Bump github.com/containers/common from 0.15.2 to 0.16.0

Bumps [github.com/containers/common](https://github.com/containers/common) from 0.15.2 to 0.16.0. - [Release notes](https://github.com/containers/common/releases) - [Commits](https://github.com/containers/common/compare/v0.15.2...v0.16.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2024-10-19 00:34:18 +00:00 · 2020-07-16 13:11:10 -04:00 · 2020-07-16 13:11:10 -04:00 · fb6d9a84c5
parent f4766e01e3
commit fb6d9a84c5
9 changed files with 114 additions and 23 deletions
--- a/go.mod
+++ b/go.mod
@ -11,7 +11,7 @@ require (
 	github.com/containernetworking/cni v0.7.2-0.20200304161608-4fae32b84921
 	github.com/containernetworking/plugins v0.8.6
 	github.com/containers/buildah v1.15.1-0.20200708111410-d2ea9429455d
-	github.com/containers/common v0.15.2
+	github.com/containers/common v0.16.0
 	github.com/containers/conmon v2.0.19+incompatible
 	github.com/containers/image/v5 v5.5.1
 	github.com/containers/psgo v1.5.1
--- a/go.sum
+++ b/go.sum
@ -72,8 +72,9 @@ github.com/containernetworking/plugins v0.8.6 h1:npZTLiMa4CRn6m5P9+1Dz4O1j0UeFbm
 github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM=
 github.com/containers/buildah v1.15.1-0.20200708111410-d2ea9429455d h1:HgJJn1UBFjM464NpEmgLwVje5vSF/fBYAdLLoww9HgU=
 github.com/containers/buildah v1.15.1-0.20200708111410-d2ea9429455d/go.mod h1:HUAiD1mCGPFPcIuk5zls1LElLhXo7Q3hWDwheojjyAs=
-github.com/containers/common v0.15.2 h1:KNNnSxeWRlghZPTVu07pjMWCRKvDObWykglf4ZFVDVI=
 github.com/containers/common v0.15.2/go.mod h1:rhpXuGLTEKsk/xX/x0iKGHjRadMHpBd2ZiNDugwXPEM=
+github.com/containers/common v0.16.0 h1:zAxDJ2tA2wBEjXwV/+ddC8s1f3MfqulH3waSjKxlX3o=
+github.com/containers/common v0.16.0/go.mod h1:siKqOA03Bhh7Ss2m7fCsbVvbjwaNqrI+gZtC9FUp+DI=
 github.com/containers/conmon v2.0.19+incompatible h1:1bDVRvHy2MUNTUT/SW6LlHsJHQBTSwXvnKNdcB/a1vQ=
 github.com/containers/conmon v2.0.19+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/image/v5 v5.5.1 h1:h1FCOXH6Ux9/p/E4rndsQOC4yAdRU0msRTfLVeQ7FDQ=
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@ -165,9 +165,12 @@ type ContainersConfig struct {
 	// ShmSize holds the size of /dev/shm.
 	ShmSize string `toml:"shm_size,omitempty"`

-	//TZ sets the timezone inside the container
+	// TZ sets the timezone inside the container
 	TZ string `toml:"tz,omitempty"`

+	// Umask is the umask inside the container.
+	Umask string `toml:"umask,omitempty"`
+
 	// UTSNS indicates how to create a UTS namespace for the container
 	UTSNS string `toml:"utsns,omitempty"`

@ -198,7 +201,7 @@ type EngineConfig struct {
 	// The first path pointing to a valid file will be used.
 	ConmonPath []string `toml:"conmon_path,omitempty"`

-	//DetachKeys is the sequence of keys used to detach a container.
+	// DetachKeys is the sequence of keys used to detach a container.
 	DetachKeys string `toml:"detach_keys,omitempty"`

 	// EnablePortReservation determines whether engine will reserve ports on the
@ -272,12 +275,20 @@ type EngineConfig struct {
 	// Indicates whether the application should be running in Remote mode
 	Remote bool `toml:"-"`

+	// RemoteURI is deprecated, see ActiveService
 	// RemoteURI containers connection information used to connect to remote system.
 	RemoteURI string `toml:"remote_uri,omitempty"`

-	// Identity key file for RemoteURI
+	// RemoteIdentity is deprecated, ServiceDestinations
+	// RemoteIdentity key file for RemoteURI
 	RemoteIdentity string `toml:"remote_identity,omitempty"`

+	// ActiveService index to Destinations added v2.0.3
+	ActiveService string `toml:"active_service,omitempty"`
+
+	// Destinations mapped by service Names
+	ServiceDestinations map[string]Destination `toml:"service_destinations,omitempty"`
+
 	// RuntimePath is the path to OCI runtime binary for launching containers.
 	// The first path pointing to a valid file will be used This is used only
 	// when there are no OCIRuntime/OCIRuntimes defined.  It is used only to be
@ -393,6 +404,15 @@ type NetworkConfig struct {
 	NetworkConfigDir string `toml:"network_config_dir,omitempty"`
 }

+// Destination represents destination for remote service
+type Destination struct {
+	// URI, required. Example: ssh://root@example.com:22/run/podman/podman.sock
+	URI string `toml:"uri"`
+
+	// Identity file with ssh key, optional
+	Identity string `toml:"identity,omitempty"`
+}
+
 // NewConfig creates a new Config. It starts with an empty config and, if
 // specified, merges the config at `userConfigPath` path.  Depending if we're
 // running as root or rootless, we then merge the system configuration followed
@ -582,6 +602,10 @@ func (c *ContainersConfig) Validate() error {
 		return err
 	}

+	if err := c.validateUmask(); err != nil {
+		return err
+	}
+
 	if c.LogSizeMax >= 0 && c.LogSizeMax < OCIBufSize {
 		return fmt.Errorf("log size max should be negative or >= %d", OCIBufSize)
 	}
@ -828,9 +852,9 @@ func stringsEq(a, b []string) bool {
 }

 var (
-	configOnce sync.Once
-	configErr  error
-	config     *Config
+	configErr   error
+	configMutex sync.Mutex
+	config      *Config
 )

 // Default returns the default container config.
@ -845,9 +869,12 @@ var (
 // The system defaults container config files can be overwritten using the
 // CONTAINERS_CONF environment variable.  This is usually done for testing.
 func Default() (*Config, error) {
-	configOnce.Do(func() {
-		config, configErr = NewConfig("")
-	})
+	configMutex.Lock()
+	defer configMutex.Unlock()
+	if config != nil || configErr != nil {
+		return config, configErr
+	}
+	config, configErr = NewConfig("")
 	return config, configErr
 }

@ -879,8 +906,8 @@ func customConfigFile() (string, error) {
 	return OverrideContainersConfig, nil
 }

-//ReadCustomConfig reads the custom config and only generates a config based on it
-//If the custom config file does not exists, function will return an empty config
+// ReadCustomConfig reads the custom config and only generates a config based on it
+// If the custom config file does not exists, function will return an empty config
 func ReadCustomConfig() (*Config, error) {
 	path, err := customConfigFile()
 	if err != nil {
@ -936,3 +963,36 @@ func (c *Config) Write() error {
 	}
 	return nil
 }
+
+// Reload clean the cached config and reloads the configuration from containers.conf files
+// This function is meant to be used for long-running processes that need to reload potential changes made to
+// the cached containers.conf files.
+func Reload() (*Config, error) {
+	configMutex.Lock()
+	configErr = nil
+	config = nil
+	configMutex.Unlock()
+	return Default()
+}
+
+func (c *Config) ActiveDestination() (string, string, error){
+	if uri, found := os.LookupEnv("CONTAINER_HOST"); found {
+		var ident string
+		if v, found := os.LookupEnv("CONTAINER_SSHKEY"); found {
+			ident = v
+		}
+		return uri, ident, nil
+	}
+
+	switch {
+	case c.Engine.ActiveService != "":
+		d, found := c.Engine.ServiceDestinations[c.Engine.ActiveService]
+		if !found {
+			return "", "", errors.Errorf("%q service destination not found", c.Engine.ActiveService)
+		}
+		return d.URI, d.Identity, nil
+	case c.Engine.RemoteURI != "":
+		return c.Engine.RemoteURI, c.Engine.RemoteIdentity, nil
+	}
+	return "", "", errors.New("no service destination configured")
+}
--- a/vendor/github.com/containers/common/pkg/config/config_local.go
+++ b/vendor/github.com/containers/common/pkg/config/config_local.go
@ -6,6 +6,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"regexp"
 	"syscall"

 	units "github.com/docker/go-units"
@ -88,6 +89,14 @@ func (c *ContainersConfig) validateTZ() error {
 	return nil
 }

+func (c *ContainersConfig) validateUmask() error {
+	validUmask := regexp.MustCompile(`^[0-7]{1,4}$`)
+	if !validUmask.MatchString(c.Umask) {
+		return fmt.Errorf("Not a valid Umask %s", c.Umask)
+	}
+	return nil
+}
+
 func isRemote() bool {
 	return false
 }
--- a/vendor/github.com/containers/common/pkg/config/config_remote.go
+++ b/vendor/github.com/containers/common/pkg/config/config_remote.go
@ -27,3 +27,7 @@ func (c *ContainersConfig) validateUlimits() error {
 func (c *ContainersConfig) validateTZ() error {
 	return nil
 }
+
+func (c *ContainersConfig) validateUmask() error {
+	return nil
+}
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@ -210,6 +210,10 @@
 #
 # tz = ""

+# Set umask inside the container
+#
+# umask="0022"
+
 # Default way to to create a UTS namespace for the container
 # Options are:
 # `private`        Create private UTS Namespace for the container.
@ -340,14 +344,6 @@
 # Whether to pull new image before running a container
 # pull_policy = "missing"

-# Default Remote URI to access the Podman service.
-# Examples:
-#  rootless "unix://run/user/$UID/podman/podman.sock" (Default)
-#  rootfull "unix://run/podman/podman.sock.(Default)
-#  remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
-#  remote rootfull ssh://root@10.10.1.136:22/run/podman/podman.sock
-# remote_uri= ""
-
 # Directory for persistent engine files (database, etc)
 # By default, this will be configured relative to where the containers/storage
 # stores containers
@ -386,6 +382,22 @@
 # Number of seconds to wait for container to exit before sending kill signal.
 # stop_timeout = 10

+# Index to the active service
+# active_service = production
+
+# map of service destinations
+# [service_destinations]
+#   [service_destinations.production]
+#     URI to access the Podman service
+#     Examples:
+#       rootless "unix://run/user/$UID/podman/podman.sock" (Default)
+#       rootfull "unix://run/podman/podman.sock (Default)
+#       remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
+#       remote rootfull ssh://root@10.10.1.136:22/run/podman/podman.sock
+#     uri="ssh://user@production.example.com/run/user/1001/podman/podman.sock"
+#     Path to file containing ssh identity key
+#     identity = "~/.ssh/id_rsa"
+
 # Paths to look for a valid OCI runtime (runc, runv, kata, etc)
 [engine.runtimes]
 # runc = [
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@ -191,6 +191,7 @@ func DefaultConfig() (*Config, error) {
 			SeccompProfile: SeccompDefaultPath,
 			ShmSize:        DefaultShmSize,
 			TZ:             "",
+			Umask:          "0022",
 			UTSNS:          "private",
 			UserNS:         "host",
 			UserNSSize:     DefaultUserNSSize,
@ -504,3 +505,7 @@ func (c *Config) DetachKeys() string {
 func (c *Config) TZ() string {
 	return c.Containers.TZ
 }
+
+func (c *Config) Umask() string {
+	return c.Containers.Umask
+}
--- a/vendor/github.com/containers/common/version/version.go
+++ b/vendor/github.com/containers/common/version/version.go
@ -1,4 +1,4 @@
 package version

 // Version is the version of the build.
-const Version = "0.15.2"
+const Version = "0.16.0"
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -84,7 +84,7 @@ github.com/containers/buildah/pkg/secrets
 github.com/containers/buildah/pkg/supplemented
 github.com/containers/buildah/pkg/umask
 github.com/containers/buildah/util
-# github.com/containers/common v0.15.2
+# github.com/containers/common v0.16.0
 github.com/containers/common/pkg/apparmor
 github.com/containers/common/pkg/auth
 github.com/containers/common/pkg/capabilities