These comments were added to enforce using the correct import path for
our packages ("github.com/docker/docker", not "github.com/moby/moby").
However, when working in go module mode (not GOPATH / vendor), they have
no effect, so their impact is limited.
Remove these imports in preparation of migrating our code to become an
actual go module.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
I noticed that the only reason we kept this was so that we could produce
a more targeted error for the deprecated storage-driver plugins, but it's
very unlikely someone used those, and if they did, we already had the
"DOCKERD_DEPRECATED_GRAPHDRIVER_PLUGINS" added as requirement. Let's
just produce an error if that option is set (and remove that altogether in
a later release, but just that check doesn't add significant complexity).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
layer/layer_store.go:524:4: naked return in func `CreateRWLayer` with 72 lines of code (nakedret)
return
^
layer/layer_store.go:534:3: naked return in func `CreateRWLayer` with 72 lines of code (nakedret)
return
^
layer/layer_store.go:537:3: naked return in func `CreateRWLayer` with 72 lines of code (nakedret)
return
^
layer/migration.go:19:3: naked return in func `ChecksumForGraphID` with 28 lines of code (nakedret)
return
^
layer/migration.go:25:3: naked return in func `ChecksumForGraphID` with 28 lines of code (nakedret)
return
^
layer/migration.go:36:3: naked return in func `ChecksumForGraphID` with 28 lines of code (nakedret)
return
^
layer/migration.go:40:3: naked return in func `ChecksumForGraphID` with 28 lines of code (nakedret)
return
^
layer/migration.go:43:2: naked return in func `ChecksumForGraphID` with 28 lines of code (nakedret)
return
^
layer/ro_layer.go:176:2: naked return in func `Read` with 13 lines of code (nakedret)
return
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The debug log was slightly confusing, as it seemed the cleaning up failed,
but the log was intended to inform that cleaning up was started because
of an error.
Before this patch:
DEBU[2025-01-18T12:29:52.717452919Z] Cleaning up layer 472e3e532da3945040a6224ba36d2befcfe250aeb53536868d23e5f617e34226: exit status 1: unpigz: skipping: <stdin>: corrupted -- incomplete deflate data
With this patch:
DEBU[2025-01-18T13:01:45.307983471Z] Cleaning up cache layer after error cache-id=c4d9f38bdf6d8fcb69bd130b89d34d1511b42f3644fc49c91e253eda648bd37a error="exit status 1: unpigz: skipping: <stdin>: corrupted -- incomplete deflate data\n"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
layer/ro_layer.go:167:6: shadow: declaration of "n" shadows declaration at line 164 (govet)
if n, err := vrc.verifier.Write(p[:n]); err != nil {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Commit e1ea911aba removed the error return from
.Size() and .DiffSize(), but forgot to remove this error-check.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This looks to be a false positive;
layer/layer.go:202:47: G602: slice index out of range (gosec)
return createChainIDFromParent(ChainID(dgsts[0]), dgsts[1:]...)
^
layer/layer.go:205:69: G602: slice index out of range (gosec)
dgst := digest.FromBytes([]byte(string(parent) + " " + string(dgsts[0])))
^
layer/layer.go:206:53: G602: slice bounds out of range (gosec)
return createChainIDFromParent(ChainID(dgst), dgsts[1:]...)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Replace the regexp checking ID validity with a function. The benefits
are:
- function is faster (up to 10x faster with less allocations);
- no init overhead to compile the regexp;
Add a test case.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Capabilities were implemented in aa96c3176b,
as part of work on an external graphdriver-plugin. Given that none of
the builtin graphdrivers use this option, and support for graphdriver-
plugins has been removed in 555dac5e14,
we can remove this functionality.
This patch:
- removes the CapabilityDriver interface, which has no implementations
- removes the Capabilities type
- layer: remove layerStore.useTarSplit. This field was previously set
through the driver's Capabilities, but always enabled for the builtin
graphdrivers,
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The exported function was only used in tests, and identical in use when
using New with a name provided. Deprecate it, and remove the uses of it
in our (integration-)tests.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This is a follow-up to 6da604aa6a, which
deprecated external graphdriver plugins.
This patch removes the functionality; some warnings / errors are kept in
place, but can be removed in a follow-up release.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The only use is in `builder/builder-next/adapters/snapshot.EnsureLayer()`,
which always calls the function with an _empty_ `oldTarDataPath`;
7082aecd54/builder/builder-next/adapters/snapshot/layer.go (L81)
When called with an empty `oldTarDataPath`, this function was an alias for
`checksumForGraphIDNoTarsplit`, so let's make it that.
Note that this code was added in 500e77bad0, as
part of the migration from "v1" images to "v2" (content-addressable) images.
Given that the remaining code lives in a "migration" file, possibly more code
can be removed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The github.com/containerd/containerd/log package was moved to a separate
module, which will also be used by upcoming (patch) releases of containerd.
This patch moves our own uses of the package to use the new module.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When reading through some bug reports, I noticed that the error-message for
unsupported storage drivers is not very informative, as it does not include
the actual storage driver. Some of these errors are used as sentinel errors
internally, so improving the error returned by graphdriver.New() may need
some additional work, but this patch makes a start by including the name
of the graphdriver (if set) in the error-message.
Before this patch:
dockerd --storage-driver=foobar
...
failed to start daemon: error initializing graphdriver: driver not supported
With this patch:
dockerd --storage-driver=foobar
...
failed to start daemon: error initializing graphdriver: driver not supported: foobar
It's worth noting that there may be code "in the wild" that perform string-
matching on this error (e.g. [balena][1]), which is why I included the name as a separate "component"
in the output, to allow matching parts of the error.
[1]: 3d5c77a466/lib/preload.ts (L34-L35)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The image store's used are an interface, so there's no guarantee
that implementations don't wrap the errors. Make sure to catch
such cases by using errors.Is.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This `err` is special (as described at the top of the function), but due
to its name is easy to overlook, which risks the chance of inadvertently
shadowing it.
This patch renames the variable to reduce the chance of this happening.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Both of these were deprecated in 55f675811a,
but the format of the GoDoc comments didn't follow the correct format, which
caused them not being picked up by tools as "deprecated".
This patch updates uses in the codebase to use the alternatives.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
runconfig/config_test.go:23:46: empty-lines: extra empty line at the start of a block (revive)
runconfig/config_test.go:75:55: empty-lines: extra empty line at the start of a block (revive)
oci/devices_linux.go:57:34: empty-lines: extra empty line at the start of a block (revive)
oci/devices_linux.go:60:69: empty-lines: extra empty line at the start of a block (revive)
image/fs_test.go:53:38: empty-lines: extra empty line at the end of a block (revive)
image/tarexport/save.go:88:29: empty-lines: extra empty line at the end of a block (revive)
layer/layer_unix_test.go:21:34: empty-lines: extra empty line at the end of a block (revive)
distribution/xfer/download.go:302:9: empty-lines: extra empty line at the end of a block (revive)
distribution/manifest_test.go:154:99: empty-lines: extra empty line at the end of a block (revive)
distribution/manifest_test.go:329:52: empty-lines: extra empty line at the end of a block (revive)
distribution/manifest_test.go:354:59: empty-lines: extra empty line at the end of a block (revive)
registry/config_test.go:323:42: empty-lines: extra empty line at the end of a block (revive)
registry/config_test.go:350:33: empty-lines: extra empty line at the end of a block (revive)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The Driver abstraction was needed for Linux Containers on Windows,
support for which has since been removed.
There is no direct equivalent to Lchmod() in the standard library so
continue to use the containerd/continuity version.
Signed-off-by: Cory Snider <csnider@mirantis.com>
Improve consistency for the logs, and remove a redundant log:
time="2022-06-07T15:37:24.418470152Z" level=debug msg="found 0 orphan layers"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Finish the refactor which was partially completed with commit
34536c498d, passing around IdentityMapping structs instead of pairs of
[]IDMap slices.
Existing code which uses []IDMap relies on zero-valued fields to be
valid, empty mappings. So in order to successfully finish the
refactoring without introducing bugs, their replacement therefore also
needs to have a useful zero value which represents an empty mapping.
Change IdentityMapping to be a pass-by-value type so that there are no
nil pointers to worry about.
The functionality provided by the deprecated NewIDMappingsFromMaps
function is required by unit tests to to construct arbitrary
IdentityMapping values. And the daemon will always need to access the
mappings to pass them to the Linux kernel. Accommodate these use cases
by exporting the struct fields instead. BuildKit currently depends on
the UIDs and GIDs methods so we cannot get rid of them yet.
Signed-off-by: Cory Snider <csnider@mirantis.com>
This removes the `setOS()` / `getOS()` functions from the layer store, which were
added in fc21bf280b and 0380fbff37
in support of LCOW.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
I think this was there for historic reasons (may have been goimports expected
this, and we used to have a linter that wanted it), but it's not needed, so
let's remove it (to make my IDE less complaining about unneeded aliases).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was abstracting things a bit too much; the layerStore had a
exported `.Get()` which called `.getWithoutLock()`, but also a non-exported
`.get()`, which also called `.getWithoutLock()`.
While it's common to have a non-exported variant (without locking), the naming
of `.get()` could easily be confused for that variant (which it wasn't).
All locations where `.get()` was called were already handling locks for
`releaseLayer()`, so moving the actual locking inline for `.get()` makes it
more visible where locking happens.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This was added in commits fc21bf280b and
0380fbff37 in support of LCOW, but was
now always set to runtime.GOOS.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
None of the implementations used return an error, so removing the error
return can simplify using these.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
