Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pkg/cdi: remove github.com/opencontainers/runc/libcontainer dependency #158

Merged
merged 1 commit into from
Sep 6, 2023

Conversation

thaJeztah
Copy link
Contributor

commit ee12044 brought in this dependency on runc's libcontainer/devices package.

The runc maintainers consider "libcontainer" to be unstable, and not to be used by external consumers. The package (due to it being part of a large module) also brings in many transitive dependencies.

Given that the DeviceFromPath is only a small wrapper for some golang.org/x/sys calls, and the main purpose of the utility (giving information about "cgroup_permissions (which cannot be easily queried)") was not used, we can replace it with a more customised implemenation that's targetted at the information that's needed here.

@thaJeztah
Copy link
Contributor Author

@elezar PTAL 🤗

@zvonkok
Copy link
Contributor

zvonkok commented Sep 1, 2023

Kicked off the tests; looks sane to me, and removing dependencies is always great.

@thaJeztah Please check the failing tests, the PR looks incomplete regarding the go packages.

@thaJeztah
Copy link
Contributor Author

oh! hm.. interesting; let me check

@thaJeztah
Copy link
Contributor Author

Ah! only go.sum; looks like I forgot to stage that one before I push 😓 should be fixed now 🤞 can you kick CI again?

@elezar
Copy link
Contributor

elezar commented Sep 1, 2023

I'm afk for a bit, but will look on Wednesday when I'm back at my desk. The failures in binary builds are probably due to the modules for the cmds needing updating. There are some vendor make targets that should do this.

@zvonkok
Copy link
Contributor

zvonkok commented Sep 1, 2023

@elezar I will make sure the tests work and do a first pass, you can add your review when you're back.

@zvonkok
Copy link
Contributor

zvonkok commented Sep 1, 2023

@thaJeztah cannot use stat.Mode (type uint32) as type uint16 in map index

@zvonkok
Copy link
Contributor

zvonkok commented Sep 1, 2023

Can you run the tests on your machine first?

@thaJeztah
Copy link
Contributor Author

Ah, dang; I know what's happening; the type differs between platforms (macOS uses different type than other Unix'es); will fix in a bit.

@thaJeztah
Copy link
Contributor Author

ok; changed it back to a switch, and ran tests in a container; I think it should be happy now

@thaJeztah
Copy link
Contributor Author

Hm... DCO check won't kick in for some reason 🤔

@thaJeztah thaJeztah closed this Sep 4, 2023
@thaJeztah thaJeztah reopened this Sep 4, 2023
@elezar elezar requested review from klihub and elezar September 6, 2023 12:01
Copy link
Contributor

@elezar elezar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@thaJeztah thanks for the cleanup. Removing the runc dependency here is great!

I think the DCO failure may be due to the migration of repos. Let me investigate.

pkg/cdi/container-edits_unix.go Outdated Show resolved Hide resolved
Copy link
Contributor

@klihub klihub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@thaJeztah
Copy link
Contributor Author

I think the DCO failure may be due to the migration of repos. Let me investigate.

If part of that was to mark the DCO check as "required", then I think you may be running into a bug in the DCO check.

What I ran into with that utility, is that it doesn't like marking it as a required check if there are existing pull requests in the repository; in that case it will never start.

A workaround for that is to make it temporarily "optional", and mark it "required" again when there are no open pull request (but, erm.. yeah, that's a bit of a pain on active repositories)

@elezar
Copy link
Contributor

elezar commented Sep 6, 2023

I think the DCO failure may be due to the migration of repos. Let me investigate.

If part of that was to mark the DCO check as "required", then I think you may be running into a bug in the DCO check.

What I ran into with that utility, is that it doesn't like marking it as a required check if there are existing pull requests in the repository; in that case it will never start.

A workaround for that is to make it temporarily "optional", and mark it "required" again when there are no open pull request (but, erm.. yeah, that's a bit of a pain on active repositories)

I unfortunately don't have permissions to add / edit the DCO check in this repository, so may have to bypass this for now. I have confirmed that your commit is signed-off as required.

cc @RobertKielty @krook

@thaJeztah
Copy link
Contributor Author

Let me do a quick push to address your comment #158 (comment)

commit ee12044 brought in this dependency
on runc's libcontainer/devices package.

The runc maintainers consider "libcontainer" to be unstable, and not to
be used by external consumers. The package (due to it being part of a
large module) also brings in many transitive dependencies.

Given that the DeviceFromPath is only a small wrapper for some golang.org/x/sys
calls, and the main purpose of the utility (giving information about
"cgroup_permissions (which cannot be easily queried)") was not used, we
can replace it with a more customised implemenation that's targetted at
the information that's needed here.

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah
Copy link
Contributor Author

rebased, and addressed 👍 (needs "approval" again to run CI - sorry for that!)

Copy link
Contributor

@elezar elezar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks!

@elezar elezar merged commit d0e7c3e into cncf-tags:main Sep 6, 2023
@elezar
Copy link
Contributor

elezar commented Sep 6, 2023

merging bypassing the DCO check. Confirmed that commit was signed-off.

@thaJeztah thaJeztah deleted the no_libcontainer branch September 6, 2023 13:04
@thaJeztah
Copy link
Contributor Author

Thanks! Do you know if there were plans for a new tag? (I'll try to keep an eye, but if there's a new tag, I can update the version in containerd 😄)

@krook
Copy link
Member

krook commented Sep 6, 2023

I think the DCO failure may be due to the migration of repos. Let me investigate.

If part of that was to mark the DCO check as "required", then I think you may be running into a bug in the DCO check.
What I ran into with that utility, is that it doesn't like marking it as a required check if there are existing pull requests in the repository; in that case it will never start.
A workaround for that is to make it temporarily "optional", and mark it "required" again when there are no open pull request (but, erm.. yeah, that's a bit of a pain on active repositories)

I unfortunately don't have permissions to add / edit the DCO check in this repository, so may have to bypass this for now. I have confirmed that your commit is signed-off as required.

cc @RobertKielty @krook

I've added the DCO bot at the org level for all repos. Please let me know if that fixes the problem going forward.

@elezar
Copy link
Contributor

elezar commented Sep 7, 2023

Thanks! Do you know if there were plans for a new tag? (I'll try to keep an eye, but if there's a new tag, I can update the version in containerd 😄)

Thanks @thaJeztah. I will check with the other members of the WG to tag and release the update.

@thaJeztah
Copy link
Contributor Author

Thanks! I opened a draft PR in containerd to verify everything works with the latest (at least: in "CI")

@elezar elezar mentioned this pull request Sep 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants