Merge pull request #383 from thaJeztah/19.03_backport_test_fixes_2
[19.03 backport] Testing and Jenkinsfile changes [step 2]
diff --git a/Dockerfile b/Dockerfile
index edd41b1..f6e38ca 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,7 @@
#
ARG CROSS="false"
-ARG GO_VERSION=1.12.9
+ARG GO_VERSION=1.12.10
ARG DEBIAN_FRONTEND=noninteractive
FROM golang:${GO_VERSION}-stretch AS base
diff --git a/Dockerfile.e2e b/Dockerfile.e2e
index 4476516..639e62a 100644
--- a/Dockerfile.e2e
+++ b/Dockerfile.e2e
@@ -1,4 +1,4 @@
-ARG GO_VERSION=1.12.9
+ARG GO_VERSION=1.12.10
FROM golang:${GO_VERSION}-alpine AS base
diff --git a/Dockerfile.simple b/Dockerfile.simple
index 3ecccd8..7987dec 100644
--- a/Dockerfile.simple
+++ b/Dockerfile.simple
@@ -5,7 +5,7 @@
# This represents the bare minimum required to build and test Docker.
-ARG GO_VERSION=1.12.9
+ARG GO_VERSION=1.12.10
FROM golang:${GO_VERSION}-stretch
diff --git a/Dockerfile.windows b/Dockerfile.windows
index 363c0e1..3605f4f 100644
--- a/Dockerfile.windows
+++ b/Dockerfile.windows
@@ -165,7 +165,7 @@
# Use PowerShell as the default shell
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-ARG GO_VERSION=1.12.9
+ARG GO_VERSION=1.12.10
# Environment variable notes:
# - GO_VERSION must be consistent with 'Dockerfile' used by Linux.
diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer
index c5d2704..1c301d2 100755
--- a/hack/dockerfile/install/containerd.installer
+++ b/hack/dockerfile/install/containerd.installer
@@ -4,7 +4,7 @@
# containerd is also pinned in vendor.conf. When updating the binary
# version you may also need to update the vendor version to pick up bug
# fixes or new APIs.
-CONTAINERD_COMMIT=d50db0a42053864a270f648048f9a8b4f24eced3 # v1.2.9
+CONTAINERD_COMMIT=b34a5c8af56e510852c35414db4c1f4fa6172339 # v1.2.10
install_containerd() {
echo "Install containerd version $CONTAINERD_COMMIT"
diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer
index dd9950f..3677dd5 100755
--- a/hack/dockerfile/install/runc.installer
+++ b/hack/dockerfile/install/runc.installer
@@ -4,7 +4,7 @@
# The version of runc should match the version that is used by the containerd
# version that is used. If you need to update runc, open a pull request in
# the containerd project first, and update both after that is merged.
-RUNC_COMMIT=425e105d5a03fabd737a126ad93d62a9eeede87f # v1.0.0-rc8
+RUNC_COMMIT=3e425f80a8c931f88e6d94a8c831b9d5aa481657 # v1.0.0-rc8-92-g84373aaa
install_runc() {
# If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting
diff --git a/pkg/namesgenerator/names-generator.go b/pkg/namesgenerator/names-generator.go
index 05eac68..a6447a0 100644
--- a/pkg/namesgenerator/names-generator.go
+++ b/pkg/namesgenerator/names-generator.go
@@ -588,9 +588,6 @@
// Johanna Mestorf - German prehistoric archaeologist and first female museum director in Germany - https://en.wikipedia.org/wiki/Johanna_Mestorf
"mestorf",
- // Marvin Minsky - Pioneer in Artificial Intelligence, co-founder of the MIT's AI Lab, won the Turing Award in 1969. https://en.wikipedia.org/wiki/Marvin_Minsky
- "minsky",
-
// Maryam Mirzakhani - an Iranian mathematician and the first woman to win the Fields Medal. https://en.wikipedia.org/wiki/Maryam_Mirzakhani
"mirzakhani",
@@ -738,9 +735,6 @@
// Frances Spence - one of the original programmers of the ENIAC. https://en.wikipedia.org/wiki/ENIAC - https://en.wikipedia.org/wiki/Frances_Spence
"spence",
- // Richard Matthew Stallman - the founder of the Free Software movement, the GNU project, the Free Software Foundation, and the League for Programming Freedom. He also invented the concept of copyleft to protect the ideals of this movement, and enshrined this concept in the widely-used GPL (General Public License) for software. https://en.wikiquote.org/wiki/Richard_Stallman
- "stallman",
-
// Michael Stonebraker is a database research pioneer and architect of Ingres, Postgres, VoltDB and SciDB. Winner of 2014 ACM Turing Award. https://en.wikipedia.org/wiki/Michael_Stonebraker
"stonebraker",
diff --git a/vendor.conf b/vendor.conf
index 4d97ff5..3538f85 100644
--- a/vendor.conf
+++ b/vendor.conf
@@ -19,6 +19,7 @@
golang.org/x/text f21a4dfb5e38f5895301dc265a8def02365cc3d0 # v0.3.0
gotest.tools 1083505acf35a0bd8a696b26837e1fb3187a7a83 # v2.3.0
github.com/google/go-cmp 3af367b6b30c263d47e8895973edcca9a49cf029 # v0.2.0
+github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
github.com/RackSec/srslog a4725f04ec91af1a91b380da679d6e0c2f061e59
github.com/imdario/mergo 7c29201646fa3de8506f701213473dd407f19646 # v0.3.7
@@ -79,16 +80,14 @@
# the containerd project first, and update both after that is merged.
# This commit does not need to match RUNC_COMMIT as it is used for helper
# packages but should be newer or equal.
-github.com/opencontainers/runc 425e105d5a03fabd737a126ad93d62a9eeede87f # v1.0.0-rc8
+github.com/opencontainers/runc 3e425f80a8c931f88e6d94a8c831b9d5aa481657 # v1.0.0-rc8-92-g84373aaa
github.com/opencontainers/runtime-spec 29686dbc5559d93fb1ef402eeda3e35c38d75af4 # v1.0.1-59-g29686db
github.com/opencontainers/image-spec d60099175f88c47cd379c4738d158884749ed235 # v1.0.1
github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0
-# libcontainer deps (see src/github.com/opencontainers/runc/Godeps/Godeps.json)
+# systemd integration (journald, daemon/listeners, containerd/cgroups)
github.com/coreos/go-systemd 39ca1b05acc7ad1220e09f133283b8859a8b71ab # v17
github.com/godbus/dbus 5f6efc7ef2759c81b7ba876593971bfce311eab3 # v4.0.0
-github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
-github.com/golang/protobuf aa810b61a9c79d51363740d207bb46cf8e620ed5 # v1.2.0
# gelf logging driver deps
github.com/Graylog2/go-gelf 4143646226541087117ff2f83334ea48b3201841
@@ -131,6 +130,7 @@
# cluster
github.com/docker/swarmkit bbe341867eae1615faf8a702ec05bfe986e73e06 # bump_v19.03 branch
github.com/gogo/protobuf ba06b47c162d49f2af050fb4c75bcbc86a159d5c # v1.2.1
+github.com/golang/protobuf aa810b61a9c79d51363740d207bb46cf8e620ed5 # v1.2.0
github.com/cloudflare/cfssl 5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2
github.com/fernet/fernet-go 1b2437bc582b3cfbb341ee5a29f8ef5b42912ff2
github.com/google/certificate-transparency-go 37a384cd035e722ea46e55029093e26687138edf # v1.0.20
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/README.md b/vendor/github.com/opencontainers/runc/libcontainer/README.md
index 1d7fa04..a791ca2 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/README.md
+++ b/vendor/github.com/opencontainers/runc/libcontainer/README.md
@@ -261,6 +261,7 @@
Stdin: os.Stdin,
Stdout: os.Stdout,
Stderr: os.Stderr,
+ Init: true,
}
err := container.Run(process)
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
index 9717acc..60790f8 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/utils.go
@@ -11,6 +11,8 @@
"path/filepath"
"strconv"
"strings"
+ "sync"
+ "syscall"
"time"
units "github.com/docker/go-units"
@@ -22,6 +24,30 @@
CgroupProcesses = "cgroup.procs"
)
+var (
+ isUnifiedOnce sync.Once
+ isUnified bool
+)
+
+// HugePageSizeUnitList is a list of the units used by the linux kernel when
+// naming the HugePage control files.
+// https://www.kernel.org/doc/Documentation/cgroup-v1/hugetlb.txt
+// TODO Since the kernel only use KB, MB and GB; TB and PB should be removed,
+// depends on https://github.com/docker/go-units/commit/a09cd47f892041a4fac473133d181f5aea6fa393
+var HugePageSizeUnitList = []string{"B", "KB", "MB", "GB", "TB", "PB"}
+
+// IsCgroup2UnifiedMode returns whether we are running in cgroup v2 unified mode.
+func IsCgroup2UnifiedMode() bool {
+ isUnifiedOnce.Do(func() {
+ var st syscall.Statfs_t
+ if err := syscall.Statfs("/sys/fs/cgroup", &st); err != nil {
+ panic("cannot statfs cgroup root")
+ }
+ isUnified = st.Type == unix.CGROUP2_SUPER_MAGIC
+ })
+ return isUnified
+}
+
// https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt
func FindCgroupMountpoint(cgroupPath, subsystem string) (string, error) {
mnt, _, err := FindCgroupMountpointAndRoot(cgroupPath, subsystem)
@@ -42,6 +68,10 @@
}
defer f.Close()
+ if IsCgroup2UnifiedMode() {
+ subsystem = ""
+ }
+
return findCgroupMountpointAndRootFromReader(f, cgroupPath, subsystem)
}
@@ -50,12 +80,12 @@
for scanner.Scan() {
txt := scanner.Text()
fields := strings.Fields(txt)
- if len(fields) < 5 {
+ if len(fields) < 9 {
continue
}
if strings.HasPrefix(fields[4], cgroupPath) {
for _, opt := range strings.Split(fields[len(fields)-1], ",") {
- if opt == subsystem {
+ if (subsystem == "" && fields[9] == "cgroup2") || opt == subsystem {
return fields[4], fields[3], nil
}
}
@@ -69,6 +99,19 @@
}
func isSubsystemAvailable(subsystem string) bool {
+ if IsCgroup2UnifiedMode() {
+ controllers, err := GetAllSubsystems()
+ if err != nil {
+ return false
+ }
+ for _, c := range controllers {
+ if c == subsystem {
+ return true
+ }
+ }
+ return false
+ }
+
cgroups, err := ParseCgroupFile("/proc/self/cgroup")
if err != nil {
return false
@@ -113,7 +156,7 @@
return "", fmt.Errorf("Found no fields post '-' in %q", text)
}
- if postSeparatorFields[0] == "cgroup" {
+ if postSeparatorFields[0] == "cgroup" || postSeparatorFields[0] == "cgroup2" {
// Check that the mount is properly formatted.
if numPostFields < 3 {
return "", fmt.Errorf("Error found less than 3 fields post '-' in %q", text)
@@ -186,6 +229,19 @@
// GetCgroupMounts returns the mounts for the cgroup subsystems.
// all indicates whether to return just the first instance or all the mounts.
func GetCgroupMounts(all bool) ([]Mount, error) {
+ if IsCgroup2UnifiedMode() {
+ availableControllers, err := GetAllSubsystems()
+ if err != nil {
+ return nil, err
+ }
+ m := Mount{
+ Mountpoint: "/sys/fs/cgroup",
+ Root: "/sys/fs/cgroup",
+ Subsystems: availableControllers,
+ }
+ return []Mount{m}, nil
+ }
+
f, err := os.Open("/proc/self/mountinfo")
if err != nil {
return nil, err
@@ -349,6 +405,9 @@
}
func getControllerPath(subsystem string, cgroups map[string]string) (string, error) {
+ if IsCgroup2UnifiedMode() {
+ return "/", nil
+ }
if p, ok := cgroups[subsystem]; ok {
return p, nil
@@ -409,19 +468,26 @@
}
func GetHugePageSize() ([]string, error) {
- var pageSizes []string
- sizeList := []string{"B", "kB", "MB", "GB", "TB", "PB"}
files, err := ioutil.ReadDir("/sys/kernel/mm/hugepages")
if err != nil {
- return pageSizes, err
+ return []string{}, err
}
+ var fileNames []string
for _, st := range files {
- nameArray := strings.Split(st.Name(), "-")
+ fileNames = append(fileNames, st.Name())
+ }
+ return getHugePageSizeFromFilenames(fileNames)
+}
+
+func getHugePageSizeFromFilenames(fileNames []string) ([]string, error) {
+ var pageSizes []string
+ for _, fileName := range fileNames {
+ nameArray := strings.Split(fileName, "-")
pageSize, err := units.RAMInBytes(nameArray[1])
if err != nil {
return []string{}, err
}
- sizeString := units.CustomSize("%g%s", float64(pageSize), 1024.0, sizeList)
+ sizeString := units.CustomSize("%g%s", float64(pageSize), 1024.0, HugePageSizeUnitList)
pageSizes = append(pageSizes, sizeString)
}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/blkio_device.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/blkio_device.go
index e0f3ca1..fa195bf 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/blkio_device.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/blkio_device.go
@@ -59,3 +59,8 @@
func (td *ThrottleDevice) String() string {
return fmt.Sprintf("%d:%d %d", td.Major, td.Minor, td.Rate)
}
+
+// StringName formats the struct to be writable to the cgroup specific file
+func (td *ThrottleDevice) StringName(name string) string {
+ return fmt.Sprintf("%d:%d %s=%d", td.Major, td.Minor, name, td.Rate)
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_linux.go
index e15a662..58ed19c 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_linux.go
@@ -119,4 +119,12 @@
// Set class identifier for container's network packets
NetClsClassid uint32 `json:"net_cls_classid_u"`
+
+ // Used on cgroups v2:
+
+ // CpuWeight sets a proportional bandwidth limit.
+ CpuWeight uint64 `json:"cpu_weight"`
+
+ // CpuMax sets she maximum bandwidth limit (format: max period).
+ CpuMax string `json:"cpu_max"`
}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go
similarity index 89%
rename from vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_windows.go
rename to vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go
index d74847b..c0c23d7 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_windows.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go
@@ -1,3 +1,5 @@
+// +build !linux
+
package configs
// TODO Windows: This can ultimately be entirely factored out on Windows as
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go b/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go
index 5e2ab05..5dabe06 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/devices/devices.go
@@ -7,11 +7,11 @@
"path/filepath"
"github.com/opencontainers/runc/libcontainer/configs"
-
"golang.org/x/sys/unix"
)
var (
+ // ErrNotADevice denotes that a file is not a valid linux device.
ErrNotADevice = errors.New("not a device node")
)
@@ -21,7 +21,8 @@
ioutilReadDir = ioutil.ReadDir
)
-// Given the path to a device and its cgroup_permissions(which cannot be easily queried) look up the information about a linux device and return that information as a Device struct.
+// Given the path to a device and its cgroup_permissions(which cannot be easily queried) look up the
+// information about a linux device and return that information as a Device struct.
func DeviceFromPath(path, permissions string) (*configs.Device, error) {
var stat unix.Stat_t
err := unixLstat(path, &stat)
@@ -60,25 +61,29 @@
}, nil
}
+// HostDevices returns all devices that can be found under /dev directory.
func HostDevices() ([]*configs.Device, error) {
- return getDevices("/dev")
+ return GetDevices("/dev")
}
-func getDevices(path string) ([]*configs.Device, error) {
+// GetDevices recursively traverses a directory specified by path
+// and returns all devices found there.
+func GetDevices(path string) ([]*configs.Device, error) {
files, err := ioutilReadDir(path)
if err != nil {
return nil, err
}
- out := []*configs.Device{}
+ var out []*configs.Device
for _, f := range files {
switch {
case f.IsDir():
switch f.Name() {
// ".lxc" & ".lxd-mounts" added to address https://github.com/lxc/lxd/issues/2825
- case "pts", "shm", "fd", "mqueue", ".lxc", ".lxd-mounts":
+ // ".udev" added to address https://github.com/opencontainers/runc/issues/2093
+ case "pts", "shm", "fd", "mqueue", ".lxc", ".lxd-mounts", ".udev":
continue
default:
- sub, err := getDevices(filepath.Join(path, f.Name()))
+ sub, err := GetDevices(filepath.Join(path, f.Name()))
if err != nil {
return nil, err
}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsenter_unsupported.go b/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsenter_unsupported.go
index ac701ca..2459c63 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsenter_unsupported.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsenter_unsupported.go
@@ -1,5 +1,3 @@
// +build !linux !cgo
package nsenter
-
-import "C"
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c b/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c
index 7750af3..0726568 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c
+++ b/vendor/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c
@@ -37,9 +37,6 @@
SYNC_RECVPID_ACK = 0x43, /* PID was correctly received by parent. */
SYNC_GRANDCHILD = 0x44, /* The grandchild is ready to run. */
SYNC_CHILD_READY = 0x45, /* The child or grandchild is ready to return. */
-
- /* XXX: This doesn't help with segfaults and other such issues. */
- SYNC_ERR = 0xFF, /* Fatal error, no turning back. The error code follows. */
};
/*
@@ -53,9 +50,6 @@
#define JUMP_CHILD 0xA0
#define JUMP_INIT 0xA1
-/* JSON buffer. */
-#define JSON_MAX 4096
-
/* Assume the stack grows down, so arguments should be above it. */
struct clone_t {
/*
@@ -95,6 +89,15 @@
size_t gidmappath_len;
};
+#define PANIC "panic"
+#define FATAL "fatal"
+#define ERROR "error"
+#define WARNING "warning"
+#define INFO "info"
+#define DEBUG "debug"
+
+static int logfd = -1;
+
/*
* List of netlink message types sent to us as part of bootstrapping the init.
* These constants are defined in libcontainer/message_linux.go.
@@ -131,22 +134,34 @@
}
#endif
+static void write_log_with_info(const char *level, const char *function, int line, const char *format, ...)
+{
+ char message[1024] = {};
+
+ va_list args;
+
+ if (logfd < 0 || level == NULL)
+ return;
+
+ va_start(args, format);
+ if (vsnprintf(message, sizeof(message), format, args) < 0)
+ goto done;
+
+ dprintf(logfd, "{\"level\":\"%s\", \"msg\": \"%s:%d %s\"}\n", level, function, line, message);
+done:
+ va_end(args);
+}
+
+#define write_log(level, fmt, ...) \
+ write_log_with_info((level), __FUNCTION__, __LINE__, (fmt), ##__VA_ARGS__)
+
/* XXX: This is ugly. */
static int syncfd = -1;
-/* TODO(cyphar): Fix this so it correctly deals with syncT. */
-#define bail(fmt, ...) \
- do { \
- int ret = __COUNTER__ + 1; \
- fprintf(stderr, "nsenter: " fmt ": %m\n", ##__VA_ARGS__); \
- if (syncfd >= 0) { \
- enum sync_t s = SYNC_ERR; \
- if (write(syncfd, &s, sizeof(s)) != sizeof(s)) \
- fprintf(stderr, "nsenter: failed: write(s)"); \
- if (write(syncfd, &ret, sizeof(ret)) != sizeof(ret)) \
- fprintf(stderr, "nsenter: failed: write(ret)"); \
- } \
- exit(ret); \
+#define bail(fmt, ...) \
+ do { \
+ write_log(FATAL, "nsenter: " fmt ": %m", ##__VA_ARGS__); \
+ exit(1); \
} while(0)
static int write_file(char *data, size_t data_len, char *pathfmt, ...)
@@ -352,6 +367,23 @@
return pipenum;
}
+static void setup_logpipe(void)
+{
+ char *logpipe, *endptr;
+
+ logpipe = getenv("_LIBCONTAINER_LOGPIPE");
+ if (logpipe == NULL || *logpipe == '\0') {
+ return;
+ }
+
+ logfd = strtol(logpipe, &endptr, 10);
+ if (logpipe == endptr || *endptr != '\0') {
+ fprintf(stderr, "unable to parse _LIBCONTAINER_LOGPIPE, value: %s\n", logpipe);
+ /* It is too early to use bail */
+ exit(1);
+ }
+}
+
/* Returns the clone(2) flag for a namespace, given the name of a namespace. */
static int nsflag(char *name)
{
@@ -545,6 +577,12 @@
struct nlconfig_t config = { 0 };
/*
+ * Setup a pipe to send logs to the parent. This should happen
+ * first, because bail will use that pipe.
+ */
+ setup_logpipe();
+
+ /*
* If we don't have an init pipe, just return to the go routine.
* We'll only get an init pipe for start or exec.
*/
@@ -560,6 +598,8 @@
if (ensure_cloned_binary() < 0)
bail("could not ensure we are a cloned binary");
+ write_log(DEBUG, "nsexec started");
+
/* Parse all of the netlink configuration. */
nl_parse(pipenum, &config);
@@ -676,7 +716,6 @@
*/
while (!ready) {
enum sync_t s;
- int ret;
syncfd = sync_child_pipe[1];
close(sync_child_pipe[0]);
@@ -685,12 +724,6 @@
bail("failed to sync with child: next state");
switch (s) {
- case SYNC_ERR:
- /* We have to mirror the error code of the child. */
- if (read(syncfd, &ret, sizeof(ret)) != sizeof(ret))
- bail("failed to sync with child: read(error code)");
-
- exit(ret);
case SYNC_USERMAP_PLS:
/*
* Enable setgroups(2) if we've been asked to. But we also
@@ -759,7 +792,6 @@
ready = false;
while (!ready) {
enum sync_t s;
- int ret;
syncfd = sync_grandchild_pipe[1];
close(sync_grandchild_pipe[0]);
@@ -774,12 +806,6 @@
bail("failed to sync with child: next state");
switch (s) {
- case SYNC_ERR:
- /* We have to mirror the error code of the child. */
- if (read(syncfd, &ret, sizeof(ret)) != sizeof(ret))
- bail("failed to sync with child: read(error code)");
-
- exit(ret);
case SYNC_CHILD_READY:
ready = true;
break;
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
index 11c3faa..e05e30a 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
@@ -1,5 +1,5 @@
// +build linux
-// +build arm64 amd64 mips mipsle mips64 mips64le ppc ppc64 ppc64le s390x
+// +build arm64 amd64 mips mipsle mips64 mips64le ppc ppc64 ppc64le riscv64 s390x
package system
diff --git a/vendor/github.com/opencontainers/runc/vendor.conf b/vendor/github.com/opencontainers/runc/vendor.conf
index 22cba0f..e3f8e6d 100644
--- a/vendor/github.com/opencontainers/runc/vendor.conf
+++ b/vendor/github.com/opencontainers/runc/vendor.conf
@@ -1,26 +1,28 @@
# OCI runtime-spec. When updating this, make sure you use a version tag rather
# than a commit ID so it's much more obvious what version of the spec we are
# using.
-github.com/opencontainers/runtime-spec 29686dbc5559d93fb1ef402eeda3e35c38d75af4
+github.com/opencontainers/runtime-spec 29686dbc5559d93fb1ef402eeda3e35c38d75af4 # v1.0.1-59-g29686db
+
# Core libcontainer functionality.
-github.com/checkpoint-restore/go-criu v3.11
-github.com/mrunalp/fileutils ed869b029674c0e9ce4c0dfa781405c2d9946d08
-github.com/opencontainers/selinux v1.2.2
-github.com/seccomp/libseccomp-golang 84e90a91acea0f4e51e62bc1a75de18b1fc0790f
-github.com/sirupsen/logrus a3f95b5c423586578a4e099b11a46c2479628cac
-github.com/syndtr/gocapability db04d3cc01c8b54962a58ec7e491717d06cfcc16
-github.com/vishvananda/netlink 1e2e08e8a2dcdacaae3f14ac44c5cfa31361f270
+github.com/checkpoint-restore/go-criu 17b0214f6c48980c45dc47ecb0cfd6d9e02df723 # v3.11
+github.com/mrunalp/fileutils 7d4729fb36185a7c1719923406c9d40e54fb93c7
+github.com/opencontainers/selinux 3a1f366feb7aecbf7a0e71ac4cea88b31597de9e # v1.2.2
+github.com/seccomp/libseccomp-golang 689e3c1541a84461afc49c1c87352a6cedf72e9c # v0.9.1
+github.com/sirupsen/logrus 8bdbc7bcc01dcbb8ec23dc8a28e332258d25251f # v1.4.1
+github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
+github.com/vishvananda/netlink 1e2e08e8a2dcdacaae3f14ac44c5cfa31361f270
+
# systemd integration.
-github.com/coreos/go-systemd v14
-github.com/coreos/pkg v3
-github.com/godbus/dbus v3
-github.com/golang/protobuf 18c9bb3261723cd5401db4d0c9fbc5c3b6c70fe8
+github.com/coreos/go-systemd 95778dfbb74eb7e4dbaf43bf7d71809650ef8076 # v19
+github.com/godbus/dbus 2ff6f7ffd60f0f2410b3105864bdd12c7894f844 # v5.0.1
+github.com/golang/protobuf 925541529c1fa6821df4e44ce2723319eb2be768 # v1.0.0
+
# Command-line interface.
-github.com/cyphar/filepath-securejoin v0.2.1
-github.com/docker/go-units v0.2.0
-github.com/urfave/cli d53eb991652b1d438abdd34ce4bfa3ef1539108e
-golang.org/x/sys 41f3e6584952bb034a481797859f6ab34b6803bd https://github.com/golang/sys
+github.com/cyphar/filepath-securejoin a261ee33d7a517f054effbf451841abaafe3e0fd # v0.2.2
+github.com/docker/go-units 47565b4f722fb6ceae66b95f853feed578a4a51c # v0.3.3
+github.com/urfave/cli cfb38830724cc34fedffe9a2a29fb54fa9169cd1 # v1.20.0
+golang.org/x/sys 9eafafc0a87e0fd0aeeba439a4573537970c44c7 https://github.com/golang/sys
# console dependencies
-github.com/containerd/console 2748ece16665b45a47f884001d5831ec79703880
-github.com/pkg/errors v0.8.0
+github.com/containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
+github.com/pkg/errors ba968bfe8b2f7e042a574c888954fccecfa385b4 # v0.8.1
