Commit graph

32 commits

Author SHA1 Message Date
Daniel J Walsh
c2c148f18d We need to release the SELinux label when we destroy the sandbox
This will release the MCS Label to be used again.  Only do this if we
don't have another sandbox using the same label.

Also vendor in the latest selinux go bindings, which fixes a leak and
properly reserves the SELinux label we are going to use.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-25 02:35:20 +00:00
Antonio Murdaca
af0a494251
container_create: handle cap add/drop ALL
Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-09-07 16:43:33 +02:00
Ryan Cole
ceeed6c32e add kpod stats function
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-08-17 11:34:10 -04:00
Ryan Cole
65eec38754 Vendor in files for runc/libcontainer
vndr was previously removing .go files in runc/libcontainer since they weren't used anywhere
in cri-o, but kpod stats will use them

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
2017-08-17 11:33:51 -04:00
Daniel J Walsh
63a218a458 Move to new github.com/sirupsen/logrus.
Need to mv to latest released and supported version of logrus
switch github.com/Sirupsen/logrus github.com/sirupsen/logrus

Also vendor in latest containers/storage and containers/image

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-08-07 11:50:04 -04:00
Dan Walsh
d76645680f Bump image, storage, and image-spec
Bump containers/image (pulling in its new dependency on ostree-go),
containers/storage, and updated image-spec.

This pulls in the OCI v1.0 specifications and code that allows us to
support 1.0 images.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-07-24 13:01:54 -04:00
Mrunal Patel
4128bbd7dc Bump up runtime-spec dependency to v1.0.0
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2017-07-19 21:38:05 -07:00
Dan Walsh
a9a1b04510 Vendor in latest opencontainers/runtime-tools
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2017-06-22 13:32:30 -04:00
Antonio Murdaca
148e72d81e
vendor: remove dep and use vndr
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-06-07 00:04:21 +02:00
Antonio Murdaca
b4f1cee2a2
server: store and use image's stop signal to stop containers
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-05-27 10:21:04 +02:00
Antonio Murdaca
ecd0006e80
vendor: upgrade containers/storage
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-05-17 22:18:07 +02:00
Antonio Murdaca
2d997859de
vendor: bump oci/runtime-tools to fix caps drop
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-05-12 18:20:23 +02:00
Jacek J. Łakis
bf51655a7b vendor: Update vendoring for the exec client and server implementations
Signed-off-by: Jacek J. Łakis <jacek.lakis@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-04-24 18:38:41 +02:00
Mrunal Patel
24df2538db Update runtime-spec to v1.0.0.rc5
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-04-12 19:15:53 -07:00
Daniel J Walsh
7f21253f57 Vendor in opencontainers/selinux
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-03-23 15:53:10 -04:00
Mrunal Patel
6bd7c53568 Merge pull request from runcom/bump-runc
bump runc@b263a43430ac6996a4302b891688544225197294
2017-02-07 15:06:39 -08:00
Antonio Murdaca
c258a2d8f0
bump runc@b263a43430ac6996a4302b891688544225197294
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-02-07 10:57:46 +01:00
Michał Żyłowski
52baf68d50 Vendor: Update k8s version
Signed-off-by: Michał Żyłowski <michal.zylowski@intel.com>
2017-02-03 16:04:59 +01:00
Mrunal Patel
8e5b17cf13 Switch to github.com/golang/dep for vendoring
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-01-31 16:45:59 -08:00
Nalin Dahyabhai
caee4a99c9 Vendor containers/image and containers/storage
Vendor updated containers/image and containers/storage, along
with any new dependencies they drag in, and updated versions of other
dependencies that happen to get pulled in.

github.com/coreos/go-systemd/daemon/SdNotify() now takes a boolean to
control whether or not it unsets the NOTIFY_SOCKET variable from the
calling process's environment.  Adapt.

github.com/opencontainers/runtime-tools/generate/Generator.AddProcessEnv()
now takes the environment variable name and value as two arguments, not
one.  Adapt.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-01-18 10:21:59 -05:00
Jonathan Yu
6c9628cdb1
Build and install from GOPATH
* Rename 'vendor/src' -> 'vendor'
  * Ignore vendor/ instead of vendor/src/ for lint
* Rename 'cmd/client' -> 'cmd/ocic' to make it 'go install'able
* Rename 'cmd/server' -> 'cmd/ocid' to make it 'go install'able
* Update Makefile to build and install from GOPATH
* Update tests to locate ocid/ocic in GOPATH/bin
* Search for binaries in GOPATH/bin instead of PATH
* Install tools using `go get -u`, so they are updated on each run

Signed-off-by: Jonathan Yu <jawnsy@redhat.com>
2017-01-17 12:09:09 -08:00
Antonio Murdaca
a16a4df967
vendor to ./vendor/src
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-24 00:37:09 +02:00
Antonio Murdaca
569183030f
fix vendored deps
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
e269cb8b7e
new vendoring
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
dee7479483
remove glide deps
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
4bc8701fc0
*: switch from godep to glide
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-17 17:06:30 +02:00
Haiyan Meng
47f0c1b4e5 Vendor the latest ocitools generate library
The new generate library provides APIs for setting oom_score_adj.

Signed-off-by: Haiyan Meng <haiyanalady@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
18112081c2 godep update ocitools/generate
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
f2a2b06e61 godep update ocitools/generate
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
819d76b6fd Add first version of createPodSandbox
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
d8ae7178e2 pull in containers/image deps
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
90a446e2a5 Import ocitools/generate library
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00