vendor: github.com/docker/libnetwork 1f3b98be6833a93f254aa0f765ff55d407dfdd69

- fix linting issues
- update to go1.18.9, gofmt, and regenerate proto
- processEndpointCreate: Fix deadlock between getSvcRecords and processEndpointCreate

full diff: dcdf8f176d...1f3b98be68

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

vendor.conf

@@ -48,7 +48,7 @@ github.com/grpc-ecosystem/go-grpc-middleware        3c51f7f332123e8be5a157c0802a
 # libnetwork
 
 # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly
-github.com/docker/libnetwork                        dcdf8f176d1e13ad719e913e796fb698d846de98
+github.com/docker/libnetwork                        1f3b98be6833a93f254aa0f765ff55d407dfdd69
 github.com/docker/go-events                         e31b211e4f1cd09aa76fe4ac244571fab96ae47f
 github.com/armon/go-radix                           e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
 github.com/armon/go-metrics                         f0300d1749da6fa982027e449ec0c7a145510c3c # v0.4.1

vendor/github.com/docker/libnetwork/bitseq/sequence.go

@@ -621,13 +621,14 @@ func findSequence(head *sequence, bytePos uint64) (*sequence, *sequence, uint64,
 // Remove current sequence if empty.
 // Check if new sequence can be merged with neighbour (previous/next) sequences.
 //
-//
 // Identify "current" sequence containing block:
-//                                      [prev seq] [current seq] [next seq]
+//
+//	[prev seq] [current seq] [next seq]
 //
 // Based on block position, resulting list of sequences can be any of three forms:
 //
-//        block position                        Resulting list of sequences
+//	block position                        Resulting list of sequences
+//
 // A) block is first in current:         [prev seq] [new] [modified current seq] [next seq]
 // B) block is last in current:          [prev seq] [modified current seq] [new] [next seq]
 // C) block is in the middle of current: [prev seq] [curr pre] [new] [curr post] [next seq]

vendor/github.com/docker/libnetwork/datastore/datastore.go

@@ -14,7 +14,7 @@ import (
 	"github.com/docker/libnetwork/types"
 )
 
-//DataStore exported
+// DataStore exported
 type DataStore interface {
 	// GetObject gets data from datastore and unmarshals to the specified object
 	GetObject(key string, o KVObject) error
@@ -174,14 +174,14 @@ func (cfg *ScopeCfg) IsValid() bool {
 	return true
 }
 
-//Key provides convenient method to create a Key
+// Key provides convenient method to create a Key
 func Key(key ...string) string {
 	keychain := append(rootChain, key...)
 	str := strings.Join(keychain, "/")
 	return str + "/"
 }
 
-//ParseKey provides convenient method to unpack the key to complement the Key function
+// ParseKey provides convenient method to unpack the key to complement the Key function
 func ParseKey(key string) ([]string, error) {
 	chain := strings.Split(strings.Trim(key, "/"), "/")
 

vendor/github.com/docker/libnetwork/drivers/bridge/bridge.go

@@ -781,8 +781,8 @@ func (d *driver) createNetwork(config *networkConfiguration) (err error) {
 		// Setup IP6Tables.
 		{config.EnableIPv6 && d.config.EnableIP6Tables, network.setupIP6Tables},
 
-		//We want to track firewalld configuration so that
-		//if it is started/reloaded, the rules can be applied correctly
+		// We want to track firewalld configuration so that
+		// if it is started/reloaded, the rules can be applied correctly
 		{d.config.EnableIPTables, network.setupFirewalld},
 		// same for IPv6
 		{config.EnableIPv6 && d.config.EnableIP6Tables, network.setupFirewalld6},
@@ -796,7 +796,7 @@ func (d *driver) createNetwork(config *networkConfiguration) (err error) {
 		// Add inter-network communication rules.
 		{d.config.EnableIPTables, setupNetworkIsolationRules},
 
-		//Configure bridge networking filtering if ICC is off and IP tables are enabled
+		// Configure bridge networking filtering if ICC is off and IP tables are enabled
 		{!config.EnableICC && d.config.EnableIPTables, setupBridgeNetFiltering},
 	} {
 		if step.Condition {

vendor/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_rawsockaddr_data_int8.go

@@ -1,3 +1,4 @@
+//go:build !arm && !ppc64 && !ppc64le && !riscv64
 // +build !arm,!ppc64,!ppc64le,!riscv64
 
 package bridge

vendor/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_rawsockaddr_data_uint8.go

@@ -1,3 +1,4 @@
+//go:build arm || ppc64 || ppc64le || riscv64
 // +build arm ppc64 ppc64le riscv64
 
 package bridge

vendor/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package bridge

vendor/github.com/docker/libnetwork/drivers/bridge/setup_bridgenetfiltering.go

@@ -20,7 +20,7 @@ const (
 	ipvboth
 )
 
-//Gets the IP version in use ( [ipv4], [ipv6] or [ipv4 and ipv6] )
+// Gets the IP version in use ( [ipv4], [ipv6] or [ipv4 and ipv6] )
 func getIPVersion(config *networkConfiguration) ipVersion {
 	ipVersion := ipv4
 	if config.AddressIPv6 != nil || config.EnableIPv6 {
@@ -49,7 +49,7 @@ func setupBridgeNetFiltering(config *networkConfiguration, i *bridgeInterface) e
 	return nil
 }
 
-//Enable bridge net filtering if ip forwarding is enabled. See github issue #11404
+// Enable bridge net filtering if ip forwarding is enabled. See github issue #11404
 func checkBridgeNetFiltering(config *networkConfiguration, i *bridgeInterface) error {
 	ipVer := getIPVersion(config)
 	iface := config.BridgeName
@@ -119,7 +119,7 @@ func getBridgeNFKernelParam(ipVer ipVersion) string {
 	}
 }
 
-//Gets the value of the kernel parameters located at the given path
+// Gets the value of the kernel parameters located at the given path
 func getKernelBoolParam(path string) (bool, error) {
 	enabled := false
 	line, err := ioutil.ReadFile(path)
@@ -132,7 +132,7 @@ func getKernelBoolParam(path string) (bool, error) {
 	return enabled, err
 }
 
-//Sets the value of the kernel parameter located at the given path
+// Sets the value of the kernel parameter located at the given path
 func setKernelBoolParam(path string, on bool) error {
 	value := byte('0')
 	if on {
@@ -141,7 +141,7 @@ func setKernelBoolParam(path string, on bool) error {
 	return ioutil.WriteFile(path, []byte{value, '\n'}, 0644)
 }
 
-//Checks to see if packet forwarding is enabled
+// Checks to see if packet forwarding is enabled
 func isPacketForwardingEnabled(ipVer ipVersion, iface string) (bool, error) {
 	switch ipVer {
 	case ipv4, ipv6:

vendor/github.com/docker/libnetwork/drivers/bridge/setup_ip_tables.go

@@ -22,6 +22,7 @@ const (
 	// bridge. A positive match identifies a packet originated from one bridge
 	// network's bridge destined to another bridge network's bridge and will
 	// result in the packet being dropped. No match returns to the parent chain.
+
 	IsolationChain1 = "DOCKER-ISOLATION-STAGE-1"
 	IsolationChain2 = "DOCKER-ISOLATION-STAGE-2"
 )

vendor/github.com/docker/libnetwork/drivers/overlay/ostweaks_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package overlay

vendor/github.com/docker/libnetwork/drivers/windows/port_mapping.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package windows

vendor/github.com/docker/libnetwork/drivers/windows/windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 // Shim for the Host Network Service (HNS) to manage networking for

vendor/github.com/docker/libnetwork/drivers/windows/windows_store.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package windows

vendor/github.com/docker/libnetwork/endpoint_info_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/endpoint_info_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/firewall_others.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package libnetwork

vendor/github.com/docker/libnetwork/ipams/builtin/builtin_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd || darwin
 // +build linux freebsd darwin
 
 package builtin

vendor/github.com/docker/libnetwork/ipams/builtin/builtin_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package builtin

vendor/github.com/docker/libnetwork/ipams/remote/api/api.go

@@ -34,14 +34,14 @@ func (capRes GetCapabilityResponse) ToCapability() *ipamapi.Capability {
 	}
 }
 
-// GetAddressSpacesResponse is the response to the ``get default address spaces`` request message
+// GetAddressSpacesResponse is the response to the “get default address spaces“ request message
 type GetAddressSpacesResponse struct {
 	Response
 	LocalDefaultAddressSpace  string
 	GlobalDefaultAddressSpace string
 }
 
-// RequestPoolRequest represents the expected data in a ``request address pool`` request message
+// RequestPoolRequest represents the expected data in a “request address pool“ request message
 type RequestPoolRequest struct {
 	AddressSpace string
 	Pool         string
@@ -50,7 +50,7 @@ type RequestPoolRequest struct {
 	V6           bool
 }
 
-// RequestPoolResponse represents the response message to a ``request address pool`` request
+// RequestPoolResponse represents the response message to a “request address pool“ request
 type RequestPoolResponse struct {
 	Response
 	PoolID string
@@ -58,37 +58,37 @@ type RequestPoolResponse struct {
 	Data   map[string]string
 }
 
-// ReleasePoolRequest represents the expected data in a ``release address pool`` request message
+// ReleasePoolRequest represents the expected data in a “release address pool“ request message
 type ReleasePoolRequest struct {
 	PoolID string
 }
 
-// ReleasePoolResponse represents the response message to a ``release address pool`` request
+// ReleasePoolResponse represents the response message to a “release address pool“ request
 type ReleasePoolResponse struct {
 	Response
 }
 
-// RequestAddressRequest represents the expected data in a ``request address`` request message
+// RequestAddressRequest represents the expected data in a “request address“ request message
 type RequestAddressRequest struct {
 	PoolID  string
 	Address string
 	Options map[string]string
 }
 
-// RequestAddressResponse represents the expected data in the response message to a ``request address`` request
+// RequestAddressResponse represents the expected data in the response message to a “request address“ request
 type RequestAddressResponse struct {
 	Response
 	Address string // in CIDR format
 	Data    map[string]string
 }
 
-// ReleaseAddressRequest represents the expected data in a ``release address`` request message
+// ReleaseAddressRequest represents the expected data in a “release address“ request message
 type ReleaseAddressRequest struct {
 	PoolID  string
 	Address string
 }
 
-// ReleaseAddressResponse represents the response message to a ``release address`` request
+// ReleaseAddressResponse represents the response message to a “release address“ request
 type ReleaseAddressResponse struct {
 	Response
 }

vendor/github.com/docker/libnetwork/netutils/utils_linux.go

@@ -1,4 +1,6 @@
+//go:build linux
 // +build linux
+
 // Network utility functions.
 
 package netutils

vendor/github.com/docker/libnetwork/network.go

@@ -980,13 +980,13 @@ func (n *network) Delete(options ...NetworkDeleteOption) error {
 }
 
 // This function gets called in 3 ways:
-//  * Delete() -- (false, false)
-//      remove if endpoint count == 0 or endpoint count == 1 and
-//      there is a load balancer IP
-//  * Delete(libnetwork.NetworkDeleteOptionRemoveLB) -- (false, true)
-//      remove load balancer and network if endpoint count == 1
-//  * controller.networkCleanup() -- (true, true)
-//      remove the network no matter what
+//   - Delete() -- (false, false)
+//     remove if endpoint count == 0 or endpoint count == 1 and
+//     there is a load balancer IP
+//   - Delete(libnetwork.NetworkDeleteOptionRemoveLB) -- (false, true)
+//     remove load balancer and network if endpoint count == 1
+//   - controller.networkCleanup() -- (true, true)
+//     remove the network no matter what
 func (n *network) delete(force bool, rmLBEndpoint bool) error {
 	n.Lock()
 	c := n.ctrlr

vendor/github.com/docker/libnetwork/network_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/network_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/networkdb/networkdb.go

@@ -283,7 +283,7 @@ func (nDB *NetworkDB) Close() {
 		logrus.Errorf("%v(%v) Could not close DB: %v", nDB.config.Hostname, nDB.config.NodeID, err)
 	}
 
-	//Avoid (*Broadcaster).run goroutine leak
+	// Avoid (*Broadcaster).run goroutine leak
 	nDB.broadcaster.Close()
 }
 
@@ -473,17 +473,18 @@ func (nDB *NetworkDB) deleteNodeFromNetworks(deletedNode string) {
 
 // deleteNodeNetworkEntries is called in 2 conditions with 2 different outcomes:
 // 1) when a notification is coming of a node leaving the network
-//		- Walk all the network entries and mark the leaving node's entries for deletion
-//			These will be garbage collected when the reap timer will expire
+//   - Walk all the network entries and mark the leaving node's entries for deletion
+//     These will be garbage collected when the reap timer will expire
+//
 // 2) when the local node is leaving the network
-//		- Walk all the network entries:
-//			A) if the entry is owned by the local node
-//		  then we will mark it for deletion. This will ensure that if a node did not
-//		  yet received the notification that the local node is leaving, will be aware
-//		  of the entries to be deleted.
-//			B) if the entry is owned by a remote node, then we can safely delete it. This
-//			ensures that if we join back this network as we receive the CREATE event for
-//		  entries owned by remote nodes, we will accept them and we notify the application
+//   - Walk all the network entries:
+//     A) if the entry is owned by the local node
+//     then we will mark it for deletion. This will ensure that if a node did not
+//     yet received the notification that the local node is leaving, will be aware
+//     of the entries to be deleted.
+//     B) if the entry is owned by a remote node, then we can safely delete it. This
+//     ensures that if we join back this network as we receive the CREATE event for
+//     entries owned by remote nodes, we will accept them and we notify the application
 func (nDB *NetworkDB) deleteNodeNetworkEntries(nid, node string) {
 	// Indicates if the delete is triggered for the local node
 	isNodeLocal := node == nDB.config.NodeID
@@ -608,7 +609,7 @@ func (nDB *NetworkDB) JoinNetwork(nid string) error {
 	nodeNetworks[nid] = &network{id: nid, ltime: ltime, entriesNumber: entries}
 	nodeNetworks[nid].tableBroadcasts = &memberlist.TransmitLimitedQueue{
 		NumNodes: func() int {
-			//TODO fcrisciani this can be optimized maybe avoiding the lock?
+			// TODO fcrisciani this can be optimized maybe avoiding the lock?
 			// this call is done each GetBroadcasts call to evaluate the number of
 			// replicas for the message
 			nDB.RLock()

vendor/github.com/docker/libnetwork/networkdb/networkdb.pb.go

@@ -145,7 +145,9 @@ var NetworkEvent_Type_value = map[string]int32{
 func (x NetworkEvent_Type) String() string {
 	return proto.EnumName(NetworkEvent_Type_name, int32(x))
 }
-func (NetworkEvent_Type) EnumDescriptor() ([]byte, []int) { return fileDescriptorNetworkdb, []int{2, 0} }
+func (NetworkEvent_Type) EnumDescriptor() ([]byte, []int) {
+	return fileDescriptorNetworkdb, []int{2, 0}
+}
 
 type TableEvent_Type int32
 

vendor/github.com/docker/libnetwork/osl/kernel/knobs_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package kernel

vendor/github.com/docker/libnetwork/osl/namespace_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !windows && !freebsd
 // +build !linux,!windows,!freebsd
 
 package osl

vendor/github.com/docker/libnetwork/osl/sandbox_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !windows && !freebsd
 // +build !linux,!windows,!freebsd
 
 package osl

vendor/github.com/docker/libnetwork/portmapper/mapper.go

@@ -214,7 +214,7 @@ func (pm *PortMapper) Unmap(host net.Addr) error {
 	return ErrUnknownBackendAddressType
 }
 
-//ReMapAll will re-apply all port mappings
+// ReMapAll will re-apply all port mappings
 func (pm *PortMapper) ReMapAll() {
 	pm.lock.Lock()
 	defer pm.lock.Unlock()

vendor/github.com/docker/libnetwork/resolvconf/resolvconf.go

@@ -139,12 +139,11 @@ func GetLastModified() *File {
 }
 
 // FilterResolvDNS cleans up the config in resolvConf.  It has two main jobs:
-// 1. It looks for localhost (127.*|::1) entries in the provided
-//    resolv.conf, removing local nameserver entries, and, if the resulting
-//    cleaned config has no defined nameservers left, adds default DNS entries
-// 2. Given the caller provides the enable/disable state of IPv6, the filter
-//    code will remove all IPv6 nameservers if it is not enabled for containers
-//
+//  1. It looks for localhost (127.*|::1) entries in the provided
+//     resolv.conf, removing local nameserver entries, and, if the resulting
+//     cleaned config has no defined nameservers left, adds default DNS entries
+//  2. Given the caller provides the enable/disable state of IPv6, the filter
+//     code will remove all IPv6 nameservers if it is not enabled for containers
 func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
 	cleanedResolvConf := localhostNSRegexp.ReplaceAll(resolvConf, []byte{})
 	// if IPv6 is not enabled, also clean out any IPv6 address nameserver

vendor/github.com/docker/libnetwork/resolver_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/resolver_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/sandbox_dns_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/sandbox_dns_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/sandbox_externalkey_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd
 // +build linux freebsd
 
 package libnetwork

vendor/github.com/docker/libnetwork/sandbox_externalkey_windows.go

@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/service_common.go

@@ -1,3 +1,4 @@
+//go:build linux || windows
 // +build linux windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/service_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !windows
 // +build !linux,!windows
 
 package libnetwork

vendor/github.com/docker/libnetwork/store.go

@@ -340,8 +340,11 @@ func (c *controller) processEndpointCreate(nmap map[string]*netWatch, ep *endpoi
 		return
 	}
 
+	networkID := n.ID()
+	endpointID := ep.ID()
+
 	c.Lock()
-	nw, ok := nmap[n.ID()]
+	nw, ok := nmap[networkID]
 	c.Unlock()
 
 	if ok {
@@ -349,12 +352,12 @@ func (c *controller) processEndpointCreate(nmap map[string]*netWatch, ep *endpoi
 		n.updateSvcRecord(ep, c.getLocalEps(nw), true)
 
 		c.Lock()
-		nw.localEps[ep.ID()] = ep
+		nw.localEps[endpointID] = ep
 
 		// If we had learned that from the kv store remove it
 		// from remote ep list now that we know that this is
 		// indeed a local endpoint
-		delete(nw.remoteEps, ep.ID())
+		delete(nw.remoteEps, endpointID)
 		c.Unlock()
 		return
 	}
@@ -370,8 +373,8 @@ func (c *controller) processEndpointCreate(nmap map[string]*netWatch, ep *endpoi
 	n.updateSvcRecord(ep, c.getLocalEps(nw), true)
 
 	c.Lock()
-	nw.localEps[ep.ID()] = ep
-	nmap[n.ID()] = nw
+	nw.localEps[endpointID] = ep
+	nmap[networkID] = nw
 	nw.stopCh = make(chan struct{})
 	c.Unlock()