containerd
/
nri
mirror of https://github.com/containerd/nri.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
383 Commits 3 Branches 12 Tags 5.9 MiB
Commit Graph

383 Commits

Author SHA1 Message Date
Markus Lehtonen 25d9391690
build: ensure we use correct version of protoc and its deps. 
Use protoc-specific local install directory to allow safely wiping protoc and its
dependencies without affecting other tools that might get installed under the
build/tools directory in the future. Add a check-protoc target to check protoc
version during builds and install the correct one if it is not found. Simplify and
align the installation of protoc dependencies. Maintain tool versions in go.mod.
Update auto-generated code regenerating them with the latest tool version we
use.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-09-30 19:11:56 +03:00
Mike Brown b7e9de9028
Merge pull request #231 from klihub/fixes/test-with-populated-initial-resources 2025-09-30 09:24:06 -05:00
Krisztian Litkey 272035d843
Merge pull request #232 from marquiz/devel/protoc-install-dir 
Install protoc locally in the source tree
 2025-09-30 15:00:49 +03:00
Krisztian Litkey b64a64d758
Merge pull request #158 from klihub/fixes/logger-default-event-mask 
plugins/logger: fix default event subscription mask.
 2025-09-30 14:56:43 +03:00
Krisztian Litkey 8a05f28c96
Merge pull request #210 from ErikJiang/extract_helper_func 
extract memory and CPU resource helpers
 2025-09-26 17:07:10 +03:00
Markus Lehtonen 2394daa45f Install protoc locally in the source tree 
Install (and use) protoc and plugins under build/tools in the source
tree in an attempt to ensure that the correct version of the tooling is
always used.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-09-26 16:40:41 +03:00
bo.jiang 7afb32a3a4 extract memory and CPU resource helpers 
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
 2025-09-24 10:02:20 +08:00
Krisztian Litkey b6b98b56a6
adaptation: test with populated initial resources. 
The current tests for collecting container resource adjustments
starts out with fully empty container memory and CPU resources.
This allows unintended changes to sneak in to the semantics of
collected adjustments. Let's make this less likely by starting
with populated initial resources.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-09-23 15:27:42 +03:00
Mike Brown d3daead0b6
Merge pull request #230 from klihub/devel/container-uid-gid-info 
api: expose container user/group ID to plugins.
 2025-09-16 10:10:43 -05:00
Krisztian Litkey 22aeb467e5
docs: update README with container uid/gid info. 
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-09-15 15:56:21 +03:00
Krisztian Litkey 71b0335fdc
api,adaptation: add container uid/gid info. 
Obtain the container's user, group and supplemental group
IDs from OCI Spec.Process.User and expose it to plugins.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-09-15 15:51:29 +03:00
Krisztian Litkey 3c85968e62
Merge pull request #228 from marquiz/devel/rdt-monitoring-kustomize 
contrib: add example for enabling per-container RDT monitoring
 2025-09-10 10:41:54 +03:00
Markus Lehtonen 91fbf06ed6 contrib: add example for enabling per-container RDT monitoring 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-09-08 11:47:03 +03:00
Krisztian Litkey 10ffc61c61
Merge pull request #224 from marquiz/devel/image-signing 
ci: enable image signing
 2025-09-01 16:52:41 +03:00
Krisztian Litkey 7004bd9942
Merge pull request #226 from marquiz/devel/golangci-false-positives 
golangci: disable QF1008 from staticcheck linter
 2025-09-01 16:51:12 +03:00
Markus Lehtonen 0b3b5770d1 golangci: disable QF1008 from staticcheck linter 
Disable:

  QF1008: could remove embedded field "Generator" from selector

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 19:55:26 +03:00
Krisztian Litkey f3bda9399c
Merge pull request #225 from marquiz/devel/golangci-v2 
ci: bump golangci-lint to v2.4
 2025-08-29 18:19:57 +03:00
Fu Wei e4518d7f27
Merge pull request #221 from klihub/fixes/revert-hasty-gitignore-review 
.gitignore: revert hastily reviewed editor-specific addition.
 2025-08-29 09:44:38 -04:00
Markus Lehtonen 9787127c0f Bump golangci-lint to v2.4 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:52:16 +03:00
Markus Lehtonen 1a50ff5856 Add nolint directives 
Silence golangci-lint v2.4 errors that we don't want to fix.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:38:52 +03:00
Markus Lehtonen 00fa1a124e Add and fix comments for exported types 
Mixed bag of comments for exported types. Makes revive happier.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:34:22 +03:00
Markus Lehtonen ac21da7be8 pkg/api/seccomp: add comments for exported functions 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:34:22 +03:00
Markus Lehtonen 3aff986af5 pkg/runtime-tools/generate: remove embedded field "Generator" 
Makes linters happier.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:34:22 +03:00
Markus Lehtonen c0c4bb648a pkg/api/validate: add comments for exported methods 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:34:22 +03:00
Markus Lehtonen c0ba9da712 adaptation/builtin: add comment for exported symbols 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:34:22 +03:00
Markus Lehtonen fb5491601c ci: enable image signing 
Image signatures can be verified with cosign. An example for the rolling
unstable image for the template plugin:

  cosign verify ghcr.io/containerd/nri/plugins/template:unstable \
                --certificate-identity-regexp "https://github.com/containerd/nri/.*" \
               --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    | jq .

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-29 13:21:18 +03:00
Krisztian Litkey 02376f371c
.gitignore: add comment about global gitignore. 
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-08-29 09:36:05 +03:00
Krisztian Litkey 9336a7933c
Revert "nit: Add .idea folder to gitignore" 
This reverts commit f578ea2804.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-08-29 09:36:05 +03:00
Fu Wei 2f815c1dd8
Merge pull request #218 from ngopalak-redhat/ngopalak/nit_idea_editor 
nit: Add .idea folder to gitignore
 2025-08-28 15:49:00 -04:00
Neeraj Krishna Gopalakrishna f578ea2804 nit: Add .idea folder to gitignore 
Signed-off-by: Neeraj Krishna Gopalakrishna <ngopalak@redhat.com>
 2025-08-28 16:33:00 +05:30
Krisztian Litkey 79f44b893c
Merge pull request #217 from marquiz/devel/nolint 
chore: clean and unify nolint directives
 2025-08-27 16:35:39 +03:00
Markus Lehtonen 21741b9ee4 chore: clean and unify nolint directives 
Drop unnecessary nolint directives and unify the style of remaining ones
to match the rest of the codebase (and the golangci-lint documentation).

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-27 15:54:34 +03:00
Krisztian Litkey 647fa327c3
Merge pull request #214 from saschagrunert/go 
Downgrade go to require 1.24.0
 2025-08-27 13:18:35 +03:00
Mike Brown 31f0a9ffd8
Merge pull request #211 from marquiz/devel/buildproto-dockerized 
Add dockerized target for building proto files
 2025-08-26 14:36:57 -05:00
Sascha Grunert d26e910702
Downgrade go to require 1.24.0 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-08-26 09:27:56 +02:00
Markus Lehtonen 13fcc0773d Add dockerized target for building proto files 
Makes it possible to build api files without contaminating the host
system.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-19 15:36:34 +03:00
Krisztian Litkey a2eea2bc19
Merge pull request #209 from marquiz/devel/makefile-phony 
Makefile: unconditionally build plugins
 2025-08-16 11:15:07 +03:00
Markus Lehtonen d92ebd6692 Makefile: unconditionally build plugins 
Changes the build targets of plugins to always unconditionally execute
without trying to check dependencies. The previous make targets were
faulty, e.g. changing something in the library didn't rebuild the
plugins. This is a simple and stupid fix that I believe is good enough -
building the plugins is really fast and go compiler caching makes it
super fast for "unnecessary" builds.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-15 14:46:49 +03:00
Krisztian Litkey 65eda50f9e
Merge pull request #196 from marquiz/devel/plugin-images-documentation 
Add minimal documentation for plugin images
 2025-08-15 10:08:00 +03:00
Markus Lehtonen 43e98eee13 Add minimal documentation for plugin images 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-15 10:01:51 +03:00
Krisztian Litkey 5cf60ebcd8
Merge pull request #197 from marquiz/devel/plugin-images-kustomize 
deployment: add minimal kustomize overlays for deploying plugins
 2025-08-14 15:24:26 +03:00
Markus Lehtonen be0d68def8 contrib/kustomize: separate overlays for stable and unstable images 
Define separate overlays for stable (released) and unstable images.
Utilizes reusable kustomize components to minimize repetition. The
stable image would always point to the latest tagged release and
unstable use the latest development build from main. The image-stable
will need to be updated just before tagging a release (so that the
released version points to the correct image).

Usage would be like:

1. Install the latest release

  kubectl create -k "https://github.com/containerd/nri/contrib/kustomize/hook-injector"

2. Install a specific release

  kubectl create -k "https://github.com/containerd/nri/contrib/kustomize/hook-injector?ref=v0.10.0"

3. Install the latest development build:

  kubectl create -k "https://github.com/containerd/nri/contrib/kustomize/hook-injector/unstable"

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-14 11:57:47 +03:00
Markus Lehtonen cc9e614439 deployment: add minimal kustomize overlays for deploying plugins 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-13 21:01:14 +03:00
Krisztian Litkey b382750eac
Merge pull request #205 from marquiz/devel/hook-injector-example 
plugins/hook-injector: correct the hook configs
 2025-08-13 20:08:13 +03:00
Krisztian Litkey 27523d0e8c
Merge pull request #204 from marquiz/devel/plugin-exit-code 
plugins: consistent exit behavior on ttrpc close
 2025-08-13 20:07:50 +03:00
Mike Brown ef2d8cbb6b
Merge pull request #206 from marquiz/devel/deps 
Bump dependencies
 2025-08-13 11:28:51 -05:00
Markus Lehtonen ced3ebee0c Bump dependencies 
Update outdated deps.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-13 11:31:27 +03:00
Mike Brown e3d04772cf
Merge pull request #198 from marquiz/devel/makefile 
Makefile: simplify plugin build make targets
 2025-08-12 11:39:39 -05:00
Markus Lehtonen 3b1cbdb3fd plugins/hook-injector: correct the hook configs 
In the OCI hook configureation args[0] will not be passed to the hook
script as an arg (by convention args[0] is the command).

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-12 12:18:16 +03:00
Markus Lehtonen 8429b178ef plugins: consistent exit behavior on ttrpc close 
Make those sample plugins which have OnClose defined exit in a similar
fashion, with a log message and exit status 1. This is consistent with
the rest of the sample plugins which also exit with status 1 in this
case (but a different log output).

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2025-08-12 11:58:59 +03:00