Commit graph

2136 commits

Author SHA1 Message Date
Sebastiaan van Stijn
ef6f5367dc
vendor: github.com/containerd/containerd v1.6.19
Update hcsshim to v0.9.7 to include fix for graceful termination and pause containers

full diff: https://github.com/containerd/containerd/compare/v1.6.18...v1.6.19

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-28 23:27:11 +01:00
Sebastiaan van Stijn
5997ad8512
vendor: github.com/Microsoft/hcsshim v0.9.7
- Retain pause.exe as entrypoint for default pause images
- wcow: support graceful termination of servercore containers

full diff: https://github.com/Microsoft/hcsshim/compare/v0.9.6...v0.9.7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-28 23:25:58 +01:00
Bjorn Neergaard
855c684708
Merge pull request #44664 from corhere/embedded-resolver-fixes
libnetwork: improve embedded DNS resolver
2023-02-23 12:25:58 -07:00
Bjorn Neergaard
5c1d6c957b
Merge pull request #44810 from rumpl/containerd-lazy-snapshotters
c8d/pull: Add CRI-compatible annotation of pulled content
2023-02-21 16:30:35 -07:00
Bjorn Neergaard
bc0392af66
Merge pull request #45047 from thaJeztah/update_buildkit_0.11.3
vendor: github.com/moby/buildkit v0.11.3
2023-02-21 15:01:27 -07:00
Cory Snider
d6c4e17411 Upgrade containerd/fifo to v1.1.0
Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-21 12:29:46 -05:00
Bjorn Neergaard
782a369f92
c8d/pull: Add CRI-compatible annotation of pulled content
Co-authored-by: Paweł Gronowski <pawel.gronowski@docker.com>
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2023-02-21 08:35:52 -07:00
Bjorn Neergaard
a4a3efb75b
Merge pull request #44982 from neersighted/containerd_1.6.18
daemon: fully resolve `apparmor_parser` regression
2023-02-21 08:19:02 -07:00
Sebastiaan van Stijn
9104cd5441
vendor: github.com/moby/buildkit v0.11.3
full diff: https://github.com/moby/buildkit/compare/49992f513921...v0.11.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-21 12:17:33 +01:00
Cory Snider
b0eed5ade6 daemon: allow shimv2 runtimes to be configured
Kubernetes only permits RuntimeClass values which are valid lowercase
RFC 1123 labels, which disallows the period character. This prevents
cri-dockerd from being able to support configuring alternative shimv2
runtimes for a pod as shimv2 runtime names must contain at least one
period character. Add support for configuring named shimv2 runtimes in
daemon.json so that runtime names can be aliased to
Kubernetes-compatible names.

Allow options to be set on shimv2 runtimes in daemon.json.

The names of the new daemon runtime config fields have been selected to
correspond with the equivalent field names in cri-containerd's
configuration so that users can more easily follow documentation from
the runtime vendor written for cri-containerd and apply it to
daemon.json.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-17 18:08:06 -05:00
Benjamin Wang
4a886a3e8f dependency: bump go.etcd.io/bbolt to v1.3.7
Please refer to link below to get more detailed info on bbolt@v1.3.7,
- https://github.com/etcd-io/bbolt/blob/master/CHANGELOG/CHANGELOG-1.3.md#v1372023-01-31

Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-17 16:51:15 +08:00
Cory Snider
25b51cad3d libnetwork: replace ad-hoc semaphore implementation
...for limiting concurrent external DNS requests with
"golang.org/x/sync/semaphore".Weighted. Replace the ad-hoc rate limiter
for when the concurrency limit is hit (which contains a data-race bug)
with "golang.org/x/time/rate".Sometimes.

Immediately retrying with the next server if the concurrency limit has
been hit just further compounds the problem. Wait on the semaphore and
refuse the query if it could not be acquired in a reasonable amount of
time.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-16 19:05:59 -05:00
Bjorn Neergaard
174802e15f
vendor: github.com/containerd/containerd v1.6.18
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2023-02-16 08:26:13 -07:00
Sebastiaan van Stijn
a36286cf89
vendor: golang.org/x/net v0.7.0
This addresses the same CVE as is patched in go1.19.6. From that announcement:

> net/http: avoid quadratic complexity in HPACK decoding
>
> A maliciously crafted HTTP/2 stream could cause excessive CPU consumption
> in the HPACK decoder, sufficient to cause a denial of service from a small
> number of small requests.
>
> This issue is also fixed in golang.org/x/net/http2 v0.7.0, for users manually
> configuring HTTP/2.
>
> This is CVE-2022-41723 and Go issue https://go.dev/issue/57855.

full diff: https://github.com/golang/net/compare/v0.5.0...v0.7.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 21:00:09 +01:00
Sebastiaan van Stijn
c7de76569e
vendor: golang.org/x/text v0.7.0
full diff: https://github.com/golang/text/compare/v0.6.0...v0.7.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 20:59:33 +01:00
Sebastiaan van Stijn
a53b44a266
vendor: golang.org/x/sys v0.5.0
full diff: https://github.com/golang/sys/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 20:58:24 +01:00
Tonis Tiigi
eaeaa7b7fd
vendor: update buildkit to latest v0.11
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-07 10:24:43 -08:00
Tonis Tiigi
666334bd48
vendor: update buildkit to v0.11.2
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-01 23:29:10 -08:00
Sebastiaan van Stijn
85169a04cf
vendor: github.com/tonistiigi/fsutil v0.0.0-20221114235510-0127568185cf
full diff: 9ed612626d...0127568185

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-01 23:10:39 -08:00
Sebastiaan van Stijn
c41c8c2f86
vendor: github.com/containerd/containerd v1.6.16
Notable Updates

- Fix push error propagation
- Fix slice append error with HugepageLimits for Linux
- Update default seccomp profile for PKU and CAP_SYS_NICE
- Fix overlayfs error when upperdirlabel option is set

full diff: https://github.com/containerd/containerd/compare/v1.6.15...v1.6.16

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-30 09:07:59 +01:00
Sebastiaan van Stijn
22098745e7
vendor: github.com/pelletier/go-toml v1.9.5
Contains a fix that prevents a panic on an invalid toml file.

full diff: https://github.com/pelletier/go-toml/compare/v1.9.4...v1.9.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-30 09:05:04 +01:00
Sebastiaan van Stijn
25f95b0000
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
full diff: 0da442b278...904c221ac2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-19 23:36:45 +01:00
Sebastiaan van Stijn
65c6ba1fc4
vendor: golang.org/x/net v0.5.0
contains a fix for CVE-2022-41721, although it probably does not affect us.

full diff: https://github.com/golang/net/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:34:05 +01:00
Sebastiaan van Stijn
824dc51341
vendor: golang.org/x/text v0.6.0
full diff: https://github.com/golang/text/compare/v0.5.0...v0.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:16:10 +01:00
Sebastiaan van Stijn
e66e6bb28a
vendor: golang.org/x/sys v0.4.0
full diff: https://github.com/golang/sys/compare/v0.3.0...v0.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:09:18 +01:00
Sebastiaan van Stijn
af6b5d55db
vendor: github.com/moby/ipvs v1.1.0
full diff: https://github.com/moby/ipvs/compare/v1.0.2...v1.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-14 17:25:22 +01:00
Sebastiaan van Stijn
f53feeea8b
vendor: github.com/vishvananda/netns v0.0.2
full diff: https://github.com/vishvananda/netns/compare/v0.0.1...v0.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-14 17:23:50 +01:00
Sebastiaan van Stijn
bb5cae2c94
vendor: github.com/vishvananda/netns v0.0.1
The project started tagging releases for go modules.

full diff: https://github.com/vishvananda/netns/compare/2eb08e3e575f...v0.0.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-13 14:55:18 +01:00
Bjorn Neergaard
d42495033e
daemon/config: support alternate (common) unicode encodings using a BOM
This is a pragmatic but impure choice, in order to better support the
default tools available on Windows Server, and reduce user confusion due
to otherwise inscrutable-to-the-uninitiated errors like the following:

> invalid character 'þ' looking for beginning of value
> invalid character 'ÿ' looking for beginning of value

While meaningful to those who are familiar with and are equipped to
diagnose encoding issues, these characters will be hidden when the file
is edited with a BOM-aware text editor, and further confuse the user.

Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2023-01-10 15:49:15 -07:00
Cory Snider
62296f9281
Merge pull request #44087 from jchorl/josh/sdkupgrade
Upgrade to aws go sdk v2 for cloudwatch logging driver
2023-01-10 14:51:30 -05:00
Sebastiaan van Stijn
bffe6d5670
vendor: github.com/containerd/containerd v1.6.15
no changes to vendored files

full diff: https://github.com/containerd/containerd/compare/v1.6.14...v1.6.15

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-09 13:26:32 +01:00
Josh Chorlton
c12d7b6d21 upgrade to aws sdk go v2
Co-Authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Josh Chorlton <jchorlton@gmail.com>
Signed-off-by: Cory Snider <csnider@mirantis.com>
Signed-off-by: Josh Chorlton <jchorlton@gmail.com>
2023-01-07 17:27:31 +00:00
Sebastiaan van Stijn
83d7ae76e8
vendor: github.com/containerd/containerd v1.6.14
No changes in vendored code, other than the version bump

full diff: https://github.com/containerd/containerd/compare/v1.6.13...v1.6.14

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-19 22:44:40 +01:00
Sebastiaan van Stijn
35cbdc9661
vendor: github.com/containerd/containerd v1.6.13
full diff: https://github.com/containerd/containerd/compare/v1.6.12...v1.6.13

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:34:46 +01:00
Sebastiaan van Stijn
9300aca2a6
vendor: github.com/Microsoft/hcsshim v0.9.6
full diff: https://github.com/Microsoft/hcsshim/compare/v0.9.5...v0.9.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:33:18 +01:00
Sebastiaan van Stijn
0007490b21
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
No changes in vendored code, but removes some indirect dependencies.

full diff: b17f02f0a0...0da442b278

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 14:27:07 +01:00
Sebastiaan van Stijn
389dacd6e2
vendor: github.com/tinylib/msgp v1.1.6
This is a dependency of github.com/fluent/fluent-logger-golang, which
currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

Notable changes:

- all: implement omitempty
- fix: JSON encoder may produce invalid utf-8 when provided invalid utf-8 message pack string.
- added Unwrap method to errWrapped plus tests; switched travis to go 1.14
- CopyToJSON: fix bitSize for floats
- Add Reader/Writer constructors with custom buffer
- Add missing bin header functions
- msgp/unsafe: bring code in line with unsafe guidelines
- msgp/msgp: fix ReadMapKeyZC (fix "Fail to decode string encoded as bin type")

full diff: https://github.com/tinylib/msgp/compare/v1.1.0...v1.1.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:35:03 +01:00
Sebastiaan van Stijn
24496fe097
vendor: github.com/philhofer/fwd v1.1.2
This is an (indirect) dependency of github.com/fluent/fluent-logger-golang,
which currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

full diff: https://github.com/philhofer/fwd/compare/v1.0.0...v1.1.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:34:18 +01:00
Sebastiaan van Stijn
77f9c550bd
Merge pull request #44605 from thaJeztah/bump_golang_net
vendor: golang.org/x/net v0.4.0
2022-12-09 00:03:14 +01:00
Sebastiaan van Stijn
12c76d4a15
vendor: github.com/containerd/containerd v1.6.12
no changes in vendored code, but containerd v1.6.12 is a security release,
so updating, to prevent scanners marking the dependency to have a vulnerability.

full diff: https://github.com/containerd/containerd/compare/v1.6.11...v1.6.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-08 00:42:46 +01:00
Sebastiaan van Stijn
4bbc37687e
vendor: golang.org/x/net v0.4.0
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0

other dependency updates (due to circular dependencies):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-07 22:25:49 +01:00
Sebastiaan van Stijn
d331bc3b03
vendor: github.com/containerd/containerd v1.6.11
- Fix nil pointer deference for Windows containers in CRI plugin
- Fix lease labels unexpectedly overwriting expiration
- Fix for simultaneous diff creation using the same parent snapshot

full diff: https://github.com/containerd/containerd/v1.6.10...v1.6.11

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-06 23:26:25 +01:00
Sebastiaan van Stijn
cc1884dc04
Merge pull request #44501 from tiborvass/immutable_radix
libnetwork: use go-immutable-radix instead of radix
2022-12-06 12:46:53 +01:00
Tibor Vass
eaa74497b8
libnetwork: use go-immutable-radix instead of radix
This commit allows to remove dependency on the mutable version armon/go-radix.

The go-immutable-radix package is better maintained.

It is likely that a bit more memory will be used when using the
immutable version, though discarded nodes are being reused in a pool.
These changes happen when networks are added/removed or nodes come and
go in a cluster, so we are still talking about a relatively low
frequency event.

The major changes compared to the old radix are when modifying (insert
or delete) a tree, and those are pretty self-contained: we replace the
entire immutable tree under a lock.

Signed-off-by: Tibor Vass <teabee89@gmail.com>
2022-11-30 17:03:46 -08:00
AdamKorcz
93fa093122
testing: move fuzzers over from OSS-Fuzz
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 17:31:03 +01:00
Sebastiaan van Stijn
1907027b7b
Merge pull request #44520 from vvoland/disk-usage-singleflight
daemon/disk_usage: Use context aware singleflight
2022-11-30 13:39:55 +01:00
Paweł Gronowski
dec81e489f
daemon/disk_usage: Use context aware singleflight
The singleflight function was capturing the context.Context of the first
caller that invoked the `singleflight.Do`. This could cause all
concurrent calls to be cancelled when the first request is cancelled.

singleflight calls were also moved from the ImageService to Daemon, to
avoid having to implement this logic in both graphdriver and containerd
based image services.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-11-29 16:46:19 +01:00
Sebastiaan van Stijn
c1a9e82d3e
vendor: google.golang.org/grpc v1.50.1
full diff: https://github.com/grpc/grpc-go/compare/v1.48.0...v1.50.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-26 14:20:00 +01:00
Sebastiaan van Stijn
dc52e08bb5
vendor: github.com/prometheus/client_golang v1.14.0
full diff: https://github.com/prometheus/client_golang/compare/v1.13.0...v1.14.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
b2fe29ba79
vendor: github.com/go-logr/logr v1.2.3
full diff: https://github.com/go-logr/logr/compare/v1.2.2...v1.2.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
7c1b7842c6
vendor: golang.org/x/crypto v0.2.0
- all: use math/bits.RotateLeft

full diff: https://github.com/golang/crypto/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
efe17dbdb4
vendor: golang.org/x/net v0.2.0
- http2/hpack: build static table with go generate

full diff: https://github.com/golang/net/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
0588a83380
vendor: github.com/opencontainers/runc v1.1.3
no changes in vendored code

full diff: https://github.com/opencontainers/runc/compare/v1.1.2...v1.1.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
38adf7a694
vendor: github.com/klauspost/compress v1.15.12
full diff: https://github.com/klauspost/compress/compare/v1.15.9...v1.15.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
e1058e6bc3
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
This module made a whoopsie, and updated to `google.golang.org/protobuf`
in a patch release, but `google.golang.org/protobuf` is not backward
compatible with `github.com/golang/protobuf`.

Updating the minimum version to v1.0.4 which corrects this, to prevent
users of containerd as a module from accidentally pulling in the wrong
version:

- v1.0.3 switched to use `google.golang.org/protobuf`; https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2..v1.0.3
- This was reverted in v1.0.4 (which is the same as v1.0.2); https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.3..v1.0.4
- And a `v2` was created instead; https://github.com/matttproud/golang_protobuf_extensions/releases/tag/v2.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 15:18:24 +01:00
Sebastiaan van Stijn
64f9ea1cf5
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221123162438-b17f02f0a054
full diff: 6341884e5f...b17f02f0a0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:30:18 +01:00
Sebastiaan van Stijn
a5898e3a2d
vendor: github.com/prometheus/client_golang v1.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:22:22 +01:00
Sebastiaan van Stijn
2cc6a86fd3
vendor: github.com/aws/aws-sdk-go v1.37.0
full diff: https://github.com/aws/aws-sdk-go/compare/v1.31.6...v1.37.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:20:40 +01:00
Sebastiaan van Stijn
8f1bc3a3b7
vendor: google.golang.org/grpc v1.48.0
full diff: https://github.com/grpc/grpc-go/compare/v1.47.0...v1.48.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:19:09 +01:00
Sebastiaan van Stijn
b0e20e1b3c
vendor: go.uber.org/zap v1.21.0
full diff: https://github.com/uber-go/zap/compare/v1.17.0...v1.21.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
066fb6c69e
vendor: go.uber.org/multierr v1.8.0
full diff: https://github.com/uber-go/multierr/compare/v1.6.0...v1.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
b41580d66e
vendor: go.uber.org/atomic v1.9.0
full diff: https://github.com/uber-go/atomic/compare/v1.7.0...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
341c9e77a8
vendor: github.com/jmespath/go-jmespath v0.4.0
no code changes in vendored files

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:40 +01:00
Sebastiaan van Stijn
9a8b46518b
vendor: google.golang.org/genproto v0.0.0-20220706185917-7780775163c4
no changes in vendored files

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:31 +01:00
Sebastiaan van Stijn
1e48b64538
vendor: github.com/fernet/fernet-go v0.0.0-20211208181803-9f70042a33ee
Fixes a potential panic.

full diff: 9eac43b88a...9f70042a33

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:02:36 +01:00
Sebastiaan van Stijn
4113a88523
vendor: google.golang.org/protobuf v1.28.1
indirect dependency, but updating it in a separate commit

full diff: https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:00:44 +01:00
Sebastiaan van Stijn
26c4429f7e
vendor: github.com/spf13/cobra v1.6.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 17:58:08 +01:00
Sebastiaan van Stijn
b7e92237c5
Merge pull request #44502 from thaJeztah/bump_moby_term
vendor: github.com/moby/term v0.0.0-20221120202655-abb19827d345
2022-11-23 17:55:30 +01:00
Sebastiaan van Stijn
61f266f660
vendor: github.com/moby/term v0.0.0-20221120202655-abb19827d345
no significant changes in vendored code, other than updating build-tags
for go1.17, but removes some dependencies from the module, which can
help with future updates;

full diff: 3f7ff695ad...abb19827d3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-20 21:36:38 +01:00
Sebastiaan van Stijn
62a4a45a72
vendor.mod: remove replace for github.com/rexray/gocsi
While this replace was needed in swarmkit itself, it looks like
it doesn't cause issues when removed in this repository, so
let's remove it here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-18 17:22:41 +01:00
Sebastiaan van Stijn
a2d758acc9
vendor: github.com/armon/go-radix v1.0.1-0.20221118154546-54df44f2176c
Previously we had to use a replace rule, as later versions of this
module resulted in a panic. This issue was fixed in:
f30034d788

Which means we can remove the replace rule, and update the dependency.
No new release was tagged yet, so sticking to a "commit" for now.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-18 17:15:42 +01:00
Sebastiaan van Stijn
2799bbc562
Merge pull request #44467 from AkihiroSuda/rootlesskit-1.1.0
update RootlessKit to v1.1.0
2022-11-16 14:10:14 +01:00
Akihiro Suda
fd1912de97
Merge pull request #44461 from tao12345666333/vendor-containerd-v1.6.10
vendor: github.com/containerd/containerd v1.6.10
2022-11-16 09:59:00 +09:00
Sebastiaan van Stijn
a6cb8efd81
vendor: golang.org/x/oauth2 v0.1.0
The golang.org/x/ projects are now doing tagged releases.

Some notable changes:

- authhandler: Add support for PKCE
- Introduce new AuthenticationError type returned by errWrappingTokenSource.Token
- Add support to set JWT Audience in JWTConfigFromJSON()
- google/internal: Add AWS Session Token to Metadata Requests
- go.mod: update vulnerable net library
- google: add support for "impersonated_service_account" credential type.
- google/externalaccount: add support for workforce pool credentials

full diff: https://github.com/golang/oauth2/compare/2bc19b11175f...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-15 13:43:31 +01:00
Sebastiaan van Stijn
9d7bd47cb6
vendor: golang.org/x/crypto v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/crypto/compare/3147a52a75dd...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-15 13:43:28 +01:00
Akihiro Suda
08516af897
vendor: github.com/rootless-containers/rootlesskit v1.1.0
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-11-15 20:43:09 +09:00
Jintao Zhang
4e5c3b82cb vendor: github.com/containerd/containerd v1.6.10
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-11-15 15:11:05 +08:00
Sebastiaan van Stijn
06e4b7d1f8
vendor: github.com/moby/buildkit v0.10.6
full diff: https://github.com/moby/buildkit/compare/v0.10.5...v0.10.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-14 20:17:39 +01:00
Akihiro Suda
028b3cbe15
Merge pull request #44421 from thaJeztah/update_miekg_dns
go.mod: github.com/miekg/dns v1.1.43
2022-11-11 08:00:21 +09:00
Akihiro Suda
079ed04a6b
Merge pull request #44418 from thaJeztah/golang_x_releases_step1
vendor: update golang.org/x/ dependencies to tagged releases
2022-11-11 07:59:20 +09:00
Sebastiaan van Stijn
3b84630e14
Merge pull request #44427 from thaJeztah/swap_digestset
replace distribution/digestset with opencontainers/go-digest/digestset
2022-11-09 14:14:14 +01:00
Sebastiaan van Stijn
79f9ffd401
vendor: golang.org/x/net v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff:

- https://github.com/golang/net/compare/f3363e06e74c...v0.1.0
- https://github.com/golang/text/compare/v0.3.7...v0.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-09 13:50:51 +01:00
Sebastiaan van Stijn
71fa64a272
vendor: golang.org/x/time v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/time/compare/f0f3c7e86c11...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-09 13:50:51 +01:00
Sebastiaan van Stijn
4965f19626
vendor: golang.org/x/sync v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/sync/compare/036812b2e83c...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-09 13:50:51 +01:00
Sebastiaan van Stijn
4bb95eef6f
vendor: golang.org/x/sys v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/sys/compare/84dc82d7e875...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-09 13:50:50 +01:00
Sebastiaan van Stijn
6174d00c03
replace distribution/digestset with opencontainers/go-digest/digestset
opencontainers/go-digest is a 1:1 copy of the one in distribution. It's no
longer used in distribution itself, so may be removed there at some point.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-08 14:15:13 +01:00
Sebastiaan van Stijn
bbb1b82232
go.mod: github.com/miekg/dns v1.1.43
This update:

- removes support for go1.11
- removes the use of "golang.org/x/crypto/ed25519", which is now part of stdlib:
  > Beginning with Go 1.13, the functionality of this package was moved to the
  > standard library as crypto/ed25519. This package only acts as a compatibility
  > wrapper.

Note that this is not the latest release; version v1.1.44 introduced a tools.go
file, which added golang.org/x/tools to the dependency tree (but only used for
"go:generate") see commit:
df84acab71

full diff: https://github.com/miekg/dns/compare/v1.1.27...v1.1.43

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-06 15:03:31 +01:00
Sebastiaan van Stijn
d43bc26717
vendor: gotest.tools/v3 v3.4.0
- removes github.com/spf13/pflag dependency
- removes use of deprecated io/ioutil package
- drops support for go1.16

full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.3.0...v3.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-05 19:38:01 +01:00
Sebastiaan van Stijn
57ba2df970
vendor: github.com/google/go-cmp v0.5.9 to remove golang.org/x/xerrors dep
full diff: https://github.com/google/go-cmp/compare/v0.5.7...v0.5.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-05 19:21:36 +01:00
Bjorn Neergaard
57c2545cd5
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221102165002-6341884e5fc9
full diff: 48dd89375d...6341884e5f

Pulls in a set of fixes to SwarmKit's nascent Cluster Volumes support
discovered during subsequent development and testing.

Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-11-02 15:10:08 -06:00
Sebastiaan van Stijn
04dc007c76
vendor: github.com/containerd/containerd v1.6.9
release notes: https://github.com/containerd/containerd/releases/tag/v1.6.9

full diff: https://github.com/containerd/containerd/compare/v1.6.8...v1.6.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-24 14:17:46 -04:00
Sebastiaan van Stijn
0fc17c42af
vendor: github.com/moby/buildkit v0.10.5
https://github.com/moby/buildkit/releases/tag/v0.10.5

full diff: https://github.com/moby/buildkit/compare/v0.10.4...v0.10.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-18 22:38:34 +02:00
Sebastiaan van Stijn
90431d1857
daemon/graphdriver/windows: use go-winio.GetFileSystemType()
go-winio now defines this function, so we can consume that.

Note that there's a difference between the old implementation and the original
one (added in 1cb9e9b44e). The old implementation
had special handling for win32 error codes, which was removed in the go-winio
implementation in 0966e1ad56

As `go-winio.GetFileSystemType()` calls `filepath.VolumeName(path)` internally,
this patch also removes the `string(home[0])`, which is redundant, and could
potentially panic if an empty string would be passed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-10 16:22:05 +02:00
Sebastiaan van Stijn
6742f74e0e
vendor: golang.org/x/sys v0.0.0-20221006211917-84dc82d7e875
full diff: 3c1f35247d...84dc82d7e8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-08 21:19:33 +02:00
Sebastiaan van Stijn
a5e1baf3ab
vendor: github.com/opencontainers/selinux v1.10.2
full diff: https://github.com/opencontainers/selinux/compare/v1.10.1...v1.10.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-05 22:36:16 +02:00
Sebastiaan van Stijn
3c69b9f2c5
replace pkg/fileutils Matching funcs with github.com/moby/patternmatcher
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 23:25:28 +02:00
Sebastiaan van Stijn
0249afc523
migrate pkg/pubsub to github.com/moby/pubsub
This package was moved to a separate repository, using the steps below:

    # install filter-repo (https://github.com/newren/git-filter-repo/blob/main/INSTALL.md)
    brew install git-filter-repo

    cd ~/projects

    # create a temporary clone of docker
    git clone https://github.com/docker/docker.git moby_pubsub_temp
    cd moby_pubsub_temp

    # for reference
    git rev-parse HEAD
    # --> 572ca799db

    # remove all code, except for pkg/pubsub, license, and notice, and rename pkg/pubsub to /
    git filter-repo --path pkg/pubsub/ --path LICENSE --path NOTICE --path-rename pkg/pubsub/:

    # remove canonical imports
    git revert -s -S 585ff0ebbe6bc25b801a0e0087dd5353099cb72e

    # initialize module
    go mod init github.com/moby/pubsub
    go mod tidy

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 18:40:19 +02:00
Sebastiaan van Stijn
89555e45f2
Merge pull request #44191 from corhere/drop-containerfs-iface
Remove LCOW: pkg/containerfs: drop ContainerFS abstraction
2022-09-27 10:28:35 +02:00
Samuel Karp
67da3f7e6b
Merge pull request #44189 from thaJeztah/sequential_release 2022-09-25 00:05:25 -07:00
Akihiro Suda
58dd03a471
Merge pull request #44180 from thaJeztah/bump_gotest_tools
vendor: gotest.tools v3.3.0
2022-09-24 08:03:53 +09:00
Cory Snider
7014c0d65d pkg/containerfs: drop PathDriver abstraction
With LCOW support removed, there is no need to support non-native file
paths any longer.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-09-23 16:25:22 -04:00
Sebastiaan van Stijn
489e7b61bf
vendor: github.com/moby/sys/sequential v0.5.0
no changes, just updated to use the tagged version;

full diff: https://github.com/moby/sys/compare/b22ba8a69b30...sequential/v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-23 18:39:20 +02:00
Sebastiaan van Stijn
323ab8ef97
vendor: github.com/github.com/coreos/go-systemd v22.4.0
- dbus: add Connected methods to check connections status
- dbus: add support for querying unit by PID
- dbus: implement support for cgroup freezer APIs
- journal: remove implicit initialization
- login1: add methods to get session/user properties
- login1: add context-aware ListSessions and ListUsers methods

full diff: https://github.com/github.com/coreos/go-systemd/compare/v22.3.2...v22.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 19:57:44 +02:00
Sebastiaan van Stijn
3e1601a980
vendor: gotest.tools v3.3.0
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.2.0...v3.3.0

- golden: accept -update for updating files
- assert: golden variables

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 15:45:08 +02:00
Bjorn Neergaard
c0fa14e8af vendor: github.com/armon/go-metrics v0.4.1
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-09-15 09:59:59 -06:00
Bjorn Neergaard
1d7ceb2fee vendor: github.com/google/btree v1.1.2
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-09-15 09:59:59 -06:00
Sebastiaan van Stijn
eb29361d9d
Merge pull request #44072 from thaJeztah/bump_units
vendor: github.com/docker/go-units v0.5.0
2022-09-08 16:53:32 +02:00
Sebastiaan van Stijn
518179f63e
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-06 22:50:51 +02:00
Sebastiaan van Stijn
13f99eb65f
vendor: github.com/docker/go-units v0.5.0
full diff: https://github.com/docker/go-units/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-01 10:22:00 +02:00
Sebastiaan van Stijn
0db50996b7
Merge pull request #44043 from thaJeztah/bump_klauspost_compress
vendor: github.com/klauspost/compress v1.15.9
2022-08-31 16:11:17 +02:00
Sebastiaan van Stijn
509f19f611
replace pkg/system Sequential funcs with moby/sys/sequential
Migrating these functions to allow them being shared between moby, docker/cli,
and containerd, and to allow using them without importing all of sys / system,
which (in containerd) also depends on hcsshim and more.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-30 09:33:49 +02:00
Sebastiaan van Stijn
f7277806c8
vendor: github.com/klauspost/compress v1.15.9
various fixes in zstd compression

- https://github.com/klauspost/compress/releases/tag/v1.15.9
- https://github.com/klauspost/compress/releases/tag/v1.15.8
- https://github.com/klauspost/compress/releases/tag/v1.15.7
- https://github.com/klauspost/compress/releases/tag/v1.15.6
- https://github.com/klauspost/compress/releases/tag/v1.15.5
- https://github.com/klauspost/compress/releases/tag/v1.15.4
- https://github.com/klauspost/compress/releases/tag/v1.15.3
- https://github.com/klauspost/compress/releases/tag/v1.15.2

full diff: https://github.com/klauspost/compress/compare/v1.15.1...v1.15.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-26 01:46:28 +02:00
Sebastiaan van Stijn
c500d8824d
vendor: github.com/moby/buildkit v0.10.4
release notes: https://github.com/moby/buildkit/releases/tag/v0.10.4

full diff: https://github.com/moby/buildkit/compare/8e2d9b9006ca...v0.10.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-25 21:33:08 +02:00
Sebastiaan van Stijn
2646beac87
Merge pull request #43353 from thaJeztah/update_logentries
vendor: github.com/bsphere/le_go v0.0.0-20200109081728-fc06dab2caa8
2022-08-19 18:03:40 +02:00
Bjorn Neergaard
360238e9e1 vendor: github.com/hasicorp/memberlist v0.4.0
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-08-18 09:51:11 -06:00
Sebastiaan van Stijn
ca52e0a244
vendor: github.com/containerd/containerd v1.6.8
no code changes, other than a version bump

full diff: https://github.com/containerd/containerd/compare/v1.6.7...v1.6.8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-17 17:34:07 +02:00
Sebastiaan van Stijn
9861dd069b
vendor: github.com/moby/swarmkit/v2 v2.0.0-20220721174824-48dd89375d0a
full diff: 6068d1894d...48dd89375d

Finishes off the work to change references to cluster volumes in the API
from using "csi" as the magic word to "cluster". This reflects that the
volumes are "cluster volumes", not "csi volumes".

Notably, there is no change to the plugin definitions being "csinode"
and "csicontroller". This terminology is appropriate with regards to
plugins because it accurates reflects what the plugin is.

Signed-off-by: Drew Erny <derny@mirantis.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-09 14:03:50 +02:00
Brian Goff
ad8d255bb9
Merge pull request #43922 from crazy-max/vendor-buildkit-2
vendor buildkit 8e2d9b9 (v0.10 branch)
2022-08-08 09:55:33 -07:00
CrazyMax
e05f614267
vendor buildkit 8e2d9b9 (v0.10 branch)
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-08-05 14:40:46 +02:00
Sebastiaan van Stijn
7376bf948b
vendor: github.com/containerd/containerd v1.6.7
full diff: https://github.com/containerd/containerd/v1.6.6...v1.6.7

Welcome to the v1.6.7 release of containerd!

The seventh patch release for containerd 1.6 contains various fixes,
includes a new version of runc and adds support for ppc64le and riscv64
(requires unreleased runc 1.2) builds.

Notable Updates

- Update runc to v1.1.3
- Seccomp: Allow clock_settime64 with CAP_SYS_TIME
- Fix WWW-Authenticate parsing
- Support RISC-V 64 and ppc64le builds
- Windows: Update hcsshim to v0.9.4 to fix regression with HostProcess stats
- Windows: Fix shim logs going to panic.log file
- Allow ptrace(2) by default for kernels >= 4.8

See the changelog for complete list of changes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-05 00:12:38 +02:00
Sebastiaan van Stijn
9100e3c087
Merge pull request #43219 from corhere/sdjournal
Rewrite journald LogReader and unit test it
2022-08-02 23:47:35 +02:00
Sebastiaan van Stijn
510beeccf4
Merge pull request #43898 from vvoland/vendor-hcsshim
vendor: github.com/Microsoft/hcsshim v0.9.4
2022-08-02 17:19:35 +02:00
Paweł Gronowski
69f077f1aa
vendor: github.com/Microsoft/hcsshim v0.9.4
full diff: https://github.com/microsoft/hcsshim/compare/v0.9.3...v0.9.4

Changes are mostly fixes of unsafe usage of `unsafe.Pointer`

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-08-02 10:03:11 +02:00
Cory Snider
547da0d575 daemon: support other containerd runtimes (MVP)
Contrary to popular belief, the OCI Runtime specification does not
specify the command-line API for runtimes. Looking at containerd's
architecture from the lens of the OCI Runtime spec, the _shim_ is the
OCI Runtime and runC is "just" an implementation detail of the
io.containerd.runc.v2 runtime. When one configures a non-default runtime
in Docker, what they're really doing is instructing Docker to create
containers using the io.containerd.runc.v2 runtime with a configuration
option telling the runtime that the runC binary is at some non-default
path. Consequently, only OCI runtimes which are compatible with the
io.containerd.runc.v2 shim, such as crun, can be used in this manner.
Other OCI runtimes, including kata-containers v2, come with their own
containerd shim and are not compatible with io.containerd.runc.v2.
As Docker has not historically provided a way to select a non-default
runtime which requires its own shim, runtimes such as kata-containers v2
could not be used with Docker.

Allow other containerd shims to be used with Docker; no daemon
configuration required. If the daemon is instructed to create a
container with a runtime name which does not match any of the configured
or stock runtimes, it passes the name along to containerd verbatim. A
user can start a container with the kata-containers runtime, for
example, simply by calling

    docker run --runtime io.containerd.kata.v2

Runtime names which containerd would interpret as a path to an arbitrary
binary are disallowed. While handy for development and testing it is not
strictly necessary and would allow anyone with Engine API access to
trivially execute any binary on the host as root, so we have decided it
would be safest for our users if it was not allowed.

It is not yet possible to set an alternative containerd shim as the
default runtime; it can only be configured per-container.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-07-27 14:22:49 -04:00
Cory Snider
342b44bf20 logger/journald: rewrite reader w/o cursors
Careful management of the journal read pointer is sufficient to ensure
that no entry is read more than once.

Unit test the journald logger without requiring a running journald by
using the systemd-journal-remote command to write arbitrary entries to
journal files.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-07-25 16:41:38 -04:00
Sebastiaan van Stijn
5daceee6ca
Merge pull request #43624 from rumpl/feat-memdb-prefix
Use hashicorp/go-memdb instead of truncindex
2022-07-08 11:09:20 +02:00
Sebastiaan van Stijn
cbe354b12a
vendor.mod: group replace rules
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 17:37:38 +02:00
Sebastiaan van Stijn
421b93dcf5
vendor: github.com/hashicorp/go-msgpack v0.5.5 (indirect)
updating to the latest v0.5.x patch release:

full diff: https://github.com/hashicorp/go-msgpack/compare/v0.5.3...v0.5.5

- Fix an issue where struct pointer fields tagged with omitempty will be omitted
  if referenced value is empty, so a field of type *bool, then field would be
  omitted pointer is nil or &false.
- Fixed a decoding issue when decoding a string value in a map where the value
  already existed would panic.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:49:01 +02:00
Sebastiaan van Stijn
4e87a758f6
vendor: github.com/hashicorp/serf v0.8.5
updating to the latest v0.8.x patch release:

full diff: https://github.com/hashicorp/serf/compare/v0.8.2...v0.8.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:48:58 +02:00
Sebastiaan van Stijn
06a7f41488
vendor: github.com/hashicorp/serf v0.8.2, go-msgpack v0.5.3
un-pin these dependencies

full diff: https://github.com/hashicorp/serf/compare/598c54895cc5...v0.8.2
full diff: https://github.com/hashicorp/go-msgpack/compare/71c2886f5a67...v0.5.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:48:53 +02:00
Sebastiaan van Stijn
f3b2df7b0b
vendor: github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da
Un-pin this indirect dependency

full diff: eb0af217e5...f0300d1749

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:46:00 +02:00
Sebastiaan van Stijn
6b023b2eb6
vendor: github.com/prometheus/client_golang v1.12.1, procfs v0.7.3
full diff: https://github.com/prometheus/client_golang/compare/v1.6.0...v1.12.1
full diff: https://github.com/prometheus/procfs/compare/v0.0.11...v0.7.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:41:16 +02:00
Sebastiaan van Stijn
bd9412e36b
vendor: un-pin github.com/matttproud/golang_protobuf_extensions
It's an indirect dependency, and we were pinning it to use the latest tagged
release (which didn't have a go.mod yet). No code changes in the vendored files,
so let's skip the replace rule.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:41:14 +02:00
Sebastiaan van Stijn
f0647f33f5
vendor: go.opencensus.io v0.23.0
un-pinning the dependency

full diff: https://github.com/census-instrumentation/opencensus-go/compare/v0.22.3...v0.23.0

- replace gofmt with goimports
- Allow creating additional View universes
- Safely reject invalid-length span and trace ids
    - fix Panic when x-b3-spanid exceeds 16 characters
- Reduce allocations
- Remove call to time.Now() on worker thread when handling record reqs
- Delete views from measure ref when unregistering
- Allow custom view.Meters to export metrics for other Resources
- Initialize View Start Time During View Registration
- Record a Start Time Per Time Series within a View
- Made public traceparent/tracestate marshal/unmarshal
- Fix const labels with derived metrics
- Defer IDGenerator initialization until first use
- Allow replacing trace SDK
- Provide accessor to the span implementation
- Lock only when needed, remove duplicate code
- Update dependencies
- fix memory leak cause by the spanStore.(census-instrumentation/opencensus-go)
- Adds an exported function to flush interval reader
- Adding GC stats to runmetrics plugin

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:41:12 +02:00
Sebastiaan van Stijn
939d124731
vendor: github.com/hashicorp/go-multierror v1.1.1
un-pinning the dependency

full diff: https://github.com/hashicorp/go-multierror/compare/v1.0.0...v1.1.1

- add sync/errgroup like functionality
- Support Go 1.13 errors.As/Is/Unwrap functionality
- required go 1.13 or up
- Check if multierror is nil in WrappedErrors

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 16:41:10 +02:00
Sebastiaan van Stijn
917f620874
vendor: un-pin github.com/coreos/systemd
It's not used as a direct dependency, and not vendored.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 13:37:07 +02:00
Sebastiaan van Stijn
6488695a2c
vendor: un-pin github.com/coreos/pkg
It's not used as a direct dependency, and not vendored.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 13:33:02 +02:00
Sebastiaan van Stijn
cf543a0bd5
vendor: github.com/moby/sys/mount v0.3.3
full diff: https://github.com/moby/sys/compare/mount/v0.3.1...v0.3.3

- bump x/sys/unix
- ci: add go mod tidy check
- mount: bump mountinfo to v0.6.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-27 10:27:51 +02:00
Sebastiaan van Stijn
4178caade6
vendor: github.com/moby/sys/mountinfo v0.6.2
full diff: https://github.com/moby/sys/compare/mountinfo/v0.6.0...mountinfo/v0.6.2

- update golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
- mountinfo: BSDs no longer need cgo nor reflect
- mountinfo: update doc to use fs.ErrNotExist
- Bump x/sys/unix

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-27 10:26:53 +02:00
Sebastiaan van Stijn
53aefba7f3
vendor: golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a
full diff: 33da011f77...bc2c85ada1

notable changes;

- unix: use ByteSliceFromString in (*Ifreq).Name
- unix: update openbsd Statfs_t fields

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-27 10:21:35 +02:00
Martin Braun
5edfd6d081 bump netlink library
bump netlink to 1.2.1
change usages of netlink handle .Delete() to Close()
remove superfluous replace in vendor.mod
make requires of github.com/Azure/go-ansiterm direct

Signed-off-by: Martin Braun <braun@neuroforge.de>
2022-06-16 22:25:33 +02:00
Sebastiaan van Stijn
73b4b07c4d
vendor: github.com/containerd/containerd v1.6.6
full diff: https://github.com/containerd/containerd/compare/v1.6.5...v1.6.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-06 22:42:00 +02:00
Sebastiaan van Stijn
89db5a6fd4
vendor: github.com/containerd/containerd v1.6.5
full diff: https://github.com/containerd/containerd/compare/v1.6.4...v1.6.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-04 22:39:32 +02:00
Sebastiaan van Stijn
c51d34dcfb
vendor: github.com/moby/ipvs v1.0.2
full diff: https://github.com/moby/ipvs/compare/v1.0.1...v1.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-31 15:40:51 +02:00
Sebastiaan van Stijn
fdd2772547
vendor: gotest.tools v3.2.0
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.1.0...v3.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-28 12:18:22 +02:00
Akihiro Suda
2f6b8a2aec
vendor: github.com/containerd/cgroups v1.0.4
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-05-27 10:49:24 +09:00
Ameya Gawde
c576de88ed
vendor: github.com/Microsoft/hcsshim v0.9.3
Signed-off-by: Ameya Gawde <agawde@mirantis.com>
2022-05-23 09:15:16 -07:00
Djordje Lukic
70dc392bfa
Use hashicorp/go-memdb instead of truncindex
memdb already knows how to search by prefix so there is no need to keep
a separate list of container ids in the truncindex

Benchmarks:

$ go test -benchmem -run=^$ -count 5 -tags linux -bench ^BenchmarkDBGetByPrefix100$ github.com/docker/docker/container
goos: linux
goarch: amd64
pkg: github.com/docker/docker/container
cpu: Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz
BenchmarkDBGetByPrefix100-6        16018             73935 ns/op           33888 B/op       1100 allocs/op
BenchmarkDBGetByPrefix100-6        16502             73150 ns/op           33888 B/op       1100 allocs/op
BenchmarkDBGetByPrefix100-6        16218             74014 ns/op           33856 B/op       1100 allocs/op
BenchmarkDBGetByPrefix100-6        15733             73370 ns/op           33792 B/op       1100 allocs/op
BenchmarkDBGetByPrefix100-6        16432             72546 ns/op           33744 B/op       1100 allocs/op
PASS
ok      github.com/docker/docker/container      9.752s

$ go test -benchmem -run=^$ -count 5 -tags linux -bench ^BenchmarkTruncIndexGet100$ github.com/docker/docker/pkg/truncindex
goos: linux
goarch: amd64
pkg: github.com/docker/docker/pkg/truncindex
cpu: Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz
BenchmarkTruncIndexGet100-6        16862             73732 ns/op           44776 B/op       1173 allocs/op
BenchmarkTruncIndexGet100-6        16832             73629 ns/op           45184 B/op       1179 allocs/op
BenchmarkTruncIndexGet100-6        17214             73571 ns/op           45160 B/op       1178 allocs/op
BenchmarkTruncIndexGet100-6        16113             71680 ns/op           45360 B/op       1182 allocs/op
BenchmarkTruncIndexGet100-6        16676             71246 ns/op           45056 B/op       1184 allocs/op
PASS
ok      github.com/docker/docker/pkg/truncindex 9.759s

$ go test -benchmem -run=^$ -count 5 -tags linux -bench ^BenchmarkDBGetByPrefix500$ github.com/docker/docker/container
goos: linux
goarch: amd64
pkg: github.com/docker/docker/container
cpu: Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz
BenchmarkDBGetByPrefix500-6         1539            753541 ns/op          169381 B/op       5500 allocs/op
BenchmarkDBGetByPrefix500-6         1624            749975 ns/op          169458 B/op       5500 allocs/op
BenchmarkDBGetByPrefix500-6         1635            761222 ns/op          169298 B/op       5500 allocs/op
BenchmarkDBGetByPrefix500-6         1693            727856 ns/op          169297 B/op       5500 allocs/op
BenchmarkDBGetByPrefix500-6         1874            710813 ns/op          169570 B/op       5500 allocs/op
PASS
ok      github.com/docker/docker/container      6.711s

$ go test -benchmem -run=^$ -count 5 -tags linux -bench ^BenchmarkTruncIndexGet500$ github.com/docker/docker/pkg/truncindex
goos: linux
goarch: amd64
pkg: github.com/docker/docker/pkg/truncindex
cpu: Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz
BenchmarkTruncIndexGet500-6         1934            780328 ns/op          224073 B/op       5929 allocs/op
BenchmarkTruncIndexGet500-6         1713            713935 ns/op          225011 B/op       5937 allocs/op
BenchmarkTruncIndexGet500-6         1780            702847 ns/op          224090 B/op       5943 allocs/op
BenchmarkTruncIndexGet500-6         1736            711086 ns/op          224027 B/op       5929 allocs/op
BenchmarkTruncIndexGet500-6         2448            508694 ns/op          222322 B/op       5914 allocs/op
PASS
ok      github.com/docker/docker/pkg/truncindex 6.877s

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-05-20 18:22:21 +02:00
CrazyMax
90fb4eca20
vendor: github.com/moby/buildkit v0.10.3
full diff: https://github.com/moby/buildkit/compare/v0.10.2...v0.10.3

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-19 23:31:30 +02:00
Cory Snider
c609523a8c pkg/filenotify: delete unused package
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-05-19 15:23:18 -04:00
Sebastiaan van Stijn
91c254a189
vendor: github.com/opencontainers/runc v1.1.2
no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-12 14:41:02 +02:00
Sebastiaan van Stijn
f9cef468f9
vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
Includes fixes for:

- CVE-2022-29526 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526);
  (description at https://go.dev/issue/52313).

full diff: 1e041c57c4...33da011f77

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-11 14:07:07 +02:00
Sebastiaan van Stijn
a35040222c
vendor: github.com/containerd/containerd v1.6.4
No changes in vendored code

full diff: https://github.com/containerd/containerd/compare/v1.6.3...v1.6.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-04 10:54:25 +02:00
Sebastiaan van Stijn
9880e6a1ef
vendor: github.com/opencontainers/selinux v1.10.1
- relabel links instead of their targets

full diff: https://github.com/opencontainers/selinux/compare/v1.10.0...v1.10.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-02 14:40:47 +02:00
Sebastiaan van Stijn
82088364e1
vendor: github.com/moby/buildkit v0.10.2
note that the previous version we used was from the master branch, so some
changes, for example, replacing the deprecated `io/ioutil` package are reverted
in this update.

raw diff: https://github.com/moby/buildkit/compare/d7744bcb3532..v0.10.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-29 16:54:18 +02:00
Sebastiaan van Stijn
fca0c20cd4
vendor: github.com/containerd/continuity v0.3.0
full diff: https://github.com/containerd/continuity/compare/v0.2.2...v0.3.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-29 16:20:03 +02:00
Sebastiaan van Stijn
16cd359664
vendor: golang.org/x/sys v0.0.0-20220405210540-1e041c57c461
full diff: a9b59b0215...1e041c57c4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-29 16:18:00 +02:00
Sebastiaan van Stijn
63b13a70ee
vendor: github.com/Microsoft/go-winio v0.5.2
full diff: https://github.com/Microsoft/go-winio/compare/v0.5.1...v0.5.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-29 16:12:56 +02:00
Sebastiaan van Stijn
5ecb6fb68b
vendor: github.com/containerd/containerd v1.6.3
full diff: https://github.com/containerd/containerd/compare/v1.6.2...v1.6.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:37:10 +02:00
Cory Snider
1c129103b4 Bump swarmkit to v2
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-04-21 17:33:07 -04:00
CrazyMax
1efda78f2b
use go-winres for windows build and cleanup autogen and winresources
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-04-14 19:52:36 +02:00
Akihiro Suda
69993c1c57
vendor: github.com/opencontainers/runc v1.1.1
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-04-01 15:23:46 +09:00
CrazyMax
d74bf97f40
vendor: github.com/moby/buildkit d7744bc
full diff: 8d45bd6...d7744bc

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-03-27 13:07:05 +02:00
Akihiro Suda
4d7ab4b214
update RootlessKit to v1.0.0
Only minor changes since v0.14.6, such as upgrading Go to 1.18:
https://github.com/rootless-containers/rootlesskit/compare/v0.14.6...v1.0.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-03-26 02:10:52 +09:00
Akihiro Suda
19a7875c3c
vendor: golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-03-26 02:10:12 +09:00
Sebastiaan van Stijn
ec221d6881
vendor: github.com/containerd/containerd v1.6.2
includes a fix for CVE-2022-24769.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-24 17:33:54 +01:00
CrazyMax
ff35785cfc
vendor buildkit 8d45bd6 that fixes dockerd worker integration tests
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-03-23 16:07:04 +01:00
CrazyMax
a2aaf4cc83
vendor buildkit v0.10.0
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-03-22 18:51:27 +01:00
Brian Goff
6b9b445af6
Merge pull request #42330 from AkihiroSuda/rootlesskit-info
version: add RootlessKit, slirp4netns, and VPNKit version
2022-03-22 10:27:07 -07:00
Sebastiaan van Stijn
917b44799d
vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
full diff: 5770296d90...3147a52a75

This version contains a fix for CVE-2022-27191 (not sure if it affects us).

From the golang mailing list:

    Hello gophers,

    Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements
    client authentication support for signature algorithms based on SHA-2 for use with
    existing RSA keys.

    Previously, a client would fail to authenticate with RSA keys to servers that
    reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default
    and—starting today March 15, 2022 for recently uploaded keys.

    We are providing this announcement as the error (“ssh: unable to authenticate”)
    might otherwise be difficult to troubleshoot.

    Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also
    fixes a potential security issue where an attacker could cause a crash in a
    golang.org/x/crypto/ssh server under these conditions:

    - The server has been configured by passing a Signer to ServerConfig.AddHostKey.
    - The Signer passed to AddHostKey does not also implement AlgorithmSigner.
    - The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.

    Servers that only use Signer implementations provided by the ssh package are
    unaffected. This is CVE-2022-27191.

    Alla prossima,

    Filippo for the Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-17 13:59:03 +01:00
Akihiro Suda
de6732a403
version: add RootlessKit, slirp4netns, and VPNKit version
```console
$ docker --context=rootless version
...
Server:
...
 rootlesskit:
  Version:          0.14.2
  ApiVersion:       1.1.1
  NetworkDriver:    slirp4netns
  PortDriver:       builtin
  StateDir:         /tmp/rootlesskit245426514
 slirp4netns:
  Version:          1.1.9
  GitCommit:        4e37ea557562e0d7a64dc636eff156f64927335e
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-03-15 15:44:42 +09:00
Sebastiaan van Stijn
7df7357e08
vendor: cloud.google.com/go v0.92.0, google.golang.org/api v0.54.0
this removes a `tools.go` from the dependency, which caused various test
dependencies to be ending up in the dependency-tree, and are now gone.

- cloud.google.com/go v0.92.0: https://github.com/googleapis/google-cloud-go/compare/v0.81.0...v0.92.0
- google.golang.org/api v0.54.0: https://github.com/googleapis/google-api-go-client/compare/v0.46.0...v0.54.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-11 20:01:57 +01:00
Cory Snider
b36fb04e03 vendor: github.com/containerd/containerd v1.6.1
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-03-10 17:48:10 -05:00
Cory Snider
00ba5bdb98 Unpin grpc, protobuf dependencies
...in preparation for upgrading containerd.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-03-10 17:48:10 -05:00
Cory Snider
06c797f517 vendor: github.com/docker/swarmkit 616e8db4c3b0
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-03-10 17:48:09 -05:00
Sebastiaan van Stijn
8d5eebcc6e
vendor: github.com/bsphere/le_go v0.0.0-20200109081728-fc06dab2caa8
updates the "logentries" dependency;

- checking error when calling output
- Support Go Modules

full diff: 7a984a84b5...fc06dab2ca

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-09 20:42:01 +01:00
Sebastiaan van Stijn
b92af14a1c
vendor: github.com/docker/distribution v2.8.1
no changes to code we use, but the v2.8.0 module was borked

full diff: https://github.com/docker/distribution/compare/v2.8.0...v2.8.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-09 20:27:02 +01:00
Sebastiaan van Stijn
2c97295ad8
daemon: remove v1 shim configuration for containerd
This removes the plugin section from the containerd configuration file
(`/var/run/docker/containerd/containerd.toml`) that is generated when
starting containerd as child process;

```toml
[plugins]
  [plugins.linux]
    shim = "containerd-shim"
    runtime = "runc"
    runtime_root = "/var/lib/docker/runc"
    no_shim = false
    shim_debug = true
```

This configuration doesn't appear to be used since commit:
0b14c2b67a, which switched the default runtime
to to io.containerd.runc.v2.

Note that containerd itself uses `containerd-shim` and `runc` as default
for `shim` and `runtime` v1, so omitting that configuration doesn't seem
to make a difference.

I'm slightly confused if any of the other options in this configuration were
actually used: for example, even though `runtime_root` was configured to be
`/var/lib/docker/runc`, when starting a container with that coniguration set
on docker 19.03, `/var/lib/docker/runc` doesn't appear to exist:

```console
$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
098baa4cb0e7        nginx:alpine        "/docker-entrypoint.…"   59 minutes ago      Up 59 minutes       80/tcp              foo

$ ls /var/lib/docker/runc
ls: /var/lib/docker/runc: No such file or directory

$ ps auxf
PID   USER     TIME  COMMAND
    1 root      0:00 sh
   16 root      0:11 dockerd --debug
   26 root      0:09 containerd --config /var/run/docker/containerd/containerd.toml --log-level debug
  234 root      0:00 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/09
  251 root      0:00 nginx: master process nginx -g daemon off;
  304 101       0:00 nginx: worker process
...

```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-07 19:31:24 +01:00
Sebastiaan van Stijn
b4a943afab
vendor: github.com/containerd/containerd v1.5.10
full diff: https://github.com/containerd/containerd/compare/v1.5.9...v1.5.10

relevant changes in vendored code:

- Use readonly mount to read user/group info

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 18:07:09 +01:00
Sebastiaan van Stijn
de0eabbd66
vendor: github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f
full diff: db3c7e526a...2eb08e3e57

- Add support for detecting netns for all possible QoS in Kubernetes
- Add go1.10 build constraint

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 22:58:47 +01:00
Sebastiaan van Stijn
d8e1746466
vendor: github.com/tonistiigi/fsutil v0.0.0-20220115021204-b19f7f9cb274
full diff: d72af97c0e...b19f7f9cb2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 22:41:22 +01:00
Sebastiaan van Stijn
931b455f27
vendor: github.com/hashicorp/errwrap v1.1.0
deprecates `errwrap.Wrapf()`

That function appears to be still used by `go-multierror.Prefix()`);
https://github.com/hashicorp/go-multierror/blob/v1.1.1/prefix.go#L30-L35
which itself is only used in a single place in `containerd/pkg/process`:
https://github.com/containerd/containerd/blob/v1.5.9/pkg/process/io.go#L438

full diff: https://github.com/hashicorp/errwrap/compare/v1.0.0...v1.1.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 18:06:12 +01:00
Sebastiaan van Stijn
4d1c323796
vendor: golang.org/x/text v0.3.7
full diff: https://github.com/golang/text/compare/v0.3.6...v0.3.7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 18:04:19 +01:00
Sebastiaan van Stijn
7f9c77b2fe
vendor: golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
full diff: 6f1e639406...2bc19b1117

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 18:03:34 +01:00
Sebastiaan van Stijn
a69cda092b
vendor: golang.org/x/lint v0.0.0-20210508222113-6edffad5e616
no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 18:02:03 +01:00
Sebastiaan van Stijn
c03ae0b726
vendor: github.com/cespare/xxhash/v2 v2.1.2
full diff: https://github.com/cespare/xxhash/compare/v2.1.1...v2.1.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 18:00:17 +01:00
Sebastiaan van Stijn
2634edec6e
vendor: github.com/klauspost/compress v1.14.3
full diff: https://github.com/klauspost/compress/compare/v1.14.2...v1.14.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 17:57:38 +01:00
Sebastiaan van Stijn
8bf694b427
vendor: github.com/google/go-cmp v0.5.7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 17:04:32 +01:00
Sebastiaan van Stijn
89d39e5e77
vendor: gotest.tools/v3 v3.1.0
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.0.3...v3.1.0

noteworthy changes:

- ci: add go1.16
- ci: add go1.17, remove go1.13
- golden: only create dir if update flag is set
- icmd: replace all usages of os/exec with golang.org/x/sys/execabs
- assert: ErrorIs
- fs: add DirFromPath
- Stop creating directory outside of testdata
- fs: Fix comparing symlink permissions

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 17:02:53 +01:00
Sebastiaan van Stijn
c35143f92e
vendor: github.com/moby/sys/mount v0.3.1
full diff: https://github.com/moby/sys/compare/mount/v0.3.0...mount/v0.3.1

- mount: fix unused/deadcode warnings on Mac
- mount: bump mountinfo to v0.6.0
- Makefile: rm .SHELLFLAGS, add set -e

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 17:02:07 +01:00
Sebastiaan van Stijn
9d6382f2b3
vendor: github.com/Microsoft/hcsshim v0.9.2
full diff: https://github.com/Microsoft/hcsshim/compare/v0.8.23...v0.9.2

diff is hard to compare on github, because Microsoft/opengcs was merged into
hcsshim; https://github.com/microsoft/hcsshim/pull/973

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 21:28:18 +01:00
Brian Goff
5c36bb7206
Merge pull request #43287 from thaJeztah/bump_dependencies_for_buildkit
vendor: update various dependencies in preparation of BuildKit update
2022-02-24 11:05:48 -08:00
Sebastiaan van Stijn
c72c1ca62c
Merge pull request #43185 from corhere/42402-safer-fileinfo
Remove local fork of archive/tar package
2022-02-24 10:36:14 +01:00
Sebastiaan van Stijn
ace606fd75
vendor: github.com/aws/aws-sdk-go v1.31.6
full diff: https://github.com/aws/aws-sdk-go/compare/v1.28.11...v1.31.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 19:49:51 +01:00
Sebastiaan van Stijn
0809bd6859
vendor: github.com/klauspost/compress v1.14.2
full diff: https://github.com/klauspost/compress/compare/v1.12.3...v1.14.2

Relevant changes affecting vendor:

- docs: Add combined LICENSE file
- Add snappy replacement package
- tests: Remove snappy dependency for tests
- huff0: Add size estimation function
- huff0: Improve 4X decompression speed
- huff0: Improve 4X decompression speed 5-10%
- huff0: Faster 1X Decompression
- zstd: Spawn decoder goroutine only if needed
- zstd: Detect short invalid signatures
- zstd: Add configurable Decoder window size
- zstd: Add stream content size
- zstd: Simplify hashing functions
- zstd: use SpeedBestCompression for level >= 10
- zstd: Fix WriteTo error forwarding
- zstd: Improve Best compression
- zstd: Fix incorrect encoding in best mode
- zstd: pooledZipWriter should return Writers to the same pool
- zstd: Upgrade xxhash
- zstd: Improve block encoding speed
- zstd: add arm64 xxhash assembly
- zstd: Minor decoder improvements
- zstd: Minor performance tweaks
- zstd: Add bigger default blocks
- zstd: Remove unused decompression buffer
- zstd: fix logically dead code
- zstd: Add noasm tag for xxhash
- zstd: improve header decoder

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 19:41:14 +01:00
Sebastiaan van Stijn
20e5d6b3e3
vendor: github.com/pelletier/go-toml v1.9.4
full diff: https://github.com/pelletier/go-toml/compare/v1.9.1...v1.9.4

- Add Encoder.CompactComments to omit extra new line
- Clarify license and comply with Apache 2.0
- feat(tomll): add multiLineArray flag to linter

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 19:25:30 +01:00
Sebastiaan van Stijn
812dacb676
vendor: github.com/containerd/continuity v0.2.2
full diff: https://github.com/containerd/continuity/compare/v0.1.0...v0.2.2

- fs/stat: add FreeBSD, and cleanup some nolint-comments
- go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125
- Fix darwin issues
- Remove direct dependency on github.com/pkg/errors
- Do not log errors before returning them
- Build containerd/continuity on multiple Unix OSes
- Update CI Go version to 1.17
- fs: use syscall.Timespec.Unix

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 19:22:36 +01:00
Sebastiaan van Stijn
461845bfbc
vendor: github.com/containerd/cgroups v1.0.3
full diff: https://github.com/containerd/cgroups/compare/v1.0.1...v1.0.3

- cgroup v1: implement AddProc()
- cgroup v1: reduce duplicated code
- cgroup v2: Fix potential dirfd leak
- cgroup v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist
- cgroup v2: v2: Fix inotify fd leak when cgroup is deleted
- cgroup.go: avoid panic on nil interface
- cgroup: Optionally add process and task to a subsystems subset
- fix Implicit memory aliasing in for loop
- go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations
- Improvements on cgroup v2 support
- replace pkg/errors from vendor
- Use /proc/partitions to get device names
- utils: export ParseCgroupFile()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 19:04:43 +01:00
Sebastiaan van Stijn
7876c53424
vendor: golang.org/x/tools v0.1.5
full diff: https://github.com/golang/tools/compare/v0.1.0...v0.1.5

It's not used, but one of our dependencies has a `tools.go` file that forces
it to be vendored; vendor/cloud.google.com/go/tools.go

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 18:42:17 +01:00
Sebastiaan van Stijn
1b829c2a6a
vendor: golang.org/x/mod v0.4.2
full diff: https://github.com/golang/mod/compare/v0.4.1...v0.4.2

It's not used, but one of our dependencies has a `tools.go` file that forces
it to be vendored; vendor/cloud.google.com/go/tools.go

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 18:37:58 +01:00
Sebastiaan van Stijn
6be521ccb8
vendor: golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a
full diff: f6687ab280...6f1e639406

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 18:30:08 +01:00
Sebastiaan van Stijn
8f106d4576
vendor: github.com/google/go-cmp v0.5.6
full diff: http://github.com/google/go-cmp/compare/v0.5.5...v0.5.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-23 18:29:02 +01:00
Cory Snider
e9bbc41dd1 Remove local fork of archive/tar package
A copy of Go's archive/tar packge was vendored with a patch applied to
mitigate CVE-2019-14271. Vendoring standard library packages is not
supported by Go in module-aware mode, which is getting in the way of
maintenance. A different approach to mitigate the vulnerability is
needed which does not involve vendoring parts of the standard library.

glibc implements name service lookups such as users, groups and DNS
using a scheme known as Name Service Switch. The services are
implemented as modules, shared libraries which glibc dynamically links
into the process the first time a function requiring the module is
called. This is the crux of the vulnerability: if a process linked
against glibc chroots, then calls one of the functions implemented with
NSS for the first time, glibc may load NSS modules out of the chrooted
filesystem.

The API underlying the `docker cp` command is implemented by forking a
new process which chroots into the container's rootfs and writes a tar
stream of files from the container over standard output. It utilizes the
Go standard library's archive/tar package to write the tar stream. It
makes use of the tar.FileInfoHeader function to construct a tar.Header
value from an fs.FileInfo value. In modern versions of Go on *nix
platforms, FileInfoHeader will attempt to resolve the file's UID and GID
to their respective user and group names by calling the os/user
functions LookupId and LookupGroupId. The cgo implementation of os/user
on *nix performs lookups by calling the corresponding libc functions. So
when linked against glibc, calls to tar.FileInfoHeader after the
process has chrooted into the container's rootfs can have the side
effect of loading NSS modules from the container! Without any
mitigations, a malicious container image author can trivially get
arbitrary code execution by leveraging this vulnerability and escape the
chroot (which is not a sandbox) into the host.

Mitigate the vulnerability without patching or forking archive/tar by
hiding the OS-dependent file info from tar.FileInfoHeader which it needs
to perform the lookups. Without that information available it falls back
to populating the tar.Header with only the information obtainable
directly from the FileInfo value without making any calls into os/user.

Fixes #42402

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-02-18 13:40:19 -05:00
Akihiro Suda
dca8689cd1
Merge pull request #43240 from thaJeztah/remove_more_replaces
vendor.mod: google/go-cmp v0.5.5, golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c, containerd v1.5.9
2022-02-16 13:17:58 +09:00
Sebastiaan van Stijn
2ac898c232
vendor: github.com/moby/sys/signal v0.7.0
full diff: https://github.com/moby/sys/compare/signal/v0.6.0...signal/v0.7.0

- add LCOW supported signals to windows signal map

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:58:05 +01:00
Sebastiaan van Stijn
9c2646e486
vendor: github.com/moby/sys/mountinfo v0.6.0
full diff: https://github.com/moby/sys/compare/mountinfo/v0.5.0...mountinfo/v0.6.0

- Add MountedFast (Note: most users should keep using Mounted, which already
  incorporates all optimizations from MountedFast)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:57:30 +01:00
Sebastiaan van Stijn
c2b33f8684
vendor: github.com/fsnotify/fsnotify v1.5.1
full diff: https://github.com/fsnotify/fsnotify/compare/v1.4.9...v1.5.1

Relevant changes:

- Fix unsafe pointer conversion
- Drop support/testing for Go 1.11 and earlier
- Update x/sys to latest
- add //go:build lines
- add go 1.17 to test matrix

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:56:35 +01:00
Sebastiaan van Stijn
3776fe6256
vendor: github.com/containerd/containerd v1.5.9
no significant changes in vendored code (we already updated image-spec to v1.0.2)

full diff: https://github.com/containerd/containerd/compare/v1.5.8...v1.5.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:53:30 +01:00
Sebastiaan van Stijn
3ddf696a2d
vendor: golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: bf48bf16ab...f6687ab280

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:43:04 +01:00
Sebastiaan van Stijn
42d2f0bbc7
vendor: github.com/google/go-cmp v0.5.5
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: https://github.com/google/go-cmp/compare/v0.2.0...v0.5.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-15 15:39:33 +01:00
Sebastiaan van Stijn
fada92c393
vendor: github.com/prometheus/common v0.10.0
Only a single change affecting the vendored code:

- Support 0 for model.Duration

full diff: https://github.com/prometheus/common/compare/v0.9.1...v0.10.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 21:32:12 +01:00
Sebastiaan van Stijn
147752ee05
vendor: github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
removing the replace rule; no actual code changes in the vendored files (only
some changes in docs).

full diff: https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.2.0...v1.3.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 21:22:28 +01:00
Sebastiaan van Stijn
f9f11050cc
vendor.mod: don't replace github.com/stretchr/testify
It's not vendored, so no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 19:33:04 +01:00
Sebastiaan van Stijn
738bd5a90e
vendor.mod: don't replace github.com/containerd/containerd
Looks like the `replace` rule was also matching what we're already vendoring,
so we can remove it:

    github.com/containerd/containerd v1.5.8 => github.com/containerd/containerd v1.5.8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 18:51:39 +01:00
Sebastiaan van Stijn
be4144c153
vendor.mod: don't replace gopkg.in/fsnotify.v1
It's not vendored, so no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 16:33:17 +01:00
Sebastiaan van Stijn
9f7280f2d2
vendor: github.com/google/uuid v1.3.0
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: https://github.com/google/uuid/compare/v1.1.1...v1.3.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 16:27:47 +01:00
Sebastiaan van Stijn
24a7b61800
vendor.mod: don't replace github.com/hpcloud/tail
It's not vendored, so no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 16:08:37 +01:00
Sebastiaan van Stijn
c1fa01deb8
vendor.mod: don't replace github.com/onsi/ginkgo, github.com/onsi/gomega
They're not vendored, so no changes in the vendored code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 16:06:41 +01:00
Sebastiaan van Stijn
40bf5d414e
vendor: github.com/pelletier/go-toml v1.9.1
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: https://github.com/pelletier/go-toml/compare/v1.8.1...v1.9.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 16:02:05 +01:00
Sebastiaan van Stijn
8f6d58915d
vendor: github.com/klauspost/compress v1.12.3
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: https://github.com/klauspost/compress/compare/v1.11.13...v1.12.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 15:58:01 +01:00
Sebastiaan van Stijn
40b8495735
vendor: go.etcd.io/bbolt v1.3.6
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: https://github.com/etcd-io/bbolt/compare/v1.3.5...v1.3.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 15:54:20 +01:00
Sebastiaan van Stijn
03f45fafc5
vendor: golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: e18ecbb051...69e39bad7d

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 15:42:37 +01:00
Sebastiaan van Stijn
368d680dfe
vendor: golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11
Remove the replace rule, and use the version as specified by (indirect) dependencies:

full diff: 3af7569d3a...f0f3c7e86c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 15:39:04 +01:00
Sebastiaan van Stijn
ce4ca67d52
vendor: golang.org/x/text v0.3.6:
to match the version used by golang.org/x/crypto

full diff: https://github.com/golang/text/compare/v0.3.3...v0.3.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 15:35:01 +01:00
Sebastiaan van Stijn
be63b7d7f6
vendor: github.com/docker/distribution v2.8.0
full diff: http://github.com/docker/distribution/compare/0d3efadf0154...v2.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-07 18:34:47 +01:00
Akihiro Suda
b79dec8138
vendor: github.com/opencontainers/runc v1.1.0
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-02-06 17:16:23 +09:00
Akihiro Suda
0d04359ec2
vendor: golang.org/x/sys v0.0.0-20220114195835-da31bd327af9
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-02-06 16:28:59 +09:00
Sebastiaan van Stijn
ace8c7896c
vendor: cloud.google.com/go v0.59.0 to remove some test-deps
commit ad4f9324cd
removes some of the test-dependencies from cloud.google.com.

only other relevant changes in vendored code are from this commit:
dccc6b4b71

Full diff: https://github.com/googleapis/google-cloud-go/compare/v0.44.3...v0.59.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-18 15:46:08 +01:00
Sebastiaan van Stijn
e5d28115ee
vendor: regenerate
- all changes here are attributed to difference in behaviour between,
  namely:
  - resolution of secondary test dependencies
  - prunning of non-Go files

Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-18 15:46:04 +01:00
Sebastiaan van Stijn
745ba3ecbc
libnetwork: remove etcd-related code and tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-06 18:45:43 +01:00
Sebastiaan van Stijn
147173b099
libnetwork: remove consul-related code and tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-06 18:45:41 +01:00
Sebastiaan van Stijn
a7d0f3060a
libnetwork: remove zookeeper-related code and tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-06 18:28:30 +01:00
Brian Goff
520dfc36f9
Merge pull request #43100 from conorevans/conorevans/update-fluent
vendor: github.com/fluent/fluent-logger-golang v1.9.0
2022-01-05 11:46:11 -08:00
Kir Kolyshkin
ffd5a20ab8
vendor: bump etcd v3.3.27
Bump etcd to v3.3.27, which includes https://github.com/etcd-io/etcd/pull/12552,
to fix https://github.com/moby/moby/issues/31182

Full diff: https://github.com/coreos/etcd/compare/v3.3.25...v3.3.27

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-03 18:56:22 +01:00
Conor Evans
3500d7e472
vendor: github.com/fluent/fluent-logger-golang v1.9.0
Updates the fluent logger library to v1.9.0. The update includes the following commit:

* [Add periodic reconnection functionality](fluent/fluent-logger-golang@1c05506)

See https://github.com/fluent/fluent-logger-golang/compare/v1.8.0..v1.9.0

Signed-off-by: Conor Evans <coevans@tcd.ie>
2021-12-23 16:54:12 +01:00
Sebastiaan van Stijn
dd9782fe94
go.mod: golang.org/x/crypto 5770296d904e90f15f38f77dfc2e43fdf5efc083
full diff: 0c34fe9e7d...5770296d90

includes a fix in golang.org/x/crypto/ssh for CVE-2021-43565

- golang/go#49932
- 5770296d90

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-12-03 09:19:28 +01:00
Sebastiaan van Stijn
f6848ae321
Merge pull request #42979 from akerouanton/bump-fluent-logger
vendor: github.com/fluent/fluent-logger-golang v1.8.0
2021-12-02 20:51:04 +01:00
Tianon Gravi
0f92cf2044
Merge pull request #43036 from thaJeztah/bump_hcsshim
vendor: github.com/Microsoft/hcsshim v0.8.23
2021-12-02 11:49:03 -08:00
Brian Goff
b46ab1f579
Merge pull request #43035 from thaJeztah/bump_ttrpc
vendor: github.com/containerd/ttrpc v1.1.0
2021-12-02 11:34:11 -08:00
Albin Kerouanton
e24d61b7ef
vendor: github.com/fluent/fluent-logger-golang v1.8.0
Updates the fluent logger library to v1.8.0. Following PRs/commits were
merged since last bump:

* [Add callback for error handling when using
  async](https://github.com/fluent/fluent-logger-golang/pull/97)
* [Fix panic when accessing unexported struct
  field](https://github.com/fluent/fluent-logger-golang/pull/99)
* [Properly stop logger during (re)connect
  failure](https://github.com/fluent/fluent-logger-golang/pull/82)
* [Support a TLS-enabled connection](e5d6aa13b7)

See https://github.com/fluent/fluent-logger-golang/compare/v1.6.1..v1.8.0

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2021-12-02 01:11:33 +01:00
Sebastiaan van Stijn
a715bfb857
vendor: github.com/Microsoft/hcsshim v0.8.23
full diff: https://github.com/Microsoft/hcsshim/compare/v0.8.22...v0.8.23

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-19 13:50:13 +01:00
Sebastiaan van Stijn
cbb4aed0b4
vendor: github.com/containerd/ttrpc v1.1.0
full diff: https://github.com/containerd/ttrpc/compare/v1.0.2...v1.1.0

- client: Handle sending/receiving in separate goroutines
- Return Unimplemented when services or methods are not implemented
- go.mod: sirupsen/logrus v1.7.0
- go.mod: update dependencies
  - go.mod: github.com/gogo/protobuf v1.3.2
  - go.mod: google.golang.org/grpc v1.27.1
  - go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63
  - go.mod: github.com/prometheus/procfs v0.6.0
- replace pkg/errors
- Rename branch from master to main
- Use GitHub Actions for CI
- Make "go test" and "go build" work on macOS
- Add protoc-gen-go-ttrpc

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-19 13:48:43 +01:00
Sebastiaan van Stijn
ce25968008
vendor: github.com/moby/sys/mount v0.3.0, mountinfo v0.5.0, signal v0.6.0, symlink v0.2.0
full diff: https://github.com/moby/sys/compare/signal/v0.5.0...signal/v0.6.0

Modules:

- github.com/moby/sys/mount v0.3.0
- github.com/moby/sys/mountinfo v0.5.0
- github.com/moby/sys/signal v0.6.0
- github.com/moby/sys/symlink v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-19 09:56:37 +01:00
Sebastiaan van Stijn
875969251b
vendor: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
full diff: 63515b42dc...69cdffdb93

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-19 09:53:57 +01:00
Brian Goff
78fd4d3f2f
Merge pull request #42993 from thaJeztah/bump_hcsshim
vendor: github.com/Microsoft/hcsshim v0.8.22
2021-11-18 11:31:25 -08:00
Sebastiaan van Stijn
a17f288e65
Merge pull request #43026 from thaJeztah/update_image_spec
vendor: github.com/opencontainers/image-spec v1.0.2
2021-11-18 01:09:55 +01:00
Sebastiaan van Stijn
cef0a7c14e
vendor: github.com/opencontainers/image-spec v1.0.2
- Bring mediaType out of reserved status
- specs-go: adding mediaType to the index and manifest structures

full diff: https://github.com/opencontainers/image-spec/compare/v1.0.1...v1.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-18 00:00:05 +01:00
Sebastiaan van Stijn
458b4aae19
vendor: github.com/containerd/containerd v1.5.8
contains a mitigation for CVE-2021-41190 as well as several fixes and updates.

full diff: https://github.com/containerd/containerd/compare/v1.5.7...v1.5.8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-17 21:40:04 +01:00
Sebastiaan van Stijn
615ff22437
vendor: github.com/opencontainers/selinux v1.9.1
full diff: https://github.com/opencontainers/selinux/compare/v1.8.2...v1.9.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-11-16 10:33:00 +01:00
Sebastiaan van Stijn
df7bba7dbc
Merge pull request #42992 from thaJeztah/bump_mergo_v0.3.12
vendor: github.com/imdario/mergo v0.3.12
2021-11-11 17:59:17 +01:00