Commit graph

217 commits

Author SHA1 Message Date
Sebastiaan van Stijn
9104cd5441
vendor: github.com/moby/buildkit v0.11.3
full diff: https://github.com/moby/buildkit/compare/49992f513921...v0.11.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-21 12:17:33 +01:00
Benjamin Wang
4a886a3e8f dependency: bump go.etcd.io/bbolt to v1.3.7
Please refer to link below to get more detailed info on bbolt@v1.3.7,
- https://github.com/etcd-io/bbolt/blob/master/CHANGELOG/CHANGELOG-1.3.md#v1372023-01-31

Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-17 16:51:15 +08:00
Sebastiaan van Stijn
a36286cf89
vendor: golang.org/x/net v0.7.0
This addresses the same CVE as is patched in go1.19.6. From that announcement:

> net/http: avoid quadratic complexity in HPACK decoding
>
> A maliciously crafted HTTP/2 stream could cause excessive CPU consumption
> in the HPACK decoder, sufficient to cause a denial of service from a small
> number of small requests.
>
> This issue is also fixed in golang.org/x/net/http2 v0.7.0, for users manually
> configuring HTTP/2.
>
> This is CVE-2022-41723 and Go issue https://go.dev/issue/57855.

full diff: https://github.com/golang/net/compare/v0.5.0...v0.7.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 21:00:09 +01:00
Sebastiaan van Stijn
c7de76569e
vendor: golang.org/x/text v0.7.0
full diff: https://github.com/golang/text/compare/v0.6.0...v0.7.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 20:59:33 +01:00
Sebastiaan van Stijn
a53b44a266
vendor: golang.org/x/sys v0.5.0
full diff: https://github.com/golang/sys/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-14 20:58:24 +01:00
Tonis Tiigi
eaeaa7b7fd
vendor: update buildkit to latest v0.11
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-07 10:24:43 -08:00
Sebastiaan van Stijn
e564932792
gha: switch buildkit back to upstream for testing
commit 043dbc05df temporarily switched to a
fork of BuildKit to workaround a failure in CI. These fixes have been
backported to the v0.11 branch in BuildKit, so we can switch back to upstream.

We can remove this override once we update vendor.mod to BuildKit v0.11.3.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-02-06 18:08:45 +01:00
Tonis Tiigi
666334bd48
vendor: update buildkit to v0.11.2
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-01 23:29:10 -08:00
Sebastiaan van Stijn
85169a04cf
vendor: github.com/tonistiigi/fsutil v0.0.0-20221114235510-0127568185cf
full diff: 9ed612626d...0127568185

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-01 23:10:39 -08:00
Sebastiaan van Stijn
c41c8c2f86
vendor: github.com/containerd/containerd v1.6.16
Notable Updates

- Fix push error propagation
- Fix slice append error with HugepageLimits for Linux
- Update default seccomp profile for PKU and CAP_SYS_NICE
- Fix overlayfs error when upperdirlabel option is set

full diff: https://github.com/containerd/containerd/compare/v1.6.15...v1.6.16

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-30 09:07:59 +01:00
Sebastiaan van Stijn
22098745e7
vendor: github.com/pelletier/go-toml v1.9.5
Contains a fix that prevents a panic on an invalid toml file.

full diff: https://github.com/pelletier/go-toml/compare/v1.9.4...v1.9.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-30 09:05:04 +01:00
Sebastiaan van Stijn
25f95b0000
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
full diff: 0da442b278...904c221ac2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-19 23:36:45 +01:00
Sebastiaan van Stijn
65c6ba1fc4
vendor: golang.org/x/net v0.5.0
contains a fix for CVE-2022-41721, although it probably does not affect us.

full diff: https://github.com/golang/net/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:34:05 +01:00
Sebastiaan van Stijn
824dc51341
vendor: golang.org/x/text v0.6.0
full diff: https://github.com/golang/text/compare/v0.5.0...v0.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:16:10 +01:00
Sebastiaan van Stijn
e66e6bb28a
vendor: golang.org/x/sys v0.4.0
full diff: https://github.com/golang/sys/compare/v0.3.0...v0.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-17 14:09:18 +01:00
Sebastiaan van Stijn
af6b5d55db
vendor: github.com/moby/ipvs v1.1.0
full diff: https://github.com/moby/ipvs/compare/v1.0.2...v1.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-14 17:25:22 +01:00
Sebastiaan van Stijn
f53feeea8b
vendor: github.com/vishvananda/netns v0.0.2
full diff: https://github.com/vishvananda/netns/compare/v0.0.1...v0.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-14 17:23:50 +01:00
Sebastiaan van Stijn
bb5cae2c94
vendor: github.com/vishvananda/netns v0.0.1
The project started tagging releases for go modules.

full diff: https://github.com/vishvananda/netns/compare/2eb08e3e575f...v0.0.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-13 14:55:18 +01:00
Bjorn Neergaard
d42495033e
daemon/config: support alternate (common) unicode encodings using a BOM
This is a pragmatic but impure choice, in order to better support the
default tools available on Windows Server, and reduce user confusion due
to otherwise inscrutable-to-the-uninitiated errors like the following:

> invalid character 'þ' looking for beginning of value
> invalid character 'ÿ' looking for beginning of value

While meaningful to those who are familiar with and are equipped to
diagnose encoding issues, these characters will be hidden when the file
is edited with a BOM-aware text editor, and further confuse the user.

Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2023-01-10 15:49:15 -07:00
Cory Snider
62296f9281
Merge pull request #44087 from jchorl/josh/sdkupgrade
Upgrade to aws go sdk v2 for cloudwatch logging driver
2023-01-10 14:51:30 -05:00
Sebastiaan van Stijn
bffe6d5670
vendor: github.com/containerd/containerd v1.6.15
no changes to vendored files

full diff: https://github.com/containerd/containerd/compare/v1.6.14...v1.6.15

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-09 13:26:32 +01:00
Josh Chorlton
c12d7b6d21 upgrade to aws sdk go v2
Co-Authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Josh Chorlton <jchorlton@gmail.com>
Signed-off-by: Cory Snider <csnider@mirantis.com>
Signed-off-by: Josh Chorlton <jchorlton@gmail.com>
2023-01-07 17:27:31 +00:00
Sebastiaan van Stijn
83d7ae76e8
vendor: github.com/containerd/containerd v1.6.14
No changes in vendored code, other than the version bump

full diff: https://github.com/containerd/containerd/compare/v1.6.13...v1.6.14

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-19 22:44:40 +01:00
Sebastiaan van Stijn
35cbdc9661
vendor: github.com/containerd/containerd v1.6.13
full diff: https://github.com/containerd/containerd/compare/v1.6.12...v1.6.13

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:34:46 +01:00
Sebastiaan van Stijn
9300aca2a6
vendor: github.com/Microsoft/hcsshim v0.9.6
full diff: https://github.com/Microsoft/hcsshim/compare/v0.9.5...v0.9.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:33:18 +01:00
Sebastiaan van Stijn
0007490b21
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
No changes in vendored code, but removes some indirect dependencies.

full diff: b17f02f0a0...0da442b278

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 14:27:07 +01:00
Sebastiaan van Stijn
389dacd6e2
vendor: github.com/tinylib/msgp v1.1.6
This is a dependency of github.com/fluent/fluent-logger-golang, which
currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

Notable changes:

- all: implement omitempty
- fix: JSON encoder may produce invalid utf-8 when provided invalid utf-8 message pack string.
- added Unwrap method to errWrapped plus tests; switched travis to go 1.14
- CopyToJSON: fix bitSize for floats
- Add Reader/Writer constructors with custom buffer
- Add missing bin header functions
- msgp/unsafe: bring code in line with unsafe guidelines
- msgp/msgp: fix ReadMapKeyZC (fix "Fail to decode string encoded as bin type")

full diff: https://github.com/tinylib/msgp/compare/v1.1.0...v1.1.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:35:03 +01:00
Sebastiaan van Stijn
24496fe097
vendor: github.com/philhofer/fwd v1.1.2
This is an (indirect) dependency of github.com/fluent/fluent-logger-golang,
which currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

full diff: https://github.com/philhofer/fwd/compare/v1.0.0...v1.1.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:34:18 +01:00
Sebastiaan van Stijn
77f9c550bd
Merge pull request #44605 from thaJeztah/bump_golang_net
vendor: golang.org/x/net v0.4.0
2022-12-09 00:03:14 +01:00
Sebastiaan van Stijn
12c76d4a15
vendor: github.com/containerd/containerd v1.6.12
no changes in vendored code, but containerd v1.6.12 is a security release,
so updating, to prevent scanners marking the dependency to have a vulnerability.

full diff: https://github.com/containerd/containerd/compare/v1.6.11...v1.6.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-08 00:42:46 +01:00
Sebastiaan van Stijn
4bbc37687e
vendor: golang.org/x/net v0.4.0
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0

other dependency updates (due to circular dependencies):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-07 22:25:49 +01:00
Sebastiaan van Stijn
d331bc3b03
vendor: github.com/containerd/containerd v1.6.11
- Fix nil pointer deference for Windows containers in CRI plugin
- Fix lease labels unexpectedly overwriting expiration
- Fix for simultaneous diff creation using the same parent snapshot

full diff: https://github.com/containerd/containerd/v1.6.10...v1.6.11

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-06 23:26:25 +01:00
Sebastiaan van Stijn
cc1884dc04
Merge pull request #44501 from tiborvass/immutable_radix
libnetwork: use go-immutable-radix instead of radix
2022-12-06 12:46:53 +01:00
Tibor Vass
eaa74497b8
libnetwork: use go-immutable-radix instead of radix
This commit allows to remove dependency on the mutable version armon/go-radix.

The go-immutable-radix package is better maintained.

It is likely that a bit more memory will be used when using the
immutable version, though discarded nodes are being reused in a pool.
These changes happen when networks are added/removed or nodes come and
go in a cluster, so we are still talking about a relatively low
frequency event.

The major changes compared to the old radix are when modifying (insert
or delete) a tree, and those are pretty self-contained: we replace the
entire immutable tree under a lock.

Signed-off-by: Tibor Vass <teabee89@gmail.com>
2022-11-30 17:03:46 -08:00
AdamKorcz
93fa093122
testing: move fuzzers over from OSS-Fuzz
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 17:31:03 +01:00
Sebastiaan van Stijn
36a2dd36a0
Merge pull request #44554 from thaJeztah/remove_outdated_comment
vendor.mod: remove outdated comment about replaced module
2022-11-30 17:26:51 +01:00
Sebastiaan van Stijn
1907027b7b
Merge pull request #44520 from vvoland/disk-usage-singleflight
daemon/disk_usage: Use context aware singleflight
2022-11-30 13:39:55 +01:00
Sebastiaan van Stijn
6326ad1729
vendor.mod: remove outdated comment about replaced module
The replace was removed in 64f9ea1cf5, but I
forgot to remove the comment.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 11:11:13 +01:00
Paweł Gronowski
dec81e489f
daemon/disk_usage: Use context aware singleflight
The singleflight function was capturing the context.Context of the first
caller that invoked the `singleflight.Do`. This could cause all
concurrent calls to be cancelled when the first request is cancelled.

singleflight calls were also moved from the ImageService to Daemon, to
avoid having to implement this logic in both graphdriver and containerd
based image services.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-11-29 16:46:19 +01:00
Sebastiaan van Stijn
c1a9e82d3e
vendor: google.golang.org/grpc v1.50.1
full diff: https://github.com/grpc/grpc-go/compare/v1.48.0...v1.50.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-26 14:20:00 +01:00
Sebastiaan van Stijn
dc52e08bb5
vendor: github.com/prometheus/client_golang v1.14.0
full diff: https://github.com/prometheus/client_golang/compare/v1.13.0...v1.14.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
b2fe29ba79
vendor: github.com/go-logr/logr v1.2.3
full diff: https://github.com/go-logr/logr/compare/v1.2.2...v1.2.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
7c1b7842c6
vendor: golang.org/x/crypto v0.2.0
- all: use math/bits.RotateLeft

full diff: https://github.com/golang/crypto/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
efe17dbdb4
vendor: golang.org/x/net v0.2.0
- http2/hpack: build static table with go generate

full diff: https://github.com/golang/net/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
0588a83380
vendor: github.com/opencontainers/runc v1.1.3
no changes in vendored code

full diff: https://github.com/opencontainers/runc/compare/v1.1.2...v1.1.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
38adf7a694
vendor: github.com/klauspost/compress v1.15.12
full diff: https://github.com/klauspost/compress/compare/v1.15.9...v1.15.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
e1058e6bc3
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
This module made a whoopsie, and updated to `google.golang.org/protobuf`
in a patch release, but `google.golang.org/protobuf` is not backward
compatible with `github.com/golang/protobuf`.

Updating the minimum version to v1.0.4 which corrects this, to prevent
users of containerd as a module from accidentally pulling in the wrong
version:

- v1.0.3 switched to use `google.golang.org/protobuf`; https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2..v1.0.3
- This was reverted in v1.0.4 (which is the same as v1.0.2); https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.3..v1.0.4
- And a `v2` was created instead; https://github.com/matttproud/golang_protobuf_extensions/releases/tag/v2.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 15:18:24 +01:00
Sebastiaan van Stijn
64f9ea1cf5
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221123162438-b17f02f0a054
full diff: 6341884e5f...b17f02f0a0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:30:18 +01:00
Sebastiaan van Stijn
a5898e3a2d
vendor: github.com/prometheus/client_golang v1.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:22:22 +01:00
Sebastiaan van Stijn
2cc6a86fd3
vendor: github.com/aws/aws-sdk-go v1.37.0
full diff: https://github.com/aws/aws-sdk-go/compare/v1.31.6...v1.37.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:20:40 +01:00