From f0d8f798a1705f2c4e4af37cb68c55d3f72a2efc Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Tue, 11 Jan 2022 18:47:37 +0100 Subject: [PATCH] update c/common to latest Signed-off-by: Paul Holzinger --- go.mod | 2 +- go.sum | 4 +- .../containers/common/libimage/pull.go | 47 +++++-------- .../libnetwork/internal/util/validate.go | 14 ++-- .../common/libnetwork/netavark/config.go | 68 +++++++++++-------- vendor/modules.txt | 2 +- 6 files changed, 69 insertions(+), 68 deletions(-) diff --git a/go.mod b/go.mod index 50e217bde14..b8706ec4d3d 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.13 require ( github.com/containerd/containerd v1.5.9 github.com/containernetworking/cni v1.0.1 - github.com/containers/common v0.46.1-0.20220110152253-5476e2b8dc46 + github.com/containers/common v0.46.1-0.20220110165509-08c2c97e5e25 github.com/containers/image/v5 v5.17.1-0.20220106205022-73f80d60f0e1 github.com/containers/ocicrypt v1.1.2 github.com/containers/storage v1.37.1-0.20211122164443-82b8f06bfc08 diff --git a/go.sum b/go.sum index 4622f521567..c62b695aae5 100644 --- a/go.sum +++ b/go.sum @@ -266,8 +266,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= github.com/containernetworking/plugins v1.0.1 h1:wwCfYbTCj5FC0EJgyzyjTXmqysOiJE9r712Z+2KVZAk= github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= -github.com/containers/common v0.46.1-0.20220110152253-5476e2b8dc46 h1:LHeJjs8IJ4d9k8bCNs6L8lesi10Zk0LNnZ3fyxL6uXk= -github.com/containers/common v0.46.1-0.20220110152253-5476e2b8dc46/go.mod h1:hXUU9gtA8V9dSLHhizp/k/s0ZXBzrnUSScUfrsw8z2Y= +github.com/containers/common v0.46.1-0.20220110165509-08c2c97e5e25 h1:LwpIG1dHUvMyuarbmR+KMLi4EF3Ca0afNw15KHN3rDM= +github.com/containers/common v0.46.1-0.20220110165509-08c2c97e5e25/go.mod h1:hXUU9gtA8V9dSLHhizp/k/s0ZXBzrnUSScUfrsw8z2Y= github.com/containers/image/v5 v5.17.1-0.20220106205022-73f80d60f0e1 h1:IIxEBQaYuj6w15h2q6mc8gB4MF6oSeDnOaq3pbVk3mg= github.com/containers/image/v5 v5.17.1-0.20220106205022-73f80d60f0e1/go.mod h1:daAiRXgcGIf/7eD7B2EkuHHw084/8M8Kh35rzOu56y0= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE= diff --git a/vendor/github.com/containers/common/libimage/pull.go b/vendor/github.com/containers/common/libimage/pull.go index 84ce107ee34..ba741c622ed 100644 --- a/vendor/github.com/containers/common/libimage/pull.go +++ b/vendor/github.com/containers/common/libimage/pull.go @@ -464,37 +464,18 @@ func (r *Runtime) copySingleImageFromRegistry(ctx context.Context, imageName str } } - customPlatform := false - if len(options.Architecture)+len(options.OS)+len(options.Variant) > 0 { - customPlatform = true - // Unless the pull policy is "always", we must pessimistically assume - // that the local image has an invalid architecture (see - // containers/podman/issues/10682). Hence, whenever the user requests - // a custom platform, set the pull policy to "always" to make sure - // we're pulling down the image. + customPlatform := len(options.Architecture)+len(options.OS)+len(options.Variant) > 0 + if customPlatform && pullPolicy != config.PullPolicyAlways && pullPolicy != config.PullPolicyNever { + // Unless the pull policy is always/never, we must + // pessimistically assume that the local image has an invalid + // architecture (see containers/podman/issues/10682). Hence, + // whenever the user requests a custom platform, set the pull + // policy to "newer" to make sure we're pulling down the + // correct image. // - // NOTE that this is will even override --pull={false,never}. This is - // very likely a bug but a consistent one in Podman/Buildah and should - // be addressed at a later point. - if pullPolicy != config.PullPolicyAlways && pullPolicy != config.PullPolicyNever { - switch { - // User input clearly refer to a local image. - case strings.HasPrefix(imageName, "localhost/"): - logrus.Debugf("Enforcing pull policy to %q to support custom platform (arch: %q, os: %q, variant: %q)", "never", options.Architecture, options.OS, options.Variant) - pullPolicy = config.PullPolicyNever - - // Image resolved to a local one, so let's still have a - // look at the registries or aliases but use it - // otherwise. - case strings.HasPrefix(resolvedImageName, "localhost/"): - logrus.Debugf("Enforcing pull policy to %q to support custom platform (arch: %q, os: %q, variant: %q)", "newer", options.Architecture, options.OS, options.Variant) - pullPolicy = config.PullPolicyNewer - - default: - logrus.Debugf("Enforcing pull policy to %q to support custom platform (arch: %q, os: %q, variant: %q)", "always", options.Architecture, options.OS, options.Variant) - pullPolicy = config.PullPolicyAlways - } - } + // NOTE that this is will even override --pull={false,never}. + pullPolicy = config.PullPolicyNewer + logrus.Debugf("Enforcing pull policy to %q to pull custom platform (arch: %q, os: %q, variant: %q) - local image may mistakenly specify wrong platform", pullPolicy, options.Architecture, options.OS, options.Variant) } if pullPolicy == config.PullPolicyNever { @@ -540,6 +521,12 @@ func (r *Runtime) copySingleImageFromRegistry(ctx context.Context, imageName str sys := r.systemContextCopy() resolved, err := shortnames.Resolve(sys, imageName) if err != nil { + // TODO: that is a too big of a hammer since we should only + // ignore errors that indicate that there's no alias and no + // USRs. Must be addressed in c/image first. + if localImage != nil && pullPolicy == config.PullPolicyNewer { + return []string{resolvedImageName}, nil + } return nil, err } diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go index 322bf2c315d..bfc5e224768 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go @@ -109,14 +109,16 @@ func validatePerNetworkOpts(network *types.Network, netOpts *types.PerNetworkOpt if netOpts.InterfaceName == "" { return errors.Errorf("interface name on network %s is empty", network.Name) } -outer: - for _, ip := range netOpts.StaticIPs { - for _, s := range network.Subnets { - if s.Subnet.Contains(ip) { - continue outer + if network.IPAMOptions["driver"] == types.HostLocalIPAMDriver { + outer: + for _, ip := range netOpts.StaticIPs { + for _, s := range network.Subnets { + if s.Subnet.Contains(ip) { + continue outer + } } + return errors.Errorf("requested static ip %s not in any subnet on network %s", ip.String(), network.Name) } - return errors.Errorf("requested static ip %s not in any subnet on network %s", ip.String(), network.Name) } return nil } diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 15c9f8337a5..6d2daf299b3 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -107,35 +107,10 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo } } case types.MacVLANNetworkDriver: - if newNetwork.Internal { - return nil, errors.New("internal is not supported with macvlan") - } - if newNetwork.NetworkInterface != "" { - interfaceNames, err := internalutil.GetLiveNetworkNames() - if err != nil { - return nil, err - } - if !util.StringInSlice(newNetwork.NetworkInterface, interfaceNames) { - return nil, errors.Errorf("parent interface %s does not exist", newNetwork.NetworkInterface) - } - } - if len(newNetwork.Subnets) == 0 { - return nil, errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not supported with netavark") - } - newNetwork.IPAMOptions["driver"] = types.HostLocalIPAMDriver - - // validate the given options, we do not need them but just check to make sure they are valid - for key, value := range newNetwork.Options { - switch key { - case "mode": - if !util.StringInSlice(value, types.ValidMacVLANModes) { - return nil, errors.Errorf("unknown macvlan mode %q", value) - } - default: - return nil, errors.Errorf("unsupported macvlan network option %s", key) - } + err = createMacvlan(newNetwork) + if err != nil { + return nil, err } - default: return nil, errors.Wrapf(types.ErrInvalidArg, "unsupported driver %s", newNetwork.Driver) } @@ -169,6 +144,43 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo return newNetwork, nil } +func createMacvlan(network *types.Network) error { + if network.Internal { + return errors.New("internal is not supported with macvlan") + } + if network.NetworkInterface != "" { + interfaceNames, err := internalutil.GetLiveNetworkNames() + if err != nil { + return err + } + if !util.StringInSlice(network.NetworkInterface, interfaceNames) { + return errors.Errorf("parent interface %s does not exist", network.NetworkInterface) + } + } + if len(network.Subnets) == 0 { + return errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not supported with netavark") + } + network.IPAMOptions["driver"] = types.HostLocalIPAMDriver + + // validate the given options, we do not need them but just check to make sure they are valid + for key, value := range network.Options { + switch key { + case "mode": + if !util.StringInSlice(value, types.ValidMacVLANModes) { + return errors.Errorf("unknown macvlan mode %q", value) + } + case "mtu": + _, err := internalutil.ParseMTU(value) + if err != nil { + return err + } + default: + return errors.Errorf("unsupported macvlan network option %s", key) + } + } + return nil +} + // NetworkRemove will remove the Network with the given name or ID. // It does not ensure that the network is unused. func (n *netavarkNetwork) NetworkRemove(nameOrID string) error { diff --git a/vendor/modules.txt b/vendor/modules.txt index 3e7a3dd5b75..e93dac72299 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -67,7 +67,7 @@ github.com/containernetworking/cni/pkg/utils github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.0.1 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/common v0.46.1-0.20220110152253-5476e2b8dc46 +# github.com/containers/common v0.46.1-0.20220110165509-08c2c97e5e25 github.com/containers/common/libimage github.com/containers/common/libimage/manifests github.com/containers/common/libnetwork/cni