If a packager wants to be able to support addititional arguments on his
hook this will allow them to setup the configuration with these arguments.
For example this would allow a hook developer to add support for a --debug
flag to change the level of debugging in his hook.
In order to complete this task, I had to vendor in the latest
github.com://opencontainers/runtime-tools, which caused me to have to fix a
Mount and Capability interface calls
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Bump containers/image to 3d0304a02154dddc8f97cc833aa0861cea5e9ade, and
containers/storage to 0d32dfce498e06c132c60dac945081bf44c22464.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Update vendor/github.com/vbatts/tar-split to v0.10.2, to fix
CVE-2017-14992, per https://github.com/vbatts/tar-split/pull/42.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Update to proposed changes in containers/image, and bump
containers/storage to 04ad0b827097209ca65e59b5fd768511f3b1ae91, which is
currently the tip of the master branch.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This will release the MCS Label to be used again. Only do this if we
don't have another sandbox using the same label.
Also vendor in the latest selinux go bindings, which fixes a leak and
properly reserves the SELinux label we are going to use.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Container/storage has been enhanced to speed up the compiling and loading
of json files. This should make make cri-o a little bit faster.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This package is used in authenticating a user for kpod login
and can be used for authentication in kpod push, pull etc.
Signed-off-by: umohnani8 <umohnani@redhat.com>
If the user provides kpod pull a short name like 'debian', we
still want the pull to be sucessful. As such, when a short
name is provided, we get the list of searchable registries via
the systemregistries code in containers-storage. We then
append a tag of 'latest' (if not provided) and we formulate
a list of possible fully-qualified image names to try.
Vendor update for containers-storage to bring in the system_registries
code.
Also includes a patch from Nalin to fix compilation errors.
Signed-off-by: baude <bbaude@redhat.com>
Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
vndr was previously removing .go files in runc/libcontainer since they weren't used anywhere
in cri-o, but kpod stats will use them
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Add functions to go templates such as truncating a field. Also add
the table keyword, which, if placed at the beginning of a format string,
adds headers to the output
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Need to mv to latest released and supported version of logrus
switch github.com/Sirupsen/logrus github.com/sirupsen/logrus
Also vendor in latest containers/storage and containers/image
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This update allows the creation of docker-archive files when the
destination does not exists or is empty. kpod save needs this functionality.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Bump containers/image (pulling in its new dependency on ostree-go),
containers/storage, and updated image-spec.
This pulls in the OCI v1.0 specifications and code that allows us to
support 1.0 images.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Update the vendored commit for containers/image, because the previous
version did not include the function ListNames() in transports
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Vendor and use docker/pkg/pools.
pools are used to lower the number of memory allocations and reuse buffers when
processing large streams operations..
The use of pools.Copy avoids io.Copy's internal buffer allocation.
This commit replaces io.Copy with pools.Copy to avoid the allocation of
buffers in io.Copy.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>