kairos/luet
1
0
Fork 0
mirror of https://github.com/mudler/luet.git synced 2025-09-10 03:29:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update gomod and vendor

Browse Source
This commit is contained in:
Ettore Di Giacinto
2021-01-20 12:36:07 +01:00
parent 163f93067c
commit c24a3a35f1
149 changed files with 6 additions and 16940 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
vendor/github.com/moby/buildkit/util/network/cniprovider/allowempty.s generated vendored
View File

120
vendor/github.com/moby/buildkit/util/network/cniprovider/cni.go generated vendored
View File

@@ -1,120 +0,0 @@
package cniprovider
import (
"context"
"os"
"path/filepath"
"syscall"
"github.com/containerd/containerd/oci"
"github.com/containerd/go-cni"
"github.com/gofrs/flock"
"github.com/moby/buildkit/identity"
"github.com/moby/buildkit/util/network"
specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
type Opt struct {
Root string
ConfigPath string
BinaryDir string
}
func New(opt Opt) (network.Provider, error) {
if _, err := os.Stat(opt.ConfigPath); err != nil {
return nil, errors.Wrapf(err, "failed to read cni config %q", opt.ConfigPath)
}
if _, err := os.Stat(opt.BinaryDir); err != nil {
return nil, errors.Wrapf(err, "failed to read cni binary dir %q", opt.BinaryDir)
}
cniHandle, err := cni.New(
cni.WithMinNetworkCount(2),
cni.WithConfFile(opt.ConfigPath),
cni.WithPluginDir([]string{opt.BinaryDir}),
cni.WithLoNetwork,
cni.WithInterfacePrefix(("eth")))
if err != nil {
return nil, err
}
if err != nil {
return nil, err
}
cp := &cniProvider{CNI: cniHandle, root: opt.Root}
if err := cp.initNetwork(); err != nil {
return nil, err
}
return cp, nil
}
type cniProvider struct {
cni.CNI
root string
}
func (c *cniProvider) initNetwork() error {
if v := os.Getenv("BUILDKIT_CNI_INIT_LOCK_PATH"); v != "" {
l := flock.New(v)
if err := l.Lock(); err != nil {
return err
}
defer l.Unlock()
}
ns, err := c.New()
if err != nil {
return err
}
return ns.Close()
}
func (c *cniProvider) New() (network.Namespace, error) {
id := identity.NewID()
nsPath := filepath.Join(c.root, "net/cni", id)
if err := os.MkdirAll(filepath.Dir(nsPath), 0700); err != nil {
return nil, err
}
if err := createNetNS(nsPath); err != nil {
os.RemoveAll(filepath.Dir(nsPath))
return nil, err
}
if _, err := c.CNI.Setup(context.TODO(), id, nsPath); err != nil {
os.RemoveAll(filepath.Dir(nsPath))
return nil, errors.Wrap(err, "CNI setup error")
}
return &cniNS{path: nsPath, id: id, handle: c.CNI}, nil
}
type cniNS struct {
handle cni.CNI
id string
path string
}
func (ns *cniNS) Set(s *specs.Spec) {
oci.WithLinuxNamespace(specs.LinuxNamespace{
Type: specs.NetworkNamespace,
Path: ns.path,
})(nil, nil, nil, s)
}
func (ns *cniNS) Close() error {
err := ns.handle.Remove(context.TODO(), ns.id, ns.path)
if err1 := unix.Unmount(ns.path, unix.MNT_DETACH); err1 != nil {
if err1 != syscall.EINVAL && err1 != syscall.ENOENT && err == nil {
err = errors.Wrap(err1, "error unmounting network namespace")
}
}
if err1 := os.RemoveAll(filepath.Dir(ns.path)); err1 != nil && !os.IsNotExist(err1) && err == nil {
err = errors.Wrap(err, "error removing network namespace")
}
return err
}

16
vendor/github.com/moby/buildkit/util/network/cniprovider/cni_unsafe.go generated vendored
View File

@@ -1,16 +0,0 @@
// +build linux
package cniprovider
import (
_ "unsafe" // required for go:linkname.
)
//go:linkname beforeFork syscall.runtime_BeforeFork
func beforeFork()
//go:linkname afterFork syscall.runtime_AfterFork
func afterFork()
//go:linkname afterForkInChild syscall.runtime_AfterForkInChild
func afterForkInChild()

59
vendor/github.com/moby/buildkit/util/network/cniprovider/createns_linux.go generated vendored
View File

@@ -1,59 +0,0 @@
// +build linux
package cniprovider
import (
"os"
"syscall"
"unsafe"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
func createNetNS(p string) error {
f, err := os.Create(p)
if err != nil {
return err
}
if err := f.Close(); err != nil {
return err
}
procNetNSBytes, err := syscall.BytePtrFromString("/proc/self/ns/net")
if err != nil {
return err
}
pBytes, err := syscall.BytePtrFromString(p)
if err != nil {
return err
}
beforeFork()
pid, _, errno := syscall.RawSyscall6(syscall.SYS_CLONE, uintptr(syscall.SIGCHLD)|unix.CLONE_NEWNET, 0, 0, 0, 0, 0)
if errno != 0 {
afterFork()
return errno
}
if pid != 0 {
afterFork()
var ws unix.WaitStatus
_, err = unix.Wait4(int(pid), &ws, 0, nil)
for err == syscall.EINTR {
_, err = unix.Wait4(int(pid), &ws, 0, nil)
}
if err != nil {
return errors.Wrapf(err, "failed to find pid=%d process", pid)
}
errno = syscall.Errno(ws.ExitStatus())
if errno != 0 {
return errors.Wrap(errno, "failed to mount")
}
return nil
}
afterForkInChild()
_, _, errno = syscall.RawSyscall6(syscall.SYS_MOUNT, uintptr(unsafe.Pointer(procNetNSBytes)), uintptr(unsafe.Pointer(pBytes)), 0, uintptr(unix.MS_BIND), 0, 0)
syscall.RawSyscall(syscall.SYS_EXIT, uintptr(errno), 0, 0)
panic("unreachable")
}

9
vendor/github.com/moby/buildkit/util/network/cniprovider/createns_nolinux.go generated vendored
View File

@@ -1,9 +0,0 @@
// +build !linux
package cniprovider
import "github.com/pkg/errors"
func createNetNS(p string) error {
return errors.Errorf("creating netns for cni not supported")
}

50
vendor/github.com/moby/buildkit/util/network/netproviders/network.go generated vendored
View File

@@ -1,50 +0,0 @@
package netproviders
import (
"os"
"github.com/moby/buildkit/solver/pb"
"github.com/moby/buildkit/util/network"
"github.com/moby/buildkit/util/network/cniprovider"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
type Opt struct {
CNI cniprovider.Opt
Mode string
}
// Providers returns the network provider set
func Providers(opt Opt) (map[pb.NetMode]network.Provider, error) {
var defaultProvider network.Provider
switch opt.Mode {
case "cni":
cniProvider, err := cniprovider.New(opt.CNI)
if err != nil {
return nil, err
}
defaultProvider = cniProvider
case "host":
defaultProvider = network.NewHostProvider()
case "auto", "":
if _, err := os.Stat(opt.CNI.ConfigPath); err == nil {
cniProvider, err := cniprovider.New(opt.CNI)
if err != nil {
return nil, err
}
defaultProvider = cniProvider
} else {
logrus.Warnf("using host network as the default")
defaultProvider = network.NewHostProvider()
}
default:
return nil, errors.Errorf("invalid network mode: %q", opt.Mode)
}
return map[pb.NetMode]network.Provider{
pb.NetMode_UNSET: defaultProvider,
pb.NetMode_HOST: network.NewHostProvider(),
pb.NetMode_NONE: network.NewNoneProvider(),
}, nil
}

40
vendor/github.com/moby/buildkit/util/rootless/specconv/specconv_linux.go generated vendored
View File

@@ -1,40 +0,0 @@
package specconv
import (
"strings"
"github.com/opencontainers/runtime-spec/specs-go"
)
// ToRootless converts spec to be compatible with "rootless" runc.
// * Remove /sys mount
// * Remove cgroups
//
// See docs/rootless.md for the supported runc revision.
func ToRootless(spec *specs.Spec) error {
// Remove /sys mount because we can't mount /sys when the daemon netns
// is not unshared from the host.
//
// Instead, we could bind-mount /sys from the host, however, `rbind, ro`
// does not make /sys/fs/cgroup read-only (and we can't bind-mount /sys
// without rbind)
//
// PR for making /sys/fs/cgroup read-only is proposed, but it is very
// complicated: https://github.com/opencontainers/runc/pull/1869
//
// For buildkit usecase, we suppose we don't need to provide /sys to
// containers and remove /sys mount as a workaround.
var mounts []specs.Mount
for _, mount := range spec.Mounts {
if strings.HasPrefix(mount.Destination, "/sys") {
continue
}
mounts = append(mounts, mount)
}
spec.Mounts = mounts
// Remove cgroups so as to avoid `container_linux.go:337: starting container process caused "process_linux.go:280: applying cgroup configuration for process caused \"mkdir /sys/fs/cgroup/cpuset/buildkit: permission denied\""`
spec.Linux.Resources = nil
spec.Linux.CgroupsPath = ""
return nil
}