mirror of
https://github.com/NVIDIA/nvidia-container-toolkit
synced 2024-11-22 00:08:11 +00:00
Run go mod tidy
Signed-off-by: Evan Lezar <elezar@nvidia.com>
This commit is contained in:
parent
e56bb09889
commit
7cc0c1f1cf
6
go.mod
6
go.mod
@ -4,9 +4,8 @@ go 1.20
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/NVIDIA/go-nvml v0.12.0-1
|
github.com/NVIDIA/go-nvml v0.12.0-1
|
||||||
github.com/container-orchestrated-devices/container-device-interface v0.6.0
|
|
||||||
github.com/fsnotify/fsnotify v1.5.4
|
github.com/fsnotify/fsnotify v1.5.4
|
||||||
github.com/opencontainers/runtime-spec v1.1.0-rc.2
|
github.com/opencontainers/runtime-spec v1.1.0
|
||||||
github.com/pelletier/go-toml v1.9.4
|
github.com/pelletier/go-toml v1.9.4
|
||||||
github.com/sirupsen/logrus v1.9.0
|
github.com/sirupsen/logrus v1.9.0
|
||||||
github.com/stretchr/testify v1.8.1
|
github.com/stretchr/testify v1.8.1
|
||||||
@ -14,6 +13,8 @@ require (
|
|||||||
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884
|
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884
|
||||||
golang.org/x/mod v0.5.0
|
golang.org/x/mod v0.5.0
|
||||||
golang.org/x/sys v0.7.0
|
golang.org/x/sys v0.7.0
|
||||||
|
tags.cncf.io/container-device-interface v0.6.2
|
||||||
|
tags.cncf.io/container-device-interface/specs-go v0.6.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
@ -21,7 +22,6 @@ require (
|
|||||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||||
github.com/hashicorp/errwrap v1.1.0 // indirect
|
github.com/hashicorp/errwrap v1.1.0 // indirect
|
||||||
github.com/kr/pretty v0.3.1 // indirect
|
github.com/kr/pretty v0.3.1 // indirect
|
||||||
github.com/opencontainers/runc v1.1.6 // indirect
|
|
||||||
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 // indirect
|
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 // indirect
|
||||||
github.com/opencontainers/selinux v1.11.0 // indirect
|
github.com/opencontainers/selinux v1.11.0 // indirect
|
||||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||||
|
14
go.sum
14
go.sum
@ -3,8 +3,6 @@ github.com/NVIDIA/go-nvml v0.12.0-1 h1:6mdjtlFo+17dWL7VFPfuRMtf0061TF4DKls9pkSw6
|
|||||||
github.com/NVIDIA/go-nvml v0.12.0-1/go.mod h1:hy7HYeQy335x6nEss0Ne3PYqleRa6Ct+VKD9RQ4nyFs=
|
github.com/NVIDIA/go-nvml v0.12.0-1/go.mod h1:hy7HYeQy335x6nEss0Ne3PYqleRa6Ct+VKD9RQ4nyFs=
|
||||||
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
|
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
|
||||||
github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
|
github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
|
||||||
github.com/container-orchestrated-devices/container-device-interface v0.6.0 h1:aWwcz/Ep0Fd7ZuBjQGjU/jdPloM7ydhMW13h85jZNvk=
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface v0.6.0/go.mod h1:OQlgtJtDrOxSQ1BWODC8OZK1tzi9W69wek+Jy17ndzo=
|
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
|
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||||
@ -29,11 +27,9 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
|||||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs=
|
github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs=
|
||||||
github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
|
github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
|
||||||
github.com/opencontainers/runc v1.1.6 h1:XbhB8IfG/EsnhNvZtNdLB0GBw92GYEFvKlhaJk9jUgA=
|
|
||||||
github.com/opencontainers/runc v1.1.6/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50=
|
|
||||||
github.com/opencontainers/runtime-spec v1.0.3-0.20220825212826-86290f6a00fb/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
github.com/opencontainers/runtime-spec v1.0.3-0.20220825212826-86290f6a00fb/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
||||||
github.com/opencontainers/runtime-spec v1.1.0-rc.2 h1:ucBtEms2tamYYW/SvGpvq9yUN0NEVL6oyLEwDcTSrk8=
|
github.com/opencontainers/runtime-spec v1.1.0 h1:HHUyrt9mwHUjtasSbXSMvs4cyFxh+Bll4AjJ9odEGpg=
|
||||||
github.com/opencontainers/runtime-spec v1.1.0-rc.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
github.com/opencontainers/runtime-spec v1.1.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
|
||||||
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 h1:DmNGcqH3WDbV5k8OJ+esPWbqUOX5rMLR2PMvziDMJi0=
|
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 h1:DmNGcqH3WDbV5k8OJ+esPWbqUOX5rMLR2PMvziDMJi0=
|
||||||
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626/go.mod h1:BRHJJd0E+cx42OybVYSgUvZmU0B8P9gZuRXlZUP7TKI=
|
github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626/go.mod h1:BRHJJd0E+cx42OybVYSgUvZmU0B8P9gZuRXlZUP7TKI=
|
||||||
github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=
|
github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=
|
||||||
@ -75,8 +71,6 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHo
|
|||||||
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
|
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
|
||||||
github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74=
|
github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74=
|
||||||
github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
|
github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
|
||||||
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230613182322-7663cf900f0a h1:lceJVurLqiWFdxK6KMDw+SIwrAsFW/af44XrNlbGw78=
|
|
||||||
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230613182322-7663cf900f0a/go.mod h1:KYZksBgh18o+uzgnpDazzG4LVYtnfB96VXHMXypEtik=
|
|
||||||
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884 h1:V0LUbfm4kVA1CPG8FgG9AGZqa3ykE5U12Gd3PZgoItA=
|
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884 h1:V0LUbfm4kVA1CPG8FgG9AGZqa3ykE5U12Gd3PZgoItA=
|
||||||
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884/go.mod h1:/x5Ky1ZJNyCjDkgSL1atII0EFKQF5WaIHKeP5nkaQfk=
|
gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20230818092907-09424fdc8884/go.mod h1:/x5Ky1ZJNyCjDkgSL1atII0EFKQF5WaIHKeP5nkaQfk=
|
||||||
golang.org/x/mod v0.5.0 h1:UG21uOlmZabA4fW5i7ZX6bjw1xELEGg/ZLgZq9auk/Q=
|
golang.org/x/mod v0.5.0 h1:UG21uOlmZabA4fW5i7ZX6bjw1xELEGg/ZLgZq9auk/Q=
|
||||||
@ -98,3 +92,7 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
|||||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
||||||
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
|
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
|
||||||
|
tags.cncf.io/container-device-interface v0.6.2 h1:dThE6dtp/93ZDGhqaED2Pu374SOeUkBfuvkLuiTdwzg=
|
||||||
|
tags.cncf.io/container-device-interface v0.6.2/go.mod h1:Shusyhjs1A5Na/kqPVLL0KqnHQHuunol9LFeUNkuGVE=
|
||||||
|
tags.cncf.io/container-device-interface/specs-go v0.6.0 h1:V+tJJN6dqu8Vym6p+Ru+K5mJ49WL6Aoc5SJFSY0RLsQ=
|
||||||
|
tags.cncf.io/container-device-interface/specs-go v0.6.0/go.mod h1:hMAwAbMZyBLdmYqWgYcKH0F/yctNpV3P35f+/088A80=
|
||||||
|
113
vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go
generated
vendored
113
vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go
generated
vendored
@ -1,113 +0,0 @@
|
|||||||
package specs
|
|
||||||
|
|
||||||
import (
|
|
||||||
"errors"
|
|
||||||
"fmt"
|
|
||||||
|
|
||||||
spec "github.com/opencontainers/runtime-spec/specs-go"
|
|
||||||
)
|
|
||||||
|
|
||||||
// ApplyOCIEditsForDevice applies devices OCI edits, in other words
|
|
||||||
// it finds the device in the CDI spec and applies the OCI patches that device
|
|
||||||
// requires to the OCI specification.
|
|
||||||
func ApplyOCIEditsForDevice(config *spec.Spec, cdi *Spec, dev string) error {
|
|
||||||
for _, d := range cdi.Devices {
|
|
||||||
if d.Name != dev {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
return ApplyEditsToOCISpec(config, &d.ContainerEdits)
|
|
||||||
}
|
|
||||||
|
|
||||||
return fmt.Errorf("CDI: device %q not found for spec %q", dev, cdi.Kind)
|
|
||||||
}
|
|
||||||
|
|
||||||
// ApplyOCIEdits applies the OCI edits the CDI spec declares globally
|
|
||||||
func ApplyOCIEdits(config *spec.Spec, cdi *Spec) error {
|
|
||||||
return ApplyEditsToOCISpec(config, &cdi.ContainerEdits)
|
|
||||||
}
|
|
||||||
|
|
||||||
// ApplyEditsToOCISpec applies the specified edits to the OCI spec.
|
|
||||||
func ApplyEditsToOCISpec(config *spec.Spec, edits *ContainerEdits) error {
|
|
||||||
if config == nil {
|
|
||||||
return errors.New("spec is nil")
|
|
||||||
}
|
|
||||||
if edits == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(edits.Env) > 0 {
|
|
||||||
if config.Process == nil {
|
|
||||||
config.Process = &spec.Process{}
|
|
||||||
}
|
|
||||||
config.Process.Env = append(config.Process.Env, edits.Env...)
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, d := range edits.DeviceNodes {
|
|
||||||
if config.Linux == nil {
|
|
||||||
config.Linux = &spec.Linux{}
|
|
||||||
}
|
|
||||||
config.Linux.Devices = append(config.Linux.Devices, d.ToOCI())
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, m := range edits.Mounts {
|
|
||||||
config.Mounts = append(config.Mounts, m.ToOCI())
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, h := range edits.Hooks {
|
|
||||||
if config.Hooks == nil {
|
|
||||||
config.Hooks = &spec.Hooks{}
|
|
||||||
}
|
|
||||||
switch h.HookName {
|
|
||||||
case "prestart":
|
|
||||||
config.Hooks.Prestart = append(config.Hooks.Prestart, h.ToOCI())
|
|
||||||
case "createRuntime":
|
|
||||||
config.Hooks.CreateRuntime = append(config.Hooks.CreateRuntime, h.ToOCI())
|
|
||||||
case "createContainer":
|
|
||||||
config.Hooks.CreateContainer = append(config.Hooks.CreateContainer, h.ToOCI())
|
|
||||||
case "startContainer":
|
|
||||||
config.Hooks.StartContainer = append(config.Hooks.StartContainer, h.ToOCI())
|
|
||||||
case "poststart":
|
|
||||||
config.Hooks.Poststart = append(config.Hooks.Poststart, h.ToOCI())
|
|
||||||
case "poststop":
|
|
||||||
config.Hooks.Poststop = append(config.Hooks.Poststop, h.ToOCI())
|
|
||||||
default:
|
|
||||||
fmt.Printf("CDI: Unknown hook %q\n", h.HookName)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// ToOCI returns the opencontainers runtime Spec Hook for this Hook.
|
|
||||||
func (h *Hook) ToOCI() spec.Hook {
|
|
||||||
return spec.Hook{
|
|
||||||
Path: h.Path,
|
|
||||||
Args: h.Args,
|
|
||||||
Env: h.Env,
|
|
||||||
Timeout: h.Timeout,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// ToOCI returns the opencontainers runtime Spec Mount for this Mount.
|
|
||||||
func (m *Mount) ToOCI() spec.Mount {
|
|
||||||
return spec.Mount{
|
|
||||||
Source: m.HostPath,
|
|
||||||
Destination: m.ContainerPath,
|
|
||||||
Options: m.Options,
|
|
||||||
Type: m.Type,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// ToOCI returns the opencontainers runtime Spec LinuxDevice for this DeviceNode.
|
|
||||||
func (d *DeviceNode) ToOCI() spec.LinuxDevice {
|
|
||||||
return spec.LinuxDevice{
|
|
||||||
Path: d.Path,
|
|
||||||
Type: d.Type,
|
|
||||||
Major: d.Major,
|
|
||||||
Minor: d.Minor,
|
|
||||||
FileMode: d.FileMode,
|
|
||||||
UID: d.UID,
|
|
||||||
GID: d.GID,
|
|
||||||
}
|
|
||||||
}
|
|
17
vendor/github.com/opencontainers/runc/NOTICE
generated
vendored
17
vendor/github.com/opencontainers/runc/NOTICE
generated
vendored
@ -1,17 +0,0 @@
|
|||||||
runc
|
|
||||||
|
|
||||||
Copyright 2012-2015 Docker, Inc.
|
|
||||||
|
|
||||||
This product includes software developed at Docker, Inc. (http://www.docker.com).
|
|
||||||
|
|
||||||
The following is courtesy of our legal counsel:
|
|
||||||
|
|
||||||
|
|
||||||
Use and transfer of Docker may be subject to certain restrictions by the
|
|
||||||
United States and other governments.
|
|
||||||
It is your responsibility to ensure that your use and/or transfer does not
|
|
||||||
violate applicable laws.
|
|
||||||
|
|
||||||
For more information, please see http://www.bis.doc.gov
|
|
||||||
|
|
||||||
See also http://www.apache.org/dev/crypto.html and/or seek legal counsel.
|
|
174
vendor/github.com/opencontainers/runc/libcontainer/devices/device.go
generated
vendored
174
vendor/github.com/opencontainers/runc/libcontainer/devices/device.go
generated
vendored
@ -1,174 +0,0 @@
|
|||||||
package devices
|
|
||||||
|
|
||||||
import (
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"strconv"
|
|
||||||
)
|
|
||||||
|
|
||||||
const (
|
|
||||||
Wildcard = -1
|
|
||||||
)
|
|
||||||
|
|
||||||
type Device struct {
|
|
||||||
Rule
|
|
||||||
|
|
||||||
// Path to the device.
|
|
||||||
Path string `json:"path"`
|
|
||||||
|
|
||||||
// FileMode permission bits for the device.
|
|
||||||
FileMode os.FileMode `json:"file_mode"`
|
|
||||||
|
|
||||||
// Uid of the device.
|
|
||||||
Uid uint32 `json:"uid"`
|
|
||||||
|
|
||||||
// Gid of the device.
|
|
||||||
Gid uint32 `json:"gid"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// Permissions is a cgroupv1-style string to represent device access. It
|
|
||||||
// has to be a string for backward compatibility reasons, hence why it has
|
|
||||||
// methods to do set operations.
|
|
||||||
type Permissions string
|
|
||||||
|
|
||||||
const (
|
|
||||||
deviceRead uint = (1 << iota)
|
|
||||||
deviceWrite
|
|
||||||
deviceMknod
|
|
||||||
)
|
|
||||||
|
|
||||||
func (p Permissions) toSet() uint {
|
|
||||||
var set uint
|
|
||||||
for _, perm := range p {
|
|
||||||
switch perm {
|
|
||||||
case 'r':
|
|
||||||
set |= deviceRead
|
|
||||||
case 'w':
|
|
||||||
set |= deviceWrite
|
|
||||||
case 'm':
|
|
||||||
set |= deviceMknod
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return set
|
|
||||||
}
|
|
||||||
|
|
||||||
func fromSet(set uint) Permissions {
|
|
||||||
var perm string
|
|
||||||
if set&deviceRead == deviceRead {
|
|
||||||
perm += "r"
|
|
||||||
}
|
|
||||||
if set&deviceWrite == deviceWrite {
|
|
||||||
perm += "w"
|
|
||||||
}
|
|
||||||
if set&deviceMknod == deviceMknod {
|
|
||||||
perm += "m"
|
|
||||||
}
|
|
||||||
return Permissions(perm)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Union returns the union of the two sets of Permissions.
|
|
||||||
func (p Permissions) Union(o Permissions) Permissions {
|
|
||||||
lhs := p.toSet()
|
|
||||||
rhs := o.toSet()
|
|
||||||
return fromSet(lhs | rhs)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Difference returns the set difference of the two sets of Permissions.
|
|
||||||
// In set notation, A.Difference(B) gives you A\B.
|
|
||||||
func (p Permissions) Difference(o Permissions) Permissions {
|
|
||||||
lhs := p.toSet()
|
|
||||||
rhs := o.toSet()
|
|
||||||
return fromSet(lhs &^ rhs)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Intersection computes the intersection of the two sets of Permissions.
|
|
||||||
func (p Permissions) Intersection(o Permissions) Permissions {
|
|
||||||
lhs := p.toSet()
|
|
||||||
rhs := o.toSet()
|
|
||||||
return fromSet(lhs & rhs)
|
|
||||||
}
|
|
||||||
|
|
||||||
// IsEmpty returns whether the set of permissions in a Permissions is
|
|
||||||
// empty.
|
|
||||||
func (p Permissions) IsEmpty() bool {
|
|
||||||
return p == Permissions("")
|
|
||||||
}
|
|
||||||
|
|
||||||
// IsValid returns whether the set of permissions is a subset of valid
|
|
||||||
// permissions (namely, {r,w,m}).
|
|
||||||
func (p Permissions) IsValid() bool {
|
|
||||||
return p == fromSet(p.toSet())
|
|
||||||
}
|
|
||||||
|
|
||||||
type Type rune
|
|
||||||
|
|
||||||
const (
|
|
||||||
WildcardDevice Type = 'a'
|
|
||||||
BlockDevice Type = 'b'
|
|
||||||
CharDevice Type = 'c' // or 'u'
|
|
||||||
FifoDevice Type = 'p'
|
|
||||||
)
|
|
||||||
|
|
||||||
func (t Type) IsValid() bool {
|
|
||||||
switch t {
|
|
||||||
case WildcardDevice, BlockDevice, CharDevice, FifoDevice:
|
|
||||||
return true
|
|
||||||
default:
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (t Type) CanMknod() bool {
|
|
||||||
switch t {
|
|
||||||
case BlockDevice, CharDevice, FifoDevice:
|
|
||||||
return true
|
|
||||||
default:
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (t Type) CanCgroup() bool {
|
|
||||||
switch t {
|
|
||||||
case WildcardDevice, BlockDevice, CharDevice:
|
|
||||||
return true
|
|
||||||
default:
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
type Rule struct {
|
|
||||||
// Type of device ('c' for char, 'b' for block). If set to 'a', this rule
|
|
||||||
// acts as a wildcard and all fields other than Allow are ignored.
|
|
||||||
Type Type `json:"type"`
|
|
||||||
|
|
||||||
// Major is the device's major number.
|
|
||||||
Major int64 `json:"major"`
|
|
||||||
|
|
||||||
// Minor is the device's minor number.
|
|
||||||
Minor int64 `json:"minor"`
|
|
||||||
|
|
||||||
// Permissions is the set of permissions that this rule applies to (in the
|
|
||||||
// cgroupv1 format -- any combination of "rwm").
|
|
||||||
Permissions Permissions `json:"permissions"`
|
|
||||||
|
|
||||||
// Allow specifies whether this rule is allowed.
|
|
||||||
Allow bool `json:"allow"`
|
|
||||||
}
|
|
||||||
|
|
||||||
func (d *Rule) CgroupString() string {
|
|
||||||
var (
|
|
||||||
major = strconv.FormatInt(d.Major, 10)
|
|
||||||
minor = strconv.FormatInt(d.Minor, 10)
|
|
||||||
)
|
|
||||||
if d.Major == Wildcard {
|
|
||||||
major = "*"
|
|
||||||
}
|
|
||||||
if d.Minor == Wildcard {
|
|
||||||
minor = "*"
|
|
||||||
}
|
|
||||||
return fmt.Sprintf("%c %s:%s %s", d.Type, major, minor, d.Permissions)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (d *Rule) Mkdev() (uint64, error) {
|
|
||||||
return mkDev(d)
|
|
||||||
}
|
|
120
vendor/github.com/opencontainers/runc/libcontainer/devices/device_unix.go
generated
vendored
120
vendor/github.com/opencontainers/runc/libcontainer/devices/device_unix.go
generated
vendored
@ -1,120 +0,0 @@
|
|||||||
//go:build !windows
|
|
||||||
// +build !windows
|
|
||||||
|
|
||||||
package devices
|
|
||||||
|
|
||||||
import (
|
|
||||||
"errors"
|
|
||||||
"os"
|
|
||||||
"path/filepath"
|
|
||||||
|
|
||||||
"golang.org/x/sys/unix"
|
|
||||||
)
|
|
||||||
|
|
||||||
// ErrNotADevice denotes that a file is not a valid linux device.
|
|
||||||
var ErrNotADevice = errors.New("not a device node")
|
|
||||||
|
|
||||||
// Testing dependencies
|
|
||||||
var (
|
|
||||||
unixLstat = unix.Lstat
|
|
||||||
osReadDir = os.ReadDir
|
|
||||||
)
|
|
||||||
|
|
||||||
func mkDev(d *Rule) (uint64, error) {
|
|
||||||
if d.Major == Wildcard || d.Minor == Wildcard {
|
|
||||||
return 0, errors.New("cannot mkdev() device with wildcards")
|
|
||||||
}
|
|
||||||
return unix.Mkdev(uint32(d.Major), uint32(d.Minor)), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// DeviceFromPath takes the path to a device and its cgroup_permissions (which
|
|
||||||
// cannot be easily queried) to look up the information about a linux device
|
|
||||||
// and returns that information as a Device struct.
|
|
||||||
func DeviceFromPath(path, permissions string) (*Device, error) {
|
|
||||||
var stat unix.Stat_t
|
|
||||||
err := unixLstat(path, &stat)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
var (
|
|
||||||
devType Type
|
|
||||||
mode = stat.Mode
|
|
||||||
devNumber = uint64(stat.Rdev) //nolint:unconvert // Rdev is uint32 on e.g. MIPS.
|
|
||||||
major = unix.Major(devNumber)
|
|
||||||
minor = unix.Minor(devNumber)
|
|
||||||
)
|
|
||||||
switch mode & unix.S_IFMT {
|
|
||||||
case unix.S_IFBLK:
|
|
||||||
devType = BlockDevice
|
|
||||||
case unix.S_IFCHR:
|
|
||||||
devType = CharDevice
|
|
||||||
case unix.S_IFIFO:
|
|
||||||
devType = FifoDevice
|
|
||||||
default:
|
|
||||||
return nil, ErrNotADevice
|
|
||||||
}
|
|
||||||
return &Device{
|
|
||||||
Rule: Rule{
|
|
||||||
Type: devType,
|
|
||||||
Major: int64(major),
|
|
||||||
Minor: int64(minor),
|
|
||||||
Permissions: Permissions(permissions),
|
|
||||||
},
|
|
||||||
Path: path,
|
|
||||||
FileMode: os.FileMode(mode &^ unix.S_IFMT),
|
|
||||||
Uid: stat.Uid,
|
|
||||||
Gid: stat.Gid,
|
|
||||||
}, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// HostDevices returns all devices that can be found under /dev directory.
|
|
||||||
func HostDevices() ([]*Device, error) {
|
|
||||||
return GetDevices("/dev")
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetDevices recursively traverses a directory specified by path
|
|
||||||
// and returns all devices found there.
|
|
||||||
func GetDevices(path string) ([]*Device, error) {
|
|
||||||
files, err := osReadDir(path)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
var out []*Device
|
|
||||||
for _, f := range files {
|
|
||||||
switch {
|
|
||||||
case f.IsDir():
|
|
||||||
switch f.Name() {
|
|
||||||
// ".lxc" & ".lxd-mounts" added to address https://github.com/lxc/lxd/issues/2825
|
|
||||||
// ".udev" added to address https://github.com/opencontainers/runc/issues/2093
|
|
||||||
case "pts", "shm", "fd", "mqueue", ".lxc", ".lxd-mounts", ".udev":
|
|
||||||
continue
|
|
||||||
default:
|
|
||||||
sub, err := GetDevices(filepath.Join(path, f.Name()))
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
out = append(out, sub...)
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
case f.Name() == "console":
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
device, err := DeviceFromPath(filepath.Join(path, f.Name()), "rwm")
|
|
||||||
if err != nil {
|
|
||||||
if errors.Is(err, ErrNotADevice) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
if os.IsNotExist(err) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if device.Type == FifoDevice {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
out = append(out, device)
|
|
||||||
}
|
|
||||||
return out, nil
|
|
||||||
}
|
|
88
vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
generated
vendored
88
vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
generated
vendored
@ -33,6 +33,34 @@ type Spec struct {
|
|||||||
ZOS *ZOS `json:"zos,omitempty" platform:"zos"`
|
ZOS *ZOS `json:"zos,omitempty" platform:"zos"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Scheduler represents the scheduling attributes for a process. It is based on
|
||||||
|
// the Linux sched_setattr(2) syscall.
|
||||||
|
type Scheduler struct {
|
||||||
|
// Policy represents the scheduling policy (e.g., SCHED_FIFO, SCHED_RR, SCHED_OTHER).
|
||||||
|
Policy LinuxSchedulerPolicy `json:"policy"`
|
||||||
|
|
||||||
|
// Nice is the nice value for the process, which affects its priority.
|
||||||
|
Nice int32 `json:"nice,omitempty"`
|
||||||
|
|
||||||
|
// Priority represents the static priority of the process.
|
||||||
|
Priority int32 `json:"priority,omitempty"`
|
||||||
|
|
||||||
|
// Flags is an array of scheduling flags.
|
||||||
|
Flags []LinuxSchedulerFlag `json:"flags,omitempty"`
|
||||||
|
|
||||||
|
// The following ones are used by the DEADLINE scheduler.
|
||||||
|
|
||||||
|
// Runtime is the amount of time in nanoseconds during which the process
|
||||||
|
// is allowed to run in a given period.
|
||||||
|
Runtime uint64 `json:"runtime,omitempty"`
|
||||||
|
|
||||||
|
// Deadline is the absolute deadline for the process to complete its execution.
|
||||||
|
Deadline uint64 `json:"deadline,omitempty"`
|
||||||
|
|
||||||
|
// Period is the length of the period in nanoseconds used for determining the process runtime.
|
||||||
|
Period uint64 `json:"period,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
// Process contains information to start a specific application inside the container.
|
// Process contains information to start a specific application inside the container.
|
||||||
type Process struct {
|
type Process struct {
|
||||||
// Terminal creates an interactive terminal for the container.
|
// Terminal creates an interactive terminal for the container.
|
||||||
@ -60,8 +88,12 @@ type Process struct {
|
|||||||
ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"`
|
ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"`
|
||||||
// Specify an oom_score_adj for the container.
|
// Specify an oom_score_adj for the container.
|
||||||
OOMScoreAdj *int `json:"oomScoreAdj,omitempty" platform:"linux"`
|
OOMScoreAdj *int `json:"oomScoreAdj,omitempty" platform:"linux"`
|
||||||
|
// Scheduler specifies the scheduling attributes for a process
|
||||||
|
Scheduler *Scheduler `json:"scheduler,omitempty" platform:"linux"`
|
||||||
// SelinuxLabel specifies the selinux context that the container process is run as.
|
// SelinuxLabel specifies the selinux context that the container process is run as.
|
||||||
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
|
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
|
||||||
|
// IOPriority contains the I/O priority settings for the cgroup.
|
||||||
|
IOPriority *LinuxIOPriority `json:"ioPriority,omitempty" platform:"linux"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// LinuxCapabilities specifies the list of allowed capabilities that are kept for a process.
|
// LinuxCapabilities specifies the list of allowed capabilities that are kept for a process.
|
||||||
@ -79,6 +111,22 @@ type LinuxCapabilities struct {
|
|||||||
Ambient []string `json:"ambient,omitempty" platform:"linux"`
|
Ambient []string `json:"ambient,omitempty" platform:"linux"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IOPriority represents I/O priority settings for the container's processes within the process group.
|
||||||
|
type LinuxIOPriority struct {
|
||||||
|
Class IOPriorityClass `json:"class"`
|
||||||
|
Priority int `json:"priority"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// IOPriorityClass represents an I/O scheduling class.
|
||||||
|
type IOPriorityClass string
|
||||||
|
|
||||||
|
// Possible values for IOPriorityClass.
|
||||||
|
const (
|
||||||
|
IOPRIO_CLASS_RT IOPriorityClass = "IOPRIO_CLASS_RT"
|
||||||
|
IOPRIO_CLASS_BE IOPriorityClass = "IOPRIO_CLASS_BE"
|
||||||
|
IOPRIO_CLASS_IDLE IOPriorityClass = "IOPRIO_CLASS_IDLE"
|
||||||
|
)
|
||||||
|
|
||||||
// Box specifies dimensions of a rectangle. Used for specifying the size of a console.
|
// Box specifies dimensions of a rectangle. Used for specifying the size of a console.
|
||||||
type Box struct {
|
type Box struct {
|
||||||
// Height is the vertical dimension of a box.
|
// Height is the vertical dimension of a box.
|
||||||
@ -789,3 +837,43 @@ type ZOSDevice struct {
|
|||||||
// Gid of the device.
|
// Gid of the device.
|
||||||
GID *uint32 `json:"gid,omitempty"`
|
GID *uint32 `json:"gid,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// LinuxSchedulerPolicy represents different scheduling policies used with the Linux Scheduler
|
||||||
|
type LinuxSchedulerPolicy string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// SchedOther is the default scheduling policy
|
||||||
|
SchedOther LinuxSchedulerPolicy = "SCHED_OTHER"
|
||||||
|
// SchedFIFO is the First-In-First-Out scheduling policy
|
||||||
|
SchedFIFO LinuxSchedulerPolicy = "SCHED_FIFO"
|
||||||
|
// SchedRR is the Round-Robin scheduling policy
|
||||||
|
SchedRR LinuxSchedulerPolicy = "SCHED_RR"
|
||||||
|
// SchedBatch is the Batch scheduling policy
|
||||||
|
SchedBatch LinuxSchedulerPolicy = "SCHED_BATCH"
|
||||||
|
// SchedISO is the Isolation scheduling policy
|
||||||
|
SchedISO LinuxSchedulerPolicy = "SCHED_ISO"
|
||||||
|
// SchedIdle is the Idle scheduling policy
|
||||||
|
SchedIdle LinuxSchedulerPolicy = "SCHED_IDLE"
|
||||||
|
// SchedDeadline is the Deadline scheduling policy
|
||||||
|
SchedDeadline LinuxSchedulerPolicy = "SCHED_DEADLINE"
|
||||||
|
)
|
||||||
|
|
||||||
|
// LinuxSchedulerFlag represents the flags used by the Linux Scheduler.
|
||||||
|
type LinuxSchedulerFlag string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// SchedFlagResetOnFork represents the reset on fork scheduling flag
|
||||||
|
SchedFlagResetOnFork LinuxSchedulerFlag = "SCHED_FLAG_RESET_ON_FORK"
|
||||||
|
// SchedFlagReclaim represents the reclaim scheduling flag
|
||||||
|
SchedFlagReclaim LinuxSchedulerFlag = "SCHED_FLAG_RECLAIM"
|
||||||
|
// SchedFlagDLOverrun represents the deadline overrun scheduling flag
|
||||||
|
SchedFlagDLOverrun LinuxSchedulerFlag = "SCHED_FLAG_DL_OVERRUN"
|
||||||
|
// SchedFlagKeepPolicy represents the keep policy scheduling flag
|
||||||
|
SchedFlagKeepPolicy LinuxSchedulerFlag = "SCHED_FLAG_KEEP_POLICY"
|
||||||
|
// SchedFlagKeepParams represents the keep parameters scheduling flag
|
||||||
|
SchedFlagKeepParams LinuxSchedulerFlag = "SCHED_FLAG_KEEP_PARAMS"
|
||||||
|
// SchedFlagUtilClampMin represents the utilization clamp minimum scheduling flag
|
||||||
|
SchedFlagUtilClampMin LinuxSchedulerFlag = "SCHED_FLAG_UTIL_CLAMP_MIN"
|
||||||
|
// SchedFlagUtilClampMin represents the utilization clamp maximum scheduling flag
|
||||||
|
SchedFlagUtilClampMax LinuxSchedulerFlag = "SCHED_FLAG_UTIL_CLAMP_MAX"
|
||||||
|
)
|
||||||
|
2
vendor/github.com/opencontainers/runtime-spec/specs-go/version.go
generated
vendored
2
vendor/github.com/opencontainers/runtime-spec/specs-go/version.go
generated
vendored
@ -11,7 +11,7 @@ const (
|
|||||||
VersionPatch = 0
|
VersionPatch = 0
|
||||||
|
|
||||||
// VersionDev indicates development branch. Releases will be empty string.
|
// VersionDev indicates development branch. Releases will be empty string.
|
||||||
VersionDev = "-rc.2"
|
VersionDev = ""
|
||||||
)
|
)
|
||||||
|
|
||||||
// Version is the specification version that the package types support.
|
// Version is the specification version that the package types support.
|
||||||
|
23
vendor/modules.txt
vendored
23
vendor/modules.txt
vendored
@ -2,14 +2,6 @@
|
|||||||
## explicit; go 1.15
|
## explicit; go 1.15
|
||||||
github.com/NVIDIA/go-nvml/pkg/dl
|
github.com/NVIDIA/go-nvml/pkg/dl
|
||||||
github.com/NVIDIA/go-nvml/pkg/nvml
|
github.com/NVIDIA/go-nvml/pkg/nvml
|
||||||
# github.com/container-orchestrated-devices/container-device-interface v0.6.0
|
|
||||||
## explicit; go 1.17
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/internal/multierror
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/internal/validation
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/internal/validation/k8s
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/pkg/cdi
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/pkg/parser
|
|
||||||
github.com/container-orchestrated-devices/container-device-interface/specs-go
|
|
||||||
# github.com/cpuguy83/go-md2man/v2 v2.0.2
|
# github.com/cpuguy83/go-md2man/v2 v2.0.2
|
||||||
## explicit; go 1.11
|
## explicit; go 1.11
|
||||||
github.com/cpuguy83/go-md2man/v2/md2man
|
github.com/cpuguy83/go-md2man/v2/md2man
|
||||||
@ -23,10 +15,7 @@ github.com/fsnotify/fsnotify
|
|||||||
## explicit
|
## explicit
|
||||||
# github.com/kr/pretty v0.3.1
|
# github.com/kr/pretty v0.3.1
|
||||||
## explicit; go 1.12
|
## explicit; go 1.12
|
||||||
# github.com/opencontainers/runc v1.1.6
|
# github.com/opencontainers/runtime-spec v1.1.0
|
||||||
## explicit; go 1.17
|
|
||||||
github.com/opencontainers/runc/libcontainer/devices
|
|
||||||
# github.com/opencontainers/runtime-spec v1.1.0-rc.2
|
|
||||||
## explicit
|
## explicit
|
||||||
github.com/opencontainers/runtime-spec/specs-go
|
github.com/opencontainers/runtime-spec/specs-go
|
||||||
# github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626
|
# github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626
|
||||||
@ -89,3 +78,13 @@ gopkg.in/yaml.v3
|
|||||||
# sigs.k8s.io/yaml v1.3.0
|
# sigs.k8s.io/yaml v1.3.0
|
||||||
## explicit; go 1.12
|
## explicit; go 1.12
|
||||||
sigs.k8s.io/yaml
|
sigs.k8s.io/yaml
|
||||||
|
# tags.cncf.io/container-device-interface v0.6.2
|
||||||
|
## explicit; go 1.19
|
||||||
|
tags.cncf.io/container-device-interface/internal/multierror
|
||||||
|
tags.cncf.io/container-device-interface/internal/validation
|
||||||
|
tags.cncf.io/container-device-interface/internal/validation/k8s
|
||||||
|
tags.cncf.io/container-device-interface/pkg/cdi
|
||||||
|
tags.cncf.io/container-device-interface/pkg/parser
|
||||||
|
# tags.cncf.io/container-device-interface/specs-go v0.6.0
|
||||||
|
## explicit; go 1.19
|
||||||
|
tags.cncf.io/container-device-interface/specs-go
|
||||||
|
@ -23,7 +23,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/internal/multierror"
|
"tags.cncf.io/container-device-interface/internal/multierror"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TotalAnnotationSizeLimitB defines the maximum size of all annotations in characters.
|
// TotalAnnotationSizeLimitB defines the maximum size of all annotations in characters.
|
@ -20,7 +20,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/internal/validation/k8s"
|
"tags.cncf.io/container-device-interface/internal/validation/k8s"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ValidateSpecAnnotations checks whether spec annotations are valid.
|
// ValidateSpecAnnotations checks whether spec annotations are valid.
|
@ -21,7 +21,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
|
"tags.cncf.io/container-device-interface/pkg/parser"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -26,10 +26,10 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/internal/multierror"
|
|
||||||
cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
|
||||||
"github.com/fsnotify/fsnotify"
|
"github.com/fsnotify/fsnotify"
|
||||||
oci "github.com/opencontainers/runtime-spec/specs-go"
|
oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
|
"tags.cncf.io/container-device-interface/internal/multierror"
|
||||||
|
cdi "tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Option is an option to change some aspect of default CDI behavior.
|
// Option is an option to change some aspect of default CDI behavior.
|
||||||
@ -49,7 +49,7 @@ type Cache struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// WithAutoRefresh returns an option to control automatic Cache refresh.
|
// WithAutoRefresh returns an option to control automatic Cache refresh.
|
||||||
// By default auto-refresh is enabled, the list of Spec directories are
|
// By default, auto-refresh is enabled, the list of Spec directories are
|
||||||
// monitored and the Cache is automatically refreshed whenever a change
|
// monitored and the Cache is automatically refreshed whenever a change
|
||||||
// is detected. This option can be used to disable this behavior when a
|
// is detected. This option can be used to disable this behavior when a
|
||||||
// manually refreshed mode is preferable.
|
// manually refreshed mode is preferable.
|
||||||
@ -203,7 +203,7 @@ func (c *Cache) refresh() error {
|
|||||||
// RefreshIfRequired triggers a refresh if necessary.
|
// RefreshIfRequired triggers a refresh if necessary.
|
||||||
func (c *Cache) refreshIfRequired(force bool) (bool, error) {
|
func (c *Cache) refreshIfRequired(force bool) (bool, error) {
|
||||||
// We need to refresh if
|
// We need to refresh if
|
||||||
// - it's forced by an explicitly call to Refresh() in manual mode
|
// - it's forced by an explicit call to Refresh() in manual mode
|
||||||
// - a missing Spec dir appears (added to watch) in auto-refresh mode
|
// - a missing Spec dir appears (added to watch) in auto-refresh mode
|
||||||
if force || (c.autoRefresh && c.watch.update(c.dirErrors)) {
|
if force || (c.autoRefresh && c.watch.update(c.dirErrors)) {
|
||||||
return true, c.refresh()
|
return true, c.refresh()
|
||||||
@ -244,7 +244,7 @@ func (c *Cache) InjectDevices(ociSpec *oci.Spec, devices ...string) ([]string, e
|
|||||||
|
|
||||||
if unresolved != nil {
|
if unresolved != nil {
|
||||||
return unresolved, fmt.Errorf("unresolvable CDI devices %s",
|
return unresolved, fmt.Errorf("unresolvable CDI devices %s",
|
||||||
strings.Join(devices, ", "))
|
strings.Join(unresolved, ", "))
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := edits.Apply(ociSpec); err != nil {
|
if err := edits.Apply(ociSpec); err != nil {
|
@ -24,9 +24,9 @@ import (
|
|||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
|
||||||
oci "github.com/opencontainers/runtime-spec/specs-go"
|
oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
ocigen "github.com/opencontainers/runtime-tools/generate"
|
ocigen "github.com/opencontainers/runtime-tools/generate"
|
||||||
|
"tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -20,11 +20,42 @@
|
|||||||
package cdi
|
package cdi
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
runc "github.com/opencontainers/runc/libcontainer/devices"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
blockDevice = "b"
|
||||||
|
charDevice = "c" // or "u"
|
||||||
|
fifoDevice = "p"
|
||||||
|
)
|
||||||
|
|
||||||
|
// deviceInfoFromPath takes the path to a device and returns its type,
|
||||||
|
// major and minor device numbers.
|
||||||
|
//
|
||||||
|
// It was adapted from https://github.com/opencontainers/runc/blob/v1.1.9/libcontainer/devices/device_unix.go#L30-L69
|
||||||
|
func deviceInfoFromPath(path string) (devType string, major, minor int64, _ error) {
|
||||||
|
var stat unix.Stat_t
|
||||||
|
err := unix.Lstat(path, &stat)
|
||||||
|
if err != nil {
|
||||||
|
return "", 0, 0, err
|
||||||
|
}
|
||||||
|
switch stat.Mode & unix.S_IFMT {
|
||||||
|
case unix.S_IFBLK:
|
||||||
|
devType = blockDevice
|
||||||
|
case unix.S_IFCHR:
|
||||||
|
devType = charDevice
|
||||||
|
case unix.S_IFIFO:
|
||||||
|
devType = fifoDevice
|
||||||
|
default:
|
||||||
|
return "", 0, 0, errors.New("not a device node")
|
||||||
|
}
|
||||||
|
devNumber := uint64(stat.Rdev) //nolint:unconvert // Rdev is uint32 on e.g. MIPS.
|
||||||
|
return devType, int64(unix.Major(devNumber)), int64(unix.Minor(devNumber)), nil
|
||||||
|
}
|
||||||
|
|
||||||
// fillMissingInfo fills in missing mandatory attributes from the host device.
|
// fillMissingInfo fills in missing mandatory attributes from the host device.
|
||||||
func (d *DeviceNode) fillMissingInfo() error {
|
func (d *DeviceNode) fillMissingInfo() error {
|
||||||
if d.HostPath == "" {
|
if d.HostPath == "" {
|
||||||
@ -35,22 +66,22 @@ func (d *DeviceNode) fillMissingInfo() error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
hostDev, err := runc.DeviceFromPath(d.HostPath, "rwm")
|
deviceType, major, minor, err := deviceInfoFromPath(d.HostPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to stat CDI host device %q: %w", d.HostPath, err)
|
return fmt.Errorf("failed to stat CDI host device %q: %w", d.HostPath, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if d.Type == "" {
|
if d.Type == "" {
|
||||||
d.Type = string(hostDev.Type)
|
d.Type = deviceType
|
||||||
} else {
|
} else {
|
||||||
if d.Type != string(hostDev.Type) {
|
if d.Type != deviceType {
|
||||||
return fmt.Errorf("CDI device (%q, %q), host type mismatch (%s, %s)",
|
return fmt.Errorf("CDI device (%q, %q), host type mismatch (%s, %s)",
|
||||||
d.Path, d.HostPath, d.Type, string(hostDev.Type))
|
d.Path, d.HostPath, d.Type, deviceType)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if d.Major == 0 && d.Type != "p" {
|
if d.Major == 0 && d.Type != "p" {
|
||||||
d.Major = hostDev.Major
|
d.Major = major
|
||||||
d.Minor = hostDev.Minor
|
d.Minor = minor
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
@ -19,10 +19,10 @@ package cdi
|
|||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/internal/validation"
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
|
|
||||||
cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
|
||||||
oci "github.com/opencontainers/runtime-spec/specs-go"
|
oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
|
"tags.cncf.io/container-device-interface/internal/validation"
|
||||||
|
"tags.cncf.io/container-device-interface/pkg/parser"
|
||||||
|
cdi "tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Device represents a CDI device of a Spec.
|
// Device represents a CDI device of a Spec.
|
@ -2,9 +2,9 @@
|
|||||||
// interacting with CDI and consuming CDI devices.
|
// interacting with CDI and consuming CDI devices.
|
||||||
//
|
//
|
||||||
// For more information about Container Device Interface, please refer to
|
// For more information about Container Device Interface, please refer to
|
||||||
// https://github.com/container-orchestrated-devices/container-device-interface
|
// https://tags.cncf.io/container-device-interface
|
||||||
//
|
//
|
||||||
// Container Device Interface
|
// # Container Device Interface
|
||||||
//
|
//
|
||||||
// Container Device Interface, or CDI for short, provides comprehensive
|
// Container Device Interface, or CDI for short, provides comprehensive
|
||||||
// third party device support for container runtimes. CDI uses vendor
|
// third party device support for container runtimes. CDI uses vendor
|
||||||
@ -29,7 +29,7 @@
|
|||||||
// the vast majority of CDI consumers need. The API should be usable both
|
// the vast majority of CDI consumers need. The API should be usable both
|
||||||
// by OCI runtime clients and runtime implementations.
|
// by OCI runtime clients and runtime implementations.
|
||||||
//
|
//
|
||||||
// CDI Registry
|
// # CDI Registry
|
||||||
//
|
//
|
||||||
// The primary interface to interact with CDI devices is the Registry. It
|
// The primary interface to interact with CDI devices is the Registry. It
|
||||||
// is essentially a cache of all Specs and devices discovered in standard
|
// is essentially a cache of all Specs and devices discovered in standard
|
||||||
@ -37,34 +37,34 @@
|
|||||||
// injecting devices into an OCI Spec and refreshing the cache of CDI
|
// injecting devices into an OCI Spec and refreshing the cache of CDI
|
||||||
// Specs and devices.
|
// Specs and devices.
|
||||||
//
|
//
|
||||||
// Device Injection
|
// # Device Injection
|
||||||
//
|
//
|
||||||
// Using the Registry one can inject CDI devices into a container with code
|
// Using the Registry one can inject CDI devices into a container with code
|
||||||
// similar to the following snippet:
|
// similar to the following snippet:
|
||||||
//
|
//
|
||||||
// import (
|
// import (
|
||||||
// "fmt"
|
// "fmt"
|
||||||
// "strings"
|
// "strings"
|
||||||
//
|
//
|
||||||
// log "github.com/sirupsen/logrus"
|
// log "github.com/sirupsen/logrus"
|
||||||
//
|
//
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
|
// "tags.cncf.io/container-device-interface/pkg/cdi"
|
||||||
// oci "github.com/opencontainers/runtime-spec/specs-go"
|
// oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
// )
|
// )
|
||||||
//
|
//
|
||||||
// func injectCDIDevices(spec *oci.Spec, devices []string) error {
|
// func injectCDIDevices(spec *oci.Spec, devices []string) error {
|
||||||
// log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
|
// log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
|
||||||
//
|
//
|
||||||
// unresolved, err := cdi.GetRegistry().InjectDevices(spec, devices)
|
// unresolved, err := cdi.GetRegistry().InjectDevices(spec, devices)
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// return fmt.Errorf("CDI device injection failed: %w", err)
|
// return fmt.Errorf("CDI device injection failed: %w", err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
|
// log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
|
||||||
// return nil
|
// return nil
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// Cache Refresh
|
// # Cache Refresh
|
||||||
//
|
//
|
||||||
// By default the CDI Spec cache monitors the configured Spec directories
|
// By default the CDI Spec cache monitors the configured Spec directories
|
||||||
// and automatically refreshes itself when necessary. This behavior can be
|
// and automatically refreshes itself when necessary. This behavior can be
|
||||||
@ -85,42 +85,42 @@
|
|||||||
// CDI Spec cache is up to date before performing device injection.
|
// CDI Spec cache is up to date before performing device injection.
|
||||||
// A code snippet similar to the following accmplishes that:
|
// A code snippet similar to the following accmplishes that:
|
||||||
//
|
//
|
||||||
// import (
|
// import (
|
||||||
// "fmt"
|
// "fmt"
|
||||||
// "strings"
|
// "strings"
|
||||||
//
|
//
|
||||||
// log "github.com/sirupsen/logrus"
|
// log "github.com/sirupsen/logrus"
|
||||||
//
|
//
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
|
// "tags.cncf.io/container-device-interface/pkg/cdi"
|
||||||
// oci "github.com/opencontainers/runtime-spec/specs-go"
|
// oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
// )
|
// )
|
||||||
//
|
//
|
||||||
// func injectCDIDevices(spec *oci.Spec, devices []string) error {
|
// func injectCDIDevices(spec *oci.Spec, devices []string) error {
|
||||||
// registry := cdi.GetRegistry()
|
// registry := cdi.GetRegistry()
|
||||||
//
|
//
|
||||||
// if err := registry.Refresh(); err != nil {
|
// if err := registry.Refresh(); err != nil {
|
||||||
// // Note:
|
// // Note:
|
||||||
// // It is up to the implementation to decide whether
|
// // It is up to the implementation to decide whether
|
||||||
// // to abort injection on errors. A failed Refresh()
|
// // to abort injection on errors. A failed Refresh()
|
||||||
// // does not necessarily render the registry unusable.
|
// // does not necessarily render the registry unusable.
|
||||||
// // For instance, a parse error in a Spec file for
|
// // For instance, a parse error in a Spec file for
|
||||||
// // vendor A does not have any effect on devices of
|
// // vendor A does not have any effect on devices of
|
||||||
// // vendor B...
|
// // vendor B...
|
||||||
// log.Warnf("pre-injection Refresh() failed: %v", err)
|
// log.Warnf("pre-injection Refresh() failed: %v", err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
|
// log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
|
||||||
//
|
//
|
||||||
// unresolved, err := registry.InjectDevices(spec, devices)
|
// unresolved, err := registry.InjectDevices(spec, devices)
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// return fmt.Errorf("CDI device injection failed: %w", err)
|
// return fmt.Errorf("CDI device injection failed: %w", err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
|
// log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
|
||||||
// return nil
|
// return nil
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// Generated Spec Files, Multiple Directories, Device Precedence
|
// # Generated Spec Files, Multiple Directories, Device Precedence
|
||||||
//
|
//
|
||||||
// It is often necessary to generate Spec files dynamically. On some
|
// It is often necessary to generate Spec files dynamically. On some
|
||||||
// systems the available or usable set of CDI devices might change
|
// systems the available or usable set of CDI devices might change
|
||||||
@ -149,7 +149,7 @@
|
|||||||
// '/etc/cdi' while all the dynamically generated Spec files, transient
|
// '/etc/cdi' while all the dynamically generated Spec files, transient
|
||||||
// or other, go into '/var/run/cdi'.
|
// or other, go into '/var/run/cdi'.
|
||||||
//
|
//
|
||||||
// Spec File Generation
|
// # Spec File Generation
|
||||||
//
|
//
|
||||||
// CDI offers two functions for writing and removing dynamically generated
|
// CDI offers two functions for writing and removing dynamically generated
|
||||||
// Specs from CDI Spec directories. These functions, WriteSpec() and
|
// Specs from CDI Spec directories. These functions, WriteSpec() and
|
||||||
@ -169,33 +169,35 @@
|
|||||||
// code snippet similar to the following:
|
// code snippet similar to the following:
|
||||||
//
|
//
|
||||||
// import (
|
// import (
|
||||||
// "fmt"
|
//
|
||||||
// ...
|
// "fmt"
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
// ...
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
|
// "tags.cncf.io/container-device-interface/specs-go"
|
||||||
|
// "tags.cncf.io/container-device-interface/pkg/cdi"
|
||||||
|
//
|
||||||
// )
|
// )
|
||||||
//
|
//
|
||||||
// func generateDeviceSpecs() error {
|
// func generateDeviceSpecs() error {
|
||||||
// registry := cdi.GetRegistry()
|
// registry := cdi.GetRegistry()
|
||||||
// spec := &specs.Spec{
|
// spec := &specs.Spec{
|
||||||
// Version: specs.CurrentVersion,
|
// Version: specs.CurrentVersion,
|
||||||
// Kind: vendor+"/"+class,
|
// Kind: vendor+"/"+class,
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// for _, dev := range enumerateDevices() {
|
// for _, dev := range enumerateDevices() {
|
||||||
// spec.Devices = append(spec.Devices, specs.Device{
|
// spec.Devices = append(spec.Devices, specs.Device{
|
||||||
// Name: dev.Name,
|
// Name: dev.Name,
|
||||||
// ContainerEdits: getContainerEditsForDevice(dev),
|
// ContainerEdits: getContainerEditsForDevice(dev),
|
||||||
// })
|
// })
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// specName, err := cdi.GenerateNameForSpec(spec)
|
// specName, err := cdi.GenerateNameForSpec(spec)
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// return fmt.Errorf("failed to generate Spec name: %w", err)
|
// return fmt.Errorf("failed to generate Spec name: %w", err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// return registry.SpecDB().WriteSpec(spec, specName)
|
// return registry.SpecDB().WriteSpec(spec, specName)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// Similarly, generating and later cleaning up transient Spec files can be
|
// Similarly, generating and later cleaning up transient Spec files can be
|
||||||
// done with code fragments similar to the following. These transient Spec
|
// done with code fragments similar to the following. These transient Spec
|
||||||
@ -204,53 +206,55 @@
|
|||||||
// and removed once that container is removed.
|
// and removed once that container is removed.
|
||||||
//
|
//
|
||||||
// import (
|
// import (
|
||||||
// "fmt"
|
//
|
||||||
// ...
|
// "fmt"
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
// ...
|
||||||
// "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
|
// "tags.cncf.io/container-device-interface/specs-go"
|
||||||
|
// "tags.cncf.io/container-device-interface/pkg/cdi"
|
||||||
|
//
|
||||||
// )
|
// )
|
||||||
//
|
//
|
||||||
// func generateTransientSpec(ctr Container) error {
|
// func generateTransientSpec(ctr Container) error {
|
||||||
// registry := cdi.GetRegistry()
|
// registry := cdi.GetRegistry()
|
||||||
// devices := getContainerDevs(ctr, vendor, class)
|
// devices := getContainerDevs(ctr, vendor, class)
|
||||||
// spec := &specs.Spec{
|
// spec := &specs.Spec{
|
||||||
// Version: specs.CurrentVersion,
|
// Version: specs.CurrentVersion,
|
||||||
// Kind: vendor+"/"+class,
|
// Kind: vendor+"/"+class,
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// for _, dev := range devices {
|
// for _, dev := range devices {
|
||||||
// spec.Devices = append(spec.Devices, specs.Device{
|
// spec.Devices = append(spec.Devices, specs.Device{
|
||||||
// // the generated name needs to be unique within the
|
// // the generated name needs to be unique within the
|
||||||
// // vendor/class domain on the host/node.
|
// // vendor/class domain on the host/node.
|
||||||
// Name: generateUniqueDevName(dev, ctr),
|
// Name: generateUniqueDevName(dev, ctr),
|
||||||
// ContainerEdits: getEditsForContainer(dev),
|
// ContainerEdits: getEditsForContainer(dev),
|
||||||
// })
|
// })
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// // transientID is expected to guarantee that the Spec file name
|
// // transientID is expected to guarantee that the Spec file name
|
||||||
// // generated using <vendor, class, transientID> is unique within
|
// // generated using <vendor, class, transientID> is unique within
|
||||||
// // the host/node. If more than one device is allocated with the
|
// // the host/node. If more than one device is allocated with the
|
||||||
// // same vendor/class domain, either all generated Spec entries
|
// // same vendor/class domain, either all generated Spec entries
|
||||||
// // should go to a single Spec file (like in this sample snippet),
|
// // should go to a single Spec file (like in this sample snippet),
|
||||||
// // or transientID should be unique for each generated Spec file.
|
// // or transientID should be unique for each generated Spec file.
|
||||||
// transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
|
// transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
|
||||||
// specName, err := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
|
// specName, err := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// return fmt.Errorf("failed to generate Spec name: %w", err)
|
// return fmt.Errorf("failed to generate Spec name: %w", err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// return registry.SpecDB().WriteSpec(spec, specName)
|
// return registry.SpecDB().WriteSpec(spec, specName)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// func removeTransientSpec(ctr Container) error {
|
// func removeTransientSpec(ctr Container) error {
|
||||||
// registry := cdi.GetRegistry()
|
// registry := cdi.GetRegistry()
|
||||||
// transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
|
// transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
|
||||||
// specName := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
|
// specName := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
|
||||||
//
|
//
|
||||||
// return registry.SpecDB().RemoveSpec(specName)
|
// return registry.SpecDB().RemoveSpec(specName)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// CDI Spec Validation
|
// # CDI Spec Validation
|
||||||
//
|
//
|
||||||
// This package performs both syntactic and semantic validation of CDI
|
// This package performs both syntactic and semantic validation of CDI
|
||||||
// Spec file data when a Spec file is loaded via the registry or using
|
// Spec file data when a Spec file is loaded via the registry or using
|
@ -17,7 +17,7 @@
|
|||||||
package cdi
|
package cdi
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
|
"tags.cncf.io/container-device-interface/pkg/parser"
|
||||||
)
|
)
|
||||||
|
|
||||||
// QualifiedName returns the qualified name for a device.
|
// QualifiedName returns the qualified name for a device.
|
@ -19,8 +19,8 @@ package cdi
|
|||||||
import (
|
import (
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
|
||||||
oci "github.com/opencontainers/runtime-spec/specs-go"
|
oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
|
cdi "tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Registry keeps a cache of all CDI Specs installed or generated on
|
// Registry keeps a cache of all CDI Specs installed or generated on
|
@ -28,8 +28,8 @@ import (
|
|||||||
oci "github.com/opencontainers/runtime-spec/specs-go"
|
oci "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
"sigs.k8s.io/yaml"
|
"sigs.k8s.io/yaml"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/internal/validation"
|
"tags.cncf.io/container-device-interface/internal/validation"
|
||||||
cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
cdi "tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -21,8 +21,8 @@ import (
|
|||||||
|
|
||||||
"golang.org/x/mod/semver"
|
"golang.org/x/mod/semver"
|
||||||
|
|
||||||
"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
|
"tags.cncf.io/container-device-interface/pkg/parser"
|
||||||
cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
|
cdi "tags.cncf.io/container-device-interface/specs-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -1,4 +1,3 @@
|
|||||||
|
|
||||||
Apache License
|
Apache License
|
||||||
Version 2.0, January 2004
|
Version 2.0, January 2004
|
||||||
http://www.apache.org/licenses/
|
http://www.apache.org/licenses/
|
||||||
@ -176,7 +175,18 @@
|
|||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
Copyright 2014 Docker, Inc.
|
APPENDIX: How to apply the Apache License to your work.
|
||||||
|
|
||||||
|
To apply the Apache License to your work, attach the following
|
||||||
|
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||||
|
replaced with your own identifying information. (Don't include
|
||||||
|
the brackets!) The text should be enclosed in the appropriate
|
||||||
|
comment syntax for the file format. We also recommend that a
|
||||||
|
file or class name and description of purpose be included on the
|
||||||
|
same "printed page" as the copyright notice for easier
|
||||||
|
identification within third-party archives.
|
||||||
|
|
||||||
|
Copyright [yyyy] [name of copyright owner]
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
you may not use this file except in compliance with the License.
|
you may not use this file except in compliance with the License.
|
38
vendor/tags.cncf.io/container-device-interface/specs-go/oci.go
generated
vendored
Normal file
38
vendor/tags.cncf.io/container-device-interface/specs-go/oci.go
generated
vendored
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
package specs
|
||||||
|
|
||||||
|
import (
|
||||||
|
spec "github.com/opencontainers/runtime-spec/specs-go"
|
||||||
|
)
|
||||||
|
|
||||||
|
// ToOCI returns the opencontainers runtime Spec Hook for this Hook.
|
||||||
|
func (h *Hook) ToOCI() spec.Hook {
|
||||||
|
return spec.Hook{
|
||||||
|
Path: h.Path,
|
||||||
|
Args: h.Args,
|
||||||
|
Env: h.Env,
|
||||||
|
Timeout: h.Timeout,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ToOCI returns the opencontainers runtime Spec Mount for this Mount.
|
||||||
|
func (m *Mount) ToOCI() spec.Mount {
|
||||||
|
return spec.Mount{
|
||||||
|
Source: m.HostPath,
|
||||||
|
Destination: m.ContainerPath,
|
||||||
|
Options: m.Options,
|
||||||
|
Type: m.Type,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ToOCI returns the opencontainers runtime Spec LinuxDevice for this DeviceNode.
|
||||||
|
func (d *DeviceNode) ToOCI() spec.LinuxDevice {
|
||||||
|
return spec.LinuxDevice{
|
||||||
|
Path: d.Path,
|
||||||
|
Type: d.Type,
|
||||||
|
Major: d.Major,
|
||||||
|
Minor: d.Minor,
|
||||||
|
FileMode: d.FileMode,
|
||||||
|
UID: d.UID,
|
||||||
|
GID: d.GID,
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user