Merge pull request #2520 from thaJeztah/bump_runtime_spec

vendor: update runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
This commit is contained in:
Akihiro Suda 2020-08-04 14:05:33 +09:00 committed by GitHub
commit 234d15ecd0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 43 additions and 30 deletions

2
go.mod
View File

@ -13,7 +13,7 @@ require (
github.com/golang/protobuf v1.4.2 github.com/golang/protobuf v1.4.2
github.com/moby/sys/mountinfo v0.1.3 github.com/moby/sys/mountinfo v0.1.3
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2 github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
github.com/opencontainers/selinux v1.6.0 github.com/opencontainers/selinux v1.6.0
github.com/pkg/errors v0.9.1 github.com/pkg/errors v0.9.1
github.com/seccomp/libseccomp-golang v0.9.1 github.com/seccomp/libseccomp-golang v0.9.1

6
go.sum
View File

@ -36,8 +36,10 @@ github.com/moby/sys/mountinfo v0.1.3 h1:KIrhRO14+AkwKvG/g2yIpNMOUVZ02xNhOw8KY1Ws
github.com/moby/sys/mountinfo v0.1.3/go.mod h1:w2t2Avltqx8vE7gX5l+QiBKxODu2TX0+Syr3h52Tw4o= github.com/moby/sys/mountinfo v0.1.3/go.mod h1:w2t2Avltqx8vE7gX5l+QiBKxODu2TX0+Syr3h52Tw4o=
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 h1:aZQToFSLH8ejFeSkTc3r3L4dPImcj7Ib/KgmkQqbGGg= github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 h1:aZQToFSLH8ejFeSkTc3r3L4dPImcj7Ib/KgmkQqbGGg=
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0= github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0=
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2 h1:9mv9SC7GWmRWE0J/+oD8w3GsN2KYGKtg6uwLN7hfP5E= github.com/opencontainers/runtime-spec v1.0.3-0.20200710190001-3e4195d92445 h1:y8cfsJRmn8g3VkM4IDpusKSgMUZEXhudm/BuYANLozE=
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200710190001-3e4195d92445/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 h1:NhsM2gc769rVWDqJvapK37r+7+CBXI8xHhnfnt8uQsg=
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY= github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY=
github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

View File

@ -239,15 +239,6 @@ const (
Poststop = "poststop" Poststop = "poststop"
) )
// TODO move this to runtime-spec
// See: https://github.com/opencontainers/runtime-spec/pull/1046
const (
Creating = "creating"
Created = "created"
Running = "running"
Stopped = "stopped"
)
type Capabilities struct { type Capabilities struct {
// Bounding is the set of capabilities checked by the kernel. // Bounding is the set of capabilities checked by the kernel.
Bounding []string Bounding []string

View File

@ -1911,7 +1911,7 @@ func (c *linuxContainer) currentOCIState() (*specs.State, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
state.Status = status.String() state.Status = specs.ContainerState(status.String())
if status != Stopped { if status != Stopped {
if c.initProcess != nil { if c.initProcess != nil {
state.Pid = c.initProcess.pid() state.Pid = c.initProcess.pid()

View File

@ -19,7 +19,7 @@ import (
"github.com/opencontainers/runc/libcontainer/logs" "github.com/opencontainers/runc/libcontainer/logs"
"github.com/opencontainers/runc/libcontainer/system" "github.com/opencontainers/runc/libcontainer/system"
"github.com/opencontainers/runc/libcontainer/utils" "github.com/opencontainers/runc/libcontainer/utils"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
@ -400,7 +400,7 @@ func (p *initProcess) start() (retErr error) {
} }
// initProcessStartTime hasn't been set yet. // initProcessStartTime hasn't been set yet.
s.Pid = p.cmd.Process.Pid s.Pid = p.cmd.Process.Pid
s.Status = configs.Creating s.Status = specs.StateCreating
hooks := p.config.Config.Hooks hooks := p.config.Config.Hooks
if err := hooks[configs.Prestart].RunHooks(s); err != nil { if err := hooks[configs.Prestart].RunHooks(s); err != nil {
@ -433,7 +433,7 @@ func (p *initProcess) start() (retErr error) {
} }
// initProcessStartTime hasn't been set yet. // initProcessStartTime hasn't been set yet.
s.Pid = p.cmd.Process.Pid s.Pid = p.cmd.Process.Pid
s.Status = configs.Creating s.Status = specs.StateCreating
hooks := p.config.Config.Hooks hooks := p.config.Config.Hooks
if err := hooks[configs.Prestart].RunHooks(s); err != nil { if err := hooks[configs.Prestart].RunHooks(s); err != nil {

View File

@ -20,6 +20,7 @@ import (
"github.com/opencontainers/runc/libcontainer/configs" "github.com/opencontainers/runc/libcontainer/configs"
"github.com/opencontainers/runc/libcontainer/system" "github.com/opencontainers/runc/libcontainer/system"
libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils" libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux/label" "github.com/opencontainers/selinux/go-selinux/label"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
@ -100,7 +101,7 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) {
s := iConfig.SpecState s := iConfig.SpecState
s.Pid = unix.Getpid() s.Pid = unix.Getpid()
s.Status = configs.Creating s.Status = specs.StateCreating
if err := iConfig.Config.Hooks[configs.CreateContainer].RunHooks(s); err != nil { if err := iConfig.Config.Hooks[configs.CreateContainer].RunHooks(s); err != nil {
return err return err
} }

View File

@ -13,9 +13,9 @@ import (
"github.com/opencontainers/runc/libcontainer/keys" "github.com/opencontainers/runc/libcontainer/keys"
"github.com/opencontainers/runc/libcontainer/seccomp" "github.com/opencontainers/runc/libcontainer/seccomp"
"github.com/opencontainers/runc/libcontainer/system" "github.com/opencontainers/runc/libcontainer/system"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux" "github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors" "github.com/pkg/errors"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
@ -210,7 +210,7 @@ func (l *linuxStandardInit) Init() error {
s := l.config.SpecState s := l.config.SpecState
s.Pid = unix.Getpid() s.Pid = unix.Getpid()
s.Status = configs.Created s.Status = specs.StateCreated
if err := l.config.Config.Hooks[configs.StartContainer].RunHooks(s); err != nil { if err := l.config.Config.Hooks[configs.StartContainer].RunHooks(s); err != nil {
return err return err
} }

View File

@ -8,7 +8,7 @@ import (
"path/filepath" "path/filepath"
"github.com/opencontainers/runc/libcontainer/configs" "github.com/opencontainers/runc/libcontainer/configs"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
@ -70,7 +70,7 @@ func runPoststopHooks(c *linuxContainer) error {
if err != nil { if err != nil {
return err return err
} }
s.Status = configs.Stopped s.Status = specs.StateStopped
if err := hooks[configs.Poststop].RunHooks(s); err != nil { if err := hooks[configs.Poststop].RunHooks(s); err != nil {
return err return err

View File

@ -90,7 +90,7 @@ type User struct {
// GID is the group id. // GID is the group id.
GID uint32 `json:"gid" platform:"linux,solaris"` GID uint32 `json:"gid" platform:"linux,solaris"`
// Umask is the umask for the init process. // Umask is the umask for the init process.
Umask uint32 `json:"umask,omitempty" platform:"linux,solaris"` Umask *uint32 `json:"umask,omitempty" platform:"linux,solaris"`
// AdditionalGids are additional group ids set for the container's process. // AdditionalGids are additional group ids set for the container's process.
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"` AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"`
// Username is the user name. // Username is the user name.
@ -636,6 +636,7 @@ type LinuxSeccompAction string
// Define actions for Seccomp rules // Define actions for Seccomp rules
const ( const (
ActKill LinuxSeccompAction = "SCMP_ACT_KILL" ActKill LinuxSeccompAction = "SCMP_ACT_KILL"
ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS"
ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP"
ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO"
ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE" ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE"

View File

@ -1,5 +1,23 @@
package specs package specs
// ContainerState represents the state of a container.
type ContainerState string
const (
// StateCreating indicates that the container is being created
StateCreating ContainerState = "creating"
// StateCreated indicates that the runtime has finished the create operation
StateCreated ContainerState = "created"
// StateRunning indicates that the container process has executed the
// user-specified program but has not exited
StateRunning ContainerState = "running"
// StateStopped indicates that the container process has exited
StateStopped ContainerState = "stopped"
)
// State holds information about the runtime state of the container. // State holds information about the runtime state of the container.
type State struct { type State struct {
// Version is the version of the specification that is supported. // Version is the version of the specification that is supported.
@ -7,7 +25,7 @@ type State struct {
// ID is the container ID // ID is the container ID
ID string `json:"id"` ID string `json:"id"`
// Status is the runtime status of the container. // Status is the runtime status of the container.
Status string `json:"status"` Status ContainerState `json:"status"`
// Pid is the process ID for the container process. // Pid is the process ID for the container process.
Pid int `json:"pid,omitempty"` Pid int `json:"pid,omitempty"`
// Bundle is the path to the container's bundle directory. // Bundle is the path to the container's bundle directory.

2
vendor/modules.txt vendored
View File

@ -38,7 +38,7 @@ github.com/moby/sys/mountinfo
# github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 # github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
## explicit ## explicit
github.com/mrunalp/fileutils github.com/mrunalp/fileutils
# github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2 # github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
## explicit ## explicit
github.com/opencontainers/runtime-spec/specs-go github.com/opencontainers/runtime-spec/specs-go
# github.com/opencontainers/selinux v1.6.0 # github.com/opencontainers/selinux v1.6.0