Commit graph

3392 commits

Author SHA1 Message Date
Sebastiaan van Stijn
20889dbac6
pkg/plugins: move Plugin.ScopedPath to platform-agnostic file
Since 0e5eaf8ee3, these implementations
were fully identical, so removing the duplicate, and move it to a
platform-agnostic file.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-25 22:35:40 +02:00
Sebastiaan van Stijn
24fef11e44
Merge pull request #45724 from akhramov/feature/chroot-archive-freebsd-build
pkg/chrootarchive: fix FreeBSD build
2023-07-23 16:26:29 +02:00
Sebastiaan van Stijn
3cfc1ffb0a
pkg/ioutils: some cleanups in tests
- remove gotest.tools dependency as it was only used in one test,
  and only for a trivial check
- use t.TempDir()
- rename vars that collided with package types
- don't use un-keyed structs
- explicitly ignore some errors to please linters
- use iotest.ErrReader
- TestReadCloserWrapperClose: verify reading works before closing :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-19 19:17:22 +02:00
Artem Khramov
8b843732b3 pkg/chrootarchive: fix FreeBSD build
For unix targets, `goInChroot()` is only implemented for `Linux`,
hence FreeBSD build fails.

This change

- Adds FreeBSD-specific chrooted tar/untar implementation
- Fixes statUnix() to accomodate to FreeBSD devminor/devmajor
- quirk. See also: https://github.com/containerd/containerd/pull/5991

Signed-off-by: Artem Khramov <akhramov@pm.me>
Co-authored-by: Cory Snider <corhere@gmail.com>
2023-07-18 18:42:08 +02:00
Bjorn Neergaard
0c6b616656
Merge pull request #45946 from thaJeztah/plugin_refactor_setupRemotePluginServer
pkg/plugins: don't share plugin server between tests and t.Parallel()
2023-07-17 17:51:04 -06:00
Sebastiaan van Stijn
6b7705d5b2
pkg/plugins: use a dummy hostname for local connections
For local communications (npipe://, unix://), the hostname is not used,
but we need valid and meaningful hostname.

The current code used the socket path as hostname, which gets rejected by
go1.20.6 and go1.19.11 because of a security fix for [CVE-2023-29406 ][1],
which was implemented in  https://go.dev/issue/60374.

Prior versions go Go would clean the host header, and strip slashes in the
process, but go1.20.6 and go1.19.11 no longer do, and reject the host
header.

Before this patch, tests would fail on go1.20.6:

    === FAIL: pkg/authorization TestAuthZRequestPlugin (15.01s)
    time="2023-07-12T12:53:45Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 1s"
    time="2023-07-12T12:53:46Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 2s"
    time="2023-07-12T12:53:48Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 4s"
    time="2023-07-12T12:53:52Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 8s"
        authz_unix_test.go:82: Failed to authorize request Post "http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq": http: invalid Host header

[1]: https://github.com/advisories/GHSA-f8f7-69v5-w4vx

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-14 18:57:55 +02:00
Sebastiaan van Stijn
2cb982b506
pkg/plugins: run tests with t.Parallel()
Some tests are testing timeouts and take a long time to run. Run the tests
in parallel, so that the test-suite takes shorter to run.

Before:

    ok  github.com/docker/docker/pkg/plugins	34.013s

After:

    ok  github.com/docker/docker/pkg/plugins	17.945s

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-12 22:30:46 +02:00
Sebastiaan van Stijn
b39362295a
pkg/plugins: don't share plugin server between tests
Refactor setupRemotePluginServer() to be a helper, and to spin up a test-
server for each test instead of sharing the same instance between tests.

This allows the tests to be run in parallel without stepping on each-other's
toes (tearing down the server).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-12 22:30:43 +02:00
Sebastiaan van Stijn
6fee7c8f8b
Merge pull request #45861 from thaJeztah/fileutils_deprecate_GetTotalUsedFds
pkg/fileutils: GetTotalUsedFds(): slight optimization for macOS
2023-07-11 20:06:24 +02:00
Sebastiaan van Stijn
93853eca94
pkg/fileutils: GetTotalUsedFds(): slight optimization for macOS
This patch contains some optimizations I still had stashed when working
on eaa9494b71.

- Use the bytes package for handling the output of "lsof", instead of
  converting to a string.
- Count the number of newlines in the output, instead of splitting the
  output into a slice of strings. We're only interested in the number
  of lines in the output.
- Use lsof's -F option to only print the file-descriptor for each line,
  as we don't need other information.
- Use the -l, -n, and -P options to omit converting usernames, host names,
  and port numbers.

From the [LSOF(8)][1] man-page:

   -l    This option inhibits the conversion of user ID numbers to
         login names. It is also useful when login name lookup is
         working improperly or slowly.

   -n    This option inhibits the conversion of network numbers to host
         names for network files. Inhibiting conversion can make lsof run faster.
         It is also useful when host name lookup is not working properly.

   -P    This option inhibits the conversion of port numbers to port names for network files.
         Inhibiting the conversion can make lsof run a little faster.
         It is also useful when host name lookup is not working properly.

Output looks something like;

    lsof -lnP -Ff -p 39849
    p39849
    fcwd
    ftxt
    ftxt
    f0
    f1
    f2
    f3
    f4
    f5
    f6
    f7
    f8
    f9
    f10
    f11

Before/After:

    BenchmarkGetTotalUsedFds-10  122  9479384 ns/op   10816 B/op  63 allocs/op
    BenchmarkGetTotalUsedFds-10  154  7814697 ns/op    7257 B/op  60 allocs/op

[1]: https://opensource.apple.com/source/lsof/lsof-49/lsof/lsof.man.auto.html

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-11 10:50:31 +02:00
Cory Snider
9cee34bc94 pkg/plugins: make unit test less time sensitive
TestClientWithRequestTimeout has been observed to flake in CI. The
timing in the test is quite tight, only giving the client a 10ms window
to time out, which could potentially be missed if the host is under
load and the goroutine scheduling is unlucky. Give the client a full
five seconds of grace to time out before failing the test.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-07-05 12:09:37 -04:00
Sebastiaan van Stijn
ec11aea880
pkg/jsonmessage: use string-literals for easier grep'ing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-05 12:27:02 +02:00
Sebastiaan van Stijn
fded42c3bd
pkg/ioutils: use string-literals for easier grep'ing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-05 12:27:02 +02:00
Sebastiaan van Stijn
1da079f211
pkg/idtools: use string-literals for easier grep'ing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-05 12:27:01 +02:00
Sebastiaan van Stijn
cffe563d4d
pkg/system: remove windows stubs for MkDev/MkNod
They're not used anywhere, so let's remove them; better to have
a compile error than a panic at runtime.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-03 18:50:30 +02:00
Sebastiaan van Stijn
ec79d0fc05
pkg/fileutils: GetTotalUsedFds(): use fast-path for Kernel 6.2 and up
Linux 6.2 and up (commit [f1f1f2569901ec5b9d425f2e91c09a0e320768f3][1])
provides a fast path for the number of open files for the process.

From the [Linux docs][2]:

> The number of open files for the process is stored in 'size' member of
> `stat()` output for /proc/<pid>/fd for fast access.

[1]: f1f1f25699
[2]: https://docs.kernel.org/filesystems/proc.html#proc-pid-fd-list-of-symlinks-to-open-files

This patch adds a fast-path for Kernels that support this, and falls back
to the slow path if the Size fields is zero.

Comparing on a Fedora 38 (kernel 6.2.9-300.fc38.x86_64):

Before/After:

    go test -bench ^BenchmarkGetTotalUsedFds$ -run ^$ ./pkg/fileutils/
    BenchmarkGetTotalUsedFds        57264     18595 ns/op     408 B/op      10 allocs/op
    BenchmarkGetTotalUsedFds       370392      3271 ns/op      40 B/op       3 allocs/op

Note that the slow path has 1 more file-descriptor, due to the open
file-handle for /proc/<pid>/fd during the calculation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 01:31:58 +02:00
Sebastiaan van Stijn
eaa9494b71
pkg/fileutils: GetTotalUsedFds: reduce allocations
Use File.Readdirnames instead of os.ReadDir, as we're only interested in
the number of files, and results don't have to be sorted.

Before:

    BenchmarkGetTotalUsedFds-5   	  149272	      7896 ns/op	     945 B/op	      20 allocs/op

After:

    BenchmarkGetTotalUsedFds-5   	  153517	      7644 ns/op	     408 B/op	      10 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 01:31:58 +02:00
Sebastiaan van Stijn
03390be5fa
pkg/fileutils: add BenchmarkGetTotalUsedFds
go test -bench ^BenchmarkGetTotalUsedFds$ -run ^$ ./pkg/fileutils/
    goos: linux
    goarch: arm64
    pkg: github.com/docker/docker/pkg/fileutils
    BenchmarkGetTotalUsedFds-5   	  149272	      7896 ns/op	     945 B/op	      20 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 01:31:57 +02:00
Sebastiaan van Stijn
252e94f499
pkg/fileutils: GetTotalUsedFds(): don't pretend to support FreeBSD
Commit 8d56108ffb moved this function from
the generic (no build-tags) fileutils.go to a unix file, adding "freebsd"
to the build-tags.

This likely was a wrong assumption (as other files had freebsd build-tags).
FreeBSD's procfs does not mention `/proc/<pid>/fd` in the manpage, and
we don't test FreeBSD in CI, so let's drop it, and make this a Linux-only
file.

While updating also dropping the import-tag, as we're planning to move
this file internal to the daemon.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 01:31:51 +02:00
Sebastiaan van Stijn
a764cd5a40
pkg/chrootarchive: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:33:03 +02:00
Sebastiaan van Stijn
f930559076
pkg/stdcopy: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:52 +02:00
Sebastiaan van Stijn
1216328c2d
pkg/plugins: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:52 +02:00
Sebastiaan van Stijn
651086d1d9
pkg/jsonmessage: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:51 +02:00
Sebastiaan van Stijn
1291bbfa50
pkg/capabilities: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:51 +02:00
Sebastiaan van Stijn
79af23e1ea
pkg/ioutils: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:51 +02:00
Sebastiaan van Stijn
316c7331eb
pkg/parsers: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:26:03 +02:00
Sebastiaan van Stijn
fb017754e1
pkg/system: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:26:02 +02:00
Sebastiaan van Stijn
5e9a354ff1
pkg/tarsum: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:25:20 +02:00
Sebastiaan van Stijn
2aac054f52
pkg/authorization: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:25:20 +02:00
Sebastiaan van Stijn
f7552f1de4
pkg/archive: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:25:09 +02:00
Bjorn Neergaard
8805e38398
Merge pull request #45799 from cpuguy83/containerd_logrus
Switch all logging to use containerd log pkg
2023-06-26 11:51:44 -06:00
Sebastiaan van Stijn
3c1de2e667
pkg/homedir: deprecate Key() utility
This utility was only used in tests, and internally, and no longer
used since we switch to using os.UserHomeDir() from stdlib.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 14:46:03 +02:00
Sebastiaan van Stijn
ddd9665289
pkg/homedir: deprecate GetShortcutString() utility
This function was last used in the pkg/mflag package, which was removed
in 14712f9ff0, and is no longer used in
libnetwork code since e6de8aec2f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 14:45:21 +02:00
Sebastiaan van Stijn
6876e45f9e
pkg/homedir: unify implementations
Unify some of the exported functions instead of maintaining separate functions
per platform.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 14:43:26 +02:00
Sebastiaan van Stijn
0aca7f2a0d
pkg/homedir: use os.UserHomeDir()
Use os.UserHomeDir() instead of writing our own, but keep the fallback
on Linux.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 14:30:42 +02:00
Brian Goff
74da6a6363 Switch all logging to use containerd log pkg
This unifies our logging and allows us to propagate logging and trace
contexts together.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-06-24 00:23:44 +00:00
Sebastiaan van Stijn
a9788886e6
Merge pull request #45720 from ndeloof/copy_uidgid
fix `docker cp -a` failing to access `/` in container
2023-06-14 01:11:36 +02:00
Sebastiaan van Stijn
59b5c6075f
pkg/rootless: remove GetRootlessKitClient, and move to daemon
This utility was only used in a single location (as part of `docker info`),
but the `pkg/rootless` package is imported in various locations, causing
rootlesskit to be a dependency for consumers of that package.

Move GetRootlessKitClient to the daemon code, which is the only location
it was used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-12 13:44:30 +02:00
Nicolas De Loof
3cc5d62f8a
run getent with a noop stdin
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-06-12 09:35:40 +02:00
Cory Snider
8a094fe609 daemon: ensure OCI options play nicely together
Audit the OCI spec options used for Linux containers to ensure they are
less order-dependent. Ensure they don't assume that any pointer fields
are non-nil and that they don't unintentionally clobber mutations to the
spec applied by other options.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-06-06 13:10:05 -04:00
Sebastiaan van Stijn
ab35df454d
remove pre-go1.17 build-tags
Removed pre-go1.17 build-tags with go fix;

    go mod init
    go fix -mod=readonly ./...
    rm go.mod

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-19 20:38:51 +02:00
Cory Snider
6690d2969c pkg/archive: bail if setting xattrs is unsupported
Extended attributes are set on files in container images for a reason.
Fail to unpack if extended attributes are present in a layer and setting
the attributes on the unpacked files fails for any reason.

Add an option to the vfs graph driver to opt into the old behaviour
where ENOTSUPP and EPERM errors encountered when setting extended
attributes are ignored. Make it abundantly clear to users and anyone
triaging their bug reports that they are shooting themselves in the
foot by enabling this option.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-05-18 17:21:12 -04:00
Cory Snider
0cdfd5f275 pkg/system: return rich errors from L(g|s)etxattr
Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-05-18 16:31:01 -04:00
Sebastiaan van Stijn
50d2c94bd6
Merge pull request #43637 from thaJeztah/remove_deprecated_storage_drivers
Remove deprecated devicemapper storage driver
2023-05-18 21:23:41 +02:00
Sebastiaan van Stijn
bafcfdf8c5
Merge pull request #45484 from thaJeztah/remove_deprecated_stubs
remove deprecated types, fields, and functions
2023-05-12 14:03:26 +01:00
Cory Snider
4e0319c878 [chore] clean up reexec.Init() calls
Now that most uses of reexec have been replaced with non-reexec
solutions, most of the reexec.Init() calls peppered throughout the test
suites are unnecessary. Furthermore, most of the reexec.Init() calls in
test code neglects to check the return value to determine whether to
exit, which would result in the reexec'ed subprocesses proceeding to run
the tests, which would reexec another subprocess which would proceed to
run the tests, recursively. (That would explain why every reexec
callback used to unconditionally call os.Exit() instead of returning...)

Remove unneeded reexec.Init() calls from test and example code which no
longer needs it, and fix the reexec.Init() calls which are not inert to
exit after a reexec callback is invoked.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-05-09 19:13:17 -04:00
Sebastiaan van Stijn
e3e715666f
pkg/aaparser: deprecate GetVersion, as it's no longer used
Our templates no longer contain version-specific rules, so this function
is no longer used. This patch deprecates it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-09 16:47:03 +02:00
Sebastiaan van Stijn
55608d8381
pkg/system: remove deprecated IsProcessAlive, IsProcessZombie, KillProcess
These were deprecated in 9d5e754caa, which
is part of the v24.0.0 release, so we can remove it from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:36:17 +02:00
Sebastiaan van Stijn
a3b12ec420
pkg/system: remove deprecated DefaultPathEnv()
This was deprecated in 9f3e5eead5, which
is part of the v24.0.0 release, so we can remove it from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:36:17 +02:00
Sebastiaan van Stijn
dc76b90705
pkg/system: remove deprecated MemInfo, ReadMemInfo()
These were deprecated in 2d49080056, which
is part of the v24.0.0 release, so we can remove it from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:36:17 +02:00
Sebastiaan van Stijn
7d0488b11e
pkg/ioutils: remove deprecated TempDir() alias
This function was deprecated in c63ea32a17, which
is part of the v24.0.0 release, so we can remove it from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:36:16 +02:00
Sebastiaan van Stijn
152c482fee
pkg/platform: remove deprecated OSType const
This const was deprecated in 5c78cbd3be, which
is part of the v24.0.0 release, so we can remove it from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:36:16 +02:00
Sebastiaan van Stijn
3e6092f5b2
pkg/jsonmessage: touch-up GoDoc
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-04 13:46:11 +02:00
Sebastiaan van Stijn
05cb0e5a7d
pkg/jsonmessage: JSONProgress.String(), JSONProgress.now(): simplify
- inline an intermediate variable
- remove a redundant intermediate function

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-04 13:46:10 +02:00
Sebastiaan van Stijn
4cadee65b3
pkg/jsonmessage: JSONMessage.Display(): remove special case for 401 errors
This special case was added in 3043c26419 as
a sentinel error (`AuthRequiredError`) to check whether authentication
is required (and to prompt the users to authenticate). A later refactor
(946bbee39a) removed the `AuthRequiredError`,
but kept the error-message and logic.

Starting with fcee6056dc, it looks like we
no longer depend on this specific error, so we can return the registry's
error message instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-04 13:46:10 +02:00
Sebastiaan van Stijn
c80f205f86
Merge pull request #45298 from thaJeztah/pkg_pkatform_cleanup
pkg/platform: cleanup, and deprecate OSType
2023-04-27 02:02:41 +02:00
Tobias Klauser
4ec063fade
pkg/sysinfo: omit Getpid call in numCPU
The man page for sched_setaffinity(2) states the following about the pid
argument [1]:

> If pid is zero, then the mask of the calling thread is returned.

Thus the additional call to unix.Getpid can be omitted and pid = 0
passed to unix.SchedGetaffinity.

[1] https://man7.org/linux/man-pages/man2/sched_setaffinity.2.html#DESCRIPTION

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2023-04-25 10:05:20 +02:00
Sebastiaan van Stijn
dc11d2a2d8
remove deprecated devicemapper storage-driver
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-20 23:51:54 +02:00
Sebastiaan van Stijn
5c78cbd3be
pkg/platform: deprecate OSType in favor or runtime.GOOS
This const looks to only be there for "convenience", or _possibly_ was created
with future normalization or special handling in mind.

In either case, currently it is just a direct copy (alias) for runtime.GOOS,
and defining our own type for this gives the impression that it's more than
that. It's only used in a single place, and there's no external consumers, so
let's deprecate this const, and use runtime.GOOS instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-08 14:57:33 +02:00
Sebastiaan van Stijn
cf9a76fe8f
pkg/platform: un-export consts that are only for internal use
These consts are only used internally, and never returned to the user.
Un-export to make it clear these are not for external consumption.

While looking at the code, I also noticed that we may be using the wrong
Windows API to collect this information (and found an implementation elsewhere
that does use the correct API). I did not yet update the code, in cases there
are specific reasons.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-08 14:57:30 +02:00
Sebastiaan van Stijn
790dd8cc92
pkg/platform: use const for OSType, improve GoDoc
It was not immediately clear why we were not using runtime.GOARCH for
these (with a conversion to other formats, such as x86_64). These docs
are based on comments that were posted when implementing this package;

- https://github.com/moby/moby/pull/13921#issuecomment-130106474
- https://github.com/moby/moby/pull/13921#issuecomment-140270124

Some links were now redirecting to a new location, so updated them to
not depend on the redirect.

While at it, also updated a call to logrus to use structured formatting
(WithError()).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-07 23:06:56 +02:00
Sebastiaan van Stijn
87019144f6
pkg/platform: replace use of deprecated syscall.Syscall
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-07 22:53:42 +02:00
Sebastiaan van Stijn
7ca38d64d2
pkg/platform: move package doc to platform-agnostic file
Make sure the package's documentation is available for any platform,
not just "unix".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-07 22:49:39 +02:00
Sebastiaan van Stijn
9434919f76
pkg/platform: rename files for consistency
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-07 22:43:54 +02:00
Sebastiaan van Stijn
e59f7fba6a
pkg/fileutils: remove aliases for deprecated functions and types
commit 3c69b9f2c5 replaced these functions
and types with github.com/moby/patternmatcher. That commit has shipped with
docker 23.0, and BuildKit v0.11 no longer uses the old functions, so we can
remove these.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-03 15:00:51 +02:00
Sebastiaan van Stijn
2d49080056
pkg/sysinfo: move MemInfo and ReadMemInfo to a separate package
Commit 6a516acb2e moved the MemInfo type and
ReadMemInfo() function into the pkg/sysinfo package. In an attempt to assist
consumers of these to migrate to the new location, an alias was added.

Unfortunately, the side effect of this alias is that pkg/system now depends
on pkg/sysinfo, which means that consumers of this (such as docker/cli) now
get all (indirect) dependencies of that package as dependency, which includes
many dependencies that should only be needed for the daemon / runtime;

- github.com/cilium/ebpf
- github.com/containerd/cgroups
- github.com/coreos/go-systemd/v22
- github.com/godbus/dbus/v5
- github.com/moby/sys/mountinfo
- github.com/opencontainers/runtime-spec

This patch moves the MemInfo related code to its own package. As the previous move
was not yet part of a release, we're not adding new aliases in pkg/sysinfo.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-15 17:52:45 +01:00
Akihiro Suda
e807ae4f2e
vendor: github.com/containerd/cgroups/v3 v3.0.1
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-03-08 20:15:17 +09:00
Cory Snider
dea3f2b417 Migrate away from things deprecated in Go 1.20
"math/rand".Seed
  - Migrate to using local RNG instances.

"archive/tar".TypeRegA
  - The deprecated constant tar.TypeRegA is the same value as
    tar.TypeReg and so is not needed at all.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-15 12:30:32 -05:00
Akihiro Suda
b3c5352386
rootless: support --ipc=host
Fix issue 44294

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-01-21 01:00:27 +09:00
Bjorn Neergaard
b34ffc99b8
Merge pull request #43112 from ningmingxiao/dev1
fix blockThreshold full deadlock bug
2023-01-19 14:23:44 -07:00
Gabriel Adrian Samfira
f49c88f1c4
Disable chrootarchive.init() on Windows
Disables user.Lookup() and net.LookupHost() in the init() function on Windows.

Any package that simply imports pkg/chrootarchive will panic on Windows
Nano Server, due to missing netapi32.dll. While docker itself is not
meant to run on Nano Server, binaries that may import this package and
run on Nano server, will fail even if they don't really use any of the
functionality in this package while running on Nano.

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
2023-01-18 16:34:13 +02:00
Roy Reznik
ff14f8ef16 Add GetLibHome stub for non-linux OS
Signed-off-by: Roy Reznik <roy@wiz.io>
2023-01-17 15:28:08 +02:00
ningmingxiao
dcfe23a038 fix blockThreshold full bug
Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
2023-01-17 12:56:43 +08:00
Cory Snider
0b83fd3217 ioutils: add regression test for bytespipe deadlock
Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-01-16 14:27:44 -05:00
Bjorn Neergaard
eb20ed1f69
Merge pull request #44789 from jg-public/specspath-to-registry
plugins: Move SpecPaths into LocalRegistry
2023-01-14 15:09:12 -07:00
Jan Garcia
833096ce42 homedir: fallback to user.Current().homeDir if XDG_DATA_HOME/XDG_CONFIG_HOME and HOME are unset
Signed-off-by: Jan Garcia <github-public@n-garcia.com>
2023-01-14 17:38:34 +01:00
Jan Garcia
1e1d326b50 plugins: Move GlobalSpecPaths into LocalRegistry
Signed-off-by: Jan Garcia <github-public@n-garcia.com>
2023-01-10 21:33:49 +01:00
Jan Garcia
6ab12ec8f4 rootless: move ./rootless to ./pkg/rootless
Signed-off-by: Jan Garcia <github-public@n-garcia.com>
2023-01-09 16:26:06 +01:00
Jan Garcia
c1bd5e9144 Use user paths for plugin discovery in rootless mode
Signed-off-by: Jan Garcia <github-public@n-garcia.com>
2023-01-09 16:26:06 +01:00
Sebastiaan van Stijn
937491288e
Merge pull request #43818 from thaJeztah/image_inspect
add support for image inspect with containerd-integration
2023-01-06 17:40:15 +01:00
Nicolas De Loof
1616a09b61 add support for image inspect with containerd-integration
This is a squashed version of various PRs (or related code-changes)
to implement image inspect with the containerd-integration;

- add support for image inspect
- introduce GetImageOpts to manage image inspect data in backend
- GetImage to return image tags with details
- list images matching digest to discover all tags
- Add ExposedPorts and Volumes to the image returned
- Refactor resolving/getting images
- Return the image ID on inspect
- consider digest and ignore tag when both are set
- docker run --platform

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-05 16:20:41 +01:00
Sebastiaan van Stijn
c4ed09ad4e
Merge pull request #44663 from thaJeztah/move_meminfo
pkg/system: move memory-info types to pkg/systeminfo, and minor refactor
2022-12-27 13:07:09 +01:00
Sebastiaan van Stijn
6a91e09218
pkg/parsers: use strings.Cut(), and cleanup error-messages
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:03 +01:00
Sebastiaan van Stijn
6059d38f21
pkg/parsers/operatingsystem: don't use strings.SplitN()
We're looking for a specific prefix, so remove the prefix instead. Also remove
redundant error-wrapping, as `os.Open()` already provides details in the error
returned;

    open /no/such/file: no such file or directory
    open /etc/os-release: permission denied

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:02 +01:00
Sebastiaan van Stijn
451b8579ef
pkg/parsers/kernel: use strings.Cut() and minor refactor
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:02 +01:00
Sebastiaan van Stijn
19db33afc9
pkg/tarsum: use strings.Cut() and minor refactor
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:00 +01:00
Sebastiaan van Stijn
ec878a3d89
pkg/sysinfo: unify ReadMemInfo implementation
Use a single exported implementation, so that we can maintain the
GoDoc string in one place, and use non-exported functions for the
actual implementation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 10:53:45 +01:00
Sebastiaan van Stijn
09ea6744fe
pkg/sysinfo: remove github.com/docker/go-units dependency
It was only used in a test, and only for a single const; define
it locally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 10:53:45 +01:00
Sebastiaan van Stijn
6a516acb2e
pkg/system: move memory-info types to pkg/systeminfo
These types and functions are more closely related to the functionality
provided by pkg/systeminfo, and used in conjunction with the other functions
in that package, so moving them there.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 10:53:45 +01:00
Sebastiaan van Stijn
6919b9879b
pkg/sysinfo: unify NumCPU implementation
Use a single exported implementation, so that we can maintain the
GoDoc string in one place, and use non-exported functions for the
actual implementation (which were already in place).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 10:53:42 +01:00
Sebastiaan van Stijn
c63ea32a17
pkg/ioutils: TempDir: move to pkg/longpath
This utility wasn't very related to all other utilities in pkg/ioutils.
Moving it to longpath to also make it more clear what it does.

It looks like there's only a single (public) external consumer of this
utility, and only used in a test, and it's not 100% clear if it was
intentional to use our package, of if it was a case of "I actually meant
`io/ioutil.MkdirTemp`" so we could consider skipping the alias.

While moving the package, I also renamed `TempDir` to `MkdirTemp`, which
is the signature it matches in "os" from stdlib.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-20 23:24:12 +01:00
Sebastiaan van Stijn
3314f4ef09
pkg/ioutils: unify TempDir implementation
This allows us to maintain a single GoDoc string to describe
what it's used for.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-20 23:23:59 +01:00
Sebastiaan van Stijn
2e67c85c13
pkg/longpath: fix package GoDoc
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-20 23:23:59 +01:00
Sebastiaan van Stijn
13b36ce063
Merge pull request #44661 from thaJeztah/optimize_stringid
pkg/stringid: optimize performance
2022-12-17 18:24:39 +01:00
Sebastiaan van Stijn
6371675bf9
Merge pull request #44275 from thaJeztah/move_pkg_system_funcs
pkg/system: move some functions to a new home
2022-12-16 15:25:41 +01:00
Sebastiaan van Stijn
54512f2184
pkg/stringid: optimize performance
Had these laying around; not very critical as these functions are barely
used, but probably won't hurt:

    BenchmarkIsShortID-10       1447230     816.9 ns/op       0 B/op     0 allocs/op
    BenchmarkIsShortIDNew-10   10103319     101.9 ns/op       0 B/op     0 allocs/op
    BenchmarkValidateID-10        10000    112208 ns/op   33005 B/op    10 allocs/op
    BenchmarkValidateIDNew-10    653293      1737 ns/op   16534 B/op     6 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-16 14:44:52 +01:00
AdamKorcz
93fa093122
testing: move fuzzers over from OSS-Fuzz
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 17:31:03 +01:00
Sebastiaan van Stijn
fb77973201
pkg/system: move CheckSystemDriveAndRemoveDriveLetter to pkg/archive
This one is a "bit" fuzzy, as it may not be _directly_ related to `archive`,
but it's always used _in combination_ with the archive package, so moving it
there.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-29 17:07:48 +01:00
Sebastiaan van Stijn
c4872b4519
pkg/system: CheckSystemDriveAndRemoveDriveLetter: fix error format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-29 17:02:53 +01:00
Sebastiaan van Stijn
ad371893f2
pkg/system: move GetLongPathName to integration-cli
It's only used for an integration test, and has no external consumers.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-29 17:02:53 +01:00