From 1bec432ffa782fd5f54b5e34e7737f66b2606d9d Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Mon, 7 Apr 2025 13:48:40 +0100 Subject: [PATCH 1/4] agent: Create workspace package and dependencies - Create agent workspace dependencies and packge info so that the packages in the workspace can use them - Group the local dependencies together for clarity (like in #11129) Signed-off-by: stevenhorsman --- src/agent/Cargo.toml | 145 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 120 insertions(+), 25 deletions(-) diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index f8d1474bb..027573384 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -1,23 +1,20 @@ -[package] -name = "kata-agent" -version = "0.1.0" +[workspace] +members = ["rustjail", "policy"] + +[workspace.package] authors = ["The Kata Containers community "] edition = "2018" license = "Apache-2.0" +rust-version = "1.80.0" -[dependencies] -runtime-spec = { path = "../libs/runtime-spec" } -mem-agent = { path = "../mem-agent" } +[workspace.dependencies] oci-spec = { version = "0.6.8", features = ["runtime"] } -rustjail = { path = "rustjail" } -protocols = { path = "../libs/protocols", features = ["async", "with-serde"] } lazy_static = "1.3.0" ttrpc = { version = "0.8.4", features = ["async"], default-features = false } protobuf = "=3.7.1" libc = "0.2.58" nix = "0.24.2" capctl = "0.2.0" -serde_json = "1.0.39" scan_fmt = "0.2.3" scopeguard = "1.0.0" thiserror = "1.0.26" @@ -25,9 +22,6 @@ regex = "1.10.5" serial_test = "0.5.1" url = "2.5.0" derivative = "2.2.0" -kata-sys-util = { path = "../libs/kata-sys-util" } -kata-types = { path = "../libs/kata-types" } -safe-path = { path = "../libs/safe-path" } const_format = "0.2.30" # Async helpers @@ -45,9 +39,7 @@ netlink-packet-route = "0.19.0" netlink-packet-core = "0.7.0" ipnetwork = "0.17.0" -# Note: this crate sets the slog 'max_*' features which allows the log level -# to be modified at runtime. -logging = { path = "../libs/logging" } + slog = "2.5.2" slog-scope = "4.1.2" slog-term = "2.9.0" @@ -69,31 +61,134 @@ tracing = "0.1.26" tracing-subscriber = "0.2.18" tracing-opentelemetry = "0.13.0" opentelemetry = { version = "0.14.0", features = ["rt-tokio-current-thread"] } -vsock-exporter = { path = "vsock-exporter" } # Configuration serde = { version = "1.0.129", features = ["derive"] } +serde_json = "1.0.39" toml = "0.5.8" clap = { version = "3.0.1", features = ["derive"] } strum = "0.26.2" strum_macros = "0.26.2" +tempfile = "3.1.0" +which = "4.3.0" +rstest = "0.18.0" +async-std = { version = "1.12.0", features = ["attributes"] } + +# Local dependencies +kata-agent-policy = { path = "policy" } +rustjail = { path = "rustjail" } +vsock-exporter = { path = "vsock-exporter" } + +mem-agent = { path = "../mem-agent" } + +kata-sys-util = { path = "../libs/kata-sys-util" } +kata-types = { path = "../libs/kata-types" } +# Note: this crate sets the slog 'max_*' features which allows the log level +# to be modified at runtime. +logging = { path = "../libs/logging" } +protocols = { path = "../libs/protocols" } +runtime-spec = { path = "../libs/runtime-spec" } +safe-path = { path = "../libs/safe-path" } +test-utils = { path = "../libs/test-utils" } + + +[package] +name = "kata-agent" +version = "0.1.0" +authors.workspace = true +edition.workspace = true +license.workspace = true + +[dependencies] +oci-spec.workspace = true +lazy_static.workspace = true +ttrpc.workspace = true +protobuf.workspace = true +libc.workspace = true +nix.workspace = true +capctl.workspace = true +serde_json.workspace = true +scan_fmt.workspace = true +scopeguard.workspace = true +thiserror.workspace = true +regex.workspace = true +serial_test.workspace = true +url.workspace = true +derivative.workspace = true +const_format.workspace = true + +# Async helpers +async-trait.workspace = true +async-recursion.workspace = true +futures.workspace = true + +# Async runtime +tokio.workspace = true +tokio-vsock.workspace = true + +netlink-sys.workspace = true +rtnetlink.workspace = true +netlink-packet-route.workspace = true +netlink-packet-core.workspace = true +ipnetwork.workspace = true + +slog.workspace = true +slog-scope.workspace = true +slog-term.workspace = true + +# Redirect ttrpc log calls +slog-stdlog.workspace = true +log.workspace = true + +cfg-if.workspace = true +prometheus.workspace = true +procfs.workspace = true + +anyhow.workspace = true + +cgroups.workspace = true + +# Tracing +tracing.workspace = true +tracing-subscriber.workspace = true +tracing-opentelemetry.workspace = true +opentelemetry.workspace = true + +# Configuration +serde.workspace = true +toml.workspace = true +clap.workspace = true +strum.workspace = true +strum_macros.workspace = true + # Image pull/decrypt image-rs = { git = "https://github.com/confidential-containers/guest-components", rev = "1191f8257eb65f42892ab0328cec02e58d40de84", default-features = false, optional = true } # Agent Policy cdi = { git = "https://github.com/cncf-tags/container-device-interface-rs", rev = "fba5677a8e7cc962fc6e495fcec98d7d765e332a" } -kata-agent-policy = { path = "policy", optional = true } + +# Local dependencies +kata-agent-policy = { workspace = true, optional = true } +mem-agent.workspace = true +rustjail.workspace = true +protocols = { workspace = true, features = ["async", "with-serde"] } +kata-sys-util.workspace = true +kata-types.workspace = true +runtime-spec.workspace = true +safe-path.workspace = true +# Note: this crate sets the slog 'max_*' features which allows the log level +# to be modified at runtime. +logging.workspace = true +vsock-exporter.workspace = true [dev-dependencies] -tempfile = "3.1.0" -test-utils = { path = "../libs/test-utils" } -which = "4.3.0" -rstest = "0.18.0" -async-std = { version = "1.12.0", features = ["attributes"] } +tempfile.workspace = true +which.workspace = true +rstest.workspace = true +async-std.workspace = true -[workspace] -members = ["rustjail", "policy"] +test-utils.workspace = true [profile.release] lto = true @@ -103,7 +198,7 @@ lto = true default-pull = [] seccomp = ["rustjail/seccomp"] standard-oci-runtime = ["rustjail/standard-oci-runtime"] -agent-policy = [ "kata-agent-policy" ] +agent-policy = ["kata-agent-policy"] guest-pull = ["image-rs/kata-cc-rustls-tls"] [[bin]] From 655255b50c6565418d434165902a5a5110fb834a Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Mon, 31 Mar 2025 17:07:10 +0100 Subject: [PATCH 2/4] agent: Update policy to use workspace settings To reduce duplication, we could update the policy crate to use settings and versions from the agent, where applicable. Signed-off-by: stevenhorsman --- src/agent/policy/Cargo.toml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/src/agent/policy/Cargo.toml b/src/agent/policy/Cargo.toml index 4bf98fb19..d31773ab7 100644 --- a/src/agent/policy/Cargo.toml +++ b/src/agent/policy/Cargo.toml @@ -1,20 +1,19 @@ [package] name = "kata-agent-policy" version = "0.1.0" -authors = ["The Kata Containers community "] -edition = "2018" -license = "Apache-2.0" +authors.workspace = true +edition.workspace = true +license.workspace = true [dependencies] # Async runtime -tokio = { version = "1.39.0", features = ["full"] } -tokio-vsock = "0.3.4" +tokio.workspace = true -anyhow = "1" +anyhow.workspace = true # Configuration -serde = { version = "1.0.129", features = ["derive"] } -serde_json = "1.0.39" +serde.workspace = true +serde_json.workspace = true # Agent Policy regorus = { version = "0.2.8", default-features = false, features = [ @@ -27,7 +26,5 @@ json-patch = "2.0.0" # Note: this crate sets the slog 'max_*' features which allows the log level # to be modified at runtime. -logging = { path = "../../libs/logging" } -slog = "2.5.2" -slog-scope = "4.1.2" -slog-term = "2.9.0" +slog.workspace = true +slog-scope.workspace = true From 2cb9fd3c69175279523295a602356ef95ce82dc2 Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Mon, 31 Mar 2025 17:09:42 +0100 Subject: [PATCH 3/4] agent: Update rustjail to use workspace settings - To reduce duplication, we could update the rustjail crate to use settings and versions from the agent, where applicable. - Also switch to using the derive feature in serde crate rather than the separate serde_derive to avoid keeping both versions in sync > [!NOTE] > In order to use the workspace, this has bumped some crate versions Signed-off-by: stevenhorsman --- src/agent/Cargo.lock | 99 +++++++++---------- src/agent/Cargo.toml | 2 +- src/agent/rustjail/Cargo.toml | 73 ++++++++------ src/agent/rustjail/src/cgroups/fs/mod.rs | 1 + src/agent/rustjail/src/cgroups/mock.rs | 1 + .../src/cgroups/systemd/cgroups_path.rs | 1 + .../rustjail/src/cgroups/systemd/common.rs | 2 + .../src/cgroups/systemd/dbus_client.rs | 1 + .../rustjail/src/cgroups/systemd/manager.rs | 1 + src/agent/rustjail/src/container.rs | 1 + src/agent/rustjail/src/lib.rs | 6 +- src/agent/rustjail/src/specconv.rs | 1 + 12 files changed, 100 insertions(+), 89 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index c81667cf3..2a58fd8dc 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -33,7 +33,7 @@ version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "cipher", "cpufeatures", "zeroize", @@ -79,7 +79,7 @@ version = "0.8.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "getrandom 0.2.15", "once_cell", "serde", @@ -325,7 +325,7 @@ checksum = "0fc5b45d93ef0529756f812ca52e44c221b35341892d3dcc34132ac02f3dd2af" dependencies = [ "async-lock 2.8.0", "autocfg", - "cfg-if 1.0.0", + "cfg-if", "concurrent-queue", "futures-lite 1.13.0", "log", @@ -344,7 +344,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "43a2b323ccce0a1d90b449fd71f2a06ca7faa7c54c2751f06c9bd851fc061059" dependencies = [ "async-lock 3.4.0", - "cfg-if 1.0.0", + "cfg-if", "concurrent-queue", "futures-io", "futures-lite 2.6.0", @@ -386,7 +386,7 @@ dependencies = [ "async-lock 2.8.0", "async-signal", "blocking", - "cfg-if 1.0.0", + "cfg-if", "event-listener 3.1.0", "futures-lite 1.13.0", "rustix 0.38.44", @@ -424,7 +424,7 @@ dependencies = [ "async-io 2.4.0", "async-lock 3.4.0", "atomic-waker", - "cfg-if 1.0.0", + "cfg-if", "futures-core", "futures-io", "rustix 0.38.44", @@ -491,7 +491,7 @@ dependencies = [ "anyhow", "async-trait", "base64 0.22.1", - "cfg-if 1.0.0", + "cfg-if", "hex", "kbs-types", "log", @@ -533,7 +533,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8d82cb332cdfaed17ae235a638438ac4d4839913cc2af585c3c6746e8f8bee1a" dependencies = [ "addr2line", - "cfg-if 1.0.0", + "cfg-if", "libc", "miniz_oxide", "object", @@ -854,7 +854,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4a6e71767585f51c2a33fed6d67147ec0343725fc3c03bf4b89fe67fede56aa5" dependencies = [ "bitflags 1.3.2", - "cfg-if 1.0.0", + "cfg-if", "libc", ] @@ -945,12 +945,6 @@ dependencies = [ "cipher", ] -[[package]] -name = "cfg-if" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" - [[package]] name = "cfg-if" version = "1.0.0" @@ -1246,7 +1240,7 @@ version = "1.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", ] [[package]] @@ -1393,7 +1387,7 @@ version = "4.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "cpufeatures", "curve25519-dalek-derive", "digest", @@ -1646,7 +1640,7 @@ version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "dirs-sys-next", ] @@ -1965,7 +1959,7 @@ version = "0.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "35c0522e981e68cbfa8c3f978441a5f34b30b96e146b33cd3359176b50fe8586" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "libc", "libredox", "windows-sys 0.59.0", @@ -2188,7 +2182,7 @@ version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "js-sys", "libc", "wasi 0.11.0+wasi-snapshot-preview1", @@ -2201,7 +2195,7 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "libc", "wasi 0.13.3+wasi-0.2.2", "windows-targets 0.52.6", @@ -2677,7 +2671,7 @@ dependencies = [ "async-compression", "async-trait", "base64 0.22.1", - "cfg-if 1.0.0", + "cfg-if", "filetime", "flate2", "futures", @@ -2768,7 +2762,7 @@ version = "0.1.13" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e0242819d153cba4b4b05a5a8f2a7e9bbf97b6055b2a002b395c96b5ff3c0222" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", ] [[package]] @@ -2863,7 +2857,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a87aa2bb7d2af34197c04845522473242e1aa17c12f4935d5856491a7fb8c97" dependencies = [ "cesu8", - "cfg-if 1.0.0", + "cfg-if", "combine", "jni-sys", "log", @@ -3028,7 +3022,7 @@ version = "0.13.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f6e3919bbaa2945715f0bb6d3934a173d1e9a59ac23767fbaaef277265a7411b" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "ecdsa", "elliptic-curve", "once_cell", @@ -3046,7 +3040,7 @@ dependencies = [ "async-trait", "capctl", "cdi", - "cfg-if 1.0.0", + "cfg-if", "cgroups-rs", "clap 3.2.25", "const_format", @@ -3386,7 +3380,7 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "windows-targets 0.52.6", ] @@ -3531,7 +3525,7 @@ version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "digest", ] @@ -3735,7 +3729,7 @@ checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c" dependencies = [ "bitflags 1.3.2", "cc", - "cfg-if 1.0.0", + "cfg-if", "libc", "memoffset 0.6.5", ] @@ -3747,7 +3741,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fa52e972a9a719cecb6864fb88568781eb706bac2cd1d4f04a648542dbf78069" dependencies = [ "bitflags 1.3.2", - "cfg-if 1.0.0", + "cfg-if", "libc", "memoffset 0.6.5", ] @@ -3760,7 +3754,7 @@ checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" dependencies = [ "autocfg", "bitflags 1.3.2", - "cfg-if 1.0.0", + "cfg-if", "libc", ] @@ -3771,7 +3765,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" dependencies = [ "bitflags 1.3.2", - "cfg-if 1.0.0", + "cfg-if", "libc", "memoffset 0.7.1", "pin-utils", @@ -3784,7 +3778,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" dependencies = [ "bitflags 2.9.0", - "cfg-if 1.0.0", + "cfg-if", "libc", ] @@ -3795,7 +3789,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46" dependencies = [ "bitflags 2.9.0", - "cfg-if 1.0.0", + "cfg-if", "cfg_aliases", "libc", ] @@ -4063,7 +4057,7 @@ dependencies = [ "async-trait", "base64 0.22.1", "base64-serde", - "cfg-if 1.0.0", + "cfg-if", "ctr", "hmac", "kbc", @@ -4223,7 +4217,7 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "60a2cfe6f0ad2bfc16aefa463b497d5c7a5ecd44a23efa72aa342d90177356dc" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "instant", "libc", "redox_syscall 0.2.16", @@ -4237,7 +4231,7 @@ version = "0.9.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "libc", "redox_syscall 0.5.10", "smallvec", @@ -4451,7 +4445,7 @@ checksum = "4b2d323e8ca7996b3e23126511a523f7e62924d93ecd5ae73b333815b0eb3dce" dependencies = [ "autocfg", "bitflags 1.3.2", - "cfg-if 1.0.0", + "cfg-if", "concurrent-queue", "libc", "log", @@ -4465,7 +4459,7 @@ version = "3.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a604568c3202727d1507653cb121dbd627a58684eb09a820fd746bee38b4442f" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "concurrent-queue", "hermit-abi 0.4.0", "pin-project-lite", @@ -4491,7 +4485,7 @@ version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "cpufeatures", "opaque-debug", "universal-hash", @@ -4651,7 +4645,7 @@ version = "0.13.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3d33c28a30771f7f96db69893f78b857f7450d7e0237e9c8fc6427a81bae7ed1" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "fnv", "lazy_static", "libc", @@ -5155,7 +5149,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "70ac5d832aa16abd7d1def883a8545280c20a60f523a370aa3a9617c2b8550ee" dependencies = [ "cc", - "cfg-if 1.0.0", + "cfg-if", "getrandom 0.2.15", "libc", "untrusted", @@ -5248,7 +5242,7 @@ version = "0.18.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d428f8247852f894ee1be110b375111b586d4fa431f6c46e64ba5a0dcccbe605" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "glob", "proc-macro2", "quote", @@ -5380,7 +5374,7 @@ dependencies = [ "bit-vec", "capctl", "caps", - "cfg-if 0.1.10", + "cfg-if", "cgroups-rs", "futures", "inotify", @@ -5399,7 +5393,6 @@ dependencies = [ "scan_fmt", "scopeguard", "serde", - "serde_derive", "serde_json", "serial_test", "slog", @@ -5822,7 +5815,7 @@ version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "cpufeatures", "digest", ] @@ -5844,7 +5837,7 @@ version = "0.10.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "cpufeatures", "digest", ] @@ -5890,7 +5883,7 @@ source = "git+https://github.com/sigstore/sigstore-rs.git?rev=c39c519#c39c519dd9 dependencies = [ "async-trait", "base64 0.22.1", - "cfg-if 1.0.0", + "cfg-if", "chrono", "const-oid", "crypto_secretbox", @@ -6225,7 +6218,7 @@ version = "0.30.13" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0a5b4ddaee55fb2bea2bf0e5000747e5f5c0de765e5a5ff87f4cd106439f4bb3" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "core-foundation-sys", "libc", "ntapi", @@ -6252,7 +6245,7 @@ version = "3.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2c317e0a526ee6120d8dabad239c8dadca62b24b6f168914bbbc8e2fb1f0e567" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "fastrand 2.3.0", "getrandom 0.3.1", "once_cell", @@ -6339,7 +6332,7 @@ version = "1.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b9ef9bad013ada3808854ceac7b46812a6465ba368859a37e2100283d2d719c" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "once_cell", ] @@ -6993,7 +6986,7 @@ version = "0.2.100" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "once_cell", "rustversion", "wasm-bindgen-macro", @@ -7019,7 +7012,7 @@ version = "0.4.50" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "js-sys", "once_cell", "wasm-bindgen", diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 027573384..559929829 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -15,7 +15,7 @@ protobuf = "=3.7.1" libc = "0.2.58" nix = "0.24.2" capctl = "0.2.0" -scan_fmt = "0.2.3" +scan_fmt = "0.2.6" scopeguard = "1.0.0" thiserror = "1.0.26" regex = "1.10.5" diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 577fdff9d..eceab4242 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -1,51 +1,62 @@ [package] name = "rustjail" version = "0.1.0" -authors = ["The Kata Containers community "] -edition = "2018" -license = "Apache-2.0" +authors.workspace = true +edition.workspace = true +license.workspace = true [dependencies] awaitgroup = "0.6.0" -serde = "1.0.91" -serde_json = "1.0.39" -serde_derive = "1.0.91" -runtime-spec = { path = "../../libs/runtime-spec" } -oci-spec = { version = "0.6.8", features = ["runtime"] } -protocols = { path ="../../libs/protocols" } -kata-sys-util = { path = "../../libs/kata-sys-util" } +serde.workspace = true +serde_json.workspace = true + +oci-spec.workspace = true caps = "0.5.0" -nix = "0.24.2" -scopeguard = "1.0.0" -capctl = "0.2.0" -lazy_static = "1.3.0" -libc = "0.2.58" -protobuf = "=3.7.1" -slog = "2.5.2" -slog-scope = "4.1.2" -scan_fmt = "0.2.6" -regex = "1.5.6" +nix.workspace = true +scopeguard.workspace = true +capctl.workspace = true +lazy_static.workspace = true +libc.workspace = true +protobuf.workspace = true +slog.workspace = true +slog-scope.workspace = true +scan_fmt.workspace = true +regex.workspace = true path-absolutize = "1.2.0" anyhow = "1.0.32" -cgroups = { package = "cgroups-rs", version = "0.3.3" } +cgroups.workspace = true rlimit = "0.5.3" -cfg-if = "0.1.0" +cfg-if.workspace = true -tokio = { version = "1.38.0", features = ["sync", "io-util", "process", "time", "macros", "rt", "fs"] } -tokio-vsock = "0.3.4" -futures = "0.3.17" -async-trait = "0.1.31" +tokio = { workspace = true, features = [ + "sync", + "io-util", + "process", + "time", + "macros", + "rt", + "fs", +] } +tokio-vsock.workspace = true +futures.workspace = true +async-trait.workspace = true inotify = "0.9.2" libseccomp = { version = "0.3.0", optional = true } zbus = "3.12.0" -bit-vec= "0.6.3" +bit-vec = "0.6.3" xattr = "0.2.3" +# Local dependencies +protocols.workspace = true +kata-sys-util.workspace = true +runtime-spec.workspace = true + [dev-dependencies] -serial_test = "0.5.0" -tempfile = "3.1.0" -test-utils = { path = "../../libs/test-utils" } -protocols = { path ="../../libs/protocols" } +serial_test.workspace = true +tempfile.workspace = true + +# Local dependencies +test-utils.workspace = true [features] seccomp = ["libseccomp"] diff --git a/src/agent/rustjail/src/cgroups/fs/mod.rs b/src/agent/rustjail/src/cgroups/fs/mod.rs index bc9b2b090..e43662ff7 100644 --- a/src/agent/rustjail/src/cgroups/fs/mod.rs +++ b/src/agent/rustjail/src/cgroups/fs/mod.rs @@ -33,6 +33,7 @@ use protocols::agent::{ BlkioStats, BlkioStatsEntry, CgroupStats, CpuStats, CpuUsage, HugetlbStats, MemoryData, MemoryStats, PidsStats, ThrottlingData, }; +use serde::{Deserialize, Serialize}; use std::any::Any; use std::collections::HashMap; use std::fs; diff --git a/src/agent/rustjail/src/cgroups/mock.rs b/src/agent/rustjail/src/cgroups/mock.rs index f7185403d..429a150e6 100644 --- a/src/agent/rustjail/src/cgroups/mock.rs +++ b/src/agent/rustjail/src/cgroups/mock.rs @@ -12,6 +12,7 @@ use cgroups::freezer::FreezerState; use libc::{self, pid_t}; use oci::{LinuxResources, Spec}; use oci_spec::runtime as oci; +use serde::{Deserialize, Serialize}; use std::any::Any; use std::collections::HashMap; use std::string::String; diff --git a/src/agent/rustjail/src/cgroups/systemd/cgroups_path.rs b/src/agent/rustjail/src/cgroups/systemd/cgroups_path.rs index 696c0ece0..05a8347dc 100644 --- a/src/agent/rustjail/src/cgroups/systemd/cgroups_path.rs +++ b/src/agent/rustjail/src/cgroups/systemd/cgroups_path.rs @@ -6,6 +6,7 @@ use anyhow::{anyhow, Result}; use super::common::{DEFAULT_SLICE, SCOPE_SUFFIX, SLICE_SUFFIX}; +use serde::{Deserialize, Serialize}; use std::string::String; #[derive(Serialize, Deserialize, Debug, Clone)] diff --git a/src/agent/rustjail/src/cgroups/systemd/common.rs b/src/agent/rustjail/src/cgroups/systemd/common.rs index ec82b40c2..80f67b06f 100644 --- a/src/agent/rustjail/src/cgroups/systemd/common.rs +++ b/src/agent/rustjail/src/cgroups/systemd/common.rs @@ -3,6 +3,8 @@ // SPDX-License-Identifier: Apache-2.0 // +use serde::{Deserialize, Serialize}; + pub const DEFAULT_SLICE: &str = "system.slice"; pub const SLICE_SUFFIX: &str = ".slice"; pub const SCOPE_SUFFIX: &str = ".scope"; diff --git a/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs b/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs index 0c3294b44..6a74c9c06 100644 --- a/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs +++ b/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs @@ -3,6 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 // +use serde::{Deserialize, Serialize}; use std::vec; use super::common::{ diff --git a/src/agent/rustjail/src/cgroups/systemd/manager.rs b/src/agent/rustjail/src/cgroups/systemd/manager.rs index 6d0408c2c..748f18b2b 100644 --- a/src/agent/rustjail/src/cgroups/systemd/manager.rs +++ b/src/agent/rustjail/src/cgroups/systemd/manager.rs @@ -10,6 +10,7 @@ use cgroups::freezer::FreezerState; use libc::{self, pid_t}; use oci::LinuxResources; use oci_spec::runtime as oci; +use serde::{Deserialize, Serialize}; use std::any::Any; use std::collections::HashMap; use std::convert::TryInto; diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index a1eb6974a..9f9ecaa0a 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -8,6 +8,7 @@ use libc::pid_t; use oci::{Linux, LinuxDevice, LinuxIdMapping, LinuxNamespace, LinuxResources, Spec}; use oci_spec::runtime as oci; use runtime_spec as spec; +use serde::{Deserialize, Serialize}; use spec::{ContainerState, State as OCIState}; use std::clone::Clone; use std::ffi::CString; diff --git a/src/agent/rustjail/src/lib.rs b/src/agent/rustjail/src/lib.rs index 3acf9c28d..3effee888 100644 --- a/src/agent/rustjail/src/lib.rs +++ b/src/agent/rustjail/src/lib.rs @@ -7,12 +7,10 @@ #[macro_use] #[cfg(test)] extern crate serial_test; -extern crate serde; -extern crate serde_json; -#[macro_use] -extern crate serde_derive; extern crate caps; extern crate protocols; +extern crate serde; +extern crate serde_json; #[macro_use] extern crate scopeguard; extern crate capctl; diff --git a/src/agent/rustjail/src/specconv.rs b/src/agent/rustjail/src/specconv.rs index d577ba787..fe946e27c 100644 --- a/src/agent/rustjail/src/specconv.rs +++ b/src/agent/rustjail/src/specconv.rs @@ -4,6 +4,7 @@ // use oci_spec::runtime::Spec; +use serde::{Deserialize, Serialize}; #[derive(Serialize, Deserialize, Debug, Default, Clone)] pub struct CreateOpts { From 6603cf7872a144360a0142f35d40dbe03135b0cc Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Mon, 7 Apr 2025 17:54:48 +0100 Subject: [PATCH 4/4] agent: Update vsock-exporter to use workspace settings To reduce duplication, we could update the vsock-exporter crate to use settings and versions from the agent, where applicable. > [!NOTE] > In order to use the workspace, this has bumped some crate versions Signed-off-by: stevenhorsman --- src/agent/Cargo.lock | 8 ++++---- src/agent/Cargo.toml | 6 +++--- src/agent/vsock-exporter/Cargo.toml | 26 +++++++++++++------------- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 2a58fd8dc..311379037 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -468,9 +468,9 @@ checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de" [[package]] name = "async-trait" -version = "0.1.87" +version = "0.1.88" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d556ec1359574147ec0c4fc5eb525f3f23263a592b1a9c07e0a75b427de55c97" +checksum = "e539d3fca749fcee5236ab05e93a52867dd549cc157c8cb7f99595f3cedffdb5" dependencies = [ "proc-macro2", "quote", @@ -3370,9 +3370,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.170" +version = "0.2.171" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "875b3680cb2f8f71bdcf9a30f38d48282f5d3c95cbf9b3fa57269bb5d5c06828" +checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" [[package]] name = "libloading" diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 559929829..b4ec995c8 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -1,5 +1,5 @@ [workspace] -members = ["rustjail", "policy"] +members = ["rustjail", "policy", "vsock-exporter"] [workspace.package] authors = ["The Kata Containers community "] @@ -12,7 +12,7 @@ oci-spec = { version = "0.6.8", features = ["runtime"] } lazy_static = "1.3.0" ttrpc = { version = "0.8.4", features = ["async"], default-features = false } protobuf = "=3.7.1" -libc = "0.2.58" +libc = "0.2.94" nix = "0.24.2" capctl = "0.2.0" scan_fmt = "0.2.6" @@ -25,7 +25,7 @@ derivative = "2.2.0" const_format = "0.2.30" # Async helpers -async-trait = "0.1.42" +async-trait = "0.1.50" async-recursion = "0.3.2" futures = "0.3.30" diff --git a/src/agent/vsock-exporter/Cargo.toml b/src/agent/vsock-exporter/Cargo.toml index 7bec1d87a..6c4642235 100644 --- a/src/agent/vsock-exporter/Cargo.toml +++ b/src/agent/vsock-exporter/Cargo.toml @@ -2,20 +2,20 @@ name = "vsock-exporter" version = "0.1.0" authors = ["James O. D. Hunt "] -edition = "2018" -license = "Apache-2.0" - -# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html +edition.workspace = true +license.workspace = true [dependencies] -nix = "0.24.2" -libc = "0.2.94" -thiserror = "1.0.26" -opentelemetry = { version = "0.14.0", features=["serialize"] } -serde = { version = "1.0.126", features = ["derive"] } -tokio-vsock = "0.3.1" +libc.workspace = true +thiserror.workspace = true +opentelemetry = { workspace = true, features = ["serialize"] } +tokio-vsock.workspace = true bincode = "1.3.3" byteorder = "1.4.3" -slog = { version = "2.5.2", features = ["dynamic-keys", "max_level_trace", "release_max_level_debug"] } -async-trait = "0.1.50" -tokio = "1.28.1" +slog = { workspace = true, features = [ + "dynamic-keys", + "max_level_trace", + "release_max_level_debug", +] } +async-trait.workspace = true +tokio.workspace = true