Merge pull request #2520 from thaJeztah/bump_runtime_spec
vendor: update runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
This commit is contained in:
commit
234d15ecd0
2
go.mod
2
go.mod
|
@ -13,7 +13,7 @@ require (
|
||||||
github.com/golang/protobuf v1.4.2
|
github.com/golang/protobuf v1.4.2
|
||||||
github.com/moby/sys/mountinfo v0.1.3
|
github.com/moby/sys/mountinfo v0.1.3
|
||||||
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
|
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
|
||||||
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2
|
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
|
||||||
github.com/opencontainers/selinux v1.6.0
|
github.com/opencontainers/selinux v1.6.0
|
||||||
github.com/pkg/errors v0.9.1
|
github.com/pkg/errors v0.9.1
|
||||||
github.com/seccomp/libseccomp-golang v0.9.1
|
github.com/seccomp/libseccomp-golang v0.9.1
|
||||||
|
|
6
go.sum
6
go.sum
|
@ -36,8 +36,10 @@ github.com/moby/sys/mountinfo v0.1.3 h1:KIrhRO14+AkwKvG/g2yIpNMOUVZ02xNhOw8KY1Ws
|
||||||
github.com/moby/sys/mountinfo v0.1.3/go.mod h1:w2t2Avltqx8vE7gX5l+QiBKxODu2TX0+Syr3h52Tw4o=
|
github.com/moby/sys/mountinfo v0.1.3/go.mod h1:w2t2Avltqx8vE7gX5l+QiBKxODu2TX0+Syr3h52Tw4o=
|
||||||
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 h1:aZQToFSLH8ejFeSkTc3r3L4dPImcj7Ib/KgmkQqbGGg=
|
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976 h1:aZQToFSLH8ejFeSkTc3r3L4dPImcj7Ib/KgmkQqbGGg=
|
||||||
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0=
|
github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0=
|
||||||
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2 h1:9mv9SC7GWmRWE0J/+oD8w3GsN2KYGKtg6uwLN7hfP5E=
|
github.com/opencontainers/runtime-spec v1.0.3-0.20200710190001-3e4195d92445 h1:y8cfsJRmn8g3VkM4IDpusKSgMUZEXhudm/BuYANLozE=
|
||||||
github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
github.com/opencontainers/runtime-spec v1.0.3-0.20200710190001-3e4195d92445/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
||||||
|
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 h1:NhsM2gc769rVWDqJvapK37r+7+CBXI8xHhnfnt8uQsg=
|
||||||
|
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
||||||
github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY=
|
github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY=
|
||||||
github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
|
github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
|
||||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
|
|
|
@ -239,15 +239,6 @@ const (
|
||||||
Poststop = "poststop"
|
Poststop = "poststop"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO move this to runtime-spec
|
|
||||||
// See: https://github.com/opencontainers/runtime-spec/pull/1046
|
|
||||||
const (
|
|
||||||
Creating = "creating"
|
|
||||||
Created = "created"
|
|
||||||
Running = "running"
|
|
||||||
Stopped = "stopped"
|
|
||||||
)
|
|
||||||
|
|
||||||
type Capabilities struct {
|
type Capabilities struct {
|
||||||
// Bounding is the set of capabilities checked by the kernel.
|
// Bounding is the set of capabilities checked by the kernel.
|
||||||
Bounding []string
|
Bounding []string
|
||||||
|
|
|
@ -1911,7 +1911,7 @@ func (c *linuxContainer) currentOCIState() (*specs.State, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
state.Status = status.String()
|
state.Status = specs.ContainerState(status.String())
|
||||||
if status != Stopped {
|
if status != Stopped {
|
||||||
if c.initProcess != nil {
|
if c.initProcess != nil {
|
||||||
state.Pid = c.initProcess.pid()
|
state.Pid = c.initProcess.pid()
|
||||||
|
|
|
@ -19,7 +19,7 @@ import (
|
||||||
"github.com/opencontainers/runc/libcontainer/logs"
|
"github.com/opencontainers/runc/libcontainer/logs"
|
||||||
"github.com/opencontainers/runc/libcontainer/system"
|
"github.com/opencontainers/runc/libcontainer/system"
|
||||||
"github.com/opencontainers/runc/libcontainer/utils"
|
"github.com/opencontainers/runc/libcontainer/utils"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
@ -400,7 +400,7 @@ func (p *initProcess) start() (retErr error) {
|
||||||
}
|
}
|
||||||
// initProcessStartTime hasn't been set yet.
|
// initProcessStartTime hasn't been set yet.
|
||||||
s.Pid = p.cmd.Process.Pid
|
s.Pid = p.cmd.Process.Pid
|
||||||
s.Status = configs.Creating
|
s.Status = specs.StateCreating
|
||||||
hooks := p.config.Config.Hooks
|
hooks := p.config.Config.Hooks
|
||||||
|
|
||||||
if err := hooks[configs.Prestart].RunHooks(s); err != nil {
|
if err := hooks[configs.Prestart].RunHooks(s); err != nil {
|
||||||
|
@ -433,7 +433,7 @@ func (p *initProcess) start() (retErr error) {
|
||||||
}
|
}
|
||||||
// initProcessStartTime hasn't been set yet.
|
// initProcessStartTime hasn't been set yet.
|
||||||
s.Pid = p.cmd.Process.Pid
|
s.Pid = p.cmd.Process.Pid
|
||||||
s.Status = configs.Creating
|
s.Status = specs.StateCreating
|
||||||
hooks := p.config.Config.Hooks
|
hooks := p.config.Config.Hooks
|
||||||
|
|
||||||
if err := hooks[configs.Prestart].RunHooks(s); err != nil {
|
if err := hooks[configs.Prestart].RunHooks(s); err != nil {
|
||||||
|
|
|
@ -20,6 +20,7 @@ import (
|
||||||
"github.com/opencontainers/runc/libcontainer/configs"
|
"github.com/opencontainers/runc/libcontainer/configs"
|
||||||
"github.com/opencontainers/runc/libcontainer/system"
|
"github.com/opencontainers/runc/libcontainer/system"
|
||||||
libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils"
|
libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"github.com/opencontainers/selinux/go-selinux/label"
|
"github.com/opencontainers/selinux/go-selinux/label"
|
||||||
|
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
|
@ -100,7 +101,7 @@ func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) {
|
||||||
|
|
||||||
s := iConfig.SpecState
|
s := iConfig.SpecState
|
||||||
s.Pid = unix.Getpid()
|
s.Pid = unix.Getpid()
|
||||||
s.Status = configs.Creating
|
s.Status = specs.StateCreating
|
||||||
if err := iConfig.Config.Hooks[configs.CreateContainer].RunHooks(s); err != nil {
|
if err := iConfig.Config.Hooks[configs.CreateContainer].RunHooks(s); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,9 +13,9 @@ import (
|
||||||
"github.com/opencontainers/runc/libcontainer/keys"
|
"github.com/opencontainers/runc/libcontainer/keys"
|
||||||
"github.com/opencontainers/runc/libcontainer/seccomp"
|
"github.com/opencontainers/runc/libcontainer/seccomp"
|
||||||
"github.com/opencontainers/runc/libcontainer/system"
|
"github.com/opencontainers/runc/libcontainer/system"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"github.com/opencontainers/selinux/go-selinux"
|
"github.com/opencontainers/selinux/go-selinux"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -210,7 +210,7 @@ func (l *linuxStandardInit) Init() error {
|
||||||
|
|
||||||
s := l.config.SpecState
|
s := l.config.SpecState
|
||||||
s.Pid = unix.Getpid()
|
s.Pid = unix.Getpid()
|
||||||
s.Status = configs.Created
|
s.Status = specs.StateCreated
|
||||||
if err := l.config.Config.Hooks[configs.StartContainer].RunHooks(s); err != nil {
|
if err := l.config.Config.Hooks[configs.StartContainer].RunHooks(s); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,7 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
"github.com/opencontainers/runc/libcontainer/configs"
|
"github.com/opencontainers/runc/libcontainer/configs"
|
||||||
|
"github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
@ -70,7 +70,7 @@ func runPoststopHooks(c *linuxContainer) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
s.Status = configs.Stopped
|
s.Status = specs.StateStopped
|
||||||
|
|
||||||
if err := hooks[configs.Poststop].RunHooks(s); err != nil {
|
if err := hooks[configs.Poststop].RunHooks(s); err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -90,7 +90,7 @@ type User struct {
|
||||||
// GID is the group id.
|
// GID is the group id.
|
||||||
GID uint32 `json:"gid" platform:"linux,solaris"`
|
GID uint32 `json:"gid" platform:"linux,solaris"`
|
||||||
// Umask is the umask for the init process.
|
// Umask is the umask for the init process.
|
||||||
Umask uint32 `json:"umask,omitempty" platform:"linux,solaris"`
|
Umask *uint32 `json:"umask,omitempty" platform:"linux,solaris"`
|
||||||
// AdditionalGids are additional group ids set for the container's process.
|
// AdditionalGids are additional group ids set for the container's process.
|
||||||
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"`
|
AdditionalGids []uint32 `json:"additionalGids,omitempty" platform:"linux,solaris"`
|
||||||
// Username is the user name.
|
// Username is the user name.
|
||||||
|
@ -635,12 +635,13 @@ type LinuxSeccompAction string
|
||||||
|
|
||||||
// Define actions for Seccomp rules
|
// Define actions for Seccomp rules
|
||||||
const (
|
const (
|
||||||
ActKill LinuxSeccompAction = "SCMP_ACT_KILL"
|
ActKill LinuxSeccompAction = "SCMP_ACT_KILL"
|
||||||
ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP"
|
ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS"
|
||||||
ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO"
|
ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP"
|
||||||
ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE"
|
ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO"
|
||||||
ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW"
|
ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE"
|
||||||
ActLog LinuxSeccompAction = "SCMP_ACT_LOG"
|
ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW"
|
||||||
|
ActLog LinuxSeccompAction = "SCMP_ACT_LOG"
|
||||||
)
|
)
|
||||||
|
|
||||||
// LinuxSeccompOperator used to match syscall arguments in Seccomp
|
// LinuxSeccompOperator used to match syscall arguments in Seccomp
|
||||||
|
|
|
@ -1,5 +1,23 @@
|
||||||
package specs
|
package specs
|
||||||
|
|
||||||
|
// ContainerState represents the state of a container.
|
||||||
|
type ContainerState string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// StateCreating indicates that the container is being created
|
||||||
|
StateCreating ContainerState = "creating"
|
||||||
|
|
||||||
|
// StateCreated indicates that the runtime has finished the create operation
|
||||||
|
StateCreated ContainerState = "created"
|
||||||
|
|
||||||
|
// StateRunning indicates that the container process has executed the
|
||||||
|
// user-specified program but has not exited
|
||||||
|
StateRunning ContainerState = "running"
|
||||||
|
|
||||||
|
// StateStopped indicates that the container process has exited
|
||||||
|
StateStopped ContainerState = "stopped"
|
||||||
|
)
|
||||||
|
|
||||||
// State holds information about the runtime state of the container.
|
// State holds information about the runtime state of the container.
|
||||||
type State struct {
|
type State struct {
|
||||||
// Version is the version of the specification that is supported.
|
// Version is the version of the specification that is supported.
|
||||||
|
@ -7,7 +25,7 @@ type State struct {
|
||||||
// ID is the container ID
|
// ID is the container ID
|
||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
// Status is the runtime status of the container.
|
// Status is the runtime status of the container.
|
||||||
Status string `json:"status"`
|
Status ContainerState `json:"status"`
|
||||||
// Pid is the process ID for the container process.
|
// Pid is the process ID for the container process.
|
||||||
Pid int `json:"pid,omitempty"`
|
Pid int `json:"pid,omitempty"`
|
||||||
// Bundle is the path to the container's bundle directory.
|
// Bundle is the path to the container's bundle directory.
|
||||||
|
|
|
@ -38,7 +38,7 @@ github.com/moby/sys/mountinfo
|
||||||
# github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
|
# github.com/mrunalp/fileutils v0.0.0-20200520151820-abd8a0e76976
|
||||||
## explicit
|
## explicit
|
||||||
github.com/mrunalp/fileutils
|
github.com/mrunalp/fileutils
|
||||||
# github.com/opencontainers/runtime-spec v1.0.3-0.20200520003142-237cc4f519e2
|
# github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
|
||||||
## explicit
|
## explicit
|
||||||
github.com/opencontainers/runtime-spec/specs-go
|
github.com/opencontainers/runtime-spec/specs-go
|
||||||
# github.com/opencontainers/selinux v1.6.0
|
# github.com/opencontainers/selinux v1.6.0
|
||||||
|
|
Loading…
Reference in New Issue