Kevin Klues
e4b9318de3
Only run gofmt over go files under pkg/ in CI
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:50:05 +00:00
Kevin Klues
aec9a28bc3
Push HookConfig and privileged flags down to getDevices() call
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:50:05 +00:00
Kevin Klues
2ae7cb07cf
Add ability to consider container mounts to generate nvidiaConfig
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:50:05 +00:00
Kevin Klues
da36874e91
Add new config options to pull device list from mounted files not ENVVAR
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:50:05 +00:00
Kevin Klues
b9ef2db205
Remove unnecessary files from version control
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:50:05 +00:00
Kevin Klues
da6fbb343a
Revert "Add ability to merge envars of the form NVIDIA_VISIBLE_DEVICES_*"
...
This reverts commit 01b4381282
.
2020-07-24 12:50:05 +00:00
Kevin Klues
647a805341
Merge branch 'upstream-add-ci-tests' into 'master'
...
Add common CI tests for things like golint, gofmt, unit tests, etc.
See merge request nvidia/container-toolkit/container-toolkit!16
2020-07-24 12:39:45 +00:00
Kevin Klues
fe65573bdf
Add common CI tests for things like golint, gofmt, unit tests, etc
...
This commit also fixes the minor issues uncovered while running these
tests locally.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:14:26 +00:00
Kevin Klues
a7fb33301c
Flip build-all targets to run automatically on merge requests
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 12:14:26 +00:00
Kevin Klues
8b248b6631
Rename github.com/NVIDIA/container-toolkit to nvidia-container-toolkit
...
The repo name on github recently changed, so all references here should
as well.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-24 11:40:45 +00:00
Kevin Klues
d10144b3b1
Merge branch 'upstream-add-ngx-all-driver-caps' into 'master'
...
Add 'ngx' to list of *all* driver capabilities -- Prepare patch release for 1.2.1
See merge request nvidia/container-toolkit/container-toolkit!13
2020-07-22 15:21:11 +00:00
Kevin Klues
ba9758c7ff
Update changelogs for 1.2.1
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-22 13:41:44 +00:00
Kevin Klues
d467b87ef9
Bump version to 1.2.1
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-22 13:39:31 +00:00
Kevin Klues
2f4af74320
List config.toml as a config file in the RPM SPEC
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-22 13:39:22 +00:00
Kevin Klues
4e6e0ed4f1
Add 'ngx' to list of *all* driver capabilities
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-22 13:29:39 +00:00
Kevin Klues
7ec9e84369
Merge branch 'upstream-bump-v1.2.0' into 'master'
...
Bump to version 1.2.0
See merge request nvidia/container-toolkit/container-toolkit!12
2020-07-08 20:29:41 +00:00
Kevin Klues
023af3729f
Update changelogs for 1.2.0
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-08 18:11:44 +00:00
Kevin Klues
a63bef2281
Bump version to 1.2.0
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-08 16:22:01 +00:00
Kevin Klues
320bb6e4dc
Update dependence on libnvidia-container to 1.2.0
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-08 16:22:01 +00:00
Kevin Klues
8e0aab4607
Fix repo listed in changelog for debian distributions
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-07-08 16:22:01 +00:00
Kevin Klues
ad7d3dda83
Merge branch 'upstream-add-ngx' into 'master'
...
Add the 'ngx' driver capability
See merge request nvidia/container-toolkit/container-toolkit!11
2020-06-24 18:35:52 +00:00
Kevin Klues
d3aee3e092
Add the 'ngx' driver capability
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-06-24 17:53:42 +00:00
Renaud Gaubert
e7dc3cbbab
Fix debian copyright file
...
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
2020-06-10 21:29:39 +00:00
Renaud Gaubert
0d0f3bfa56
Merge branch 'license' into 'master'
...
Update package license to match source license
See merge request nvidia/container-toolkit/container-toolkit!10
2020-06-10 19:25:50 +00:00
Renaud Gaubert
6cfc80975c
Update package license to match source license
...
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
2020-06-09 03:03:27 +00:00
Kevin Klues
d112fbd98a
Merge branch 'upstream-fix-for-oci-1.0.0-rc2' into 'master'
...
Add support for parsing Linux Capabilities for older OCI specs
See merge request nvidia/container-toolkit/container-toolkit!9
2020-06-03 22:35:58 +00:00
Kevin Klues
9d66665d4b
Update for patch release 1.1.2
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-06-03 21:26:25 +00:00
Kevin Klues
c32237f39c
Add support for parsing Linux Capabilities for older OCI specs
...
This was added to fix a regression with support for the default runc
shipped with CentOS 7.
The version of runc that is installed by default on CentOS 7 is
1.0.0-rc2 which uses OCI spec 1.0.0-rc2-dev.
This is a prerelease of the OCI spec, which defines the capabilities
section of a process configuration to be a flat list of capabilities
(e.g. SYS_ADMIN, SYS_PTRACE, SYS_RAWIO, etc.)
https://github.com/opencontainers/runtime-spec/blob/v1.0.0-rc2/config.md#process-configuration
By the time the official 1.0.0 version of the OCI spec came out, the
capabilities section of a process configuration was expanded to include
embedded fields for effective, bounding, inheritable, permitted and
ambient (each of which can contain a flat list of capabilities of the
form SYS_ADMIN, SYS_PTRACE, SYS_RAWIO, etc.)
https://github.com/opencontainers/runtime-spec/blob/v1.0.0/config.md#linux-process
Previously, we only inspected the capabilities section of a process
configuration assuming it was in the format of OCI spec 1.0.0.
This patch makes sure we can parse the capaibilites in either format.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-06-03 21:25:13 +00:00
Kevin Klues
39a985ce96
Update vendored packages
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-06-03 21:25:13 +00:00
Renaud Gaubert
809dd1855a
Merge branch 'upstream-patch-1.1.1' into 'master'
...
Update for patch release 1.1.1
See merge request nvidia/container-toolkit/container-toolkit!8
2020-05-19 19:51:44 +00:00
Kevin Klues
ffa82d90b4
Update changelog for 1.1.1
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-19 14:55:40 +00:00
Kevin Klues
d202adedec
Update version to 1.1.1
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-19 14:04:59 +00:00
Kevin Klues
8f74fabc83
Update dependence on libnvidia-container to 1.1.1
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-19 14:04:29 +00:00
Kevin Klues
9c2c610fcd
Update changelog for 1.1.0 release
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-18 13:21:14 +02:00
Renaud Gaubert
976428af2c
Merge branch '1.1.0-staging' into 'master'
...
1.1.0 staging
See merge request nvidia/container-toolkit/container-toolkit!7
2020-05-15 19:39:41 +00:00
Kevin Klues
2c15e81822
Bump version to 1.1.0
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-15 21:34:41 +02:00
Kevin Klues
fcc1d116f0
Merge branch 'internal-add-mig-config-monitor' into 'master'
...
Add support for mig-config and mig-monitor as privileged capabilities
See merge request dl/container-dev/nvidia-container-toolkit!3
2020-05-15 19:04:10 +00:00
Renaud Gaubert
d4ff0416d8
Merge branch 'add-mergeable-visible-devices-envvar' into 'master'
...
Add ability to merge envars of the form NVIDIA_VISIBLE_DEVICES_*
See merge request dl/container-dev/nvidia-container-toolkit!2
2020-05-15 19:04:10 +00:00
Kevin Klues
8f387816bc
Add support for mig-config and mig-monitor as privileged flags
...
These flags can only be injected into priviliged containers. If the
container is unpriviliged, and one of these flags is specified, then we
exit with an error.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-15 19:04:10 +00:00
Kevin Klues
05012e7b7f
Extend fields we inspect in the runc spec to include linux capabilities
...
This also includes a helper to look through the capabilities contained
in the spec to determine if the container is privileged or not.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-15 19:04:10 +00:00
Kevin Klues
01b4381282
Add ability to merge envars of the form NVIDIA_VISIBLE_DEVICES_*
...
This allows someone to (for example) pass the following environment
variables:
NVIDIA_VISIBLE_DEVICES_0="0,1"
NVIDIA_VISIBLE_DEVICES_1="2,3"
NVIDIA_VISIBLE_DEVICES_WHATEVER="4,5"
and have the nvidia-container-toolkit automatically merge these into:
NVIDIA_VISIBLE_DEVICES="0,1,2,3,4,5"
This is useful (for example) if the full list of devices comes
from multiple, disparate sources.
Note: This will override whatever the original value of
NVIDIA_VISIBLE_DEVICES was (*excluding* its original value) if it also
exists as an environment variable already. We exclude the original value
to ensure that we have a way to override the default value of
NVIDIA_VISIBLE_DEVICES set to "all" inside a container image.
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-15 19:04:05 +00:00
Renaud Gaubert
4e4de762b7
Merge branch 'upstream-cross-build' into 'master'
...
Update build system to match libnvidia-container
See merge request nvidia/container-toolkit/container-toolkit!6
2020-05-15 18:10:57 +00:00
Kevin Klues
6589f9f28d
Update .gitlab-ci.yml to match that of libnvidia-container
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-14 21:42:14 +02:00
Kevin Klues
3353d7530c
Update build system to match libnvidia-container
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2020-05-14 19:27:57 +00:00
Renaud Gaubert
f7a19bb301
Split docker targets into the docker.mk file
...
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
2020-04-11 17:20:28 -07:00
Renaud Gaubert
87c8a868f9
Add binary target and use go mod
...
Signed-off-by: Renaud Gaubert <rgaubert@nvidia.com>
2020-04-11 17:18:14 -07:00
Renaud Gaubert
60f165ad69
Merge branch 'toolkit_no_pivot' into 'master'
...
add no-pivot option to toolkit
See merge request nvidia/container-toolkit/toolkit!3
2020-02-01 01:17:49 +00:00
Kathryn Baldauf
5beddd6705
add no-pivot option to toolkit
...
Signed-off-by: Kathryn Baldauf <kabaldau@microsoft.com>
2020-01-31 16:43:41 -08:00
Jon Mayo
2155c2d587
Merge branch 'cleanup-driver-caps' into 'master'
...
Cleanup naming of constants and functions
See merge request nvidia/container-toolkit/toolkit!2
2019-12-20 17:24:26 +00:00
Kevin Klues
c84d80d5ea
Make all references to 'Capabilities' explicit to 'DriverCapabilities'
...
Signed-off-by: Kevin Klues <kklues@nvidia.com>
2019-12-20 16:27:56 +00:00