diff --git a/archive/tar_opts_windows.go b/archive/tar_opts_windows.go index 567a3c35209a..3ec253f4970e 100644 --- a/archive/tar_opts_windows.go +++ b/archive/tar_opts_windows.go @@ -22,6 +22,7 @@ import ( "github.com/Microsoft/go-winio" "github.com/Microsoft/hcsshim/pkg/ociwclayer" + ocicimlayer "github.com/Microsoft/hcsshim/pkg/ociwclayer/cim" ) // applyWindowsLayer applies a tar stream of an OCI style diff tar of a Windows layer @@ -77,3 +78,16 @@ func WithParentLayers(p []string) WriteDiffOpt { return nil } } + +func applyWindowsCimLayer(ctx context.Context, root string, r io.Reader, options ApplyOptions) (size int64, err error) { + return ocicimlayer.ImportCimLayerFromTar(ctx, r, root, options.Parents) +} + +// AsCimContainerLayer indicates that the tar stream to apply is that of a Windows container Layer written in +// the cim format. +func AsCimContainerLayer() ApplyOpt { + return func(options *ApplyOptions) error { + options.applyFunc = applyWindowsCimLayer + return nil + } +} diff --git a/diff/windows/cimfs.go b/diff/windows/cimfs.go new file mode 100644 index 000000000000..fb1441d25e59 --- /dev/null +++ b/diff/windows/cimfs.go @@ -0,0 +1,111 @@ +//go:build windows +// +build windows + +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package windows + +import ( + "context" + "fmt" + + "github.com/Microsoft/hcsshim/pkg/cimfs" + "github.com/containerd/containerd/v2/archive" + "github.com/containerd/containerd/v2/content" + "github.com/containerd/containerd/v2/diff" + "github.com/containerd/containerd/v2/errdefs" + "github.com/containerd/containerd/v2/metadata" + "github.com/containerd/containerd/v2/mount" + "github.com/containerd/containerd/v2/platforms" + "github.com/containerd/containerd/v2/plugins" + "github.com/containerd/plugin" + "github.com/containerd/plugin/registry" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +func init() { + registry.Register(&plugin.Registration{ + Type: plugins.DiffPlugin, + ID: "cimfs", + Requires: []plugin.Type{ + plugins.MetadataPlugin, + }, + InitFn: func(ic *plugin.InitContext) (interface{}, error) { + md, err := ic.GetSingle(plugins.MetadataPlugin) + if err != nil { + return nil, err + } + + if !cimfs.IsCimFSSupported() { + return nil, fmt.Errorf("host windows version doesn't support CimFS") + } + ic.Meta.Platforms = append(ic.Meta.Platforms, platforms.DefaultSpec()) + return NewCimDiff(md.(*metadata.DB).ContentStore()) + }, + }) +} + +// cimDiff does filesystem comparison and application +// for CimFS specific layer diffs. +type cimDiff struct { + store content.Store +} + +// NewCimDiff is the Windows cim container layer implementation +// for comparing and applying filesystem layers +func NewCimDiff(store content.Store) (CompareApplier, error) { + return cimDiff{ + store: store, + }, nil +} + +// Apply applies the content associated with the provided digests onto the +// provided mounts. Archive content will be extracted and decompressed if +// necessary. +func (c cimDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts []mount.Mount, opts ...diff.ApplyOpt) (d ocispec.Descriptor, err error) { + layer, parentLayerPaths, err := cimMountsToLayerAndParents(mounts) + if err != nil { + return emptyDesc, err + } + return applyDiffCommon(ctx, c.store, desc, layer, parentLayerPaths, archive.AsCimContainerLayer(), opts...) +} + +// Compare creates a diff between the given mounts and uploads the result +// to the content store. +func (c cimDiff) Compare(ctx context.Context, lower, upper []mount.Mount, opts ...diff.Opt) (d ocispec.Descriptor, err error) { + // support for generating layer diff of cimfs layers will be added later. + return emptyDesc, errdefs.ErrNotImplemented +} + +func cimMountsToLayerAndParents(mounts []mount.Mount) (string, []string, error) { + if len(mounts) != 1 { + return "", nil, fmt.Errorf("%w: number of mounts should always be 1 for Windows layers", errdefs.ErrInvalidArgument) + } + mnt := mounts[0] + if mnt.Type != "CimFS" { + // This is a special case error. When this is received the diff service + // will attempt the next differ in the chain. + return "", nil, errdefs.ErrNotImplemented + } + + parentLayerPaths, err := mnt.GetParentPaths() + if err != nil { + return "", nil, err + } + + return mnt.Source, parentLayerPaths, nil +} diff --git a/diff/windows/windows.go b/diff/windows/windows.go index 632eb9e68d2e..93d00be102fe 100644 --- a/diff/windows/windows.go +++ b/diff/windows/windows.go @@ -88,10 +88,8 @@ func NewWindowsDiff(store content.Store) (CompareApplier, error) { }, nil } -// Apply applies the content associated with the provided digests onto the -// provided mounts. Archive content will be extracted and decompressed if -// necessary. -func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts []mount.Mount, opts ...diff.ApplyOpt) (d ocispec.Descriptor, err error) { +// applyDiffCommon is a common function that is called by both windows & cimfs differs. +func applyDiffCommon(ctx context.Context, store content.Store, desc ocispec.Descriptor, layerPath string, parentLayerPaths []string, applyOpt archive.ApplyOpt, opts ...diff.ApplyOpt) (d ocispec.Descriptor, err error) { t1 := time.Now() defer func() { if err == nil { @@ -111,7 +109,7 @@ func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts } } - ra, err := s.store.ReaderAt(ctx, desc) + ra, err := store.ReaderAt(ctx, desc) if err != nil { return emptyDesc, fmt.Errorf("failed to get reader from content store: %w", err) } @@ -133,26 +131,13 @@ func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts r: io.TeeReader(processor, digester.Hash()), } - layer, parentLayerPaths, err := mountsToLayerAndParents(mounts) - if err != nil { - return emptyDesc, err - } - - // TODO darrenstahlmsft: When this is done isolated, we should disable these. - // it currently cannot be disabled, unless we add ref counting. Since this is - // temporary, leaving it enabled is OK for now. - // https://github.com/containerd/containerd/issues/1681 - if err := winio.EnableProcessPrivileges([]string{winio.SeBackupPrivilege, winio.SeRestorePrivilege}); err != nil { - return emptyDesc, err - } - archiveOpts := []archive.ApplyOpt{ archive.WithParents(parentLayerPaths), - archive.AsWindowsContainerLayer(), archive.WithNoSameOwner(), // Lchown is not supported on Windows + applyOpt, } - if _, err := archive.Apply(ctx, layer, rc, archiveOpts...); err != nil { + if _, err := archive.Apply(ctx, layerPath, rc, archiveOpts...); err != nil { return emptyDesc, err } @@ -168,6 +153,26 @@ func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts }, nil } +// Apply applies the content associated with the provided digests onto the +// provided mounts. Archive content will be extracted and decompressed if +// necessary. +func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts []mount.Mount, opts ...diff.ApplyOpt) (d ocispec.Descriptor, err error) { + layer, parentLayerPaths, err := mountsToLayerAndParents(mounts) + if err != nil { + return emptyDesc, err + } + + // TODO darrenstahlmsft: When this is done isolated, we should disable these. + // it currently cannot be disabled, unless we add ref counting. Since this is + // temporary, leaving it enabled is OK for now. + // https://github.com/containerd/containerd/issues/1681 + if err := winio.EnableProcessPrivileges([]string{winio.SeBackupPrivilege, winio.SeRestorePrivilege}); err != nil { + return emptyDesc, err + } + + return applyDiffCommon(ctx, s.store, desc, layer, parentLayerPaths, archive.AsWindowsContainerLayer(), opts...) +} + // Compare creates a diff between the given mounts and uploads the result // to the content store. func (s windowsDiff) Compare(ctx context.Context, lower, upper []mount.Mount, opts ...diff.Opt) (d ocispec.Descriptor, err error) { diff --git a/go.mod b/go.mod index 2f87aab137ca..ccb2ce9d86ee 100644 --- a/go.mod +++ b/go.mod @@ -7,8 +7,7 @@ require ( github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 github.com/Microsoft/go-winio v0.6.1 - github.com/Microsoft/hcsshim v0.12.0-rc.1 - github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3 + github.com/Microsoft/hcsshim v0.12.0-rc.2 github.com/container-orchestrated-devices/container-device-interface v0.6.1 github.com/containerd/btrfs/v2 v2.0.0 github.com/containerd/cgroups/v3 v3.0.2 @@ -30,9 +29,9 @@ require ( github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c github.com/docker/go-metrics v0.0.1 github.com/docker/go-units v0.5.0 - github.com/fsnotify/fsnotify v1.7.0 + github.com/fsnotify/fsnotify v1.6.0 github.com/google/go-cmp v0.6.0 - github.com/google/uuid v1.5.0 + github.com/google/uuid v1.3.1 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 github.com/intel/goresctrl v0.5.0 diff --git a/go.sum b/go.sum index a59c54696ee8..5892f27830ce 100644 --- a/go.sum +++ b/go.sum @@ -1,250 +1,90 @@ -bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= +cloud.google.com/go v0.26.0 h1:e0WKqKTd5BnrG8aKH3J3h+QvEIQtSUcf2n5UZ5ZgLtQ= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= -cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= -cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= -cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= -cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= -cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= -cloud.google.com/go v0.54.0 h1:3ithwDMr7/3vpAMXiH+ZQnYbuIsh+OPhUPMFC9enmn0= -cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= -cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= -cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= -cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= -cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= -cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= -cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= -cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= -cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 h1:59MxjQVfjXsBpLy+dbd2/ELV5ofnUkUZBvWSC85sheA= github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= -github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= -github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= -github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= -github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= -github.com/Microsoft/hcsshim v0.12.0-rc.1 h1:Hy+xzYujv7urO5wrgcG58SPMOXNLrj4WCJbySs2XX/A= -github.com/Microsoft/hcsshim v0.12.0-rc.1/go.mod h1:Y1a1S0QlYp1mBpyvGiuEdOfZqnao+0uX5AWHXQ5NhZU= -github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3 h1:4FA+QBaydEHlwxg0lMN3rhwoDaQy6LKhVWR4qvq4BuA= -github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= -github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= +github.com/Microsoft/hcsshim v0.12.0-rc.2 h1:gfKebjq3Mq17Ys+4cjE8vc2h6tZVeqCGb9a7vBVqpAk= +github.com/Microsoft/hcsshim v0.12.0-rc.2/go.mod h1:G2TZhBED5frlh/hsuxV5CDh/ylkSFknPAMPpQg9owQw= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= -github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc= -github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.9.1 h1:64sn2K3UKw8NbP/blsixRpF3nXuyhz/VjRlRzvlBRu4= github.com/cilium/ebpf v0.9.1/go.mod h1:+OhNOIXx/Fnu1IE8bJz2dzOA+VSfyTfdNUVdlQnxUFY= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/container-orchestrated-devices/container-device-interface v0.6.1 h1:mz77uJoP8im/4Zins+mPqt677ZMaflhoGaYrRAl5jvA= github.com/container-orchestrated-devices/container-device-interface v0.6.1/go.mod h1:40T6oW59rFrL/ksiSs7q45GzjGlbvxnA4xaK6cyq+kA= -github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= -github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= github.com/containerd/btrfs/v2 v2.0.0 h1:FN4wsx7KQrYoLXN7uLP0vBV4oVWHOIKDRQ1G2Z0oL5M= github.com/containerd/btrfs/v2 v2.0.0/go.mod h1:swkD/7j9HApWpzl8OHfrHNxppPd9l44DFZdF94BUj9k= -github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM= -github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= -github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups/v3 v3.0.2 h1:f5WFqIVSgo5IZmtTT3qVBo6TzI1ON6sycSBKkymb9L0= github.com/containerd/cgroups/v3 v3.0.2/go.mod h1:JUgITrzdFqp42uI2ryGA+ge0ap/nxzYgkGmIcetmErE= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= -github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= -github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= github.com/containerd/containerd v1.7.8 h1:RkwgOW3AVUT3H/dyT0W03Dc8AzlpMG65lX48KftOFSM= github.com/containerd/containerd v1.7.8/go.mod h1:L/Hn9qylJtUFT7cPeM0Sr3fATj+WjHwRQ0lyrYk3OPY= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo= -github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7bEZ9Su8= github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= -github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= -github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= github.com/containerd/fifo v1.1.0 h1:4I2mbh5stb1u6ycIABlBw9zgtlK8viPI9QkQNRQEEmY= github.com/containerd/fifo v1.1.0/go.mod h1:bmC4NWMbXlt2EZ0Hc7Fx7QzTFxgPID13eH0Qu+MAb2o= -github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= github.com/containerd/go-cni v1.1.9 h1:ORi7P1dYzCwVM6XPN4n3CbkuOx/NZ2DOqy+SHRdo9rU= github.com/containerd/go-cni v1.1.9/go.mod h1:XYrZJ1d5W6E2VOvjffL3IZq0Dz6bsVlERHbekNK90PM= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= github.com/containerd/go-runc v1.1.0 h1:OX4f+/i2y5sUT7LhmcJH7GYrjjhHa1QI4e8yO0gGleA= github.com/containerd/go-runc v1.1.0/go.mod h1:xJv2hFF7GvHtTJd9JqTS2UVxMkULUYw4JN5XAUZqH5U= -github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.5.0 h1:bwCtKpi8i5FCA8g8WjIZNod91CEfIloYpV0+TH2prnQ= github.com/containerd/nri v0.5.0/go.mod h1:qIu2NlP3r/qK4YGnNuQf0De4VPqQWP2i2CVBfAZbGzg= github.com/containerd/plugin v0.0.0-20231101173250-7ec69893e1e7 h1:MUbtIMHEcMzj+8mPgHd5ett0WVbY/KYHa5tMvFs5Ejs= github.com/containerd/plugin v0.0.0-20231101173250-7ec69893e1e7/go.mod h1:j6HlpMtkiZMgT4UsfVNxPBUkwdw9KQGU6nCLfRxnq+w= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.2.2 h1:9vqZr0pxwOF5koz6N0N3kJ0zDHokrcPxIR/ZR2YFtOs= github.com/containerd/ttrpc v1.2.2/go.mod h1:sIT6l32Ph/H9cvnJsfXM5drIVzTr5A2flTf1G5tYZak= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= -github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= github.com/containerd/typeurl/v2 v2.1.1 h1:3Q4Pt7i8nYwy2KmQWIw2+1hTvwTE/6w9FqcttATPO/4= github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= -github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= -github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= -github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl31EQbXALQ= github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= -github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7wwSv9iTbXzzic= github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0= -github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= -github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= -github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= -github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= -github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= -github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful/v3 v3.10.2 h1:hIovbnmBTLjHXkqEBUz3HGpXZdM7ZrE9fJIZIqlJLqE= github.com/emicklei/go-restful/v3 v3.10.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -252,86 +92,46 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.14.0 h1:+cqqvzZV87b4adx/5ayVOaYZ2CrvM4ejQvUdBzPPUss= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= -github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= -github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= -github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= -github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= -github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= -github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= @@ -344,145 +144,81 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= -github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20230323073829-e72429f035bd h1:r8yyd+DJDmsUhGrRBxH5Pj7KeFK5l+Y3FsgT8keqKtk= -github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= -github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= -github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI= github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 h1:dygLcbEBA+t/P7ck6a8AkXv6juQ4cK0RHBoh32jxhHM= github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2/go.mod h1:Ap9RLCIJVtgQg1/BBgVEfypOAySvvlcpcVQkSzJCH4Y= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/intel/goresctrl v0.5.0 h1:kcDhjE3ZF/mNrJuRzLS3LY2Hp6atFaF1XVFBT7SVL2g= github.com/intel/goresctrl v0.5.0/go.mod h1:mIe63ggylWYr0cU/l8n11FAkesqfvuP3oktIsxvu0T0= -github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= -github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.7.1 h1:/tTvQaSJRr2FshkhXiIpux6fQ2Zvc4j7tAhMTStAG2g= github.com/moby/sys/mountinfo v0.7.1/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc= github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= github.com/moby/sys/signal v0.7.0 h1:25RW3d5TnQEoKvRbEKUGay6DCQ46IxAVTT9CUMgmsSI= github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= -github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= github.com/moby/sys/symlink v0.2.0 h1:tk1rOM+Ljp0nFmfOIBtlV3rTDlWOwFRhjEeAhZB0nZc= github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= github.com/moby/sys/user v0.1.0 h1:WmZ93f5Ux6het5iituh9x2zAG7NFY9Aqi49jjE1PaQg= github.com/moby/sys/user v0.1.0/go.mod h1:fKJhFOnsCN6xZ5gSfbM6zaHGgDJMrqt9/reuj4T7MmU= -github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -491,209 +227,108 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= -github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= -github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= -github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20220825212826-86290f6a00fb/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4 h1:EctkgBjZ1y4q+sibyuuIgiKpa0QSd2elFtSSdNvBVow= github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 h1:DmNGcqH3WDbV5k8OJ+esPWbqUOX5rMLR2PMvziDMJi0= github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626/go.mod h1:BRHJJd0E+cx42OybVYSgUvZmU0B8P9gZuRXlZUP7TKI= -github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 h1:v7DLqVdK4VrYkVD5diGdl4sxJurKJEMnODWRJlxV9oM= github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI= github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.19.1/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= -github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.14 h1:ebbhrRiGK2i4naQJr+1Xj92HXZCrK7MsyTS/ob3HnAk= github.com/urfave/cli v1.22.14/go.mod h1:X0eDS6pD6Exaclxm99NJ3FiCDRED7vIHpx2mDOHLvkA= -github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.2.1-beta.2 h1:Llsql0lnQEbHj0I1OuKyp8otXp0r3q0mPkuhwHfStVs= github.com/vishvananda/netlink v1.2.1-beta.2/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= -github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= -github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8= github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= -github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= -github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/bbolt v1.3.8 h1:xs88BrvEv273UsB79e0hcVrlUWmS0a8upikMFhSyAtA= go.etcd.io/bbolt v1.3.8/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= -go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= -go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0 h1:RsQi0qJ2imFfCvZabqzM9cNXBG8k6gXMv1A0cXRmH6A= @@ -716,55 +351,21 @@ go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1 go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= -golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= @@ -773,55 +374,29 @@ golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -830,57 +405,22 @@ golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -889,6 +429,7 @@ golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= @@ -897,60 +438,22 @@ golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9sn golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -961,67 +464,26 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= -google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= -google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= -google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= -google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 h1:SeZZZx0cP0fqUyA+oRzP9k7cSwJlvDFiROO72uwD6i0= google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 h1:W18sezcAYs+3tDZX4F80yctqa12jcP1PUS2gQu1zTPU= google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97/go.mod h1:iargEX0SFPm3xcfMI0d1domjg0ZF4Aa0p2awqyxhvF0= google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 h1:6GQBEOdGkX6MMTLT9V+TjtIRZCw9VPD5Z+yHY9wMgS0= google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= -google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= @@ -1033,36 +495,23 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= @@ -1071,56 +520,30 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= -k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8= k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg= -k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.28.2 h1:rBeYkLvF94Nku9XfXyUIirsVzCzJBs6jMn3NWeHieyI= k8s.io/apiserver v0.28.2/go.mod h1:f7D5e8wH8MWcKD7azq6Csw9UN+CjdtXIVQUyUhrtb+E= -k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= -k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo= k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU= -k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= -k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.28.2 h1:RzDo9YY9tkWhAx9/UZEcn6ug1WcvDhU3eA1YLevFreI= k8s.io/cri-api v0.28.2/go.mod h1:xXygwvSOGcT/2KXg8sMYTHns2xFem3949kCQn5IS1k4= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= k8s.io/kubelet v0.28.2 h1:wqe5zKtVhNWwtdABU0mpcWVe8hc6VdVvs2kqQridZRw= k8s.io/kubelet v0.28.2/go.mod h1:rvd0e7T5TjPcfZvy62P90XhFzp0IhPIOy+Pqy3Rtipo= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= -rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/integration/client/client_windows_test.go b/integration/client/client_windows_test.go index 65856035f89b..3a5c60ca0199 100644 --- a/integration/client/client_windows_test.go +++ b/integration/client/client_windows_test.go @@ -22,7 +22,6 @@ import ( "path/filepath" "github.com/Microsoft/hcsshim/osversion" - _ "github.com/Microsoft/hcsshim/test/functional/manifest" // For rsrc_amd64.syso ) //nolint:unused // some variables used for fuzz diff --git a/pkg/cri/server/container_create_windows.go b/pkg/cri/server/container_create_windows.go index ee41b819939a..d4f866c2430e 100644 --- a/pkg/cri/server/container_create_windows.go +++ b/pkg/cri/server/container_create_windows.go @@ -36,7 +36,7 @@ func snapshotterOpts(snapshotterName string, config *runtime.ContainerConfig) ([ var opts []snapshots.Opt switch snapshotterName { - case "windows": + case "windows", "cimfs": rootfsSize := config.GetWindows().GetResources().GetRootfsSizeInBytes() if rootfsSize != 0 { labels := map[string]string{ diff --git a/script/setup/runhcs-version b/script/setup/runhcs-version index fbd75a06a14a..5bb01dd60d2f 100644 --- a/script/setup/runhcs-version +++ b/script/setup/runhcs-version @@ -1 +1 @@ -v0.12.0-rc.0 +v0.12.0-rc.2 diff --git a/snapshots/windows/cimfs.go b/snapshots/windows/cimfs.go new file mode 100644 index 000000000000..27adfe68134e --- /dev/null +++ b/snapshots/windows/cimfs.go @@ -0,0 +1,217 @@ +//go:build windows +// +build windows + +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package windows + +import ( + "context" + "fmt" + "os" + "path/filepath" + "strings" + + "github.com/Microsoft/hcsshim" + "github.com/Microsoft/hcsshim/pkg/cimfs" + cimlayer "github.com/Microsoft/hcsshim/pkg/ociwclayer/cim" + "github.com/containerd/containerd/v2/errdefs" + "github.com/containerd/containerd/v2/mount" + "github.com/containerd/containerd/v2/platforms" + "github.com/containerd/containerd/v2/plugins" + "github.com/containerd/containerd/v2/snapshots" + "github.com/containerd/containerd/v2/snapshots/storage" + "github.com/containerd/log" + "github.com/containerd/plugin" + "github.com/containerd/plugin/registry" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// Composite image FileSystem (CimFS) is a new read-only filesystem (similar to overlayFS on Linux) created +// specifically for storing container image layers on windows. cimFSSnapshotter is a snapshotter that uses +// CimFS to create read-only parent layer snapshots. Each snapshot is represented by a `.cim` +// file and some other files (region & objectid files) which hold contents of that snapshot. Once a cim file for a layer is created it +// can only be used as a read-only layer by mounting it to a volume. Hence, CimFs will not be used when we are +// creating writable layers for container scratch and such. (However, in the future scratch layer of a container can be +// exported to a cim layer and then be used as a parent layer for another container). +type cimFSSnapshotter struct { + *windowsBaseSnapshotter + // cimDir is the path to the directory which holds all of the layer cim files. CimFS needs all the + // layer cim files to be present in the same directory. Hence, cim files of all the snapshots (even if + // they are of different images) will be kept in the same directory. + cimDir string +} + +func init() { + registry.Register(&plugin.Registration{ + Type: plugins.SnapshotPlugin, + ID: "cimfs", + InitFn: func(ic *plugin.InitContext) (interface{}, error) { + ic.Meta.Platforms = []ocispec.Platform{platforms.DefaultSpec()} + return NewCimFSSnapshotter(ic.Properties[plugins.PropertyRootDir]) + }, + }) +} + +// NewCimFSSnapshotter returns a new CimFS based windows snapshotter +func NewCimFSSnapshotter(root string) (snapshots.Snapshotter, error) { + if !cimfs.IsCimFSSupported() { + return nil, fmt.Errorf("host windows version doesn't support CimFS") + } + + baseSn, err := newBaseSnapshotter(root) + if err != nil { + return nil, err + } + + return &cimFSSnapshotter{ + windowsBaseSnapshotter: baseSn, + cimDir: filepath.Join(baseSn.info.HomeDir, "cim-layers"), + }, nil +} + +// getCimLayerPath returns the path of the cim file for the given snapshot. Note that this function doesn't +// actually check if the cim layer exists it simply does string manipulation to generate the path isCimLayer +// can be used to verify if it is actually a cim layer. +func getCimLayerPath(cimDir, snID string) string { + return filepath.Join(cimDir, (snID + ".cim")) +} + +// isCimLayer checks if the snapshot referred by the given key is actually a cim layer. With CimFS +// snapshotter all the read-only (i.e image) layers are stored in the cim format while we still use VHDs for +// scratch layers. +func (s *cimFSSnapshotter) isCimLayer(ctx context.Context, key string) (bool, error) { + id, _, _, err := storage.GetInfo(ctx, key) + if err != nil { + return false, fmt.Errorf("get snapshot info: %w", err) + } + snCimPath := getCimLayerPath(s.cimDir, id) + if _, err := os.Stat(snCimPath); err != nil { + if os.IsNotExist(err) { + return false, nil + } + return false, err + } + return true, nil +} + +func (s *cimFSSnapshotter) Usage(ctx context.Context, key string) (snapshots.Usage, error) { + baseUsage, err := s.windowsBaseSnapshotter.Usage(ctx, key) + if err != nil { + return snapshots.Usage{}, err + } + + ctx, t, err := s.ms.TransactionContext(ctx, false) + if err != nil { + return snapshots.Usage{}, err + } + defer t.Rollback() + + id, _, _, err := storage.GetInfo(ctx, key) + if err != nil { + return snapshots.Usage{}, fmt.Errorf("failed to get snapshot info: %w", err) + } + + if ok, err := s.isCimLayer(ctx, key); err != nil { + return snapshots.Usage{}, err + } else if ok { + cimUsage, err := cimfs.GetCimUsage(ctx, getCimLayerPath(s.cimDir, id)) + if err != nil { + return snapshots.Usage{}, err + } + baseUsage.Size += int64(cimUsage) + } + return baseUsage, nil +} + +func (s *cimFSSnapshotter) Prepare(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { + m, err := s.createSnapshot(ctx, snapshots.KindActive, key, parent, opts) + if err != nil { + return m, err + } + m[0].Type = "CimFS" + return m, nil +} + +func (s *cimFSSnapshotter) View(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { + m, err := s.createSnapshot(ctx, snapshots.KindView, key, parent, opts) + if err != nil { + return m, err + } + m[0].Type = "CimFS" + return m, nil +} + +func (s *cimFSSnapshotter) Mounts(ctx context.Context, key string) ([]mount.Mount, error) { + mounts, err := s.windowsBaseSnapshotter.Mounts(ctx, key) + if err != nil { + return nil, err + } + mounts[0].Type = "CimFS" + return mounts, nil +} + +func (s *cimFSSnapshotter) Commit(ctx context.Context, name, key string, opts ...snapshots.Opt) error { + if !strings.Contains(key, snapshots.UnpackKeyPrefix) { + return fmt.Errorf("committing a scratch snapshot to read-only cim layer isn't supported yet") + } + + return s.ms.WithTransaction(ctx, true, func(ctx context.Context) error { + usage, err := s.Usage(ctx, key) + if err != nil { + return fmt.Errorf("failed to get usage during commit: %w", err) + } + if _, err := storage.CommitActive(ctx, key, name, usage, opts...); err != nil { + return fmt.Errorf("failed to commit snapshot: %w", err) + } + + return nil + }) +} + +// Remove abandons the transaction identified by key. All resources +// associated with the key will be removed. +func (s *cimFSSnapshotter) Remove(ctx context.Context, key string) error { + var ID, renamedID string + + // collect original ID before preRemove + err := s.ms.WithTransaction(ctx, false, func(ctx context.Context) error { + var infoErr error + ID, _, _, infoErr = storage.GetInfo(ctx, key) + return infoErr + }) + if err != nil { + return fmt.Errorf("%w: failed to get snapshot info: %s", errdefs.ErrFailedPrecondition, err) + } + + renamedID, err = s.preRemove(ctx, key) + if err != nil { + // wrap as ErrFailedPrecondition so that cleanup of other snapshots can continue + return fmt.Errorf("%w: %s", errdefs.ErrFailedPrecondition, err) + } + + if err := cimlayer.DestroyCimLayer(s.getSnapshotDir(ID)); err != nil { + // Must be cleaned up, any "rm-*" could be removed if no active transactions + log.G(ctx).WithError(err).WithField("ID", ID).Warnf("failed to cleanup cim files") + } + + if err = hcsshim.DestroyLayer(s.info, renamedID); err != nil { + // Must be cleaned up, any "rm-*" could be removed if no active transactions + log.G(ctx).WithError(err).WithField("renamedID", renamedID).Warnf("failed to remove root filesystem") + } + return nil +} diff --git a/snapshots/windows/common.go b/snapshots/windows/common.go new file mode 100644 index 000000000000..ec33a62c27bd --- /dev/null +++ b/snapshots/windows/common.go @@ -0,0 +1,419 @@ +//go:build windows +// +build windows + +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package windows + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "io" + "os" + "path/filepath" + "strconv" + "strings" + + "github.com/Microsoft/hcsshim" + "github.com/containerd/containerd/v2/mount" + "github.com/containerd/containerd/v2/snapshots" + "github.com/containerd/containerd/v2/snapshots/storage" + "github.com/containerd/continuity/fs" + "github.com/containerd/log" +) + +// windowsBaseSnapshotter is a type that implements common functionality required by both windows & cimfs +// snapshotters (sort of a base type that windows & cimfs snapshotter types derive from - however, windowsBaseSnapshotter does NOT impelement the full Snapshotter interface). Some functions +// (like Stat, Update) that are identical for both snapshotters are directly implemented in this base +// snapshotter and such functions handle database transaction creation etc. However, the functions that are +// not common don't create a transaction to allow the caller the flexibility of deciding whether to commit or +// abort the transaction. +type windowsBaseSnapshotter struct { + root string + ms *storage.MetaStore + info hcsshim.DriverInfo +} + +func newBaseSnapshotter(root string) (*windowsBaseSnapshotter, error) { + if err := os.MkdirAll(root, 0700); err != nil { + return nil, err + } + + ms, err := storage.NewMetaStore(filepath.Join(root, "metadata.db")) + if err != nil { + return nil, err + } + + if err := os.Mkdir(filepath.Join(root, "snapshots"), 0700); err != nil && !os.IsExist(err) { + return nil, err + } + + return &windowsBaseSnapshotter{ + root: root, + ms: ms, + info: hcsshim.DriverInfo{HomeDir: filepath.Join(root, "snapshots")}, + }, nil +} + +func (w *windowsBaseSnapshotter) getSnapshotDir(id string) string { + return filepath.Join(w.root, "snapshots", id) +} + +func (w *windowsBaseSnapshotter) parentIDsToParentPaths(parentIDs []string) []string { + parentLayerPaths := make([]string, 0, len(parentIDs)) + for _, ID := range parentIDs { + parentLayerPaths = append(parentLayerPaths, w.getSnapshotDir(ID)) + } + return parentLayerPaths +} + +func (w *windowsBaseSnapshotter) Stat(ctx context.Context, key string) (info snapshots.Info, err error) { + err = w.ms.WithTransaction(ctx, false, func(ctx context.Context) error { + _, info, _, err = storage.GetInfo(ctx, key) + return err + }) + if err != nil { + return snapshots.Info{}, err + } + + return info, nil +} + +func (w *windowsBaseSnapshotter) Update(ctx context.Context, info snapshots.Info, fieldpaths ...string) (_ snapshots.Info, err error) { + err = w.ms.WithTransaction(ctx, true, func(ctx context.Context) error { + info, err = storage.UpdateInfo(ctx, info, fieldpaths...) + return err + }) + if err != nil { + return snapshots.Info{}, err + } + + return info, nil +} + +func (w *windowsBaseSnapshotter) Usage(ctx context.Context, key string) (usage snapshots.Usage, err error) { + var ( + id string + info snapshots.Info + ) + + err = w.ms.WithTransaction(ctx, false, func(ctx context.Context) error { + id, info, usage, err = storage.GetInfo(ctx, key) + return err + }) + if err != nil { + return snapshots.Usage{}, err + } + + if info.Kind == snapshots.KindActive { + path := w.getSnapshotDir(id) + du, err := fs.DiskUsage(ctx, path) + if err != nil { + return snapshots.Usage{}, err + } + + usage = snapshots.Usage(du) + } + + return usage, nil +} + +func (w *windowsBaseSnapshotter) mounts(sn storage.Snapshot, key string) []mount.Mount { + var ( + roFlag string + ) + + if sn.Kind == snapshots.KindView { + roFlag = "ro" + } else { + roFlag = "rw" + } + + source := w.getSnapshotDir(sn.ID) + parentLayerPaths := w.parentIDsToParentPaths(sn.ParentIDs) + + mountType := "windows-layer" + + // error is not checked here, as a string array will never fail to Marshal + parentLayersJSON, _ := json.Marshal(parentLayerPaths) + parentLayersOption := mount.ParentLayerPathsFlag + string(parentLayersJSON) + + options := []string{ + roFlag, + } + if len(sn.ParentIDs) != 0 { + options = append(options, parentLayersOption) + } + mounts := []mount.Mount{ + { + Source: source, + Type: mountType, + Options: options, + }, + } + + return mounts +} + +// Mounts returns the mounts for the transaction identified by key. Can be +// called on an read-write or readonly transaction. +// +// This can be used to recover mounts after calling View or Prepare. +func (w *windowsBaseSnapshotter) Mounts(ctx context.Context, key string) (_ []mount.Mount, err error) { + var snapshot storage.Snapshot + err = w.ms.WithTransaction(ctx, false, func(ctx context.Context) error { + snapshot, err = storage.GetSnapshot(ctx, key) + if err != nil { + return fmt.Errorf("failed to get snapshot mount: %w", err) + } + + return nil + }) + if err != nil { + return nil, err + } + + return w.mounts(snapshot, key), nil +} + +// Walk the committed snapshots. +func (w *windowsBaseSnapshotter) Walk(ctx context.Context, fn snapshots.WalkFunc, fs ...string) error { + return w.ms.WithTransaction(ctx, false, func(ctx context.Context) error { + return storage.WalkInfo(ctx, fn, fs...) + }) +} + +// preRemove prepares for removal of a snapshot by first renaming the snapshot directory and if that succeeds +// removing the snapshot info from the database. Then the caller can decide how to remove the actual renamed +// snapshot directory. Returns the new 'ID' (i.e the directory name after rename). +func (w *windowsBaseSnapshotter) preRemove(ctx context.Context, key string) (string, error) { + var ( + renamed, path, renamedID string + restore bool + ) + + err := w.ms.WithTransaction(ctx, true, func(ctx context.Context) error { + id, _, err := storage.Remove(ctx, key) + if err != nil { + return fmt.Errorf("failed to remove: %w", err) + } + + path = w.getSnapshotDir(id) + renamedID = "rm-" + id + renamed = w.getSnapshotDir(renamedID) + if err = os.Rename(path, renamed); err != nil && !os.IsNotExist(err) { + if !os.IsPermission(err) { + return err + } + // If permission denied, it's possible that the scratch is still mounted, an + // artifact after a hard daemon crash for example. Worth a shot to try deactivating it + // before retrying the rename. + var ( + home, layerID = filepath.Split(path) + di = hcsshim.DriverInfo{ + HomeDir: home, + } + ) + + if deactivateErr := hcsshim.DeactivateLayer(di, layerID); deactivateErr != nil { + return fmt.Errorf("failed to deactivate layer following failed rename: %s: %w", deactivateErr, err) + } + + if renameErr := os.Rename(path, renamed); renameErr != nil && !os.IsNotExist(renameErr) { + return fmt.Errorf("second rename attempt following detach failed: %s: %w", renameErr, err) + } + } + + restore = true + return nil + }) + if err != nil { + if restore { // failed to commit + if err1 := os.Rename(renamed, path); err1 != nil { + // May cause inconsistent data on disk + log.G(ctx).WithError(err1).WithField("path", renamed).Error("Failed to rename after failed commit") + } + } + return "", err + } + return renamedID, nil +} + +// Close closes the snapshotter +func (w *windowsBaseSnapshotter) Close() error { + return w.ms.Close() +} + +func (w *windowsBaseSnapshotter) createSnapshot(ctx context.Context, kind snapshots.Kind, key, parent string, opts []snapshots.Opt) (_ []mount.Mount, err error) { + var newSnapshot storage.Snapshot + err = w.ms.WithTransaction(ctx, true, func(ctx context.Context) error { + newSnapshot, err = storage.CreateSnapshot(ctx, kind, key, parent, opts...) + if err != nil { + return fmt.Errorf("failed to create snapshot: %w", err) + } + + log.G(ctx).Debug("createSnapshot") + // Create the new snapshot dir + snDir := w.getSnapshotDir(newSnapshot.ID) + if err = os.MkdirAll(snDir, 0700); err != nil { + return fmt.Errorf("failed to create snapshot dir %s: %w", snDir, err) + } + + if strings.Contains(key, snapshots.UnpackKeyPrefix) { + // IO/disk space optimization: Do nothing + // + // We only need one sandbox.vhdx for the container. Skip making one for this + // snapshot if this isn't the snapshot that just houses the final sandbox.vhd + // that will be mounted as the containers scratch. Currently the key for a snapshot + // where a layer will be extracted to will have the string `extract-` in it. + return nil + } + + if len(newSnapshot.ParentIDs) == 0 { + // A parentless snapshot a new base layer. Valid base layers must have a "Files" folder. + // When committed, there'll be some post-processing to fill in the rest + // of the metadata. + filesDir := filepath.Join(snDir, "Files") + if err := os.MkdirAll(filesDir, 0700); err != nil { + return fmt.Errorf("creating Files dir: %w", err) + } + return nil + } + + parentLayerPaths := w.parentIDsToParentPaths(newSnapshot.ParentIDs) + var snapshotInfo snapshots.Info + for _, o := range opts { + o(&snapshotInfo) + } + + var sizeInBytes uint64 + if sizeGBstr, ok := snapshotInfo.Labels[rootfsSizeInGBLabel]; ok { + log.G(ctx).Warnf("%q label is deprecated, please use %q instead.", rootfsSizeInGBLabel, rootfsSizeInBytesLabel) + + sizeInGB, err := strconv.ParseUint(sizeGBstr, 10, 32) + if err != nil { + return fmt.Errorf("failed to parse label %q=%q: %w", rootfsSizeInGBLabel, sizeGBstr, err) + } + sizeInBytes = sizeInGB * 1024 * 1024 * 1024 + } + + // Prefer the newer label in bytes over the deprecated Windows specific GB variant. + if sizeBytesStr, ok := snapshotInfo.Labels[rootfsSizeInBytesLabel]; ok { + sizeInBytes, err = strconv.ParseUint(sizeBytesStr, 10, 64) + if err != nil { + return fmt.Errorf("failed to parse label %q=%q: %w", rootfsSizeInBytesLabel, sizeBytesStr, err) + } + } + + var makeUVMScratch bool + if _, ok := snapshotInfo.Labels[uvmScratchLabel]; ok { + makeUVMScratch = true + } + + // This has to be run first to avoid clashing with the containers sandbox.vhdx. + if makeUVMScratch { + if err = w.createUVMScratchLayer(ctx, snDir, parentLayerPaths); err != nil { + return fmt.Errorf("failed to make UVM's scratch layer: %w", err) + } + } + if err = w.createScratchLayer(ctx, snDir, parentLayerPaths, sizeInBytes); err != nil { + return fmt.Errorf("failed to create scratch layer: %w", err) + } + return nil + }) + if err != nil { + return nil, err + } + + return w.mounts(newSnapshot, key), nil +} + +// This is essentially a recreation of what HCS' CreateSandboxLayer does with some extra bells and +// whistles like expanding the volume if a size is specified. +func (w *windowsBaseSnapshotter) createScratchLayer(ctx context.Context, snDir string, parentLayers []string, sizeInBytes uint64) error { + parentLen := len(parentLayers) + if parentLen == 0 { + return errors.New("no parent layers present") + } + + baseLayer := parentLayers[parentLen-1] + templateDiffDisk := filepath.Join(baseLayer, "blank.vhdx") + dest := filepath.Join(snDir, "sandbox.vhdx") + if err := copyScratchDisk(templateDiffDisk, dest); err != nil { + return err + } + + if sizeInBytes != 0 { + if err := hcsshim.ExpandSandboxSize(w.info, filepath.Base(snDir), sizeInBytes); err != nil { + return fmt.Errorf("failed to expand sandbox vhdx size to %d bytes: %w", sizeInBytes, err) + } + } + return nil +} + +// This handles creating the UVMs scratch layer. +func (w *windowsBaseSnapshotter) createUVMScratchLayer(ctx context.Context, snDir string, parentLayers []string) error { + parentLen := len(parentLayers) + if parentLen == 0 { + return errors.New("no parent layers present") + } + baseLayer := parentLayers[parentLen-1] + + // Make sure base layer has a UtilityVM folder. + uvmPath := filepath.Join(baseLayer, "UtilityVM") + if _, err := os.Stat(uvmPath); os.IsNotExist(err) { + return fmt.Errorf("failed to find UtilityVM directory in base layer %q: %w", baseLayer, err) + } + + templateDiffDisk := filepath.Join(uvmPath, "SystemTemplate.vhdx") + + // Check if SystemTemplate disk doesn't exist for some reason (this should be made during the unpacking + // of the base layer). + if _, err := os.Stat(templateDiffDisk); os.IsNotExist(err) { + return fmt.Errorf("%q does not exist in Utility VM image", templateDiffDisk) + } + + // Move the sandbox.vhdx into a nested vm folder to avoid clashing with a containers sandbox.vhdx. + vmScratchDir := filepath.Join(snDir, "vm") + if err := os.MkdirAll(vmScratchDir, 0777); err != nil { + return fmt.Errorf("failed to make `vm` directory for vm's scratch space: %w", err) + } + + return copyScratchDisk(templateDiffDisk, filepath.Join(vmScratchDir, "sandbox.vhdx")) +} + +func copyScratchDisk(source, dest string) error { + scratchSource, err := os.OpenFile(source, os.O_RDWR, 0700) + if err != nil { + return fmt.Errorf("failed to open %s: %w", source, err) + } + defer scratchSource.Close() + + f, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, 0700) + if err != nil { + return fmt.Errorf("failed to create sandbox.vhdx in snapshot: %w", err) + } + defer f.Close() + + if _, err := io.Copy(f, scratchSource); err != nil { + os.Remove(dest) + return fmt.Errorf("failed to copy cached %q to %q in snapshot: %w", source, dest, err) + } + return nil +} diff --git a/snapshots/windows/windows.go b/snapshots/windows/windows.go index bc7a35a6b130..7385f87e23b0 100644 --- a/snapshots/windows/windows.go +++ b/snapshots/windows/windows.go @@ -21,13 +21,8 @@ package windows import ( "context" - "encoding/json" - "errors" "fmt" "io" - "os" - "path/filepath" - "strconv" "strings" "github.com/Microsoft/go-winio" @@ -53,7 +48,7 @@ func init() { ID: "windows", InitFn: func(ic *plugin.InitContext) (interface{}, error) { ic.Meta.Platforms = []ocispec.Platform{platforms.DefaultSpec()} - return NewSnapshotter(ic.Properties[plugins.PropertyRootDir]) + return NewWindowsSnapshotter(ic.Properties[plugins.PropertyRootDir]) }, }) } @@ -70,14 +65,13 @@ const ( rootfsSizeInBytesLabel = "containerd.io/snapshot/windows/rootfs.sizebytes" ) -type snapshotter struct { - root string - info hcsshim.DriverInfo - ms *storage.MetaStore +// snapshotter for legacy windows layers +type wcowSnapshotter struct { + *windowsBaseSnapshotter } -// NewSnapshotter returns a new windows snapshotter -func NewSnapshotter(root string) (snapshots.Snapshotter, error) { +// NewWindowsSnapshotter returns a new windows snapshotter +func NewWindowsSnapshotter(root string) (snapshots.Snapshotter, error) { fsType, err := winfs.GetFileSystemType(root) if err != nil { return nil, err @@ -86,113 +80,25 @@ func NewSnapshotter(root string) (snapshots.Snapshotter, error) { return nil, fmt.Errorf("%s is not on an NTFS volume - only NTFS volumes are supported: %w", root, errdefs.ErrInvalidArgument) } - if err := os.MkdirAll(root, 0700); err != nil { - return nil, err - } - ms, err := storage.NewMetaStore(filepath.Join(root, "metadata.db")) + baseSn, err := newBaseSnapshotter(root) if err != nil { return nil, err } - if err := os.Mkdir(filepath.Join(root, "snapshots"), 0700); err != nil && !os.IsExist(err) { - return nil, err - } - - return &snapshotter{ - info: hcsshim.DriverInfo{ - HomeDir: filepath.Join(root, "snapshots"), - }, - root: root, - ms: ms, + return &wcowSnapshotter{ + windowsBaseSnapshotter: baseSn, }, nil } -// Stat returns the info for an active or committed snapshot by name or -// key. -// -// Should be used for parent resolution, existence checks and to discern -// the kind of snapshot. -func (s *snapshotter) Stat(ctx context.Context, key string) (info snapshots.Info, err error) { - err = s.ms.WithTransaction(ctx, false, func(ctx context.Context) error { - _, info, _, err = storage.GetInfo(ctx, key) - return err - }) - if err != nil { - return snapshots.Info{}, err - } - - return info, nil -} - -func (s *snapshotter) Update(ctx context.Context, info snapshots.Info, fieldpaths ...string) (_ snapshots.Info, err error) { - err = s.ms.WithTransaction(ctx, true, func(ctx context.Context) error { - info, err = storage.UpdateInfo(ctx, info, fieldpaths...) - return err - }) - if err != nil { - return snapshots.Info{}, err - } - - return info, nil -} - -func (s *snapshotter) Usage(ctx context.Context, key string) (usage snapshots.Usage, err error) { - var ( - id string - info snapshots.Info - ) - - err = s.ms.WithTransaction(ctx, false, func(ctx context.Context) error { - id, info, usage, err = storage.GetInfo(ctx, key) - return err - }) - if err != nil { - return snapshots.Usage{}, err - } - - if info.Kind == snapshots.KindActive { - path := s.getSnapshotDir(id) - du, err := fs.DiskUsage(ctx, path) - if err != nil { - return snapshots.Usage{}, err - } - - usage = snapshots.Usage(du) - } - - return usage, nil -} - -func (s *snapshotter) Prepare(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { +func (s *wcowSnapshotter) Prepare(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { return s.createSnapshot(ctx, snapshots.KindActive, key, parent, opts) } -func (s *snapshotter) View(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { +func (s *wcowSnapshotter) View(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { return s.createSnapshot(ctx, snapshots.KindView, key, parent, opts) } -// Mounts returns the mounts for the transaction identified by key. Can be -// called on an read-write or readonly transaction. -// -// This can be used to recover mounts after calling View or Prepare. -func (s *snapshotter) Mounts(ctx context.Context, key string) (_ []mount.Mount, err error) { - var snapshot storage.Snapshot - err = s.ms.WithTransaction(ctx, false, func(ctx context.Context) error { - snapshot, err = storage.GetSnapshot(ctx, key) - if err != nil { - return fmt.Errorf("failed to get snapshot mount: %w", err) - } - - return nil - }) - if err != nil { - return nil, err - } - - return s.mounts(snapshot, key), nil -} - -func (s *snapshotter) Commit(ctx context.Context, name, key string, opts ...snapshots.Opt) (retErr error) { +func (s *wcowSnapshotter) Commit(ctx context.Context, name, key string, opts ...snapshots.Opt) (retErr error) { return s.ms.WithTransaction(ctx, true, func(ctx context.Context) error { // grab the existing id id, _, _, err := storage.GetInfo(ctx, key) @@ -234,237 +140,23 @@ func (s *snapshotter) Commit(ctx context.Context, name, key string, opts ...snap // Remove abandons the transaction identified by key. All resources // associated with the key will be removed. -func (s *snapshotter) Remove(ctx context.Context, key string) error { - var ( - renamed, path, renamedID string - restore bool - ) - - err := s.ms.WithTransaction(ctx, true, func(ctx context.Context) error { - id, _, err := storage.Remove(ctx, key) - if err != nil { - return fmt.Errorf("failed to remove: %w", err) - } - - path = s.getSnapshotDir(id) - renamedID = "rm-" + id - renamed = s.getSnapshotDir(renamedID) - if err = os.Rename(path, renamed); err != nil && !os.IsNotExist(err) { - if !os.IsPermission(err) { - return err - } - // If permission denied, it's possible that the scratch is still mounted, an - // artifact after a hard daemon crash for example. Worth a shot to try deactivating it - // before retrying the rename. - var ( - home, layerID = filepath.Split(path) - di = hcsshim.DriverInfo{ - HomeDir: home, - } - ) - - if deactivateErr := hcsshim.DeactivateLayer(di, layerID); deactivateErr != nil { - return fmt.Errorf("failed to deactivate layer following failed rename: %s: %w", deactivateErr, err) - } - - if renameErr := os.Rename(path, renamed); renameErr != nil && !os.IsNotExist(renameErr) { - return fmt.Errorf("second rename attempt following detach failed: %s: %w", renameErr, err) - } - } - - restore = true - return nil - }) +func (s *wcowSnapshotter) Remove(ctx context.Context, key string) error { + renamedID, err := s.preRemove(ctx, key) if err != nil { - if restore { // failed to commit - if err1 := os.Rename(renamed, path); err1 != nil { - // May cause inconsistent data on disk - log.G(ctx).WithError(err1).WithField("path", renamed).Error("Failed to rename after failed commit") - } - } - // Return the error wrapped in ErrFailedPrecondition so that cleanup of other snapshots will - // still continue. - return errors.Join(errdefs.ErrFailedPrecondition, err) + // wrap as ErrFailedPrecondition so that cleanup of other snapshots can continue + return fmt.Errorf("%w: %s", errdefs.ErrFailedPrecondition, err) } if err = hcsshim.DestroyLayer(s.info, renamedID); err != nil { // Must be cleaned up, any "rm-*" could be removed if no active transactions - log.G(ctx).WithError(err).WithField("path", renamed).Warnf("Failed to remove root filesystem") + log.G(ctx).WithError(err).WithField("renamedID", renamedID).Warnf("Failed to remove root filesystem") } return nil } -// Walk the committed snapshots. -func (s *snapshotter) Walk(ctx context.Context, fn snapshots.WalkFunc, fs ...string) error { - return s.ms.WithTransaction(ctx, false, func(ctx context.Context) error { - return storage.WalkInfo(ctx, fn, fs...) - }) -} - -// Close closes the snapshotter -func (s *snapshotter) Close() error { - return s.ms.Close() -} - -func (s *snapshotter) mounts(sn storage.Snapshot, key string) []mount.Mount { - var ( - roFlag string - ) - - if sn.Kind == snapshots.KindView { - roFlag = "ro" - } else { - roFlag = "rw" - } - - source := s.getSnapshotDir(sn.ID) - parentLayerPaths := s.parentIDsToParentPaths(sn.ParentIDs) - - mountType := "windows-layer" - - // error is not checked here, as a string array will never fail to Marshal - parentLayersJSON, _ := json.Marshal(parentLayerPaths) - parentLayersOption := mount.ParentLayerPathsFlag + string(parentLayersJSON) - - options := []string{ - roFlag, - } - if len(sn.ParentIDs) != 0 { - options = append(options, parentLayersOption) - } - mounts := []mount.Mount{ - { - Source: source, - Type: mountType, - Options: options, - }, - } - - return mounts -} - -func (s *snapshotter) getSnapshotDir(id string) string { - return filepath.Join(s.root, "snapshots", id) -} - -func (s *snapshotter) createSnapshot(ctx context.Context, kind snapshots.Kind, key, parent string, opts []snapshots.Opt) (_ []mount.Mount, err error) { - var newSnapshot storage.Snapshot - err = s.ms.WithTransaction(ctx, true, func(ctx context.Context) error { - newSnapshot, err = storage.CreateSnapshot(ctx, kind, key, parent, opts...) - if err != nil { - return fmt.Errorf("failed to create snapshot: %w", err) - } - - log.G(ctx).Debug("createSnapshot") - // Create the new snapshot dir - snDir := s.getSnapshotDir(newSnapshot.ID) - if err = os.MkdirAll(snDir, 0700); err != nil { - return fmt.Errorf("failed to create snapshot dir %s: %w", snDir, err) - } - - if strings.Contains(key, snapshots.UnpackKeyPrefix) { - // IO/disk space optimization: Do nothing - // - // We only need one sandbox.vhdx for the container. Skip making one for this - // snapshot if this isn't the snapshot that just houses the final sandbox.vhd - // that will be mounted as the containers scratch. Currently the key for a snapshot - // where a layer will be extracted to will have the string `extract-` in it. - return nil - } - - if len(newSnapshot.ParentIDs) == 0 { - // A parentless snapshot a new base layer. Valid base layers must have a "Files" folder. - // When committed, there'll be some post-processing to fill in the rest - // of the metadata. - filesDir := filepath.Join(snDir, "Files") - if err := os.MkdirAll(filesDir, 0700); err != nil { - return fmt.Errorf("creating Files dir: %w", err) - } - return nil - } - - parentLayerPaths := s.parentIDsToParentPaths(newSnapshot.ParentIDs) - var snapshotInfo snapshots.Info - for _, o := range opts { - o(&snapshotInfo) - } - - var sizeInBytes uint64 - if sizeGBstr, ok := snapshotInfo.Labels[rootfsSizeInGBLabel]; ok { - log.G(ctx).Warnf("%q label is deprecated, please use %q instead.", rootfsSizeInGBLabel, rootfsSizeInBytesLabel) - - sizeInGB, err := strconv.ParseUint(sizeGBstr, 10, 32) - if err != nil { - return fmt.Errorf("failed to parse label %q=%q: %w", rootfsSizeInGBLabel, sizeGBstr, err) - } - sizeInBytes = sizeInGB * 1024 * 1024 * 1024 - } - - // Prefer the newer label in bytes over the deprecated Windows specific GB variant. - if sizeBytesStr, ok := snapshotInfo.Labels[rootfsSizeInBytesLabel]; ok { - sizeInBytes, err = strconv.ParseUint(sizeBytesStr, 10, 64) - if err != nil { - return fmt.Errorf("failed to parse label %q=%q: %w", rootfsSizeInBytesLabel, sizeBytesStr, err) - } - } - - var makeUVMScratch bool - if _, ok := snapshotInfo.Labels[uvmScratchLabel]; ok { - makeUVMScratch = true - } - - // This has to be run first to avoid clashing with the containers sandbox.vhdx. - if makeUVMScratch { - if err = s.createUVMScratchLayer(ctx, snDir, parentLayerPaths); err != nil { - return fmt.Errorf("failed to make UVM's scratch layer: %w", err) - } - } - if err = s.createScratchLayer(ctx, snDir, parentLayerPaths, sizeInBytes); err != nil { - return fmt.Errorf("failed to create scratch layer: %w", err) - } - return nil - }) - if err != nil { - return nil, err - } - - return s.mounts(newSnapshot, key), nil -} - -func (s *snapshotter) parentIDsToParentPaths(parentIDs []string) []string { - var parentLayerPaths []string - for _, ID := range parentIDs { - parentLayerPaths = append(parentLayerPaths, s.getSnapshotDir(ID)) - } - return parentLayerPaths -} - -// This is essentially a recreation of what HCS' CreateSandboxLayer does with some extra bells and -// whistles like expanding the volume if a size is specified. -func (s *snapshotter) createScratchLayer(ctx context.Context, snDir string, parentLayers []string, sizeInBytes uint64) error { - parentLen := len(parentLayers) - if parentLen == 0 { - return errors.New("no parent layers present") - } - - baseLayer := parentLayers[parentLen-1] - templateDiffDisk := filepath.Join(baseLayer, "blank.vhdx") - dest := filepath.Join(snDir, "sandbox.vhdx") - if err := copyScratchDisk(templateDiffDisk, dest); err != nil { - return err - } - - if sizeInBytes != 0 { - if err := hcsshim.ExpandSandboxSize(s.info, filepath.Base(snDir), sizeInBytes); err != nil { - return fmt.Errorf("failed to expand sandbox vhdx size to %d bytes: %w", sizeInBytes, err) - } - } - return nil -} - // convertScratchToReadOnlyLayer reimports the layer over itself, to transfer the files from the sandbox.vhdx to the on-disk storage. -func (s *snapshotter) convertScratchToReadOnlyLayer(ctx context.Context, snapshot storage.Snapshot, path string) (retErr error) { +func (s *wcowSnapshotter) convertScratchToReadOnlyLayer(ctx context.Context, snapshot storage.Snapshot, path string) (retErr error) { // TODO darrenstahlmsft: When this is done isolated, we should disable these. // it currently cannot be disabled, unless we add ref counting. Since this is @@ -505,54 +197,3 @@ func (s *snapshotter) convertScratchToReadOnlyLayer(ctx context.Context, snapsho return nil } - -// This handles creating the UVMs scratch layer. -func (s *snapshotter) createUVMScratchLayer(ctx context.Context, snDir string, parentLayers []string) error { - parentLen := len(parentLayers) - if parentLen == 0 { - return errors.New("no parent layers present") - } - baseLayer := parentLayers[parentLen-1] - - // Make sure base layer has a UtilityVM folder. - uvmPath := filepath.Join(baseLayer, "UtilityVM") - if _, err := os.Stat(uvmPath); os.IsNotExist(err) { - return fmt.Errorf("failed to find UtilityVM directory in base layer %q: %w", baseLayer, err) - } - - templateDiffDisk := filepath.Join(uvmPath, "SystemTemplate.vhdx") - - // Check if SystemTemplate disk doesn't exist for some reason (this should be made during the unpacking - // of the base layer). - if _, err := os.Stat(templateDiffDisk); os.IsNotExist(err) { - return fmt.Errorf("%q does not exist in Utility VM image", templateDiffDisk) - } - - // Move the sandbox.vhdx into a nested vm folder to avoid clashing with a containers sandbox.vhdx. - vmScratchDir := filepath.Join(snDir, "vm") - if err := os.MkdirAll(vmScratchDir, 0777); err != nil { - return fmt.Errorf("failed to make `vm` directory for vm's scratch space: %w", err) - } - - return copyScratchDisk(templateDiffDisk, filepath.Join(vmScratchDir, "sandbox.vhdx")) -} - -func copyScratchDisk(source, dest string) error { - scratchSource, err := os.OpenFile(source, os.O_RDWR, 0700) - if err != nil { - return fmt.Errorf("failed to open %s: %w", source, err) - } - defer scratchSource.Close() - - f, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, 0700) - if err != nil { - return fmt.Errorf("failed to create sandbox.vhdx in snapshot: %w", err) - } - defer f.Close() - - if _, err := io.Copy(f, scratchSource); err != nil { - os.Remove(dest) - return fmt.Errorf("failed to copy cached %q to %q in snapshot: %w", source, dest, err) - } - return nil -} diff --git a/snapshots/windows/windows_test.go b/snapshots/windows/windows_test.go index fb22d2a3a0e2..567bb6f598e5 100644 --- a/snapshots/windows/windows_test.go +++ b/snapshots/windows/windows_test.go @@ -29,7 +29,7 @@ import ( ) func newSnapshotter(ctx context.Context, root string) (snapshots.Snapshotter, func() error, error) { - snapshotter, err := NewSnapshotter(root) + snapshotter, err := NewWindowsSnapshotter(root) if err != nil { return nil, nil, err } diff --git a/vendor/github.com/Microsoft/hcsshim/.golangci.yml b/vendor/github.com/Microsoft/hcsshim/.golangci.yml index abe77f57a07a..7d38a2fb9edc 100644 --- a/vendor/github.com/Microsoft/hcsshim/.golangci.yml +++ b/vendor/github.com/Microsoft/hcsshim/.golangci.yml @@ -20,6 +20,7 @@ linters: # - typecheck # - unused + - errorlint # error wrapping (eg, not using `errors.Is`, using `%s` instead of `%w` in `fmt.Errorf`) - gofmt # whether code was gofmt-ed - govet # enabled by default, but just to be sure - nolintlint # ill-formed or insufficient nolint directives @@ -53,6 +54,12 @@ issues: text: "^ST1003: should not use underscores in package names$" source: "^package cri_containerd$" + # don't bother with propper error wrapping in test code + - path: cri-containerd + linters: + - errorlint + text: "non-wrapping format verb for fmt.Errorf" + # This repo has a LOT of generated schema files, operating system bindings, and other # things that ST1003 from stylecheck won't like (screaming case Windows api constants for example). # There's also some structs that we *could* change the initialisms to be Go friendly diff --git a/vendor/github.com/Microsoft/hcsshim/README.md b/vendor/github.com/Microsoft/hcsshim/README.md index 5a1361539bea..320438048471 100644 --- a/vendor/github.com/Microsoft/hcsshim/README.md +++ b/vendor/github.com/Microsoft/hcsshim/README.md @@ -9,15 +9,18 @@ It is primarily used in the [Moby](https://github.com/moby/moby) and [Containerd ## Building While this repository can be used as a library of sorts to call the HCS apis, there are a couple binaries built out of the repository as well. The main ones being the Linux guest agent, and an implementation of the [runtime v2 containerd shim api](https://github.com/containerd/containerd/blob/master/runtime/v2/README.md). + ### Linux Hyper-V Container Guest Agent To build the Linux guest agent itself all that's needed is to set your GOOS to "Linux" and build out of ./cmd/gcs. + ```powershell C:\> $env:GOOS="linux" C:\> go build .\cmd\gcs\ ``` or on a Linux machine + ```sh > go build ./cmd/gcs ``` @@ -33,13 +36,15 @@ make all ``` If the build is successful, in the `./out` folder you should see: + ```sh > ls ./out/ delta.tar.gz initrd.img rootfs.tar.gz ``` ### Containerd Shim -For info on the Runtime V2 API: https://github.com/containerd/containerd/blob/master/runtime/v2/README.md. + +For info on the [Runtime V2 API](https://github.com/containerd/containerd/blob/master/runtime/v2/README.md). Contrary to the typical Linux architecture of shim -> runc, the runhcs shim is used both to launch and manage the lifetime of containers. @@ -48,7 +53,9 @@ C:\> $env:GOOS="windows" C:\> go build .\cmd\containerd-shim-runhcs-v1 ``` -Then place the binary in the same directory that Containerd is located at in your environment. A default Containerd configuration file can be generated by running: +Then place the binary in the same directory that Containerd is located at in your environment. +A default Containerd configuration file can be generated by running: + ```powershell .\containerd.exe config default | Out-File "C:\Program Files\containerd\config.toml" -Encoding ascii ``` @@ -56,6 +63,7 @@ Then place the binary in the same directory that Containerd is located at in you This config file will already have the shim set as the default runtime for cri interactions. To trial using the shim out with ctr.exe: + ```powershell C:\> ctr.exe run --runtime io.containerd.runhcs.v1 --rm mcr.microsoft.com/windows/nanoserver:2004 windows-test cmd /c "echo Hello World!" ``` @@ -64,16 +72,69 @@ C:\> ctr.exe run --runtime io.containerd.runhcs.v1 --rm mcr.microsoft.com/window This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us -the rights to use your contribution. For details, visit https://cla.microsoft.com. +the rights to use your contribution. For details, visit [Microsoft CLA](https://cla.microsoft.com). When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA. -We also require that contributors [sign their commits](https://git-scm.com/docs/git-commit) using `git commit -s` or `git commit --signoff` to -certify they either authored the work themselves or otherwise have permission to use it in this project. Please see https://developercertificate.org/ for -more info, as well as to make sure that you can attest to the rules listed. Our CI uses the [DCO Github app](https://github.com/apps/dco) to ensure -that all commits in a given PR are signed-off. +We require that contributors sign their commits +to certify they either authored the work themselves or otherwise have permission to use it in this project. + +We also require that contributors sign their commits using using [`git commit --signoff`][git-commit-s] +to certify they either authored the work themselves or otherwise have permission to use it in this project. +A range of commits can be signed off using [`git rebase --signoff`][git-rebase-s]. + +Please see [the developer certificate](https://developercertificate.org) for more info, +as well as to make sure that you can attest to the rules listed. +Our CI uses the [DCO Github app](https://github.com/apps/dco) to ensure that all commits in a given PR are signed-off. + +### Linting + +Code must pass a linting stage, which uses [`golangci-lint`][lint]. +Since `./test` is a separate Go module, the linter is run from both the root and the +`test` directories. Additionally, the linter is run with `GOOS` set to both `windows` and +`linux`. + +The linting settings are stored in [`.golangci.yaml`](./.golangci.yaml), and can be run +automatically with VSCode by adding the following to your workspace or folder settings: + +```json + "go.lintTool": "golangci-lint", + "go.lintOnSave": "package", +``` + +Additional editor [integrations options are also available][lint-ide]. + +Alternatively, `golangci-lint` can be [installed][lint-install] and run locally: + +```shell +# use . or specify a path to only lint a package +# to show all lint errors, use flags "--max-issues-per-linter=0 --max-same-issues=0" +> golangci-lint run +``` + +To run across the entire repo for both `GOOS=windows` and `linux`: + +```powershell +> foreach ( $goos in ('windows', 'linux') ) { + foreach ( $repo in ('.', 'test') ) { + pwsh -Command "cd $repo && go env -w GOOS=$goos && golangci-lint.exe run --verbose" + } +} +``` + +### Go Generate + +The pipeline checks that auto-generated code, via `go generate`, are up to date. +Similar to the [linting stage](#linting), `go generate` is run in both the root and test Go modules. + +This can be done via: + +```shell +> go generate ./... +> cd test && go generate ./... +``` ## Code of Conduct @@ -83,7 +144,7 @@ contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additio ## Dependencies -This project requires Golang 1.17 or newer to build. +This project requires Golang 1.18 or newer to build. For system requirements to run this project, see the Microsoft docs on [Windows Container requirements](https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/system-requirements). @@ -100,3 +161,10 @@ For additional details, see [Report a Computer Security Vulnerability](https://t --------------- Copyright (c) 2018 Microsoft Corp. All rights reserved. + +[lint]: https://golangci-lint.run/ +[lint-ide]: https://golangci-lint.run/usage/integrations/#editor-integration +[lint-install]: https://golangci-lint.run/usage/install/#local-installation + +[git-commit-s]: https://git-scm.com/docs/git-commit#Documentation/git-commit.txt--s +[git-rebase-s]: https://git-scm.com/docs/git-rebase#Documentation/git-rebase.txt---signoff diff --git a/vendor/github.com/Microsoft/hcsshim/computestorage/attach.go b/vendor/github.com/Microsoft/hcsshim/computestorage/attach.go index 54c4b3bc4abf..301a10888f12 100644 --- a/vendor/github.com/Microsoft/hcsshim/computestorage/attach.go +++ b/vendor/github.com/Microsoft/hcsshim/computestorage/attach.go @@ -38,3 +38,31 @@ func AttachLayerStorageFilter(ctx context.Context, layerPath string, layerData L } return nil } + +// AttachOverlayFilter sets up a filter of the given type on a writable container layer. Currently the only +// supported filter types are WCIFS & UnionFS (defined in internal/hcs/schema2/layer.go) +// +// `volumePath` is volume path at which writable layer is mounted. If the +// path does not end in a `\` the platform will append it automatically. +// +// `layerData` is the parent read-only layer data. +func AttachOverlayFilter(ctx context.Context, volumePath string, layerData LayerData) (err error) { + title := "hcsshim::AttachOverlayFilter" + ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck + defer span.End() + defer func() { oc.SetSpanStatus(span, err) }() + span.AddAttributes( + trace.StringAttribute("volumePath", volumePath), + ) + + bytes, err := json.Marshal(layerData) + if err != nil { + return err + } + + err = hcsAttachOverlayFilter(volumePath, string(bytes)) + if err != nil { + return errors.Wrap(err, "failed to attach overlay filter") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/computestorage/detach.go b/vendor/github.com/Microsoft/hcsshim/computestorage/detach.go index daf1bfff2051..6e00e4a1f8aa 100644 --- a/vendor/github.com/Microsoft/hcsshim/computestorage/detach.go +++ b/vendor/github.com/Microsoft/hcsshim/computestorage/detach.go @@ -4,7 +4,9 @@ package computestorage import ( "context" + "encoding/json" + hcsschema "github.com/Microsoft/hcsshim/internal/hcs/schema2" "github.com/Microsoft/hcsshim/internal/oc" "github.com/pkg/errors" "go.opencensus.io/trace" @@ -26,3 +28,27 @@ func DetachLayerStorageFilter(ctx context.Context, layerPath string) (err error) } return nil } + +// DetachOverlayFilter detaches the filter on a writable container layer. +// +// `volumePath` is a path to writable container volume. +func DetachOverlayFilter(ctx context.Context, volumePath string, filterType hcsschema.FileSystemFilterType) (err error) { + title := "hcsshim::DetachOverlayFilter" + ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck + defer span.End() + defer func() { oc.SetSpanStatus(span, err) }() + span.AddAttributes(trace.StringAttribute("volumePath", volumePath)) + + layerData := LayerData{} + layerData.FilterType = filterType + bytes, err := json.Marshal(layerData) + if err != nil { + return err + } + + err = hcsDetachOverlayFilter(volumePath, string(bytes)) + if err != nil { + return errors.Wrap(err, "failed to detach overlay filter") + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/computestorage/storage.go b/vendor/github.com/Microsoft/hcsshim/computestorage/storage.go index c38d3aa5a978..5af931f2f485 100644 --- a/vendor/github.com/Microsoft/hcsshim/computestorage/storage.go +++ b/vendor/github.com/Microsoft/hcsshim/computestorage/storage.go @@ -19,14 +19,17 @@ import ( //sys hcsFormatWritableLayerVhd(handle windows.Handle) (hr error) = computestorage.HcsFormatWritableLayerVhd? //sys hcsGetLayerVhdMountPath(vhdHandle windows.Handle, mountPath **uint16) (hr error) = computestorage.HcsGetLayerVhdMountPath? //sys hcsSetupBaseOSVolume(layerPath string, volumePath string, options string) (hr error) = computestorage.HcsSetupBaseOSVolume? +//sys hcsAttachOverlayFilter(volumePath string, layerData string) (hr error) = computestorage.HcsAttachOverlayFilter? +//sys hcsDetachOverlayFilter(volumePath string, layerData string) (hr error) = computestorage.HcsDetachOverlayFilter? type Version = hcsschema.Version type Layer = hcsschema.Layer // LayerData is the data used to describe parent layer information. type LayerData struct { - SchemaVersion Version `json:"SchemaVersion,omitempty"` - Layers []Layer `json:"Layers,omitempty"` + SchemaVersion Version `json:"SchemaVersion,omitempty"` + Layers []Layer `json:"Layers,omitempty"` + FilterType hcsschema.FileSystemFilterType `json:"FilterType,omitempty"` } // ExportLayerOptions are the set of options that are used with the `computestorage.HcsExportLayer` syscall. diff --git a/vendor/github.com/Microsoft/hcsshim/computestorage/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/computestorage/zsyscall_windows.go index b996b35e6b5a..53d0beb87fc9 100644 --- a/vendor/github.com/Microsoft/hcsshim/computestorage/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/hcsshim/computestorage/zsyscall_windows.go @@ -43,8 +43,10 @@ var ( modcomputestorage = windows.NewLazySystemDLL("computestorage.dll") procHcsAttachLayerStorageFilter = modcomputestorage.NewProc("HcsAttachLayerStorageFilter") + procHcsAttachOverlayFilter = modcomputestorage.NewProc("HcsAttachOverlayFilter") procHcsDestroyLayer = modcomputestorage.NewProc("HcsDestroyLayer") procHcsDetachLayerStorageFilter = modcomputestorage.NewProc("HcsDetachLayerStorageFilter") + procHcsDetachOverlayFilter = modcomputestorage.NewProc("HcsDetachOverlayFilter") procHcsExportLayer = modcomputestorage.NewProc("HcsExportLayer") procHcsFormatWritableLayerVhd = modcomputestorage.NewProc("HcsFormatWritableLayerVhd") procHcsGetLayerVhdMountPath = modcomputestorage.NewProc("HcsGetLayerVhdMountPath") @@ -83,6 +85,35 @@ func _hcsAttachLayerStorageFilter(layerPath *uint16, layerData *uint16) (hr erro return } +func hcsAttachOverlayFilter(volumePath string, layerData string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(volumePath) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(layerData) + if hr != nil { + return + } + return _hcsAttachOverlayFilter(_p0, _p1) +} + +func _hcsAttachOverlayFilter(volumePath *uint16, layerData *uint16) (hr error) { + hr = procHcsAttachOverlayFilter.Find() + if hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsAttachOverlayFilter.Addr(), 2, uintptr(unsafe.Pointer(volumePath)), uintptr(unsafe.Pointer(layerData)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + func hcsDestroyLayer(layerPath string) (hr error) { var _p0 *uint16 _p0, hr = syscall.UTF16PtrFromString(layerPath) @@ -131,6 +162,35 @@ func _hcsDetachLayerStorageFilter(layerPath *uint16) (hr error) { return } +func hcsDetachOverlayFilter(volumePath string, layerData string) (hr error) { + var _p0 *uint16 + _p0, hr = syscall.UTF16PtrFromString(volumePath) + if hr != nil { + return + } + var _p1 *uint16 + _p1, hr = syscall.UTF16PtrFromString(layerData) + if hr != nil { + return + } + return _hcsDetachOverlayFilter(_p0, _p1) +} + +func _hcsDetachOverlayFilter(volumePath *uint16, layerData *uint16) (hr error) { + hr = procHcsDetachOverlayFilter.Find() + if hr != nil { + return + } + r0, _, _ := syscall.Syscall(procHcsDetachOverlayFilter.Addr(), 2, uintptr(unsafe.Pointer(volumePath)), uintptr(unsafe.Pointer(layerData)), 0) + if int32(r0) < 0 { + if r0&0x1fff0000 == 0x00070000 { + r0 &= 0xffff + } + hr = syscall.Errno(r0) + } + return +} + func hcsExportLayer(layerPath string, exportFolderPath string, layerData string, options string) (hr error) { var _p0 *uint16 _p0, hr = syscall.UTF16PtrFromString(layerPath) diff --git a/vendor/github.com/Microsoft/hcsshim/container.go b/vendor/github.com/Microsoft/hcsshim/container.go index c8f09f88b9fc..0ad7f495afa5 100644 --- a/vendor/github.com/Microsoft/hcsshim/container.go +++ b/vendor/github.com/Microsoft/hcsshim/container.go @@ -75,7 +75,7 @@ func init() { func CreateContainer(id string, c *ContainerConfig) (Container, error) { fullConfig, err := mergemaps.MergeJSON(c, createContainerAdditionalJSON) if err != nil { - return nil, fmt.Errorf("failed to merge additional JSON '%s': %s", createContainerAdditionalJSON, err) + return nil, fmt.Errorf("failed to merge additional JSON '%s': %w", createContainerAdditionalJSON, err) } system, err := hcs.CreateComputeSystem(context.Background(), id, fullConfig) diff --git a/vendor/github.com/Microsoft/hcsshim/errors.go b/vendor/github.com/Microsoft/hcsshim/errors.go index 594bbfb7a89b..b441b0cd3a45 100644 --- a/vendor/github.com/Microsoft/hcsshim/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/errors.go @@ -115,6 +115,7 @@ func (e *ContainerError) Error() string { s += " encountered an error during " + e.Operation } + //nolint:errorlint // legacy code switch e.Err.(type) { case nil: break @@ -145,6 +146,7 @@ func (e *ProcessError) Error() string { s += " encountered an error during " + e.Operation } + //nolint:errorlint // legacy code switch e.Err.(type) { case nil: break @@ -166,10 +168,10 @@ func (e *ProcessError) Error() string { // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist // will currently return true when the error is ErrElementNotFound. func IsNotExist(err error) bool { - if _, ok := err.(EndpointNotFoundError); ok { + if _, ok := err.(EndpointNotFoundError); ok { //nolint:errorlint // legacy code return true } - if _, ok := err.(NetworkNotFoundError); ok { + if _, ok := err.(NetworkNotFoundError); ok { //nolint:errorlint // legacy code return true } return hcs.IsNotExist(getInnerError(err)) @@ -224,6 +226,7 @@ func IsAccessIsDenied(err error) bool { } func getInnerError(err error) error { + //nolint:errorlint // legacy code switch pe := err.(type) { case nil: return nil @@ -236,14 +239,14 @@ func getInnerError(err error) error { } func convertSystemError(err error, c *container) error { - if serr, ok := err.(*hcs.SystemError); ok { + if serr, ok := err.(*hcs.SystemError); ok { //nolint:errorlint // legacy code return &ContainerError{Container: c, Operation: serr.Op, Err: serr.Err, Events: serr.Events} } return err } func convertProcessError(err error, p *process) error { - if perr, ok := err.(*hcs.ProcessError); ok { + if perr, ok := err.(*hcs.ProcessError); ok { //nolint:errorlint // legacy code return &ProcessError{Process: p, Operation: perr.Op, Err: perr.Err, Events: perr.Events} } return err diff --git a/vendor/github.com/Microsoft/hcsshim/ext4/dmverity/dmverity.go b/vendor/github.com/Microsoft/hcsshim/ext4/dmverity/dmverity.go index 5b3fa8a349d9..2d182802386c 100644 --- a/vendor/github.com/Microsoft/hcsshim/ext4/dmverity/dmverity.go +++ b/vendor/github.com/Microsoft/hcsshim/ext4/dmverity/dmverity.go @@ -185,6 +185,8 @@ func ReadDMVerityInfoReader(r io.Reader) (*VerityInfo, error) { block := make([]byte, blockSize) if s, err := r.Read(block); err != nil || s != blockSize { if err != nil { + // TODO (go1.20): use multierror via fmt.Errorf("...: %w; ...: %w", ...) + //nolint:errorlint // non-wrapping format verb for fmt.Errorf return nil, fmt.Errorf("%s: %w", ErrSuperBlockReadFailure, err) } return nil, fmt.Errorf("unexpected bytes read expected=%d actual=%d: %w", blockSize, s, ErrSuperBlockReadFailure) @@ -193,6 +195,8 @@ func ReadDMVerityInfoReader(r io.Reader) (*VerityInfo, error) { dmvSB := &dmveritySuperblock{} b := bytes.NewBuffer(block) if err := binary.Read(b, binary.LittleEndian, dmvSB); err != nil { + // TODO (go1.20): use multierror via fmt.Errorf("...: %w; ...: %w", ...) + //nolint:errorlint // non-wrapping format verb for fmt.Errorf return nil, fmt.Errorf("%s: %w", ErrSuperBlockParseFailure, err) } @@ -202,6 +206,8 @@ func ReadDMVerityInfoReader(r io.Reader) (*VerityInfo, error) { if s, err := r.Read(block); err != nil || s != blockSize { if err != nil { + // TODO (go1.20): use multierror via fmt.Errorf("...: %w; ...: %w", ...) + //nolint:errorlint // non-wrapping format verb for fmt.Errorf return nil, fmt.Errorf("%s: %w", ErrRootHashReadFailure, err) } return nil, fmt.Errorf("unexpected bytes read expected=%d, actual=%d: %w", blockSize, s, ErrRootHashReadFailure) diff --git a/vendor/github.com/Microsoft/hcsshim/ext4/internal/compactext4/compact.go b/vendor/github.com/Microsoft/hcsshim/ext4/internal/compactext4/compact.go index 6046ea239fa0..760b4dc4ef9e 100644 --- a/vendor/github.com/Microsoft/hcsshim/ext4/internal/compactext4/compact.go +++ b/vendor/github.com/Microsoft/hcsshim/ext4/internal/compactext4/compact.go @@ -604,7 +604,7 @@ func (w *Writer) Create(name string, f *File) error { } child, err := w.makeInode(f, reuse) if err != nil { - return fmt.Errorf("%s: %s", name, err) + return fmt.Errorf("%s: %w", name, err) } if existing != child { if existing != nil { diff --git a/vendor/github.com/Microsoft/hcsshim/ext4/tar2ext4/tar2ext4.go b/vendor/github.com/Microsoft/hcsshim/ext4/tar2ext4/tar2ext4.go index 7bf8d6550db3..a6a3fe282c86 100644 --- a/vendor/github.com/Microsoft/hcsshim/ext4/tar2ext4/tar2ext4.go +++ b/vendor/github.com/Microsoft/hcsshim/ext4/tar2ext4/tar2ext4.go @@ -85,7 +85,7 @@ func ConvertTarToExt4(r io.Reader, w io.ReadWriteSeeker, options ...Option) erro fs := compactext4.NewWriter(w, p.ext4opts...) for { hdr, err := t.Next() - if err == io.EOF { + if errors.Is(err, io.EOF) { break } if err != nil { @@ -301,7 +301,7 @@ func Ext4FileSystemSize(r io.ReadSeeker) (int64, int, error) { func ConvertAndComputeRootDigest(r io.Reader) (string, error) { out, err := os.CreateTemp("", "") if err != nil { - return "", fmt.Errorf("failed to create temporary file: %s", err) + return "", fmt.Errorf("failed to create temporary file: %w", err) } defer func() { _ = os.Remove(out.Name()) @@ -313,16 +313,16 @@ func ConvertAndComputeRootDigest(r io.Reader) (string, error) { MaximumDiskSize(dmverity.RecommendedVHDSizeGB), } if err := ConvertTarToExt4(r, out, options...); err != nil { - return "", fmt.Errorf("failed to convert tar to ext4: %s", err) + return "", fmt.Errorf("failed to convert tar to ext4: %w", err) } if _, err := out.Seek(0, io.SeekStart); err != nil { - return "", fmt.Errorf("failed to seek start on temp file when creating merkle tree: %s", err) + return "", fmt.Errorf("failed to seek start on temp file when creating merkle tree: %w", err) } tree, err := dmverity.MerkleTree(bufio.NewReaderSize(out, dmverity.MerkleTreeBufioSize)) if err != nil { - return "", fmt.Errorf("failed to create merkle tree: %s", err) + return "", fmt.Errorf("failed to create merkle tree: %w", err) } hash := dmverity.RootHash(tree) diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go index 81b56b9ffca3..66390cf0d343 100644 --- a/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnerrors.go @@ -6,11 +6,12 @@ import ( "errors" "fmt" + "github.com/sirupsen/logrus" + "golang.org/x/sys/windows" + "github.com/Microsoft/hcsshim/internal/hcs" "github.com/Microsoft/hcsshim/internal/hcserror" "github.com/Microsoft/hcsshim/internal/interop" - "github.com/sirupsen/logrus" - "golang.org/x/sys/windows" ) var ( @@ -63,8 +64,8 @@ func (e *HcnError) Error() string { } func CheckErrorWithCode(err error, code ErrorCode) bool { - hcnError, ok := err.(*HcnError) - if ok { + var hcnError *HcnError + if errors.As(err, &hcnError) { return hcnError.code == code } return false @@ -81,7 +82,7 @@ func IsPortAlreadyExistsError(err error) bool { func new(hr error, title string, rest string) error { err := &HcnError{} hcsError := hcserror.New(hr, title, rest) - err.HcsError = hcsError.(*hcserror.HcsError) + err.HcsError = hcsError.(*hcserror.HcsError) //nolint:errorlint err.code = ErrorCode(hcserror.Win32FromError(hr)) return err } @@ -97,6 +98,8 @@ type NetworkNotFoundError struct { NetworkID string } +var _ error = NetworkNotFoundError{} + func (e NetworkNotFoundError) Error() string { if e.NetworkName != "" { return fmt.Sprintf("Network name %q not found", e.NetworkName) @@ -110,6 +113,8 @@ type EndpointNotFoundError struct { EndpointID string } +var _ error = EndpointNotFoundError{} + func (e EndpointNotFoundError) Error() string { if e.EndpointName != "" { return fmt.Sprintf("Endpoint name %q not found", e.EndpointName) @@ -122,6 +127,8 @@ type NamespaceNotFoundError struct { NamespaceID string } +var _ error = NamespaceNotFoundError{} + func (e NamespaceNotFoundError) Error() string { return fmt.Sprintf("Namespace ID %q not found", e.NamespaceID) } @@ -131,6 +138,8 @@ type LoadBalancerNotFoundError struct { LoadBalancerId string } +var _ error = LoadBalancerNotFoundError{} + func (e LoadBalancerNotFoundError) Error() string { return fmt.Sprintf("LoadBalancer %q not found", e.LoadBalancerId) } @@ -140,6 +149,8 @@ type RouteNotFoundError struct { RouteId string } +var _ error = RouteNotFoundError{} + func (e RouteNotFoundError) Error() string { return fmt.Sprintf("SDN Route %q not found", e.RouteId) } @@ -147,19 +158,31 @@ func (e RouteNotFoundError) Error() string { // IsNotFoundError returns a boolean indicating whether the error was caused by // a resource not being found. func IsNotFoundError(err error) bool { - switch pe := err.(type) { - case NetworkNotFoundError: + // Calling [errors.As] in a loop over `[]error{NetworkNotFoundError{}, ...}` will not work, + // since the loop variable will be an interface type (ie, `error`) and `errors.As(error, *error)` will + // always succeed. + // Unless golang adds loops over (or arrays of) types, we need to manually call `errors.As` for + // each potential error type. + // + // Also, for T = NetworkNotFoundError and co, the error implementation is for T, not *T + if e := (NetworkNotFoundError{}); errors.As(err, &e) { return true - case EndpointNotFoundError: + } + if e := (EndpointNotFoundError{}); errors.As(err, &e) { return true - case NamespaceNotFoundError: + } + if e := (NamespaceNotFoundError{}); errors.As(err, &e) { return true - case LoadBalancerNotFoundError: + } + if e := (LoadBalancerNotFoundError{}); errors.As(err, &e) { return true - case RouteNotFoundError: + } + if e := (RouteNotFoundError{}); errors.As(err, &e) { return true - case *hcserror.HcsError: - return pe.Err == hcs.ErrElementNotFound } + if e := (&hcserror.HcsError{}); errors.As(err, &e) { + return errors.Is(e.Err, hcs.ErrElementNotFound) + } + return false } diff --git a/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go index 5768eac158ff..e855f5a3aa4f 100644 --- a/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go +++ b/vendor/github.com/Microsoft/hcsshim/hcn/hcnnamespace.go @@ -4,6 +4,7 @@ package hcn import ( "encoding/json" + "errors" "os" "syscall" @@ -378,7 +379,8 @@ func (namespace *HostComputeNamespace) Sync() error { shimPath := runhcs.VMPipePath(cfg.HostUniqueID) if err := runhcs.IssueVMRequest(shimPath, &req); err != nil { // The shim is likely gone. Simply ignore the sync as if it didn't exist. - if perr, ok := err.(*os.PathError); ok && perr.Err == syscall.ERROR_FILE_NOT_FOUND { + var perr *os.PathError + if errors.As(err, &perr) && errors.Is(perr.Err, syscall.ERROR_FILE_NOT_FOUND) { // Remove the reg key there is no point to try again _ = cfg.Remove() return nil diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go index 37afbf6917af..8ef611d6a099 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go @@ -63,7 +63,7 @@ func (process *Process) SystemID() string { } func (process *Process) processSignalResult(ctx context.Context, err error) (bool, error) { - switch err { + switch err { //nolint:errorlint case nil: return true, nil case ErrVmcomputeOperationInvalidState, ErrComputeSystemDoesNotExist, ErrElementNotFound: diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/layer.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/layer.go index 176c49d4959c..cb8dea08de14 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/layer.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/layer.go @@ -9,6 +9,13 @@ package hcsschema +type FileSystemFilterType string + +const ( + UnionFS FileSystemFilterType = "UnionFS" + WCIFS FileSystemFilterType = "WCIFS" +) + type Layer struct { Id string `json:"Id,omitempty"` diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_hive.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_hive.go new file mode 100644 index 000000000000..e7b605fdae03 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_hive.go @@ -0,0 +1,13 @@ +package hcsschema + +// NOTE: manually added + +type RegistryHive string + +// List of RegistryHive +const ( + RegistryHive_SYSTEM RegistryHive = "System" + RegistryHive_SOFTWARE RegistryHive = "Software" + RegistryHive_SECURITY RegistryHive = "Security" + RegistryHive_SAM RegistryHive = "Sam" +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_key.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_key.go index 26fde99c74c1..1883444a56af 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_key.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_key.go @@ -10,7 +10,7 @@ package hcsschema type RegistryKey struct { - Hive string `json:"Hive,omitempty"` + Hive RegistryHive `json:"Hive,omitempty"` Name string `json:"Name,omitempty"` diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value.go index 3f203176c322..13f24d5360f4 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value.go @@ -14,7 +14,7 @@ type RegistryValue struct { Name string `json:"Name,omitempty"` - Type_ string `json:"Type,omitempty"` + Type_ RegistryValueType `json:"Type,omitempty"` // One and only one value type must be set. StringValue string `json:"StringValue,omitempty"` diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value_type.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value_type.go new file mode 100644 index 000000000000..c8b4f6c95721 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/registry_value_type.go @@ -0,0 +1,17 @@ +package hcsschema + +// NOTE: manually added + +type RegistryValueType string + +// List of RegistryValueType +const ( + RegistryValueType_NONE RegistryValueType = "None" + RegistryValueType_STRING RegistryValueType = "String" + RegistryValueType_EXPANDED_STRING RegistryValueType = "ExpandedString" + RegistryValueType_MULTI_STRING RegistryValueType = "MultiString" + RegistryValueType_BINARY RegistryValueType = "Binary" + RegistryValueType_D_WORD RegistryValueType = "DWord" + RegistryValueType_Q_WORD RegistryValueType = "QWord" + RegistryValueType_CUSTOM_TYPE RegistryValueType = "CustomType" +) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go index cf1db7da9a9b..81d60ed4347f 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go @@ -97,7 +97,7 @@ func CreateComputeSystem(ctx context.Context, id string, hcsDocumentInterface in events, err := processAsyncHcsResult(ctx, createError, resultJSON, computeSystem.callbackNumber, hcsNotificationSystemCreateCompleted, &timeout.SystemCreate) if err != nil { - if err == ErrTimeout { + if errors.Is(err, ErrTimeout) { // Terminate the compute system if it still exists. We're okay to // ignore a failure here. _ = computeSystem.Terminate(ctx) @@ -238,7 +238,7 @@ func (computeSystem *System) Shutdown(ctx context.Context) error { resultJSON, err := vmcompute.HcsShutdownComputeSystem(ctx, computeSystem.handle, "") events := processHcsResult(ctx, resultJSON) - switch err { + switch err { //nolint:errorlint case nil, ErrVmcomputeAlreadyStopped, ErrComputeSystemDoesNotExist, ErrVmcomputeOperationPending: default: return makeSystemError(computeSystem, operation, err, events) @@ -259,7 +259,7 @@ func (computeSystem *System) Terminate(ctx context.Context) error { resultJSON, err := vmcompute.HcsTerminateComputeSystem(ctx, computeSystem.handle, "") events := processHcsResult(ctx, resultJSON) - switch err { + switch err { //nolint:errorlint case nil, ErrVmcomputeAlreadyStopped, ErrComputeSystemDoesNotExist, ErrVmcomputeOperationPending: default: return makeSystemError(computeSystem, operation, err, events) @@ -279,7 +279,7 @@ func (computeSystem *System) waitBackground() { span.AddAttributes(trace.StringAttribute("cid", computeSystem.id)) err := waitForNotification(ctx, computeSystem.callbackNumber, hcsNotificationSystemExited, nil) - switch err { + switch err { //nolint:errorlint case nil: log.G(ctx).Debug("system exited") case ErrVmcomputeUnexpectedExit: diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go index 0a8f36d832fe..e61dc8de6262 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go @@ -31,7 +31,7 @@ func hnsCallRawResponse(method, path, request string) (*hnsResponse, error) { func hnsCall(method, path, request string, returnResponse interface{}) error { hnsresponse, err := hnsCallRawResponse(method, path, request) if err != nil { - return fmt.Errorf("failed during hnsCallRawResponse: %v", err) + return fmt.Errorf("failed during hnsCallRawResponse: %w", err) } if !hnsresponse.Success { return fmt.Errorf("hns failed with error : %s", hnsresponse.Error) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go b/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go index 749588ad39ae..a64b67923938 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go @@ -56,7 +56,7 @@ func issueNamespaceRequest(id *string, method, subpath string, request interface if strings.Contains(err.Error(), "Element not found.") { return nil, os.ErrNotExist } - return nil, fmt.Errorf("%s %s: %s", method, hnspath, err) + return nil, fmt.Errorf("%s %s: %w", method, hnspath, err) } return &ns, err } @@ -86,7 +86,7 @@ func GetNamespaceEndpoints(id string) ([]string, error) { var endpoint namespaceEndpointRequest err = json.Unmarshal(rsrc.Data, &endpoint) if err != nil { - return nil, fmt.Errorf("unmarshal endpoint: %s", err) + return nil, fmt.Errorf("unmarshal endpoint: %w", err) } endpoints = append(endpoints, endpoint.ID) } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/iocp.go b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/iocp.go index bcca84b0da3c..eae3cc5001bc 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/iocp.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/iocp.go @@ -4,6 +4,7 @@ package jobobject import ( "context" + "errors" "fmt" "sync" "unsafe" @@ -59,7 +60,7 @@ func pollIOCP(ctx context.Context, iocpHandle windows.Handle) { }).Warn("failed to parse job object message") continue } - if err := msq.Enqueue(notification); err == queue.ErrQueueClosed { + if err := msq.Enqueue(notification); errors.Is(err, queue.ErrQueueClosed) { // Write will only return an error when the queue is closed. // The only time a queue would ever be closed is when we call `Close` on // the job it belongs to which also removes it from the jobMap, so something diff --git a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/jobobject.go b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/jobobject.go index 4a224fbeced9..10ae4d670050 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/jobobject.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/jobobject.go @@ -374,7 +374,7 @@ func (job *JobObject) Pids() ([]uint32, error) { return []uint32{}, nil } - if err != winapi.ERROR_MORE_DATA { + if err != winapi.ERROR_MORE_DATA { //nolint:errorlint return nil, fmt.Errorf("failed initial query for PIDs in job object: %w", err) } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/limits.go b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/limits.go index 03f71d9a425f..e3b1a1edc9f9 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/jobobject/limits.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/jobobject/limits.go @@ -143,6 +143,13 @@ func (job *JobObject) SetCPUAffinity(affinityBitMask uint64) error { return err } info.BasicLimitInformation.LimitFlags |= uint32(windows.JOB_OBJECT_LIMIT_AFFINITY) + + // We really, really shouldn't be running on 32 bit, but just in case (and to satisfy CodeQL) ... + const maxUintptr = ^uintptr(0) + if affinityBitMask > uint64(maxUintptr) { + return fmt.Errorf("affinity bitmask (%d) exceeds max allowable value (%d)", affinityBitMask, maxUintptr) + } + info.BasicLimitInformation.Affinity = uintptr(affinityBitMask) return job.setExtendedInformation(info) } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/log/format.go b/vendor/github.com/Microsoft/hcsshim/internal/log/format.go index 6d69c15b97df..1ceb26badada 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/log/format.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/log/format.go @@ -104,6 +104,7 @@ func encode(v interface{}) (_ []byte, err error) { if jErr := enc.Encode(v); jErr != nil { if err != nil { // TODO (go1.20): use multierror via fmt.Errorf("...: %w; ...: %w", ...) + //nolint:errorlint // non-wrapping format verb for fmt.Errorf return nil, fmt.Errorf("protojson encoding: %v; json encoding: %w", err, jErr) } return nil, fmt.Errorf("json encoding: %w", jErr) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go b/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go index 3e175e522243..cceb3e2d1870 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go @@ -46,6 +46,7 @@ const ( ExpectedType = "expected-type" Bool = "bool" + Int32 = "int32" Uint32 = "uint32" Uint64 = "uint64" diff --git a/vendor/github.com/Microsoft/hcsshim/internal/memory/pool.go b/vendor/github.com/Microsoft/hcsshim/internal/memory/pool.go index 1ef5814d7ef4..6d39ca3bf90b 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/memory/pool.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/memory/pool.go @@ -126,7 +126,7 @@ func (pa *PoolAllocator) Allocate(size uint64) (MappedRegion, error) { // this means that there are no more regions for the current class, try expanding if nextCls != memCls { if err := pa.split(memCls); err != nil { - if err == ErrInvalidMemoryClass { + if errors.Is(err, ErrInvalidMemoryClass) { return nil, ErrNotEnoughSpace } return nil, err @@ -147,7 +147,7 @@ func (pa *PoolAllocator) Allocate(size uint64) (MappedRegion, error) { } // Release marks a memory region of class `memCls` and offset `offset` as free and tries to merge smaller regions into -// a bigger one +// a bigger one. func (pa *PoolAllocator) Release(reg MappedRegion) error { mp := pa.pools[reg.Type()] if mp == nil { @@ -164,7 +164,7 @@ func (pa *PoolAllocator) Release(reg MappedRegion) error { return ErrNotAllocated } if err := pa.merge(n.parent); err != nil { - if err != ErrEarlyMerge { + if !errors.Is(err, ErrEarlyMerge) { return err } } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go b/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go index a56be7b26573..1ccce1944cb0 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go @@ -4,6 +4,7 @@ package regstate import ( "encoding/json" + "errors" "fmt" "net/url" "os" @@ -44,8 +45,8 @@ func (err *NotFoundError) Error() string { } func IsNotFoundError(err error) bool { - _, ok := err.(*NotFoundError) - return ok + var e *NotFoundError + return errors.As(err, &e) } type NoStateError struct { @@ -152,7 +153,8 @@ func (k *Key) openid(id string) (*Key, error) { escaped := url.PathEscape(id) fullpath := filepath.Join(k.Name, escaped) nk, err := k.open(escaped) - if perr, ok := err.(*os.PathError); ok && perr.Err == syscall.ERROR_FILE_NOT_FOUND { + var perr *os.PathError + if errors.As(err, &perr) && errors.Is(perr.Err, syscall.ERROR_FILE_NOT_FOUND) { return nil, &NotFoundError{id} } if err != nil { @@ -165,7 +167,7 @@ func (k *Key) Remove(id string) error { escaped := url.PathEscape(id) err := registry.DeleteKey(k.Key, escaped) if err != nil { - if err == syscall.ERROR_FILE_NOT_FOUND { + if err == syscall.ERROR_FILE_NOT_FOUND { //nolint:errorlint return &NotFoundError{id} } return &os.PathError{Op: "RegDeleteKey", Path: filepath.Join(k.Name, escaped), Err: err} @@ -215,7 +217,7 @@ func (k *Key) set(id string, create bool, key string, state interface{}) error { err = sk.SetBinaryValue(key, js) } if err != nil { - if err == syscall.ERROR_FILE_NOT_FOUND { + if err == syscall.ERROR_FILE_NOT_FOUND { //nolint:errorlint return &NoStateError{id, key} } return &os.PathError{Op: "RegSetValueEx", Path: sk.Name + ":" + key, Err: err} @@ -239,7 +241,7 @@ func (k *Key) Clear(id, key string) error { defer sk.Close() err = sk.DeleteValue(key) if err != nil { - if err == syscall.ERROR_FILE_NOT_FOUND { + if err == syscall.ERROR_FILE_NOT_FOUND { //nolint:errorlint return &NoStateError{id, key} } return &os.PathError{Op: "RegDeleteValue", Path: sk.Name + ":" + key, Err: err} @@ -278,7 +280,7 @@ func (k *Key) Get(id, key string, state interface{}) error { js, _, err = sk.GetBinaryValue(key) } if err != nil { - if err == syscall.ERROR_FILE_NOT_FOUND { + if err == syscall.ERROR_FILE_NOT_FOUND { //nolint:errorlint return &NoStateError{id, key} } return &os.PathError{Op: "RegQueryValueEx", Path: sk.Name + ":" + key, Err: err} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go b/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go index 70368533b4f4..b087b987945f 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go @@ -243,7 +243,7 @@ func RemoveRelative(path string, root *os.File) error { if err == nil { defer f.Close() err = deleteOnClose(f) - if err == syscall.ERROR_ACCESS_DENIED { + if err == syscall.ERROR_ACCESS_DENIED { //nolint:errorlint // Maybe the file is marked readonly. Clear the bit and retry. _ = clearReadOnly(f) err = deleteOnClose(f) diff --git a/vendor/github.com/Microsoft/hcsshim/internal/vhdx/doc.go b/vendor/github.com/Microsoft/hcsshim/internal/vhdx/doc.go new file mode 100644 index 000000000000..99daaa288f7f --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/vhdx/doc.go @@ -0,0 +1,3 @@ +// vhdx package adds the utility methods necessary to deal with the vhdx that are used as the scratch +// space for the containers and the uvm. +package vhdx diff --git a/vendor/github.com/Microsoft/hcsshim/internal/vhdx/info.go b/vendor/github.com/Microsoft/hcsshim/internal/vhdx/info.go new file mode 100644 index 000000000000..4fc3bfd28845 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/vhdx/info.go @@ -0,0 +1,233 @@ +//go:build windows + +package vhdx + +import ( + "bytes" + "context" + "encoding/binary" + "fmt" + "os" + "syscall" + "unsafe" + + "github.com/Microsoft/go-winio/pkg/guid" + "github.com/Microsoft/go-winio/vhd" + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/internal/oc" + "github.com/sirupsen/logrus" + "go.opencensus.io/trace" + "golang.org/x/sys/windows" +) + +const _IOCTL_DISK_GET_DRIVE_LAYOUT_EX = 0x00070050 + +var partitionBasicDataGUID = guid.GUID{ + Data1: 0xebd0a0a2, + Data2: 0xb9e5, + Data3: 0x4433, + Data4: [8]byte{0x87, 0xc0, 0x68, 0xb6, 0xb7, 0x26, 0x99, 0xc7}, +} + +const ( + partitionStyleMBR uint32 = iota + partitionStyleGPT + partitionStyleRaw +) + +// type partitionInformationMBR struct { +// PartitionType uint8 +// BootIndicator uint8 +// RecognizedPartition uint8 +// HiddenSectors uint32 +// PartitionId guid.GUID +// } + +type partitionInformationGPT struct { + PartitionType guid.GUID + PartitionId guid.GUID + Attributes uint64 + Name [72]byte // wide char +} + +type partitionInformationEx struct { + PartitionStyle uint32 + StartingOffset int64 + PartitionLength int64 + PartitionNumber uint32 + RewritePartition uint8 + IsServicePartition uint8 + _ uint16 + // A union of partitionInformationMBR and partitionInformationGPT + // since partitionInformationGPT is largest with 112 bytes + GptMbrUnion [112]byte +} + +type driveLayoutInformationGPT struct { + DiskID guid.GUID + StartingUsableOffset int64 + UsableLength int64 + MaxPartitionCount uint32 +} + +// type driveLayoutInformationMBR struct { +// Signature uint32 +// Checksum uint32 +// } + +type driveLayoutInformationEx struct { + PartitionStyle uint32 + PartitionCount uint32 + // A union of driveLayoutInformationGPT and driveLayoutInformationMBR + // since driveLayoutInformationGPT is largest with 40 bytes + GptMbrUnion [40]byte + PartitionEntry [1]partitionInformationEx +} + +// Takes the physical path of a disk and retrieves the drive layout information of that disk. Returns the +// driveLayoutInformationEx struct and a slice of partitionInfomrationEx struct containing one element for +// each partition found on the vhdx. Note: some of the members like (GptMbrUnion) of these structs are raw +// byte arrays and it is the responsibility of the calling function to properly parse them. +func getDriveLayout(ctx context.Context, drivePhysicalPath string) (driveLayoutInformationEx, []partitionInformationEx, error) { + var ( + outBytes uint32 + err error + volume *os.File + ) + + layoutData := struct { + info driveLayoutInformationEx + // driveLayoutInformationEx has a flexible array member at the end. The data returned + // by IOCTL_DISK_GET_DRIVE_LAYOUT_EX usually has driveLayoutInformationEx.PartitionCount + // number of elements in this array. For all practical purposes we don't expect to have + // more than 64 partitions in a container/uvm vhdx. + partitions [63]partitionInformationEx + }{} + + volume, err = os.OpenFile(drivePhysicalPath, os.O_RDONLY, 0) + if err != nil { + return layoutData.info, layoutData.partitions[:0], fmt.Errorf("failed to open drive: %w", err) + } + defer volume.Close() + + err = windows.DeviceIoControl(windows.Handle(volume.Fd()), + _IOCTL_DISK_GET_DRIVE_LAYOUT_EX, + nil, + 0, + (*byte)(unsafe.Pointer(&layoutData)), + uint32(unsafe.Sizeof(layoutData)), + &outBytes, + nil) + if err != nil { + return layoutData.info, layoutData.partitions[:0], fmt.Errorf("IOCTL to get disk layout failed: %w", err) + } + + if layoutData.info.PartitionCount == 0 { + return layoutData.info, []partitionInformationEx{}, nil + } else { + // parse the retrieved data into driveLayoutInformationEx and partitionInformationEx + partitions := make([]partitionInformationEx, layoutData.info.PartitionCount) + partitions[0] = layoutData.info.PartitionEntry[0] + copy(partitions[1:], layoutData.partitions[:layoutData.info.PartitionCount-1]) + return layoutData.info, partitions, nil + } +} + +// Scratch VHDs are formatted with GPT style and have 1 MSFT_RESERVED +// partition and 1 BASIC_DATA partition. This struct contains the +// partitionID of this BASIC_DATA partition and the DiskID of this +// scratch vhdx. +type ScratchVhdxPartitionInfo struct { + DiskID guid.GUID + PartitionID guid.GUID +} + +// Returns the VhdxInfo of a GPT vhdx at path vhdxPath. +func GetScratchVhdPartitionInfo(ctx context.Context, vhdxPath string) (_ ScratchVhdxPartitionInfo, err error) { + var ( + diskHandle syscall.Handle + driveLayout driveLayoutInformationEx + partitions []partitionInformationEx + gptDriveLayout driveLayoutInformationGPT + gptPartitionInfo partitionInformationGPT + volumePath string + ) + + title := "hcsshim::GetScratchVhdPartitionInfo" + ctx, span := trace.StartSpan(ctx, title) + defer span.End() + defer func() { oc.SetSpanStatus(span, err) }() + span.AddAttributes( + trace.StringAttribute("path", vhdxPath)) + + diskHandle, err = vhd.OpenVirtualDisk(vhdxPath, vhd.VirtualDiskAccessNone, vhd.OpenVirtualDiskFlagNone) + if err != nil { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("get scratch vhd info failed: %w", err) + } + defer func() { + if closeErr := syscall.CloseHandle(diskHandle); closeErr != nil { + log.G(ctx).WithFields(logrus.Fields{ + "disk path": vhdxPath, + "error": closeErr, + }).Warn("failed to close vhd handle") + } + }() + + err = vhd.AttachVirtualDisk(diskHandle, vhd.AttachVirtualDiskFlagNone, &vhd.AttachVirtualDiskParameters{Version: 2}) + if err != nil { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("get scratch vhd info failed: %w", err) + } + + defer func() { + if detachErr := vhd.DetachVirtualDisk(diskHandle); detachErr != nil { + log.G(ctx).WithFields(logrus.Fields{ + "disk path": vhdxPath, + "error": detachErr, + }).Warn("failed to detach vhd") + } + }() + + volumePath, err = vhd.GetVirtualDiskPhysicalPath(diskHandle) + if err != nil { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("get vhd physical path: %w", err) + } + + driveLayout, partitions, err = getDriveLayout(ctx, volumePath) + if err != nil { + return ScratchVhdxPartitionInfo{}, err + } + + if driveLayout.PartitionStyle != partitionStyleGPT { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("drive Layout:Expected partition style GPT(%d) found %d", partitionStyleGPT, driveLayout.PartitionStyle) + } + + if driveLayout.PartitionCount != 2 || len(partitions) != 2 { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("expected exactly 2 partitions. Got %d partitions and partition count of %d", len(partitions), driveLayout.PartitionCount) + } + + if partitions[1].PartitionStyle != partitionStyleGPT { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("partition Info:Expected partition style GPT(%d) found %d", partitionStyleGPT, partitions[1].PartitionStyle) + } + + bufReader := bytes.NewBuffer(driveLayout.GptMbrUnion[:]) + if err := binary.Read(bufReader, binary.LittleEndian, &gptDriveLayout); err != nil { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("failed to parse drive GPT layout: %w", err) + } + + bufReader = bytes.NewBuffer(partitions[1].GptMbrUnion[:]) + if err := binary.Read(bufReader, binary.LittleEndian, &gptPartitionInfo); err != nil { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("failed to parse GPT partition info: %w", err) + } + + if gptPartitionInfo.PartitionType != partitionBasicDataGUID { + return ScratchVhdxPartitionInfo{}, fmt.Errorf("expected partition type to have %s GUID found %s instead", partitionBasicDataGUID, gptPartitionInfo.PartitionType) + } + + log.G(ctx).WithFields(logrus.Fields{ + "Disk ID": gptDriveLayout.DiskID, + "GPT Partition ID": gptPartitionInfo.PartitionId, + }).Debug("Scratch VHD partition info") + + return ScratchVhdxPartitionInfo{DiskID: gptDriveLayout.DiskID, PartitionID: gptPartitionInfo.PartitionId}, nil + +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/vmcompute/vmcompute.go b/vendor/github.com/Microsoft/hcsshim/internal/vmcompute/vmcompute.go index 79b14ef972dc..67ca897cfcfa 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/vmcompute/vmcompute.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/vmcompute/vmcompute.go @@ -104,7 +104,7 @@ func execute(ctx gcontext.Context, timeout time.Duration, f func() error) error }() select { case <-ctx.Done(): - if ctx.Err() == gcontext.DeadlineExceeded { + if ctx.Err() == gcontext.DeadlineExceeded { //nolint:errorlint log.G(ctx).WithField(logfields.Timeout, trueTimeout). Warning("Syscall did not complete within operation timeout. This may indicate a platform issue. " + "If it appears to be making no forward progress, obtain the stacks and see if there is a syscall " + @@ -150,7 +150,7 @@ func HcsCreateComputeSystem(ctx gcontext.Context, id string, configuration strin if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -205,7 +205,7 @@ func HcsStartComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, option if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -228,7 +228,7 @@ func HcsShutdownComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, opt if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -251,7 +251,7 @@ func HcsTerminateComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, op if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -274,7 +274,7 @@ func HcsPauseComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, option if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -297,7 +297,7 @@ func HcsResumeComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, optio if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() @@ -621,7 +621,7 @@ func HcsSaveComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options if result != "" { span.AddAttributes(trace.StringAttribute("result", result)) } - if hr != errVmcomputeOperationPending { + if hr != errVmcomputeOperationPending { //nolint:errorlint // explicitly returned oc.SetSpanStatus(span, hr) } }() diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayerreader.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayerreader.go index 792f13f598b0..807b7de1fb46 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayerreader.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayerreader.go @@ -1,3 +1,5 @@ +//go:build windows + package wclayer import ( @@ -64,7 +66,7 @@ func (r *baseLayerReader) walkUntilCancelled() error { return nil }) - if err == errorIterationCanceled { + if err == errorIterationCanceled { //nolint:errorlint // explicitly returned return nil } @@ -103,7 +105,7 @@ func (r *baseLayerReader) walkUntilCancelled() error { return nil }) - if err == errorIterationCanceled { + if err == errorIterationCanceled { //nolint:errorlint // explicitly returned return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/LayerWriter.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/LayerWriter.go new file mode 100644 index 000000000000..386cbcda9efa --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/LayerWriter.go @@ -0,0 +1,289 @@ +//go:build windows + +package cim + +import ( + "context" + "fmt" + "io" + "os" + "path/filepath" + "strconv" + "strings" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/internal/oc" + "github.com/Microsoft/hcsshim/internal/wclayer" + "github.com/Microsoft/hcsshim/osversion" + "github.com/Microsoft/hcsshim/pkg/cimfs" + "go.opencensus.io/trace" +) + +// A CimLayerWriter implements the wclayer.LayerWriter interface to allow writing container +// image layers in the cim format. +// A cim layer consist of cim files (which are usually stored in the `cim-layers` directory and +// some other files which are stored in the directory of that layer (i.e the `path` directory). +type CimLayerWriter struct { + ctx context.Context + s *trace.Span + // path to the layer (i.e layer's directory) as provided by the caller. + // Even if a layer is stored as a cim in the cim directory, some files associated + // with a layer are still stored in this path. + path string + // parent layer paths + parentLayerPaths []string + // Handle to the layer cim - writes to the cim file + cimWriter *cimfs.CimFsWriter + // Handle to the writer for writing files in the local filesystem + stdFileWriter *stdFileWriter + // reference to currently active writer either cimWriter or stdFileWriter + activeWriter io.Writer + // denotes if this layer has the UtilityVM directory + hasUtilityVM bool + // some files are written outside the cim during initial import (via stdFileWriter) because we need to + // make some modifications to these files before writing them to the cim. The pendingOps slice + // maintains a list of such delayed modifications to the layer cim. These modifications are applied at + // the very end of layer import process. + pendingOps []pendingCimOp +} + +type hive struct { + name string + base string + delta string +} + +var ( + hives = []hive{ + {"SYSTEM", "SYSTEM_BASE", "SYSTEM_DELTA"}, + {"SOFTWARE", "SOFTWARE_BASE", "SOFTWARE_DELTA"}, + {"SAM", "SAM_BASE", "SAM_DELTA"}, + {"SECURITY", "SECURITY_BASE", "SECURITY_DELTA"}, + {"DEFAULT", "DEFAULTUSER_BASE", "DEFAULTUSER_DELTA"}, + } +) + +func isDeltaOrBaseHive(path string) bool { + for _, hv := range hives { + if strings.EqualFold(path, filepath.Join(wclayer.HivesPath, hv.delta)) || + strings.EqualFold(path, filepath.Join(wclayer.RegFilesPath, hv.name)) { + return true + } + } + return false +} + +// checks if this particular file should be written with a stdFileWriter instead of +// using the cimWriter. +func isStdFile(path string) bool { + return (isDeltaOrBaseHive(path) || + path == filepath.Join(wclayer.UtilityVMPath, wclayer.RegFilesPath, "SYSTEM") || + path == filepath.Join(wclayer.UtilityVMPath, wclayer.RegFilesPath, "SOFTWARE") || + path == wclayer.BcdFilePath || path == wclayer.BootMgrFilePath) +} + +// Add adds a file to the layer with given metadata. +func (cw *CimLayerWriter) Add(name string, fileInfo *winio.FileBasicInfo, fileSize int64, securityDescriptor []byte, extendedAttributes []byte, reparseData []byte) error { + if name == wclayer.UtilityVMPath { + cw.hasUtilityVM = true + } + if isStdFile(name) { + // create a pending op for this file + cw.pendingOps = append(cw.pendingOps, &addOp{ + pathInCim: name, + hostPath: filepath.Join(cw.path, name), + fileInfo: fileInfo, + securityDescriptor: securityDescriptor, + extendedAttributes: extendedAttributes, + reparseData: reparseData, + }) + if err := cw.stdFileWriter.Add(name); err != nil { + return err + } + cw.activeWriter = cw.stdFileWriter + } else { + if err := cw.cimWriter.AddFile(name, fileInfo, fileSize, securityDescriptor, extendedAttributes, reparseData); err != nil { + return err + } + cw.activeWriter = cw.cimWriter + } + return nil +} + +// AddLink adds a hard link to the layer. The target must already have been added. +func (cw *CimLayerWriter) AddLink(name string, target string) error { + // set active write to nil so that we panic if layer tar is incorrectly formatted. + cw.activeWriter = nil + if isStdFile(target) { + // If this is a link to a std file it will have to be added later once the + // std file is written to the CIM. Create a pending op for this + cw.pendingOps = append(cw.pendingOps, &linkOp{ + oldPath: target, + newPath: name, + }) + return nil + } else if isStdFile(name) { + // None of the predefined std files are links. If they show up as links this is unexpected + // behavior. Error out. + return fmt.Errorf("unexpected link %s in layer", name) + } else { + return cw.cimWriter.AddLink(target, name) + } +} + +// AddAlternateStream creates another alternate stream at the given +// path. Any writes made after this call will go to that stream. +func (cw *CimLayerWriter) AddAlternateStream(name string, size uint64) error { + if isStdFile(name) { + // As of now there is no known case of std file having multiple data streams. + // If such a file is encountered our assumptions are wrong. Error out. + return fmt.Errorf("unexpected alternate stream %s in layer", name) + } + + if err := cw.cimWriter.CreateAlternateStream(name, size); err != nil { + return err + } + cw.activeWriter = cw.cimWriter + return nil +} + +// Remove removes a file that was present in a parent layer from the layer. +func (cw *CimLayerWriter) Remove(name string) error { + // set active write to nil so that we panic if layer tar is incorrectly formatted. + cw.activeWriter = nil + return cw.cimWriter.Unlink(name) +} + +// Write writes data to the current file. The data must be in the format of a Win32 +// backup stream. +func (cw *CimLayerWriter) Write(b []byte) (int, error) { + return cw.activeWriter.Write(b) +} + +// Close finishes the layer writing process and releases any resources. +func (cw *CimLayerWriter) Close(ctx context.Context) (retErr error) { + if err := cw.stdFileWriter.Close(ctx); err != nil { + return err + } + + // cimWriter must be closed even if there are errors. + defer func() { + if err := cw.cimWriter.Close(); retErr == nil { + retErr = err + } + }() + + // Find out the osversion of this layer, both base & non-base layers can have UtilityVM layer. + processUtilityVM := false + if cw.hasUtilityVM { + uvmSoftwareHivePath := filepath.Join(cw.path, wclayer.UtilityVMPath, wclayer.RegFilesPath, "SOFTWARE") + osvStr, err := getOsBuildNumberFromRegistry(uvmSoftwareHivePath) + if err != nil { + return fmt.Errorf("read os version string from UtilityVM SOFTWARE hive: %w", err) + } + + osv, err := strconv.ParseUint(osvStr, 10, 16) + if err != nil { + return fmt.Errorf("parse os version string (%s): %w", osvStr, err) + } + + // write this version to a file for future reference by the shim process + if err = wclayer.WriteLayerUvmBuildFile(cw.path, uint16(osv)); err != nil { + return fmt.Errorf("write uvm build version: %w", err) + } + + // CIMFS for hyperV isolated is only supported after 20348, processing UtilityVM layer on 2048 + // & lower will cause failures since those images won't have CIMFS specific UVM files (mostly + // BCD entries required for CIMFS) + processUtilityVM = (osv > osversion.LTSC2022) + log.G(ctx).Debugf("import image os version %d, processing UtilityVM layer: %t\n", osv, processUtilityVM) + } + + if len(cw.parentLayerPaths) == 0 { + if err := cw.processBaseLayer(ctx, processUtilityVM); err != nil { + return fmt.Errorf("process base layer: %w", err) + } + } else { + if err := cw.processNonBaseLayer(ctx, processUtilityVM); err != nil { + return fmt.Errorf("process non base layer: %w", err) + } + } + + for _, op := range cw.pendingOps { + if err := op.apply(cw.cimWriter); err != nil { + return fmt.Errorf("apply pending operations: %w", err) + } + } + return nil +} + +func NewCimLayerWriter(ctx context.Context, path string, parentLayerPaths []string) (_ *CimLayerWriter, err error) { + if !cimfs.IsCimFSSupported() { + return nil, fmt.Errorf("CimFs not supported on this build") + } + + ctx, span := trace.StartSpan(ctx, "hcsshim::NewCimLayerWriter") + defer func() { + if err != nil { + oc.SetSpanStatus(span, err) + span.End() + } + }() + span.AddAttributes( + trace.StringAttribute("path", path), + trace.StringAttribute("parentLayerPaths", strings.Join(parentLayerPaths, ", "))) + + parentCim := "" + cimDirPath := GetCimDirFromLayer(path) + if _, err = os.Stat(cimDirPath); os.IsNotExist(err) { + // create cim directory + if err = os.Mkdir(cimDirPath, 0755); err != nil { + return nil, fmt.Errorf("failed while creating cim layers directory: %w", err) + } + } else if err != nil { + return nil, fmt.Errorf("unable to access cim layers directory: %w", err) + + } + + if len(parentLayerPaths) > 0 { + parentCim = GetCimNameFromLayer(parentLayerPaths[0]) + } + + cim, err := cimfs.Create(cimDirPath, parentCim, GetCimNameFromLayer(path)) + if err != nil { + return nil, fmt.Errorf("error in creating a new cim: %w", err) + } + + sfw, err := newStdFileWriter(path, parentLayerPaths) + if err != nil { + return nil, fmt.Errorf("error in creating new standard file writer: %w", err) + } + return &CimLayerWriter{ + ctx: ctx, + s: span, + path: path, + parentLayerPaths: parentLayerPaths, + cimWriter: cim, + stdFileWriter: sfw, + }, nil +} + +// DestroyCimLayer destroys a cim layer i.e it removes all the cimfs files for the given layer as well as +// all of the other files that are stored in the layer directory (at path `layerPath`). +// If this is not a cimfs layer (i.e a cim file for the given layer does not exist) then nothing is done. +func DestroyCimLayer(ctx context.Context, layerPath string) error { + cimPath := GetCimPathFromLayer(layerPath) + + // verify that such a cim exists first, sometimes containerd tries to call + // this with the root snapshot directory as the layer path. We don't want to + // destroy everything inside the snapshots directory. + if _, err := os.Stat(cimPath); err != nil { + if os.IsNotExist(err) { + return nil + } + return err + } + + return cimfs.DestroyCim(ctx, cimPath) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/bcd.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/bcd.go new file mode 100644 index 000000000000..23a3ce67765e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/bcd.go @@ -0,0 +1,107 @@ +//go:build windows + +package cim + +import ( + "bytes" + "fmt" + "os/exec" + + "github.com/Microsoft/go-winio/pkg/guid" +) + +const ( + bcdFilePath = "UtilityVM\\Files\\EFI\\Microsoft\\Boot\\BCD" + cimfsDeviceOptionsID = "{763e9fea-502d-434f-aad9-5fabe9c91a7b}" + vmbusDeviceID = "{c63c9bdf-5fa5-4208-b03f-6b458b365592}" + compositeDeviceOptionsID = "{e1787220-d17f-49e7-977a-d8fe4c8537e2}" + bootContainerID = "{b890454c-80de-4e98-a7ab-56b74b4fbd0c}" +) + +func bcdExec(storePath string, args ...string) error { + var out bytes.Buffer + argsArr := []string{"/store", storePath, "/offline"} + argsArr = append(argsArr, args...) + cmd := exec.Command("bcdedit.exe", argsArr...) + cmd.Stdout = &out + if err := cmd.Run(); err != nil { + return fmt.Errorf("bcd command (%s) failed: %w", cmd, err) + } + return nil +} + +// A registry configuration required for the uvm. +func setBcdRestartOnFailure(storePath string) error { + return bcdExec(storePath, "/set", "{default}", "restartonfailure", "yes") +} + +func setBcdCimBootDevice(storePath, cimPathRelativeToVSMB string, diskID, partitionID guid.GUID) error { + // create options for cimfs boot device + if err := bcdExec(storePath, "/create", cimfsDeviceOptionsID, "/d", "CimFS Device Options", "/device"); err != nil { + return err + } + + // Set options. For now we need to set 2 options. First is the parent device i.e the device under + // which all cim files will be available. Second is the path of the cim (from which this UVM should + // boot) relative to the parent device. Note that even though the 2nd option is named + // `cimfsrootdirectory` it expects a path to the cim file and not a directory path. + if err := bcdExec(storePath, "/set", cimfsDeviceOptionsID, "cimfsparentdevice", fmt.Sprintf("vmbus=%s", vmbusDeviceID)); err != nil { + return err + } + + if err := bcdExec(storePath, "/set", cimfsDeviceOptionsID, "cimfsrootdirectory", fmt.Sprintf("\\%s", cimPathRelativeToVSMB)); err != nil { + return err + } + + // create options for the composite device + if err := bcdExec(storePath, "/create", compositeDeviceOptionsID, "/d", "Composite Device Options", "/device"); err != nil { + return err + } + + // We need to specify the diskID & the partition ID of the boot disk and we need to set the cimfs boot + // options ID + partitionStr := fmt.Sprintf("gpt_partition={%s};{%s}", diskID, partitionID) + if err := bcdExec(storePath, "/set", compositeDeviceOptionsID, "primarydevice", partitionStr); err != nil { + return err + } + + if err := bcdExec(storePath, "/set", compositeDeviceOptionsID, "secondarydevice", fmt.Sprintf("cimfs=%s,%s", bootContainerID, cimfsDeviceOptionsID)); err != nil { + return err + } + + if err := bcdExec(storePath, "/set", "{default}", "device", fmt.Sprintf("composite=0,%s", compositeDeviceOptionsID)); err != nil { + return err + } + + if err := bcdExec(storePath, "/set", "{default}", "osdevice", fmt.Sprintf("composite=0,%s", compositeDeviceOptionsID)); err != nil { + return err + } + + // Since our UVM file are stored under UtilityVM\Files directory inside the CIM we must prepend that + // directory in front of paths used by bootmgr + if err := bcdExec(storePath, "/set", "{default}", "path", "\\UtilityVM\\Files\\Windows\\System32\\winload.efi"); err != nil { + return err + } + + if err := bcdExec(storePath, "/set", "{default}", "systemroot", "\\UtilityVM\\Files\\Windows"); err != nil { + return err + } + + return nil +} + +// updateBcdStoreForBoot Updates the bcd store at path layerPath + UtilityVM\Files\EFI\Microsoft\Boot\BCD` to +// boot with the disk with given ID and given partitionID. cimPathRelativeToVSMB is the path of the cim which +// will be used for booting this UVM relative to the VSMB share. (Usually, the entire snapshots directory will +// be shared over VSMB, so if this is the cim-layers\1.cim under that directory, the value of +// `cimPathRelativeToVSMB` should be cim-layers\1.cim) +func updateBcdStoreForBoot(storePath string, cimPathRelativeToVSMB string, diskID, partitionID guid.GUID) error { + if err := setBcdRestartOnFailure(storePath); err != nil { + return err + } + + if err := setBcdCimBootDevice(storePath, cimPathRelativeToVSMB, diskID, partitionID); err != nil { + return err + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/common.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/common.go new file mode 100644 index 000000000000..bdeebd3c03d3 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/common.go @@ -0,0 +1,41 @@ +//go:build windows + +package cim + +import ( + "os" + "path/filepath" +) + +const ( + // name of the directory in which cims are stored + cimDir = "cim-layers" +) + +// Usually layers are stored at ./root/io.containerd.snapshotter.v1.windows/snapshots/. For cimfs we +// must store all layer cims in the same directory (for forked cims to work). So all cim layers are stored in +// /root/io.containerd.snapshotter.v1.windows/snapshots/cim-layers. And the cim file representing each +// individual layer is stored at /root/io.containerd.snapshotter.v1.windows/snapshots/cim-layers/.cim + +// CimName is the filename (.cim) of the file representing the cim +func GetCimNameFromLayer(layerPath string) string { + return filepath.Base(layerPath) + ".cim" +} + +// CimPath is the path to the CimDir/.cim file that represents a layer cim. +func GetCimPathFromLayer(layerPath string) string { + return filepath.Join(GetCimDirFromLayer(layerPath), GetCimNameFromLayer(layerPath)) +} + +// CimDir is the directory inside which all cims are stored. +func GetCimDirFromLayer(layerPath string) string { + dir := filepath.Dir(layerPath) + return filepath.Join(dir, cimDir) +} + +// IsCimLayer returns `true` if the layer at path `layerPath` is a cim layer. Returns `false` otherwise. +func IsCimLayer(layerPath string) bool { + cimPath := GetCimPathFromLayer(layerPath) + _, err := os.Stat(cimPath) + return (err == nil) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/doc.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/doc.go new file mode 100644 index 000000000000..d8146599655b --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/doc.go @@ -0,0 +1,3 @@ +// This package provides utilities for working with container image layers in the cim format +// via the wclayer APIs. +package cim diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/file_writer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/file_writer.go new file mode 100644 index 000000000000..497bbbbb9a45 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/file_writer.go @@ -0,0 +1,90 @@ +//go:build windows + +package cim + +import ( + "context" + "fmt" + "os" + "path/filepath" + "syscall" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/safefile" + "github.com/Microsoft/hcsshim/internal/winapi" +) + +// stdFileWriter writes the files of a layer to the layer folder instead of writing them inside the cim. +// For some files (like the Hive files or some UtilityVM files) it is necessary to write them as a normal file +// first, do some modifications on them (for example merging of hives or processing of UtilityVM files) +// and then write the modified versions into the cim. This writer is used for such files. +type stdFileWriter struct { + activeFile *os.File + // parent layer paths + parentLayerPaths []string + // path to the current layer + path string + // the open handle to the path directory + root *os.File +} + +func newStdFileWriter(root string, parentRoots []string) (sfw *stdFileWriter, err error) { + sfw = &stdFileWriter{ + path: root, + parentLayerPaths: parentRoots, + } + sfw.root, err = safefile.OpenRoot(root) + if err != nil { + return + } + return +} + +func (sfw *stdFileWriter) closeActiveFile() (err error) { + if sfw.activeFile != nil { + err = sfw.activeFile.Close() + sfw.activeFile = nil + } + return +} + +// Adds a new file or an alternate data stream to an existing file inside the layer directory. +func (sfw *stdFileWriter) Add(name string) error { + if err := sfw.closeActiveFile(); err != nil { + return err + } + + // The directory of this file might be created inside the cim. + // make sure we have the same parent directory chain here + if err := safefile.MkdirAllRelative(filepath.Dir(name), sfw.root); err != nil { + return fmt.Errorf("failed to create file %s: %w", name, err) + } + + f, err := safefile.OpenRelative( + name, + sfw.root, + syscall.GENERIC_READ|syscall.GENERIC_WRITE|winio.WRITE_DAC|winio.WRITE_OWNER, + syscall.FILE_SHARE_READ, + winapi.FILE_CREATE, + 0, + ) + if err != nil { + return fmt.Errorf("error creating file %s: %w", name, err) + } + sfw.activeFile = f + return nil +} + +// Write writes data to the current file. The data must be in the format of a Win32 +// backup stream. +func (sfw *stdFileWriter) Write(b []byte) (int, error) { + return sfw.activeFile.Write(b) +} + +// Close finishes the layer writing process and releases any resources. +func (sfw *stdFileWriter) Close(ctx context.Context) error { + if err := sfw.closeActiveFile(); err != nil { + return fmt.Errorf("failed to close active file %s : %w", sfw.activeFile.Name(), err) + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/mount.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/mount.go new file mode 100644 index 000000000000..22f21dd43a40 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/mount.go @@ -0,0 +1,89 @@ +//go:build windows + +package cim + +import ( + "context" + "fmt" + "os" + "sync" + + "github.com/Microsoft/go-winio/pkg/guid" + hcsschema "github.com/Microsoft/hcsshim/internal/hcs/schema2" + cimfs "github.com/Microsoft/hcsshim/pkg/cimfs" +) + +// a cache of cim layer to its mounted volume - The mount manager plugin currently doesn't have an option of +// querying a mounted cim to get the volume at which it is mounted, so we maintain a cache of that here +var ( + cimMounts map[string]string = make(map[string]string) + cimMountMapLock sync.Mutex + // A random GUID used as a namespace for generating cim mount volume GUIDs: 6827367b-c388-4e9b-95ec-961c6d2c936c + cimMountNamespace guid.GUID = guid.GUID{Data1: 0x6827367b, Data2: 0xc388, Data3: 0x4e9b, Data4: [8]byte{0x96, 0x1c, 0x6d, 0x2c, 0x93, 0x6c}} +) + +// MountCimLayer mounts the cim at path `cimPath` and returns the mount location of that cim. This method +// uses the `CimMountFlagCacheFiles` mount flag when mounting the cim. The containerID is used to generated +// the volumeID for the volume at which this CIM is mounted. containerID is used so that if the shim process +// crashes for any reason, the mounted cim can be correctly cleaned up during `shim delete` call. +func MountCimLayer(ctx context.Context, cimPath, containerID string) (string, error) { + volumeGUID, err := guid.NewV5(cimMountNamespace, []byte(containerID)) + if err != nil { + return "", fmt.Errorf("generated cim mount GUID: %w", err) + } + + vol, err := cimfs.Mount(cimPath, volumeGUID, hcsschema.CimMountFlagCacheFiles) + if err != nil { + return "", err + } + + cimMountMapLock.Lock() + defer cimMountMapLock.Unlock() + cimMounts[fmt.Sprintf("%s_%s", containerID, cimPath)] = vol + + return vol, nil +} + +// Unmount unmounts the cim at mounted for given container. +func UnmountCimLayer(ctx context.Context, cimPath, containerID string) error { + cimMountMapLock.Lock() + defer cimMountMapLock.Unlock() + if vol, ok := cimMounts[fmt.Sprintf("%s_%s", containerID, cimPath)]; !ok { + return fmt.Errorf("cim %s not mounted", cimPath) + } else { + delete(cimMounts, fmt.Sprintf("%s_%s", containerID, cimPath)) + err := cimfs.Unmount(vol) + if err != nil { + return err + } + } + return nil +} + +// GetCimMountPath returns the volume at which a cim is mounted. If the cim is not mounted returns error +func GetCimMountPath(cimPath, containerID string) (string, error) { + cimMountMapLock.Lock() + defer cimMountMapLock.Unlock() + + if vol, ok := cimMounts[fmt.Sprintf("%s_%s", containerID, cimPath)]; !ok { + return "", fmt.Errorf("cim %s not mounted", cimPath) + } else { + return vol, nil + } +} + +func CleanupContainerMounts(containerID string) error { + volumeGUID, err := guid.NewV5(cimMountNamespace, []byte(containerID)) + if err != nil { + return fmt.Errorf("generated cim mount GUID: %w", err) + } + + volPath := fmt.Sprintf("\\\\?\\Volume{%s}\\", volumeGUID.String()) + if _, err := os.Stat(volPath); err == nil { + err = cimfs.Unmount(volPath) + if err != nil { + return err + } + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/pending.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/pending.go new file mode 100644 index 000000000000..d13bdff850bc --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/pending.go @@ -0,0 +1,68 @@ +//go:build windows + +package cim + +import ( + "fmt" + "io" + "os" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/pkg/cimfs" + "golang.org/x/sys/windows" +) + +type pendingCimOp interface { + apply(cw *cimfs.CimFsWriter) error +} + +// add op represents a pending operation of adding a new file inside the cim +type addOp struct { + // path inside the cim at which the file should be added + pathInCim string + // host path where this file was temporarily written. + hostPath string + // other file metadata fields that were provided during the add call. + fileInfo *winio.FileBasicInfo + securityDescriptor []byte + extendedAttributes []byte + reparseData []byte +} + +func (o *addOp) apply(cw *cimfs.CimFsWriter) error { + f, err := os.Open(o.hostPath) + if err != nil { + return fmt.Errorf("open file %s: %w", o.hostPath, err) + } + defer f.Close() + + fs, err := f.Stat() + if err != nil { + return fmt.Errorf("stat file %s: %w", o.hostPath, err) + } + + if err := cw.AddFile(o.pathInCim, o.fileInfo, fs.Size(), o.securityDescriptor, o.extendedAttributes, o.reparseData); err != nil { + return fmt.Errorf("cim add file %s: %w", o.hostPath, err) + } + + if o.fileInfo.FileAttributes != windows.FILE_ATTRIBUTE_DIRECTORY { + written, err := io.Copy(cw, f) + if err != nil { + return fmt.Errorf("write file %s inside cim: %w", o.hostPath, err) + } else if written != fs.Size() { + return fmt.Errorf("short write to cim for file %s, expected %d bytes wrote %d", o.hostPath, fs.Size(), written) + } + } + return nil +} + +// linkOp represents a pending link file operation inside the cim +type linkOp struct { + // old & new paths inside the cim where the link should be created + oldPath string + newPath string +} + +func (o *linkOp) apply(cw *cimfs.CimFsWriter) error { + return cw.AddLink(o.oldPath, o.newPath) +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/process.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/process.go new file mode 100644 index 000000000000..efce1251f0a8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/process.go @@ -0,0 +1,293 @@ +//go:build windows + +package cim + +import ( + "context" + "fmt" + "os" + "path/filepath" + "syscall" + "time" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/go-winio/vhd" + "github.com/Microsoft/hcsshim/computestorage" + "github.com/Microsoft/hcsshim/internal/memory" + "github.com/Microsoft/hcsshim/internal/security" + "github.com/Microsoft/hcsshim/internal/vhdx" + "github.com/Microsoft/hcsshim/internal/wclayer" + "golang.org/x/sys/windows" +) + +const defaultVHDXBlockSizeInMB = 1 + +func createContainerBaseLayerVHDs(ctx context.Context, layerPath string) (err error) { + baseVhdPath := filepath.Join(layerPath, wclayer.ContainerBaseVhd) + diffVhdPath := filepath.Join(layerPath, wclayer.ContainerScratchVhd) + defaultVhdSize := uint64(20) + + if _, err := os.Stat(baseVhdPath); err == nil { + if err := os.RemoveAll(baseVhdPath); err != nil { + return fmt.Errorf("failed to remove base vhdx path: %w", err) + } + } + if _, err := os.Stat(diffVhdPath); err == nil { + if err := os.RemoveAll(diffVhdPath); err != nil { + return fmt.Errorf("failed to remove differencing vhdx: %w", err) + } + } + + createParams := &vhd.CreateVirtualDiskParameters{ + Version: 2, + Version2: vhd.CreateVersion2{ + MaximumSize: defaultVhdSize * memory.GiB, + BlockSizeInBytes: defaultVHDXBlockSizeInMB * memory.MiB, + }, + } + handle, err := vhd.CreateVirtualDisk(baseVhdPath, vhd.VirtualDiskAccessNone, vhd.CreateVirtualDiskFlagNone, createParams) + if err != nil { + return fmt.Errorf("failed to create vhdx: %w", err) + } + + defer func() { + if err != nil { + os.RemoveAll(baseVhdPath) + os.RemoveAll(diffVhdPath) + } + }() + + err = computestorage.FormatWritableLayerVhd(ctx, windows.Handle(handle)) + // we always wanna close the handle whether format succeeds for not. + closeErr := syscall.CloseHandle(handle) + if err != nil { + return err + } else if closeErr != nil { + return fmt.Errorf("failed to close vhdx handle: %w", closeErr) + } + + // Create the differencing disk that will be what's copied for the final rw layer + // for a container. + if err = vhd.CreateDiffVhd(diffVhdPath, baseVhdPath, defaultVHDXBlockSizeInMB); err != nil { + return fmt.Errorf("failed to create differencing disk: %w", err) + } + + if err = security.GrantVmGroupAccess(baseVhdPath); err != nil { + return fmt.Errorf("failed to grant vm group access to %s: %w", baseVhdPath, err) + } + if err = security.GrantVmGroupAccess(diffVhdPath); err != nil { + return fmt.Errorf("failed to grant vm group access to %s: %w", diffVhdPath, err) + } + return nil +} + +// processUtilityVMLayer is similar to createContainerBaseLayerVHDs but along with the scratch creation it +// also does some BCD modifications to allow the UVM to boot from the CIM. It expects that the UVM BCD file is +// present at layerPath/`wclayer.BcdFilePath` and a UVM SYSTEM hive is present at +// layerPath/UtilityVM/`wclayer.RegFilesPath`/SYSTEM. The scratch VHDs are created under the `layerPath` +// directory. +func processUtilityVMLayer(ctx context.Context, layerPath string) error { + // func createUtilityVMLayerVHDs(ctx context.Context, layerPath string) error { + baseVhdPath := filepath.Join(layerPath, wclayer.UtilityVMPath, wclayer.UtilityVMBaseVhd) + diffVhdPath := filepath.Join(layerPath, wclayer.UtilityVMPath, wclayer.UtilityVMScratchVhd) + defaultVhdSize := uint64(10) + + // Just create the vhdx for utilityVM layer, no need to format it. + createParams := &vhd.CreateVirtualDiskParameters{ + Version: 2, + Version2: vhd.CreateVersion2{ + MaximumSize: defaultVhdSize * memory.GiB, + BlockSizeInBytes: defaultVHDXBlockSizeInMB * memory.MiB, + }, + } + + handle, err := vhd.CreateVirtualDisk(baseVhdPath, vhd.VirtualDiskAccessNone, vhd.CreateVirtualDiskFlagNone, createParams) + if err != nil { + return fmt.Errorf("failed to create vhdx: %w", err) + } + + defer func() { + if err != nil { + os.RemoveAll(baseVhdPath) + os.RemoveAll(diffVhdPath) + } + }() + + err = computestorage.FormatWritableLayerVhd(ctx, windows.Handle(handle)) + closeErr := syscall.CloseHandle(handle) + if err != nil { + return err + } else if closeErr != nil { + return fmt.Errorf("failed to close vhdx handle: %w", closeErr) + } + + partitionInfo, err := vhdx.GetScratchVhdPartitionInfo(ctx, baseVhdPath) + if err != nil { + return fmt.Errorf("failed to get base vhd layout info: %w", err) + } + // relativeCimPath needs to be the cim path relative to the snapshots directory. The snapshots + // directory is shared inside the UVM over VSMB, so during the UVM boot this relative path will be + // used to find the cim file under that VSMB share. + relativeCimPath := filepath.Join(filepath.Base(GetCimDirFromLayer(layerPath)), GetCimNameFromLayer(layerPath)) + bcdPath := filepath.Join(layerPath, bcdFilePath) + if err = updateBcdStoreForBoot(bcdPath, relativeCimPath, partitionInfo.DiskID, partitionInfo.PartitionID); err != nil { + return fmt.Errorf("failed to update BCD: %w", err) + } + + if err := enableCimBoot(filepath.Join(layerPath, wclayer.UtilityVMPath, wclayer.RegFilesPath, "SYSTEM")); err != nil { + return fmt.Errorf("failed to setup cim image for uvm boot: %w", err) + } + + // Note: diff vhd creation and granting of vm group access must be done AFTER + // getting the partition info of the base VHD. Otherwise it causes the vhd parent + // chain to get corrupted. + // TODO(ambarve): figure out why this happens so that bcd update can be moved to a separate function + + // Create the differencing disk that will be what's copied for the final rw layer + // for a container. + if err = vhd.CreateDiffVhd(diffVhdPath, baseVhdPath, defaultVHDXBlockSizeInMB); err != nil { + return fmt.Errorf("failed to create differencing disk: %w", err) + } + + if err := security.GrantVmGroupAccess(baseVhdPath); err != nil { + return fmt.Errorf("failed to grant vm group access to %s: %w", baseVhdPath, err) + } + if err := security.GrantVmGroupAccess(diffVhdPath); err != nil { + return fmt.Errorf("failed to grant vm group access to %s: %w", diffVhdPath, err) + } + return nil +} + +// processBaseLayerHives make the base layer specific modifications on the hives and emits equivalent the +// pendingCimOps that should be applied on the CIM. In base layer we need to create hard links from registry +// hives under Files/Windows/Sysetm32/config into Hives/*_BASE. This function creates these links outside so +// that the registry hives under Hives/ are available during children layers import. Then we write these hive +// files inside the cim and create links inside the cim. +func processBaseLayerHives(layerPath string) ([]pendingCimOp, error) { + pendingOps := []pendingCimOp{} + + // make hives directory both outside and in the cim + if err := os.Mkdir(filepath.Join(layerPath, wclayer.HivesPath), 0755); err != nil { + return pendingOps, fmt.Errorf("hives directory creation: %w", err) + } + + hivesDirInfo := &winio.FileBasicInfo{ + CreationTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastAccessTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastWriteTime: windows.NsecToFiletime(time.Now().UnixNano()), + ChangeTime: windows.NsecToFiletime(time.Now().UnixNano()), + FileAttributes: windows.FILE_ATTRIBUTE_DIRECTORY, + } + pendingOps = append(pendingOps, &addOp{ + pathInCim: wclayer.HivesPath, + hostPath: filepath.Join(layerPath, wclayer.HivesPath), + fileInfo: hivesDirInfo, + }) + + // add hard links from base hive files. + for _, hv := range hives { + oldHivePathRelative := filepath.Join(wclayer.RegFilesPath, hv.name) + newHivePathRelative := filepath.Join(wclayer.HivesPath, hv.base) + if err := os.Link(filepath.Join(layerPath, oldHivePathRelative), filepath.Join(layerPath, newHivePathRelative)); err != nil { + return pendingOps, fmt.Errorf("hive link creation: %w", err) + } + + pendingOps = append(pendingOps, &linkOp{ + oldPath: oldHivePathRelative, + newPath: newHivePathRelative, + }) + } + return pendingOps, nil +} + +// processLayoutFile creates a file named "layout" in the root of the base layer. This allows certain +// container startup related functions to understand that the hives are a part of the container rootfs. +func processLayoutFile(layerPath string) ([]pendingCimOp, error) { + fileContents := "vhd-with-hives\n" + if err := os.WriteFile(filepath.Join(layerPath, "layout"), []byte(fileContents), 0755); err != nil { + return []pendingCimOp{}, fmt.Errorf("write layout file: %w", err) + } + + layoutFileInfo := &winio.FileBasicInfo{ + CreationTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastAccessTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastWriteTime: windows.NsecToFiletime(time.Now().UnixNano()), + ChangeTime: windows.NsecToFiletime(time.Now().UnixNano()), + FileAttributes: windows.FILE_ATTRIBUTE_NORMAL, + } + + op := &addOp{ + pathInCim: "layout", + hostPath: filepath.Join(layerPath, "layout"), + fileInfo: layoutFileInfo, + } + return []pendingCimOp{op}, nil +} + +// Some of the layer files that are generated during the processBaseLayer call must be added back +// inside the cim, some registry file links must be updated. This function takes care of all those +// steps. This function opens the cim file for writing and updates it. +func (cw *CimLayerWriter) processBaseLayer(ctx context.Context, processUtilityVM bool) (err error) { + if err = createContainerBaseLayerVHDs(ctx, cw.path); err != nil { + return fmt.Errorf("failed to create container base VHDs: %w", err) + } + + if processUtilityVM { + if err = processUtilityVMLayer(ctx, cw.path); err != nil { + return fmt.Errorf("process utilityVM layer: %w", err) + } + } + + ops, err := processBaseLayerHives(cw.path) + if err != nil { + return err + } + cw.pendingOps = append(cw.pendingOps, ops...) + + ops, err = processLayoutFile(cw.path) + if err != nil { + return err + } + cw.pendingOps = append(cw.pendingOps, ops...) + return nil +} + +// processNonBaseLayer takes care of the processing required for a non base layer. As of now +// the only processing required for non base layer is to merge the delta registry hives of the +// non-base layer with it's parent layer. +func (cw *CimLayerWriter) processNonBaseLayer(ctx context.Context, processUtilityVM bool) (err error) { + for _, hv := range hives { + baseHive := filepath.Join(wclayer.HivesPath, hv.base) + deltaHive := filepath.Join(wclayer.HivesPath, hv.delta) + _, err := os.Stat(filepath.Join(cw.path, deltaHive)) + // merge with parent layer if delta exists. + if err != nil && !os.IsNotExist(err) { + return fmt.Errorf("stat delta hive %s: %w", filepath.Join(cw.path, deltaHive), err) + } else if err == nil { + // merge base hive of parent layer with the delta hive of this layer and write it as + // the base hive of this layer. + err = mergeHive(filepath.Join(cw.parentLayerPaths[0], baseHive), filepath.Join(cw.path, deltaHive), filepath.Join(cw.path, baseHive)) + if err != nil { + return err + } + + // the newly created merged file must be added to the cim + cw.pendingOps = append(cw.pendingOps, &addOp{ + pathInCim: baseHive, + hostPath: filepath.Join(cw.path, baseHive), + fileInfo: &winio.FileBasicInfo{ + CreationTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastAccessTime: windows.NsecToFiletime(time.Now().UnixNano()), + LastWriteTime: windows.NsecToFiletime(time.Now().UnixNano()), + ChangeTime: windows.NsecToFiletime(time.Now().UnixNano()), + FileAttributes: windows.FILE_ATTRIBUTE_NORMAL, + }, + }) + } + } + + if processUtilityVM { + return processUtilityVMLayer(ctx, cw.path) + } + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/registry.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/registry.go new file mode 100644 index 000000000000..dd2af81cf35e --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/cim/registry.go @@ -0,0 +1,172 @@ +//go:build windows + +package cim + +import ( + "encoding/binary" + "fmt" + "os" + "unsafe" + + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/internal/winapi" + "github.com/Microsoft/hcsshim/osversion" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "golang.org/x/sys/windows" +) + +// enableCimBoot Opens the SYSTEM registry hive at path `hivePath` and updates it to include a CIMFS Start +// registry key. This prepares the uvm to boot from a cim file if requested. The registry changes required to +// actually make the uvm boot from a cim will be added in the uvm config (look at +// addBootFromCimRegistryChanges for details). This registry key needs to be available in the early boot +// phase and so including it in the uvm config doesn't work. +func enableCimBoot(hivePath string) (err error) { + dataZero := make([]byte, 4) + dataOne := make([]byte, 4) + binary.LittleEndian.PutUint32(dataOne, 1) + dataFour := make([]byte, 4) + binary.LittleEndian.PutUint32(dataFour, 4) + + bootGUID, err := windows.UTF16FromString(bootContainerID) + if err != nil { + return fmt.Errorf("failed to encode boot guid to utf16: %w", err) + } + + overrideBootPath, err := windows.UTF16FromString("\\Windows\\") + if err != nil { + return fmt.Errorf("failed to encode override boot path to utf16: %w", err) + } + + regChanges := []struct { + keyPath string + valueName string + valueType winapi.RegType + data *byte + dataLen uint32 + }{ + {"ControlSet001\\Control", "BootContainerGuid", winapi.REG_TYPE_SZ, (*byte)(unsafe.Pointer(&bootGUID[0])), 2 * uint32(len(bootGUID))}, + {"ControlSet001\\Services\\UnionFS", "Start", winapi.REG_TYPE_DWORD, &dataZero[0], uint32(len(dataZero))}, + {"ControlSet001\\Services\\wcifs", "Start", winapi.REG_TYPE_DWORD, &dataFour[0], uint32(len(dataZero))}, + // The bootmgr loads the uvm files from the cim and so uses the relative path `UtilityVM\\Files` inside the cim to access the uvm files. However, once the cim is mounted UnionFS will merge the correct directory (UtilityVM\\Files) of the cim with the scratch and then that point onwards we don't need to use the relative path. Below registry key tells the kernel that the boot path that was provided in BCD should now be overriden with this new path. + {"Setup", "BootPathOverride", winapi.REG_TYPE_SZ, (*byte)(unsafe.Pointer(&overrideBootPath[0])), 2 * uint32(len(overrideBootPath))}, + } + + var storeHandle winapi.ORHKey + if err = winapi.OROpenHive(hivePath, &storeHandle); err != nil { + return fmt.Errorf("failed to open registry store at %s: %w", hivePath, err) + } + + for _, change := range regChanges { + var changeKey winapi.ORHKey + if err = winapi.ORCreateKey(storeHandle, change.keyPath, 0, 0, 0, &changeKey, nil); err != nil { + return fmt.Errorf("failed to open reg key %s: %w", change.keyPath, err) + } + + if err = winapi.ORSetValue(changeKey, change.valueName, uint32(change.valueType), change.data, change.dataLen); err != nil { + return fmt.Errorf("failed to set value for regkey %s\\%s : %w", change.keyPath, change.valueName, err) + } + } + + // remove the existing file first + if err := os.Remove(hivePath); err != nil { + return fmt.Errorf("failed to remove existing registry %s: %w", hivePath, err) + } + + if err = winapi.ORSaveHive(winapi.ORHKey(storeHandle), hivePath, uint32(osversion.Get().MajorVersion), uint32(osversion.Get().MinorVersion)); err != nil { + return fmt.Errorf("error saving the registry store: %w", err) + } + + // close hive irrespective of the errors + if err := winapi.ORCloseHive(winapi.ORHKey(storeHandle)); err != nil { + return fmt.Errorf("error closing registry store; %w", err) + } + return nil + +} + +// mergeHive merges the hive located at parentHivePath with the hive located at deltaHivePath and stores +// the result into the file at mergedHivePath. If a file already exists at path `mergedHivePath` then it +// throws an error. +func mergeHive(parentHivePath, deltaHivePath, mergedHivePath string) (err error) { + var baseHive, deltaHive, mergedHive winapi.ORHKey + if err := winapi.OROpenHive(parentHivePath, &baseHive); err != nil { + return fmt.Errorf("failed to open base hive %s: %w", parentHivePath, err) + } + defer func() { + err2 := winapi.ORCloseHive(baseHive) + if err == nil { + err = errors.Wrap(err2, "failed to close base hive") + } + }() + if err := winapi.OROpenHive(deltaHivePath, &deltaHive); err != nil { + return fmt.Errorf("failed to open delta hive %s: %w", deltaHivePath, err) + } + defer func() { + err2 := winapi.ORCloseHive(deltaHive) + if err == nil { + err = errors.Wrap(err2, "failed to close delta hive") + } + }() + if err := winapi.ORMergeHives([]winapi.ORHKey{baseHive, deltaHive}, &mergedHive); err != nil { + return fmt.Errorf("failed to merge hives: %w", err) + } + defer func() { + err2 := winapi.ORCloseHive(mergedHive) + if err == nil { + err = errors.Wrap(err2, "failed to close merged hive") + } + }() + if err := winapi.ORSaveHive(mergedHive, mergedHivePath, uint32(osversion.Get().MajorVersion), uint32(osversion.Get().MinorVersion)); err != nil { + return fmt.Errorf("failed to save hive: %w", err) + } + return +} + +// getOsBuildNumberFromRegistry fetches the "CurrentBuild" value at path +// "Microsoft\Windows NT\CurrentVersion" from the SOFTWARE registry hive at path +// `regHivePath`. This is used to detect the build version of the uvm. +func getOsBuildNumberFromRegistry(regHivePath string) (_ string, err error) { + var storeHandle, keyHandle winapi.ORHKey + var dataType, dataLen uint32 + keyPath := "Microsoft\\Windows NT\\CurrentVersion" + valueName := "CurrentBuild" + dataLen = 16 // build version string can't be more than 5 wide chars? + dataBuf := make([]byte, dataLen) + + if err = winapi.OROpenHive(regHivePath, &storeHandle); err != nil { + return "", fmt.Errorf("failed to open registry store at %s: %w", regHivePath, err) + } + defer func() { + if closeErr := winapi.ORCloseHive(storeHandle); closeErr != nil { + log.L.WithFields(logrus.Fields{ + "error": closeErr, + "hive": regHivePath, + }).Warnf("failed to close hive") + } + }() + + if err = winapi.OROpenKey(storeHandle, keyPath, &keyHandle); err != nil { + return "", fmt.Errorf("failed to open key at %s: %w", keyPath, err) + } + defer func() { + if closeErr := winapi.ORCloseKey(keyHandle); closeErr != nil { + log.L.WithFields(logrus.Fields{ + "error": closeErr, + "hive": regHivePath, + "key": keyPath, + "value": valueName, + }).Warnf("failed to close hive key") + } + }() + + if err = winapi.ORGetValue(keyHandle, "", valueName, &dataType, &dataBuf[0], &dataLen); err != nil { + return "", fmt.Errorf("failed to get value of %s: %w", valueName, err) + } + + if dataType != uint32(winapi.REG_TYPE_SZ) { + return "", fmt.Errorf("unexpected build number data type (%d)", dataType) + } + + return winapi.ParseUtf16LE(dataBuf[:(dataLen - 2)]), nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/converttobaselayer.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/converttobaselayer.go index c542f556c0aa..d25c3c5206f1 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/converttobaselayer.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/converttobaselayer.go @@ -1,3 +1,5 @@ +//go:build windows + package wclayer import ( diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go index e2ec27ad08fe..35fcbedb3c79 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go @@ -11,7 +11,6 @@ import ( "github.com/Microsoft/hcsshim/internal/hcserror" "github.com/Microsoft/hcsshim/internal/oc" - "github.com/Microsoft/hcsshim/osversion" "go.opencensus.io/trace" ) @@ -30,14 +29,17 @@ func ExpandScratchSize(ctx context.Context, path string, size uint64) (err error return hcserror.New(err, title, "") } - // Manually expand the volume now in order to work around bugs in 19H1 and - // prerelease versions of Vb. Remove once this is fixed in Windows. - if build := osversion.Build(); build >= osversion.V19H1 && build < 19020 { - err = expandSandboxVolume(ctx, path) - if err != nil { - return err - } + // Always expand the volume too. In case of legacy layers not expanding the volume here works because + // the PrepareLayer call internally handles the expansion. However, in other cases (like CimFS) we + // don't call PrepareLayer and so the volume will never be expanded. This also means in case of + // legacy layers, we might have a small perf hit because the VHD is mounted twice for expansion (once + // here and once during the PrepareLayer call). But as long as the perf hit is minimal, we should be + // okay. + err = expandSandboxVolume(ctx, path) + if err != nil { + return err } + return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go index 807d83310881..fc12eeba4dae 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go @@ -154,7 +154,7 @@ func (r *legacyLayerReader) walkUntilCancelled() error { } return nil }) - if err == errorIterationCanceled { + if err == errorIterationCanceled { //nolint:errorlint // explicitly returned return nil } if err == nil { @@ -196,7 +196,7 @@ func findBackupStreamSize(r io.Reader) (int64, error) { for { hdr, err := br.Next() if err != nil { - if err == io.EOF { + if errors.Is(err, io.EOF) { err = nil } return 0, err @@ -428,7 +428,7 @@ func (w *legacyLayerWriter) initUtilityVM() error { // immutable. err = cloneTree(w.parentRoots[0], w.destRoot, UtilityVMFilesPath, mutatedUtilityVMFiles) if err != nil { - return fmt.Errorf("cloning the parent utility VM image failed: %s", err) + return fmt.Errorf("cloning the parent utility VM image failed: %w", err) } w.HasUtilityVM = true } @@ -451,7 +451,7 @@ func (w *legacyLayerWriter) reset() error { for { bhdr, err := br.Next() - if err == io.EOF { + if errors.Is(err, io.EOF) { // end of backupstream data break } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/winapi/cimfs.go b/vendor/github.com/Microsoft/hcsshim/internal/winapi/cimfs.go index d04bffc1f97b..21664577b758 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/winapi/cimfs.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/winapi/cimfs.go @@ -1,3 +1,5 @@ +//go:build windows + package winapi import ( @@ -34,7 +36,7 @@ type CimFsFileMetadata struct { //sys CimDismountImage(volumeID *g) (hr error) = cimfs.CimDismountImage? //sys CimCreateImage(imagePath string, oldFSName *uint16, newFSName *uint16, cimFSHandle *FsHandle) (hr error) = cimfs.CimCreateImage? -//sys CimCloseImage(cimFSHandle FsHandle) (hr error) = cimfs.CimCloseImage? +//sys CimCloseImage(cimFSHandle FsHandle) = cimfs.CimCloseImage? //sys CimCommitImage(cimFSHandle FsHandle) (hr error) = cimfs.CimCommitImage? //sys CimCreateFile(cimFSHandle FsHandle, path string, file *CimFsFileMetadata, cimStreamHandle *StreamHandle) (hr error) = cimfs.CimCreateFile? diff --git a/vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go b/vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go index b5b9fcccc7ce..ffd3cd7ff3e3 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go @@ -184,18 +184,12 @@ func _CMLocateDevNode(pdnDevInst *uint32, pDeviceID *uint16, uFlags uint32) (hr return } -func CimCloseImage(cimFSHandle FsHandle) (hr error) { - hr = procCimCloseImage.Find() - if hr != nil { +func CimCloseImage(cimFSHandle FsHandle) (err error) { + err = procCimCloseImage.Find() + if err != nil { return } - r0, _, _ := syscall.Syscall(procCimCloseImage.Addr(), 1, uintptr(cimFSHandle), 0, 0) - if int32(r0) < 0 { - if r0&0x1fff0000 == 0x00070000 { - r0 &= 0xffff - } - hr = syscall.Errno(r0) - } + syscall.Syscall(procCimCloseImage.Addr(), 1, uintptr(cimFSHandle), 0, 0) return } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cim_writer_windows.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cim_writer_windows.go new file mode 100644 index 000000000000..8e88216bfcc5 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cim_writer_windows.go @@ -0,0 +1,291 @@ +//go:build windows +// +build windows + +package cimfs + +import ( + "context" + "fmt" + "os" + "path/filepath" + "strings" + "unsafe" + + "github.com/Microsoft/go-winio" + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/internal/winapi" + "github.com/sirupsen/logrus" + "golang.org/x/sys/windows" +) + +// CimFsWriter represents a writer to a single CimFS filesystem instance. On disk, the +// image is composed of a filesystem file and several object ID and region files. +// Note: The CimFsWriter isn't thread safe! +type CimFsWriter struct { + // name of this cim. Usually a .cim file will be created to represent this cim. + name string + // handle is the CIMFS_IMAGE_HANDLE that must be passed when calling CIMFS APIs. + handle winapi.FsHandle + // name of the active file i.e the file to which we are currently writing. + activeName string + // stream to currently active file. + activeStream winapi.StreamHandle + // amount of bytes that can be written to the activeStream. + activeLeft uint64 +} + +// Create creates a new cim image. The CimFsWriter returned can then be used to do +// operations on this cim. +func Create(imagePath string, oldFSName string, newFSName string) (_ *CimFsWriter, err error) { + var oldNameBytes *uint16 + // CimCreateImage API call has different behavior if the value of oldNameBytes / newNameBytes + // is empty than if it is nil. So we have to convert those strings into *uint16 here. + fsName := oldFSName + if oldFSName != "" { + oldNameBytes, err = windows.UTF16PtrFromString(oldFSName) + if err != nil { + return nil, err + } + } + var newNameBytes *uint16 + if newFSName != "" { + fsName = newFSName + newNameBytes, err = windows.UTF16PtrFromString(newFSName) + if err != nil { + return nil, err + } + } + var handle winapi.FsHandle + if err := winapi.CimCreateImage(imagePath, oldNameBytes, newNameBytes, &handle); err != nil { + return nil, fmt.Errorf("failed to create cim image at path %s, oldName: %s, newName: %s: %w", imagePath, oldFSName, newFSName, err) + } + return &CimFsWriter{handle: handle, name: filepath.Join(imagePath, fsName)}, nil +} + +// CreateAlternateStream creates alternate stream of given size at the given path inside the cim. This will +// replace the current active stream. Always, finish writing current active stream and then create an +// alternate stream. +func (c *CimFsWriter) CreateAlternateStream(path string, size uint64) (err error) { + err = c.closeStream() + if err != nil { + return err + } + err = winapi.CimCreateAlternateStream(c.handle, path, size, &c.activeStream) + if err != nil { + return fmt.Errorf("failed to create alternate stream for path %s: %w", path, err) + } + c.activeName = path + return nil +} + +// closes the currently active stream. +func (c *CimFsWriter) closeStream() error { + if c.activeStream == 0 { + return nil + } + err := winapi.CimCloseStream(c.activeStream) + if err == nil && c.activeLeft > 0 { + // Validate here because CimCloseStream does not and this improves error + // reporting. Otherwise the error will occur in the context of + // cimWriteStream. + err = fmt.Errorf("incomplete write, %d bytes left in the stream %s", c.activeLeft, c.activeName) + } + if err != nil { + err = &PathError{Cim: c.name, Op: "closeStream", Path: c.activeName, Err: err} + } + c.activeLeft = 0 + c.activeStream = 0 + c.activeName = "" + return err +} + +// AddFile adds a new file to the image. The file is added at the specified path. After +// calling this function, the file is set as the active stream for the image, so data can +// be written by calling `Write`. +func (c *CimFsWriter) AddFile(path string, info *winio.FileBasicInfo, fileSize int64, securityDescriptor []byte, extendedAttributes []byte, reparseData []byte) error { + err := c.closeStream() + if err != nil { + return err + } + fileMetadata := &winapi.CimFsFileMetadata{ + Attributes: info.FileAttributes, + FileSize: fileSize, + CreationTime: info.CreationTime, + LastWriteTime: info.LastWriteTime, + ChangeTime: info.ChangeTime, + LastAccessTime: info.LastAccessTime, + } + if len(securityDescriptor) == 0 { + // Passing an empty security descriptor creates a CIM in a weird state. + // Pass the NULL DACL. + securityDescriptor = nullSd + } + fileMetadata.SecurityDescriptorBuffer = unsafe.Pointer(&securityDescriptor[0]) + fileMetadata.SecurityDescriptorSize = uint32(len(securityDescriptor)) + if len(reparseData) > 0 { + fileMetadata.ReparseDataBuffer = unsafe.Pointer(&reparseData[0]) + fileMetadata.ReparseDataSize = uint32(len(reparseData)) + } + if len(extendedAttributes) > 0 { + fileMetadata.ExtendedAttributes = unsafe.Pointer(&extendedAttributes[0]) + fileMetadata.EACount = uint32(len(extendedAttributes)) + } + // remove the trailing `\` if present, otherwise it trips off the cim writer + path = strings.TrimSuffix(path, "\\") + err = winapi.CimCreateFile(c.handle, path, fileMetadata, &c.activeStream) + if err != nil { + return &PathError{Cim: c.name, Op: "addFile", Path: path, Err: err} + } + c.activeName = path + if info.FileAttributes&(windows.FILE_ATTRIBUTE_DIRECTORY) == 0 { + c.activeLeft = uint64(fileSize) + } + return nil +} + +// Write writes bytes to the active stream. +func (c *CimFsWriter) Write(p []byte) (int, error) { + if c.activeStream == 0 { + return 0, fmt.Errorf("no active stream") + } + if uint64(len(p)) > c.activeLeft { + return 0, &PathError{Cim: c.name, Op: "write", Path: c.activeName, Err: fmt.Errorf("wrote too much")} + } + err := winapi.CimWriteStream(c.activeStream, uintptr(unsafe.Pointer(&p[0])), uint32(len(p))) + if err != nil { + err = &PathError{Cim: c.name, Op: "write", Path: c.activeName, Err: err} + return 0, err + } + c.activeLeft -= uint64(len(p)) + return len(p), nil +} + +// AddLink adds a hard link from `oldPath` to `newPath` in the image. +func (c *CimFsWriter) AddLink(oldPath string, newPath string) error { + err := c.closeStream() + if err != nil { + return err + } + err = winapi.CimCreateHardLink(c.handle, newPath, oldPath) + if err != nil { + err = &LinkError{Cim: c.name, Op: "addLink", Old: oldPath, New: newPath, Err: err} + } + return err +} + +// Unlink deletes the file at `path` from the image. +func (c *CimFsWriter) Unlink(path string) error { + err := c.closeStream() + if err != nil { + return err + } + //TODO(ambarve): CimDeletePath currently returns an error if the file isn't found but we ideally want + // to put a tombstone at that path so that when cims are merged it removes that file from the lower + // layer + err = winapi.CimDeletePath(c.handle, path) + if err != nil && !os.IsNotExist(err) { + err = &PathError{Cim: c.name, Op: "unlink", Path: path, Err: err} + return err + } + return nil +} + +func (c *CimFsWriter) commit() error { + err := c.closeStream() + if err != nil { + return err + } + err = winapi.CimCommitImage(c.handle) + if err != nil { + err = &OpError{Cim: c.name, Op: "commit", Err: err} + } + return err +} + +// Close closes the CimFS filesystem. +func (c *CimFsWriter) Close() error { + if c.handle == 0 { + return fmt.Errorf("invalid writer") + } + if err := c.commit(); err != nil { + return &OpError{Cim: c.name, Op: "commit", Err: err} + } + if err := winapi.CimCloseImage(c.handle); err != nil { + return &OpError{Cim: c.name, Op: "close", Err: err} + } + c.handle = 0 + return nil +} + +// DestroyCim finds out the region files, object files of this cim and then delete +// the region files, object files and the .cim file itself. +func DestroyCim(ctx context.Context, cimPath string) (retErr error) { + regionFilePaths, err := getRegionFilePaths(ctx, cimPath) + if err != nil { + log.G(ctx).WithError(err).Warnf("get region files for cim %s", cimPath) + if retErr == nil { //nolint:govet // nilness: consistency with below + retErr = err + } + } + objectFilePaths, err := getObjectIDFilePaths(ctx, cimPath) + if err != nil { + log.G(ctx).WithError(err).Warnf("get objectid file for cim %s", cimPath) + if retErr == nil { + retErr = err + } + } + + log.G(ctx).WithFields(logrus.Fields{ + "cimPath": cimPath, + "regionFiles": regionFilePaths, + "objectFiles": objectFilePaths, + }).Debug("destroy cim") + + for _, regFilePath := range regionFilePaths { + if err := os.Remove(regFilePath); err != nil { + log.G(ctx).WithError(err).Warnf("remove file %s", regFilePath) + if retErr == nil { + retErr = err + } + } + } + + for _, objFilePath := range objectFilePaths { + if err := os.Remove(objFilePath); err != nil { + log.G(ctx).WithError(err).Warnf("remove file %s", objFilePath) + if retErr == nil { + retErr = err + } + } + } + + if err := os.Remove(cimPath); err != nil { + log.G(ctx).WithError(err).Warnf("remove file %s", cimPath) + if retErr == nil { + retErr = err + } + } + return retErr +} + +// GetCimUsage returns the total disk usage in bytes by the cim at path `cimPath`. +func GetCimUsage(ctx context.Context, cimPath string) (uint64, error) { + regionFilePaths, err := getRegionFilePaths(ctx, cimPath) + if err != nil { + return 0, fmt.Errorf("get region file paths for cim %s: %w", cimPath, err) + } + objectFilePaths, err := getObjectIDFilePaths(ctx, cimPath) + if err != nil { + return 0, fmt.Errorf("get objectid file for cim %s: %w", cimPath, err) + } + + var totalUsage uint64 + for _, f := range append(regionFilePaths, objectFilePaths...) { + fi, err := os.Stat(f) + if err != nil { + return 0, fmt.Errorf("stat file %s: %w", f, err) + } + totalUsage += uint64(fi.Size()) + } + return totalUsage, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cimfs.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cimfs.go new file mode 100644 index 000000000000..21cdf109bc67 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/cimfs.go @@ -0,0 +1,17 @@ +//go:build windows +// +build windows + +package cimfs + +import ( + "github.com/Microsoft/hcsshim/osversion" + "github.com/sirupsen/logrus" +) + +func IsCimFSSupported() bool { + rv, err := osversion.BuildRevision() + if err != nil { + logrus.WithError(err).Warn("get build revision") + } + return osversion.Build() == 20348 && rv >= 2031 +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/common.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/common.go new file mode 100644 index 000000000000..0a05f5a9d2ec --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/common.go @@ -0,0 +1,134 @@ +//go:build windows +// +build windows + +package cimfs + +import ( + "bytes" + "context" + "encoding/binary" + "fmt" + "os" + "path/filepath" + + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/pkg/cimfs/format" +) + +var ( + // Equivalent to SDDL of "D:NO_ACCESS_CONTROL". + nullSd = []byte{1, 0, 4, 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} +) + +type OpError struct { + Cim string + Op string + Err error +} + +func (e *OpError) Error() string { + s := "cim " + e.Op + " " + e.Cim + s += ": " + e.Err.Error() + return s +} + +// PathError is the error type returned by most functions in this package. +type PathError struct { + Cim string + Op string + Path string + Err error +} + +func (e *PathError) Error() string { + s := "cim " + e.Op + " " + e.Cim + s += ":" + e.Path + s += ": " + e.Err.Error() + return s +} + +type LinkError struct { + Cim string + Op string + Old string + New string + Err error +} + +func (e *LinkError) Error() string { + return "cim " + e.Op + " " + e.Old + " " + e.New + ": " + e.Err.Error() +} + +func validateHeader(h *format.CommonHeader) error { + if !bytes.Equal(h.Magic[:], format.MagicValue[:]) { + return fmt.Errorf("not a cim file") + } + if h.Version.Major > format.CurrentVersion.Major || h.Version.Major < format.MinSupportedVersion.Major { + return fmt.Errorf("unsupported cim version. cim version %v must be between %v & %v", h.Version, format.MinSupportedVersion, format.CurrentVersion) + } + return nil +} + +func readFilesystemHeader(f *os.File) (format.FilesystemHeader, error) { + var fsh format.FilesystemHeader + + if err := binary.Read(f, binary.LittleEndian, &fsh); err != nil { + return fsh, fmt.Errorf("reading filesystem header: %w", err) + } + + if err := validateHeader(&fsh.Common); err != nil { + return fsh, fmt.Errorf("validating filesystem header: %w", err) + } + return fsh, nil +} + +// Returns the paths of all the objectID files associated with the cim at `cimPath`. +func getObjectIDFilePaths(ctx context.Context, cimPath string) ([]string, error) { + f, err := os.Open(cimPath) + if err != nil { + return []string{}, fmt.Errorf("open cim file %s: %w", cimPath, err) + } + defer f.Close() + + fsh, err := readFilesystemHeader(f) + if err != nil { + return []string{}, fmt.Errorf("readingp cim header: %w", err) + } + + paths := []string{} + for i := 0; i < int(fsh.Regions.Count); i++ { + path := filepath.Join(filepath.Dir(cimPath), fmt.Sprintf("%s_%v_%d", format.ObjectIDFileName, fsh.Regions.ID, i)) + if _, err := os.Stat(path); err == nil { + paths = append(paths, path) + } else { + log.G(ctx).WithError(err).Warnf("stat for object file %s", path) + } + + } + return paths, nil +} + +// Returns the paths of all the region files associated with the cim at `cimPath`. +func getRegionFilePaths(ctx context.Context, cimPath string) ([]string, error) { + f, err := os.Open(cimPath) + if err != nil { + return []string{}, fmt.Errorf("open cim file %s: %w", cimPath, err) + } + defer f.Close() + + fsh, err := readFilesystemHeader(f) + if err != nil { + return []string{}, fmt.Errorf("reading cim header: %w", err) + } + + paths := []string{} + for i := 0; i < int(fsh.Regions.Count); i++ { + path := filepath.Join(filepath.Dir(cimPath), fmt.Sprintf("%s_%v_%d", format.RegionFileName, fsh.Regions.ID, i)) + if _, err := os.Stat(path); err == nil { + paths = append(paths, path) + } else { + log.G(ctx).WithError(err).Warnf("stat for region file %s", path) + } + } + return paths, nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/doc.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/doc.go new file mode 100644 index 000000000000..9b5476cb6c78 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/doc.go @@ -0,0 +1,3 @@ +// This package provides simple go wrappers on top of the win32 CIMFS mount APIs. +// The mounting/unmount of cim layers is done by the cim mount functions the internal/wclayer/cim package. +package cimfs diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/doc.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/doc.go new file mode 100644 index 000000000000..a85e64710ecc --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/doc.go @@ -0,0 +1,4 @@ +// format package maintains some basic structures to allows us to read header of a cim file. This is mostly +// required to understand the region & objectid files associated with a particular cim. Otherwise, we don't +// need to parse the cim format. +package format diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/format.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/format.go new file mode 100644 index 000000000000..72dea683eb53 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/format/format.go @@ -0,0 +1,61 @@ +//go:build windows +// +build windows + +package format + +import "github.com/Microsoft/go-winio/pkg/guid" + +const ( + RegionFileName = "region" + ObjectIDFileName = "objectid" +) + +// Magic specifies the magic number at the beginning of a file. +type Magic [8]uint8 + +var MagicValue = Magic([8]uint8{'c', 'i', 'm', 'f', 'i', 'l', 'e', '0'}) + +type Version struct { + Major, Minor uint32 +} + +var CurrentVersion = Version{3, 0} + +var MinSupportedVersion = Version{2, 0} + +type FileType uint8 + +// RegionOffset encodes an offset to objects as index of the region file +// containing the object and the byte offset within that file. +type RegionOffset uint64 + +// CommonHeader is the common header for all CIM-related files. +type CommonHeader struct { + Magic Magic + HeaderLength uint32 + Type FileType + Reserved uint8 + Reserved2 uint16 + Version Version + Reserved3 uint64 +} + +type RegionSet struct { + ID guid.GUID + Count uint16 + Reserved uint16 + Reserved1 uint32 +} + +// FilesystemHeader is the header for a filesystem file. +// +// The filesystem file points to the filesystem object inside a region +// file and specifies regions sets. +type FilesystemHeader struct { + Common CommonHeader + Regions RegionSet + FilesystemOffset RegionOffset + Reserved uint32 + Reserved1 uint16 + ParentCount uint16 +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/mount_cim.go b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/mount_cim.go new file mode 100644 index 000000000000..ea7341b2f0c8 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/cimfs/mount_cim.go @@ -0,0 +1,65 @@ +//go:build windows +// +build windows + +package cimfs + +import ( + "fmt" + "path/filepath" + "strings" + + "github.com/Microsoft/go-winio/pkg/guid" + "github.com/Microsoft/hcsshim/internal/winapi" + "github.com/pkg/errors" +) + +type MountError struct { + Cim string + Op string + VolumeGUID guid.GUID + Err error +} + +func (e *MountError) Error() string { + s := "cim " + e.Op + if e.Cim != "" { + s += " " + e.Cim + } + s += " " + e.VolumeGUID.String() + ": " + e.Err.Error() + return s +} + +// Mount mounts the given cim at a volume with given GUID. Returns the full volume +// path if mount is successful. +func Mount(cimPath string, volumeGUID guid.GUID, mountFlags uint32) (string, error) { + if err := winapi.CimMountImage(filepath.Dir(cimPath), filepath.Base(cimPath), mountFlags, &volumeGUID); err != nil { + return "", &MountError{Cim: cimPath, Op: "Mount", VolumeGUID: volumeGUID, Err: err} + } + return fmt.Sprintf("\\\\?\\Volume{%s}\\", volumeGUID.String()), nil +} + +// Unmount unmounts the cim at mounted at path `volumePath`. +func Unmount(volumePath string) error { + // The path is expected to be in the \\?\Volume{GUID}\ format + if volumePath[len(volumePath)-1] != '\\' { + volumePath += "\\" + } + + if !(strings.HasPrefix(volumePath, "\\\\?\\Volume{") && strings.HasSuffix(volumePath, "}\\")) { + return errors.Errorf("volume path %s is not in the expected format", volumePath) + } + + trimmedStr := strings.TrimPrefix(volumePath, "\\\\?\\Volume{") + trimmedStr = strings.TrimSuffix(trimmedStr, "}\\") + + volGUID, err := guid.FromString(trimmedStr) + if err != nil { + return errors.Wrapf(err, "guid parsing failed for %s", trimmedStr) + } + + if err := winapi.CimDismountImage(&volGUID); err != nil { + return &MountError{VolumeGUID: volGUID, Op: "Unmount", Err: err} + } + + return nil +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs.go index 10205daf4bdd..acc9544bfa3b 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs.go @@ -89,7 +89,7 @@ func putBuf(b *bytes.Buffer) { bytesBufferPool.Put(b) } -// Runhcs is the client to the runhcs cli +// Runhcs is the client to the runhcs cli. type Runhcs struct { // Debug enables debug output for logging. Debug bool @@ -130,8 +130,8 @@ func (r *Runhcs) args() []string { return out } -func (r *Runhcs) command(context context.Context, args ...string) *exec.Cmd { - cmd := exec.CommandContext(context, getCommandPath(), append(r.args(), args...)...) +func (r *Runhcs) command(ctx context.Context, args ...string) *exec.Cmd { + cmd := exec.CommandContext(ctx, getCommandPath(), append(r.args(), args...)...) cmd.Env = os.Environ() return cmd } @@ -139,7 +139,7 @@ func (r *Runhcs) command(context context.Context, args ...string) *exec.Cmd { // runOrError will run the provided command. If an error is // encountered and neither Stdout or Stderr was set the error and the // stderr of the command will be returned in the format of : -// +// . func (r *Runhcs) runOrError(cmd *exec.Cmd) error { if cmd.Stdout != nil || cmd.Stderr != nil { ec, err := runc.Monitor.Start(cmd) @@ -154,7 +154,7 @@ func (r *Runhcs) runOrError(cmd *exec.Cmd) error { } data, err := cmdOutput(cmd, true) if err != nil { - return fmt.Errorf("%s: %s", err, data) + return fmt.Errorf("%s: %s", err, data) //nolint:errorlint // legacy code } return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create-scratch.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create-scratch.go index 956e4c1f77d0..00c367c75268 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create-scratch.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create-scratch.go @@ -10,8 +10,8 @@ import ( ) // CreateScratch creates a scratch vhdx at 'destpath' that is ext4 formatted. -func (r *Runhcs) CreateScratch(context context.Context, destpath string) error { - return r.CreateScratchWithOpts(context, destpath, nil) +func (r *Runhcs) CreateScratch(ctx context.Context, destpath string) error { + return r.CreateScratchWithOpts(ctx, destpath, nil) } // CreateScratchOpts is the set of options that can be used with the @@ -43,7 +43,7 @@ func (opt *CreateScratchOpts) args() ([]string, error) { // CreateScratchWithOpts creates a scratch vhdx at 'destpath' that is ext4 // formatted based on `opts`. -func (r *Runhcs) CreateScratchWithOpts(context context.Context, destpath string, opts *CreateScratchOpts) error { +func (r *Runhcs) CreateScratchWithOpts(ctx context.Context, destpath string, opts *CreateScratchOpts) error { args := []string{"create-scratch", "--destpath", destpath} if opts != nil { oargs, err := opts.args() @@ -52,5 +52,5 @@ func (r *Runhcs) CreateScratchWithOpts(context context.Context, destpath string, } args = append(args, oargs...) } - return r.runOrError(r.command(context, args...)) + return r.runOrError(r.command(ctx, args...)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create.go index f908de4e299b..e1a1eef66804 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_create.go @@ -64,7 +64,7 @@ func (opt *CreateOpts) args() ([]string, error) { // Create creates a new container and returns its pid if it was created // successfully. -func (r *Runhcs) Create(context context.Context, id, bundle string, opts *CreateOpts) error { +func (r *Runhcs) Create(ctx context.Context, id, bundle string, opts *CreateOpts) error { args := []string{"create", "--bundle", bundle} if opts != nil { oargs, err := opts.args() @@ -73,14 +73,14 @@ func (r *Runhcs) Create(context context.Context, id, bundle string, opts *Create } args = append(args, oargs...) } - cmd := r.command(context, append(args, id)...) + cmd := r.command(ctx, append(args, id)...) if opts != nil && opts.IO != nil { opts.Set(cmd) } if cmd.Stdout == nil && cmd.Stderr == nil { data, err := cmdOutput(cmd, true) if err != nil { - return fmt.Errorf("%s: %s", err, data) + return fmt.Errorf("%s: %s", err, data) //nolint:errorlint // legacy code } return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_delete.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_delete.go index 307a1de5c157..015d91597880 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_delete.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_delete.go @@ -22,7 +22,7 @@ func (opt *DeleteOpts) args() ([]string, error) { // Delete any resources held by the container often used with detached // containers. -func (r *Runhcs) Delete(context context.Context, id string, opts *DeleteOpts) error { +func (r *Runhcs) Delete(ctx context.Context, id string, opts *DeleteOpts) error { args := []string{"delete"} if opts != nil { oargs, err := opts.args() @@ -31,5 +31,5 @@ func (r *Runhcs) Delete(context context.Context, id string, opts *DeleteOpts) er } args = append(args, oargs...) } - return r.runOrError(r.command(context, append(args, id)...)) + return r.runOrError(r.command(ctx, append(args, id)...)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_exec.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_exec.go index a85ee66f7a8c..8f9ec7e1eb23 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_exec.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_exec.go @@ -51,7 +51,7 @@ func (opt *ExecOpts) args() ([]string, error) { // Exec executes an additional process inside the container based on the // oci.Process spec found at processFile. -func (r *Runhcs) Exec(context context.Context, id, processFile string, opts *ExecOpts) error { +func (r *Runhcs) Exec(ctx context.Context, id, processFile string, opts *ExecOpts) error { args := []string{"exec", "--process", processFile} if opts != nil { oargs, err := opts.args() @@ -60,14 +60,14 @@ func (r *Runhcs) Exec(context context.Context, id, processFile string, opts *Exe } args = append(args, oargs...) } - cmd := r.command(context, append(args, id)...) + cmd := r.command(ctx, append(args, id)...) if opts != nil && opts.IO != nil { opts.Set(cmd) } if cmd.Stdout == nil && cmd.Stderr == nil { data, err := cmdOutput(cmd, true) if err != nil { - return fmt.Errorf("%s: %s", err, data) + return fmt.Errorf("%s: %s", err, data) //nolint:errorlint // legacy code } return nil } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_kill.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_kill.go index 8480c6492973..95d29dd849dd 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_kill.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_kill.go @@ -8,6 +8,6 @@ import ( // Kill sends the specified signal (default: SIGTERM) to the container's init // process. -func (r *Runhcs) Kill(context context.Context, id, signal string) error { - return r.runOrError(r.command(context, "kill", id, signal)) +func (r *Runhcs) Kill(ctx context.Context, id, signal string) error { + return r.runOrError(r.command(ctx, "kill", id, signal)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_list.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_list.go index d7e88a2f0575..da60015ce496 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_list.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_list.go @@ -17,8 +17,8 @@ type ContainerState = irunhcs.ContainerState // // Note: This is specific to the Runhcs.Root namespace provided in the global // settings. -func (r *Runhcs) List(context context.Context) ([]*ContainerState, error) { - data, err := cmdOutput(r.command(context, "list", "--format=json"), false) +func (r *Runhcs) List(ctx context.Context) ([]*ContainerState, error) { + data, err := cmdOutput(r.command(ctx, "list", "--format=json"), false) if err != nil { return nil, err } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_pause.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_pause.go index 93ec1e8770ca..dcaf06ad3cf9 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_pause.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_pause.go @@ -7,6 +7,6 @@ import ( ) // Pause suspends all processes inside the container. -func (r *Runhcs) Pause(context context.Context, id string) error { - return r.runOrError(r.command(context, "pause", id)) +func (r *Runhcs) Pause(ctx context.Context, id string) error { + return r.runOrError(r.command(ctx, "pause", id)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_ps.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_ps.go index b60dabe8f5b9..b360f77fd846 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_ps.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_ps.go @@ -9,10 +9,10 @@ import ( ) // Ps displays the processes running inside a container. -func (r *Runhcs) Ps(context context.Context, id string) ([]int, error) { - data, err := cmdOutput(r.command(context, "ps", "--format=json", id), true) +func (r *Runhcs) Ps(ctx context.Context, id string) ([]int, error) { + data, err := cmdOutput(r.command(ctx, "ps", "--format=json", id), true) if err != nil { - return nil, fmt.Errorf("%s: %s", err, data) + return nil, fmt.Errorf("%s: %s", err, data) //nolint:errorlint // legacy code } var out []int if err := json.Unmarshal(data, &out); err != nil { diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resize-tty.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resize-tty.go index 016b948056eb..3c5a26ca85d0 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resize-tty.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resize-tty.go @@ -22,7 +22,7 @@ func (opt *ResizeTTYOpts) args() ([]string, error) { } // ResizeTTY updates the terminal size for a container process. -func (r *Runhcs) ResizeTTY(context context.Context, id string, width, height uint16, opts *ResizeTTYOpts) error { +func (r *Runhcs) ResizeTTY(ctx context.Context, id string, width, height uint16, opts *ResizeTTYOpts) error { args := []string{"resize-tty"} if opts != nil { oargs, err := opts.args() @@ -31,5 +31,5 @@ func (r *Runhcs) ResizeTTY(context context.Context, id string, width, height uin } args = append(args, oargs...) } - return r.runOrError(r.command(context, append(args, id, strconv.FormatUint(uint64(width), 10), strconv.FormatUint(uint64(height), 10))...)) + return r.runOrError(r.command(ctx, append(args, id, strconv.FormatUint(uint64(width), 10), strconv.FormatUint(uint64(height), 10))...)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resume.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resume.go index 0116d0a2de6c..f7b774e04415 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resume.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_resume.go @@ -7,6 +7,6 @@ import ( ) // Resume resumes all processes that have been previously paused. -func (r *Runhcs) Resume(context context.Context, id string) error { - return r.runOrError(r.command(context, "resume", id)) +func (r *Runhcs) Resume(ctx context.Context, id string) error { + return r.runOrError(r.command(ctx, "resume", id)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_start.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_start.go index 98de529de723..31733278ccff 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_start.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_start.go @@ -7,6 +7,6 @@ import ( ) // Start will start an already created container. -func (r *Runhcs) Start(context context.Context, id string) error { - return r.runOrError(r.command(context, "start", id)) +func (r *Runhcs) Start(ctx context.Context, id string) error { + return r.runOrError(r.command(ctx, "start", id)) } diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_state.go b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_state.go index cc18801ec1fb..bd141b5bda51 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_state.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/go-runhcs/runhcs_state.go @@ -9,10 +9,10 @@ import ( ) // State outputs the state of a container. -func (r *Runhcs) State(context context.Context, id string) (*ContainerState, error) { - data, err := cmdOutput(r.command(context, "state", id), true) +func (r *Runhcs) State(ctx context.Context, id string) (*ContainerState, error) { + data, err := cmdOutput(r.command(ctx, "state", id), true) if err != nil { - return nil, fmt.Errorf("%s: %s", err, data) + return nil, fmt.Errorf("%s: %s", err, data) //nolint:errorlint // legacy code } var out ContainerState if err := json.Unmarshal(data, &out); err != nil { diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/cim/import.go b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/cim/import.go new file mode 100644 index 000000000000..a2e875952981 --- /dev/null +++ b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/cim/import.go @@ -0,0 +1,166 @@ +//go:build windows +// +build windows + +package cim + +import ( + "archive/tar" + "bufio" + "context" + "errors" + "fmt" + "io" + "os" + "path" + "path/filepath" + "strings" + + "github.com/Microsoft/go-winio/backuptar" + "github.com/Microsoft/hcsshim/internal/log" + "github.com/Microsoft/hcsshim/internal/wclayer/cim" + "github.com/Microsoft/hcsshim/pkg/ociwclayer" + "golang.org/x/sys/windows" +) + +// ImportCimLayerFromTar reads a layer from an OCI layer tar stream and extracts it into +// the CIM format at the specified path. The caller must specify the parent layers, if +// any, ordered from lowest to highest layer. +// This function expects that the layer paths (both the layer that is being imported & the parent layers) are +// formatted like `.../snapshots/` and the corresponding layer CIMs are located/will be created at +// `.../snapshots/cim-layers/.cim`. Each CIM file also has corresponding region & objectID files and those +// files will also be stored inside the `cim-layers` directory. +// +// This function returns the total size of the layer's files, in bytes. +func ImportCimLayerFromTar(ctx context.Context, r io.Reader, layerPath string, parentLayerPaths []string) (int64, error) { + err := os.MkdirAll(layerPath, 0) + if err != nil { + return 0, err + } + + w, err := cim.NewCimLayerWriter(ctx, layerPath, parentLayerPaths) + if err != nil { + return 0, err + } + + n, err := writeCimLayerFromTar(ctx, r, w, layerPath) + cerr := w.Close(ctx) + if err != nil { + return 0, err + } + if cerr != nil { + return 0, cerr + } + return n, nil +} + +func writeCimLayerFromTar(ctx context.Context, r io.Reader, w *cim.CimLayerWriter, layerPath string) (int64, error) { + tr := tar.NewReader(r) + buf := bufio.NewWriter(w) + size := int64(0) + + // Iterate through the files in the archive. + hdr, loopErr := tr.Next() + for loopErr == nil { + select { + case <-ctx.Done(): + return 0, ctx.Err() + default: + } + + // Note: path is used instead of filepath to prevent OS specific handling + // of the tar path + base := path.Base(hdr.Name) + if strings.HasPrefix(base, ociwclayer.WhiteoutPrefix) { + name := path.Join(path.Dir(hdr.Name), base[len(ociwclayer.WhiteoutPrefix):]) + if rErr := w.Remove(filepath.FromSlash(name)); rErr != nil { + return 0, rErr + } + hdr, loopErr = tr.Next() + } else if hdr.Typeflag == tar.TypeLink { + if linkErr := w.AddLink(filepath.FromSlash(hdr.Name), filepath.FromSlash(hdr.Linkname)); linkErr != nil { + return 0, linkErr + } + hdr, loopErr = tr.Next() + } else { + name, fileSize, fileInfo, err := backuptar.FileInfoFromHeader(hdr) + if err != nil { + return 0, err + } + sddl, err := backuptar.SecurityDescriptorFromTarHeader(hdr) + if err != nil { + return 0, err + } + eadata, err := backuptar.ExtendedAttributesFromTarHeader(hdr) + if err != nil { + return 0, err + } + + var reparse []byte + // As of now the only valid reparse data in a layer will be for a symlink. If file is + // a symlink set reparse attribute and ensure reparse data buffer isn't + // empty. Otherwise remove the reparse attributed. + fileInfo.FileAttributes &^= uint32(windows.FILE_ATTRIBUTE_REPARSE_POINT) + if hdr.Typeflag == tar.TypeSymlink { + reparse = backuptar.EncodeReparsePointFromTarHeader(hdr) + if len(reparse) > 0 { + fileInfo.FileAttributes |= uint32(windows.FILE_ATTRIBUTE_REPARSE_POINT) + } + } + + if addErr := w.Add(filepath.FromSlash(name), fileInfo, fileSize, sddl, eadata, reparse); addErr != nil { + return 0, addErr + } + if hdr.Typeflag == tar.TypeReg { + if _, cpErr := io.Copy(buf, tr); cpErr != nil { + return 0, cpErr + } + } + size += fileSize + + // Copy all the alternate data streams and return the next non-ADS header. + var ahdr *tar.Header + for { + ahdr, loopErr = tr.Next() + if loopErr != nil { + break + } + + if ahdr.Typeflag != tar.TypeReg || !strings.HasPrefix(ahdr.Name, hdr.Name+":") { + hdr = ahdr + break + } + + // stream names have following format: '::$DATA' + // $DATA is one of the valid types of streams. We currently only support + // data streams so fail if this is some other type of stream. + if !strings.HasSuffix(ahdr.Name, ":$DATA") { + return 0, fmt.Errorf("stream types other than $DATA are not supported, found: %s", ahdr.Name) + } + + if addErr := w.AddAlternateStream(filepath.FromSlash(ahdr.Name), uint64(ahdr.Size)); addErr != nil { + return 0, addErr + } + + if _, cpErr := io.Copy(buf, tr); cpErr != nil { + return 0, cpErr + } + } + } + + if flushErr := buf.Flush(); flushErr != nil { + if loopErr == nil { + loopErr = flushErr + } else { + log.G(ctx).WithError(flushErr).Warn("flush buffer during layer write failed") + } + } + } + if !errors.Is(loopErr, io.EOF) { + return 0, loopErr + } + return size, nil +} + +func DestroyCimLayer(layerPath string) error { + return cim.DestroyCimLayer(context.Background(), layerPath) +} diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/export.go b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/export.go index db6620b18e40..98807a14b8b7 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/export.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/export.go @@ -5,6 +5,7 @@ package ociwclayer import ( "archive/tar" "context" + "errors" "io" "path/filepath" @@ -62,7 +63,7 @@ func writeTarFromLayer(ctx context.Context, r wclayer.LayerReader, w io.Writer) } name, size, fileInfo, err := r.Next() - if err == io.EOF { + if errors.Is(err, io.EOF) { break } if err != nil { diff --git a/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/import.go b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/import.go index 25e899ba97c8..5f69d199b8fb 100644 --- a/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/import.go +++ b/vendor/github.com/Microsoft/hcsshim/pkg/ociwclayer/import.go @@ -6,6 +6,7 @@ import ( "archive/tar" "bufio" "context" + "errors" "io" "os" "path" @@ -102,7 +103,7 @@ func writeLayerFromTar(ctx context.Context, r io.Reader, w wclayer.LayerWriter, totalSize += size } } - if err != io.EOF { + if !errors.Is(err, io.EOF) { return 0, err } return totalSize, nil diff --git a/vendor/github.com/Microsoft/hcsshim/test/LICENSE b/vendor/github.com/Microsoft/hcsshim/test/LICENSE deleted file mode 100644 index 49d21669aeef..000000000000 --- a/vendor/github.com/Microsoft/hcsshim/test/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2015 Microsoft - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file diff --git a/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/manifest.go b/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/manifest.go deleted file mode 100644 index 38dc837c6eba..000000000000 --- a/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/manifest.go +++ /dev/null @@ -1,4 +0,0 @@ -package manifest - -// This is so that tests can include the .syso to manifest them to pick up the right Windows build -// TODO: Auto-generation of the .syso through rsrc or similar. diff --git a/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/rsrc_amd64.syso b/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/rsrc_amd64.syso deleted file mode 100644 index 0e9857245ba2..000000000000 Binary files a/vendor/github.com/Microsoft/hcsshim/test/functional/manifest/rsrc_amd64.syso and /dev/null differ diff --git a/vendor/github.com/fsnotify/fsnotify/.cirrus.yml b/vendor/github.com/fsnotify/fsnotify/.cirrus.yml deleted file mode 100644 index ffc7b992b3c7..000000000000 --- a/vendor/github.com/fsnotify/fsnotify/.cirrus.yml +++ /dev/null @@ -1,13 +0,0 @@ -freebsd_task: - name: 'FreeBSD' - freebsd_instance: - image_family: freebsd-13-2 - install_script: - - pkg update -f - - pkg install -y go - test_script: - # run tests as user "cirrus" instead of root - - pw useradd cirrus -m - - chown -R cirrus:cirrus . - - FSNOTIFY_BUFFER=4096 sudo --preserve-env=FSNOTIFY_BUFFER -u cirrus go test -parallel 1 -race ./... - - sudo --preserve-env=FSNOTIFY_BUFFER -u cirrus go test -parallel 1 -race ./... diff --git a/vendor/github.com/fsnotify/fsnotify/.gitignore b/vendor/github.com/fsnotify/fsnotify/.gitignore index 391cc076b126..1d89d85ce4ff 100644 --- a/vendor/github.com/fsnotify/fsnotify/.gitignore +++ b/vendor/github.com/fsnotify/fsnotify/.gitignore @@ -4,4 +4,3 @@ # Output of go build ./cmd/fsnotify /fsnotify -/fsnotify.exe diff --git a/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md b/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md index e0e57575496c..77f9593bd582 100644 --- a/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md +++ b/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md @@ -1,87 +1,16 @@ # Changelog -Unreleased ----------- -Nothing yet. - -1.7.0 - 2023-10-22 ------------------- -This version of fsnotify needs Go 1.17. - -### Additions - -- illumos: add FEN backend to support illumos and Solaris. ([#371]) - -- all: add `NewBufferedWatcher()` to use a buffered channel, which can be useful - in cases where you can't control the kernel buffer and receive a large number - of events in bursts. ([#550], [#572]) - -- all: add `AddWith()`, which is identical to `Add()` but allows passing - options. ([#521]) - -- windows: allow setting the ReadDirectoryChangesW() buffer size with - `fsnotify.WithBufferSize()`; the default of 64K is the highest value that - works on all platforms and is enough for most purposes, but in some cases a - highest buffer is needed. ([#521]) - -### Changes and fixes - -- inotify: remove watcher if a watched path is renamed ([#518]) +All notable changes to this project will be documented in this file. - After a rename the reported name wasn't updated, or even an empty string. - Inotify doesn't provide any good facilities to update it, so just remove the - watcher. This is already how it worked on kqueue and FEN. +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - On Windows this does work, and remains working. +## [Unreleased] -- windows: don't listen for file attribute changes ([#520]) - - File attribute changes are sent as `FILE_ACTION_MODIFIED` by the Windows API, - with no way to see if they're a file write or attribute change, so would show - up as a fsnotify.Write event. This is never useful, and could result in many - spurious Write events. - -- windows: return `ErrEventOverflow` if the buffer is full ([#525]) - - Before it would merely return "short read", making it hard to detect this - error. - -- kqueue: make sure events for all files are delivered properly when removing a - watched directory ([#526]) - - Previously they would get sent with `""` (empty string) or `"."` as the path - name. - -- kqueue: don't emit spurious Create events for symbolic links ([#524]) - - The link would get resolved but kqueue would "forget" it already saw the link - itself, resulting on a Create for every Write event for the directory. - -- all: return `ErrClosed` on `Add()` when the watcher is closed ([#516]) - -- other: add `Watcher.Errors` and `Watcher.Events` to the no-op `Watcher` in - `backend_other.go`, making it easier to use on unsupported platforms such as - WASM, AIX, etc. ([#528]) - -- other: use the `backend_other.go` no-op if the `appengine` build tag is set; - Google AppEngine forbids usage of the unsafe package so the inotify backend - won't compile there. +Nothing yet. -[#371]: https://github.com/fsnotify/fsnotify/pull/371 -[#516]: https://github.com/fsnotify/fsnotify/pull/516 -[#518]: https://github.com/fsnotify/fsnotify/pull/518 -[#520]: https://github.com/fsnotify/fsnotify/pull/520 -[#521]: https://github.com/fsnotify/fsnotify/pull/521 -[#524]: https://github.com/fsnotify/fsnotify/pull/524 -[#525]: https://github.com/fsnotify/fsnotify/pull/525 -[#526]: https://github.com/fsnotify/fsnotify/pull/526 -[#528]: https://github.com/fsnotify/fsnotify/pull/528 -[#537]: https://github.com/fsnotify/fsnotify/pull/537 -[#550]: https://github.com/fsnotify/fsnotify/pull/550 -[#572]: https://github.com/fsnotify/fsnotify/pull/572 +## [1.6.0] - 2022-10-13 -1.6.0 - 2022-10-13 ------------------- This version of fsnotify needs Go 1.16 (this was already the case since 1.5.1, but not documented). It also increases the minimum Linux version to 2.6.32. diff --git a/vendor/github.com/fsnotify/fsnotify/README.md b/vendor/github.com/fsnotify/fsnotify/README.md index e480733d16cb..d4e6080feb26 100644 --- a/vendor/github.com/fsnotify/fsnotify/README.md +++ b/vendor/github.com/fsnotify/fsnotify/README.md @@ -1,31 +1,29 @@ fsnotify is a Go library to provide cross-platform filesystem notifications on -Windows, Linux, macOS, BSD, and illumos. +Windows, Linux, macOS, and BSD systems. -Go 1.17 or newer is required; the full documentation is at +Go 1.16 or newer is required; the full documentation is at https://pkg.go.dev/github.com/fsnotify/fsnotify +**It's best to read the documentation at pkg.go.dev, as it's pinned to the last +released version, whereas this README is for the last development version which +may include additions/changes.** + --- Platform support: -| Backend | OS | Status | -| :-------------------- | :--------- | :------------------------------------------------------------------------ | -| inotify | Linux | Supported | -| kqueue | BSD, macOS | Supported | -| ReadDirectoryChangesW | Windows | Supported | -| FEN | illumos | Supported | -| fanotify | Linux 5.9+ | [Not yet](https://github.com/fsnotify/fsnotify/issues/114) | -| AHAFS | AIX | [aix branch]; experimental due to lack of maintainer and test environment | -| FSEvents | macOS | [Needs support in x/sys/unix][fsevents] | -| USN Journals | Windows | [Needs support in x/sys/windows][usn] | -| Polling | *All* | [Not yet](https://github.com/fsnotify/fsnotify/issues/9) | - -Linux and illumos should include Android and Solaris, but these are currently -untested. - -[fsevents]: https://github.com/fsnotify/fsnotify/issues/11#issuecomment-1279133120 -[usn]: https://github.com/fsnotify/fsnotify/issues/53#issuecomment-1279829847 -[aix branch]: https://github.com/fsnotify/fsnotify/issues/353#issuecomment-1284590129 +| Adapter | OS | Status | +| --------------------- | ---------------| -------------------------------------------------------------| +| inotify | Linux 2.6.32+ | Supported | +| kqueue | BSD, macOS | Supported | +| ReadDirectoryChangesW | Windows | Supported | +| FSEvents | macOS | [Planned](https://github.com/fsnotify/fsnotify/issues/11) | +| FEN | Solaris 11 | [In Progress](https://github.com/fsnotify/fsnotify/pull/371) | +| fanotify | Linux 5.9+ | [Maybe](https://github.com/fsnotify/fsnotify/issues/114) | +| USN Journals | Windows | [Maybe](https://github.com/fsnotify/fsnotify/issues/53) | +| Polling | *All* | [Maybe](https://github.com/fsnotify/fsnotify/issues/9) | + +Linux and macOS should include Android and iOS, but these are currently untested. Usage ----- @@ -85,23 +83,20 @@ run with: % go run ./cmd/fsnotify -Further detailed documentation can be found in godoc: -https://pkg.go.dev/github.com/fsnotify/fsnotify - FAQ --- ### Will a file still be watched when it's moved to another directory? No, not unless you are watching the location it was moved to. -### Are subdirectories watched? +### Are subdirectories watched too? No, you must add watches for any directory you want to watch (a recursive watcher is on the roadmap: [#18]). [#18]: https://github.com/fsnotify/fsnotify/issues/18 ### Do I have to watch the Error and Event channels in a goroutine? -Yes. You can read both channels in the same goroutine using `select` (you don't -need a separate goroutine for both channels; see the example). +As of now, yes (you can read both channels in the same goroutine using `select`, +you don't need a separate goroutine for both channels; see the example). ### Why don't notifications work with NFS, SMB, FUSE, /proc, or /sys? fsnotify requires support from underlying OS to work. The current NFS and SMB @@ -112,32 +107,6 @@ This could be fixed with a polling watcher ([#9]), but it's not yet implemented. [#9]: https://github.com/fsnotify/fsnotify/issues/9 -### Why do I get many Chmod events? -Some programs may generate a lot of attribute changes; for example Spotlight on -macOS, anti-virus programs, backup applications, and some others are known to do -this. As a rule, it's typically best to ignore Chmod events. They're often not -useful, and tend to cause problems. - -Spotlight indexing on macOS can result in multiple events (see [#15]). A -temporary workaround is to add your folder(s) to the *Spotlight Privacy -settings* until we have a native FSEvents implementation (see [#11]). - -[#11]: https://github.com/fsnotify/fsnotify/issues/11 -[#15]: https://github.com/fsnotify/fsnotify/issues/15 - -### Watching a file doesn't work well -Watching individual files (rather than directories) is generally not recommended -as many programs (especially editors) update files atomically: it will write to -a temporary file which is then moved to to destination, overwriting the original -(or some variant thereof). The watcher on the original file is now lost, as that -no longer exists. - -The upshot of this is that a power failure or crash won't leave a half-written -file. - -Watch the parent directory and use `Event.Name` to filter out files you're not -interested in. There is an example of this in `cmd/fsnotify/file.go`. - Platform-specific notes ----------------------- ### Linux @@ -182,3 +151,11 @@ these platforms. The sysctl variables `kern.maxfiles` and `kern.maxfilesperproc` can be used to control the maximum number of open files. + +### macOS +Spotlight indexing on macOS can result in multiple events (see [#15]). A temporary +workaround is to add your folder(s) to the *Spotlight Privacy settings* until we +have a native FSEvents implementation (see [#11]). + +[#11]: https://github.com/fsnotify/fsnotify/issues/11 +[#15]: https://github.com/fsnotify/fsnotify/issues/15 diff --git a/vendor/github.com/fsnotify/fsnotify/backend_fen.go b/vendor/github.com/fsnotify/fsnotify/backend_fen.go index 28497f1dd8e6..1a95ad8e7ce6 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_fen.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_fen.go @@ -1,19 +1,10 @@ //go:build solaris // +build solaris -// Note: the documentation on the Watcher type and methods is generated from -// mkdoc.zsh - package fsnotify import ( "errors" - "fmt" - "os" - "path/filepath" - "sync" - - "golang.org/x/sys/unix" ) // Watcher watches a set of paths, delivering events on a channel. @@ -26,9 +17,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -42,16 +33,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -67,20 +58,14 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # Windows notes -// -// Paths can be added as "C:\path\to\dir", but forward slashes -// ("C:/path/to/dir") will also work. +// # macOS notes // -// When a watched directory is removed it will always send an event for the -// directory itself, but may not send events for all files in that directory. -// Sometimes it will send events for all times, sometimes it will send no -// events, and often only for some files. +// Spotlight indexing on macOS can result in multiple events (see [#15]). A +// temporary workaround is to add your folder(s) to the "Spotlight Privacy +// Settings" until we have a native FSEvents implementation (see [#11]). // -// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest -// value that is guaranteed to work with SMB filesystems. If you have many -// events in quick succession this may not be enough, and you will have to use -// [WithBufferSize] to increase the value. +// [#11]: https://github.com/fsnotify/fsnotify/issues/11 +// [#15]: https://github.com/fsnotify/fsnotify/issues/15 type Watcher struct { // Events sends the filesystem change events. // @@ -107,129 +92,44 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, and you may - // want to wait until you've stopped receiving them - // (see the dedup example in cmd/fsnotify). - // - // Some systems may send Write event for directories - // when the directory content changes. + // you may get hundreds of Write events, so you + // probably want to wait until you've stopped receiving + // them (see the dedup example in cmd/fsnotify). // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // when a file is truncated. On Windows it's never - // sent. + // and on kqueue when a file is truncated. On Windows + // it's never sent. Events chan Event // Errors sends any errors. - // - // ErrEventOverflow is used to indicate there are too many events: - // - // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) - // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. - // - kqueue, fen: Not used. Errors chan error - - mu sync.Mutex - port *unix.EventPort - done chan struct{} // Channel for sending a "quit message" to the reader goroutine - dirs map[string]struct{} // Explicitly watched directories - watches map[string]struct{} // Explicitly watched non-directories } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return NewBufferedWatcher(0) + return nil, errors.New("FEN based watcher not yet supported for fsnotify\n") } -// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events -// channel. -// -// The main use case for this is situations with a very large number of events -// where the kernel buffer size can't be increased (e.g. due to lack of -// permissions). An unbuffered Watcher will perform better for almost all use -// cases, and whenever possible you will be better off increasing the kernel -// buffers instead of adding a large userspace buffer. -func NewBufferedWatcher(sz uint) (*Watcher, error) { - w := &Watcher{ - Events: make(chan Event, sz), - Errors: make(chan error), - dirs: make(map[string]struct{}), - watches: make(map[string]struct{}), - done: make(chan struct{}), - } - - var err error - w.port, err = unix.NewEventPort() - if err != nil { - return nil, fmt.Errorf("fsnotify.NewWatcher: %w", err) - } - - go w.readEvents() - return w, nil -} - -// sendEvent attempts to send an event to the user, returning true if the event -// was put in the channel successfully and false if the watcher has been closed. -func (w *Watcher) sendEvent(name string, op Op) (sent bool) { - select { - case w.Events <- Event{Name: name, Op: op}: - return true - case <-w.done: - return false - } -} - -// sendError attempts to send an error to the user, returning true if the error -// was put in the channel successfully and false if the watcher has been closed. -func (w *Watcher) sendError(err error) (sent bool) { - select { - case w.Errors <- err: - return true - case <-w.done: - return false - } -} - -func (w *Watcher) isClosed() bool { - select { - case <-w.done: - return true - default: - return false - } -} - -// Close removes all watches and closes the Events channel. +// Close removes all watches and closes the events channel. func (w *Watcher) Close() error { - // Take the lock used by associateFile to prevent lingering events from - // being processed after the close - w.mu.Lock() - defer w.mu.Unlock() - if w.isClosed() { - return nil - } - close(w.done) - return w.port.Close() + return nil } // Add starts monitoring the path for changes. // -// A path can only be watched once; watching it more than once is a no-op and will -// not return an error. Paths that do not yet exist on the filesystem cannot be -// watched. +// A path can only be watched once; attempting to watch it more than once will +// return an error. Paths that do not yet exist on the filesystem cannot be +// added. A watch will be automatically removed if the path is deleted. // -// A watch will be automatically removed if the watched path is deleted or -// renamed. The exception is the Windows backend, which doesn't remove the -// watcher on renames. +// A path will remain watched if it gets renamed to somewhere else on the same +// filesystem, but the monitor will get removed if the path gets deleted and +// re-created, or if it's moved to a different filesystem. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // -// Returns [ErrClosed] if [Watcher.Close] was called. -// -// See [Watcher.AddWith] for a version that allows adding options. -// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -239,63 +139,15 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many programs (especially editors) update files atomically: it -// will write to a temporary file which is then moved to to destination, -// overwriting the original (or some variant thereof). The watcher on the -// original file is now lost, as that no longer exists. -// -// The upshot of this is that a power failure or crash won't leave a -// half-written file. -// -// Watch the parent directory and use Event.Name to filter out files you're not -// interested in. There is an example of this in cmd/fsnotify/file.go. -func (w *Watcher) Add(name string) error { return w.AddWith(name) } - -// AddWith is like [Watcher.Add], but allows adding options. When using Add() -// the defaults described below are used. -// -// Possible options are: -// -// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on -// other platforms. The default is 64K (65536 bytes). -func (w *Watcher) AddWith(name string, opts ...addOpt) error { - if w.isClosed() { - return ErrClosed - } - if w.port.PathIsWatched(name) { - return nil - } - - _ = getOptions(opts...) - - // Currently we resolve symlinks that were explicitly requested to be - // watched. Otherwise we would use LStat here. - stat, err := os.Stat(name) - if err != nil { - return err - } - - // Associate all files in the directory. - if stat.IsDir() { - err := w.handleDirectory(name, stat, true, w.associateFile) - if err != nil { - return err - } - - w.mu.Lock() - w.dirs[name] = struct{}{} - w.mu.Unlock() - return nil - } - - err = w.associateFile(name, stat, true) - if err != nil { - return err - } - - w.mu.Lock() - w.watches[name] = struct{}{} - w.mu.Unlock() +// recommended as many tools update files atomically. Instead of "just" writing +// to the file a temporary file will be written to first, and if successful the +// temporary file is moved to to destination removing the original, or some +// variant thereof. The watcher on the original file is now lost, as it no +// longer exists. +// +// Instead, watch the parent directory and use Event.Name to filter out files +// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. +func (w *Watcher) Add(name string) error { return nil } @@ -305,336 +157,6 @@ func (w *Watcher) AddWith(name string, opts ...addOpt) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -// -// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { - if w.isClosed() { - return nil - } - if !w.port.PathIsWatched(name) { - return fmt.Errorf("%w: %s", ErrNonExistentWatch, name) - } - - // The user has expressed an intent. Immediately remove this name from - // whichever watch list it might be in. If it's not in there the delete - // doesn't cause harm. - w.mu.Lock() - delete(w.watches, name) - delete(w.dirs, name) - w.mu.Unlock() - - stat, err := os.Stat(name) - if err != nil { - return err - } - - // Remove associations for every file in the directory. - if stat.IsDir() { - err := w.handleDirectory(name, stat, false, w.dissociateFile) - if err != nil { - return err - } - return nil - } - - err = w.port.DissociatePath(name) - if err != nil { - return err - } - return nil } - -// readEvents contains the main loop that runs in a goroutine watching for events. -func (w *Watcher) readEvents() { - // If this function returns, the watcher has been closed and we can close - // these channels - defer func() { - close(w.Errors) - close(w.Events) - }() - - pevents := make([]unix.PortEvent, 8) - for { - count, err := w.port.Get(pevents, 1, nil) - if err != nil && err != unix.ETIME { - // Interrupted system call (count should be 0) ignore and continue - if errors.Is(err, unix.EINTR) && count == 0 { - continue - } - // Get failed because we called w.Close() - if errors.Is(err, unix.EBADF) && w.isClosed() { - return - } - // There was an error not caused by calling w.Close() - if !w.sendError(err) { - return - } - } - - p := pevents[:count] - for _, pevent := range p { - if pevent.Source != unix.PORT_SOURCE_FILE { - // Event from unexpected source received; should never happen. - if !w.sendError(errors.New("Event from unexpected source received")) { - return - } - continue - } - - err = w.handleEvent(&pevent) - if err != nil { - if !w.sendError(err) { - return - } - } - } - } -} - -func (w *Watcher) handleDirectory(path string, stat os.FileInfo, follow bool, handler func(string, os.FileInfo, bool) error) error { - files, err := os.ReadDir(path) - if err != nil { - return err - } - - // Handle all children of the directory. - for _, entry := range files { - finfo, err := entry.Info() - if err != nil { - return err - } - err = handler(filepath.Join(path, finfo.Name()), finfo, false) - if err != nil { - return err - } - } - - // And finally handle the directory itself. - return handler(path, stat, follow) -} - -// handleEvent might need to emit more than one fsnotify event if the events -// bitmap matches more than one event type (e.g. the file was both modified and -// had the attributes changed between when the association was created and the -// when event was returned) -func (w *Watcher) handleEvent(event *unix.PortEvent) error { - var ( - events = event.Events - path = event.Path - fmode = event.Cookie.(os.FileMode) - reRegister = true - ) - - w.mu.Lock() - _, watchedDir := w.dirs[path] - _, watchedPath := w.watches[path] - w.mu.Unlock() - isWatched := watchedDir || watchedPath - - if events&unix.FILE_DELETE != 0 { - if !w.sendEvent(path, Remove) { - return nil - } - reRegister = false - } - if events&unix.FILE_RENAME_FROM != 0 { - if !w.sendEvent(path, Rename) { - return nil - } - // Don't keep watching the new file name - reRegister = false - } - if events&unix.FILE_RENAME_TO != 0 { - // We don't report a Rename event for this case, because Rename events - // are interpreted as referring to the _old_ name of the file, and in - // this case the event would refer to the new name of the file. This - // type of rename event is not supported by fsnotify. - - // inotify reports a Remove event in this case, so we simulate this - // here. - if !w.sendEvent(path, Remove) { - return nil - } - // Don't keep watching the file that was removed - reRegister = false - } - - // The file is gone, nothing left to do. - if !reRegister { - if watchedDir { - w.mu.Lock() - delete(w.dirs, path) - w.mu.Unlock() - } - if watchedPath { - w.mu.Lock() - delete(w.watches, path) - w.mu.Unlock() - } - return nil - } - - // If we didn't get a deletion the file still exists and we're going to have - // to watch it again. Let's Stat it now so that we can compare permissions - // and have what we need to continue watching the file - - stat, err := os.Lstat(path) - if err != nil { - // This is unexpected, but we should still emit an event. This happens - // most often on "rm -r" of a subdirectory inside a watched directory We - // get a modify event of something happening inside, but by the time we - // get here, the sudirectory is already gone. Clearly we were watching - // this path but now it is gone. Let's tell the user that it was - // removed. - if !w.sendEvent(path, Remove) { - return nil - } - // Suppress extra write events on removed directories; they are not - // informative and can be confusing. - return nil - } - - // resolve symlinks that were explicitly watched as we would have at Add() - // time. this helps suppress spurious Chmod events on watched symlinks - if isWatched { - stat, err = os.Stat(path) - if err != nil { - // The symlink still exists, but the target is gone. Report the - // Remove similar to above. - if !w.sendEvent(path, Remove) { - return nil - } - // Don't return the error - } - } - - if events&unix.FILE_MODIFIED != 0 { - if fmode.IsDir() { - if watchedDir { - if err := w.updateDirectory(path); err != nil { - return err - } - } else { - if !w.sendEvent(path, Write) { - return nil - } - } - } else { - if !w.sendEvent(path, Write) { - return nil - } - } - } - if events&unix.FILE_ATTRIB != 0 && stat != nil { - // Only send Chmod if perms changed - if stat.Mode().Perm() != fmode.Perm() { - if !w.sendEvent(path, Chmod) { - return nil - } - } - } - - if stat != nil { - // If we get here, it means we've hit an event above that requires us to - // continue watching the file or directory - return w.associateFile(path, stat, isWatched) - } - return nil -} - -func (w *Watcher) updateDirectory(path string) error { - // The directory was modified, so we must find unwatched entities and watch - // them. If something was removed from the directory, nothing will happen, - // as everything else should still be watched. - files, err := os.ReadDir(path) - if err != nil { - return err - } - - for _, entry := range files { - path := filepath.Join(path, entry.Name()) - if w.port.PathIsWatched(path) { - continue - } - - finfo, err := entry.Info() - if err != nil { - return err - } - err = w.associateFile(path, finfo, false) - if err != nil { - if !w.sendError(err) { - return nil - } - } - if !w.sendEvent(path, Create) { - return nil - } - } - return nil -} - -func (w *Watcher) associateFile(path string, stat os.FileInfo, follow bool) error { - if w.isClosed() { - return ErrClosed - } - // This is primarily protecting the call to AssociatePath but it is - // important and intentional that the call to PathIsWatched is also - // protected by this mutex. Without this mutex, AssociatePath has been seen - // to error out that the path is already associated. - w.mu.Lock() - defer w.mu.Unlock() - - if w.port.PathIsWatched(path) { - // Remove the old association in favor of this one If we get ENOENT, - // then while the x/sys/unix wrapper still thought that this path was - // associated, the underlying event port did not. This call will have - // cleared up that discrepancy. The most likely cause is that the event - // has fired but we haven't processed it yet. - err := w.port.DissociatePath(path) - if err != nil && err != unix.ENOENT { - return err - } - } - // FILE_NOFOLLOW means we watch symlinks themselves rather than their - // targets. - events := unix.FILE_MODIFIED | unix.FILE_ATTRIB | unix.FILE_NOFOLLOW - if follow { - // We *DO* follow symlinks for explicitly watched entries. - events = unix.FILE_MODIFIED | unix.FILE_ATTRIB - } - return w.port.AssociatePath(path, stat, - events, - stat.Mode()) -} - -func (w *Watcher) dissociateFile(path string, stat os.FileInfo, unused bool) error { - if !w.port.PathIsWatched(path) { - return nil - } - return w.port.DissociatePath(path) -} - -// WatchList returns all paths explicitly added with [Watcher.Add] (and are not -// yet removed). -// -// Returns nil if [Watcher.Close] was called. -func (w *Watcher) WatchList() []string { - if w.isClosed() { - return nil - } - - w.mu.Lock() - defer w.mu.Unlock() - - entries := make([]string, 0, len(w.watches)+len(w.dirs)) - for pathname := range w.dirs { - entries = append(entries, pathname) - } - for pathname := range w.watches { - entries = append(entries, pathname) - } - - return entries -} diff --git a/vendor/github.com/fsnotify/fsnotify/backend_inotify.go b/vendor/github.com/fsnotify/fsnotify/backend_inotify.go index 921c1c1e4012..54c77fbb0ee8 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_inotify.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_inotify.go @@ -1,8 +1,5 @@ -//go:build linux && !appengine -// +build linux,!appengine - -// Note: the documentation on the Watcher type and methods is generated from -// mkdoc.zsh +//go:build linux +// +build linux package fsnotify @@ -29,9 +26,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -45,16 +42,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -70,20 +67,14 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # Windows notes -// -// Paths can be added as "C:\path\to\dir", but forward slashes -// ("C:/path/to/dir") will also work. +// # macOS notes // -// When a watched directory is removed it will always send an event for the -// directory itself, but may not send events for all files in that directory. -// Sometimes it will send events for all times, sometimes it will send no -// events, and often only for some files. +// Spotlight indexing on macOS can result in multiple events (see [#15]). A +// temporary workaround is to add your folder(s) to the "Spotlight Privacy +// Settings" until we have a native FSEvents implementation (see [#11]). // -// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest -// value that is guaranteed to work with SMB filesystems. If you have many -// events in quick succession this may not be enough, and you will have to use -// [WithBufferSize] to increase the value. +// [#11]: https://github.com/fsnotify/fsnotify/issues/11 +// [#15]: https://github.com/fsnotify/fsnotify/issues/15 type Watcher struct { // Events sends the filesystem change events. // @@ -110,148 +101,36 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, and you may - // want to wait until you've stopped receiving them - // (see the dedup example in cmd/fsnotify). - // - // Some systems may send Write event for directories - // when the directory content changes. + // you may get hundreds of Write events, so you + // probably want to wait until you've stopped receiving + // them (see the dedup example in cmd/fsnotify). // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // when a file is truncated. On Windows it's never - // sent. + // and on kqueue when a file is truncated. On Windows + // it's never sent. Events chan Event // Errors sends any errors. - // - // ErrEventOverflow is used to indicate there are too many events: - // - // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) - // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. - // - kqueue, fen: Not used. Errors chan error // Store fd here as os.File.Read() will no longer return on close after // calling Fd(). See: https://github.com/golang/go/issues/26439 fd int + mu sync.Mutex // Map access inotifyFile *os.File - watches *watches - done chan struct{} // Channel for sending a "quit message" to the reader goroutine - closeMu sync.Mutex - doneResp chan struct{} // Channel to respond to Close -} - -type ( - watches struct { - mu sync.RWMutex - wd map[uint32]*watch // wd → watch - path map[string]uint32 // pathname → wd - } - watch struct { - wd uint32 // Watch descriptor (as returned by the inotify_add_watch() syscall) - flags uint32 // inotify flags of this watch (see inotify(7) for the list of valid flags) - path string // Watch path. - } -) - -func newWatches() *watches { - return &watches{ - wd: make(map[uint32]*watch), - path: make(map[string]uint32), - } -} - -func (w *watches) len() int { - w.mu.RLock() - defer w.mu.RUnlock() - return len(w.wd) -} - -func (w *watches) add(ww *watch) { - w.mu.Lock() - defer w.mu.Unlock() - w.wd[ww.wd] = ww - w.path[ww.path] = ww.wd -} - -func (w *watches) remove(wd uint32) { - w.mu.Lock() - defer w.mu.Unlock() - delete(w.path, w.wd[wd].path) - delete(w.wd, wd) -} - -func (w *watches) removePath(path string) (uint32, bool) { - w.mu.Lock() - defer w.mu.Unlock() - - wd, ok := w.path[path] - if !ok { - return 0, false - } - - delete(w.path, path) - delete(w.wd, wd) - - return wd, true -} - -func (w *watches) byPath(path string) *watch { - w.mu.RLock() - defer w.mu.RUnlock() - return w.wd[w.path[path]] -} - -func (w *watches) byWd(wd uint32) *watch { - w.mu.RLock() - defer w.mu.RUnlock() - return w.wd[wd] -} - -func (w *watches) updatePath(path string, f func(*watch) (*watch, error)) error { - w.mu.Lock() - defer w.mu.Unlock() - - var existing *watch - wd, ok := w.path[path] - if ok { - existing = w.wd[wd] - } - - upd, err := f(existing) - if err != nil { - return err - } - if upd != nil { - w.wd[upd.wd] = upd - w.path[upd.path] = upd.wd - - if upd.wd != wd { - delete(w.wd, wd) - } - } - - return nil + watches map[string]*watch // Map of inotify watches (key: path) + paths map[int]string // Map of watched paths (key: watch descriptor) + done chan struct{} // Channel for sending a "quit message" to the reader goroutine + doneResp chan struct{} // Channel to respond to Close } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return NewBufferedWatcher(0) -} - -// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events -// channel. -// -// The main use case for this is situations with a very large number of events -// where the kernel buffer size can't be increased (e.g. due to lack of -// permissions). An unbuffered Watcher will perform better for almost all use -// cases, and whenever possible you will be better off increasing the kernel -// buffers instead of adding a large userspace buffer. -func NewBufferedWatcher(sz uint) (*Watcher, error) { - // Need to set nonblocking mode for SetDeadline to work, otherwise blocking - // I/O operations won't terminate on close. + // Create inotify fd + // Need to set the FD to nonblocking mode in order for SetDeadline methods to work + // Otherwise, blocking i/o operations won't terminate on close fd, errno := unix.InotifyInit1(unix.IN_CLOEXEC | unix.IN_NONBLOCK) if fd == -1 { return nil, errno @@ -260,8 +139,9 @@ func NewBufferedWatcher(sz uint) (*Watcher, error) { w := &Watcher{ fd: fd, inotifyFile: os.NewFile(uintptr(fd), ""), - watches: newWatches(), - Events: make(chan Event, sz), + watches: make(map[string]*watch), + paths: make(map[int]string), + Events: make(chan Event), Errors: make(chan error), done: make(chan struct{}), doneResp: make(chan struct{}), @@ -277,8 +157,8 @@ func (w *Watcher) sendEvent(e Event) bool { case w.Events <- e: return true case <-w.done: - return false } + return false } // Returns true if the error was sent, or false if watcher is closed. @@ -300,15 +180,17 @@ func (w *Watcher) isClosed() bool { } } -// Close removes all watches and closes the Events channel. +// Close removes all watches and closes the events channel. func (w *Watcher) Close() error { - w.closeMu.Lock() + w.mu.Lock() if w.isClosed() { - w.closeMu.Unlock() + w.mu.Unlock() return nil } + + // Send 'close' signal to goroutine, and set the Watcher to closed. close(w.done) - w.closeMu.Unlock() + w.mu.Unlock() // Causes any blocking reads to return with an error, provided the file // still supports deadline operations. @@ -325,21 +207,17 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; watching it more than once is a no-op and will -// not return an error. Paths that do not yet exist on the filesystem cannot be -// watched. +// A path can only be watched once; attempting to watch it more than once will +// return an error. Paths that do not yet exist on the filesystem cannot be +// added. A watch will be automatically removed if the path is deleted. // -// A watch will be automatically removed if the watched path is deleted or -// renamed. The exception is the Windows backend, which doesn't remove the -// watcher on renames. +// A path will remain watched if it gets renamed to somewhere else on the same +// filesystem, but the monitor will get removed if the path gets deleted and +// re-created, or if it's moved to a different filesystem. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // -// Returns [ErrClosed] if [Watcher.Close] was called. -// -// See [Watcher.AddWith] for a version that allows adding options. -// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -349,59 +227,44 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many programs (especially editors) update files atomically: it -// will write to a temporary file which is then moved to to destination, -// overwriting the original (or some variant thereof). The watcher on the -// original file is now lost, as that no longer exists. -// -// The upshot of this is that a power failure or crash won't leave a -// half-written file. -// -// Watch the parent directory and use Event.Name to filter out files you're not -// interested in. There is an example of this in cmd/fsnotify/file.go. -func (w *Watcher) Add(name string) error { return w.AddWith(name) } - -// AddWith is like [Watcher.Add], but allows adding options. When using Add() -// the defaults described below are used. -// -// Possible options are: -// -// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on -// other platforms. The default is 64K (65536 bytes). -func (w *Watcher) AddWith(name string, opts ...addOpt) error { +// recommended as many tools update files atomically. Instead of "just" writing +// to the file a temporary file will be written to first, and if successful the +// temporary file is moved to to destination removing the original, or some +// variant thereof. The watcher on the original file is now lost, as it no +// longer exists. +// +// Instead, watch the parent directory and use Event.Name to filter out files +// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. +func (w *Watcher) Add(name string) error { + name = filepath.Clean(name) if w.isClosed() { - return ErrClosed + return errors.New("inotify instance already closed") } - name = filepath.Clean(name) - _ = getOptions(opts...) - var flags uint32 = unix.IN_MOVED_TO | unix.IN_MOVED_FROM | unix.IN_CREATE | unix.IN_ATTRIB | unix.IN_MODIFY | unix.IN_MOVE_SELF | unix.IN_DELETE | unix.IN_DELETE_SELF - return w.watches.updatePath(name, func(existing *watch) (*watch, error) { - if existing != nil { - flags |= existing.flags | unix.IN_MASK_ADD - } - - wd, err := unix.InotifyAddWatch(w.fd, name, flags) - if wd == -1 { - return nil, err - } + w.mu.Lock() + defer w.mu.Unlock() + watchEntry := w.watches[name] + if watchEntry != nil { + flags |= watchEntry.flags | unix.IN_MASK_ADD + } + wd, errno := unix.InotifyAddWatch(w.fd, name, flags) + if wd == -1 { + return errno + } - if existing == nil { - return &watch{ - wd: uint32(wd), - path: name, - flags: flags, - }, nil - } + if watchEntry == nil { + w.watches[name] = &watch{wd: uint32(wd), flags: flags} + w.paths[wd] = name + } else { + watchEntry.wd = uint32(wd) + watchEntry.flags = flags + } - existing.wd = uint32(wd) - existing.flags = flags - return existing, nil - }) + return nil } // Remove stops monitoring the path for changes. @@ -410,22 +273,32 @@ func (w *Watcher) AddWith(name string, opts ...addOpt) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -// -// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { - if w.isClosed() { - return nil - } - return w.remove(filepath.Clean(name)) -} + name = filepath.Clean(name) + + // Fetch the watch. + w.mu.Lock() + defer w.mu.Unlock() + watch, ok := w.watches[name] -func (w *Watcher) remove(name string) error { - wd, ok := w.watches.removePath(name) + // Remove it from inotify. if !ok { return fmt.Errorf("%w: %s", ErrNonExistentWatch, name) } - success, errno := unix.InotifyRmWatch(w.fd, wd) + // We successfully removed the watch if InotifyRmWatch doesn't return an + // error, we need to clean up our internal state to ensure it matches + // inotify's kernel state. + delete(w.paths, int(watch.wd)) + delete(w.watches, name) + + // inotify_rm_watch will return EINVAL if the file has been deleted; + // the inotify will already have been removed. + // watches and pathes are deleted in ignoreLinux() implicitly and asynchronously + // by calling inotify_rm_watch() below. e.g. readEvents() goroutine receives IN_IGNORE + // so that EINVAL means that the wd is being rm_watch()ed or its file removed + // by another thread and we have not received IN_IGNORE event. + success, errno := unix.InotifyRmWatch(w.fd, watch.wd) if success == -1 { // TODO: Perhaps it's not helpful to return an error here in every case; // The only two possible errors are: @@ -439,28 +312,28 @@ func (w *Watcher) remove(name string) error { // are watching is deleted. return errno } + return nil } -// WatchList returns all paths explicitly added with [Watcher.Add] (and are not -// yet removed). -// -// Returns nil if [Watcher.Close] was called. +// WatchList returns all paths added with [Add] (and are not yet removed). func (w *Watcher) WatchList() []string { - if w.isClosed() { - return nil - } + w.mu.Lock() + defer w.mu.Unlock() - entries := make([]string, 0, w.watches.len()) - w.watches.mu.RLock() - for pathname := range w.watches.path { + entries := make([]string, 0, len(w.watches)) + for pathname := range w.watches { entries = append(entries, pathname) } - w.watches.mu.RUnlock() return entries } +type watch struct { + wd uint32 // Watch descriptor (as returned by the inotify_add_watch() syscall) + flags uint32 // inotify flags of this watch (see inotify(7) for the list of valid flags) +} + // readEvents reads from the inotify file descriptor, converts the // received events into Event objects and sends them via the Events channel func (w *Watcher) readEvents() { @@ -494,11 +367,14 @@ func (w *Watcher) readEvents() { if n < unix.SizeofInotifyEvent { var err error if n == 0 { - err = io.EOF // If EOF is received. This should really never happen. + // If EOF is received. This should really never happen. + err = io.EOF } else if n < 0 { - err = errno // If an error occurred while reading. + // If an error occurred while reading. + err = errno } else { - err = errors.New("notify: short read in readEvents()") // Read was too short. + // Read was too short. + err = errors.New("notify: short read in readEvents()") } if !w.sendError(err) { return @@ -527,29 +403,18 @@ func (w *Watcher) readEvents() { // doesn't append the filename to the event, but we would like to always fill the // the "Name" field with a valid filename. We retrieve the path of the watch from // the "paths" map. - watch := w.watches.byWd(uint32(raw.Wd)) - - // inotify will automatically remove the watch on deletes; just need - // to clean our state here. - if watch != nil && mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF { - w.watches.remove(watch.wd) - } - // We can't really update the state when a watched path is moved; - // only IN_MOVE_SELF is sent and not IN_MOVED_{FROM,TO}. So remove - // the watch. - if watch != nil && mask&unix.IN_MOVE_SELF == unix.IN_MOVE_SELF { - err := w.remove(watch.path) - if err != nil && !errors.Is(err, ErrNonExistentWatch) { - if !w.sendError(err) { - return - } - } + w.mu.Lock() + name, ok := w.paths[int(raw.Wd)] + // IN_DELETE_SELF occurs when the file/directory being watched is removed. + // This is a sign to clean up the maps, otherwise we are no longer in sync + // with the inotify kernel state which has already deleted the watch + // automatically. + if ok && mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF { + delete(w.paths, int(raw.Wd)) + delete(w.watches, name) } + w.mu.Unlock() - var name string - if watch != nil { - name = watch.path - } if nameLen > 0 { // Point "bytes" at the first byte of the filename bytes := (*[unix.PathMax]byte)(unsafe.Pointer(&buf[offset+unix.SizeofInotifyEvent]))[:nameLen:nameLen] diff --git a/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go b/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go index 063a0915a07a..29087469bf83 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go @@ -1,14 +1,12 @@ //go:build freebsd || openbsd || netbsd || dragonfly || darwin // +build freebsd openbsd netbsd dragonfly darwin -// Note: the documentation on the Watcher type and methods is generated from -// mkdoc.zsh - package fsnotify import ( "errors" "fmt" + "io/ioutil" "os" "path/filepath" "sync" @@ -26,9 +24,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -42,16 +40,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -67,20 +65,14 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # Windows notes -// -// Paths can be added as "C:\path\to\dir", but forward slashes -// ("C:/path/to/dir") will also work. +// # macOS notes // -// When a watched directory is removed it will always send an event for the -// directory itself, but may not send events for all files in that directory. -// Sometimes it will send events for all times, sometimes it will send no -// events, and often only for some files. +// Spotlight indexing on macOS can result in multiple events (see [#15]). A +// temporary workaround is to add your folder(s) to the "Spotlight Privacy +// Settings" until we have a native FSEvents implementation (see [#11]). // -// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest -// value that is guaranteed to work with SMB filesystems. If you have many -// events in quick succession this may not be enough, and you will have to use -// [WithBufferSize] to increase the value. +// [#11]: https://github.com/fsnotify/fsnotify/issues/11 +// [#15]: https://github.com/fsnotify/fsnotify/issues/15 type Watcher struct { // Events sends the filesystem change events. // @@ -107,27 +99,18 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, and you may - // want to wait until you've stopped receiving them - // (see the dedup example in cmd/fsnotify). - // - // Some systems may send Write event for directories - // when the directory content changes. + // you may get hundreds of Write events, so you + // probably want to wait until you've stopped receiving + // them (see the dedup example in cmd/fsnotify). // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // when a file is truncated. On Windows it's never - // sent. + // and on kqueue when a file is truncated. On Windows + // it's never sent. Events chan Event // Errors sends any errors. - // - // ErrEventOverflow is used to indicate there are too many events: - // - // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) - // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. - // - kqueue, fen: Not used. Errors chan error done chan struct{} @@ -150,18 +133,6 @@ type pathInfo struct { // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return NewBufferedWatcher(0) -} - -// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events -// channel. -// -// The main use case for this is situations with a very large number of events -// where the kernel buffer size can't be increased (e.g. due to lack of -// permissions). An unbuffered Watcher will perform better for almost all use -// cases, and whenever possible you will be better off increasing the kernel -// buffers instead of adding a large userspace buffer. -func NewBufferedWatcher(sz uint) (*Watcher, error) { kq, closepipe, err := newKqueue() if err != nil { return nil, err @@ -176,7 +147,7 @@ func NewBufferedWatcher(sz uint) (*Watcher, error) { paths: make(map[int]pathInfo), fileExists: make(map[string]struct{}), userWatches: make(map[string]struct{}), - Events: make(chan Event, sz), + Events: make(chan Event), Errors: make(chan error), done: make(chan struct{}), } @@ -226,8 +197,8 @@ func (w *Watcher) sendEvent(e Event) bool { case w.Events <- e: return true case <-w.done: - return false } + return false } // Returns true if the error was sent, or false if watcher is closed. @@ -236,11 +207,11 @@ func (w *Watcher) sendError(err error) bool { case w.Errors <- err: return true case <-w.done: - return false } + return false } -// Close removes all watches and closes the Events channel. +// Close removes all watches and closes the events channel. func (w *Watcher) Close() error { w.mu.Lock() if w.isClosed { @@ -268,21 +239,17 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; watching it more than once is a no-op and will -// not return an error. Paths that do not yet exist on the filesystem cannot be -// watched. +// A path can only be watched once; attempting to watch it more than once will +// return an error. Paths that do not yet exist on the filesystem cannot be +// added. A watch will be automatically removed if the path is deleted. // -// A watch will be automatically removed if the watched path is deleted or -// renamed. The exception is the Windows backend, which doesn't remove the -// watcher on renames. +// A path will remain watched if it gets renamed to somewhere else on the same +// filesystem, but the monitor will get removed if the path gets deleted and +// re-created, or if it's moved to a different filesystem. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // -// Returns [ErrClosed] if [Watcher.Close] was called. -// -// See [Watcher.AddWith] for a version that allows adding options. -// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -292,28 +259,15 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many programs (especially editors) update files atomically: it -// will write to a temporary file which is then moved to to destination, -// overwriting the original (or some variant thereof). The watcher on the -// original file is now lost, as that no longer exists. -// -// The upshot of this is that a power failure or crash won't leave a -// half-written file. -// -// Watch the parent directory and use Event.Name to filter out files you're not -// interested in. There is an example of this in cmd/fsnotify/file.go. -func (w *Watcher) Add(name string) error { return w.AddWith(name) } - -// AddWith is like [Watcher.Add], but allows adding options. When using Add() -// the defaults described below are used. -// -// Possible options are: -// -// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on -// other platforms. The default is 64K (65536 bytes). -func (w *Watcher) AddWith(name string, opts ...addOpt) error { - _ = getOptions(opts...) - +// recommended as many tools update files atomically. Instead of "just" writing +// to the file a temporary file will be written to first, and if successful the +// temporary file is moved to to destination removing the original, or some +// variant thereof. The watcher on the original file is now lost, as it no +// longer exists. +// +// Instead, watch the parent directory and use Event.Name to filter out files +// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. +func (w *Watcher) Add(name string) error { w.mu.Lock() w.userWatches[name] = struct{}{} w.mu.Unlock() @@ -327,19 +281,9 @@ func (w *Watcher) AddWith(name string, opts ...addOpt) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -// -// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { - return w.remove(name, true) -} - -func (w *Watcher) remove(name string, unwatchFiles bool) error { name = filepath.Clean(name) w.mu.Lock() - if w.isClosed { - w.mu.Unlock() - return nil - } watchfd, ok := w.watches[name] w.mu.Unlock() if !ok { @@ -371,7 +315,7 @@ func (w *Watcher) remove(name string, unwatchFiles bool) error { w.mu.Unlock() // Find all watched paths that are in this directory that are not external. - if unwatchFiles && isDir { + if isDir { var pathsToRemove []string w.mu.Lock() for fd := range w.watchesByDir[name] { @@ -382,25 +326,20 @@ func (w *Watcher) remove(name string, unwatchFiles bool) error { } w.mu.Unlock() for _, name := range pathsToRemove { - // Since these are internal, not much sense in propagating error to - // the user, as that will just confuse them with an error about a - // path they did not explicitly watch themselves. + // Since these are internal, not much sense in propagating error + // to the user, as that will just confuse them with an error about + // a path they did not explicitly watch themselves. w.Remove(name) } } + return nil } -// WatchList returns all paths explicitly added with [Watcher.Add] (and are not -// yet removed). -// -// Returns nil if [Watcher.Close] was called. +// WatchList returns all paths added with [Add] (and are not yet removed). func (w *Watcher) WatchList() []string { w.mu.Lock() defer w.mu.Unlock() - if w.isClosed { - return nil - } entries := make([]string, 0, len(w.userWatches)) for pathname := range w.userWatches { @@ -413,18 +352,18 @@ func (w *Watcher) WatchList() []string { // Watch all events (except NOTE_EXTEND, NOTE_LINK, NOTE_REVOKE) const noteAllEvents = unix.NOTE_DELETE | unix.NOTE_WRITE | unix.NOTE_ATTRIB | unix.NOTE_RENAME -// addWatch adds name to the watched file set; the flags are interpreted as -// described in kevent(2). -// -// Returns the real path to the file which was added, with symlinks resolved. +// addWatch adds name to the watched file set. +// The flags are interpreted as described in kevent(2). +// Returns the real path to the file which was added, if any, which may be different from the one passed in the case of symlinks. func (w *Watcher) addWatch(name string, flags uint32) (string, error) { var isDir bool + // Make ./name and name equivalent name = filepath.Clean(name) w.mu.Lock() if w.isClosed { w.mu.Unlock() - return "", ErrClosed + return "", errors.New("kevent instance already closed") } watchfd, alreadyWatching := w.watches[name] // We already have a watch, but we can still override flags. @@ -444,30 +383,27 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { return "", nil } - // Follow Symlinks. + // Follow Symlinks + // + // Linux can add unresolvable symlinks to the watch list without issue, + // and Windows can't do symlinks period. To maintain consistency, we + // will act like everything is fine if the link can't be resolved. + // There will simply be no file events for broken symlinks. Hence the + // returns of nil on errors. if fi.Mode()&os.ModeSymlink == os.ModeSymlink { - link, err := os.Readlink(name) + name, err = filepath.EvalSymlinks(name) if err != nil { - // Return nil because Linux can add unresolvable symlinks to the - // watch list without problems, so maintain consistency with - // that. There will be no file events for broken symlinks. - // TODO: more specific check; returns os.PathError; ENOENT? return "", nil } w.mu.Lock() - _, alreadyWatching = w.watches[link] + _, alreadyWatching = w.watches[name] w.mu.Unlock() if alreadyWatching { - // Add to watches so we don't get spurious Create events later - // on when we diff the directories. - w.watches[name] = 0 - w.fileExists[name] = struct{}{} - return link, nil + return name, nil } - name = link fi, err = os.Lstat(name) if err != nil { return "", nil @@ -475,7 +411,7 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { } // Retry on EINTR; open() can return EINTR in practice on macOS. - // See #354, and Go issues 11180 and 39237. + // See #354, and go issues 11180 and 39237. for { watchfd, err = unix.Open(name, openMode, 0) if err == nil { @@ -508,13 +444,14 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { w.watchesByDir[parentName] = watchesByDir } watchesByDir[watchfd] = struct{}{} + w.paths[watchfd] = pathInfo{name: name, isDir: isDir} w.mu.Unlock() } if isDir { - // Watch the directory if it has not been watched before, or if it was - // watched before, but perhaps only a NOTE_DELETE (watchDirectoryFiles) + // Watch the directory if it has not been watched before, + // or if it was watched before, but perhaps only a NOTE_DELETE (watchDirectoryFiles) w.mu.Lock() watchDir := (flags&unix.NOTE_WRITE) == unix.NOTE_WRITE && @@ -536,10 +473,13 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { // Event values that it sends down the Events channel. func (w *Watcher) readEvents() { defer func() { + err := unix.Close(w.kq) + if err != nil { + w.Errors <- err + } + unix.Close(w.closepipe[0]) close(w.Events) close(w.Errors) - _ = unix.Close(w.kq) - unix.Close(w.closepipe[0]) }() eventBuffer := make([]unix.Kevent_t, 10) @@ -573,8 +513,18 @@ func (w *Watcher) readEvents() { event := w.newEvent(path.name, mask) + if path.isDir && !event.Has(Remove) { + // Double check to make sure the directory exists. This can + // happen when we do a rm -fr on a recursively watched folders + // and we receive a modification event first but the folder has + // been deleted and later receive the delete event. + if _, err := os.Lstat(event.Name); os.IsNotExist(err) { + event.Op |= Remove + } + } + if event.Has(Rename) || event.Has(Remove) { - w.remove(event.Name, false) + w.Remove(event.Name) w.mu.Lock() delete(w.fileExists, event.Name) w.mu.Unlock() @@ -590,30 +540,26 @@ func (w *Watcher) readEvents() { } if event.Has(Remove) { - // Look for a file that may have overwritten this; for example, - // mv f1 f2 will delete f2, then create f2. + // Look for a file that may have overwritten this. + // For example, mv f1 f2 will delete f2, then create f2. if path.isDir { fileDir := filepath.Clean(event.Name) w.mu.Lock() _, found := w.watches[fileDir] w.mu.Unlock() if found { - err := w.sendDirectoryChangeEvents(fileDir) - if err != nil { - if !w.sendError(err) { - closed = true - } + // make sure the directory exists before we watch for changes. When we + // do a recursive watch and perform rm -fr, the parent directory might + // have gone missing, ignore the missing directory and let the + // upcoming delete event remove the watch from the parent directory. + if _, err := os.Lstat(fileDir); err == nil { + w.sendDirectoryChangeEvents(fileDir) } } } else { filePath := filepath.Clean(event.Name) - if fi, err := os.Lstat(filePath); err == nil { - err := w.sendFileCreatedEventIfNew(filePath, fi) - if err != nil { - if !w.sendError(err) { - closed = true - } - } + if fileInfo, err := os.Lstat(filePath); err == nil { + w.sendFileCreatedEventIfNew(filePath, fileInfo) } } } @@ -636,31 +582,21 @@ func (w *Watcher) newEvent(name string, mask uint32) Event { if mask&unix.NOTE_ATTRIB == unix.NOTE_ATTRIB { e.Op |= Chmod } - // No point sending a write and delete event at the same time: if it's gone, - // then it's gone. - if e.Op.Has(Write) && e.Op.Has(Remove) { - e.Op &^= Write - } return e } // watchDirectoryFiles to mimic inotify when adding a watch on a directory func (w *Watcher) watchDirectoryFiles(dirPath string) error { // Get all files - files, err := os.ReadDir(dirPath) + files, err := ioutil.ReadDir(dirPath) if err != nil { return err } - for _, f := range files { - path := filepath.Join(dirPath, f.Name()) - - fi, err := f.Info() - if err != nil { - return fmt.Errorf("%q: %w", path, err) - } + for _, fileInfo := range files { + path := filepath.Join(dirPath, fileInfo.Name()) - cleanPath, err := w.internalWatch(path, fi) + cleanPath, err := w.internalWatch(path, fileInfo) if err != nil { // No permission to read the file; that's not a problem: just skip. // But do add it to w.fileExists to prevent it from being picked up @@ -670,7 +606,7 @@ func (w *Watcher) watchDirectoryFiles(dirPath string) error { case errors.Is(err, unix.EACCES) || errors.Is(err, unix.EPERM): cleanPath = filepath.Clean(path) default: - return fmt.Errorf("%q: %w", path, err) + return fmt.Errorf("%q: %w", filepath.Join(dirPath, fileInfo.Name()), err) } } @@ -686,37 +622,26 @@ func (w *Watcher) watchDirectoryFiles(dirPath string) error { // // This functionality is to have the BSD watcher match the inotify, which sends // a create event for files created in a watched directory. -func (w *Watcher) sendDirectoryChangeEvents(dir string) error { - files, err := os.ReadDir(dir) +func (w *Watcher) sendDirectoryChangeEvents(dir string) { + // Get all files + files, err := ioutil.ReadDir(dir) if err != nil { - // Directory no longer exists: we can ignore this safely. kqueue will - // still give us the correct events. - if errors.Is(err, os.ErrNotExist) { - return nil + if !w.sendError(fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err)) { + return } - return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) } - for _, f := range files { - fi, err := f.Info() + // Search for new files + for _, fi := range files { + err := w.sendFileCreatedEventIfNew(filepath.Join(dir, fi.Name()), fi) if err != nil { - return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) - } - - err = w.sendFileCreatedEventIfNew(filepath.Join(dir, fi.Name()), fi) - if err != nil { - // Don't need to send an error if this file isn't readable. - if errors.Is(err, unix.EACCES) || errors.Is(err, unix.EPERM) { - return nil - } - return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) + return } } - return nil } // sendFileCreatedEvent sends a create event if the file isn't already being tracked. -func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fi os.FileInfo) (err error) { +func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fileInfo os.FileInfo) (err error) { w.mu.Lock() _, doesExist := w.fileExists[filePath] w.mu.Unlock() @@ -727,7 +652,7 @@ func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fi os.FileInfo) (er } // like watchDirectoryFiles (but without doing another ReadDir) - filePath, err = w.internalWatch(filePath, fi) + filePath, err = w.internalWatch(filePath, fileInfo) if err != nil { return err } @@ -739,10 +664,10 @@ func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fi os.FileInfo) (er return nil } -func (w *Watcher) internalWatch(name string, fi os.FileInfo) (string, error) { - if fi.IsDir() { - // mimic Linux providing delete events for subdirectories, but preserve - // the flags used if currently watching subdirectory +func (w *Watcher) internalWatch(name string, fileInfo os.FileInfo) (string, error) { + if fileInfo.IsDir() { + // mimic Linux providing delete events for subdirectories + // but preserve the flags used if currently watching subdirectory w.mu.Lock() flags := w.dirFlags[name] w.mu.Unlock() diff --git a/vendor/github.com/fsnotify/fsnotify/backend_other.go b/vendor/github.com/fsnotify/fsnotify/backend_other.go index d34a23c015f8..a9bb1c3c4d07 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_other.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_other.go @@ -1,169 +1,39 @@ -//go:build appengine || (!darwin && !dragonfly && !freebsd && !openbsd && !linux && !netbsd && !solaris && !windows) -// +build appengine !darwin,!dragonfly,!freebsd,!openbsd,!linux,!netbsd,!solaris,!windows - -// Note: the documentation on the Watcher type and methods is generated from -// mkdoc.zsh +//go:build !darwin && !dragonfly && !freebsd && !openbsd && !linux && !netbsd && !solaris && !windows +// +build !darwin,!dragonfly,!freebsd,!openbsd,!linux,!netbsd,!solaris,!windows package fsnotify -import "errors" +import ( + "fmt" + "runtime" +) -// Watcher watches a set of paths, delivering events on a channel. -// -// A watcher should not be copied (e.g. pass it by pointer, rather than by -// value). -// -// # Linux notes -// -// When a file is removed a Remove event won't be emitted until all file -// descriptors are closed, and deletes will always emit a Chmod. For example: -// -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove -// -// This is the event that inotify sends, so not much can be changed about this. -// -// The fs.inotify.max_user_watches sysctl variable specifies the upper limit -// for the number of watches per user, and fs.inotify.max_user_instances -// specifies the maximum number of inotify instances per user. Every Watcher you -// create is an "instance", and every path you add is a "watch". -// -// These are also exposed in /proc as /proc/sys/fs/inotify/max_user_watches and -// /proc/sys/fs/inotify/max_user_instances -// -// To increase them you can use sysctl or write the value to the /proc file: -// -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 -// -// To make the changes persist on reboot edit /etc/sysctl.conf or -// /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check -// your distro's documentation): -// -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 -// -// Reaching the limit will result in a "no space left on device" or "too many open -// files" error. -// -// # kqueue notes (macOS, BSD) -// -// kqueue requires opening a file descriptor for every file that's being watched; -// so if you're watching a directory with five files then that's six file -// descriptors. You will run in to your system's "max open files" limit faster on -// these platforms. -// -// The sysctl variables kern.maxfiles and kern.maxfilesperproc can be used to -// control the maximum number of open files, as well as /etc/login.conf on BSD -// systems. -// -// # Windows notes -// -// Paths can be added as "C:\path\to\dir", but forward slashes -// ("C:/path/to/dir") will also work. -// -// When a watched directory is removed it will always send an event for the -// directory itself, but may not send events for all files in that directory. -// Sometimes it will send events for all times, sometimes it will send no -// events, and often only for some files. -// -// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest -// value that is guaranteed to work with SMB filesystems. If you have many -// events in quick succession this may not be enough, and you will have to use -// [WithBufferSize] to increase the value. -type Watcher struct { - // Events sends the filesystem change events. - // - // fsnotify can send the following events; a "path" here can refer to a - // file, directory, symbolic link, or special file like a FIFO. - // - // fsnotify.Create A new path was created; this may be followed by one - // or more Write events if data also gets written to a - // file. - // - // fsnotify.Remove A path was removed. - // - // fsnotify.Rename A path was renamed. A rename is always sent with the - // old path as Event.Name, and a Create event will be - // sent with the new name. Renames are only sent for - // paths that are currently watched; e.g. moving an - // unmonitored file into a monitored directory will - // show up as just a Create. Similarly, renaming a file - // to outside a monitored directory will show up as - // only a Rename. - // - // fsnotify.Write A file or named pipe was written to. A Truncate will - // also trigger a Write. A single "write action" - // initiated by the user may show up as one or multiple - // writes, depending on when the system syncs things to - // disk. For example when compiling a large Go program - // you may get hundreds of Write events, and you may - // want to wait until you've stopped receiving them - // (see the dedup example in cmd/fsnotify). - // - // Some systems may send Write event for directories - // when the directory content changes. - // - // fsnotify.Chmod Attributes were changed. On Linux this is also sent - // when a file is removed (or more accurately, when a - // link to an inode is removed). On kqueue it's sent - // when a file is truncated. On Windows it's never - // sent. - Events chan Event - - // Errors sends any errors. - // - // ErrEventOverflow is used to indicate there are too many events: - // - // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) - // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. - // - kqueue, fen: Not used. - Errors chan error -} +// Watcher watches a set of files, delivering events to a channel. +type Watcher struct{} // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return nil, errors.New("fsnotify not supported on the current platform") + return nil, fmt.Errorf("fsnotify not supported on %s", runtime.GOOS) } -// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events -// channel. -// -// The main use case for this is situations with a very large number of events -// where the kernel buffer size can't be increased (e.g. due to lack of -// permissions). An unbuffered Watcher will perform better for almost all use -// cases, and whenever possible you will be better off increasing the kernel -// buffers instead of adding a large userspace buffer. -func NewBufferedWatcher(sz uint) (*Watcher, error) { return NewWatcher() } - -// Close removes all watches and closes the Events channel. -func (w *Watcher) Close() error { return nil } - -// WatchList returns all paths explicitly added with [Watcher.Add] (and are not -// yet removed). -// -// Returns nil if [Watcher.Close] was called. -func (w *Watcher) WatchList() []string { return nil } +// Close removes all watches and closes the events channel. +func (w *Watcher) Close() error { + return nil +} // Add starts monitoring the path for changes. // -// A path can only be watched once; watching it more than once is a no-op and will -// not return an error. Paths that do not yet exist on the filesystem cannot be -// watched. +// A path can only be watched once; attempting to watch it more than once will +// return an error. Paths that do not yet exist on the filesystem cannot be +// added. A watch will be automatically removed if the path is deleted. // -// A watch will be automatically removed if the watched path is deleted or -// renamed. The exception is the Windows backend, which doesn't remove the -// watcher on renames. +// A path will remain watched if it gets renamed to somewhere else on the same +// filesystem, but the monitor will get removed if the path gets deleted and +// re-created, or if it's moved to a different filesystem. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // -// Returns [ErrClosed] if [Watcher.Close] was called. -// -// See [Watcher.AddWith] for a version that allows adding options. -// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -173,26 +43,17 @@ func (w *Watcher) WatchList() []string { return nil } // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many programs (especially editors) update files atomically: it -// will write to a temporary file which is then moved to to destination, -// overwriting the original (or some variant thereof). The watcher on the -// original file is now lost, as that no longer exists. -// -// The upshot of this is that a power failure or crash won't leave a -// half-written file. -// -// Watch the parent directory and use Event.Name to filter out files you're not -// interested in. There is an example of this in cmd/fsnotify/file.go. -func (w *Watcher) Add(name string) error { return nil } - -// AddWith is like [Watcher.Add], but allows adding options. When using Add() -// the defaults described below are used. -// -// Possible options are: -// -// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on -// other platforms. The default is 64K (65536 bytes). -func (w *Watcher) AddWith(name string, opts ...addOpt) error { return nil } +// recommended as many tools update files atomically. Instead of "just" writing +// to the file a temporary file will be written to first, and if successful the +// temporary file is moved to to destination removing the original, or some +// variant thereof. The watcher on the original file is now lost, as it no +// longer exists. +// +// Instead, watch the parent directory and use Event.Name to filter out files +// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. +func (w *Watcher) Add(name string) error { + return nil +} // Remove stops monitoring the path for changes. // @@ -200,6 +61,6 @@ func (w *Watcher) AddWith(name string, opts ...addOpt) error { return nil } // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -// -// Returns nil if [Watcher.Close] was called. -func (w *Watcher) Remove(name string) error { return nil } +func (w *Watcher) Remove(name string) error { + return nil +} diff --git a/vendor/github.com/fsnotify/fsnotify/backend_windows.go b/vendor/github.com/fsnotify/fsnotify/backend_windows.go index 9bc91e5d613f..ae392867c042 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_windows.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_windows.go @@ -1,13 +1,6 @@ //go:build windows // +build windows -// Windows backend based on ReadDirectoryChangesW() -// -// https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-readdirectorychangesw -// -// Note: the documentation on the Watcher type and methods is generated from -// mkdoc.zsh - package fsnotify import ( @@ -34,9 +27,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -50,16 +43,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -75,20 +68,14 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # Windows notes +// # macOS notes // -// Paths can be added as "C:\path\to\dir", but forward slashes -// ("C:/path/to/dir") will also work. +// Spotlight indexing on macOS can result in multiple events (see [#15]). A +// temporary workaround is to add your folder(s) to the "Spotlight Privacy +// Settings" until we have a native FSEvents implementation (see [#11]). // -// When a watched directory is removed it will always send an event for the -// directory itself, but may not send events for all files in that directory. -// Sometimes it will send events for all times, sometimes it will send no -// events, and often only for some files. -// -// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest -// value that is guaranteed to work with SMB filesystems. If you have many -// events in quick succession this may not be enough, and you will have to use -// [WithBufferSize] to increase the value. +// [#11]: https://github.com/fsnotify/fsnotify/issues/11 +// [#15]: https://github.com/fsnotify/fsnotify/issues/15 type Watcher struct { // Events sends the filesystem change events. // @@ -115,52 +102,31 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, and you may - // want to wait until you've stopped receiving them - // (see the dedup example in cmd/fsnotify). - // - // Some systems may send Write event for directories - // when the directory content changes. + // you may get hundreds of Write events, so you + // probably want to wait until you've stopped receiving + // them (see the dedup example in cmd/fsnotify). // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // when a file is truncated. On Windows it's never - // sent. + // and on kqueue when a file is truncated. On Windows + // it's never sent. Events chan Event // Errors sends any errors. - // - // ErrEventOverflow is used to indicate there are too many events: - // - // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) - // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. - // - kqueue, fen: Not used. Errors chan error port windows.Handle // Handle to completion port input chan *input // Inputs to the reader are sent on this channel quit chan chan<- error - mu sync.Mutex // Protects access to watches, closed - watches watchMap // Map of watches (key: i-number) - closed bool // Set to true when Close() is first called + mu sync.Mutex // Protects access to watches, isClosed + watches watchMap // Map of watches (key: i-number) + isClosed bool // Set to true when Close() is first called } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return NewBufferedWatcher(50) -} - -// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events -// channel. -// -// The main use case for this is situations with a very large number of events -// where the kernel buffer size can't be increased (e.g. due to lack of -// permissions). An unbuffered Watcher will perform better for almost all use -// cases, and whenever possible you will be better off increasing the kernel -// buffers instead of adding a large userspace buffer. -func NewBufferedWatcher(sz uint) (*Watcher, error) { port, err := windows.CreateIoCompletionPort(windows.InvalidHandle, 0, 0, 0) if err != nil { return nil, os.NewSyscallError("CreateIoCompletionPort", err) @@ -169,7 +135,7 @@ func NewBufferedWatcher(sz uint) (*Watcher, error) { port: port, watches: make(watchMap), input: make(chan *input, 1), - Events: make(chan Event, sz), + Events: make(chan Event, 50), Errors: make(chan error), quit: make(chan chan<- error, 1), } @@ -177,12 +143,6 @@ func NewBufferedWatcher(sz uint) (*Watcher, error) { return w, nil } -func (w *Watcher) isClosed() bool { - w.mu.Lock() - defer w.mu.Unlock() - return w.closed -} - func (w *Watcher) sendEvent(name string, mask uint64) bool { if mask == 0 { return false @@ -207,14 +167,14 @@ func (w *Watcher) sendError(err error) bool { return false } -// Close removes all watches and closes the Events channel. +// Close removes all watches and closes the events channel. func (w *Watcher) Close() error { - if w.isClosed() { + w.mu.Lock() + if w.isClosed { + w.mu.Unlock() return nil } - - w.mu.Lock() - w.closed = true + w.isClosed = true w.mu.Unlock() // Send "quit" message to the reader goroutine @@ -228,21 +188,17 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; watching it more than once is a no-op and will -// not return an error. Paths that do not yet exist on the filesystem cannot be -// watched. +// A path can only be watched once; attempting to watch it more than once will +// return an error. Paths that do not yet exist on the filesystem cannot be +// added. A watch will be automatically removed if the path is deleted. // -// A watch will be automatically removed if the watched path is deleted or -// renamed. The exception is the Windows backend, which doesn't remove the -// watcher on renames. +// A path will remain watched if it gets renamed to somewhere else on the same +// filesystem, but the monitor will get removed if the path gets deleted and +// re-created, or if it's moved to a different filesystem. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // -// Returns [ErrClosed] if [Watcher.Close] was called. -// -// See [Watcher.AddWith] for a version that allows adding options. -// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -252,41 +208,27 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many programs (especially editors) update files atomically: it -// will write to a temporary file which is then moved to to destination, -// overwriting the original (or some variant thereof). The watcher on the -// original file is now lost, as that no longer exists. -// -// The upshot of this is that a power failure or crash won't leave a -// half-written file. -// -// Watch the parent directory and use Event.Name to filter out files you're not -// interested in. There is an example of this in cmd/fsnotify/file.go. -func (w *Watcher) Add(name string) error { return w.AddWith(name) } - -// AddWith is like [Watcher.Add], but allows adding options. When using Add() -// the defaults described below are used. -// -// Possible options are: -// -// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on -// other platforms. The default is 64K (65536 bytes). -func (w *Watcher) AddWith(name string, opts ...addOpt) error { - if w.isClosed() { - return ErrClosed - } - - with := getOptions(opts...) - if with.bufsize < 4096 { - return fmt.Errorf("fsnotify.WithBufferSize: buffer size cannot be smaller than 4096 bytes") +// recommended as many tools update files atomically. Instead of "just" writing +// to the file a temporary file will be written to first, and if successful the +// temporary file is moved to to destination removing the original, or some +// variant thereof. The watcher on the original file is now lost, as it no +// longer exists. +// +// Instead, watch the parent directory and use Event.Name to filter out files +// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. +func (w *Watcher) Add(name string) error { + w.mu.Lock() + if w.isClosed { + w.mu.Unlock() + return errors.New("watcher already closed") } + w.mu.Unlock() in := &input{ - op: opAddWatch, - path: filepath.Clean(name), - flags: sysFSALLEVENTS, - reply: make(chan error), - bufsize: with.bufsize, + op: opAddWatch, + path: filepath.Clean(name), + flags: sysFSALLEVENTS, + reply: make(chan error), } w.input <- in if err := w.wakeupReader(); err != nil { @@ -301,13 +243,7 @@ func (w *Watcher) AddWith(name string, opts ...addOpt) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -// -// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { - if w.isClosed() { - return nil - } - in := &input{ op: opRemoveWatch, path: filepath.Clean(name), @@ -320,15 +256,8 @@ func (w *Watcher) Remove(name string) error { return <-in.reply } -// WatchList returns all paths explicitly added with [Watcher.Add] (and are not -// yet removed). -// -// Returns nil if [Watcher.Close] was called. +// WatchList returns all paths added with [Add] (and are not yet removed). func (w *Watcher) WatchList() []string { - if w.isClosed() { - return nil - } - w.mu.Lock() defer w.mu.Unlock() @@ -350,6 +279,7 @@ func (w *Watcher) WatchList() []string { // This should all be removed at some point, and just use windows.FILE_NOTIFY_* const ( sysFSALLEVENTS = 0xfff + sysFSATTRIB = 0x4 sysFSCREATE = 0x100 sysFSDELETE = 0x200 sysFSDELETESELF = 0x400 @@ -375,6 +305,9 @@ func (w *Watcher) newEvent(name string, mask uint32) Event { if mask&sysFSMOVE == sysFSMOVE || mask&sysFSMOVESELF == sysFSMOVESELF || mask&sysFSMOVEDFROM == sysFSMOVEDFROM { e.Op |= Rename } + if mask&sysFSATTRIB == sysFSATTRIB { + e.Op |= Chmod + } return e } @@ -388,11 +321,10 @@ const ( ) type input struct { - op int - path string - flags uint32 - bufsize int - reply chan error + op int + path string + flags uint32 + reply chan error } type inode struct { @@ -402,14 +334,13 @@ type inode struct { } type watch struct { - ov windows.Overlapped - ino *inode // i-number - recurse bool // Recursive watch? - path string // Directory path - mask uint64 // Directory itself is being watched with these notify flags - names map[string]uint64 // Map of names being watched and their notify flags - rename string // Remembers the old name while renaming a file - buf []byte // buffer, allocated later + ov windows.Overlapped + ino *inode // i-number + path string // Directory path + mask uint64 // Directory itself is being watched with these notify flags + names map[string]uint64 // Map of names being watched and their notify flags + rename string // Remembers the old name while renaming a file + buf [65536]byte // 64K buffer } type ( @@ -482,10 +413,7 @@ func (m watchMap) set(ino *inode, watch *watch) { } // Must run within the I/O thread. -func (w *Watcher) addWatch(pathname string, flags uint64, bufsize int) error { - //pathname, recurse := recursivePath(pathname) - recurse := false - +func (w *Watcher) addWatch(pathname string, flags uint64) error { dir, err := w.getDir(pathname) if err != nil { return err @@ -505,11 +433,9 @@ func (w *Watcher) addWatch(pathname string, flags uint64, bufsize int) error { return os.NewSyscallError("CreateIoCompletionPort", err) } watchEntry = &watch{ - ino: ino, - path: dir, - names: make(map[string]uint64), - recurse: recurse, - buf: make([]byte, bufsize), + ino: ino, + path: dir, + names: make(map[string]uint64), } w.mu.Lock() w.watches.set(ino, watchEntry) @@ -539,8 +465,6 @@ func (w *Watcher) addWatch(pathname string, flags uint64, bufsize int) error { // Must run within the I/O thread. func (w *Watcher) remWatch(pathname string) error { - pathname, recurse := recursivePath(pathname) - dir, err := w.getDir(pathname) if err != nil { return err @@ -554,10 +478,6 @@ func (w *Watcher) remWatch(pathname string) error { watch := w.watches.get(ino) w.mu.Unlock() - if recurse && !watch.recurse { - return fmt.Errorf("can't use \\... with non-recursive watch %q", pathname) - } - err = windows.CloseHandle(ino.handle) if err != nil { w.sendError(os.NewSyscallError("CloseHandle", err)) @@ -615,11 +535,8 @@ func (w *Watcher) startRead(watch *watch) error { return nil } - // We need to pass the array, rather than the slice. - hdr := (*reflect.SliceHeader)(unsafe.Pointer(&watch.buf)) - rdErr := windows.ReadDirectoryChanges(watch.ino.handle, - (*byte)(unsafe.Pointer(hdr.Data)), uint32(hdr.Len), - watch.recurse, mask, nil, &watch.ov, 0) + rdErr := windows.ReadDirectoryChanges(watch.ino.handle, &watch.buf[0], + uint32(unsafe.Sizeof(watch.buf)), false, mask, nil, &watch.ov, 0) if rdErr != nil { err := os.NewSyscallError("ReadDirectoryChanges", rdErr) if rdErr == windows.ERROR_ACCESS_DENIED && watch.mask&provisional == 0 { @@ -646,8 +563,9 @@ func (w *Watcher) readEvents() { runtime.LockOSThread() for { - // This error is handled after the watch == nil check below. qErr := windows.GetQueuedCompletionStatus(w.port, &n, &key, &ov, windows.INFINITE) + // This error is handled after the watch == nil check below. NOTE: this + // seems odd, note sure if it's correct. watch := (*watch)(unsafe.Pointer(ov)) if watch == nil { @@ -677,7 +595,7 @@ func (w *Watcher) readEvents() { case in := <-w.input: switch in.op { case opAddWatch: - in.reply <- w.addWatch(in.path, uint64(in.flags), in.bufsize) + in.reply <- w.addWatch(in.path, uint64(in.flags)) case opRemoveWatch: in.reply <- w.remWatch(in.path) } @@ -687,8 +605,6 @@ func (w *Watcher) readEvents() { } switch qErr { - case nil: - // No error case windows.ERROR_MORE_DATA: if watch == nil { w.sendError(errors.New("ERROR_MORE_DATA has unexpectedly null lpOverlapped buffer")) @@ -710,12 +626,13 @@ func (w *Watcher) readEvents() { default: w.sendError(os.NewSyscallError("GetQueuedCompletionPort", qErr)) continue + case nil: } var offset uint32 for { if n == 0 { - w.sendError(ErrEventOverflow) + w.sendError(errors.New("short read in readEvents()")) break } @@ -786,9 +703,8 @@ func (w *Watcher) readEvents() { // Error! if offset >= n { - //lint:ignore ST1005 Windows should be capitalized w.sendError(errors.New( - "Windows system assumed buffer larger than it is, events have likely been missed")) + "Windows system assumed buffer larger than it is, events have likely been missed.")) break } } @@ -804,6 +720,9 @@ func (w *Watcher) toWindowsFlags(mask uint64) uint32 { if mask&sysFSMODIFY != 0 { m |= windows.FILE_NOTIFY_CHANGE_LAST_WRITE } + if mask&sysFSATTRIB != 0 { + m |= windows.FILE_NOTIFY_CHANGE_ATTRIBUTES + } if mask&(sysFSMOVE|sysFSCREATE|sysFSDELETE) != 0 { m |= windows.FILE_NOTIFY_CHANGE_FILE_NAME | windows.FILE_NOTIFY_CHANGE_DIR_NAME } diff --git a/vendor/github.com/fsnotify/fsnotify/fsnotify.go b/vendor/github.com/fsnotify/fsnotify/fsnotify.go index 24c99cc4999e..30a5bf0f07a3 100644 --- a/vendor/github.com/fsnotify/fsnotify/fsnotify.go +++ b/vendor/github.com/fsnotify/fsnotify/fsnotify.go @@ -1,18 +1,13 @@ +//go:build !plan9 +// +build !plan9 + // Package fsnotify provides a cross-platform interface for file system // notifications. -// -// Currently supported systems: -// -// Linux 2.6.32+ via inotify -// BSD, macOS via kqueue -// Windows via ReadDirectoryChangesW -// illumos via FEN package fsnotify import ( "errors" "fmt" - "path/filepath" "strings" ) @@ -38,52 +33,34 @@ type Op uint32 // The operations fsnotify can trigger; see the documentation on [Watcher] for a // full description, and check them with [Event.Has]. const ( - // A new pathname was created. Create Op = 1 << iota - - // The pathname was written to; this does *not* mean the write has finished, - // and a write can be followed by more writes. Write - - // The path was removed; any watches on it will be removed. Some "remove" - // operations may trigger a Rename if the file is actually moved (for - // example "remove to trash" is often a rename). Remove - - // The path was renamed to something else; any watched on it will be - // removed. Rename - - // File attributes were changed. - // - // It's generally not recommended to take action on this event, as it may - // get triggered very frequently by some software. For example, Spotlight - // indexing on macOS, anti-virus software, backup software, etc. Chmod ) -// Common errors that can be reported. +// Common errors that can be reported by a watcher var ( - ErrNonExistentWatch = errors.New("fsnotify: can't remove non-existent watch") - ErrEventOverflow = errors.New("fsnotify: queue or buffer overflow") - ErrClosed = errors.New("fsnotify: watcher already closed") + ErrNonExistentWatch = errors.New("can't remove non-existent watcher") + ErrEventOverflow = errors.New("fsnotify queue overflow") ) -func (o Op) String() string { +func (op Op) String() string { var b strings.Builder - if o.Has(Create) { + if op.Has(Create) { b.WriteString("|CREATE") } - if o.Has(Remove) { + if op.Has(Remove) { b.WriteString("|REMOVE") } - if o.Has(Write) { + if op.Has(Write) { b.WriteString("|WRITE") } - if o.Has(Rename) { + if op.Has(Rename) { b.WriteString("|RENAME") } - if o.Has(Chmod) { + if op.Has(Chmod) { b.WriteString("|CHMOD") } if b.Len() == 0 { @@ -93,7 +70,7 @@ func (o Op) String() string { } // Has reports if this operation has the given operation. -func (o Op) Has(h Op) bool { return o&h != 0 } +func (o Op) Has(h Op) bool { return o&h == h } // Has reports if this event has the given operation. func (e Event) Has(op Op) bool { return e.Op.Has(op) } @@ -102,45 +79,3 @@ func (e Event) Has(op Op) bool { return e.Op.Has(op) } func (e Event) String() string { return fmt.Sprintf("%-13s %q", e.Op.String(), e.Name) } - -type ( - addOpt func(opt *withOpts) - withOpts struct { - bufsize int - } -) - -var defaultOpts = withOpts{ - bufsize: 65536, // 64K -} - -func getOptions(opts ...addOpt) withOpts { - with := defaultOpts - for _, o := range opts { - o(&with) - } - return with -} - -// WithBufferSize sets the [ReadDirectoryChangesW] buffer size. -// -// This only has effect on Windows systems, and is a no-op for other backends. -// -// The default value is 64K (65536 bytes) which is the highest value that works -// on all filesystems and should be enough for most applications, but if you -// have a large burst of events it may not be enough. You can increase it if -// you're hitting "queue or buffer overflow" errors ([ErrEventOverflow]). -// -// [ReadDirectoryChangesW]: https://learn.microsoft.com/en-gb/windows/win32/api/winbase/nf-winbase-readdirectorychangesw -func WithBufferSize(bytes int) addOpt { - return func(opt *withOpts) { opt.bufsize = bytes } -} - -// Check if this path is recursive (ends with "/..." or "\..."), and return the -// path with the /... stripped. -func recursivePath(path string) (string, bool) { - if filepath.Base(path) == "..." { - return filepath.Dir(path), true - } - return path, false -} diff --git a/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh b/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh index 99012ae6539e..b09ef7683409 100644 --- a/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh +++ b/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh @@ -2,8 +2,8 @@ [ "${ZSH_VERSION:-}" = "" ] && echo >&2 "Only works with zsh" && exit 1 setopt err_exit no_unset pipefail extended_glob -# Simple script to update the godoc comments on all watchers so you don't need -# to update the same comment 5 times. +# Simple script to update the godoc comments on all watchers. Probably took me +# more time to write this than doing it manually, but ah well 🙃 watcher=$(<>16)*10000 + g1582ns100) - default: // forward compatible - time := int64(binary.BigEndian.Uint32(uuid[0:4])) - time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32 - time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48 - t = Time(time) - } - return t + time := int64(binary.BigEndian.Uint32(uuid[0:4])) + time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32 + time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48 + return Time(time) } // ClockSequence returns the clock sequence encoded in uuid. diff --git a/vendor/github.com/google/uuid/uuid.go b/vendor/github.com/google/uuid/uuid.go index 5232b486780d..a56138cc4bd0 100644 --- a/vendor/github.com/google/uuid/uuid.go +++ b/vendor/github.com/google/uuid/uuid.go @@ -56,15 +56,11 @@ func IsInvalidLengthError(err error) bool { return ok } -// Parse decodes s into a UUID or returns an error if it cannot be parsed. Both -// the standard UUID forms defined in RFC 4122 -// (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and -// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx) are decoded. In addition, -// Parse accepts non-standard strings such as the raw hex encoding -// xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx and 38 byte "Microsoft style" encodings, -// e.g. {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}. Only the middle 36 bytes are -// examined in the latter case. Parse should not be used to validate strings as -// it parses non-standard encodings as indicated above. +// Parse decodes s into a UUID or returns an error. Both the standard UUID +// forms of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and +// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx are decoded as well as the +// Microsoft encoding {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} and the raw hex +// encoding: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. func Parse(s string) (UUID, error) { var uuid UUID switch len(s) { @@ -186,59 +182,6 @@ func Must(uuid UUID, err error) UUID { return uuid } -// Validate returns an error if s is not a properly formatted UUID in one of the following formats: -// xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -// xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -// {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} -// It returns an error if the format is invalid, otherwise nil. -func Validate(s string) error { - switch len(s) { - // Standard UUID format - case 36: - - // UUID with "urn:uuid:" prefix - case 36 + 9: - if !strings.EqualFold(s[:9], "urn:uuid:") { - return fmt.Errorf("invalid urn prefix: %q", s[:9]) - } - s = s[9:] - - // UUID enclosed in braces - case 36 + 2: - if s[0] != '{' || s[len(s)-1] != '}' { - return fmt.Errorf("invalid bracketed UUID format") - } - s = s[1 : len(s)-1] - - // UUID without hyphens - case 32: - for i := 0; i < len(s); i += 2 { - _, ok := xtob(s[i], s[i+1]) - if !ok { - return errors.New("invalid UUID format") - } - } - - default: - return invalidLengthError{len(s)} - } - - // Check for standard UUID format - if len(s) == 36 { - if s[8] != '-' || s[13] != '-' || s[18] != '-' || s[23] != '-' { - return errors.New("invalid UUID format") - } - for _, x := range []int{0, 2, 4, 6, 9, 11, 14, 16, 19, 21, 24, 26, 28, 30, 32, 34} { - if _, ok := xtob(s[x], s[x+1]); !ok { - return errors.New("invalid UUID format") - } - } - } - - return nil -} - // String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx // , or "" if uuid is invalid. func (uuid UUID) String() string { @@ -351,15 +294,3 @@ func DisableRandPool() { poolMu.Lock() poolPos = randPoolSize } - -// UUIDs is a slice of UUID types. -type UUIDs []UUID - -// Strings returns a string slice containing the string form of each UUID in uuids. -func (uuids UUIDs) Strings() []string { - var uuidStrs = make([]string, len(uuids)) - for i, uuid := range uuids { - uuidStrs[i] = uuid.String() - } - return uuidStrs -} diff --git a/vendor/github.com/google/uuid/version6.go b/vendor/github.com/google/uuid/version6.go deleted file mode 100644 index 339a959a7a26..000000000000 --- a/vendor/github.com/google/uuid/version6.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2023 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import "encoding/binary" - -// UUID version 6 is a field-compatible version of UUIDv1, reordered for improved DB locality. -// It is expected that UUIDv6 will primarily be used in contexts where there are existing v1 UUIDs. -// Systems that do not involve legacy UUIDv1 SHOULD consider using UUIDv7 instead. -// -// see https://datatracker.ietf.org/doc/html/draft-peabody-dispatch-new-uuid-format-03#uuidv6 -// -// NewV6 returns a Version 6 UUID based on the current NodeID and clock -// sequence, and the current time. If the NodeID has not been set by SetNodeID -// or SetNodeInterface then it will be set automatically. If the NodeID cannot -// be set NewV6 set NodeID is random bits automatically . If clock sequence has not been set by -// SetClockSequence then it will be set automatically. If GetTime fails to -// return the current NewV6 returns Nil and an error. -func NewV6() (UUID, error) { - var uuid UUID - now, seq, err := GetTime() - if err != nil { - return uuid, err - } - - /* - 0 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | time_high | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | time_mid | time_low_and_version | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - |clk_seq_hi_res | clk_seq_low | node (0-1) | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | node (2-5) | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ - - binary.BigEndian.PutUint64(uuid[0:], uint64(now)) - binary.BigEndian.PutUint16(uuid[8:], seq) - - uuid[6] = 0x60 | (uuid[6] & 0x0F) - uuid[8] = 0x80 | (uuid[8] & 0x3F) - - nodeMu.Lock() - if nodeID == zeroID { - setNodeInterface("") - } - copy(uuid[10:], nodeID[:]) - nodeMu.Unlock() - - return uuid, nil -} diff --git a/vendor/github.com/google/uuid/version7.go b/vendor/github.com/google/uuid/version7.go deleted file mode 100644 index ba9dd5eb689b..000000000000 --- a/vendor/github.com/google/uuid/version7.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright 2023 Google Inc. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package uuid - -import ( - "io" -) - -// UUID version 7 features a time-ordered value field derived from the widely -// implemented and well known Unix Epoch timestamp source, -// the number of milliseconds seconds since midnight 1 Jan 1970 UTC, leap seconds excluded. -// As well as improved entropy characteristics over versions 1 or 6. -// -// see https://datatracker.ietf.org/doc/html/draft-peabody-dispatch-new-uuid-format-03#name-uuid-version-7 -// -// Implementations SHOULD utilize UUID version 7 over UUID version 1 and 6 if possible. -// -// NewV7 returns a Version 7 UUID based on the current time(Unix Epoch). -// Uses the randomness pool if it was enabled with EnableRandPool. -// On error, NewV7 returns Nil and an error -func NewV7() (UUID, error) { - uuid, err := NewRandom() - if err != nil { - return uuid, err - } - makeV7(uuid[:]) - return uuid, nil -} - -// NewV7FromReader returns a Version 7 UUID based on the current time(Unix Epoch). -// it use NewRandomFromReader fill random bits. -// On error, NewV7FromReader returns Nil and an error. -func NewV7FromReader(r io.Reader) (UUID, error) { - uuid, err := NewRandomFromReader(r) - if err != nil { - return uuid, err - } - - makeV7(uuid[:]) - return uuid, nil -} - -// makeV7 fill 48 bits time (uuid[0] - uuid[5]), set version b0111 (uuid[6]) -// uuid[8] already has the right version number (Variant is 10) -// see function NewV7 and NewV7FromReader -func makeV7(uuid []byte) { - /* - 0 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | unix_ts_ms | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | unix_ts_ms | ver | rand_a | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - |var| rand_b | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | rand_b | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ - _ = uuid[15] // bounds check - - t := timeNow().UnixMilli() - - uuid[0] = byte(t >> 40) - uuid[1] = byte(t >> 32) - uuid[2] = byte(t >> 24) - uuid[3] = byte(t >> 16) - uuid[4] = byte(t >> 8) - uuid[5] = byte(t) - - uuid[6] = 0x70 | (uuid[6] & 0x0F) - // uuid[8] has already has right version -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 218beedd676f..64f6a1eb2d31 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -23,7 +23,7 @@ github.com/Microsoft/go-winio/pkg/fs github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/pkg/security github.com/Microsoft/go-winio/vhd -# github.com/Microsoft/hcsshim v0.12.0-rc.1 +# github.com/Microsoft/hcsshim v0.12.0-rc.2 ## explicit; go 1.18 github.com/Microsoft/hcsshim github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options @@ -56,15 +56,17 @@ github.com/Microsoft/hcsshim/internal/runhcs github.com/Microsoft/hcsshim/internal/safefile github.com/Microsoft/hcsshim/internal/security github.com/Microsoft/hcsshim/internal/timeout +github.com/Microsoft/hcsshim/internal/vhdx github.com/Microsoft/hcsshim/internal/vmcompute github.com/Microsoft/hcsshim/internal/wclayer +github.com/Microsoft/hcsshim/internal/wclayer/cim github.com/Microsoft/hcsshim/internal/winapi github.com/Microsoft/hcsshim/osversion +github.com/Microsoft/hcsshim/pkg/cimfs +github.com/Microsoft/hcsshim/pkg/cimfs/format github.com/Microsoft/hcsshim/pkg/go-runhcs github.com/Microsoft/hcsshim/pkg/ociwclayer -# github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3 -## explicit; go 1.13 -github.com/Microsoft/hcsshim/test/functional/manifest +github.com/Microsoft/hcsshim/pkg/ociwclayer/cim # github.com/beorn7/perks v1.0.1 ## explicit; go 1.11 github.com/beorn7/perks/quantile @@ -199,8 +201,8 @@ github.com/emicklei/go-restful/v3/log # github.com/felixge/httpsnoop v1.0.3 ## explicit; go 1.13 github.com/felixge/httpsnoop -# github.com/fsnotify/fsnotify v1.7.0 -## explicit; go 1.17 +# github.com/fsnotify/fsnotify v1.6.0 +## explicit; go 1.16 github.com/fsnotify/fsnotify # github.com/go-logr/logr v1.3.0 ## explicit; go 1.18 @@ -240,7 +242,7 @@ github.com/google/go-cmp/cmp/internal/value ## explicit; go 1.12 github.com/google/gofuzz github.com/google/gofuzz/bytesource -# github.com/google/uuid v1.5.0 +# github.com/google/uuid v1.3.1 ## explicit github.com/google/uuid # github.com/grpc-ecosystem/go-grpc-middleware v1.4.0