAll(filepath.Dir(resolvePath), 0700) - if err != nil { - return fmt.Errorf("failed to create rootless-netns resolv.conf directory: %w", err) - } - // we want to bind mount on this file so we have to create the file first - _, err = os.OpenFile(resolvePath, os.O_CREATE|os.O_RDONLY, 0700) - if err != nil { - return fmt.Errorf("failed to create rootless-netns resolv.conf file: %w", err) - } - } - // mount resolv.conf to make use of the host dns - err = unix.Mount(r.getPath("resolv.conf"), resolvePath, "none", unix.MS_BIND, "") - if err != nil { - return fmt.Errorf("failed to mount resolv.conf for rootless netns: %w", err) - } - - // 4. CNI plugins need access to /var/lib/cni and /run - varDir := "" - varTarget := persistentCNIDir - // we can only mount to a target dir which exists, check /var/lib/cni recursively - // while we could always use /var there are cases where a user might store the cni - // configs under /var/custom and this would break - for { - if _, err := os.Stat(varTarget); err == nil { - varDir = r.getPath(varTarget) - break - } - varTarget = filepath.Dir(varTarget) - if varTarget == "/" { - break - } - } - if varDir == "" { - return errors.New("failed to stat /var directory") - } - // make sure to mount var first - err = unix.Mount(varDir, varTarget, "none", unix.MS_BIND, "") - if err != nil { - return fmt.Errorf("failed to mount %s for rootless netns: %w", varTarget, err) - } - - // 5. Mount the new prepared run dir to /run, it has to be recursive to keep the other bind mounts. - runDir := r.getPath("run") - err = unix.Mount(runDir, "/run", "none", unix.MS_BIND|unix.MS_REC, "") - if err != nil { - return fmt.Errorf("failed to mount /run for rootless netns: %w", err) - } - - // run the given function in the correct namespace - err = toRun() - return err - }) - return err -} - -// Clean up the rootless network namespace if needed. -// It checks if we have running containers with the bridge network mode. -// Cleanup() expects that r.Lock is locked -func (r *RootlessNetNS) Cleanup(runtime *Runtime) error { - _, err := os.Stat(r.dir) - if os.IsNotExist(err) { - // the directory does not exist, so no need for cleanup - return nil - } - activeNetns := func(c *Container) bool { - // no bridge => no need to check - if !c.config.NetMode.IsBridge() { - return false - } - - // we cannot use c.state() because it will try to lock the container - // locking is a problem because cleanup is called after net teardown - // at this stage the container is already locked. - // also do not try to lock only containers which are not currently in net - // teardown because this will result in an ABBA deadlock between the rootless - // rootless netns lock and the container lock - // because we need to get the state we have to sync otherwise this will not - // work because the state is empty by default - // I do not like this but I do not see a better way at moment - err := c.syncContainer() - if err != nil { - return false - } - - // only check for an active netns, we cannot use the container state - // because not running does not mean that the netns does not need cleanup - // only if the netns is empty we know that we do not need cleanup - return c.state.NetNS != "" - } - ctrs, err := runtime.GetContainers(false, activeNetns) - if err != nil { - return err - } - // no cleanup if we found no other containers with a netns - // we will always find one container (the container cleanup that is currently calling us) - if len(ctrs) > 1 { - return nil - } - logrus.Debug("Cleaning up rootless network namespace") - err = netns.UnmountNS(r.ns.Path()) - if err != nil { - return err - } - // make the following errors not fatal - err = r.ns.Close() - if err != nil { - logrus.Error(err) - } - b, err := os.ReadFile(r.getPath(rootlessNetNsSilrp4netnsPidFile)) - if err == nil { - var i int - i, err = strconv.Atoi(string(b)) - if err == nil { - // kill the slirp process so we do not leak it - err = syscall.Kill(i, syscall.SIGTERM) - } - } - if err != nil { - logrus.Errorf("Failed to kill slirp4netns process: %v", err) - } - err = os.RemoveAll(r.dir) - if err != nil { - logrus.Error(err) - } - return nil -} - -// GetRootlessNetNs returns the rootless netns object. If create is set to true -// the rootless network namespace will be created if it does not already exist. -// If called as root it returns always nil. -// On success the returned RootlessCNI lock is locked and must be unlocked by the caller. -func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) { - if !rootless.IsRootless() { - return nil, nil - } - var rootlessNetNS *RootlessNetNS - runDir := r.config.Engine.TmpDir - - lfile := filepath.Join(runDir, "rootless-netns.lock") - lock, err := lockfile.GetLockFile(lfile) - if err != nil { - return nil, fmt.Errorf("failed to get rootless-netns lockfile: %w", err) - } - lock.Lock() - defer func() { - // In case of an error (early exit) rootlessNetNS will be nil. - // Make sure to unlock otherwise we could deadlock. - if rootlessNetNS == nil { - lock.Unlock() - } - }() - - rootlessNetNsDir := filepath.Join(runDir, rootlessNetNsName) - err = os.MkdirAll(rootlessNetNsDir, 0700) - if err != nil { - return nil, fmt.Errorf("could not create rootless-netns directory: %w", err) - } - - nsDir, err := netns.GetNSRunDir() - if err != nil { - return nil, err - } - - // create a hash from the static dir - // the cleanup will check if there are running containers - // if you run a several libpod instances with different root/runroot directories this check will fail - // we want one netns for each libpod static dir so we use the hash to prevent name collisions - hash := sha256.Sum256([]byte(r.config.Engine.StaticDir)) - netnsName := fmt.Sprintf("%s-%x", rootlessNetNsName, hash[:10]) - - path := filepath.Join(nsDir, netnsName) - nsReference, err := ns.GetNS(path) - if err != nil { - if !new { - // return an error if we could not get the namespace and should no create one - return nil, fmt.Errorf("getting rootless network namespace: %w", err) - } - - // When the netns is not valid but the file exists we have to remove it first, - // https://github.com/containers/common/pull/1381 changed the behavior from - // NewNSWithName()so it will now error when the file already exists. - // https://github.com/containers/podman/issues/17903#issuecomment-1494329622 - if errors.As(err, &ns.NSPathNotNSErr{}) { - logrus.Infof("rootless netns is no longer valid: %v", err) - // ignore errors, if something is wrong NewNSWithName() will fail below anyway - _ = os.Remove(path) - } - - // create a new namespace - logrus.Debugf("creating rootless network namespace with name %q", netnsName) - nsReference, err = netns.NewNSWithName(netnsName) - if err != nil { - return nil, fmt.Errorf("creating rootless network namespace: %w", err) - } - res, err := slirp4netns.Setup(&slirp4netns.SetupOptions{ - Config: r.config, - ContainerID: "rootless-netns", - Netns: nsReference.Path(), - }) - if err != nil { - return nil, fmt.Errorf("failed to start rootless-netns slirp4netns: %w", err) - } - // create pid file for the slirp4netns process - // this is need to kill the process in the cleanup - pid := strconv.Itoa(res.Pid) - err = os.WriteFile(filepath.Join(rootlessNetNsDir, rootlessNetNsSilrp4netnsPidFile), []byte(pid), 0700) - if err != nil { - return nil, fmt.Errorf("unable to write rootless-netns slirp4netns pid file: %w", err) - } - - if utils.RunsOnSystemd() { - // move to systemd scope to prevent systemd from killing it - err = utils.MoveRootlessNetnsSlirpProcessToUserSlice(res.Pid) - if err != nil { - // only log this, it is not fatal but can lead to issues when running podman inside systemd units - logrus.Errorf("failed to move the rootless netns slirp4netns process to the systemd user.slice: %v", err) - } - } - - // build a new resolv.conf file which uses the slirp4netns dns server address - resolveIP, err := slirp4netns.GetDNS(res.Subnet) - if err != nil { - return nil, fmt.Errorf("failed to determine default slirp4netns DNS address: %w", err) - } - - if err := resolvconf.New(&resolvconf.Params{ - Path: filepath.Join(rootlessNetNsDir, "resolv.conf"), - // fake the netns since we want to filter localhost - Namespaces: []specs.LinuxNamespace{ - {Type: specs.NetworkNamespace}, - }, - IPv6Enabled: res.IPv6, - KeepHostServers: true, - Nameservers: []string{resolveIP.String()}, - }); err != nil { - return nil, fmt.Errorf("failed to create rootless netns resolv.conf: %w", err) - } - // create cni directories to store files - // they will be bind mounted to the correct location in an extra mount ns - err = os.MkdirAll(filepath.Join(rootlessNetNsDir, persistentCNIDir), 0700) - if err != nil { - return nil, fmt.Errorf("could not create rootless-netns var directory: %w", err) - } - runDir := filepath.Join(rootlessNetNsDir, "run") - err = os.MkdirAll(runDir, 0700) - if err != nil { - return nil, fmt.Errorf("could not create rootless-netns run directory: %w", err) - } - // relabel the new run directory to the iptables /run label - // this is important, otherwise the iptables command will fail - err = label.Relabel(runDir, "system_u:object_r:iptables_var_run_t:s0", false) - if err != nil { - if !errors.Is(err, unix.ENOTSUP) { - return nil, fmt.Errorf("could not create relabel rootless-netns run directory: %w", err) - } - logrus.Debugf("Labeling not supported on %q", runDir) - } - // create systemd run directory - err = os.MkdirAll(filepath.Join(runDir, "systemd"), 0700) - if err != nil { - return nil, fmt.Errorf("could not create rootless-netns systemd directory: %w", err) - } - // create the directory for the netns files at the same location - // relative to the rootless-netns location - err = os.MkdirAll(filepath.Join(rootlessNetNsDir, nsDir), 0700) - if err != nil { - return nil, fmt.Errorf("could not create rootless-netns netns directory: %w", err) - } - } - - // The CNI plugins and netavark need access to iptables in $PATH. As it turns out debian doesn't put - // /usr/sbin in $PATH for rootless users. This will break rootless networking completely. - // We might break existing users and we cannot expect everyone to change their $PATH so - // let's add /usr/sbin to $PATH ourselves. - path = os.Getenv("PATH") - if !strings.Contains(path, "/usr/sbin") { - path += ":/usr/sbin" - os.Setenv("PATH", path) - } - - // Important set rootlessNetNS as last step. - // Do not return any errors after this. - rootlessNetNS = &RootlessNetNS{ - ns: nsReference, - dir: rootlessNetNsDir, - Lock: lock, - } - return rootlessNetNS, nil -} - // Create and configure a new network namespace for a container func (r *Runtime) configureNetNS(ctr *Container, ctrNS string) (status map[string]types.StatusBlock, rerr error) { if err := r.exposeMachinePorts(ctr.config.PortMappings); err != nil { diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index e40c8438334a..c3e68cf060d6 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -23,6 +23,7 @@ import ( "text/template" "time" + "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/detach" "github.com/containers/common/pkg/resize" @@ -1099,7 +1100,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co } if ctr.config.CgroupsMode == cgroupSplit { - if err := utils.MoveUnderCgroupSubtree("runtime"); err != nil { + if err := cgroups.MoveUnderCgroupSubtree("runtime"); err != nil { return 0, err } } diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index d68a303331fe..b029b16a5672 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -16,9 +16,9 @@ import ( "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/config" + "github.com/containers/common/pkg/systemd" "github.com/containers/podman/v4/pkg/errorhandling" "github.com/containers/podman/v4/pkg/rootless" - "github.com/containers/podman/v4/utils" pmount "github.com/containers/storage/pkg/mount" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux/label" @@ -149,7 +149,7 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec } logrus.Infof("Running conmon under slice %s and unitName %s", realCgroupParent, unitName) - if err := utils.RunUnderSystemdScope(cmd.Process.Pid, realCgroupParent, unitName); err != nil { + if err := systemd.RunUnderSystemdScope(cmd.Process.Pid, realCgroupParent, unitName); err != nil { logrus.StandardLogger().Logf(logLevel, "Failed to add conmon to systemd sandbox cgroup: %v", err) } } else { diff --git a/libpod/runtime.go b/libpod/runtime.go index 5130eb6fb523..2911c57ce24e 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -25,6 +25,7 @@ import ( "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/secrets" + systemdCommon "github.com/containers/common/pkg/systemd" "github.com/containers/image/v5/pkg/sysregistriesv2" is "github.com/containers/image/v5/storage" "github.com/containers/image/v5/types" @@ -36,7 +37,6 @@ import ( "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/systemd" "github.com/containers/podman/v4/pkg/util" - "github.com/containers/podman/v4/utils" "github.com/containers/storage" "github.com/containers/storage/pkg/lockfile" "github.com/containers/storage/pkg/unshare" @@ -608,7 +608,7 @@ func makeRuntime(runtime *Runtime) (retErr error) { if became { // Check if the pause process was created. If it was created, then // move it to its own systemd scope. - utils.MovePauseProcessToScope(pausePid) + systemdCommon.MovePauseProcessToScope(pausePid) // gocritic complains because defer is not run on os.Exit() // However this is fine because the lock is released anyway when the process exits diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 3a99af2a5a09..5c9e6ec651ee 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -13,7 +13,6 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/rootless" - "github.com/containers/podman/v4/utils" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" ) @@ -97,7 +96,7 @@ func (p *Pod) removePodCgroup() error { } logrus.Debugf("Removing pod cgroup %s", p.state.CgroupPath) - cgroup, err := utils.GetOwnCgroup() + cgroup, err := cgroups.GetOwnCgroup() if err != nil { return err } @@ -106,7 +105,7 @@ func (p *Pod) removePodCgroup() error { // current process out of it before the cgroup is destroyed. if isSubDir(cgroup, string(filepath.Separator)+p.state.CgroupPath) { parent := path.Dir(p.state.CgroupPath) - if err := utils.MoveUnderCgroup(parent, "cleanup", nil); err != nil { + if err := cgroups.MoveUnderCgroup(parent, "cleanup", nil); err != nil { return err } } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 987df8dfb93e..681131161903 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -11,12 +11,12 @@ import ( "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/config" + "github.com/containers/common/pkg/systemd" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/entities/reports" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" - "github.com/containers/podman/v4/utils" "github.com/containers/storage" "github.com/containers/storage/pkg/directory" "github.com/containers/storage/pkg/unshare" @@ -67,11 +67,11 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { } func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { - runsUnderSystemd := utils.RunsOnSystemd() + runsUnderSystemd := systemd.RunsOnSystemd() if !runsUnderSystemd { isPid1 := os.Getpid() == 1 if _, found := os.LookupEnv("container"); isPid1 || found { - if err := utils.MaybeMoveToSubCgroup(); err != nil { + if err := cgroups.MaybeMoveToSubCgroup(); err != nil { // it is a best effort operation, so just print the // error for debugging purposes. logrus.Debugf("Could not move to subcgroup: %v", err) @@ -101,7 +101,7 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) } unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { - if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { + if err := systemd.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err) } } @@ -142,7 +142,7 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) } else { became, ret, err = rootless.BecomeRootInUserNS(pausePidPath) if err == nil { - utils.MovePauseProcessToScope(pausePidPath) + systemd.MovePauseProcessToScope(pausePidPath) } } if err != nil { @@ -406,17 +406,7 @@ func (ic *ContainerEngine) Unshare(ctx context.Context, args []string, options e } if options.RootlessNetNS { - rootlessNetNS, err := ic.Libpod.GetRootlessNetNs(true) - if err != nil { - return err - } - // Make sure to unlock, unshare can run for a long time. - rootlessNetNS.Lock.Unlock() - // We do not want to clean up the netns after unshare. - // The problem is that we cannot know if we need to clean up and - // secondly unshare should allow user to set up the namespace with - // special things, e.g. potentially macvlan or something like that. - return rootlessNetNS.Do(unshare) + return ic.Libpod.Network().RunInRootlessNetns(unshare) } return unshare() } diff --git a/pkg/specgen/generate/validate.go b/pkg/specgen/generate/validate.go index 858fcbfc8f78..ad64dd210f7a 100644 --- a/pkg/specgen/generate/validate.go +++ b/pkg/specgen/generate/validate.go @@ -14,7 +14,6 @@ import ( "github.com/containers/common/pkg/sysinfo" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/specgen" - "github.com/containers/podman/v4/utils" "github.com/opencontainers/runtime-spec/specs-go" ) @@ -179,7 +178,7 @@ func verifyContainerResourcesCgroupV2(s *specgen.SpecGenerator) ([]string, error // Memory checks if s.ResourceLimits.Memory != nil && s.ResourceLimits.Memory.Swap != nil { - own, err := utils.GetOwnCgroup() + own, err := cgroups.GetOwnCgroup() if err != nil { return warnings, err } diff --git a/utils/testdata/cgroup.empty b/utils/testdata/cgroup.empty deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/utils/testdata/cgroup.other b/utils/testdata/cgroup.other deleted file mode 100644 index 239a7cded689..000000000000 --- a/utils/testdata/cgroup.other +++ /dev/null @@ -1 +0,0 @@ -0::/other diff --git a/utils/testdata/cgroup.root b/utils/testdata/cgroup.root deleted file mode 100644 index 1e027b2a3cba..000000000000 --- a/utils/testdata/cgroup.root +++ /dev/null @@ -1 +0,0 @@ -0::/ diff --git a/utils/utils.go b/utils/utils.go index 08b2fa37a0f0..f06c256e98e7 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -2,20 +2,16 @@ package utils import ( "bytes" - "crypto/rand" "fmt" "io" "os" "os/exec" "strconv" "strings" - "sync" "time" - "github.com/containers/common/pkg/cgroups" "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/chrootarchive" - "github.com/godbus/dbus/v5" "github.com/sirupsen/logrus" "github.com/vbauerster/mpb/v8" "github.com/vbauerster/mpb/v8/decor" @@ -133,121 +129,6 @@ func RemoveScientificNotationFromFloat(x float64) (float64, error) { return result, nil } -var ( - runsOnSystemdOnce sync.Once - runsOnSystemd bool -) - -// RunsOnSystemd returns whether the system is using systemd -func RunsOnSystemd() bool { - runsOnSystemdOnce.Do(func() { - // per sd_booted(3), check for this dir - fd, err := os.Stat("/run/systemd/system") - runsOnSystemd = err == nil && fd.IsDir() - }) - return runsOnSystemd -} - -func moveProcessPIDFileToScope(pidPath, slice, scope string) error { - data, err := os.ReadFile(pidPath) - if err != nil { - // do not raise an error if the file doesn't exist - if os.IsNotExist(err) { - return nil - } - return fmt.Errorf("cannot read pid file: %w", err) - } - pid, err := strconv.ParseUint(string(data), 10, 0) - if err != nil { - return fmt.Errorf("cannot parse pid file %s: %w", pidPath, err) - } - - return moveProcessToScope(int(pid), slice, scope) -} - -func moveProcessToScope(pid int, slice, scope string) error { - err := RunUnderSystemdScope(pid, slice, scope) - // If the PID is not valid anymore, do not return an error. - if dbusErr, ok := err.(dbus.Error); ok { - if dbusErr.Name == "org.freedesktop.DBus.Error.UnixProcessIdUnknown" { - return nil - } - } - return err -} - -// MoveRootlessNetnsSlirpProcessToUserSlice moves the slirp4netns process for the rootless netns -// into a different scope so that systemd does not kill it with a container. -func MoveRootlessNetnsSlirpProcessToUserSlice(pid int) error { - randBytes := make([]byte, 4) - _, err := rand.Read(randBytes) - if err != nil { - return err - } - return moveProcessToScope(pid, "user.slice", fmt.Sprintf("rootless-netns-%x.scope", randBytes)) -} - -// MovePauseProcessToScope moves the pause process used for rootless mode to keep the namespaces alive to -// a separate scope. -func MovePauseProcessToScope(pausePidPath string) { - var err error - - for i := 0; i < 10; i++ { - randBytes := make([]byte, 4) - _, err = rand.Read(randBytes) - if err != nil { - logrus.Errorf("failed to read random bytes: %v", err) - continue - } - err = moveProcessPIDFileToScope(pausePidPath, "user.slice", fmt.Sprintf("podman-pause-%x.scope", randBytes)) - if err == nil { - return - } - } - - if err != nil { - unified, err2 := cgroups.IsCgroup2UnifiedMode() - if err2 != nil { - logrus.Warnf("Failed to detect if running with cgroup unified: %v", err) - } - if RunsOnSystemd() && unified { - logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err) - } else { - logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err) - } - } -} - -var ( - maybeMoveToSubCgroupSync sync.Once - maybeMoveToSubCgroupSyncErr error -) - -// MaybeMoveToSubCgroup moves the current process in a sub cgroup when -// it is running in the root cgroup on a system that uses cgroupv2. -func MaybeMoveToSubCgroup() error { - maybeMoveToSubCgroupSync.Do(func() { - unifiedMode, err := cgroups.IsCgroup2UnifiedMode() - if err != nil { - maybeMoveToSubCgroupSyncErr = err - return - } - if !unifiedMode { - maybeMoveToSubCgroupSyncErr = nil - return - } - cgroup, err := GetOwnCgroup() - if err != nil { - maybeMoveToSubCgroupSyncErr = err - return - } - if cgroup == "/" { - maybeMoveToSubCgroupSyncErr = MoveUnderCgroupSubtree("init") - } - }) - return maybeMoveToSubCgroupSyncErr -} - // GuardedRemoveAll functions much like os.RemoveAll but // will not delete certain catastrophic paths. func GuardedRemoveAll(path string) error { diff --git a/utils/utils_supported.go b/utils/utils_supported.go deleted file mode 100644 index 3bbd5dbbde67..000000000000 --- a/utils/utils_supported.go +++ /dev/null @@ -1,205 +0,0 @@ -//go:build linux || darwin || freebsd -// +build linux darwin freebsd - -package utils - -import ( - "bufio" - "bytes" - "context" - "fmt" - "os" - "path/filepath" - "strings" - - "github.com/containers/common/pkg/cgroups" - "github.com/containers/podman/v4/pkg/rootless" - systemdDbus "github.com/coreos/go-systemd/v22/dbus" - "github.com/godbus/dbus/v5" - "github.com/sirupsen/logrus" -) - -// RunUnderSystemdScope adds the specified pid to a systemd scope -func RunUnderSystemdScope(pid int, slice string, unitName string) error { - var properties []systemdDbus.Property - var conn *systemdDbus.Conn - var err error - - if rootless.IsRootless() { - conn, err = cgroups.UserConnection(rootless.GetRootlessUID()) - if err != nil { - return err - } - } else { - conn, err = systemdDbus.NewWithContext(context.Background()) - if err != nil { - return err - } - } - defer conn.Close() - properties = append(properties, systemdDbus.PropSlice(slice)) - properties = append(properties, newProp("PIDs", []uint32{uint32(pid)})) - properties = append(properties, newProp("Delegate", true)) - properties = append(properties, newProp("DefaultDependencies", false)) - ch := make(chan string) - _, err = conn.StartTransientUnitContext(context.Background(), unitName, "replace", properties, ch) - if err != nil { - // On errors check if the cgroup already exists, if it does move the process there - if props, err := conn.GetUnitTypePropertiesContext(context.Background(), unitName, "Scope"); err == nil { - if cgroup, ok := props["ControlGroup"].(string); ok && cgroup != "" { - if err := MoveUnderCgroup(cgroup, "", []uint32{uint32(pid)}); err == nil { - return nil - } - // On errors return the original error message we got from StartTransientUnit. - } - } - return err - } - - // Block until job is started - <-ch - - return nil -} - -func getCgroupProcess(procFile string, allowRoot bool) (string, error) { - f, err := os.Open(procFile) - if err != nil { - return "", err - } - defer f.Close() - - scanner := bufio.NewScanner(f) - cgroup := "" - for scanner.Scan() { - line := scanner.Text() - parts := strings.SplitN(line, ":", 3) - if len(parts) != 3 { - return "", fmt.Errorf("cannot parse cgroup line %q", line) - } - if strings.HasPrefix(line, "0::") { - cgroup = line[3:] - break - } - if len(parts[2]) > len(cgroup) { - cgroup = parts[2] - } - } - if len(cgroup) == 0 || (!allowRoot && cgroup == "/") { - return "", fmt.Errorf("could not find cgroup mount in %q", procFile) - } - return cgroup, nil -} - -// GetOwnCgroup returns the cgroup for the current process. -func GetOwnCgroup() (string, error) { - return getCgroupProcess("/proc/self/cgroup", true) -} - -func GetOwnCgroupDisallowRoot() (string, error) { - return getCgroupProcess("/proc/self/cgroup", false) -} - -// GetCgroupProcess returns the cgroup for the specified process process. -func GetCgroupProcess(pid int) (string, error) { - return getCgroupProcess(fmt.Sprintf("/proc/%d/cgroup", pid), true) -} - -// MoveUnderCgroupSubtree moves the PID under a cgroup subtree. -func MoveUnderCgroupSubtree(subtree string) error { - return MoveUnderCgroup("", subtree, nil) -} - -// MoveUnderCgroup moves a group of processes to a new cgroup. -// If cgroup is the empty string, then the current calling process cgroup is used. -// If processes is empty, then the processes from the current cgroup are moved. -func MoveUnderCgroup(cgroup, subtree string, processes []uint32) error { - procFile := "/proc/self/cgroup" - f, err := os.Open(procFile) - if err != nil { - return err - } - defer f.Close() - - unifiedMode, err := cgroups.IsCgroup2UnifiedMode() - if err != nil { - return err - } - - scanner := bufio.NewScanner(f) - for scanner.Scan() { - line := scanner.Text() - parts := strings.SplitN(line, ":", 3) - if len(parts) != 3 { - return fmt.Errorf("cannot parse cgroup line %q", line) - } - - // root cgroup, skip it - if parts[2] == "/" && !(unifiedMode && parts[1] == "") { - continue - } - - cgroupRoot := "/sys/fs/cgroup" - // Special case the unified mount on hybrid cgroup and named hierarchies. - // This works on Fedora 31, but we should really parse the mounts to see - // where the cgroup hierarchy is mounted. - if parts[1] == "" && !unifiedMode { - // If it is not using unified mode, the cgroup v2 hierarchy is - // usually mounted under /sys/fs/cgroup/unified - cgroupRoot = filepath.Join(cgroupRoot, "unified") - - // Ignore the unified mount if it doesn't exist - if _, err := os.Stat(cgroupRoot); err != nil && os.IsNotExist(err) { - continue - } - } else if parts[1] != "" { - // Assume the controller is mounted at /sys/fs/cgroup/$CONTROLLER. - controller := strings.TrimPrefix(parts[1], "name=") - cgroupRoot = filepath.Join(cgroupRoot, controller) - } - - parentCgroup := cgroup - if parentCgroup == "" { - parentCgroup = parts[2] - } - newCgroup := filepath.Join(cgroupRoot, parentCgroup, subtree) - if err := os.MkdirAll(newCgroup, 0755); err != nil && !os.IsExist(err) { - return err - } - - f, err := os.OpenFile(filepath.Join(newCgroup, "cgroup.procs"), os.O_RDWR, 0755) - if err != nil { - return err - } - defer f.Close() - - if len(processes) > 0 { - for _, pid := range processes { - if _, err := f.WriteString(fmt.Sprintf("%d\n", pid)); err != nil { - logrus.Debugf("Cannot move process %d to cgroup %q: %v", pid, newCgroup, err) - } - } - } else { - processesData, err := os.ReadFile(filepath.Join(cgroupRoot, parts[2], "cgroup.procs")) - if err != nil { - return err - } - for _, pid := range bytes.Split(processesData, []byte("\n")) { - if len(pid) == 0 { - continue - } - if _, err := f.Write(pid); err != nil { - logrus.Debugf("Cannot move process %s to cgroup %q: %v", string(pid), newCgroup, err) - } - } - } - } - return nil -} - -func newProp(name string, units interface{}) systemdDbus.Property { - return systemdDbus.Property{ - Name: name, - Value: dbus.MakeVariant(units), - } -} diff --git a/utils/utils_test.go b/utils/utils_test.go deleted file mode 100644 index 180038afc6b1..000000000000 --- a/utils/utils_test.go +++ /dev/null @@ -1,26 +0,0 @@ -//go:build linux || darwin || freebsd -// +build linux darwin freebsd - -package utils - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestCgroupProcess(t *testing.T) { - val, err := getCgroupProcess("testdata/cgroup.root", true) - assert.Nil(t, err) - assert.Equal(t, "/", val) - - _, err = getCgroupProcess("testdata/cgroup.root", false) - assert.NotNil(t, err) - - val, err = getCgroupProcess("testdata/cgroup.other", true) - assert.Nil(t, err) - assert.Equal(t, "/other", val) - - _, err = getCgroupProcess("testdata/cgroup.empty", true) - assert.NotNil(t, err) -} diff --git a/utils/utils_windows.go b/utils/utils_windows.go deleted file mode 100644 index 18f232116f36..000000000000 --- a/utils/utils_windows.go +++ /dev/null @@ -1,26 +0,0 @@ -//go:build windows -// +build windows - -package utils - -import "errors" - -func RunUnderSystemdScope(pid int, slice string, unitName string) error { - return errors.New("not implemented for windows") -} - -func MoveUnderCgroupSubtree(subtree string) error { - return errors.New("not implemented for windows") -} - -func GetOwnCgroup() (string, error) { - return "", errors.New("not implemented for windows") -} - -func GetOwnCgroupDisallowRoot() (string, error) { - return "", errors.New("not implemented for windows") -} - -func GetCgroupProcess(pid int) (string, error) { - return "", errors.New("not implemented for windows") -} diff --git a/vendor/github.com/containers/common/libimage/copier.go b/vendor/github.com/containers/common/libimage/copier.go index d6acc732501c..1edf7d6cb9e4 100644 --- a/vendor/github.com/containers/common/libimage/copier.go +++ b/vendor/github.com/containers/common/libimage/copier.go @@ -364,11 +364,13 @@ func (c *copier) copy(ctx context.Context, source, destination types.ImageRefere defer cancel() defer timer.Stop() - fmt.Fprintf(c.imageCopyOptions.ReportWriter, - "Pulling image %s inside systemd: setting pull timeout to %s\n", - source.StringWithinTransport(), - time.Duration(numExtensions)*extension, - ) + if c.imageCopyOptions.ReportWriter != nil { + fmt.Fprintf(c.imageCopyOptions.ReportWriter, + "Pulling image %s inside systemd: setting pull timeout to %s\n", + source.StringWithinTransport(), + time.Duration(numExtensions)*extension, + ) + } // From `man systemd.service(5)`: // diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go index 79d7ef120c9a..4b7ed8c6d966 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go +++ b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go @@ -26,8 +26,10 @@ import ( "context" "encoding/json" "fmt" + "os" "os/exec" "path/filepath" + "strings" "github.com/containernetworking/cni/pkg/invoke" "github.com/containernetworking/cni/pkg/version" @@ -80,6 +82,16 @@ func (e *cniExec) ExecPlugin(ctx context.Context, pluginPath string, stdinData [ c.Env = append(c.Env, "XDG_RUNTIME_DIR=") } + // The CNI plugins need access to iptables in $PATH. As it turns out debian doesn't put + // /usr/sbin in $PATH for rootless users. This will break rootless networking completely. + // We might break existing users and we cannot expect everyone to change their $PATH so + // let's add /usr/sbin to $PATH ourselves. + path := os.Getenv("PATH") + if !strings.Contains(path, "/usr/sbin") { + path += ":/usr/sbin" + c.Env = append(c.Env, "PATH="+path) + } + err := c.Run() if err != nil { return nil, annotatePluginError(err, pluginPath, stdout.Bytes(), stderr.Bytes()) diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go index 49d20b915d0b..7d3369af7dfc 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/network.go +++ b/vendor/github.com/containers/common/libnetwork/cni/network.go @@ -16,6 +16,7 @@ import ( "time" "github.com/containernetworking/cni/libcni" + "github.com/containers/common/libnetwork/internal/rootlessnetns" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/version" @@ -53,6 +54,9 @@ type cniNetwork struct { // networks is a map with loaded networks, the key is the network name networks map[string]*network + + // rootlessNetns is used for the rootless network setup/teardown + rootlessNetns *rootlessnetns.Netns } type network struct { @@ -65,21 +69,14 @@ type network struct { type InitConfig struct { // CNIConfigDir is directory where the cni config files are stored. CNIConfigDir string - // CNIPluginDirs is a list of directories where cni should look for the plugins. - CNIPluginDirs []string // RunDir is a directory where temporary files can be stored. RunDir string - // DefaultNetwork is the name for the default network. - DefaultNetwork string - // DefaultSubnet is the default subnet for the default network. - DefaultSubnet string - - // DefaultsubnetPools contains the subnets which must be used to allocate a free subnet by network create - DefaultsubnetPools []config.SubnetPool - // IsMachine describes whenever podman runs in a podman machine environment. IsMachine bool + + // Config containers.conf options + Config *config.Config } // NewCNINetworkInterface creates the ContainerNetwork interface for the CNI backend. @@ -96,12 +93,12 @@ func NewCNINetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { return nil, err } - defaultNetworkName := conf.DefaultNetwork + defaultNetworkName := conf.Config.Network.DefaultNetwork if defaultNetworkName == "" { defaultNetworkName = types.DefaultNetworkName } - defaultSubnet := conf.DefaultSubnet + defaultSubnet := conf.Config.Network.DefaultSubnet if defaultSubnet == "" { defaultSubnet = types.DefaultSubnet } @@ -110,21 +107,30 @@ func NewCNINetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { return nil, fmt.Errorf("failed to parse default subnet: %w", err) } - defaultSubnetPools := conf.DefaultsubnetPools + defaultSubnetPools := conf.Config.Network.DefaultSubnetPools if defaultSubnetPools == nil { defaultSubnetPools = config.DefaultSubnetPools } - cni := libcni.NewCNIConfig(conf.CNIPluginDirs, &cniExec{}) + var netns *rootlessnetns.Netns + if unshare.IsRootless() { + netns, err = rootlessnetns.New(conf.RunDir, rootlessnetns.CNI, conf.Config) + if err != nil { + return nil, err + } + } + + cni := libcni.NewCNIConfig(conf.Config.Network.CNIPluginDirs.Values, &cniExec{}) n := &cniNetwork{ cniConfigDir: conf.CNIConfigDir, - cniPluginDirs: conf.CNIPluginDirs, + cniPluginDirs: conf.Config.Network.CNIPluginDirs.Get(), cniConf: cni, defaultNetwork: defaultNetworkName, defaultSubnet: defaultNet, defaultsubnetPools: defaultSubnetPools, isMachine: conf.IsMachine, lock: lock, + rootlessNetns: netns, } return n, nil diff --git a/vendor/github.com/containers/common/libnetwork/cni/run.go b/vendor/github.com/containers/common/libnetwork/cni/run.go index 2da8da1ad0d0..829c1270427c 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/run.go +++ b/vendor/github.com/containers/common/libnetwork/cni/run.go @@ -39,61 +39,71 @@ func (n *cniNetwork) Setup(namespacePath string, options types.SetupOptions) (ma return nil, fmt.Errorf("failed to set the loopback adapter up: %w", err) } - var retErr error - teardownOpts := options - teardownOpts.Networks = map[string]types.PerNetworkOptions{} - // make sure to teardown the already connected networks on error - defer func() { - if retErr != nil { - if len(teardownOpts.Networks) > 0 { - err := n.teardown(namespacePath, types.TeardownOptions(teardownOpts)) - if err != nil { - logrus.Warn(err) + results := make(map[string]types.StatusBlock, len(options.Networks)) + + setup := func() error { + var retErr error + teardownOpts := options + teardownOpts.Networks = map[string]types.PerNetworkOptions{} + // make sure to teardown the already connected networks on error + defer func() { + if retErr != nil { + if len(teardownOpts.Networks) > 0 { + err := n.teardown(namespacePath, types.TeardownOptions(teardownOpts)) + if err != nil { + logrus.Warn(err) + } } } + }() + + ports, err := convertSpecgenPortsToCNIPorts(options.PortMappings) + if err != nil { + return err } - }() - ports, err := convertSpecgenPortsToCNIPorts(options.PortMappings) - if err != nil { - return nil, err - } + for name, netOpts := range options.Networks { + netOpts := netOpts + network := n.networks[name] + rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts) - results := make(map[string]types.StatusBlock, len(options.Networks)) - for name, netOpts := range options.Networks { - netOpts := netOpts - network := n.networks[name] - rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts) - - // If we have more than one static ip we need parse the ips via runtime config, - // make sure to add the ips capability to the first plugin otherwise it doesn't get the ips - if len(netOpts.StaticIPs) > 0 && !network.cniNet.Plugins[0].Network.Capabilities["ips"] { - caps := make(map[string]interface{}) - caps["capabilities"] = map[string]bool{"ips": true} - network.cniNet.Plugins[0], retErr = libcni.InjectConf(network.cniNet.Plugins[0], caps) + // If we have more than one static ip we need parse the ips via runtime config, + // make sure to add the ips capability to the first plugin otherwise it doesn't get the ips + if len(netOpts.StaticIPs) > 0 && !network.cniNet.Plugins[0].Network.Capabilities["ips"] { + caps := make(map[string]interface{}) + caps["capabilities"] = map[string]bool{"ips": true} + network.cniNet.Plugins[0], retErr = libcni.InjectConf(network.cniNet.Plugins[0], caps) + if retErr != nil { + return retErr + } + } + + var res cnitypes.Result + res, retErr = n.cniConf.AddNetworkList(context.Background(), network.cniNet, rt) + // Add this network to teardown opts since it is now connected. + // Also add this if an errors was returned since we want to call teardown on this regardless. + teardownOpts.Networks[name] = netOpts if retErr != nil { - return nil, retErr + return retErr } - } - var res cnitypes.Result - res, retErr = n.cniConf.AddNetworkList(context.Background(), network.cniNet, rt) - // Add this network to teardown opts since it is now connected. - // Also add this if an errors was returned since we want to call teardown on this regardless. - teardownOpts.Networks[name] = netOpts - if retErr != nil { - return nil, retErr + logrus.Debugf("cni result for container %s network %s: %v", options.ContainerID, name, res) + var status types.StatusBlock + status, retErr = CNIResultToStatus(res) + if retErr != nil { + return retErr + } + results[name] = status } + return nil + } - logrus.Debugf("cni result for container %s network %s: %v", options.ContainerID, name, res) - var status types.StatusBlock - status, retErr = CNIResultToStatus(res) - if retErr != nil { - return nil, retErr - } - results[name] = status + if n.rootlessNetns != nil { + err = n.rootlessNetns.Setup(len(options.Networks), setup) + } else { + err = setup() } - return results, nil + return results, err } // CNIResultToStatus convert the cni result to status block @@ -225,28 +235,39 @@ func (n *cniNetwork) teardown(namespacePath string, options types.TeardownOption } var multiErr *multierror.Error - for name, netOpts := range options.Networks { - netOpts := netOpts - rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts) - - cniConfList, newRt, err := getCachedNetworkConfig(n.cniConf, name, rt) - if err == nil { - rt = newRt - } else { - logrus.Warnf("Failed to load cached network config: %v, falling back to loading network %s from disk", err, name) - network := n.networks[name] - if network == nil { - multiErr = multierror.Append(multiErr, fmt.Errorf("network %s: %w", name, types.ErrNoSuchNetwork)) - continue + teardown := func() error { + for name, netOpts := range options.Networks { + netOpts := netOpts + rt := getRuntimeConfig(namespacePath, options.ContainerName, options.ContainerID, name, ports, &netOpts) + + cniConfList, newRt, err := getCachedNetworkConfig(n.cniConf, name, rt) + if err == nil { + rt = newRt + } else { + logrus.Warnf("Failed to load cached network config: %v, falling back to loading network %s from disk", err, name) + network := n.networks[name] + if network == nil { + multiErr = multierror.Append(multiErr, fmt.Errorf("network %s: %w", name, types.ErrNoSuchNetwork)) + continue + } + cniConfList = network.cniNet } - cniConfList = network.cniNet - } - err = n.cniConf.DelNetworkList(context.Background(), cniConfList, rt) - if err != nil { - multiErr = multierror.Append(multiErr, err) + err = n.cniConf.DelNetworkList(context.Background(), cniConfList, rt) + if err != nil { + multiErr = multierror.Append(multiErr, err) + } } + return nil + } + + if n.rootlessNetns != nil { + err = n.rootlessNetns.Teardown(len(options.Networks), teardown) + } else { + err = teardown() } + multiErr = multierror.Append(multiErr, err) + return multiErr.ErrorOrNil() } @@ -267,3 +288,10 @@ func getCachedNetworkConfig(cniConf *libcni.CNIConfig, name string, rt *libcni.R } return cniConfList, rt, nil } + +func (n *cniNetwork) RunInRootlessNetns(toRun func() error) error { + if n.rootlessNetns == nil { + return types.ErrNotRootlessNetns + } + return n.rootlessNetns.Run(n.lock, toRun) +} diff --git a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns.go b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns.go new file mode 100644 index 000000000000..edc29f66fe34 --- /dev/null +++ b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns.go @@ -0,0 +1,8 @@ +package rootlessnetns + +type NetworkBackend int + +const ( + Netavark NetworkBackend = iota + CNI +) diff --git a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_freebsd.go b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_freebsd.go new file mode 100644 index 000000000000..a176d2d8227f --- /dev/null +++ b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_freebsd.go @@ -0,0 +1,28 @@ +package rootlessnetns + +import ( + "errors" + + "github.com/containers/common/pkg/config" + "github.com/containers/storage/pkg/lockfile" +) + +var ErrNotSupported = errors.New("rootless netns only supported on linux") + +type Netns struct{} + +func New(dir string, backend NetworkBackend, conf *config.Config) (*Netns, error) { + return nil, ErrNotSupported +} + +func (n *Netns) Setup(nets int, toRun func() error) error { + return ErrNotSupported +} + +func (n *Netns) Teardown(nets int, toRun func() error) error { + return ErrNotSupported +} + +func (n *Netns) Run(lock *lockfile.LockFile, toRun func() error) error { + return ErrNotSupported +} diff --git a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go new file mode 100644 index 000000000000..8fbb1f590046 --- /dev/null +++ b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go @@ -0,0 +1,545 @@ +package rootlessnetns + +import ( + "errors" + "fmt" + "io/fs" + "os" + "path/filepath" + "strconv" + "strings" + "syscall" + + "github.com/containernetworking/plugins/pkg/ns" + "github.com/containers/common/libnetwork/resolvconf" + "github.com/containers/common/libnetwork/slirp4netns" + "github.com/containers/common/pkg/config" + "github.com/containers/common/pkg/netns" + "github.com/containers/common/pkg/systemd" + "github.com/containers/storage/pkg/homedir" + "github.com/containers/storage/pkg/lockfile" + "github.com/hashicorp/go-multierror" + "github.com/opencontainers/runtime-spec/specs-go" + "github.com/opencontainers/selinux/go-selinux/label" + "github.com/sirupsen/logrus" + "golang.org/x/sys/unix" +) + +const ( + // rootlessNetnsDir is the directory name + rootlessNetnsDir = "rootless-netns" + // refCountFile file name for the ref count file + refCountFile = "ref-count" + + // rootlessNetNsSilrp4netnsPidFile is the name of the rootless netns slirp4netns pid file + rootlessNetNsSilrp4netnsPidFile = "rootless-netns-slirp4netns.pid" + + // persistentCNIDir is the directory where the CNI files are stored + persistentCNIDir = "/var/lib/cni" + + tmpfs = "tmpfs" + none = "none" + resolvConfName = "resolv.conf" +) + +type Netns struct { + // dir used for the rootless netns + dir string + // backend used for the network setup/teardown + backend NetworkBackend + + // config contains containers.conf options. + config *config.Config +} + +type rootlessNetnsError struct { + msg string + err error +} + +func (e *rootlessNetnsError) Error() string { + msg := e.msg + ": " + return fmt.Sprintf("rootless netns: %s%v", msg, e.err) +} + +func (e *rootlessNetnsError) Unwrap() error { + return e.err +} + +// wrapError wraps the error with extra context +// It will always include "rootless netns:" so the msg should not mention it again, +// msg can be empty to just include the rootless netns part. +// err must be non nil. +func wrapError(msg string, err error) *rootlessNetnsError { + return &rootlessNetnsError{ + msg: msg, + err: err, + } +} + +func New(dir string, backend NetworkBackend, conf *config.Config) (*Netns, error) { + netnsDir := filepath.Join(dir, rootlessNetnsDir) + if err := os.MkdirAll(netnsDir, 0o700); err != nil { + return nil, wrapError("", err) + } + return &Netns{ + dir: netnsDir, + backend: backend, + config: conf, + }, nil +} + +// getPath is a small wrapper around filepath.Join() to have a bit less code +func (n *Netns) getPath(path string) string { + return filepath.Join(n.dir, path) +} + +// getOrCreateNetns returns the rootless netns, if it created a new one the +// returned bool is set to true. +func (n *Netns) getOrCreateNetns() (ns.NetNS, bool, error) { + nsPath := n.getPath(rootlessNetnsDir) + nsRef, err := ns.GetNS(nsPath) + if err == nil { + // TODO check if slirp4netns is alive + return nsRef, false, nil + } + logrus.Debugf("Creating rootless network namespace at %q", nsPath) + // We have to create the netns dir again here because it is possible + // that cleanup() removed it. + if err := os.MkdirAll(n.dir, 0o700); err != nil { + return nil, false, wrapError("", err) + } + netns, err := netns.NewNSAtPath(nsPath) + if err != nil { + return nil, false, wrapError("create netns", err) + } + err = n.setupSlirp4netns(nsPath) + return netns, true, err +} + +func (n *Netns) cleanup() error { + if _, err := os.Stat(n.dir); err != nil { + if errors.Is(err, fs.ErrNotExist) { + // dir does not exists no need for cleanup + return nil + } + return err + } + + logrus.Debug("Cleaning up rootless network namespace") + + nsPath := n.getPath(rootlessNetnsDir) + var multiErr *multierror.Error + if err := netns.UnmountNS(nsPath); err != nil { + multiErr = multierror.Append(multiErr, err) + } + if err := n.cleanupSlirp4netns(); err != nil { + multiErr = multierror.Append(multiErr, wrapError("kill slirp4netns", err)) + } + if err := os.RemoveAll(n.dir); err != nil { + multiErr = multierror.Append(multiErr, wrapError("remove rootless netns dir", err)) + } + + return multiErr.ErrorOrNil() +} + +func (n *Netns) setupSlirp4netns(nsPath string) error { + res, err := slirp4netns.Setup(&slirp4netns.SetupOptions{ + Config: n.config, + ContainerID: "rootless-netns", + Netns: nsPath, + }) + if err != nil { + return wrapError("start slirp4netns", err) + } + // create pid file for the slirp4netns process + // this is need to kill the process in the cleanup + pid := strconv.Itoa(res.Pid) + err = os.WriteFile(n.getPath(rootlessNetNsSilrp4netnsPidFile), []byte(pid), 0o600) + if err != nil { + return wrapError("write slirp4netns pid file", err) + } + + if systemd.RunsOnSystemd() { + // move to systemd scope to prevent systemd from killing it + err = systemd.MoveRootlessNetnsSlirpProcessToUserSlice(res.Pid) + if err != nil { + // only log this, it is not fatal but can lead to issues when running podman inside systemd units + logrus.Errorf("failed to move the rootless netns slirp4netns process to the systemd user.slice: %v", err) + } + } + + // build a new resolv.conf file which uses the slirp4netns dns server address + resolveIP, err := slirp4netns.GetDNS(res.Subnet) + if err != nil { + return wrapError("determine default slirp4netns DNS address", err) + } + + if err := resolvconf.New(&resolvconf.Params{ + Path: n.getPath(resolvConfName), + // fake the netns since we want to filter localhost + Namespaces: []specs.LinuxNamespace{ + {Type: specs.NetworkNamespace}, + }, + IPv6Enabled: res.IPv6, + KeepHostServers: true, + Nameservers: []string{resolveIP.String()}, + }); err != nil { + return wrapError("create resolv.conf", err) + } + return nil +} + +func (n *Netns) cleanupSlirp4netns() error { + pidFile := n.getPath(rootlessNetNsSilrp4netnsPidFile) + b, err := os.ReadFile(pidFile) + if err == nil { + var i int + i, err = strconv.Atoi(string(b)) + if err == nil { + // kill the slirp process so we do not leak it + err = syscall.Kill(i, syscall.SIGTERM) + } + } + return err +} + +// mountAndMkdirDest convenience wrapper for mount and mkdir +func mountAndMkdirDest(source string, target string, fstype string, flags uintptr) error { + if err := os.MkdirAll(target, 0o700); err != nil { + return wrapError("create mount point", err) + } + if err := unix.Mount(source, target, fstype, flags, ""); err != nil { + return wrapError(fmt.Sprintf("mount %q to %q", source, target), err) + } + return nil +} + +func (n *Netns) setupMounts() error { + // Before we can run the given function, + // we have to set up all mounts correctly. + + // The order of the mounts is IMPORTANT. + // The idea of the extra mount ns is to make /run and /var/lib/cni writeable + // for the cni plugins but not affecting the podman user namespace. + // Because the plugins also need access to XDG_RUNTIME_DIR/netns some special setup is needed. + + // The following bind mounts are needed + // 1. XDG_RUNTIME_DIR -> XDG_RUNTIME_DIR/rootless-netns/XDG_RUNTIME_DIR + // 2. /run/systemd -> XDG_RUNTIME_DIR/rootless-netns/run/systemd (only if it exists) + // 3. XDG_RUNTIME_DIR/rootless-netns/resolv.conf -> /etc/resolv.conf or XDG_RUNTIME_DIR/rootless-netns/run/symlink/target + // 4. XDG_RUNTIME_DIR/rootless-netns/var/lib/cni -> /var/lib/cni (if /var/lib/cni does not exist, use the parent dir) + // 5. XDG_RUNTIME_DIR/rootless-netns/run -> /run + + // Create a new mount namespace, + // this must happen inside the netns thread. + err := unix.Unshare(unix.CLONE_NEWNS) + if err != nil { + return wrapError("create new mount namespace", err) + } + + xdgRuntimeDir, err := homedir.GetRuntimeDir() + if err != nil { + return fmt.Errorf("could not get runtime directory: %w", err) + } + newXDGRuntimeDir := n.getPath(xdgRuntimeDir) + // 1. Mount the netns into the new run to keep them accessible. + // Otherwise cni setup will fail because it cannot access the netns files. + err = mountAndMkdirDest(xdgRuntimeDir, newXDGRuntimeDir, none, unix.MS_BIND|unix.MS_SHARED|unix.MS_REC) + if err != nil { + return err + } + + // 2. Also keep /run/systemd if it exists. + // Many files are symlinked into this dir, for example /dev/log. + runSystemd := "/run/systemd" + _, err = os.Stat(runSystemd) + if err == nil { + newRunSystemd := n.getPath(runSystemd) + err = mountAndMkdirDest(runSystemd, newRunSystemd, none, unix.MS_BIND|unix.MS_REC) + if err != nil { + return err + } + } + + // 3. On some distros /etc/resolv.conf is symlinked to somewhere under /run. + // Because the kernel will follow the symlink before mounting, it is not + // possible to mount a file at /etc/resolv.conf. We have to ensure that + // the link target will be available in the mount ns. + // see: https://github.com/containers/podman/issues/10855 + resolvePath := resolvconf.DefaultResolvConf + linkCount := 0 + for i := 1; i < len(resolvePath); i++ { + // Do not use filepath.EvalSymlinks, we only want the first symlink under /run. + // If /etc/resolv.conf has more than one symlink under /run, e.g. + // -> /run/systemd/resolve/stub-resolv.conf -> /run/systemd/resolve/resolv.conf + // we would put the netns resolv.conf file to the last path. However this will + // break dns because the second link does not exist in the mount ns. + // see https://github.com/containers/podman/issues/11222 + // + // We also need to resolve all path components not just the last file. + // see https://github.com/containers/podman/issues/12461 + + if resolvePath[i] != '/' { + // if we are at the last char we need to inc i by one because there is no final slash + if i == len(resolvePath)-1 { + i++ + } else { + // not the end of path, keep going + continue + } + } + path := resolvePath[:i] + + fi, err := os.Lstat(path) + if err != nil { + return fmt.Errorf("failed to stat resolv.conf path: %w", err) + } + + // no link, just continue + if fi.Mode()&os.ModeSymlink == 0 { + continue + } + + link, err := os.Readlink(path) + if err != nil { + return fmt.Errorf("failed to read resolv.conf symlink: %w", err) + } + linkCount++ + if filepath.IsAbs(link) { + // link is as an absolute path + resolvePath = filepath.Join(link, resolvePath[i:]) + } else { + // link is as a relative, join it with the previous path + base := filepath.Dir(path) + resolvePath = filepath.Join(base, link, resolvePath[i:]) + } + // set i back to zero since we now have a new base path + i = 0 + + // we have to stop at the first path under /run because we will have an empty /run and will create the path anyway + // if we would continue we would need to recreate all links under /run + if strings.HasPrefix(resolvePath, "/run/") { + break + } + // make sure wo do not loop forever + if linkCount == 255 { + return errors.New("too many symlinks while resolving /etc/resolv.conf") + } + } + logrus.Debugf("The path of /etc/resolv.conf in the mount ns is %q", resolvePath) + // When /etc/resolv.conf on the host is a symlink to /run/systemd/resolve/stub-resolv.conf, + // we have to mount an empty filesystem on /run/systemd/resolve in the child namespace, + // so as to isolate the directory from the host mount namespace. + // + // Otherwise our bind-mount for /run/systemd/resolve/stub-resolv.conf is unmounted + // when systemd-resolved unlinks and recreates /run/systemd/resolve/stub-resolv.conf on the host. + // see: https://github.com/containers/podman/issues/10929 + if strings.HasPrefix(resolvePath, "/run/systemd/resolve/") { + rsr := n.getPath("/run/systemd/resolve") + err = mountAndMkdirDest("", rsr, tmpfs, unix.MS_NOEXEC|unix.MS_NOSUID|unix.MS_NODEV) + if err != nil { + return err + } + } + if strings.HasPrefix(resolvePath, "/run/") { + resolvePath = n.getPath(resolvePath) + err = os.MkdirAll(filepath.Dir(resolvePath), 0o700) + if err != nil { + return wrapError("create resolv.conf directory", err) + } + // we want to bind mount on this file so we have to create the file first + _, err = os.OpenFile(resolvePath, os.O_CREATE|os.O_RDONLY, 0o600) + if err != nil { + return wrapError("create resolv.conf file: %w", err) + } + } + // mount resolv.conf to make use of the host dns + err = unix.Mount(n.getPath(resolvConfName), resolvePath, none, unix.MS_BIND, "") + if err != nil { + return wrapError(fmt.Sprintf("mount resolv.conf to %q", resolvePath), err) + } + + // 4. CNI plugins need access to /var/lib/cni + if n.backend == CNI { + if err := n.mountCNIVarDir(); err != nil { + return err + } + } + + // 5. Mount the new prepared run dir to /run, it has to be recursive to keep the other bind mounts. + runDir := n.getPath("run") + // relabel the new run directory to the iptables /run label + // this is important, otherwise the iptables command will fail + err = label.Relabel(runDir, "system_u:object_r:iptables_var_run_t:s0", false) + if err != nil { + if !errors.Is(err, unix.ENOTSUP) { + return wrapError("relabel iptables_var_run_t", err) + } + logrus.Debugf("Labeling not supported on %q", runDir) + } + err = mountAndMkdirDest(runDir, "/run", none, unix.MS_BIND|unix.MS_REC) + if err != nil { + return err + } + return nil +} + +func (n *Netns) mountCNIVarDir() error { + varDir := "" + varTarget := persistentCNIDir + // we can only mount to a target dir which exists, check /var/lib/cni recursively + // while we could always use /var there are cases where a user might store the cni + // configs under /var/custom and this would break + for { + if _, err := os.Stat(varTarget); err == nil { + varDir = n.getPath(varTarget) + break + } + varTarget = filepath.Dir(varTarget) + if varTarget == "/" { + break + } + } + if varDir == "" { + return errors.New("failed to stat /var directory") + } + if err := os.MkdirAll(varDir, 0o700); err != nil { + return wrapError("create var dir", err) + } + // make sure to mount var first + err := unix.Mount(varDir, varTarget, none, unix.MS_BIND, "") + if err != nil { + return wrapError(fmt.Sprintf("mount %q to %q", varDir, varTarget), err) + } + return nil +} + +func (n *Netns) runInner(toRun func() error) (err error) { + nsRef, newNs, err := n.getOrCreateNetns() + if err != nil { + return err + } + defer nsRef.Close() + // If a new netns was created make sure to clean it up again on an error to not leak it. + if newNs { + defer func() { + if err != nil { + if err := n.cleanup(); err != nil { + logrus.Errorf("Rootless netns cleanup error after failed setup: %v", err) + } + } + }() + } + + return nsRef.Do(func(_ ns.NetNS) error { + if err := n.setupMounts(); err != nil { + return err + } + return toRun() + }) +} + +func (n *Netns) Setup(nets int, toRun func() error) error { + err := n.runInner(toRun) + if err != nil { + return err + } + _, err = refCount(n.dir, nets) + return err +} + +func (n *Netns) Teardown(nets int, toRun func() error) error { + var multiErr *multierror.Error + count, countErr := refCount(n.dir, -nets) + if countErr != nil { + multiErr = multierror.Append(multiErr, countErr) + } + err := n.runInner(toRun) + if err != nil { + multiErr = multierror.Append(multiErr, err) + } + + // only cleanup if the ref count did not throw an error + if count == 0 && countErr == nil { + err = n.cleanup() + if err != nil { + multiErr = multierror.Append(multiErr, wrapError("cleanup", err)) + } + } + + return multiErr.ErrorOrNil() +} + +// Run any long running function in the userns. +// We need to ensure that during setup/cleanup we are locked to avoid races. +// However because the given function could be running a long time we must +// unlock in between, i.e. this is used by podman unshare --rootless-nets +// and we do not want to keep it locked for the lifetime of the given command. +func (n *Netns) Run(lock *lockfile.LockFile, toRun func() error) error { + lock.Lock() + defer lock.Unlock() + _, err := refCount(n.dir, 1) + if err != nil { + return err + } + inner := func() error { + lock.Unlock() + err = toRun() + lock.Lock() + return err + } + + inErr := n.runInner(inner) + // make sure to always reset the ref counter afterwards + count, err := refCount(n.dir, -1) + if err != nil { + if inErr == nil { + return err + } + logrus.Errorf("Failed to decrement ref count: %v", err) + return inErr + } + if count == 0 { + err = n.cleanup() + if err != nil { + err = wrapError("cleanup", err) + if inErr == nil { + return err + } + logrus.Errorf("Failed to cleanup rootless netns: %v", err) + return inErr + } + } + + return inErr +} + +func refCount(dir string, inc int) (int, error) { + file := filepath.Join(dir, refCountFile) + content, err := os.ReadFile(file) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return -1, wrapError("read ref counter", err) + } + + currentCount := 0 + if len(content) > 0 { + currentCount, err = strconv.Atoi(string(content)) + if err != nil { + return -1, wrapError("parse ref counter", err) + } + } + + currentCount += inc + if currentCount < 0 { + logrus.Errorf("rootless netns ref counter out of sync, counter is at %d, resetting it back to 0", currentCount) + currentCount = 0 + } + + newNum := strconv.Itoa(currentCount) + if err = os.WriteFile(file, []byte(newNum), 0o600); err != nil { + return -1, wrapError("write ref counter", err) + } + + return currentCount, nil +} diff --git a/vendor/github.com/containers/common/libnetwork/netavark/exec.go b/vendor/github.com/containers/common/libnetwork/netavark/exec.go index f2c82359adbb..e3f904766762 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/exec.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/exec.go @@ -10,6 +10,7 @@ import ( "os" "os/exec" "strconv" + "strings" "github.com/sirupsen/logrus" ) @@ -79,6 +80,15 @@ func getRustLogEnv() string { func (n *netavarkNetwork) execNetavark(args []string, needPlugin bool, stdin, result interface{}) error { // set the netavark log level to the same as the podman env := append(os.Environ(), getRustLogEnv()) + // Netavark need access to iptables in $PATH. As it turns out debian doesn't put + // /usr/sbin in $PATH for rootless users. This will break rootless networking completely. + // We might break existing users and we cannot expect everyone to change their $PATH so + // let's add /usr/sbin to $PATH ourselves. + path := os.Getenv("PATH") + if !strings.Contains(path, "/usr/sbin") { + path += ":/usr/sbin" + env = append(env, "PATH="+path) + } // if we run with debug log level lets also set RUST_BACKTRACE=1 so we can get the full stack trace in case of panics if logrus.IsLevelEnabled(logrus.DebugLevel) { env = append(env, "RUST_BACKTRACE=1") diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index 5921167491e2..aad3cc7bd434 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -12,6 +12,7 @@ import ( "strings" "time" + "github.com/containers/common/libnetwork/internal/rootlessnetns" "github.com/containers/common/libnetwork/internal/util" "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" @@ -68,6 +69,9 @@ type netavarkNetwork struct { // networks is a map with loaded networks, the key is the network name networks map[string]*types.Network + + // rootlessNetns is used for the rootless network setup/teardown + rootlessNetns *rootlessnetns.Netns } type InitConfig struct { @@ -82,26 +86,12 @@ type InitConfig struct { // NetworkRunDir is where temporary files are stored, i.e.the ipam db, aardvark config NetworkRunDir string - // FirewallDriver sets the firewall driver to use - FirewallDriver string - - // DefaultNetwork is the name for the default network. - DefaultNetwork string - // DefaultSubnet is the default subnet for the default network. - DefaultSubnet string - - // DefaultsubnetPools contains the subnets which must be used to allocate a free subnet by network create - DefaultsubnetPools []config.SubnetPool - - // DNSBindPort is set the port to pass to netavark for aardvark - DNSBindPort uint16 - - // PluginDirs list of directories were netavark plugins are located - PluginDirs []string - // Syslog describes whenever the netavark debug output should be log to the syslog as well. // This will use logrus to do so, make sure logrus is set up to log to the syslog. Syslog bool + + // Config containers.conf options + Config *config.Config } // NewNetworkInterface creates the ContainerNetwork interface for the netavark backend. @@ -118,12 +108,12 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { return nil, err } - defaultNetworkName := conf.DefaultNetwork + defaultNetworkName := conf.Config.Network.DefaultNetwork if defaultNetworkName == "" { defaultNetworkName = types.DefaultNetworkName } - defaultSubnet := conf.DefaultSubnet + defaultSubnet := conf.Config.Network.DefaultSubnet if defaultSubnet == "" { defaultSubnet = types.DefaultSubnet } @@ -140,11 +130,19 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { return nil, err } - defaultSubnetPools := conf.DefaultsubnetPools + defaultSubnetPools := conf.Config.Network.DefaultSubnetPools if defaultSubnetPools == nil { defaultSubnetPools = config.DefaultSubnetPools } + var netns *rootlessnetns.Netns + if unshare.IsRootless() { + netns, err = rootlessnetns.New(conf.NetworkRunDir, rootlessnetns.Netavark, conf.Config) + if err != nil { + return nil, err + } + } + n := &netavarkNetwork{ networkConfigDir: conf.NetworkConfigDir, networkRunDir: conf.NetworkRunDir, @@ -152,14 +150,15 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { aardvarkBinary: conf.AardvarkBinary, networkRootless: unshare.IsRootless(), ipamDBPath: filepath.Join(conf.NetworkRunDir, "ipam.db"), - firewallDriver: conf.FirewallDriver, + firewallDriver: conf.Config.Network.FirewallDriver, defaultNetwork: defaultNetworkName, defaultSubnet: defaultNet, defaultsubnetPools: defaultSubnetPools, - dnsBindPort: conf.DNSBindPort, - pluginDirs: conf.PluginDirs, + dnsBindPort: conf.Config.Network.DNSBindPort, + pluginDirs: conf.Config.Network.NetavarkPluginDirs.Get(), lock: lock, syslog: conf.Syslog, + rootlessNetns: netns, } return n, nil diff --git a/vendor/github.com/containers/common/libnetwork/netavark/run.go b/vendor/github.com/containers/common/libnetwork/netavark/run.go index 3df5ced0528f..42c76690cb9d 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/run.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/run.go @@ -72,12 +72,24 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions } result := map[string]types.StatusBlock{} - err = n.execNetavark([]string{"setup", namespacePath}, needPlugin, netavarkOpts, &result) - if err != nil { - // lets dealloc ips to prevent leaking - if err := n.deallocIPs(&options.NetworkOptions); err != nil { - logrus.Error(err) + setup := func() error { + err := n.execNetavark([]string{"setup", namespacePath}, needPlugin, netavarkOpts, &result) + if err != nil { + // lets dealloc ips to prevent leaking + if err := n.deallocIPs(&options.NetworkOptions); err != nil { + logrus.Error(err) + } + return err } + return nil + } + + if n.rootlessNetns != nil { + err = n.rootlessNetns.Setup(len(options.Networks), setup) + } else { + err = setup() + } + if err != nil { return nil, err } @@ -112,7 +124,16 @@ func (n *netavarkNetwork) Teardown(namespacePath string, options types.TeardownO return fmt.Errorf("failed to convert net opts: %w", err) } - retErr := n.execNetavark([]string{"teardown", namespacePath}, needPlugin, netavarkOpts, nil) + var retErr error + teardown := func() error { + return n.execNetavark([]string{"teardown", namespacePath}, needPlugin, netavarkOpts, nil) + } + + if n.rootlessNetns != nil { + retErr = n.rootlessNetns.Teardown(len(options.Networks), teardown) + } else { + retErr = teardown() + } // when netavark returned an error we still free the used ips // otherwise we could end up in a state where block the ips forever @@ -160,3 +181,10 @@ func (n *netavarkNetwork) convertNetOpts(opts types.NetworkOptions) (*netavarkOp } return &netavarkOptions, needsPlugin, nil } + +func (n *netavarkNetwork) RunInRootlessNetns(toRun func() error) error { + if n.rootlessNetns == nil { + return types.ErrNotRootlessNetns + } + return n.rootlessNetns.Run(n.lock, toRun) +} diff --git a/vendor/github.com/containers/common/libnetwork/network/interface.go b/vendor/github.com/containers/common/libnetwork/network/interface.go index b3a5f2aec352..4a8290ba74be 100644 --- a/vendor/github.com/containers/common/libnetwork/network/interface.go +++ b/vendor/github.com/containers/common/libnetwork/network/interface.go @@ -77,17 +77,12 @@ func NetworkBackend(store storage.Store, conf *config.Config, syslog bool) (type } netInt, err := netavark.NewNetworkInterface(&netavark.InitConfig{ - NetworkConfigDir: confDir, - NetworkRunDir: runDir, - NetavarkBinary: netavarkBin, - AardvarkBinary: aardvarkBin, - PluginDirs: conf.Network.NetavarkPluginDirs.Get(), - FirewallDriver: conf.Network.FirewallDriver, - DefaultNetwork: conf.Network.DefaultNetwork, - DefaultSubnet: conf.Network.DefaultSubnet, - DefaultsubnetPools: conf.Network.DefaultSubnetPools, - DNSBindPort: conf.Network.DNSBindPort, - Syslog: syslog, + Config: conf, + NetworkConfigDir: confDir, + NetworkRunDir: runDir, + NetavarkBinary: netavarkBin, + AardvarkBinary: aardvarkBin, + Syslog: syslog, }) return types.Netavark, netInt, err case types.CNI: @@ -181,13 +176,10 @@ func getCniInterface(conf *config.Config) (types.ContainerNetwork, error) { } } return cni.NewCNINetworkInterface(&cni.InitConfig{ - CNIConfigDir: confDir, - CNIPluginDirs: conf.Network.CNIPluginDirs.Get(), - RunDir: conf.Engine.TmpDir, - DefaultNetwork: conf.Network.DefaultNetwork, - DefaultSubnet: conf.Network.DefaultSubnet, - DefaultsubnetPools: conf.Network.DefaultSubnetPools, - IsMachine: machine.IsGvProxyBased(), + Config: conf, + CNIConfigDir: confDir, + RunDir: conf.Engine.TmpDir, + IsMachine: machine.IsGvProxyBased(), }) } diff --git a/vendor/github.com/containers/common/libnetwork/types/define.go b/vendor/github.com/containers/common/libnetwork/types/define.go index 6e91ccda961b..193377b1a20c 100644 --- a/vendor/github.com/containers/common/libnetwork/types/define.go +++ b/vendor/github.com/containers/common/libnetwork/types/define.go @@ -18,6 +18,9 @@ var ( // exists. ErrNetworkExists = errors.New("network already exists") + // ErrNotRootlessNetns indicates the rootless netns can only be used as root + ErrNotRootlessNetns = errors.New("rootless netns cannot be used as root") + // NameRegex is a regular expression to validate names. // This must NOT be changed. NameRegex = regexp.Delayed("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$") diff --git a/vendor/github.com/containers/common/libnetwork/types/network.go b/vendor/github.com/containers/common/libnetwork/types/network.go index 94087fd3751d..9e30975cb0a3 100644 --- a/vendor/github.com/containers/common/libnetwork/types/network.go +++ b/vendor/github.com/containers/common/libnetwork/types/network.go @@ -27,6 +27,10 @@ type ContainerNetwork interface { // Teardown will teardown the container network namespace. Teardown(namespacePath string, options TeardownOptions) error + // RunInRootlessNetns is used to run the given function in the rootless netns. + // Only used as rootless and should return an error as root. + RunInRootlessNetns(toRun func() error) error + // Drivers will return the list of supported network drivers // for this interface. Drivers() []string diff --git a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go index ed9f0761df87..ffdf10acaf49 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go @@ -4,6 +4,7 @@ package cgroups import ( + "bufio" "bytes" "errors" "fmt" @@ -11,6 +12,7 @@ import ( "path" "path/filepath" "strings" + "sync" "github.com/opencontainers/runc/libcontainer/cgroups" "github.com/opencontainers/runc/libcontainer/configs" @@ -143,3 +145,171 @@ func SetBlkioThrottle(res *configs.Resources, cgroupPath string) error { } return nil } + +// Code below was moved from podman/utils/utils_supported.go and should properly better +// integrated here as some parts may be redundant. + +func getCgroupProcess(procFile string, allowRoot bool) (string, error) { + f, err := os.Open(procFile) + if err != nil { + return "", err + } + defer f.Close() + + scanner := bufio.NewScanner(f) + cgroup := "" + for scanner.Scan() { + line := scanner.Text() + parts := strings.SplitN(line, ":", 3) + if len(parts) != 3 { + return "", fmt.Errorf("cannot parse cgroup line %q", line) + } + if strings.HasPrefix(line, "0::") { + cgroup = line[3:] + break + } + if len(parts[2]) > len(cgroup) { + cgroup = parts[2] + } + } + if len(cgroup) == 0 || (!allowRoot && cgroup == "/") { + return "", fmt.Errorf("could not find cgroup mount in %q", procFile) + } + return cgroup, nil +} + +// GetOwnCgroup returns the cgroup for the current process. +func GetOwnCgroup() (string, error) { + return getCgroupProcess("/proc/self/cgroup", true) +} + +func GetOwnCgroupDisallowRoot() (string, error) { + return getCgroupProcess("/proc/self/cgroup", false) +} + +// GetCgroupProcess returns the cgroup for the specified process process. +func GetCgroupProcess(pid int) (string, error) { + return getCgroupProcess(fmt.Sprintf("/proc/%d/cgroup", pid), true) +} + +// MoveUnderCgroupSubtree moves the PID under a cgroup subtree. +func MoveUnderCgroupSubtree(subtree string) error { + return MoveUnderCgroup("", subtree, nil) +} + +// MoveUnderCgroup moves a group of processes to a new cgroup. +// If cgroup is the empty string, then the current calling process cgroup is used. +// If processes is empty, then the processes from the current cgroup are moved. +func MoveUnderCgroup(cgroup, subtree string, processes []uint32) error { + procFile := "/proc/self/cgroup" + f, err := os.Open(procFile) + if err != nil { + return err + } + defer f.Close() + + unifiedMode, err := IsCgroup2UnifiedMode() + if err != nil { + return err + } + + scanner := bufio.NewScanner(f) + for scanner.Scan() { + line := scanner.Text() + parts := strings.SplitN(line, ":", 3) + if len(parts) != 3 { + return fmt.Errorf("cannot parse cgroup line %q", line) + } + + // root cgroup, skip it + if parts[2] == "/" && !(unifiedMode && parts[1] == "") { + continue + } + + cgroupRoot := "/sys/fs/cgroup" + // Special case the unified mount on hybrid cgroup and named hierarchies. + // This works on Fedora 31, but we should really parse the mounts to see + // where the cgroup hierarchy is mounted. + if parts[1] == "" && !unifiedMode { + // If it is not using unified mode, the cgroup v2 hierarchy is + // usually mounted under /sys/fs/cgroup/unified + cgroupRoot = filepath.Join(cgroupRoot, "unified") + + // Ignore the unified mount if it doesn't exist + if _, err := os.Stat(cgroupRoot); err != nil && os.IsNotExist(err) { + continue + } + } else if parts[1] != "" { + // Assume the controller is mounted at /sys/fs/cgroup/$CONTROLLER. + controller := strings.TrimPrefix(parts[1], "name=") + cgroupRoot = filepath.Join(cgroupRoot, controller) + } + + parentCgroup := cgroup + if parentCgroup == "" { + parentCgroup = parts[2] + } + newCgroup := filepath.Join(cgroupRoot, parentCgroup, subtree) + if err := os.MkdirAll(newCgroup, 0o755); err != nil && !os.IsExist(err) { + return err + } + + f, err := os.OpenFile(filepath.Join(newCgroup, "cgroup.procs"), os.O_RDWR, 0o755) + if err != nil { + return err + } + defer f.Close() + + if len(processes) > 0 { + for _, pid := range processes { + if _, err := f.WriteString(fmt.Sprintf("%d\n", pid)); err != nil { + logrus.Debugf("Cannot move process %d to cgroup %q: %v", pid, newCgroup, err) + } + } + } else { + processesData, err := os.ReadFile(filepath.Join(cgroupRoot, parts[2], "cgroup.procs")) + if err != nil { + return err + } + for _, pid := range bytes.Split(processesData, []byte("\n")) { + if len(pid) == 0 { + continue + } + if _, err := f.Write(pid); err != nil { + logrus.Debugf("Cannot move process %s to cgroup %q: %v", string(pid), newCgroup, err) + } + } + } + } + return nil +} + +var ( + maybeMoveToSubCgroupSync sync.Once + maybeMoveToSubCgroupSyncErr error +) + +// MaybeMoveToSubCgroup moves the current process in a sub cgroup when +// it is running in the root cgroup on a system that uses cgroupv2. +func MaybeMoveToSubCgroup() error { + maybeMoveToSubCgroupSync.Do(func() { + unifiedMode, err := IsCgroup2UnifiedMode() + if err != nil { + maybeMoveToSubCgroupSyncErr = err + return + } + if !unifiedMode { + maybeMoveToSubCgroupSyncErr = nil + return + } + cgroup, err := GetOwnCgroup() + if err != nil { + maybeMoveToSubCgroupSyncErr = err + return + } + if cgroup == "/" { + maybeMoveToSubCgroupSyncErr = MoveUnderCgroupSubtree("init") + } + }) + return maybeMoveToSubCgroupSyncErr +} diff --git a/vendor/github.com/containers/common/pkg/netns/netns_linux.go b/vendor/github.com/containers/common/pkg/netns/netns_linux.go index 9f0336bc0f6a..5b5e0daebbea 100644 --- a/vendor/github.com/containers/common/pkg/netns/netns_linux.go +++ b/vendor/github.com/containers/common/pkg/netns/netns_linux.go @@ -32,10 +32,12 @@ import ( "github.com/containernetworking/plugins/pkg/ns" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/unshare" - "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) +// threadNsPath is the /proc path to the current netns handle for the current thread +const threadNsPath = "/proc/thread-self/ns/net" + // GetNSRunDir returns the dir of where to create the netNS. When running // rootless, it needs to be at a location writable by user. func GetNSRunDir() (string, error) { @@ -49,6 +51,10 @@ func GetNSRunDir() (string, error) { return "/run/netns", nil } +func NewNSAtPath(nsPath string) (ns.NetNS, error) { + return newNSPath(nsPath) +} + // NewNS creates a new persistent (bind-mounted) network namespace and returns // an object representing that namespace, without switching to it. func NewNS() (ns.NetNS, error) { @@ -111,8 +117,12 @@ func NewNSWithName(name string) (ns.NetNS, error) { } } - // create an empty file at the mount point nsPath := path.Join(nsRunDir, name) + return newNSPath(nsPath) +} + +func newNSPath(nsPath string) (ns.NetNS, error) { + // create an empty file at the mount point mountPointFd, err := os.OpenFile(nsPath, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0o600) if err != nil { return nil, err @@ -140,24 +150,10 @@ func NewNSWithName(name string) (ns.NetNS, error) { // Don't unlock. By not unlocking, golang will kill the OS thread when the // goroutine is done (for go1.10+) - threadNsPath := getCurrentThreadNetNSPath() - - var origNS ns.NetNS - origNS, err = ns.GetNS(threadNsPath) - if err != nil { - logrus.Warnf("Cannot open current network namespace %s: %q", threadNsPath, err) - return - } - defer func() { - if err := origNS.Close(); err != nil { - logrus.Errorf("Unable to close namespace: %q", err) - } - }() - // create a new netns on the current thread err = unix.Unshare(unix.CLONE_NEWNET) if err != nil { - logrus.Warnf("Cannot create a new network namespace: %q", err) + err = fmt.Errorf("unshare network namespace: %w", err) return } @@ -181,13 +177,8 @@ func NewNSWithName(name string) (ns.NetNS, error) { // UnmountNS unmounts the given netns path func UnmountNS(nsPath string) error { - nsRunDir, err := GetNSRunDir() - if err != nil { - return err - } - // Only unmount if it's been bind-mounted (don't touch namespaces in /proc...) - if strings.HasPrefix(nsPath, nsRunDir) { + if !strings.HasPrefix(nsPath, "/proc/") { if err := unix.Unmount(nsPath, unix.MNT_DETACH); err != nil { return fmt.Errorf("failed to unmount NS: at %s: %v", nsPath, err) } @@ -199,11 +190,3 @@ func UnmountNS(nsPath string) error { return nil } - -// getCurrentThreadNetNSPath copied from pkg/ns -func getCurrentThreadNetNSPath() string { - // /proc/self/ns/net returns the namespace of the main thread, not - // of whatever thread this goroutine is running on. Make sure we - // use the thread's net namespace since the thread is switching around - return fmt.Sprintf("/proc/%d/task/%d/ns/net", os.Getpid(), unix.Gettid()) -} diff --git a/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go b/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go new file mode 100644 index 000000000000..02503618f45d --- /dev/null +++ b/vendor/github.com/containers/common/pkg/systemd/systemd_linux.go @@ -0,0 +1,151 @@ +package systemd + +import ( + "context" + "crypto/rand" + "fmt" + "os" + "strconv" + "sync" + + "github.com/containers/common/pkg/cgroups" + "github.com/containers/storage/pkg/unshare" + systemdDbus "github.com/coreos/go-systemd/v22/dbus" + "github.com/godbus/dbus/v5" + "github.com/sirupsen/logrus" +) + +var ( + runsOnSystemdOnce sync.Once + runsOnSystemd bool +) + +// RunsOnSystemd returns whether the system is using systemd +func RunsOnSystemd() bool { + runsOnSystemdOnce.Do(func() { + // per sd_booted(3), check for this dir + fd, err := os.Stat("/run/systemd/system") + runsOnSystemd = err == nil && fd.IsDir() + }) + return runsOnSystemd +} + +func moveProcessPIDFileToScope(pidPath, slice, scope string) error { + data, err := os.ReadFile(pidPath) + if err != nil { + // do not raise an error if the file doesn't exist + if os.IsNotExist(err) { + return nil + } + return fmt.Errorf("cannot read pid file: %w", err) + } + pid, err := strconv.ParseUint(string(data), 10, 0) + if err != nil { + return fmt.Errorf("cannot parse pid file %s: %w", pidPath, err) + } + + return moveProcessToScope(int(pid), slice, scope) +} + +func moveProcessToScope(pid int, slice, scope string) error { + err := RunUnderSystemdScope(pid, slice, scope) + // If the PID is not valid anymore, do not return an error. + if dbusErr, ok := err.(dbus.Error); ok { + if dbusErr.Name == "org.freedesktop.DBus.Error.UnixProcessIdUnknown" { + return nil + } + } + return err +} + +// MoveRootlessNetnsSlirpProcessToUserSlice moves the slirp4netns process for the rootless netns +// into a different scope so that systemd does not kill it with a container. +func MoveRootlessNetnsSlirpProcessToUserSlice(pid int) error { + randBytes := make([]byte, 4) + _, err := rand.Read(randBytes) + if err != nil { + return err + } + return moveProcessToScope(pid, "user.slice", fmt.Sprintf("rootless-netns-%x.scope", randBytes)) +} + +// MovePauseProcessToScope moves the pause process used for rootless mode to keep the namespaces alive to +// a separate scope. +func MovePauseProcessToScope(pausePidPath string) { + var err error + + for i := 0; i < 10; i++ { + randBytes := make([]byte, 4) + _, err = rand.Read(randBytes) + if err != nil { + logrus.Errorf("failed to read random bytes: %v", err) + continue + } + err = moveProcessPIDFileToScope(pausePidPath, "user.slice", fmt.Sprintf("podman-pause-%x.scope", randBytes)) + if err == nil { + return + } + } + + if err != nil { + unified, err2 := cgroups.IsCgroup2UnifiedMode() + if err2 != nil { + logrus.Warnf("Failed to detect if running with cgroup unified: %v", err) + } + if RunsOnSystemd() && unified { + logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err) + } else { + logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err) + } + } +} + +// RunUnderSystemdScope adds the specified pid to a systemd scope +func RunUnderSystemdScope(pid int, slice string, unitName string) error { + var properties []systemdDbus.Property + var conn *systemdDbus.Conn + var err error + + if unshare.GetRootlessUID() != 0 { + conn, err = cgroups.UserConnection(unshare.GetRootlessUID()) + if err != nil { + return err + } + } else { + conn, err = systemdDbus.NewWithContext(context.Background()) + if err != nil { + return err + } + } + defer conn.Close() + properties = append(properties, systemdDbus.PropSlice(slice)) + properties = append(properties, newProp("PIDs", []uint32{uint32(pid)})) + properties = append(properties, newProp("Delegate", true)) + properties = append(properties, newProp("DefaultDependencies", false)) + ch := make(chan string) + _, err = conn.StartTransientUnitContext(context.Background(), unitName, "replace", properties, ch) + if err != nil { + // On errors check if the cgroup already exists, if it does move the process there + if props, err := conn.GetUnitTypePropertiesContext(context.Background(), unitName, "Scope"); err == nil { + if cgroup, ok := props["ControlGroup"].(string); ok && cgroup != "" { + if err := cgroups.MoveUnderCgroup(cgroup, "", []uint32{uint32(pid)}); err == nil { + return nil + } + // On errors return the original error message we got from StartTransientUnit. + } + } + return err + } + + // Block until job is started + <-ch + + return nil +} + +func newProp(name string, units interface{}) systemdDbus.Property { + return systemdDbus.Property{ + Name: name, + Value: dbus.MakeVariant(units), + } +} diff --git a/vendor/github.com/containers/common/pkg/systemd/systemd_unsupported.go b/vendor/github.com/containers/common/pkg/systemd/systemd_unsupported.go new file mode 100644 index 000000000000..e4a6285279c3 --- /dev/null +++ b/vendor/github.com/containers/common/pkg/systemd/systemd_unsupported.go @@ -0,0 +1,15 @@ +//go:build !linux + +package systemd + +import "errors" + +func RunsOnSystemd() bool { + return false +} + +func MovePauseProcessToScope(pausePidPath string) {} + +func RunUnderSystemdScope(pid int, slice string, unitName string) error { + return errors.New("RunUnderSystemdScope not supported on this OS") +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 615eda38800f..1f61cef73d60 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -167,7 +167,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.57.1-0.20231130092720-630c929caef9 +# github.com/containers/common v0.57.1-0.20231206135104-b647eb3a5eea ## explicit; go 1.18 github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -177,6 +177,7 @@ github.com/containers/common/libimage/manifests github.com/containers/common/libimage/platform github.com/containers/common/libnetwork/cni github.com/containers/common/libnetwork/etchosts +github.com/containers/common/libnetwork/internal/rootlessnetns github.com/containers/common/libnetwork/internal/util github.com/containers/common/libnetwork/netavark github.com/containers/common/libnetwork/network @@ -223,6 +224,7 @@ github.com/containers/common/pkg/ssh github.com/containers/common/pkg/subscriptions github.com/containers/common/pkg/supplemented github.com/containers/common/pkg/sysinfo +github.com/containers/common/pkg/systemd github.com/containers/common/pkg/timetype github.com/containers/common/pkg/umask github.com/containers/common/pkg/util From 32c25c6026e2d195f97ebfcedc7c123cb2cede32 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 5 Dec 2023 17:37:58 +0100 Subject: [PATCH 139/170] pkg/specgen/generate: NOP verifyContainerResources() on freebsd There is no point in calling into cgroup specific code as freebsd does not support cgroups. Signed-off-by: Paul Holzinger --- pkg/specgen/generate/validate_freebsd.go | 8 ++++++++ pkg/specgen/generate/{validate.go => validate_linux.go} | 0 2 files changed, 8 insertions(+) create mode 100644 pkg/specgen/generate/validate_freebsd.go rename pkg/specgen/generate/{validate.go => validate_linux.go} (100%) diff --git a/pkg/specgen/generate/validate_freebsd.go b/pkg/specgen/generate/validate_freebsd.go new file mode 100644 index 000000000000..00cc210c2b40 --- /dev/null +++ b/pkg/specgen/generate/validate_freebsd.go @@ -0,0 +1,8 @@ +package generate + +import "github.com/containers/podman/v4/pkg/specgen" + +// verifyContainerResources does nothing on freebsd as it has no cgroups +func verifyContainerResources(s *specgen.SpecGenerator) ([]string, error) { + return nil, nil +} diff --git a/pkg/specgen/generate/validate.go b/pkg/specgen/generate/validate_linux.go similarity index 100% rename from pkg/specgen/generate/validate.go rename to pkg/specgen/generate/validate_linux.go From 03d411abc0b8843443eddbcdbdfaf2dec0bbd2bb Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 5 Dec 2023 17:49:10 +0100 Subject: [PATCH 140/170] libpod: split out cgroups call into linux specific file So that we do not cause compile error on freebsd. Signed-off-by: Paul Holzinger --- libpod/oci_conmon_common.go | 3 +-- libpod/oci_conmon_freebsd.go | 4 ++++ libpod/oci_conmon_linux.go | 4 ++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/libpod/oci_conmon_common.go b/libpod/oci_conmon_common.go index c3e68cf060d6..00a9a69a92db 100644 --- a/libpod/oci_conmon_common.go +++ b/libpod/oci_conmon_common.go @@ -23,7 +23,6 @@ import ( "text/template" "time" - "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/detach" "github.com/containers/common/pkg/resize" @@ -1100,7 +1099,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co } if ctr.config.CgroupsMode == cgroupSplit { - if err := cgroups.MoveUnderCgroupSubtree("runtime"); err != nil { + if err := moveToRuntimeCgroup(); err != nil { return 0, err } } diff --git a/libpod/oci_conmon_freebsd.go b/libpod/oci_conmon_freebsd.go index e8cf6085a07b..344091e74e8b 100644 --- a/libpod/oci_conmon_freebsd.go +++ b/libpod/oci_conmon_freebsd.go @@ -28,3 +28,7 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec } return nil } + +func moveToRuntimeCgroup() error { + return errors.New("moveToRuntimeCgroup not supported on freebsd") +} diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index b029b16a5672..bc3a67ae55eb 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -326,3 +326,7 @@ func GetLimits(resource *spec.LinuxResources) (runcconfig.Resources, error) { final.Unified = resource.Unified return *final, nil } + +func moveToRuntimeCgroup() error { + return cgroups.MoveUnderCgroupSubtree("runtime") +} From 19457f382375d3c8da506ac5566660b6853a21a8 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 5 Dec 2023 17:56:23 +0100 Subject: [PATCH 141/170] system service: split out cgroups call into linux specific file So that we do not cause compile errors on freebsd. Signed-off-by: Paul Holzinger --- cmd/podman/system/service_abi.go | 13 +-- cmd/podman/system/service_abi_common.go | 3 + cmd/podman/system/service_abi_linux.go | 16 ++++ pkg/domain/infra/abi/system.go | 94 --------------------- pkg/domain/infra/abi/system_freebsd.go | 9 +++ pkg/domain/infra/abi/system_linux.go | 103 ++++++++++++++++++++++++ 6 files changed, 132 insertions(+), 106 deletions(-) diff --git a/cmd/podman/system/service_abi.go b/cmd/podman/system/service_abi.go index 815d8062bbc5..302f4036de71 100644 --- a/cmd/podman/system/service_abi.go +++ b/cmd/podman/system/service_abi.go @@ -12,12 +12,10 @@ import ( "os" "path/filepath" - "github.com/containers/common/pkg/cgroups" "github.com/containers/podman/v4/cmd/podman/registry" api "github.com/containers/podman/v4/pkg/api/server" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/infra" - "github.com/containers/podman/v4/pkg/rootless" "github.com/coreos/go-systemd/v22/activation" "github.com/sirupsen/logrus" "github.com/spf13/pflag" @@ -125,16 +123,7 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities // Close the fd right away to not leak it during the entire time of the service. devNullfile.Close() - cgroupv2, _ := cgroups.IsCgroup2UnifiedMode() - if rootless.IsRootless() && !cgroupv2 { - logrus.Warnf("Running 'system service' in rootless mode without cgroup v2, containers won't survive a 'system service' restart") - } - - if err := cgroups.MaybeMoveToSubCgroup(); err != nil { - // it is a best effort operation, so just print the - // error for debugging purposes. - logrus.Debugf("Could not move to subcgroup: %v", err) - } + maybeMoveToSubCgroup() maybeStartServiceReaper() infra.StartWatcher(libpodRuntime) diff --git a/cmd/podman/system/service_abi_common.go b/cmd/podman/system/service_abi_common.go index 999f90fbe94b..697e8b66e848 100644 --- a/cmd/podman/system/service_abi_common.go +++ b/cmd/podman/system/service_abi_common.go @@ -5,3 +5,6 @@ package system // Currently, we only need servicereaper on Linux to support slirp4netns. func maybeStartServiceReaper() { } + +// There is no cgroup on non linux. +func maybeMoveToSubCgroup() {} diff --git a/cmd/podman/system/service_abi_linux.go b/cmd/podman/system/service_abi_linux.go index d0da1594adf1..ff8efa311859 100644 --- a/cmd/podman/system/service_abi_linux.go +++ b/cmd/podman/system/service_abi_linux.go @@ -3,10 +3,26 @@ package system import ( + "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/servicereaper" + "github.com/containers/podman/v4/pkg/rootless" + "github.com/sirupsen/logrus" ) // Currently, we only need servicereaper on Linux to support slirp4netns. func maybeStartServiceReaper() { servicereaper.Start() } + +func maybeMoveToSubCgroup() { + cgroupv2, _ := cgroups.IsCgroup2UnifiedMode() + if rootless.IsRootless() && !cgroupv2 { + logrus.Warnf("Running 'system service' in rootless mode without cgroup v2, containers won't survive a 'system service' restart") + } + + if err := cgroups.MaybeMoveToSubCgroup(); err != nil { + // it is a best effort operation, so just print the + // error for debugging purposes. + logrus.Debugf("Could not move to subcgroup: %v", err) + } +} diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 681131161903..112a332b20f5 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -9,17 +9,12 @@ import ( "os/exec" "path/filepath" - "github.com/containers/common/pkg/cgroups" - "github.com/containers/common/pkg/config" - "github.com/containers/common/pkg/systemd" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/entities/reports" - "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" "github.com/containers/storage" "github.com/containers/storage/pkg/directory" - "github.com/containers/storage/pkg/unshare" "github.com/sirupsen/logrus" "github.com/spf13/pflag" ) @@ -66,95 +61,6 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { return info, err } -func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { - runsUnderSystemd := systemd.RunsOnSystemd() - if !runsUnderSystemd { - isPid1 := os.Getpid() == 1 - if _, found := os.LookupEnv("container"); isPid1 || found { - if err := cgroups.MaybeMoveToSubCgroup(); err != nil { - // it is a best effort operation, so just print the - // error for debugging purposes. - logrus.Debugf("Could not move to subcgroup: %v", err) - } - } - } - - if !rootless.IsRootless() { - return nil - } - - // do it only after podman has already re-execed and running with uid==0. - hasCapSysAdmin, err := unshare.HasCapSysAdmin() - if err != nil { - return err - } - // check for both euid == 0 and CAP_SYS_ADMIN because we may be running in a container with CAP_SYS_ADMIN set. - if os.Geteuid() == 0 && hasCapSysAdmin { - ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup() - if err != nil { - logrus.Infof("Failed to detect the owner for the current cgroup: %v", err) - } - if !ownsCgroup { - conf, err := ic.Config(context.Background()) - if err != nil { - return err - } - unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) - if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { - if err := systemd.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { - logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err) - } - } - } - return nil - } - - pausePidPath, err := util.GetRootlessPauseProcessPidPath() - if err != nil { - return fmt.Errorf("could not get pause process pid file path: %w", err) - } - - became, ret, err := rootless.TryJoinPauseProcess(pausePidPath) - if err != nil { - return err - } - if became { - os.Exit(ret) - } - if noMoveProcess { - return nil - } - - // if there is no pid file, try to join existing containers, and create a pause process. - ctrs, err := ic.Libpod.GetRunningContainers() - if err != nil { - logrus.Error(err.Error()) - os.Exit(1) - } - - paths := []string{} - for _, ctr := range ctrs { - paths = append(paths, ctr.ConfigNoCopy().ConmonPidFile) - } - - if len(paths) > 0 { - became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, true, paths) - } else { - became, ret, err = rootless.BecomeRootInUserNS(pausePidPath) - if err == nil { - systemd.MovePauseProcessToScope(pausePidPath) - } - } - if err != nil { - logrus.Error(fmt.Errorf("invalid internal status, try resetting the pause process with %q: %w", os.Args[0]+" system migrate", err)) - os.Exit(1) - } - if became { - os.Exit(ret) - } - return nil -} - // SystemPrune removes unused data from the system. Pruning pods, containers, networks, volumes and images. func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.SystemPruneOptions) (*entities.SystemPruneReport, error) { var systemPruneReport = new(entities.SystemPruneReport) diff --git a/pkg/domain/infra/abi/system_freebsd.go b/pkg/domain/infra/abi/system_freebsd.go index 33ccebbb3753..c6ec91943eb8 100644 --- a/pkg/domain/infra/abi/system_freebsd.go +++ b/pkg/domain/infra/abi/system_freebsd.go @@ -1,4 +1,13 @@ package abi +import ( + "context" +) + // Default path for system runtime state const defaultRunPath = "/var/run" + +// SetupRootless in a NOP for freebsd as it only configures the rootless userns on linux. +func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { + return nil +} diff --git a/pkg/domain/infra/abi/system_linux.go b/pkg/domain/infra/abi/system_linux.go index 6a13f0705007..2c0f5a79eb6e 100644 --- a/pkg/domain/infra/abi/system_linux.go +++ b/pkg/domain/infra/abi/system_linux.go @@ -1,4 +1,107 @@ package abi +import ( + "context" + "fmt" + "os" + + "github.com/containers/common/pkg/cgroups" + "github.com/containers/common/pkg/config" + "github.com/containers/common/pkg/systemd" + "github.com/containers/podman/v4/pkg/rootless" + "github.com/containers/podman/v4/pkg/util" + "github.com/containers/storage/pkg/unshare" + "github.com/sirupsen/logrus" +) + // Default path for system runtime state const defaultRunPath = "/run" + +func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { + runsUnderSystemd := systemd.RunsOnSystemd() + if !runsUnderSystemd { + isPid1 := os.Getpid() == 1 + if _, found := os.LookupEnv("container"); isPid1 || found { + if err := cgroups.MaybeMoveToSubCgroup(); err != nil { + // it is a best effort operation, so just print the + // error for debugging purposes. + logrus.Debugf("Could not move to subcgroup: %v", err) + } + } + } + + if !rootless.IsRootless() { + return nil + } + + // do it only after podman has already re-execed and running with uid==0. + hasCapSysAdmin, err := unshare.HasCapSysAdmin() + if err != nil { + return err + } + // check for both euid == 0 and CAP_SYS_ADMIN because we may be running in a container with CAP_SYS_ADMIN set. + if os.Geteuid() == 0 && hasCapSysAdmin { + ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup() + if err != nil { + logrus.Infof("Failed to detect the owner for the current cgroup: %v", err) + } + if !ownsCgroup { + conf, err := ic.Config(context.Background()) + if err != nil { + return err + } + unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) + if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { + if err := systemd.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { + logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err) + } + } + } + return nil + } + + pausePidPath, err := util.GetRootlessPauseProcessPidPath() + if err != nil { + return fmt.Errorf("could not get pause process pid file path: %w", err) + } + + became, ret, err := rootless.TryJoinPauseProcess(pausePidPath) + if err != nil { + return err + } + if became { + os.Exit(ret) + } + if noMoveProcess { + return nil + } + + // if there is no pid file, try to join existing containers, and create a pause process. + ctrs, err := ic.Libpod.GetRunningContainers() + if err != nil { + logrus.Error(err.Error()) + os.Exit(1) + } + + paths := []string{} + for _, ctr := range ctrs { + paths = append(paths, ctr.ConfigNoCopy().ConmonPidFile) + } + + if len(paths) > 0 { + became, ret, err = rootless.TryJoinFromFilePaths(pausePidPath, true, paths) + } else { + became, ret, err = rootless.BecomeRootInUserNS(pausePidPath) + if err == nil { + systemd.MovePauseProcessToScope(pausePidPath) + } + } + if err != nil { + logrus.Error(fmt.Errorf("invalid internal status, try resetting the pause process with %q: %w", os.Args[0]+" system migrate", err)) + os.Exit(1) + } + if became { + os.Exit(ret) + } + return nil +} From cac4aa3b44db161745a6dd20125ac7bee12a7117 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 7 Dec 2023 13:19:55 +0000 Subject: [PATCH 142/170] [skip-ci] Update actions/stale action to v9 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 14f36fc234d2..0155fae34aee 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/stale@v8 + - uses: actions/stale@v9 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'A friendly reminder that this issue had no activity for 30 days.' From a1cc99dd4661ebf66979ccad40b9bab76474b35e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erik=20Sj=C3=B6lund?= Date: Thu, 7 Dec 2023 14:27:47 +0100 Subject: [PATCH 143/170] [CI:DOCS] compat api: fix formatting syntax MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reuse text from podman api Fixes https://github.com/containers/podman/issues/20390 Signed-off-by: Erik Sjölund --- pkg/api/server/register_containers.go | 30 +++++++++++++-------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index 88f9b6cb76fa..b4f0d8592c52 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -71,21 +71,21 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // name: filters // type: string // description: | - // Returns a list of containers. - // - ancestor=([:], , or ) - // - before=( or ) - // - expose=([/]|/[]) - // - exited= containers with exit code of - // - health=(starting|healthy|unhealthy|none) - // - id= a container's ID - // - is-task=(true|false) - // - label=key or label="key=value" of a container label - // - name= a container's name - // - network=( or ) - // - publish=([/]|/[]) - // - since=( or ) - // - status=(created|restarting|running|removing|paused|exited|dead) - // - volume=( or ) + // A JSON encoded value of the filters (a `map[string][]string`) to process on the containers list. Available filters: + // - `ancestor`=(`[:]`, ``, or ``) + // - `before`=(`` or ``) + // - `expose`=(`[/]` or `/[]`) + // - `exited=` containers with exit code of `` + // - `health`=(`starting`, `healthy`, `unhealthy` or `none`) + // - `id=` a container's ID + // - `is-task`=(`true` or `false`) + // - `label`=(`key` or `"key=value"`) of a container label + // - `name=` a container's name + // - `network`=(`` or ``) + // - `publish`=(`[/]` or `/[]`) + // - `since`=(`` or ``) + // - `status`=(`created`, `restarting`, `running`, `removing`, `paused`, `exited` or `dead`) + // - `volume`=(`` or ``) // produces: // - application/json // responses: From 9a963221b57da38c4f148cd6f7150b0e278a4856 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Wed, 6 Dec 2023 21:49:44 +0000 Subject: [PATCH 144/170] [CI:DOCS]use nginx in podman tutorial the podman tutorial refers to an old httpd image based on Fedora 29. It is x86_64 only so Apple Silicon Macs and RPI's cannot follow the tutorial. Switch to nginx Fixes: #20916 [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude --- docs/tutorials/podman_tutorial.md | 5 +---- docs/tutorials/podman_tutorial_cn.md | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md index b2aa87872237..301e652e8bf1 100644 --- a/docs/tutorials/podman_tutorial.md +++ b/docs/tutorials/podman_tutorial.md @@ -21,10 +21,7 @@ For installing or building Podman, see the [installation instructions](https://p This sample container will run a very basic httpd server (named basic_httpd) that serves only its index page. ```console -podman run --name basic_httpd -dt -p 8080:8080/tcp -e HTTPD_VAR_RUN=/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \ - -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \ - -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \ - registry.fedoraproject.org/f29/httpd /usr/bin/run-httpd +podman run --name basic_httpd -dt -p 8080:80/tcp docker.io/nginx ``` Because the container is being run in detached mode, represented by the *-d* in the `podman run` command, Podman will print the container ID after it has run. Note that we use port forwarding to be able to diff --git a/docs/tutorials/podman_tutorial_cn.md b/docs/tutorials/podman_tutorial_cn.md index be635d3be06c..ae20633cc8c3 100644 --- a/docs/tutorials/podman_tutorial_cn.md +++ b/docs/tutorials/podman_tutorial_cn.md @@ -23,10 +23,7 @@ Podman是由libpod库提供一个实用的程序,可以被用于创建和管 这个示例容器会运行一个简单的只有主页的 httpd 服务器。 ```console -podman run -dt -p 8080:8080/tcp -e HTTPD_VAR_RUN=/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \ - -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \ - -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \ - registry.fedoraproject.org/f29/httpd /usr/bin/run-httpd +podman run --name basic_httpd -dt -p 8080:80/tcp docker.io/nginx ``` 因为命令中的 *-d* 参数表明容器以 "detached" 模式运行,所以 Podman 会在容器运行后打印容器的 ID。 From 0d1b90d3674dce3a49763fdfaf5c6a551185aa2e Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Wed, 6 Dec 2023 12:11:57 -0700 Subject: [PATCH 145/170] CI: systests: fix flaking --since test Very rare flake, probably caused by my nemesis, podman run -d Solution: keep the sleep-1 (vs using nanosecond resolution), but make sure we first wait for the output from the container. Also, bump down the iteration delay in wait_for_output, from 5s to 1. Thanks to Paul for noticing that. Signed-off-by: Ed Santiago --- test/system/035-logs.bats | 2 ++ test/system/helpers.bash | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats index 9868d4e3cf5d..e0d80db689e9 100644 --- a/test/system/035-logs.bats +++ b/test/system/035-logs.bats @@ -182,8 +182,10 @@ function _log_test_since() { before=$(date --iso-8601=seconds) run_podman run --log-driver=$driver -d --name test $IMAGE sh -c \ "echo $s_before; trap 'echo $s_after; exit' SIGTERM; while :; do sleep 0.1; done" + wait_for_output "$s_before" test # sleep a second to make sure the date is after the first echo + # (We could instead use iso-8601=ns but seconds feels more real-world) sleep 1 after=$(date --iso-8601=seconds) run_podman stop test diff --git a/test/system/helpers.bash b/test/system/helpers.bash index ded6de642579..dc5575e73724 100644 --- a/test/system/helpers.bash +++ b/test/system/helpers.bash @@ -442,7 +442,7 @@ function run_podman() { # Wait for certain output from a container, indicating that it's ready. function wait_for_output { - local sleep_delay=5 + local sleep_delay=1 local how_long=$PODMAN_TIMEOUT local expect= local cid= From 95145d957d54ae581a6256967040eac406e5cab4 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Thu, 7 Dec 2023 14:39:40 -0700 Subject: [PATCH 146/170] buildah treadmill: cleaner YAML, uglier script There's a stanza in .cirrus.yml that only "runs" in the treadmill cron job ... but that job is long gone. The task actually runs in the buildah treadmill PR, #13808, but that's not obvious to someone reading .cirrus.yml. This is a maintenance burden. Remove it. Because rootless bud tests are still important, and we still want to run them in the treadmill PR, modify the treadmill script itself so it (ugh) injects rootless jobs into the buildah_bud test matrix. This is super fragile but acceptable because I am the only one who ever runs the treadmill script. I will notice if this breaks. Signed-off-by: Ed Santiago --- .cirrus.yml | 25 --------------------- hack/buildah-vendor-treadmill | 41 ++++++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 38 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index f22e0bc34bf9..901245d284af 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -995,30 +995,6 @@ buildah_bud_test_task: main_script: *main always: *int_logs_artifacts -rootless_buildah_bud_test_task: - name: *std_name_fmt - alias: rootless_buildah_bud_test - # Please keep this as-is: the buildah treadmill (#13808) relies on it. - only_if: $CIRRUS_CRON == 'treadmill' - depends_on: - - build - - rootless_integration_test - env: - <<: *stdenvars - TEST_FLAVOR: bud - PRIV_NAME: rootless - matrix: - - env: - PODBIN_NAME: podman - - env: - PODBIN_NAME: remote - gce_instance: *standardvm - timeout_in: 45m - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - upgrade_test_task: name: "Upgrade test: from $PODMAN_UPGRADE_FROM" alias: upgrade_test @@ -1125,7 +1101,6 @@ success_task: - minikube_test - farm_test - buildah_bud_test - - rootless_buildah_bud_test - upgrade_test - meta container: &smallcontainer diff --git a/hack/buildah-vendor-treadmill b/hack/buildah-vendor-treadmill index 46ccb348b40c..e2160ffa0cfb 100755 --- a/hack/buildah-vendor-treadmill +++ b/hack/buildah-vendor-treadmill @@ -372,27 +372,42 @@ sub tweak_cirrus_test_order { # of the treadmill PR. Here we switch Cirrus task dependencies # such that bud tests run as early as possible. if ($current_task =~ /buildah_bud_test/) { - # Buildah bud, both root and rootless, now depend on validate + # Buildah bud now depends only on validate... $line = "${indent}validate"; } elsif ($2 eq 'validate' && $current_task ne 'success') { - # Other tests that relied on validate, now rely on - # rootless bud tests instead. The point of the treadmill PR - # is to run the bud tests, then rootless bud tests, and - # only then, if everything passes, run normal tests. - # (Reason: bud tests are the only ones likely to fail, - # and we want to see failures early). - $line = "${indent}rootless_buildah_bud_test"; + # ...and all other tests that relied on validate now rely on + # bud tests instead. The point of the treadmill PR is to + # run the bud tests and only then, if everything passes, + # run normal tests. (Reason: bud tests are the only ones + # likely to fail on a buildah revendor, and we want to see + # failures early). + $line = "${indent}buildah_bud_test"; } } else { undef $in_depend; - # Rootless tests normally run only on nightly treadmill, but - # we really should run them here too. Remove the 'only' clause. - if ($current_task eq 'rootless_buildah_bud_test') { - if ($line =~ /^\s+only_if:.*treadmill/) { - next; + # FIXME THIS IS HORRIBLE! + # Add rootless jobs to the buildah bud test matrix. + # This is incredibly fragile; it relies on the fact + # (true as of 2023-12-07) that the "matrix" yaml lines + # are formatted just so and are followed immediately + # by a "gce_instance" line. + # + # Since Ed is the only one who ever runs this script, + # he is expected to notice if this ever changes, and + # to fix it. + if ($current_task eq 'buildah_bud_test') { + if ($line =~ /^(\s+)gce_instance:/) { + print { $out } <<'END_ROOTLESS_BUD'; + - env: + PODBIN_NAME: podman + PRIV_NAME: rootless + - env: + PODBIN_NAME: remote + PRIV_NAME: rootless +END_ROOTLESS_BUD } } } From 1ebd507fbfd8bb64315a4632c36860291d253bf1 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Tue, 5 Dec 2023 12:58:17 -0600 Subject: [PATCH 147/170] Fix regression in e2e machine test suite A simple regression was introduced to the test suite that overrode the default image for hyperv testing. Signed-off-by: Brent Baude --- .cirrus.yml | 3 ++- contrib/cirrus/win-podman-machine-main.ps1 | 7 +++++++ pkg/machine/e2e/config_test.go | 14 ++++++++++++++ pkg/machine/e2e/config_unix_test.go | 13 +------------ pkg/machine/e2e/config_windows_test.go | 5 ++++- pkg/machine/e2e/machine_test.go | 3 --- 6 files changed, 28 insertions(+), 17 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index f22e0bc34bf9..8efa880aa54e 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -33,7 +33,8 @@ env: DEBIAN_NAME: "debian-13" # Image identifiers - IMAGE_SUFFIX: "c20231116t174419z-f39f38d13" + IMAGE_SUFFIX: "c20231206t225809z-f39f38d13" + # EC2 images FEDORA_AMI: "fedora-aws-${IMAGE_SUFFIX}" diff --git a/contrib/cirrus/win-podman-machine-main.ps1 b/contrib/cirrus/win-podman-machine-main.ps1 index bee9250c7dc7..4fc3fc85c24d 100644 --- a/contrib/cirrus/win-podman-machine-main.ps1 +++ b/contrib/cirrus/win-podman-machine-main.ps1 @@ -4,6 +4,13 @@ Set-Location "$ENV:CIRRUS_WORKING_DIR\repo" +$GvTargetDir = "C:\Program Files\Redhat\Podman\" + +#Expand-Archive -Path "podman-remote-release-windows_amd64.zip" -DestinationPath $GvTargetDir + +New-Item -Path $GvTargetDir -ItemType "directory" +Copy-Item "bin/windows/gvproxy.exe" -Destination $GvTargetDir + Write-Host "Saving selection of CI env. vars." # Env. vars will not pass through win-sess-launch.ps1 Get-ChildItem -Path "Env:\*" -include @("PATH", "Chocolatey*", "CIRRUS*", "TEST_*", "CI_*") ` diff --git a/pkg/machine/e2e/config_test.go b/pkg/machine/e2e/config_test.go index 60e9187a5aca..87b1d00e1b1f 100644 --- a/pkg/machine/e2e/config_test.go +++ b/pkg/machine/e2e/config_test.go @@ -234,3 +234,17 @@ func isVmtype(vmType machine.VMType) bool { func isWSL() bool { return isVmtype(machine.WSLVirt) } + +func getFCOSDownloadLocation(p machine.VirtProvider) string { + dd, err := p.NewDownload("") + if err != nil { + Fail("unable to create new download") + } + + fcd, err := dd.GetFCOSDownload(defaultStream) + if err != nil { + Fail("unable to get virtual machine image") + } + + return fcd.Location +} diff --git a/pkg/machine/e2e/config_unix_test.go b/pkg/machine/e2e/config_unix_test.go index 027021ca434d..24c57ee65ff8 100644 --- a/pkg/machine/e2e/config_unix_test.go +++ b/pkg/machine/e2e/config_unix_test.go @@ -6,21 +6,10 @@ import ( "os/exec" "github.com/containers/podman/v4/pkg/machine" - . "github.com/onsi/ginkgo/v2" ) func getDownloadLocation(p machine.VirtProvider) string { - dd, err := p.NewDownload("") - if err != nil { - Fail("unable to create new download") - } - - fcd, err := dd.GetFCOSDownload(defaultStream) - if err != nil { - Fail("unable to get virtual machine image") - } - - return fcd.Location + return getFCOSDownloadLocation(p) } func pgrep(n string) (string, error) { diff --git a/pkg/machine/e2e/config_windows_test.go b/pkg/machine/e2e/config_windows_test.go index 9fa63cd8840f..c47bda043f2e 100644 --- a/pkg/machine/e2e/config_windows_test.go +++ b/pkg/machine/e2e/config_windows_test.go @@ -12,7 +12,10 @@ import ( const podmanBinary = "../../../bin/windows/podman.exe" -func getDownloadLocation(_ machine.VirtProvider) string { +func getDownloadLocation(p machine.VirtProvider) string { + if p.VMType() == machine.HyperVVirt { + return getFCOSDownloadLocation(p) + } fd, err := wsl.NewFedoraDownloader(machine.WSLVirt, "", defaultStream.String()) if err != nil { Fail("unable to get WSL virtual image") diff --git a/pkg/machine/e2e/machine_test.go b/pkg/machine/e2e/machine_test.go index c7400d20407a..ae89e839a305 100644 --- a/pkg/machine/e2e/machine_test.go +++ b/pkg/machine/e2e/machine_test.go @@ -61,9 +61,6 @@ var _ = BeforeSuite(func() { downloadLocation = getDownloadLocation(testProvider) // we cannot simply use OS here because hyperv uses fcos; so WSL is just // special here - if testProvider.VMType() != machine.WSLVirt { - downloadLocation = getDownloadLocation(testProvider) - } } compressionExtension := fmt.Sprintf(".%s", testProvider.Compression().String()) From c97560841f1bf31a9a10dd2f91d91d7a227febe7 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 15:58:39 +0100 Subject: [PATCH 148/170] cli: add docs for StringArray vs StringSlice options In short always use StringArray over StringSlice. Signed-off-by: Paul Holzinger --- cmd/podman/README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cmd/podman/README.md b/cmd/podman/README.md index 9214bdafcb49..29b5f864302c 100644 --- a/cmd/podman/README.md +++ b/cmd/podman/README.md @@ -109,3 +109,11 @@ The complete set can be found in the `validate` package, here are some examples: created := validate.ChoiceValue(&opts.Sort, "command", "created", "id", "image", "names", "runningfor", "size", "status") flags.Var(created, "sort", "Sort output by: "+created.Choices()) ``` + +## Adding CLI flags + +When adding adding a new cli option that accepts a string array, there are two options to choose from: `StringSlice()` and `StringArray()`. +They differ slightly in their behavior: `StringSlice()` allows the values to be comma separated so `--opt v1,v2 --opt v3` results in +`[]string{"v1", "v2", "v3"}`, while `StringArray()` would result in `[]string{"v1,v2", "v3"}`. Thus it is impossible to use values with comma in `StringSlice()`, which makes it unsuitable for flags that accept arbitrary values such as file paths as example. Also, because `StringSlice()` uses the csv lib to parse the values, it has special escaping rules for things like quotes, see https://github.com/containers/podman/issues/20064 for an example of how complicated things can get because of this. +Thus use `StringSlice()` only when the option accepts predefined values that do not contain special characters, for example `--cap-add` and `--cap-drop` are a good example for this. Using `--cap-add NET_ADMIN,NET_RAW` is equal to `--cap-add NET_ADMIN --cap-add NET_RAW` so it is better suited to save some typing for users. +When in doubt always choose `StringArray()` over `StringSlice()`. From 12c39ffda26107507de173f7346b7e82ae1a2327 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:28:05 +0100 Subject: [PATCH 149/170] cli: podman --module use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/registry/config.go | 2 +- cmd/podman/root.go | 2 +- test/system/800-config.bats | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index fd8f322c457d..db5c29297303 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -72,7 +72,7 @@ func containersConfModules() ([]string, error) { fs.ParseErrorsWhitelist.UnknownFlags = true fs.Usage = func() {} fs.SetInterspersed(false) - fs.StringSliceVar(&modules, "module", nil, "") + fs.StringArrayVar(&modules, "module", nil, "") fs.BoolP("help", "h", false, "") // Need a fake help flag to avoid the `pflag: help requested` error return modules, fs.Parse(os.Args[index:]) } diff --git a/cmd/podman/root.go b/cmd/podman/root.go index bec9bd071e31..e8a746a5f436 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -507,7 +507,7 @@ func rootFlags(cmd *cobra.Command, podmanConfig *entities.PodmanConfig) { // as a flag here to a) make sure that rootflags are aware of // this flag and b) to have shell completions. moduleFlagName := "module" - lFlags.StringSlice(moduleFlagName, nil, "Load the containers.conf(5) module") + lFlags.StringArray(moduleFlagName, nil, "Load the containers.conf(5) module") _ = cmd.RegisterFlagCompletionFunc(moduleFlagName, common.AutocompleteContainersConfModules) // A *hidden* flag to change the database backend. diff --git a/test/system/800-config.bats b/test/system/800-config.bats index 588a68f765bd..13b56a0e928b 100644 --- a/test/system/800-config.bats +++ b/test/system/800-config.bats @@ -104,8 +104,8 @@ See 'podman create --help'" "--module must be specified before the command" run_podman rm -f $cid - # Nonexistent module path - nonesuch=${PODMAN_TMPDIR}/nonexistent + # Nonexistent module path with comma + nonesuch=${PODMAN_TMPDIR}/nonexistent,withcomma run_podman 1 --module=$nonesuch sdfsdfdsf is "$output" "Failed to obtain podman configuration: could not resolve module \"$nonesuch\": stat $nonesuch: no such file or directory" \ "--module=ENOENT" From c5258d46305efc765f380d48583f278d61fff581 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:33:42 +0100 Subject: [PATCH 150/170] cli: podman --hooks-dir use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/root.go | 2 +- test/e2e/run_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/podman/root.go b/cmd/podman/root.go index e8a746a5f436..86f42d1c4b77 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -541,7 +541,7 @@ func rootFlags(cmd *cobra.Command, podmanConfig *entities.PodmanConfig) { _ = cmd.RegisterFlagCompletionFunc(eventsBackendFlagName, common.AutocompleteEventBackend) hooksDirFlagName := "hooks-dir" - pFlags.StringSliceVar(&podmanConfig.HooksDir, hooksDirFlagName, podmanConfig.ContainersConfDefaultsRO.Engine.HooksDir.Get(), "Set the OCI hooks directory path (may be set multiple times)") + pFlags.StringArrayVar(&podmanConfig.HooksDir, hooksDirFlagName, podmanConfig.ContainersConfDefaultsRO.Engine.HooksDir.Get(), "Set the OCI hooks directory path (may be set multiple times)") _ = cmd.RegisterFlagCompletionFunc(hooksDirFlagName, completion.AutocompleteDefault) pFlags.IntVar(&podmanConfig.MaxWorks, "max-workers", (runtime.NumCPU()*3)+1, "The maximum number of workers for parallel operations") diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 67899616344d..f07ece51cf29 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -916,7 +916,7 @@ USER bin`, BB) It("podman test hooks", func() { SkipIfRemote("--hooks-dir does not work with remote") - hooksDir := tempdir + "/hooks" + hooksDir := tempdir + "/hooks,withcomma" err := os.Mkdir(hooksDir, 0755) Expect(err).ToNot(HaveOccurred()) hookJSONPath := filepath.Join(hooksDir, "checkhooks.json") From ef10073b51970cbdd5559526bd323b30c3924dae Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:35:25 +0100 Subject: [PATCH 151/170] cli: podman run/create --annotation use StringArray() This option accepts arbitrary input so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- test/e2e/create_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 105ea13c5679..3c3a580497da 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -33,7 +33,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, if mode == entities.CreateMode { // regular create flags annotationFlagName := "annotation" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.Annotation, annotationFlagName, []string{}, "Add annotations to container (key=value)", diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index f9aa0f8bbdbf..8d777647e61e 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -101,7 +101,7 @@ var _ = Describe("Podman create", func() { }) It("podman create adds annotation", func() { - session := podmanTest.Podman([]string{"create", "--annotation", "HELLO=WORLD", "--name", "annotate_test", ALPINE, "ls"}) + session := podmanTest.Podman([]string{"create", "--annotation", "HELLO=WORLD,WithComma", "--name", "annotate_test", ALPINE, "ls"}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) Expect(podmanTest.NumberOfContainers()).To(Equal(1)) @@ -109,7 +109,7 @@ var _ = Describe("Podman create", func() { check := podmanTest.Podman([]string{"inspect", "annotate_test"}) check.WaitWithDefaultTimeout() data := check.InspectContainerToJSON() - Expect(data[0].Config.Annotations).To(HaveKeyWithValue("HELLO", "WORLD")) + Expect(data[0].Config.Annotations).To(HaveKeyWithValue("HELLO", "WORLD,WithComma")) }) It("podman create --entrypoint command", func() { From b011aa443018dd5db5061c6a903c2eac4a2dccd0 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:39:22 +0100 Subject: [PATCH 152/170] cli: podman run/create --env-file use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- test/system/300-cli-parsing.bats | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 3c3a580497da..435afbc77b8d 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -147,7 +147,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, } envFileFlagName := "env-file" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.EnvFile, envFileFlagName, []string{}, "Read in a file of environment variables", diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats index 12ab4dcb6ad0..63a16aaa9aa1 100644 --- a/test/system/300-cli-parsing.bats +++ b/test/system/300-cli-parsing.bats @@ -196,7 +196,7 @@ EOF fi # Same, with --env-file - local envfile="$PODMAN_TMPDIR/envfile-in-1" + local envfile="$PODMAN_TMPDIR/envfile-in-1,withcomma" cat >$envfile < Date: Thu, 7 Dec 2023 16:40:41 +0100 Subject: [PATCH 153/170] cli: podman run/create --log-opt use StringArray() This option accepts arbitrary input so we should allow commas in it. Fixes #20064 Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- test/e2e/logs_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 435afbc77b8d..45c136985ed1 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -282,7 +282,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(logDriverFlagName, AutocompleteLogDriver) logOptFlagName := "log-opt" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.LogOptions, logOptFlagName, []string{}, "Logging driver options", diff --git a/test/e2e/logs_test.go b/test/e2e/logs_test.go index 66ca09ebe364..1f256e9f84b8 100644 --- a/test/e2e/logs_test.go +++ b/test/e2e/logs_test.go @@ -536,7 +536,7 @@ var _ = Describe("Podman logs", func() { It("using journald for container with container tag", func() { SkipIfJournaldUnavailable() - logc := podmanTest.Podman([]string{"run", "--log-driver", "journald", "--log-opt=tag={{.ImageName}}", "-d", ALPINE, "sh", "-c", "echo podman; sleep 0.1; echo podman; sleep 0.1; echo podman"}) + logc := podmanTest.Podman([]string{"run", "--log-driver", "journald", "--log-opt=tag={{.ImageName}},withcomma", "-d", ALPINE, "sh", "-c", "echo podman; sleep 0.1; echo podman; sleep 0.1; echo podman"}) logc.WaitWithDefaultTimeout() Expect(logc).To(ExitCleanly()) cid := logc.OutputToString() @@ -549,7 +549,7 @@ var _ = Describe("Podman logs", func() { cmd := exec.Command("journalctl", "--no-pager", "-o", "json", "--output-fields=CONTAINER_TAG", fmt.Sprintf("CONTAINER_ID_FULL=%s", cid)) out, err := cmd.CombinedOutput() g.Expect(err).ToNot(HaveOccurred()) - g.Expect(string(out)).To(ContainSubstring("alpine")) + g.Expect(string(out)).To(ContainSubstring(ALPINE + ",withcomma")) }).Should(Succeed()) }) From 201920f6a4b967e7a4bef366aae4f4b7592de7c7 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:45:13 +0100 Subject: [PATCH 154/170] cli: podman run/create --chrootdirs use StringArray() This options accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- test/e2e/create_test.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 45c136985ed1..223fb2e12ec9 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -595,7 +595,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(pidFileFlagName, completion.AutocompleteDefault) chrootDirsFlagName := "chrootdirs" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.ChrootDirs, chrootDirsFlagName, []string{}, "Chroot directories inside the container", diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index 8d777647e61e..df753ce4616d 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -717,7 +717,7 @@ var _ = Describe("Podman create", func() { }) It("podman create --chrootdirs functionality test", func() { - session := podmanTest.Podman([]string{"create", "-t", "--chrootdirs", "/var/local/qwerty", ALPINE, "/bin/cat"}) + session := podmanTest.Podman([]string{"create", "-t", "--chrootdirs", "/var/local/qwerty,withcomma", ALPINE, "/bin/cat"}) session.WaitWithDefaultTimeout() Expect(session).Should(ExitCleanly()) ctrID := session.OutputToString() @@ -726,7 +726,7 @@ var _ = Describe("Podman create", func() { setup.WaitWithDefaultTimeout() Expect(setup).Should(ExitCleanly()) - setup = podmanTest.Podman([]string{"exec", ctrID, "cmp", "/etc/resolv.conf", "/var/local/qwerty/etc/resolv.conf"}) + setup = podmanTest.Podman([]string{"exec", ctrID, "cmp", "/etc/resolv.conf", "/var/local/qwerty,withcomma/etc/resolv.conf"}) setup.WaitWithDefaultTimeout() Expect(setup).Should(ExitCleanly()) }) From 6c2a0196a962560b465ec984145b73b1f0d27df3 Mon Sep 17 00:00:00 2001 From: Christophe Fergeau Date: Fri, 8 Dec 2023 10:38:08 +0100 Subject: [PATCH 155/170] machine: usb: Fix 'passtrough' typo [NO NEW TESTS NEEDED] Signed-off-by: Christophe Fergeau --- pkg/machine/applehv/config.go | 2 +- pkg/machine/hyperv/config.go | 2 +- pkg/machine/wsl/config.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/machine/applehv/config.go b/pkg/machine/applehv/config.go index 6c22bc8c4424..c04b43e22a04 100644 --- a/pkg/machine/applehv/config.go +++ b/pkg/machine/applehv/config.go @@ -114,7 +114,7 @@ func (v AppleHVVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, m := MacMachine{Name: opts.Name} if len(opts.USBs) > 0 { - return nil, fmt.Errorf("USB host passtrough not supported for applehv machines") + return nil, fmt.Errorf("USB host passthrough is not supported for applehv machines") } configDir, err := machine.GetConfDir(machine.AppleHvVirt) diff --git a/pkg/machine/hyperv/config.go b/pkg/machine/hyperv/config.go index eafca54e665c..af4e47ccdaf0 100644 --- a/pkg/machine/hyperv/config.go +++ b/pkg/machine/hyperv/config.go @@ -112,7 +112,7 @@ func (v HyperVVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, return nil, errors.New("must define --image-path for hyperv support") } if len(opts.USBs) > 0 { - return nil, fmt.Errorf("USB host passtrough not supported for hyperv machines") + return nil, fmt.Errorf("USB host passthrough is not supported for hyperv machines") } m.RemoteUsername = opts.Username diff --git a/pkg/machine/wsl/config.go b/pkg/machine/wsl/config.go index d46a0959f18f..0ee2e7767318 100644 --- a/pkg/machine/wsl/config.go +++ b/pkg/machine/wsl/config.go @@ -31,7 +31,7 @@ func VirtualizationProvider() machine.VirtProvider { func (p *WSLVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, error) { vm := new(MachineVM) if len(opts.USBs) > 0 { - return nil, fmt.Errorf("USB host passtrough not supported for WSL machines") + return nil, fmt.Errorf("USB host passthrough is not supported for WSL machines") } if len(opts.Name) > 0 { vm.Name = opts.Name From f9b2da3eb7c288e110ce9549a13529e2e28ed41b Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 8 Dec 2023 17:06:48 +0530 Subject: [PATCH 156/170] [CI:BUILD] override crun-wasm in fcos + podman-next image build crun-wasm depends on the same epoch:version-release as crun so overriding `crun` but not `crun-wasm` will cause installation issues like: ``` error: Could not depsolve transaction; 1 problem detected: Problem: package crun-wasm-1.11.1-1.fc39.x86_64 from @System requires crun = 1.11.1-1.fc39, but none of the providers can be installed - cannot install both crun-102:1.12-1.20231205201336970037.main.19.g90b21dd.fc39.x86_64 from @commandline and crun-1.11.1-1.fc39.x86_64 from @System - cannot install both crun-102:1.12-1.20231205201336970037.main.19.g90b21dd.fc39.x86_64 from @commandline and crun-1.11.1-1.fc39.x86_64 from updates-archive - conflicting requests ``` This commit overrides both crun and crun-wasm from what's found in podman-next. Signed-off-by: Lokesh Mandvekar --- contrib/podman-next/fcos-podmanimage/Containerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/podman-next/fcos-podmanimage/Containerfile b/contrib/podman-next/fcos-podmanimage/Containerfile index 5412fb687de5..b02b0d942c59 100644 --- a/contrib/podman-next/fcos-podmanimage/Containerfile +++ b/contrib/podman-next/fcos-podmanimage/Containerfile @@ -13,8 +13,8 @@ ADD https://download.copr.fedorainfracloud.org/results/rhcontainerbot/podman-nex # Note: Currently does not result in a size reduction for the container image RUN rpm-ostree override replace --experimental --freeze \ --from repo="copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next" \ - aardvark-dns containers-common containers-common-extra crun netavark podman && \ - rpm-ostree install crun-wasm wasmedge-rt && \ + aardvark-dns containers-common containers-common-extra crun crun-wasm netavark podman && \ + rpm-ostree install wasmedge-rt && \ rpm-ostree override remove moby-engine containerd runc && \ ostree container commit From 24d08a94d86dac4deb9e7ba5b67464bcf3aef925 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:46:42 +0100 Subject: [PATCH 157/170] cli: podman run/create --decryption-key use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 223fb2e12ec9..2e55e8e7cdd8 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -611,7 +611,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(groupEntryName, completion.AutocompleteNone) decryptionKeysFlagName := "decryption-key" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.DecryptionKeys, decryptionKeysFlagName, []string{}, "Key needed to decrypt the image (e.g. /path/to/key.pem)", From 19571f7509ed6ec37a96ec3c4bc401b2d8de56c3 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:48:53 +0100 Subject: [PATCH 158/170] cli: podman run/create --label-file use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 2e55e8e7cdd8..65c78317c016 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -772,7 +772,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(labelFlagName, completion.AutocompleteNone) labelFileFlagName := "label-file" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.LabelFile, labelFileFlagName, []string{}, "Read in a line delimited file of labels", From 833163ff3e2738d630d70f69efcd43645334b12f Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 17:56:26 +0100 Subject: [PATCH 159/170] add podman create --label-file test There was no test for this option so I added one. Signed-off-by: Paul Holzinger --- test/system/300-cli-parsing.bats | 36 ++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats index 63a16aaa9aa1..83b9ebad9542 100644 --- a/test/system/300-cli-parsing.bats +++ b/test/system/300-cli-parsing.bats @@ -213,4 +213,40 @@ EOF } +@test "podman create --label-file" { + declare -A expect=( + [simple]="abc" + [special]="bcd#e!f|g hij=lmnop" + [withquotes]='"withquotes"' + [withsinglequotes]="'withsingle'" + ) + + # Write two files, so we confirm that podman can accept multiple values + # and that the second will override the first + local labelfile1="$PODMAN_TMPDIR/label-file1,withcomma" + local labelfile2="$PODMAN_TMPDIR/label-file2" + + cat >$labelfile1 <>$labelfile2 + done + + run_podman create --rm --name testctr --label-file $labelfile1 \ + --label-file $labelfile2 $IMAGE + + for v in "${!expect[@]}"; do + run_podman inspect testctr --format "{{index .Config.Labels \"$v\"}}" + assert "$output" == "${expect[$v]}" "label $v" + done + + run_podman rm testctr +} + + + # vim: filetype=sh From e763cc62b78a800e6b1448de6fa6b2b3a253c3b8 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:51:45 +0100 Subject: [PATCH 160/170] cli: podman run/create --device use StringArray() This options accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 65c78317c016..1e2bc4eeb628 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -814,7 +814,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(volumeFlagName, AutocompleteVolumeFlag) deviceFlagName := "device" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.Devices, deviceFlagName, devices(), "Add a host device to the container", From 8de13271cae029e03bac0e68c5b00c8e39076e65 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:53:13 +0100 Subject: [PATCH 161/170] cli: podman run/create --device-{read,write}-iops use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 1e2bc4eeb628..e37a06783b0d 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -898,7 +898,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, } if mode == entities.CreateMode || mode == entities.UpdateMode { deviceReadIopsFlagName := "device-read-iops" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.DeviceReadIOPs, deviceReadIopsFlagName, []string{}, "Limit read rate (IO per second) from a device (e.g. --device-read-iops=/dev/sda:1000)", @@ -906,7 +906,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(deviceReadIopsFlagName, completion.AutocompleteDefault) deviceWriteIopsFlagName := "device-write-iops" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.DeviceWriteIOPs, deviceWriteIopsFlagName, []string{}, "Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)", From 432be133010c89024952780f2544f36c6f4dd8a4 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:54:47 +0100 Subject: [PATCH 162/170] cli: podman run/create --device-{read,write}-bps use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index e37a06783b0d..27bb7fbf24a4 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -970,7 +970,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(memorySwapFlagName, completion.AutocompleteNone) deviceReadBpsFlagName := "device-read-bps" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.DeviceReadBPs, deviceReadBpsFlagName, []string{}, "Limit read rate (bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb)", @@ -978,7 +978,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(deviceReadBpsFlagName, completion.AutocompleteDefault) deviceWriteBpsFlagName := "device-write-bps" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.DeviceWriteBPs, deviceWriteBpsFlagName, []string{}, "Limit write rate (bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb)", From 7866f6c6e170fff6d36a971419245c059e2f725b Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 16:56:24 +0100 Subject: [PATCH 163/170] cli: podman run/create --blkio-weight-device use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/common/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 27bb7fbf24a4..65a47771f5ad 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -994,7 +994,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, _ = cmd.RegisterFlagCompletionFunc(blkioWeightFlagName, completion.AutocompleteNone) blkioWeightDeviceFlagName := "blkio-weight-device" - createFlags.StringSliceVar( + createFlags.StringArrayVar( &cf.BlkIOWeightDevice, blkioWeightDeviceFlagName, []string{}, "Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)", From 06cee546a323ff643b135152a6e9fd897f39cd5a Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 18:18:17 +0100 Subject: [PATCH 164/170] cli: podman exec --env-file use StringArray() This option accepts a file path so we should allow commas in it. Signed-off-by: Paul Holzinger --- cmd/podman/containers/exec.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/podman/containers/exec.go b/cmd/podman/containers/exec.go index e8eb557bd088..3e9cd630297d 100644 --- a/cmd/podman/containers/exec.go +++ b/cmd/podman/containers/exec.go @@ -68,7 +68,7 @@ func execFlags(cmd *cobra.Command) { _ = cmd.RegisterFlagCompletionFunc(envFlagName, completion.AutocompleteNone) envFileFlagName := "env-file" - flags.StringSliceVar(&envFile, envFileFlagName, []string{}, "Read in a file of environment variables") + flags.StringArrayVar(&envFile, envFileFlagName, []string{}, "Read in a file of environment variables") _ = cmd.RegisterFlagCompletionFunc(envFileFlagName, completion.AutocompleteDefault) flags.BoolVarP(&execOpts.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached") From 4590b663a73fcc2d58ddde4f54b8b06e0998566a Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Thu, 7 Dec 2023 18:19:02 +0100 Subject: [PATCH 165/170] add test for podman exec --env-file There was no test for this option, resuse existing podman run --env-file test for exec as well. Signed-off-by: Paul Holzinger --- test/system/300-cli-parsing.bats | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/test/system/300-cli-parsing.bats b/test/system/300-cli-parsing.bats index 83b9ebad9542..16110e60ef47 100644 --- a/test/system/300-cli-parsing.bats +++ b/test/system/300-cli-parsing.bats @@ -100,7 +100,7 @@ function _check_env { } -@test "podman run --env-file" { +@test "podman run/exec --env-file" { declare -A expect=( [simple]="abc" [special]="bcd#e!f|g hij=lmnop" @@ -116,7 +116,7 @@ function _check_env { # Write two files, so we confirm that podman can accept multiple values # and that the second will override the first - local envfile1="$PODMAN_TMPDIR/envfile-in-1" + local envfile1="$PODMAN_TMPDIR/envfile-in-1,withcomma" local envfile2="$PODMAN_TMPDIR/envfile-in-2" cat >$envfile1 </envresults' + + _check_env $resultsfile + + run_podman rm -f -t0 testctr } # Obscure feature: '--env FOO*' will pass all env starting with FOO From 952c7089066f38ace6c1cfff31918d98ebd3a2fa Mon Sep 17 00:00:00 2001 From: kaivol Date: Sun, 10 Dec 2023 14:16:08 +0100 Subject: [PATCH 166/170] added system test Signed-off-by: kaivol --- test/system/170-run-userns.bats | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/test/system/170-run-userns.bats b/test/system/170-run-userns.bats index 667648e5f78d..c4fcac3eda56 100644 --- a/test/system/170-run-userns.bats +++ b/test/system/170-run-userns.bats @@ -147,3 +147,12 @@ EOF is "${output}" "$user" "Container should run as the current user" run_podman rmi -f $(pause_image) } + +@test "podman userns=auto with id mapping" { + skip_if_not_rootless + run_podman unshare awk '{if(NR == 2){print $2}}' /proc/self/uid_map + first_id=$output + mapping=1:@$first_id:1 + run_podman run --rm --userns=auto:uidmapping=$mapping $IMAGE awk '{if($1 == 1){print $2}}' /proc/self/uid_map + assert "$output" == 1 +} From 6415471dcd8982a8b61b67d9a1b85833d8fcd99d Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Mon, 11 Dec 2023 06:28:21 -0700 Subject: [PATCH 167/170] EMERGENCY: fix broken CI Broken by #20827. Signed-off-by: Ed Santiago --- test/system/170-run-userns.bats | 1 + 1 file changed, 1 insertion(+) diff --git a/test/system/170-run-userns.bats b/test/system/170-run-userns.bats index c4fcac3eda56..1df350fbb30f 100644 --- a/test/system/170-run-userns.bats +++ b/test/system/170-run-userns.bats @@ -150,6 +150,7 @@ EOF @test "podman userns=auto with id mapping" { skip_if_not_rootless + skip_if_remote run_podman unshare awk '{if(NR == 2){print $2}}' /proc/self/uid_map first_id=$output mapping=1:@$first_id:1 From 36e29a843205e05acedd65b559757a49ffbdd19a Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Fri, 8 Dec 2023 14:41:39 -0600 Subject: [PATCH 168/170] Fix WSL machine test regressions WSL is unable to set or change CPU/memory settings. We should not test for them. Skip one test and filed issue #20978 Signed-off-by: Brent Baude --- .cirrus.yml | 2 +- pkg/machine/e2e/init_test.go | 2 +- pkg/machine/e2e/list_test.go | 3 +++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 1c1691caa15a..01668632f702 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -33,7 +33,7 @@ env: DEBIAN_NAME: "debian-13" # Image identifiers - IMAGE_SUFFIX: "c20231206t225809z-f39f38d13" + IMAGE_SUFFIX: "c20231208t193858z-f39f38d13" # EC2 images diff --git a/pkg/machine/e2e/init_test.go b/pkg/machine/e2e/init_test.go index 7c1608157878..db717e3a84dd 100644 --- a/pkg/machine/e2e/init_test.go +++ b/pkg/machine/e2e/init_test.go @@ -79,7 +79,7 @@ var _ = Describe("podman machine init", func() { testMachine := inspectBefore[0] Expect(testMachine.Name).To(Equal(mb.names[0])) - if testProvider.VMType() == machine.WSLVirt { // WSL hardware specs are hardcoded + if testProvider.VMType() != machine.WSLVirt { // WSL hardware specs are hardcoded Expect(testMachine.Resources.CPUs).To(Equal(uint64(cpus))) Expect(testMachine.Resources.Memory).To(Equal(uint64(2048))) } diff --git a/pkg/machine/e2e/list_test.go b/pkg/machine/e2e/list_test.go index 22592578f39e..4cdef055e9c9 100644 --- a/pkg/machine/e2e/list_test.go +++ b/pkg/machine/e2e/list_test.go @@ -80,6 +80,7 @@ var _ = Describe("podman machine list", func() { }) It("list machine: check if running while starting", func() { + skipIfWSL("the below logic does not work on WSL. #20978") i := new(initMachine) session, err := mb.setCmd(i.withImagePath(mb.imagePath)).run() Expect(err).ToNot(HaveOccurred()) @@ -91,6 +92,8 @@ var _ = Describe("podman machine list", func() { Expect(listSession).To(Exit(0)) Expect(listSession.outputToString()).To(Equal("Never")) + // The logic in this test stanza is seemingly invalid on WSL. + // issue #20978 reflects this change s := new(startMachine) startSession, err := mb.setCmd(s).runWithoutWait() Expect(err).ToNot(HaveOccurred()) From 95eb22c71c6f6be9098626c5e4e28dff7e83114b Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 7 Dec 2023 14:36:21 -0500 Subject: [PATCH 169/170] Support a machine-test only mode Because the podman machine tests normally run at the end of the chain, it's time consuming for developers to validate machine-only changes. Support a special CI runtime mode, only when a PR is marked as a draft. Update related documentation Also: Only run machine tests on PRs, never for branches or new tags. Signed-off-by: Chris Evich --- .cirrus.yml | 73 +++++++++++++++++++++++---------------- contrib/cirrus/CIModes.md | 20 ++++++++++- 2 files changed, 62 insertions(+), 31 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 1c1691caa15a..c7952373c3ff 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -286,7 +286,8 @@ bindings_task: only_if: >- $CIRRUS_PR != '' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' + $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:MACHINE.*' depends_on: - build gce_instance: *standardvm @@ -319,7 +320,9 @@ swagger_task: alias: swagger # Don't create task for [CI:BUILD] # Docs: ./contrib/cirrus/CIModes.md - only_if: $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' + only_if: | + $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:MACHINE.*' depends_on: - build gce_instance: *standardvm @@ -490,7 +493,8 @@ freebsd_alt_build_task: # Only run on 'main' and PRs against 'main' # Docs: ./contrib/cirrus/CIModes.md only_if: | - $CIRRUS_BRANCH == 'main' || $CIRRUS_BASE_BRANCH == 'main' + $CIRRUS_CHANGE_TITLE !=~ '.*CI:MACHINE.*' && + ( $CIRRUS_BRANCH == 'main' || $CIRRUS_BASE_BRANCH == 'main' ) depends_on: - build env: @@ -518,13 +522,14 @@ freebsd_alt_build_task: docker-py_test_task: name: Docker-py Compat. alias: docker-py_test - # Don't create task for tags, branches, or PRs w/ [CI:DOCS] or [CI:BUILD] + # Don't create task for tags, branches, or PRs w/ [CI:] # N/B: for PRs $CIRRUS_BRANCH == 'pull/' # Docs: ./contrib/cirrus/CIModes.md - only_if: ¬_tag_branch_build_docs >- + only_if: ¬_tag_branch_build_docs_machine >- $CIRRUS_PR != '' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' + $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:MACHINE.*' depends_on: - build @@ -544,7 +549,7 @@ unit_test_task: name: "Unit tests on $DISTRO_NV" alias: unit_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: - build - validate @@ -568,7 +573,7 @@ apiv2_test_task: name: "APIv2 test on $DISTRO_NV ($PRIV_NAME)" alias: apiv2_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: - build - validate @@ -594,7 +599,7 @@ compose_test_task: name: "$TEST_FLAVOR test on $DISTRO_NV ($PRIV_NAME)" alias: compose_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: - build - validate @@ -627,7 +632,7 @@ local_integration_test_task: &local_integration_test_task name: &std_name_fmt "$TEST_FLAVOR $PODBIN_NAME $DISTRO_NV $PRIV_NAME $TEST_ENVIRON ${CI_DESIRED_DATABASE}" alias: local_integration_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: &build_unit - build - unit_test @@ -666,7 +671,7 @@ container_integration_test_task: name: *std_name_fmt alias: container_integration_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: *build_unit matrix: &fedora_vm_axis - env: @@ -698,7 +703,7 @@ rootless_integration_test_task: name: *std_name_fmt alias: rootless_integration_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_branch_build_docs_machine depends_on: *build_unit matrix: *platform_axis gce_instance: *standardvm @@ -715,14 +720,15 @@ rootless_integration_test_task: podman_machine_task: name: *std_name_fmt alias: podman_machine - # Don't create task for tags, or if using [CI:DOCS], [CI:BUILD] + # Only run for PRs and never [CI:DOCS] or [CI:BUILD] # Docs: ./contrib/cirrus/CIModes.md - only_if: ¬_tag_build_docs >- - $CIRRUS_TAG == '' && + only_if: ¬_tag_branch_build_docs >- + $CIRRUS_PR != '' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' depends_on: - build + - validate - local_integration_test - remote_integration_test - container_integration_test @@ -747,7 +753,7 @@ podman_machine_task: podman_machine_aarch64_task: name: *std_name_fmt alias: podman_machine_aarch64 - only_if: *not_tag_build_docs + only_if: *not_tag_branch_build_docs depends_on: - build_aarch64 - validate_aarch64 @@ -775,11 +781,7 @@ podman_machine_windows_task: alias: podman_machine_windows # Only run for non-docs/copr PRs and non-release branch builds # and never for tags. Docs: ./contrib/cirrus/CIModes.md - only_if: >- - $CIRRUS_TAG == '' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_BRANCH !=~ 'v[0-9\.]+-rhel' && - $CIRRUS_BASE_BRANCH !=~ 'v[0-9\.]+-rhel' + only_if: *not_tag_branch_build_docs depends_on: - alt_build - build @@ -805,7 +807,7 @@ podman_machine_windows_task: podman_machine_mac_task: name: *std_name_fmt alias: podman_machine_mac - only_if: *no_rhel_release + only_if: *not_tag_branch_build_docs depends_on: - osx_alt_build - local_integration_test @@ -853,7 +855,13 @@ podman_machine_mac_task: local_system_test_task: &local_system_test_task name: *std_name_fmt alias: local_system_test - only_if: *not_tag_build_docs + # Don't create task for tags, or if using [CI:*] magic + # Docs: ./contrib/cirrus/CIModes.md + only_if: ¬_tag_magic >- + $CIRRUS_TAG == '' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' && + $CIRRUS_CHANGE_TITLE !=~ '.*CI:MACHINE.*' depends_on: *build_unit matrix: *platform_axis gce_instance: *standardvm @@ -870,7 +878,7 @@ local_system_test_aarch64_task: &local_system_test_task_aarch64 alias: local_system_test_aarch64 # Don't create task for tags, or if using [CI:DOCS], [CI:BUILD] # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs + only_if: *not_tag_magic depends_on: - build_aarch64 - validate_aarch64 @@ -925,7 +933,7 @@ rootless_system_test_task: name: *std_name_fmt alias: rootless_system_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs + only_if: *not_tag_magic depends_on: *build_unit matrix: *platform_axis gce_instance: *standardvm @@ -941,7 +949,7 @@ minikube_test_task: name: *std_name_fmt alias: minikube_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs + only_if: *not_tag_magic depends_on: - build - rootless_system_test @@ -959,7 +967,7 @@ farm_test_task: name: *std_name_fmt alias: farm_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs + only_if: *not_tag_magic depends_on: - build - rootless_system_test @@ -977,7 +985,7 @@ buildah_bud_test_task: name: *std_name_fmt alias: buildah_bud_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_magic depends_on: - build - local_integration_test @@ -1000,7 +1008,7 @@ upgrade_test_task: name: "Upgrade test: from $PODMAN_UPGRADE_FROM" alias: upgrade_test # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs + only_if: *not_tag_magic depends_on: - build - local_system_test @@ -1114,7 +1122,12 @@ success_task: CTR_FQIN: ${FEDORA_CONTAINER_FQIN} TEST_ENVIRON: container clone_script: *noop - script: *noop + script: | + if [[ "$CIRRUS_CHANGE_TITLE" =~ CI:MACHINE ]] && [[ -n "$CIRRUS_PR" ]]; then + echo "Error: Risk of untested change merge." + echo "Please remove [CI:MACHINE] from title." + exit 1 + fi # WARNING: Most of the artifacts captured here are also have their # permalinks present in the `DOWNLOADS.md` file. Any changes made diff --git a/contrib/cirrus/CIModes.md b/contrib/cirrus/CIModes.md index cf83ca6d30e1..93dafb904f69 100644 --- a/contrib/cirrus/CIModes.md +++ b/contrib/cirrus/CIModes.md @@ -86,7 +86,25 @@ of this document, it's not possible to override the behavior of `$CIRRUS_PR`. + *alt_build* + osx_alt_build + freebsd_alt_build -+ test_image_build ++ meta ++ success ++ artifacts + +### Intended `[CI:MACHINE]` PR Tasks: + +If and only if the PR is in **draft-mode**, run only the following +tasks. The draft-mode check is necessary to remove the risk of +merging a change that affects the untested aspects of podman. + ++ *build* ++ validate ++ *alt_build* ++ win_installer ++ osx_alt_build ++ podman_machine_task ++ podman_machine_aarch64_task ++ podman_machine_windows_task ++ podman_machine_mac_task + meta + success + artifacts From e5a4f00b7d1a15441f1d42a0cbabd6339f746ad8 Mon Sep 17 00:00:00 2001 From: Brent Baude Date: Wed, 22 Nov 2023 07:59:25 -0600 Subject: [PATCH 170/170] Podman 5 machine config file - Step 1 The following PR is the very first step in what will a series of steps to apply a "common" machine configuration file to all providers. Function names, method names, struct names, and field names are all up for debate. The purpose of this PR is to offer a glimpse at the direction we intend to take. This PR also contains temporary structs (i.e. aThing) that are not exported. These are merely placeholders. The configuration work in this PR is also unused of yet. But the code is compiled. Once merged, we can begin the next step of development. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude --- cmd/podman/compose.go | 3 +- pkg/machine/applehv/config.go | 11 +- pkg/machine/applehv/machine.go | 55 ++-- .../applehv/{rest.go => vfkit/config.go} | 36 +-- .../applehv/{rest_config.go => vfkit/rest.go} | 14 +- pkg/machine/config.go | 66 +---- pkg/machine/define/config.go | 3 + pkg/machine/define/state.go | 15 ++ pkg/machine/e2e/init_test.go | 3 +- pkg/machine/e2e/start_test.go | 6 +- pkg/machine/hyperv/config.go | 10 +- pkg/machine/hyperv/machine.go | 52 ++-- pkg/machine/hyperv/{ => vsock}/vsock.go | 7 +- pkg/machine/ignition.go | 22 +- pkg/machine/qemu/command.go | 106 -------- pkg/machine/qemu/command/command.go | 236 ++++++++++++++++++ pkg/machine/qemu/command/command_test.go | 94 +++++++ .../qemu/{ => command}/qemu_command_test.go | 2 +- pkg/machine/qemu/config.go | 77 +----- pkg/machine/qemu/config_test.go | 16 +- pkg/machine/qemu/machine.go | 104 +++----- pkg/machine/qemu/machine_test.go | 91 +------ pkg/machine/{ => sockets}/sockets.go | 2 +- pkg/machine/vmconfigs/config.go | 142 +++++++++++ pkg/machine/vmconfigs/config_darwin.go | 15 ++ pkg/machine/vmconfigs/config_freebsd.go | 7 + pkg/machine/vmconfigs/config_linux.go | 14 ++ pkg/machine/vmconfigs/config_windows.go | 21 ++ pkg/machine/volumes.go | 6 +- pkg/machine/wsl/machine.go | 13 +- 30 files changed, 721 insertions(+), 528 deletions(-) rename pkg/machine/applehv/{rest.go => vfkit/config.go} (71%) rename pkg/machine/applehv/{rest_config.go => vfkit/rest.go} (85%) create mode 100644 pkg/machine/define/config.go create mode 100644 pkg/machine/define/state.go rename pkg/machine/hyperv/{ => vsock}/vsock.go (98%) delete mode 100644 pkg/machine/qemu/command.go create mode 100644 pkg/machine/qemu/command/command.go create mode 100644 pkg/machine/qemu/command/command_test.go rename pkg/machine/qemu/{ => command}/qemu_command_test.go (99%) rename pkg/machine/{ => sockets}/sockets.go (99%) create mode 100644 pkg/machine/vmconfigs/config.go create mode 100644 pkg/machine/vmconfigs/config_darwin.go create mode 100644 pkg/machine/vmconfigs/config_freebsd.go create mode 100644 pkg/machine/vmconfigs/config_linux.go create mode 100644 pkg/machine/vmconfigs/config_windows.go diff --git a/cmd/podman/compose.go b/cmd/podman/compose.go index 5f4bc64d6f8e..5dff6150dcd2 100644 --- a/cmd/podman/compose.go +++ b/cmd/podman/compose.go @@ -19,6 +19,7 @@ import ( "github.com/containers/podman/v4/cmd/podman/registry" "github.com/containers/podman/v4/pkg/errorhandling" "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/define" "github.com/containers/podman/v4/pkg/machine/provider" "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -184,7 +185,7 @@ func composeDockerHost() (string, error) { if err != nil { return "", fmt.Errorf("inspecting machine: %w", err) } - if info.State != machine.Running { + if info.State != define.Running { return "", fmt.Errorf("machine %s is not running but in state %s", item.Name, info.State) } if machineProvider.VMType() == machine.WSLVirt { diff --git a/pkg/machine/applehv/config.go b/pkg/machine/applehv/config.go index c04b43e22a04..91e5cc899abe 100644 --- a/pkg/machine/applehv/config.go +++ b/pkg/machine/applehv/config.go @@ -13,6 +13,7 @@ import ( "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/compression" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" vfConfig "github.com/crc-org/vfkit/pkg/config" "github.com/docker/go-units" "golang.org/x/sys/unix" @@ -76,10 +77,10 @@ func (v AppleHVVirtualization) List(opts machine.ListOptions) ([]*machine.ListRe } for _, mm := range mms { - vmState, err := mm.Vfkit.state() + vmState, err := mm.Vfkit.State() if err != nil { if errors.Is(err, unix.ECONNREFUSED) { - vmState = machine.Stopped + vmState = define.Stopped } else { return nil, err } @@ -89,8 +90,8 @@ func (v AppleHVVirtualization) List(opts machine.ListOptions) ([]*machine.ListRe Name: mm.Name, CreatedAt: mm.Created, LastUp: mm.LastUp, - Running: vmState == machine.Running, - Starting: vmState == machine.Starting, + Running: vmState == define.Running, + Starting: vmState == define.Starting, Stream: mm.ImageStream, VMType: machine.AppleHvVirt.String(), CPUs: mm.CPUs, @@ -140,7 +141,7 @@ func (v AppleHVVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, // Set creation time m.Created = time.Now() - m.ResourceConfig = machine.ResourceConfig{ + m.ResourceConfig = vmconfigs.ResourceConfig{ CPUs: opts.CPUS, DiskSize: opts.DiskSize, // Diskpath will be needed diff --git a/pkg/machine/applehv/machine.go b/pkg/machine/applehv/machine.go index 6e628c873b60..c3f8d812fc38 100644 --- a/pkg/machine/applehv/machine.go +++ b/pkg/machine/applehv/machine.go @@ -21,7 +21,10 @@ import ( "github.com/containers/common/pkg/config" gvproxy "github.com/containers/gvisor-tap-vsock/pkg/types" "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/applehv/vfkit" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/sockets" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/podman/v4/pkg/strongunits" "github.com/containers/podman/v4/pkg/util" "github.com/containers/podman/v4/utils" @@ -43,14 +46,6 @@ const ( apiUpTimeout = 20 * time.Second ) -// VfkitHelper describes the use of vfkit: cmdline and endpoint -type VfkitHelper struct { - LogLevel logrus.Level - Endpoint string - VfkitBinaryPath *define.VMFile - VirtualMachine *vfConfig.VirtualMachine -} - // appleHVReadyUnit is a unit file that sets up the virtual serial device // where when the VM is done configuring, it will send an ack // so a listening host knows it can begin interacting with it @@ -71,19 +66,19 @@ type MacMachine struct { // ConfigPath is the fully qualified path to the configuration file ConfigPath define.VMFile // HostUser contains info about host user - machine.HostUser + vmconfigs.HostUser // ImageConfig describes the bootable image machine.ImageConfig // Mounts is the list of remote filesystems to mount - Mounts []machine.Mount + Mounts []vmconfigs.Mount // Name of VM Name string // ReadySocket tells host when vm is booted ReadySocket define.VMFile // ResourceConfig is physical attrs of the VM - machine.ResourceConfig + vmconfigs.ResourceConfig // SSHConfig for accessing the remote vm - machine.SSHConfig + vmconfigs.SSHConfig // Starting tells us whether the machine is running or if we have just dialed it to start it Starting bool // Created contains the original created time instead of querying the file mod time @@ -91,7 +86,7 @@ type MacMachine struct { // LastUp contains the last recorded uptime LastUp time.Time // The VFKit endpoint where we can interact with the VM - Vfkit VfkitHelper + Vfkit vfkit.VfkitHelper LogPath define.VMFile GvProxyPid define.VMFile GvProxySock define.VMFile @@ -108,7 +103,7 @@ func (m *MacMachine) setGVProxyInfo(runtimeDir string) error { } m.GvProxyPid = *gvProxyPid - return machine.SetSocket(&m.GvProxySock, filepath.Join(runtimeDir, "gvproxy.sock"), nil) + return sockets.SetSocket(&m.GvProxySock, filepath.Join(runtimeDir, "gvproxy.sock"), nil) } // setVfkitInfo stores the default devices, sets the vfkit endpoint, and @@ -138,7 +133,7 @@ func (m *MacMachine) setVfkitInfo(cfg *config.Config, readySocket define.VMFile) // addMountsToVM converts the volumes passed through the CLI to virtio-fs mounts // and adds them to the machine func (m *MacMachine) addMountsToVM(opts machine.InitOptions, virtiofsMnts *[]machine.VirtIoFs) error { - var mounts []machine.Mount + var mounts []vmconfigs.Mount for _, volume := range opts.Volumes { source, target, _, readOnly, err := machine.ParseVolumeFromPath(volume) if err != nil { @@ -202,7 +197,7 @@ func (m *MacMachine) Init(opts machine.InitOptions) (bool, error) { return false, err } - if err := machine.SetSocket(&m.ReadySocket, machine.ReadySocketPath(runtimeDir, m.Name), nil); err != nil { + if err := sockets.SetSocket(&m.ReadySocket, sockets.ReadySocketPath(runtimeDir, m.Name), nil); err != nil { return false, err } @@ -305,7 +300,7 @@ func (m *MacMachine) removeSystemConnections() error { } func (m *MacMachine) Inspect() (*machine.InspectInfo, error) { - vmState, err := m.Vfkit.state() + vmState, err := m.Vfkit.State() if err != nil { return nil, err } @@ -329,7 +324,7 @@ func (m *MacMachine) Inspect() (*machine.InspectInfo, error) { }, LastUp: m.LastUp, Name: m.Name, - Resources: machine.ResourceConfig{ + Resources: vmconfigs.ResourceConfig{ CPUs: m.CPUs, DiskSize: m.DiskSize, Memory: m.Memory, @@ -367,16 +362,16 @@ func (m *MacMachine) Remove(name string, opts machine.RemoveOptions) (string, fu m.lock.Lock() defer m.lock.Unlock() - vmState, err := m.Vfkit.state() + vmState, err := m.Vfkit.State() if err != nil { return "", nil, err } - if vmState == machine.Running { + if vmState == define.Running { if !opts.Force { return "", nil, &machine.ErrVMRunningCannotDestroyed{Name: m.Name} } - if err := m.Vfkit.stop(true, true); err != nil { + if err := m.Vfkit.Stop(true, true); err != nil { return "", nil, err } defer func() { @@ -430,7 +425,7 @@ func (m *MacMachine) Set(name string, opts machine.SetOptions) ([]error, error) if err != nil { return nil, err } - if vmState != machine.Stopped { + if vmState != define.Stopped { return nil, machine.ErrWrongState } if cpus := opts.CPUs; cpus != nil { @@ -473,7 +468,7 @@ func (m *MacMachine) SSH(name string, opts machine.SSHOptions) error { if err != nil { return err } - if st != machine.Running { + if st != define.Running { return fmt.Errorf("vm %q is not running", m.Name) } username := opts.Username @@ -561,7 +556,7 @@ func (m *MacMachine) Start(name string, opts machine.StartOptions) error { return err } - if st == machine.Running { + if st == define.Running { return machine.ErrVMAlreadyRunning } @@ -664,7 +659,7 @@ func (m *MacMachine) Start(name string, opts machine.StartOptions) error { logrus.Debug("waiting for ready notification") readyChan := make(chan error) - go machine.ListenAndWaitOnSocket(readyChan, readyListen) + go sockets.ListenAndWaitOnSocket(readyChan, readyListen) if err := cmd.Start(); err != nil { return err @@ -715,8 +710,8 @@ func (m *MacMachine) Start(name string, opts machine.StartOptions) error { return nil } -func (m *MacMachine) State(_ bool) (machine.Status, error) { - vmStatus, err := m.Vfkit.state() +func (m *MacMachine) State(_ bool) (define.Status, error) { + vmStatus, err := m.Vfkit.State() if err != nil { return "", err } @@ -732,7 +727,7 @@ func (m *MacMachine) Stop(name string, opts machine.StopOptions) error { return err } - if vmState != machine.Running { + if vmState != define.Running { return nil } @@ -742,7 +737,7 @@ func (m *MacMachine) Stop(name string, opts machine.StopOptions) error { } }() - return m.Vfkit.stop(false, true) + return m.Vfkit.Stop(false, true) } // getVMConfigPath is a simple wrapper for getting the fully-qualified @@ -845,7 +840,7 @@ func getVMInfos() ([]*machine.ListResponse, error) { if err != nil { return err } - listEntry.Running = vmState == machine.Running + listEntry.Running = vmState == define.Running listEntry.LastUp = vm.LastUp listed = append(listed, listEntry) diff --git a/pkg/machine/applehv/rest.go b/pkg/machine/applehv/vfkit/config.go similarity index 71% rename from pkg/machine/applehv/rest.go rename to pkg/machine/applehv/vfkit/config.go index a96834541f4e..b3fa72accc62 100644 --- a/pkg/machine/applehv/rest.go +++ b/pkg/machine/applehv/vfkit/config.go @@ -1,7 +1,7 @@ //go:build darwin // +build darwin -package applehv +package vfkit import ( "bytes" @@ -12,14 +12,13 @@ import ( "net/http" "time" - "github.com/containers/podman/v4/pkg/machine" - "github.com/crc-org/vfkit/pkg/rest/define" + "github.com/containers/podman/v4/pkg/machine/define" + "github.com/crc-org/vfkit/pkg/config" + rest "github.com/crc-org/vfkit/pkg/rest/define" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) -type Endpoint string - const ( inspect = "/vm/inspect" state = "/vm/state" @@ -45,8 +44,8 @@ func (vf *VfkitHelper) post(endpoint string, payload io.Reader) (*http.Response, } // getRawState asks vfkit for virtual machine state unmodified (see state()) -func (vf *VfkitHelper) getRawState() (machine.Status, error) { - var response define.VMState +func (vf *VfkitHelper) getRawState() (define.Status, error) { + var response rest.VMState endPoint := vf.Endpoint + state serverResponse, err := vf.get(endPoint, nil) if err != nil { @@ -60,25 +59,24 @@ func (vf *VfkitHelper) getRawState() (machine.Status, error) { return "", err } return ToMachineStatus(response.State) - } // state asks vfkit for the virtual machine state. in case the vfkit // service is not responding, we assume the service is not running // and return a stopped status -func (vf *VfkitHelper) state() (machine.Status, error) { +func (vf *VfkitHelper) State() (define.Status, error) { vmState, err := vf.getRawState() if err == nil { return vmState, err } if errors.Is(err, unix.ECONNREFUSED) { - return machine.Stopped, nil + return define.Stopped, nil } return "", err } -func (vf *VfkitHelper) stateChange(newState define.StateChange) error { - b, err := json.Marshal(define.VMState{State: string(newState)}) +func (vf *VfkitHelper) stateChange(newState rest.StateChange) error { + b, err := json.Marshal(rest.VMState{State: string(newState)}) if err != nil { return err } @@ -87,15 +85,15 @@ func (vf *VfkitHelper) stateChange(newState define.StateChange) error { return err } -func (vf *VfkitHelper) stop(force, wait bool) error { +func (vf *VfkitHelper) Stop(force, wait bool) error { waitDuration := time.Millisecond * 10 // TODO Add ability to wait until stopped if force { - if err := vf.stateChange(define.HardStop); err != nil { + if err := vf.stateChange(rest.HardStop); err != nil { return err } } else { - if err := vf.stateChange(define.Stop); err != nil { + if err := vf.stateChange(rest.Stop); err != nil { return err } } @@ -116,3 +114,11 @@ func (vf *VfkitHelper) stop(force, wait bool) error { } return waitErr } + +// VfkitHelper describes the use of vfkit: cmdline and endpoint +type VfkitHelper struct { + LogLevel logrus.Level + Endpoint string + VfkitBinaryPath *define.VMFile + VirtualMachine *config.VirtualMachine +} diff --git a/pkg/machine/applehv/rest_config.go b/pkg/machine/applehv/vfkit/rest.go similarity index 85% rename from pkg/machine/applehv/rest_config.go rename to pkg/machine/applehv/vfkit/rest.go index 944e72d539a9..b365310a2c84 100644 --- a/pkg/machine/applehv/rest_config.go +++ b/pkg/machine/applehv/vfkit/rest.go @@ -1,15 +1,17 @@ //go:build darwin // +build darwin -package applehv +package vfkit import ( "errors" "fmt" - "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/define" ) +type Endpoint string + // VZMachineState is what the restful service in vfkit will return type VZMachineState string @@ -26,14 +28,14 @@ const ( VZMachineStateStopping VZMachineState = "VirtualMachineStateStopping" ) -func ToMachineStatus(val string) (machine.Status, error) { +func ToMachineStatus(val string) (define.Status, error) { switch val { case string(VZMachineStateRunning), string(VZMachineStatePausing), string(VZMachineStateResuming), string(VZMachineStateStopping), string(VZMachineStatePaused): - return machine.Running, nil + return define.Running, nil case string(VZMachineStateStopped): - return machine.Stopped, nil + return define.Stopped, nil case string(VZMachineStateStarting): - return machine.Starting, nil + return define.Starting, nil case string(VZMachineStateError): return "", errors.New("machine is in error state") } diff --git a/pkg/machine/config.go b/pkg/machine/config.go index b4324e875596..12383aa68833 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -18,6 +18,7 @@ import ( "github.com/containers/common/pkg/machine" "github.com/containers/podman/v4/pkg/machine/compression" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/storage/pkg/homedir" "github.com/containers/storage/pkg/lockfile" "github.com/sirupsen/logrus" @@ -43,17 +44,7 @@ type InitOptions struct { USBs []string } -type Status = string - const ( - // Running indicates the qemu vm is running. - Running Status = "running" - // Stopped indicates the vm has stopped. - Stopped Status = "stopped" - // Starting indicated the vm is in the process of starting - Starting Status = "starting" - // Unknown means the state is not known - Unknown Status = "unknown" DefaultMachineName string = "podman-machine-default" apiUpTimeout = 20 * time.Second ) @@ -139,7 +130,7 @@ type VM interface { Set(name string, opts SetOptions) ([]error, error) SSH(name string, opts SSHOptions) error Start(name string, opts StartOptions) error - State(bypass bool) (Status, error) + State(bypass bool) (define.Status, error) Stop(name string, opts StopOptions) error } @@ -173,9 +164,9 @@ type InspectInfo struct { Image ImageConfig LastUp time.Time Name string - Resources ResourceConfig - SSHConfig SSHConfig - State Status + Resources vmconfigs.ResourceConfig + SSHConfig vmconfigs.SSHConfig + State define.Status UserModeNetworking bool Rootful bool } @@ -274,33 +265,6 @@ func ConfDirPrefix() (string, error) { return confDir, nil } -type USBConfig struct { - Bus string - DevNumber string - Vendor int - Product int -} - -// ResourceConfig describes physical attributes of the machine -type ResourceConfig struct { - // CPUs to be assigned to the VM - CPUs uint64 - // Disk size in gigabytes assigned to the vm - DiskSize uint64 - // Memory in megabytes assigned to the vm - Memory uint64 - // Usbs - USBs []USBConfig -} - -type Mount struct { - ReadOnly bool - Source string - Tag string - Target string - Type string -} - // ImageConfig describes the bootable image for the VM type ImageConfig struct { // IgnitionFile is the path to the filesystem where the @@ -312,26 +276,6 @@ type ImageConfig struct { ImagePath define.VMFile `json:"ImagePath"` } -// HostUser describes the host user -type HostUser struct { - // Whether this machine should run in a rootful or rootless manner - Rootful bool - // UID is the numerical id of the user that called machine - UID int - // Whether one of these fields has changed and actions should be taken - Modified bool `json:"HostUserModified"` -} - -// SSHConfig contains remote access information for SSH -type SSHConfig struct { - // IdentityPath is the fq path to the ssh priv key - IdentityPath string - // SSH port for user networking - Port int - // RemoteUsername of the vm user - RemoteUsername string -} - // ConnectionConfig contains connections like sockets, etc. type ConnectionConfig struct { // PodmanSocket is the exported podman service socket diff --git a/pkg/machine/define/config.go b/pkg/machine/define/config.go new file mode 100644 index 000000000000..ba98908be1b5 --- /dev/null +++ b/pkg/machine/define/config.go @@ -0,0 +1,3 @@ +package define + +const UserCertsTargetPath = "/etc/containers/certs.d" diff --git a/pkg/machine/define/state.go b/pkg/machine/define/state.go new file mode 100644 index 000000000000..1817803466ba --- /dev/null +++ b/pkg/machine/define/state.go @@ -0,0 +1,15 @@ +package define + +type Status = string + +// Running indicates the qemu vm is running. +const Running Status = "running" + +// Stopped indicates the vm has stopped. +const Stopped Status = "stopped" + +// Starting indicated the vm is in the process of starting +const Starting Status = "starting" + +// Unknown means the state is not known +const Unknown Status = "unknown" diff --git a/pkg/machine/e2e/init_test.go b/pkg/machine/e2e/init_test.go index db717e3a84dd..4aab92446683 100644 --- a/pkg/machine/e2e/init_test.go +++ b/pkg/machine/e2e/init_test.go @@ -9,6 +9,7 @@ import ( "time" "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/define" "github.com/containers/podman/v4/utils" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" @@ -108,7 +109,7 @@ var _ = Describe("podman machine init", func() { Expect(ec).To(BeZero()) Expect(inspectBefore).ToNot(BeEmpty()) Expect(inspectAfter).ToNot(BeEmpty()) - Expect(inspectAfter[0].State).To(Equal(machine.Running)) + Expect(inspectAfter[0].State).To(Equal(define.Running)) if isWSL() { // WSL does not use FCOS return diff --git a/pkg/machine/e2e/start_test.go b/pkg/machine/e2e/start_test.go index b62ff9396f97..d1001a45d259 100644 --- a/pkg/machine/e2e/start_test.go +++ b/pkg/machine/e2e/start_test.go @@ -1,7 +1,7 @@ package e2e_test import ( - "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/define" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" . "github.com/onsi/gomega/gexec" @@ -32,7 +32,7 @@ var _ = Describe("podman machine start", func() { info, ec, err := mb.toQemuInspectInfo() Expect(err).ToNot(HaveOccurred()) Expect(ec).To(BeZero()) - Expect(info[0].State).To(Equal(machine.Running)) + Expect(info[0].State).To(Equal(define.Running)) stop := new(stopMachine) stopSession, err := mb.setCmd(stop).run() @@ -77,7 +77,7 @@ var _ = Describe("podman machine start", func() { info, ec, err := mb.toQemuInspectInfo() Expect(err).ToNot(HaveOccurred()) Expect(ec).To(BeZero()) - Expect(info[0].State).To(Equal(machine.Running)) + Expect(info[0].State).To(Equal(define.Running)) startSession, err = mb.setCmd(s).run() Expect(err).ToNot(HaveOccurred()) diff --git a/pkg/machine/hyperv/config.go b/pkg/machine/hyperv/config.go index af4e47ccdaf0..8b8d2336cee0 100644 --- a/pkg/machine/hyperv/config.go +++ b/pkg/machine/hyperv/config.go @@ -286,14 +286,14 @@ func handlePrevError(e, prevErr error) error { return e } -func stateConversion(s hypervctl.EnabledState) (machine.Status, error) { +func stateConversion(s hypervctl.EnabledState) (define.Status, error) { switch s { case hypervctl.Enabled: - return machine.Running, nil + return define.Running, nil case hypervctl.Disabled: - return machine.Stopped, nil + return define.Stopped, nil case hypervctl.Starting: - return machine.Starting, nil + return define.Starting, nil } - return machine.Unknown, fmt.Errorf("unknown state: %q", s.String()) + return define.Unknown, fmt.Errorf("unknown state: %q", s.String()) } diff --git a/pkg/machine/hyperv/machine.go b/pkg/machine/hyperv/machine.go index aa5c8a2ebcb9..272bf04ebb34 100644 --- a/pkg/machine/hyperv/machine.go +++ b/pkg/machine/hyperv/machine.go @@ -21,6 +21,8 @@ import ( "github.com/containers/libhvee/pkg/hypervctl" "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/hyperv/vsock" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/podman/v4/pkg/strongunits" "github.com/containers/podman/v4/pkg/util" "github.com/containers/podman/v4/utils" @@ -99,21 +101,21 @@ type HyperVMachine struct { // ConfigPath is the fully qualified path to the configuration file ConfigPath define.VMFile // HostUser contains info about host user - machine.HostUser + vmconfigs.HostUser // ImageConfig describes the bootable image machine.ImageConfig // Mounts is the list of remote filesystems to mount - Mounts []machine.Mount + Mounts []vmconfigs.Mount // Name of VM Name string // NetworkVSock is for the user networking - NetworkHVSock HVSockRegistryEntry + NetworkHVSock vsock.HVSockRegistryEntry // ReadySocket tells host when vm is booted - ReadyHVSock HVSockRegistryEntry + ReadyHVSock vsock.HVSockRegistryEntry // ResourceConfig is physical attrs of the VM - machine.ResourceConfig + vmconfigs.ResourceConfig // SSHConfig for accessing the remote vm - machine.SSHConfig + vmconfigs.SSHConfig // Starting tells us whether the machine is running or if we have just dialed it to start it Starting bool // Created contains the original created time instead of querying the file mod time @@ -132,11 +134,11 @@ type HyperVMachine struct { // addNetworkAndReadySocketsToRegistry adds the Network and Ready sockets to the // Windows registry func (m *HyperVMachine) addNetworkAndReadySocketsToRegistry() error { - networkHVSock, err := NewHVSockRegistryEntry(m.Name, Network) + networkHVSock, err := vsock.NewHVSockRegistryEntry(m.Name, vsock.Network) if err != nil { return err } - eventHVSocket, err := NewHVSockRegistryEntry(m.Name, Events) + eventHVSocket, err := vsock.NewHVSockRegistryEntry(m.Name, vsock.Events) if err != nil { return err } @@ -185,7 +187,7 @@ func (m *HyperVMachine) Init(opts machine.InitOptions) (bool, error) { // around to those, would be another : after that. // TODO: Need to support options here for _, mount := range opts.Volumes { - newMount := machine.Mount{} + newMount := vmconfigs.Mount{} splitMount := strings.Split(mount, ":") if len(splitMount) < 3 { @@ -242,7 +244,7 @@ func (m *HyperVMachine) Init(opts machine.InitOptions) (bool, error) { callbackFuncs.Add(m.removeSSHKeys) } - m.ResourceConfig = machine.ResourceConfig{ + m.ResourceConfig = vmconfigs.ResourceConfig{ CPUs: opts.CPUS, DiskSize: opts.DiskSize, Memory: opts.Memory, @@ -367,7 +369,7 @@ func (m *HyperVMachine) Inspect() (*machine.InspectInfo, error) { }, LastUp: m.LastUp, Name: m.Name, - Resources: machine.ResourceConfig{ + Resources: vmconfigs.ResourceConfig{ CPUs: uint64(cfg.Hardware.CPUs), DiskSize: 0, Memory: cfg.Hardware.Memory, @@ -543,7 +545,7 @@ func (m *HyperVMachine) SSH(name string, opts machine.SSHOptions) error { if err != nil { return err } - if state != machine.Running { + if state != define.Running { return fmt.Errorf("vm %q is not running", m.Name) } @@ -614,21 +616,21 @@ func (m *HyperVMachine) Start(name string, opts machine.StartOptions) error { return m.writeConfig() } -func (m *HyperVMachine) State(_ bool) (machine.Status, error) { +func (m *HyperVMachine) State(_ bool) (define.Status, error) { vmm := hypervctl.NewVirtualMachineManager() vm, err := vmm.GetMachine(m.Name) if err != nil { return "", err } if vm.IsStarting() { - return machine.Starting, nil + return define.Starting, nil } if vm.State() == hypervctl.Enabled { - return machine.Running, nil + return define.Running, nil } // Following QEMU pattern here where only three // states seem valid - return machine.Stopped, nil + return define.Stopped, nil } func (m *HyperVMachine) Stop(name string, opts machine.StopOptions) error { @@ -911,19 +913,19 @@ func (m *HyperVMachine) createShares() (_ map[string]uint64, defErr error) { toReturn := make(map[string]uint64) for _, mount := range m.Mounts { - var vsock *HVSockRegistryEntry + var hvSock *vsock.HVSockRegistryEntry vsockNum, ok := m.MountVsocks[mount.Target] if ok { // Ignore errors here, we'll just try and recreate the // vsock below. - testVsock, err := LoadHVSockRegistryEntry(vsockNum) + testVsock, err := vsock.LoadHVSockRegistryEntry(vsockNum) if err == nil { - vsock = testVsock + hvSock = testVsock } } - if vsock == nil { - testVsock, err := NewHVSockRegistryEntry(m.Name, Fileserver) + if hvSock == nil { + testVsock, err := vsock.NewHVSockRegistryEntry(m.Name, vsock.Fileserver) if err != nil { return nil, err } @@ -934,12 +936,12 @@ func (m *HyperVMachine) createShares() (_ map[string]uint64, defErr error) { } } }() - vsock = testVsock + hvSock = testVsock } - logrus.Debugf("Going to share directory %s via 9p on vsock %d", mount.Source, vsock.Port) + logrus.Debugf("Going to share directory %s via 9p on vsock %d", mount.Source, hvSock.Port) - toReturn[mount.Target] = vsock.Port + toReturn[mount.Target] = hvSock.Port } return toReturn, nil @@ -955,7 +957,7 @@ func (m *HyperVMachine) removeShares() error { continue } - vsock, err := LoadHVSockRegistryEntry(vsockNum) + vsock, err := vsock.LoadHVSockRegistryEntry(vsockNum) if err != nil { logrus.Debugf("Vsock %d for mountpoint %s does not have a valid registry entry, skipping removal", vsockNum, mount.Target) continue diff --git a/pkg/machine/hyperv/vsock.go b/pkg/machine/hyperv/vsock/vsock.go similarity index 98% rename from pkg/machine/hyperv/vsock.go rename to pkg/machine/hyperv/vsock/vsock.go index 178694002f94..f4789201bbe6 100644 --- a/pkg/machine/hyperv/vsock.go +++ b/pkg/machine/hyperv/vsock/vsock.go @@ -1,7 +1,7 @@ //go:build windows // +build windows -package hyperv +package vsock import ( "errors" @@ -9,8 +9,9 @@ import ( "net" "strings" + "github.com/containers/podman/v4/pkg/machine/sockets" + "github.com/Microsoft/go-winio" - "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/utils" "github.com/sirupsen/logrus" "golang.org/x/sys/windows/registry" @@ -274,7 +275,7 @@ func (hv *HVSockRegistryEntry) Listen() error { }() errChan := make(chan error) - go machine.ListenAndWaitOnSocket(errChan, listener) + go sockets.ListenAndWaitOnSocket(errChan, listener) return <-errChan } diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 9eaafe2faf1b..dc6ef0523069 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -10,10 +10,7 @@ import ( "net/url" "os" "path/filepath" - "strings" - "github.com/containers/common/libnetwork/etchosts" - "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/pkg/machine/define" "github.com/sirupsen/logrus" ) @@ -28,7 +25,6 @@ import ( */ const ( - UserCertsTargetPath = "/etc/containers/certs.d" PodmanDockerTmpConfPath = "/etc/tmpfiles.d/podman-docker.conf" ) @@ -615,7 +611,7 @@ func prepareCertFile(path string, name string) (File, error) { return File{}, err } - targetPath := filepath.Join(UserCertsTargetPath, name) + targetPath := filepath.Join(define.UserCertsTargetPath, name) logrus.Debugf("Copying cert file from '%s' to '%s'.", path, targetPath) @@ -636,22 +632,6 @@ func prepareCertFile(path string, name string) (File, error) { return file, nil } -func GetProxyVariables() map[string]string { - proxyOpts := make(map[string]string) - for _, variable := range config.ProxyEnv { - if value, ok := os.LookupEnv(variable); ok { - if value == "" { - continue - } - - v := strings.ReplaceAll(value, "127.0.0.1", etchosts.HostContainersInternal) - v = strings.ReplaceAll(v, "localhost", etchosts.HostContainersInternal) - proxyOpts[variable] = v - } - } - return proxyOpts -} - func getLinks(usrName string) []Link { return []Link{{ Node: Node{ diff --git a/pkg/machine/qemu/command.go b/pkg/machine/qemu/command.go deleted file mode 100644 index c8dc3151063c..000000000000 --- a/pkg/machine/qemu/command.go +++ /dev/null @@ -1,106 +0,0 @@ -package qemu - -import ( - "fmt" - "strconv" - - "github.com/containers/podman/v4/pkg/machine" - "github.com/containers/podman/v4/pkg/machine/define" -) - -// QemuCmd is an alias around a string slice to prevent the need to migrate the -// MachineVM struct due to changes -type QemuCmd []string - -// NewQemuBuilder creates a new QemuCmd object that we will build on top of, -// starting with the qemu binary, architecture specific options, and propagated -// proxy and SSL settings -func NewQemuBuilder(binary string, options []string) QemuCmd { - q := QemuCmd{binary} - return append(q, options...) -} - -// SetMemory adds the specified amount of memory for the machine -func (q *QemuCmd) SetMemory(m uint64) { - *q = append(*q, "-m", strconv.FormatUint(m, 10)) -} - -// SetCPUs adds the number of CPUs the machine will have -func (q *QemuCmd) SetCPUs(c uint64) { - *q = append(*q, "-smp", strconv.FormatUint(c, 10)) -} - -// SetIgnitionFile specifies the machine's ignition file -func (q *QemuCmd) SetIgnitionFile(file define.VMFile) { - *q = append(*q, "-fw_cfg", "name=opt/com.coreos/config,file="+file.GetPath()) -} - -// SetQmpMonitor specifies the machine's qmp socket -func (q *QemuCmd) SetQmpMonitor(monitor Monitor) { - *q = append(*q, "-qmp", monitor.Network+":"+monitor.Address.GetPath()+",server=on,wait=off") -} - -// SetNetwork adds a network device to the machine -func (q *QemuCmd) SetNetwork() { - // Right now the mac address is hardcoded so that the host networking gives it a specific IP address. This is - // why we can only run one vm at a time right now - *q = append(*q, "-netdev", "socket,id=vlan,fd=3", "-device", "virtio-net-pci,netdev=vlan,mac=5a:94:ef:e4:0c:ee") -} - -// SetNetwork adds a network device to the machine -func (q *QemuCmd) SetUSBHostPassthrough(usbs []machine.USBConfig) { - if len(usbs) == 0 { - return - } - // Add xhci usb emulation first and then each usb device - *q = append(*q, "-device", "qemu-xhci") - for _, usb := range usbs { - var dev string - if usb.Bus != "" && usb.DevNumber != "" { - dev = fmt.Sprintf("usb-host,hostbus=%s,hostaddr=%s", usb.Bus, usb.DevNumber) - } else { - dev = fmt.Sprintf("usb-host,vendorid=%d,productid=%d", usb.Vendor, usb.Product) - } - *q = append(*q, "-device", dev) - } -} - -// SetSerialPort adds a serial port to the machine for readiness -func (q *QemuCmd) SetSerialPort(readySocket, vmPidFile define.VMFile, name string) { - *q = append(*q, - "-device", "virtio-serial", - // qemu needs to establish the long name; other connections can use the symlink'd - // Note both id and chardev start with an extra "a" because qemu requires that it - // starts with a letter but users can also use numbers - "-chardev", "socket,path="+readySocket.GetPath()+",server=on,wait=off,id=a"+name+"_ready", - "-device", "virtserialport,chardev=a"+name+"_ready"+",name=org.fedoraproject.port.0", - "-pidfile", vmPidFile.GetPath()) -} - -// SetVirtfsMount adds a virtfs mount to the machine -func (q *QemuCmd) SetVirtfsMount(source, tag, securityModel string, readonly bool) { - virtfsOptions := fmt.Sprintf("local,path=%s,mount_tag=%s,security_model=%s", source, tag, securityModel) - if readonly { - virtfsOptions += ",readonly" - } - *q = append(*q, "-virtfs", virtfsOptions) -} - -// SetBootableImage specifies the image the machine will use to boot -func (q *QemuCmd) SetBootableImage(image string) { - *q = append(*q, "-drive", "if=virtio,file="+image) -} - -// SetDisplay specifies whether the machine will have a display -func (q *QemuCmd) SetDisplay(display string) { - *q = append(*q, "-display", display) -} - -// SetPropagatedHostEnvs adds options that propagate SSL and proxy settings -func (q *QemuCmd) SetPropagatedHostEnvs() { - *q = propagateHostEnv(*q) -} - -func (q *QemuCmd) Build() []string { - return *q -} diff --git a/pkg/machine/qemu/command/command.go b/pkg/machine/qemu/command/command.go new file mode 100644 index 000000000000..3619619ef37e --- /dev/null +++ b/pkg/machine/qemu/command/command.go @@ -0,0 +1,236 @@ +package command + +import ( + "encoding/base64" + "fmt" + "os" + "path/filepath" + "strconv" + "strings" + "time" + + "github.com/containers/common/libnetwork/etchosts" + "github.com/containers/common/pkg/config" + "github.com/containers/podman/v4/pkg/machine/define" +) + +// QemuCmd is an alias around a string slice to prevent the need to migrate the +// MachineVM struct due to changes +type QemuCmd []string + +// NewQemuBuilder creates a new QemuCmd object that we will build on top of, +// starting with the qemu binary, architecture specific options, and propagated +// proxy and SSL settings +func NewQemuBuilder(binary string, options []string) QemuCmd { + q := QemuCmd{binary} + return append(q, options...) +} + +// SetMemory adds the specified amount of memory for the machine +func (q *QemuCmd) SetMemory(m uint64) { + *q = append(*q, "-m", strconv.FormatUint(m, 10)) +} + +// SetCPUs adds the number of CPUs the machine will have +func (q *QemuCmd) SetCPUs(c uint64) { + *q = append(*q, "-smp", strconv.FormatUint(c, 10)) +} + +// SetIgnitionFile specifies the machine's ignition file +func (q *QemuCmd) SetIgnitionFile(file define.VMFile) { + *q = append(*q, "-fw_cfg", "name=opt/com.coreos/config,file="+file.GetPath()) +} + +// SetQmpMonitor specifies the machine's qmp socket +func (q *QemuCmd) SetQmpMonitor(monitor Monitor) { + *q = append(*q, "-qmp", monitor.Network+":"+monitor.Address.GetPath()+",server=on,wait=off") +} + +// SetNetwork adds a network device to the machine +func (q *QemuCmd) SetNetwork() { + // Right now the mac address is hardcoded so that the host networking gives it a specific IP address. This is + // why we can only run one vm at a time right now + *q = append(*q, "-netdev", "socket,id=vlan,fd=3", "-device", "virtio-net-pci,netdev=vlan,mac=5a:94:ef:e4:0c:ee") +} + +// SetNetwork adds a network device to the machine +func (q *QemuCmd) SetUSBHostPassthrough(usbs []USBConfig) { + if len(usbs) == 0 { + return + } + // Add xhci usb emulation first and then each usb device + *q = append(*q, "-device", "qemu-xhci") + for _, usb := range usbs { + var dev string + if usb.Bus != "" && usb.DevNumber != "" { + dev = fmt.Sprintf("usb-host,hostbus=%s,hostaddr=%s", usb.Bus, usb.DevNumber) + } else { + dev = fmt.Sprintf("usb-host,vendorid=%d,productid=%d", usb.Vendor, usb.Product) + } + *q = append(*q, "-device", dev) + } +} + +// SetSerialPort adds a serial port to the machine for readiness +func (q *QemuCmd) SetSerialPort(readySocket, vmPidFile define.VMFile, name string) { + *q = append(*q, + "-device", "virtio-serial", + // qemu needs to establish the long name; other connections can use the symlink'd + // Note both id and chardev start with an extra "a" because qemu requires that it + // starts with a letter but users can also use numbers + "-chardev", "socket,path="+readySocket.GetPath()+",server=on,wait=off,id=a"+name+"_ready", + "-device", "virtserialport,chardev=a"+name+"_ready"+",name=org.fedoraproject.port.0", + "-pidfile", vmPidFile.GetPath()) +} + +// SetVirtfsMount adds a virtfs mount to the machine +func (q *QemuCmd) SetVirtfsMount(source, tag, securityModel string, readonly bool) { + virtfsOptions := fmt.Sprintf("local,path=%s,mount_tag=%s,security_model=%s", source, tag, securityModel) + if readonly { + virtfsOptions += ",readonly" + } + *q = append(*q, "-virtfs", virtfsOptions) +} + +// SetBootableImage specifies the image the machine will use to boot +func (q *QemuCmd) SetBootableImage(image string) { + *q = append(*q, "-drive", "if=virtio,file="+image) +} + +// SetDisplay specifies whether the machine will have a display +func (q *QemuCmd) SetDisplay(display string) { + *q = append(*q, "-display", display) +} + +// SetPropagatedHostEnvs adds options that propagate SSL and proxy settings +func (q *QemuCmd) SetPropagatedHostEnvs() { + *q = propagateHostEnv(*q) +} + +func (q *QemuCmd) Build() []string { + return *q +} + +type USBConfig struct { + Bus string + DevNumber string + Vendor int + Product int +} + +func ParseUSBs(usbs []string) ([]USBConfig, error) { + configs := []USBConfig{} + for _, str := range usbs { + if str == "" { + // Ignore --usb="" as it can be used to reset USBConfigs + continue + } + + vals := strings.Split(str, ",") + if len(vals) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing ',': %s", str) + } + + left := strings.Split(vals[0], "=") + if len(left) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) + } + + right := strings.Split(vals[1], "=") + if len(right) != 2 { + return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) + } + + option := left[0] + "_" + right[0] + + switch option { + case "bus_devnum", "devnum_bus": + bus, devnumber := left[1], right[1] + if right[0] == "bus" { + bus, devnumber = devnumber, bus + } + + configs = append(configs, USBConfig{ + Bus: bus, + DevNumber: devnumber, + }) + case "vendor_product", "product_vendor": + vendorStr, productStr := left[1], right[1] + if right[0] == "vendor" { + vendorStr, productStr = productStr, vendorStr + } + + vendor, err := strconv.ParseInt(vendorStr, 16, 0) + if err != nil { + return configs, fmt.Errorf("usb: fail to convert vendor of %s: %s", str, err) + } + + product, err := strconv.ParseInt(productStr, 16, 0) + if err != nil { + return configs, fmt.Errorf("usb: fail to convert product of %s: %s", str, err) + } + + configs = append(configs, USBConfig{ + Vendor: int(vendor), + Product: int(product), + }) + default: + return configs, fmt.Errorf("usb: fail to parse: %s", str) + } + } + return configs, nil +} + +func GetProxyVariables() map[string]string { + proxyOpts := make(map[string]string) + for _, variable := range config.ProxyEnv { + if value, ok := os.LookupEnv(variable); ok { + if value == "" { + continue + } + + v := strings.ReplaceAll(value, "127.0.0.1", etchosts.HostContainersInternal) + v = strings.ReplaceAll(v, "localhost", etchosts.HostContainersInternal) + proxyOpts[variable] = v + } + } + return proxyOpts +} + +// propagateHostEnv is here for providing the ability to propagate +// proxy and SSL settings (e.g. HTTP_PROXY and others) on a start +// and avoid a need of re-creating/re-initiating a VM +func propagateHostEnv(cmdLine QemuCmd) QemuCmd { + varsToPropagate := make([]string, 0) + + for k, v := range GetProxyVariables() { + varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", k, v)) + } + + if sslCertFile, ok := os.LookupEnv("SSL_CERT_FILE"); ok { + pathInVM := filepath.Join(define.UserCertsTargetPath, filepath.Base(sslCertFile)) + varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", "SSL_CERT_FILE", pathInVM)) + } + + if _, ok := os.LookupEnv("SSL_CERT_DIR"); ok { + varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", "SSL_CERT_DIR", define.UserCertsTargetPath)) + } + + if len(varsToPropagate) > 0 { + prefix := "name=opt/com.coreos/environment,string=" + envVarsJoined := strings.Join(varsToPropagate, "|") + fwCfgArg := prefix + base64.StdEncoding.EncodeToString([]byte(envVarsJoined)) + return append(cmdLine, "-fw_cfg", fwCfgArg) + } + + return cmdLine +} + +type Monitor struct { + // Address portion of the qmp monitor (/tmp/tmp.sock) + Address define.VMFile + // Network portion of the qmp monitor (unix) + Network string + // Timeout in seconds for qmp monitor transactions + Timeout time.Duration +} diff --git a/pkg/machine/qemu/command/command_test.go b/pkg/machine/qemu/command/command_test.go new file mode 100644 index 000000000000..e2307f369332 --- /dev/null +++ b/pkg/machine/qemu/command/command_test.go @@ -0,0 +1,94 @@ +package command + +import ( + "encoding/base64" + "fmt" + "strings" + "testing" + + "github.com/containers/common/libnetwork/etchosts" + "github.com/containers/podman/v4/pkg/machine/define" + "github.com/stretchr/testify/assert" +) + +func TestPropagateHostEnv(t *testing.T) { + tests := map[string]struct { + value string + expect string + }{ + "HTTP_PROXY": { + "proxy", + "equal", + }, + "ftp_proxy": { + "domain.com:8888", + "equal", + }, + "FTP_PROXY": { + "proxy", + "equal", + }, + "NO_PROXY": { + "localaddress", + "equal", + }, + "HTTPS_PROXY": { + "", + "unset", + }, + "no_proxy": { + "", + "unset", + }, + "http_proxy": { + "127.0.0.1:8888", + fmt.Sprintf("%s:8888", etchosts.HostContainersInternal), + }, + "https_proxy": { + "localhost:8888", + fmt.Sprintf("%s:8888", etchosts.HostContainersInternal), + }, + "SSL_CERT_FILE": { + "/some/f=oo.cert", + fmt.Sprintf("%s/f=oo.cert", define.UserCertsTargetPath), + }, + "SSL_CERT_DIR": { + "/some/my/certs", + define.UserCertsTargetPath, + }, + } + + for key, item := range tests { + t.Setenv(key, item.value) + } + + cmdLine := propagateHostEnv(make([]string, 0)) + + assert.Len(t, cmdLine, 2) + assert.Equal(t, "-fw_cfg", cmdLine[0]) + tokens := strings.Split(cmdLine[1], ",string=") + decodeString, err := base64.StdEncoding.DecodeString(tokens[1]) + assert.NoError(t, err) + + // envsRawArr looks like: ["BAR=\"bar\"", "FOO=\"foo\""] + envsRawArr := strings.Split(string(decodeString), "|") + // envs looks like: {"BAR": "bar", "FOO": "foo"} + envs := make(map[string]string) + for _, env := range envsRawArr { + item := strings.SplitN(env, "=", 2) + envs[item[0]] = strings.Trim(item[1], "\"") + } + + for key, test := range tests { + switch test.expect { + case "equal": + assert.Equal(t, envs[key], test.value) + case "unset": + if _, ok := envs[key]; ok { + t.Errorf("env %s should not be set", key) + } + default: + assert.Equal(t, envs[key], test.expect) + } + } +} diff --git a/pkg/machine/qemu/qemu_command_test.go b/pkg/machine/qemu/command/qemu_command_test.go similarity index 99% rename from pkg/machine/qemu/qemu_command_test.go rename to pkg/machine/qemu/command/qemu_command_test.go index 5041dcb156a5..ed198f2a0ffc 100644 --- a/pkg/machine/qemu/qemu_command_test.go +++ b/pkg/machine/qemu/command/qemu_command_test.go @@ -1,7 +1,7 @@ //go:build (amd64 && !windows) || (arm64 && !windows) // +build amd64,!windows arm64,!windows -package qemu +package command import ( "fmt" diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 25d5af5e7cfb..a47b77fe2b6c 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -6,7 +6,6 @@ import ( "io/fs" "os" "path/filepath" - "strconv" "strings" "time" @@ -14,6 +13,9 @@ import ( "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/compression" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/qemu/command" + "github.com/containers/podman/v4/pkg/machine/sockets" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/podman/v4/utils" "github.com/docker/go-units" "github.com/sirupsen/logrus" @@ -59,7 +61,7 @@ func (v *MachineVM) setQMPMonitorSocket() error { // setNewMachineCMD configure the CLI command that will be run to create the new // machine func (v *MachineVM) setNewMachineCMD(qemuBinary string, cmdOpts *setNewMachineCMDOpts) { - v.CmdLine = NewQemuBuilder(qemuBinary, v.addArchOptions(cmdOpts)) + v.CmdLine = command.NewQemuBuilder(qemuBinary, v.addArchOptions(cmdOpts)) v.CmdLine.SetMemory(v.Memory) v.CmdLine.SetCPUs(v.CPUs) v.CmdLine.SetIgnitionFile(v.IgnitionFile) @@ -69,69 +71,6 @@ func (v *MachineVM) setNewMachineCMD(qemuBinary string, cmdOpts *setNewMachineCM v.CmdLine.SetUSBHostPassthrough(v.USBs) } -func parseUSBs(usbs []string) ([]machine.USBConfig, error) { - configs := []machine.USBConfig{} - for _, str := range usbs { - if str == "" { - // Ignore --usb="" as it can be used to reset USBConfigs - continue - } - - vals := strings.Split(str, ",") - if len(vals) != 2 { - return configs, fmt.Errorf("usb: fail to parse: missing ',': %s", str) - } - - left := strings.Split(vals[0], "=") - if len(left) != 2 { - return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) - } - - right := strings.Split(vals[1], "=") - if len(right) != 2 { - return configs, fmt.Errorf("usb: fail to parse: missing '=': %s", str) - } - - option := left[0] + "_" + right[0] - - switch option { - case "bus_devnum", "devnum_bus": - bus, devnumber := left[1], right[1] - if right[0] == "bus" { - bus, devnumber = devnumber, bus - } - - configs = append(configs, machine.USBConfig{ - Bus: bus, - DevNumber: devnumber, - }) - case "vendor_product", "product_vendor": - vendorStr, productStr := left[1], right[1] - if right[0] == "vendor" { - vendorStr, productStr = productStr, vendorStr - } - - vendor, err := strconv.ParseInt(vendorStr, 16, 0) - if err != nil { - return configs, fmt.Errorf("usb: fail to convert vendor of %s: %s", str, err) - } - - product, err := strconv.ParseInt(productStr, 16, 0) - if err != nil { - return configs, fmt.Errorf("usb: fail to convert product of %s: %s", str, err) - } - - configs = append(configs, machine.USBConfig{ - Vendor: int(vendor), - Product: int(product), - }) - default: - return configs, fmt.Errorf("usb: fail to parse: %s", str) - } - } - return configs, nil -} - // NewMachine initializes an instance of a virtual machine based on the qemu // virtualization. func (p *QEMUVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, error) { @@ -169,7 +108,7 @@ func (p *QEMUVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, e vm.CPUs = opts.CPUS vm.Memory = opts.Memory vm.DiskSize = opts.DiskSize - if vm.USBs, err = parseUSBs(opts.USBs); err != nil { + if vm.USBs, err = command.ParseUSBs(opts.USBs); err != nil { return nil, err } @@ -195,7 +134,7 @@ func (p *QEMUVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, e return nil, err } symlink := vm.Name + "_ready.sock" - if err := machine.SetSocket(&vm.ReadySocket, machine.ReadySocketPath(runtimeDir+"/podman/", vm.Name), &symlink); err != nil { + if err := sockets.SetSocket(&vm.ReadySocket, sockets.ReadySocketPath(runtimeDir+"/podman/", vm.Name), &symlink); err != nil { return nil, err } @@ -209,7 +148,7 @@ func (p *QEMUVirtualization) NewMachine(opts machine.InitOptions) (machine.VM, e // and returns a vm instance func (p *QEMUVirtualization) LoadVMByName(name string) (machine.VM, error) { vm := &MachineVM{Name: name} - vm.HostUser = machine.HostUser{UID: -1} // posix reserves -1, so use it to signify undefined + vm.HostUser = vmconfigs.HostUser{UID: -1} // posix reserves -1, so use it to signify undefined if err := vm.update(); err != nil { return nil, err } @@ -274,7 +213,7 @@ func getVMInfos() ([]*machine.ListResponse, error) { if err != nil { return err } - listEntry.Running = state == machine.Running + listEntry.Running = state == define.Running listEntry.LastUp = vm.LastUp listed = append(listed, listEntry) diff --git a/pkg/machine/qemu/config_test.go b/pkg/machine/qemu/config_test.go index d1bd0f291ee7..ae630f355cc3 100644 --- a/pkg/machine/qemu/config_test.go +++ b/pkg/machine/qemu/config_test.go @@ -4,20 +4,20 @@ import ( "reflect" "testing" - "github.com/containers/podman/v4/pkg/machine" + "github.com/containers/podman/v4/pkg/machine/qemu/command" ) func TestUSBParsing(t *testing.T) { tests := []struct { name string args []string - result []machine.USBConfig + result []command.USBConfig wantErr bool }{ { name: "Good vendor and product", args: []string{"vendor=13d3,product=5406", "vendor=08ec,product=0016"}, - result: []machine.USBConfig{ + result: []command.USBConfig{ { Vendor: 5075, Product: 21510, @@ -32,7 +32,7 @@ func TestUSBParsing(t *testing.T) { { name: "Good bus and device number", args: []string{"bus=1,devnum=4", "bus=1,devnum=3"}, - result: []machine.USBConfig{ + result: []command.USBConfig{ { Bus: "1", DevNumber: "4", @@ -47,26 +47,26 @@ func TestUSBParsing(t *testing.T) { { name: "Bad vendor and product, not hexa", args: []string{"vendor=13dk,product=5406"}, - result: []machine.USBConfig{}, + result: []command.USBConfig{}, wantErr: true, }, { name: "Bad vendor and product, bad separator", args: []string{"vendor=13d3:product=5406"}, - result: []machine.USBConfig{}, + result: []command.USBConfig{}, wantErr: true, }, { name: "Bad vendor and product, missing equal", args: []string{"vendor=13d3:product-5406"}, - result: []machine.USBConfig{}, + result: []command.USBConfig{}, wantErr: true, }, } for _, test := range tests { t.Run(test.name, func(t *testing.T) { - got, err := parseUSBs(test.args) + got, err := command.ParseUSBs(test.args) if (err != nil) != test.wantErr { t.Errorf("parseUUBs error = %v, wantErr %v", err, test.wantErr) return diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index dac5b1a873a6..9a74113a4498 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -6,7 +6,6 @@ package qemu import ( "bufio" "bytes" - "encoding/base64" "encoding/json" "errors" "fmt" @@ -25,6 +24,9 @@ import ( gvproxy "github.com/containers/gvisor-tap-vsock/pkg/types" "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/qemu/command" + "github.com/containers/podman/v4/pkg/machine/sockets" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/util" "github.com/containers/storage/pkg/lockfile" @@ -66,13 +68,13 @@ type MachineVM struct { // ConfigPath is the path to the configuration file ConfigPath define.VMFile // The command line representation of the qemu command - CmdLine QemuCmd + CmdLine command.QemuCmd // HostUser contains info about host user - machine.HostUser + vmconfigs.HostUser // ImageConfig describes the bootable image machine.ImageConfig // Mounts is the list of remote filesystems to mount - Mounts []machine.Mount + Mounts []vmconfigs.Mount // Name of VM Name string // PidFilePath is the where the Proxy PID file lives @@ -80,13 +82,13 @@ type MachineVM struct { // VMPidFilePath is the where the VM PID file lives VMPidFilePath define.VMFile // QMPMonitor is the qemu monitor object for sending commands - QMPMonitor Monitor + QMPMonitor command.Monitor // ReadySocket tells host when vm is booted ReadySocket define.VMFile // ResourceConfig is physical attrs of the VM - machine.ResourceConfig + vmconfigs.ResourceConfig // SSHConfig for accessing the remote vm - machine.SSHConfig + vmconfigs.SSHConfig // Starting tells us whether the machine is running or if we have just dialed it to start it Starting bool // Created contains the original created time instead of querying the file mod time @@ -98,15 +100,6 @@ type MachineVM struct { lock *lockfile.LockFile } -type Monitor struct { - // Address portion of the qmp monitor (/tmp/tmp.sock) - Address define.VMFile - // Network portion of the qmp monitor (unix) - Network string - // Timeout in seconds for qmp monitor transactions - Timeout time.Duration -} - // addMountsToVM converts the volumes passed through the CLI into the specified // volume driver and adds them to the machine func (v *MachineVM) addMountsToVM(opts machine.InitOptions) error { @@ -119,7 +112,7 @@ func (v *MachineVM) addMountsToVM(opts machine.InitOptions) error { return fmt.Errorf("unknown volume driver: %s", opts.VolumeDriver) } - mounts := []machine.Mount{} + mounts := []vmconfigs.Mount{} for i, volume := range opts.Volumes { tag := fmt.Sprintf("vol%d", i) paths := pathsFromVolume(volume) @@ -128,7 +121,7 @@ func (v *MachineVM) addMountsToVM(opts machine.InitOptions) error { readonly, securityModel := extractMountOptions(paths) if volumeType == VolumeTypeVirtfs { v.CmdLine.SetVirtfsMount(source, tag, securityModel, readonly) - mounts = append(mounts, machine.Mount{Type: MountType9p, Tag: tag, Source: source, Target: target, ReadOnly: readonly}) + mounts = append(mounts, vmconfigs.Mount{Type: MountType9p, Tag: tag, Source: source, Target: target, ReadOnly: readonly}) } } v.Mounts = mounts @@ -274,7 +267,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) ([]error, error) { return setErrors, err } - if state == machine.Running { + if state == define.Running { suffix := "" if v.Name != machine.DefaultMachineName { suffix = " " + v.Name @@ -309,7 +302,7 @@ func (v *MachineVM) Set(_ string, opts machine.SetOptions) ([]error, error) { } if opts.USBs != nil { - if usbConfigs, err := parseUSBs(*opts.USBs); err != nil { + if usbConfigs, err := command.ParseUSBs(*opts.USBs); err != nil { setErrors = append(setErrors, fmt.Errorf("failed to set usb: %w", err)) } else { v.USBs = usbConfigs @@ -381,7 +374,7 @@ func (v *MachineVM) conductVMReadinessCheck(name string, maxBackoffs int, backof if err != nil { return false, nil, err } - if state == machine.Running && v.isListening() { + if state == define.Running && v.isListening() { // Also make sure that SSH is up and running. The // ready service's dependencies don't fully make sure // that clients can SSH into the machine immediately @@ -469,9 +462,9 @@ func (v *MachineVM) Start(name string, opts machine.StartOptions) error { return err } switch state { - case machine.Starting: + case define.Starting: return fmt.Errorf("cannot start VM %q: starting state indicates that a previous start has failed: please stop and restart the VM", v.Name) - case machine.Running: + case define.Running: return fmt.Errorf("cannot start VM %q: %w", v.Name, machine.ErrVMAlreadyRunning) } @@ -537,7 +530,7 @@ func (v *MachineVM) Start(name string, opts machine.StartOptions) error { return err } - qemuSocketConn, err = machine.DialSocketWithBackoffs(maxBackoffs, defaultBackoff, v.QMPMonitor.Address.Path) + qemuSocketConn, err = sockets.DialSocketWithBackoffs(maxBackoffs, defaultBackoff, v.QMPMonitor.Address.Path) if err != nil { return err } @@ -592,7 +585,7 @@ func (v *MachineVM) Start(name string, opts machine.StartOptions) error { fmt.Println("Waiting for VM ...") } - conn, err = machine.DialSocketWithBackoffsAndProcCheck(maxBackoffs, defaultBackoff, v.ReadySocket.GetPath(), checkProcessStatus, "qemu", cmd.Process.Pid, stderrBuf) + conn, err = sockets.DialSocketWithBackoffsAndProcCheck(maxBackoffs, defaultBackoff, v.ReadySocket.GetPath(), checkProcessStatus, "qemu", cmd.Process.Pid, stderrBuf) if err != nil { return err } @@ -656,36 +649,7 @@ func (v *MachineVM) Start(name string, opts machine.StartOptions) error { return nil } -// propagateHostEnv is here for providing the ability to propagate -// proxy and SSL settings (e.g. HTTP_PROXY and others) on a start -// and avoid a need of re-creating/re-initiating a VM -func propagateHostEnv(cmdLine QemuCmd) QemuCmd { - varsToPropagate := make([]string, 0) - - for k, v := range machine.GetProxyVariables() { - varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", k, v)) - } - - if sslCertFile, ok := os.LookupEnv("SSL_CERT_FILE"); ok { - pathInVM := filepath.Join(machine.UserCertsTargetPath, filepath.Base(sslCertFile)) - varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", "SSL_CERT_FILE", pathInVM)) - } - - if _, ok := os.LookupEnv("SSL_CERT_DIR"); ok { - varsToPropagate = append(varsToPropagate, fmt.Sprintf("%s=%q", "SSL_CERT_DIR", machine.UserCertsTargetPath)) - } - - if len(varsToPropagate) > 0 { - prefix := "name=opt/com.coreos/environment,string=" - envVarsJoined := strings.Join(varsToPropagate, "|") - fwCfgArg := prefix + base64.StdEncoding.EncodeToString([]byte(envVarsJoined)) - return append(cmdLine, "-fw_cfg", fwCfgArg) - } - - return cmdLine -} - -func (v *MachineVM) checkStatus(monitor *qmp.SocketMonitor) (machine.Status, error) { +func (v *MachineVM) checkStatus(monitor *qmp.SocketMonitor) (define.Status, error) { // this is the format returned from the monitor // {"return": {"status": "running", "singlestep": false, "running": true}} @@ -712,17 +676,17 @@ func (v *MachineVM) checkStatus(monitor *qmp.SocketMonitor) (machine.Status, err b, err := monitor.Run(input) if err != nil { if errors.Is(err, os.ErrNotExist) { - return machine.Stopped, nil + return define.Stopped, nil } return "", err } if err := json.Unmarshal(b, &response); err != nil { return "", err } - if response.Response.Status == machine.Running { - return machine.Running, nil + if response.Response.Status == define.Running { + return define.Running, nil } - return machine.Stopped, nil + return define.Stopped, nil } // waitForMachineToStop waits for the machine to stop running @@ -734,7 +698,7 @@ func (v *MachineVM) waitForMachineToStop() error { if err != nil { return err } - if state != machine.Running { + if state != define.Running { break } time.Sleep(waitInternal) @@ -929,10 +893,10 @@ func (v *MachineVM) stopLocked() error { } // NewQMPMonitor creates the monitor subsection of our vm -func NewQMPMonitor(network, name string, timeout time.Duration) (Monitor, error) { +func NewQMPMonitor(network, name string, timeout time.Duration) (command.Monitor, error) { rtDir, err := getRuntimeDir() if err != nil { - return Monitor{}, err + return command.Monitor{}, err } if isRootful() { rtDir = "/run" @@ -940,7 +904,7 @@ func NewQMPMonitor(network, name string, timeout time.Duration) (Monitor, error) rtDir = filepath.Join(rtDir, "podman") if _, err := os.Stat(rtDir); errors.Is(err, fs.ErrNotExist) { if err := os.MkdirAll(rtDir, 0755); err != nil { - return Monitor{}, err + return command.Monitor{}, err } } if timeout == 0 { @@ -948,9 +912,9 @@ func NewQMPMonitor(network, name string, timeout time.Duration) (Monitor, error) } address, err := define.NewMachineFile(filepath.Join(rtDir, "qmp_"+name+".sock"), nil) if err != nil { - return Monitor{}, err + return command.Monitor{}, err } - monitor := Monitor{ + monitor := command.Monitor{ Network: network, Address: *address, Timeout: timeout, @@ -1021,7 +985,7 @@ func (v *MachineVM) Remove(_ string, opts machine.RemoveOptions) (string, func() if err != nil { return "", nil, err } - if state == machine.Running { + if state == define.Running { if !opts.Force { return "", nil, &machine.ErrVMRunningCannotDestroyed{Name: v.Name} } @@ -1050,7 +1014,7 @@ func (v *MachineVM) Remove(_ string, opts machine.RemoveOptions) (string, func() }, nil } -func (v *MachineVM) State(bypass bool) (machine.Status, error) { +func (v *MachineVM) State(bypass bool) (define.Status, error) { // Check if qmp socket path exists if _, err := os.Stat(v.QMPMonitor.Address.GetPath()); errors.Is(err, fs.ErrNotExist) { return "", nil @@ -1061,7 +1025,7 @@ func (v *MachineVM) State(bypass bool) (machine.Status, error) { } // Check if we can dial it if v.Starting && !bypass { - return machine.Starting, nil + return define.Starting, nil } monitor, err := qmp.NewSocketMonitor(v.QMPMonitor.Network, v.QMPMonitor.Address.GetPath(), v.QMPMonitor.Timeout) if err != nil { @@ -1069,7 +1033,7 @@ func (v *MachineVM) State(bypass bool) (machine.Status, error) { // it can appear as though the machine state is not stopped. Check for ECONNREFUSED // almost assures us that the vm is stopped. if errors.Is(err, syscall.ECONNREFUSED) { - return machine.Stopped, nil + return define.Stopped, nil } return "", err } @@ -1102,7 +1066,7 @@ func (v *MachineVM) SSH(_ string, opts machine.SSHOptions) error { if err != nil { return err } - if state != machine.Running { + if state != define.Running { return fmt.Errorf("vm %q is not running", v.Name) } diff --git a/pkg/machine/qemu/machine_test.go b/pkg/machine/qemu/machine_test.go index dbf2ebaa68bc..354ea5b688ff 100644 --- a/pkg/machine/qemu/machine_test.go +++ b/pkg/machine/qemu/machine_test.go @@ -4,105 +4,18 @@ package qemu import ( - "encoding/base64" - "fmt" - "strings" "testing" - "github.com/containers/common/libnetwork/etchosts" - "github.com/containers/podman/v4/pkg/machine" - "github.com/stretchr/testify/assert" + "github.com/containers/podman/v4/pkg/machine/qemu/command" "github.com/stretchr/testify/require" ) func TestEditCmd(t *testing.T) { vm := new(MachineVM) - vm.CmdLine = QemuCmd{"command", "-flag", "value"} + vm.CmdLine = command.QemuCmd{"command", "-flag", "value"} vm.editCmdLine("-flag", "newvalue") vm.editCmdLine("-anotherflag", "anothervalue") require.Equal(t, vm.CmdLine.Build(), []string{"command", "-flag", "newvalue", "-anotherflag", "anothervalue"}) } - -func TestPropagateHostEnv(t *testing.T) { - tests := map[string]struct { - value string - expect string - }{ - "HTTP_PROXY": { - "proxy", - "equal", - }, - "ftp_proxy": { - "domain.com:8888", - "equal", - }, - "FTP_PROXY": { - "proxy", - "equal", - }, - "NO_PROXY": { - "localaddress", - "equal", - }, - "HTTPS_PROXY": { - "", - "unset", - }, - "no_proxy": { - "", - "unset", - }, - "http_proxy": { - "127.0.0.1:8888", - fmt.Sprintf("%s:8888", etchosts.HostContainersInternal), - }, - "https_proxy": { - "localhost:8888", - fmt.Sprintf("%s:8888", etchosts.HostContainersInternal), - }, - "SSL_CERT_FILE": { - "/some/f=oo.cert", - fmt.Sprintf("%s/f=oo.cert", machine.UserCertsTargetPath), - }, - "SSL_CERT_DIR": { - "/some/my/certs", - machine.UserCertsTargetPath, - }, - } - - for key, item := range tests { - t.Setenv(key, item.value) - } - - cmdLine := propagateHostEnv(make([]string, 0)) - - assert.Len(t, cmdLine, 2) - assert.Equal(t, "-fw_cfg", cmdLine[0]) - tokens := strings.Split(cmdLine[1], ",string=") - decodeString, err := base64.StdEncoding.DecodeString(tokens[1]) - assert.NoError(t, err) - - // envsRawArr looks like: ["BAR=\"bar\"", "FOO=\"foo\""] - envsRawArr := strings.Split(string(decodeString), "|") - // envs looks like: {"BAR": "bar", "FOO": "foo"} - envs := make(map[string]string) - for _, env := range envsRawArr { - item := strings.SplitN(env, "=", 2) - envs[item[0]] = strings.Trim(item[1], "\"") - } - - for key, test := range tests { - switch test.expect { - case "equal": - assert.Equal(t, envs[key], test.value) - case "unset": - if _, ok := envs[key]; ok { - t.Errorf("env %s should not be set", key) - } - default: - assert.Equal(t, envs[key], test.expect) - } - } -} diff --git a/pkg/machine/sockets.go b/pkg/machine/sockets/sockets.go similarity index 99% rename from pkg/machine/sockets.go rename to pkg/machine/sockets/sockets.go index a7d51061cb64..6d966dbfb397 100644 --- a/pkg/machine/sockets.go +++ b/pkg/machine/sockets/sockets.go @@ -1,4 +1,4 @@ -package machine +package sockets import ( "bufio" diff --git a/pkg/machine/vmconfigs/config.go b/pkg/machine/vmconfigs/config.go new file mode 100644 index 000000000000..8a4cb1e7181d --- /dev/null +++ b/pkg/machine/vmconfigs/config.go @@ -0,0 +1,142 @@ +package vmconfigs + +import ( + "errors" + "net/url" + "time" + + gvproxy "github.com/containers/gvisor-tap-vsock/pkg/types" + "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/qemu/command" + "github.com/containers/storage/pkg/lockfile" +) + +type aThing struct{} + +type MachineConfig struct { + // Common stuff + Created time.Time + GvProxy gvproxy.GvproxyCommand + HostUser HostUser + IgnitionFile *aThing // possible interface + LastUp time.Time + LogPath *define.VMFile `json:",omitempty"` // Revisit this for all providers + Mounts []Mount + Name string + ReadySocket *aThing // possible interface + Resources ResourceConfig + SSH SSHConfig + Starting *bool + Version uint + + // Image stuff + imageDescription machineImage //nolint:unused + + // Provider stuff + AppleHypervisor *AppleHVConfig `json:",omitempty"` + QEMUHypervisor *QEMUConfig `json:",omitempty"` + HyperVHypervisor *HyperVConfig `json:",omitempty"` + WSLHypervisor *WSLConfig `json:",omitempty"` + + lock *lockfile.LockFile //nolint:unused +} + +// MachineImage describes a podman machine image +type MachineImage struct { + OCI *ociMachineImage + FCOS *fcosMachineImage +} + +// Pull downloads a machine image +func (m *MachineImage) Pull() error { + if m.OCI != nil { + return m.OCI.download() + } + if m.FCOS != nil { + return m.FCOS.download() + } + return errors.New("no valid machine image provider detected") +} + +type machineImage interface { //nolint:unused + download() error + path() string +} + +type ociMachineImage struct { + // registry + // TODO JSON serial/deserial will write string to disk + // but in code it is a types.ImageReference + + // quay.io/podman/podman-machine-image:5.0 + FQImageReference string +} + +func (o ociMachineImage) path() string { + return "" +} + +func (o ociMachineImage) download() error { + return nil +} + +type fcosMachineImage struct { + // TODO JSON serial/deserial will write string to disk + // but in code is url.URL + Location url.URL // file://path/.qcow2 https://path/qcow2 +} + +func (f fcosMachineImage) download() error { + return nil +} + +func (f fcosMachineImage) path() string { + return "" +} + +// HostUser describes the host user +type HostUser struct { + // Whether this machine should run in a rootful or rootless manner + Rootful bool + // UID is the numerical id of the user that called machine + UID int + // Whether one of these fields has changed and actions should be taken + Modified bool `json:"HostUserModified"` +} + +type Mount struct { + ReadOnly bool + Source string + Tag string + Target string + Type string +} + +// ResourceConfig describes physical attributes of the machine +type ResourceConfig struct { + // CPUs to be assigned to the VM + CPUs uint64 + // Disk size in gigabytes assigned to the vm + DiskSize uint64 + // Memory in megabytes assigned to the vm + Memory uint64 + // Usbs + USBs []command.USBConfig +} + +// SSHConfig contains remote access information for SSH +type SSHConfig struct { + // IdentityPath is the fq path to the ssh priv key + IdentityPath string + // SSH port for user networking + Port int + // RemoteUsername of the vm user + RemoteUsername string +} + +type VMStats struct { + // Created contains the original created time instead of querying the file mod time + Created time.Time + // LastUp contains the last recorded uptime + LastUp time.Time +} diff --git a/pkg/machine/vmconfigs/config_darwin.go b/pkg/machine/vmconfigs/config_darwin.go new file mode 100644 index 000000000000..62bdff414ec5 --- /dev/null +++ b/pkg/machine/vmconfigs/config_darwin.go @@ -0,0 +1,15 @@ +package vmconfigs + +import ( + "github.com/containers/podman/v4/pkg/machine/applehv/vfkit" +) + +type AppleHVConfig struct { + // The VFKit endpoint where we can interact with the VM + Vfkit vfkit.VfkitHelper +} + +// Stubs +type HyperVConfig struct{} +type WSLConfig struct{} +type QEMUConfig struct{} diff --git a/pkg/machine/vmconfigs/config_freebsd.go b/pkg/machine/vmconfigs/config_freebsd.go new file mode 100644 index 000000000000..1970769ff4a5 --- /dev/null +++ b/pkg/machine/vmconfigs/config_freebsd.go @@ -0,0 +1,7 @@ +package vmconfigs + +// Stubs +type HyperVConfig struct{} +type WSLConfig struct {} +type QEMUConfig struct {} +type AppleHVConfig struct {} diff --git a/pkg/machine/vmconfigs/config_linux.go b/pkg/machine/vmconfigs/config_linux.go new file mode 100644 index 000000000000..59d37e8f44fb --- /dev/null +++ b/pkg/machine/vmconfigs/config_linux.go @@ -0,0 +1,14 @@ +package vmconfigs + +import ( + "github.com/containers/podman/v4/pkg/machine/qemu/command" +) + +type QEMUConfig struct { + cmd command.QemuCmd //nolint:unused +} + +// Stubs +type AppleHVConfig struct{} +type HyperVConfig struct{} +type WSLConfig struct{} diff --git a/pkg/machine/vmconfigs/config_windows.go b/pkg/machine/vmconfigs/config_windows.go new file mode 100644 index 000000000000..8cec6976ea8b --- /dev/null +++ b/pkg/machine/vmconfigs/config_windows.go @@ -0,0 +1,21 @@ +package vmconfigs + +import ( + "github.com/containers/podman/v4/pkg/machine/hyperv/vsock" +) + +type HyperVConfig struct { + // NetworkVSock is for the user networking + NetworkHVSock vsock.HVSockRegistryEntry + // MountVsocks contains the currently-active vsocks, mapped to the + // directory they should be mounted on. + MountVsocks map[string]uint64 +} + +type WSLConfig struct { + wslstuff *aThing +} + +// Stubs +type QEMUConfig struct{} +type AppleHVConfig struct{} diff --git a/pkg/machine/volumes.go b/pkg/machine/volumes.go index 5f7eaf07dea2..b2a9d9de41a5 100644 --- a/pkg/machine/volumes.go +++ b/pkg/machine/volumes.go @@ -2,6 +2,8 @@ package machine import ( "strings" + + "github.com/containers/podman/v4/pkg/machine/vmconfigs" ) type Volume interface { @@ -37,8 +39,8 @@ func (v VirtIoFs) unitName() string { return unit } -func (v VirtIoFs) ToMount() Mount { - return Mount{ +func (v VirtIoFs) ToMount() vmconfigs.Mount { + return vmconfigs.Mount{ ReadOnly: v.ReadOnly, Source: v.Source, Tag: v.Tag, diff --git a/pkg/machine/wsl/machine.go b/pkg/machine/wsl/machine.go index e97baf51cb17..10bf00e79499 100644 --- a/pkg/machine/wsl/machine.go +++ b/pkg/machine/wsl/machine.go @@ -20,6 +20,7 @@ import ( "github.com/containers/common/pkg/config" "github.com/containers/podman/v4/pkg/machine" "github.com/containers/podman/v4/pkg/machine/define" + "github.com/containers/podman/v4/pkg/machine/vmconfigs" "github.com/containers/podman/v4/pkg/machine/wsl/wutil" "github.com/containers/podman/v4/pkg/util" "github.com/containers/podman/v4/utils" @@ -298,7 +299,7 @@ type MachineVM struct { // Whether this machine should run in a rootful or rootless manner Rootful bool // SSH identity, username, etc - machine.SSHConfig + vmconfigs.SSHConfig // machine version Version int // Whether to use user-mode networking @@ -1526,12 +1527,12 @@ func unregisterDist(dist string) error { return cmd.Run() } -func (v *MachineVM) State(bypass bool) (machine.Status, error) { +func (v *MachineVM) State(bypass bool) (define.Status, error) { if v.isRunning() { - return machine.Running, nil + return define.Running, nil } - return machine.Stopped, nil + return define.Stopped, nil } func stopWinProxy(v *MachineVM) error { @@ -1808,7 +1809,7 @@ func (v *MachineVM) Inspect() (*machine.InspectInfo, error) { machinePipe := toDist(v.Name) connInfo.PodmanPipe = &define.VMFile{Path: `\\.\pipe\` + machinePipe} - created, lastUp, _ := v.updateTimeStamps(state == machine.Running) + created, lastUp, _ := v.updateTimeStamps(state == define.Running) return &machine.InspectInfo{ ConfigPath: define.VMFile{Path: v.ConfigPath}, ConnectionInfo: *connInfo, @@ -1827,7 +1828,7 @@ func (v *MachineVM) Inspect() (*machine.InspectInfo, error) { }, nil } -func (v *MachineVM) getResources() (resources machine.ResourceConfig) { +func (v *MachineVM) getResources() (resources vmconfigs.ResourceConfig) { resources.CPUs, _ = getCPUs(v) resources.Memory, _ = getMem(v) resources.DiskSize = getDiskSize(v)