```
14:13:15 parse.go:306:5: S1009: should omit nil check; len() for github.com/kata-containers/kata-containers/src/tools/log-parser.kvPairs is defined as zero (gosimple)
14:13:15 if pairs == nil || len(pairs) == 0 {
14:13:15 ^
```
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 2f5f575a43)
It seems that bumping the version of golang and golangci-lint new format
changes are required.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit d94718fb30)
The package has been deprecated as part of 1.16 and the same
functionality is now provided by either the io or the os package.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 16b8375095)
Let's bump the golangci-lint in order to fix issues that popped up after
updating Golang to its 1.19.2 version.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 66aa330d0d)
v1.5.2 cannot be built from source by newer golang. Let's bump
containerd version to 1.6.8. The GO runtime dependency has
been moved to v1.6.6 for some time already.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
(cherry picked from commit b3a4a16294)
So that we get the latest language fixes.
There is little use to maitain compiler backward compatibility.
Let's just set the default golang version to the latest 1.19.2.
Fixes: #5494
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
(cherry picked from commit eab8d6be13)
Although introducing an awful amount of code duplication, let's
parallelise the static checks in order to reduce its time and the space
used in the VMs running those.
While I understand there may be ways to make the whole setup less
repetitive and error prone, I'm taking the approach of:
* Make it work
* Make it right
* Make it fast
So, it's clear that I'm only attempting to make it work, and I'd
appreciate community help in order to improve the situation here. But,
for now, this is a stopgap solution.
JFYI, the time needed for run the tests on the `main` branch went down
from ~110 minutes to ~60 minutes. Plus, we're not running those on a
single VM anymore, which decreases the change to hit the space limit.
Reference: https://github.com/kata-containers/kata-containers/actions/runs/3393468605/jobs/5640842041
Ideally, each one of the following tests should be also split into
smaller tests, each test for one component, for instance.
* static-checks
* compiler-checks
* unit-tests
* unit-tests-as-root
Fixes: #5585
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 40d514aa2c)
It appears that _either_ the GitHub workflow runners have changed their
environment, or the Ubuntu archive has changed package dependencies,
resulting in the following error when building the snap:
```
Installing build dependencies: bc bison build-essential cpio curl docker.io ...
:
The following packages have unmet dependencies:
docker.io : Depends: containerd (>= 1.2.6-0ubuntu1~)
E: Unable to correct problems, you have held broken packages.
```
This PR uses the simplest solution: install the `containerd` and `runc`
packages. However, we might want to investigate alternative solutions in
the future given that the docker and containerd packages seem to have
gone wild in the Ubuntu GitHub workflow runner environment. If you
include the official docker repo (which the snap uses), a _subset_ of
the related packages is now:
- `containerd`
- `containerd.io`
- `docker-ce`
- `docker.io`
- `moby-containerd`
- `moby-engine`
- `moby-runc`
- `runc`
Fixes: #5545.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
(cherry picked from commit 990e6359b7)
Rather than hard-coding the package manager into the docker part,
use the `build-packages` section to specify the parts package
dependencies in a distro agnostic manner.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
(cherry picked from commit ca69a9ad6d)
Let's build virtiofsd using the kata-deploy build scripts, which
simplifies and unifies the way we build our components.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 0bc5baafb9)
Let's have the docker installation / configuration as part of its own
task, which can be set as a dependency of other tasks whcih may or may
not depend on docker.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit cb4ef4734f)
When moving to building the CI artefacts using the kata-deploy scripts,
we've noticed that the build would fail on any machine where the tarball
wasn't officially provided.
This happens as rust is missing from the 1st layer container. However,
it's a very common practice to leave the 1st layer container with the
minimum possible dependencies and install whatever is needed for
building a specific component in a 2nd layer container, which virtiofsd
never had.
In this commit we introduce the second layer containers (yes,
comtainers), one for building virtiofsd using musl, and one for building
virtiofsd using glibc. The reason for taking this approach was to
actually simplify the scripts and avoid building the dependencies
(libseccomp, libcap-ng) using musl libc.
Fixes: #5425
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit 7e5941c578)
- stable-3.0: backport agent fixes
- backport fix for 3.0.0 release
fb4430549 release: Adapt kata-deploy for 3.0.0
20c02528e agent: reduce reference count for failed mount
3eb6f5858 agent: don't exit early if signal fails due to ESRCH
8dc8565ed versions: Update gperf url to avoid libseccomp random failures
740e7e2f7 kata-sys-util: fix typo `unknow`
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
kata-deploy files must be adapted to a new release. The cases where it
happens are when the release goes from -> to:
* main -> stable:
* kata-deploy-stable / kata-cleanup-stable: are removed
* stable -> stable:
* kata-deploy / kata-cleanup: bump the release to the new one.
There are no changes when doing an alpha release, as the files on the
"main" branch always point to the "latest" and "stable" tags.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
The kata agent adds a reference for each storage object before mount
and skip mount again if the storage object is known. We need to
remove the object reference if mount fails.
Fixes: #5364
Signed-off-by: Feng Wang <feng.wang@databricks.com>
ESRCH usually means the process has exited. In this case,
the execution should continue to kill remaining container processes.
Fixes: #5366
Signed-off-by: Feng Wang <feng.wang@databricks.com>
[Fix up cargo updates]
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
This PR updates the gperf url to avoid random failures when installing
libseccomp as it seems that the mirrror url produces network random
failures in multiple CIs.
Fixes#5294
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
- tools: release: fix bogus version check
- osbuilder: Export directory variables for libseccomp
- kata-deploy: support runtime-rs for kata deploy
- Last backport for 3.0-rc1
- stable-3.0: backport runtime/runtime-rs dependency updates
babab160bc tools: release: fix bogus version check
af22e71375 osbuilder: Export directory variables for libseccomp
b0c5f040f0 runtime-rs: set agent timeout to 0 for stream RPCs
d44e39e059 runtime-rs: fix incorrect comments
43b0e95800 runtime: store the user name in hypervisor config
81801888a2 runtime: make StopVM thread-safe
fba39ef32d runtime: add more debug logs for non-root user operation
63309514ca runtime-rs: drop dependency on rustc-serialize
e229a03cc8 runtime: update runc dependency
d663f110d7 kata-deploy: get the config path from cri options
c6b3dcb67d kata-deploy: support kata-deploy for runtime-rs
a394761a5c kata-deploy: add installation for runtime-rs
Signed-off-by: Greg Kurz <groug@kaod.org>
Shell expands `*"rc"*` to the top-level `src` directory. This results
in comparing a version with a directory name. This doesn't make sense
and causes the script to choose the wrong branch of the `if`.
The intent of the check is actually to detect `rc` in the version.
Fixes: #5283
Signed-off-by: Greg Kurz <groug@kaod.org>
(cherry picked from commit 421729f991)
Signed-off-by: Greg Kurz <groug@kaod.org>
To avoid the random failures when we are building the rootfs as it seems
that it does not find the value for the libseccomp and gperf directory,
this PR export these variables.
Fixes#5232
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
(cherry picked from commit a4a23457ca)
Signed-off-by: Greg Kurz <groug@kaod.org>
For stream RPCs:
- write_stdin
- read_stdout
- read_stderr
there should be no timeout (by setting it to 0).
Fixes: #5249
Signed-off-by: Bin Liu <bin@hyper.sh>
(cherry picked from commit 20bcaf0e36)
Signed-off-by: Greg Kurz <groug@kaod.org>
Some comments for types are incorrect in file
src/libs/kata-types/src/config/hypervisor/mod.rs
Fixes: #5187
Signed-off-by: Bin Liu <bin@hyper.sh>
(cherry picked from commit 3f65ff2d07)
Signed-off-by: Greg Kurz <groug@kaod.org>
The user name will be used to delete the user instead of relying on
uid lookup because uid can be reused.
Fixes: #5155
Signed-off-by: Feng Wang <feng.wang@databricks.com>
(cherry picked from commit f914319874)
Signed-off-by: Greg Kurz <groug@kaod.org>
StopVM can be invoked by multiple threads and needs to be thread-safe
Fixes: #5155
Signed-off-by: Feng Wang <feng.wang@databricks.com>
(cherry picked from commit 5cafe21770)
Signed-off-by: Greg Kurz <groug@kaod.org>
Previously the logging was insufficient and made debugging difficult
Fixes: #5155
Signed-off-by: Feng Wang <feng.wang@databricks.com>
(cherry picked from commit c3015927a3)
Signed-off-by: Greg Kurz <groug@kaod.org>
- runtime-rs: delete some allow(dead_code) attributes
- kata-types: don't check virtio_fs_daemon for inline-virtio-fs
- kata-types: change return type of getting CPU period/quota function
- runtime-rs: fix host device check pattern
- runtime-rs: remove meaningless comment
- runtime-rs: update rust runtime roadmap
- runk: Enable seccomp support by default
- config: add "inline-virtio-fs" as a "shared_fs" type
- runtime-rs: add README.md
- runk: Refactor container builder
- kernel: fix kernel tarball name for SEV
- libs/kata-types: replace tabs by spaces in comments
- gperf: point URL to mirror site
be242a3c3 release: Adapt kata-deploy for 3.0.0-rc0
156e1c324 runtime-rs: delete some allow(dead_code) attributes
62cf6e6fc runtime-rs: remove meaningless comment
bcf6bf843 runk: Enable seccomp support by default
2b1d05857 runtime-rs: fix host device check pattern
85b49cee0 runtime-rs: add README.md
36d805fab config: add "inline-virtio-fs" as a "shared_fs" type
b948a8ffe kernel: fix kernel tarball name for SEV
50f912615 libs/kata-types: replace tabs by spaces in comments
96c8be715 libs/kata-types: change return type of getting CPU period/quota
fc9c6f87a kata-types: don't check virtio_fs_daemon for inline-virtio-fs
968c2f6e8 runk: Refactor container builder
84268f871 runtime-rs: update rust runtime roadmap
566656b08 gperf: point URL to mirror site
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
kata-deploy files must be adapted to a new release. The cases where it
happens are when the release goes from -> to:
* main -> stable:
* kata-deploy-stable / kata-cleanup-stable: are removed
* stable -> stable:
* kata-deploy / kata-cleanup: bump the release to the new one.
There are no changes when doing an alpha release, as the files on the
"main" branch always point to the "latest" and "stable" tags.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
