Compare commits
41 Commits
containerd
...
main
| Author | SHA1 | Date |
|---|---|---|
Jiaxiao Zhou
|
dd3404f0ba | |
|
Jiaxiao Zhou
|
70c84db7f6 | |
dependabot[bot]
|
d76ea36416 | |
|
dependabot[bot]
|
817ae9ed67 | |
|
Jiaxiao Zhou
|
ed2ab4f081 | |
|
Jiaxiao Zhou
|
518d562f0a | |
|
Jiaxiao Zhou
|
ab702d3544 | |
|
dependabot[bot]
|
47ea1fc3c3 | |
|
dependabot[bot]
|
d37911d6d5 | |
|
dependabot[bot]
|
53e2e0bb8c | |
|
Jiaxiao Zhou
|
5322c335c7 | |
|
dependabot[bot]
|
a9fe3c6a84 | |
Rikito Taniguchi
|
124b5b087a | |
|
Jiaxiao Zhou
|
f372b70d85 | |
|
Rikito Taniguchi
|
77f565f971 | |
|
dependabot[bot]
|
80aa9854ad | |
|
Rikito Taniguchi
|
72997bd78e | |
|
Jiaxiao Zhou
|
7a9c892274 | |
|
Jiaxiao Zhou
|
1c9aad22ea | |
|
dependabot[bot]
|
2674fb79be | |
|
dependabot[bot]
|
b617a2550e | |
|
Jiaxiao Zhou
|
4dd6f7d245 | |
|
Jiaxiao Zhou
|
81eb8d8fb8 | |
|
dependabot[bot]
|
ff44543876 | |
|
dependabot[bot]
|
038fb50176 | |
|
Jiaxiao Zhou
|
ce03e9fe00 | |
|
Jiaxiao Zhou
|
660cad77d4 | |
|
Jiaxiao Zhou
|
178920547c | |
|
Jiaxiao Zhou
|
8f4472cf03 | |
|
Jiaxiao Zhou
|
8921f9653d | |
|
dependabot[bot]
|
576d12d111 | |
|
dependabot[bot]
|
a92f681f17 | |
|
dependabot[bot]
|
66a8769150 | |
|
dependabot[bot]
|
bb1e6a3930 | |
|
dependabot[bot]
|
630cb0dbb4 | |
|
Jiaxiao Zhou
|
8325cd1de6 | |
Karan
|
b309d6f203 | |
|
Jiaxiao Zhou
|
5680b21a33 | |
|
Jiaxiao Zhou
|
ab921a5705 | |
|
dependabot[bot]
|
6cf06b0ccb | |
|
Jiaxiao (mossaka) Zhou
|
333e58cde7 |
|
|
@ -106,8 +106,7 @@ jobs:
|
|||
needs: [build-ubuntu, test-image]
|
||||
strategy:
|
||||
matrix:
|
||||
# 20.04 uses cgroupv1, 22.04 uses cgroupv2
|
||||
os: ["ubuntu-20.04", "ubuntu-22.04"]
|
||||
os: ["ubuntu-22.04"]
|
||||
runtime: ["wasmtime", "wasmedge", "wasmer", "wamr"]
|
||||
uses: ./.github/workflows/action-test-smoke.yml
|
||||
with:
|
||||
|
|
@ -120,8 +119,7 @@ jobs:
|
|||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
# 20.04 uses cgroupv1, 22.04 uses cgroupv2
|
||||
os: ["ubuntu-20.04", "ubuntu-22.04"]
|
||||
os: ["ubuntu-22.04"]
|
||||
runtime: ["wasmtime", "wasmedge", "wasmer", "wamr"]
|
||||
uses: ./.github/workflows/action-test-kind.yml
|
||||
with:
|
||||
|
|
@ -149,7 +147,7 @@ jobs:
|
|||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
os: ["ubuntu-20.04", "ubuntu-22.04"]
|
||||
os: ["ubuntu-22.04"]
|
||||
runtime: ["wasmtime", "wasmedge", "wasmer", "wamr"]
|
||||
uses: ./.github/workflows/action-test-k3s.yml
|
||||
with:
|
||||
|
|
@ -196,7 +194,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: lycheeverse/lychee-action@1d97d84f0bc547f7b25f4c2170d87d810dc2fb2c # v2.4.0
|
||||
- uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2.4.1
|
||||
with:
|
||||
fail: false # don't fail the build on broken links
|
||||
format: markdown
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ jobs:
|
|||
- name: Wait for GitHub Pages to update
|
||||
run: sleep 120
|
||||
- name: Check all links on runwasi.dev
|
||||
uses: lycheeverse/lychee-action@1d97d84f0bc547f7b25f4c2170d87d810dc2fb2c # v2.4.0
|
||||
uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2.4.1
|
||||
with:
|
||||
fail: true # Fail CI if broken links found on the live site
|
||||
format: markdown
|
||||
|
|
|
|||
|
|
@ -26,10 +26,10 @@ jobs:
|
|||
echo "image=$image" >> $GITHUB_ENV
|
||||
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
|
||||
uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3.9.1
|
||||
|
||||
- name: Install syft
|
||||
uses: anchore/sbom-action/download-syft@f325610c9f50a54015d37c8d16cb3b0e2c8f4de0 # v0.18.0
|
||||
uses: anchore/sbom-action/download-syft@9246b90769f852b3a8921f330c59e0b3f439d6e9 # v0.20.1
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v3
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ jobs:
|
|||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
|
||||
uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
|
|
@ -45,6 +45,6 @@ jobs:
|
|||
# Upload the results to GitHub's code scanning dashboard
|
||||
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
|
||||
uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
|
@ -26,7 +26,7 @@ jobs:
|
|||
echo "image=$image" >> $GITHUB_ENV
|
||||
|
||||
- name: Install cosign
|
||||
uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
|
||||
uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3.9.1
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v3
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
10
Cargo.toml
10
Cargo.toml
|
|
@ -31,7 +31,7 @@ containerd-shim-wasm = { path = "crates/containerd-shim-wasm", version = "1.0.0"
|
|||
containerd-shim-wasm-test-modules = { path = "crates/containerd-shim-wasm-test-modules", version = "0.4.0"}
|
||||
oci-tar-builder = { path = "crates/oci-tar-builder", version = "0.4.0" }
|
||||
env_logger = "0.11"
|
||||
libc = "0.2.172"
|
||||
libc = "0.2.174"
|
||||
libcontainer = { version = "0.5", default-features = false }
|
||||
log = "0.4"
|
||||
nix = "0.29"
|
||||
|
|
@ -48,14 +48,14 @@ windows-sys = "0.59"
|
|||
serial_test = "3"
|
||||
tracing = "0.1"
|
||||
hyper = "1.6.0"
|
||||
tokio = { version = "1.44.2", default-features = false }
|
||||
tokio = { version = "1.45.1", default-features = false }
|
||||
tokio-util = { version = "0.7", default-features = false }
|
||||
cfg-if = "1.0"
|
||||
|
||||
# wasmtime
|
||||
wasmtime = { version = "27.0.0", features = ["async"] }
|
||||
wasmtime-wasi = { version = "27.0.0" }
|
||||
wasmtime-wasi-http = { version = "27.0.0" }
|
||||
wasmtime = { version = "33.0.0", features = ["async"] }
|
||||
wasmtime-wasi = { version = "33.0.0" }
|
||||
wasmtime-wasi-http = { version = "33.0.0" }
|
||||
|
||||
[profile.release]
|
||||
panic = "abort"
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "containerd-shim-wamr"
|
||||
version = "0.1.0"
|
||||
version = "0.2.0"
|
||||
edition.workspace = true
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ tempfile = { workspace = true, optional = true }
|
|||
wat = { workspace = true }
|
||||
tokio = { workspace = true, features = ["full"] }
|
||||
futures = { version = "0.3.30" }
|
||||
wasmparser = { version = "0.228.0" }
|
||||
wasmparser = { version = "0.231.0" }
|
||||
tokio-stream = { version = "0.1" }
|
||||
sha256 = { workspace = true }
|
||||
serde_bytes = "0.11"
|
||||
|
|
@ -71,7 +71,7 @@ tempfile = { workspace = true }
|
|||
oci-tar-builder = { workspace = true }
|
||||
rand = "0.9"
|
||||
temp-env = "0.3"
|
||||
ctor = "0.4.1"
|
||||
ctor = "0.4.2"
|
||||
|
||||
[features]
|
||||
testing = [
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "containerd-shim-wasmedge"
|
||||
version = "0.5.0"
|
||||
version = "0.6.0"
|
||||
edition.workspace = true
|
||||
|
||||
[dependencies]
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "containerd-shim-wasmer"
|
||||
version = "0.5.0"
|
||||
version = "0.6.0"
|
||||
edition.workspace = true
|
||||
|
||||
[dependencies]
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "containerd-shim-wasmtime"
|
||||
version = "0.5.0"
|
||||
version = "0.6.0"
|
||||
edition.workspace = true
|
||||
|
||||
[dependencies]
|
||||
|
|
|
|||
|
|
@ -164,7 +164,7 @@ impl ProxyHandler {
|
|||
|
||||
fn wasi_store_for_request(&self, req_id: u64) -> Store<WasiPreview2Ctx> {
|
||||
let engine = self.instance_pre.engine();
|
||||
let mut builder = wasmtime_wasi::WasiCtxBuilder::new();
|
||||
let mut builder = wasmtime_wasi::p2::WasiCtxBuilder::new();
|
||||
|
||||
builder.envs(&self.env);
|
||||
builder.env("REQUEST_ID", req_id.to_string());
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ use wasi_preview2::bindings::Command;
|
|||
use wasmtime::component::types::ComponentItem;
|
||||
use wasmtime::component::{self, Component, ResourceTable};
|
||||
use wasmtime::{Config, Module, Precompiled, Store};
|
||||
use wasmtime_wasi::p2::{self as wasi_preview2};
|
||||
use wasmtime_wasi::preview1::{self as wasi_preview1};
|
||||
use wasmtime_wasi::{self as wasi_preview2};
|
||||
use wasmtime_wasi_http::bindings::ProxyPre;
|
||||
use wasmtime_wasi_http::{WasiHttpCtx, WasiHttpView};
|
||||
|
||||
|
|
@ -103,20 +103,18 @@ impl WasiPreview2Ctx {
|
|||
|
||||
/// This impl is required to use wasmtime_wasi::preview2::WasiView trait.
|
||||
impl wasi_preview2::WasiView for WasiPreview2Ctx {
|
||||
fn table(&mut self) -> &mut ResourceTable {
|
||||
&mut self.resource_table
|
||||
}
|
||||
|
||||
fn ctx(&mut self) -> &mut wasi_preview2::WasiCtx {
|
||||
&mut self.wasi_ctx
|
||||
}
|
||||
}
|
||||
|
||||
impl WasiHttpView for WasiPreview2Ctx {
|
||||
fn table(&mut self) -> &mut wasmtime::component::ResourceTable {
|
||||
impl wasi_preview2::IoView for WasiPreview2Ctx {
|
||||
fn table(&mut self) -> &mut ResourceTable {
|
||||
&mut self.resource_table
|
||||
}
|
||||
}
|
||||
|
||||
impl WasiHttpView for WasiPreview2Ctx {
|
||||
fn ctx(&mut self) -> &mut wasmtime_wasi_http::WasiHttpCtx {
|
||||
&mut self.wasi_http
|
||||
}
|
||||
|
|
@ -176,7 +174,7 @@ impl Compiler for WasmtimeCompiler {
|
|||
let mut compiled_layers = Vec::<Option<Vec<u8>>>::with_capacity(layers.len());
|
||||
|
||||
for layer in layers {
|
||||
if self.0.detect_precompiled(&layer.layer).is_some() {
|
||||
if wasmtime::Engine::detect_precompiled(&layer.layer).is_some() {
|
||||
log::info!("Already precompiled");
|
||||
compiled_layers.push(None);
|
||||
continue;
|
||||
|
|
@ -255,7 +253,7 @@ impl WasmtimeSandbox {
|
|||
ComponentTarget::HttpProxy => {
|
||||
log::info!("Found HTTP proxy target");
|
||||
let mut linker = component::Linker::new(&self.engine);
|
||||
wasmtime_wasi::add_to_linker_async(&mut linker)?;
|
||||
wasmtime_wasi::p2::add_to_linker_async(&mut linker)?;
|
||||
wasmtime_wasi_http::add_only_http_to_linker_async(&mut linker)?;
|
||||
|
||||
let pre = linker.instantiate_pre(&component)?;
|
||||
|
|
@ -357,7 +355,7 @@ impl WasmtimeSandbox {
|
|||
let component = Component::from_binary(&self.engine, wasm_binary)?;
|
||||
self.execute_component(ctx, component, func).await
|
||||
}
|
||||
None => match &self.engine.detect_precompiled(wasm_binary) {
|
||||
None => match wasmtime::Engine::detect_precompiled(wasm_binary) {
|
||||
Some(Precompiled::Module) => {
|
||||
log::info!("using precompiled module");
|
||||
let module = unsafe { Module::deserialize(&self.engine, wasm_binary) }?;
|
||||
|
|
@ -405,8 +403,8 @@ fn wasi_builder(ctx: &impl RuntimeContext) -> Result<wasi_preview2::WasiCtxBuild
|
|||
// https://github.com/containerd/runwasi/issues/413
|
||||
log::debug!("building WASI context");
|
||||
|
||||
let file_perms = wasi_preview2::FilePerms::all();
|
||||
let dir_perms = wasi_preview2::DirPerms::all();
|
||||
let file_perms = wasmtime_wasi::FilePerms::all();
|
||||
let dir_perms = wasmtime_wasi::DirPerms::all();
|
||||
let envs = envs_from_ctx(ctx);
|
||||
|
||||
let mut builder = wasi_preview2::WasiCtxBuilder::new();
|
||||
|
|
@ -452,7 +450,7 @@ fn use_pooling_allocator_by_default() -> bool {
|
|||
const BITS_TO_TEST: u32 = 42;
|
||||
let mut config = Config::new();
|
||||
config.wasm_memory64(true);
|
||||
config.static_memory_maximum_size(1 << BITS_TO_TEST);
|
||||
config.memory_reservation(1 << BITS_TO_TEST);
|
||||
let Ok(engine) = wasmtime::Engine::new(&config) else {
|
||||
return false;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -16,9 +16,9 @@ oci-spec = { workspace = true, features = ["runtime"] }
|
|||
anyhow = { workspace = true }
|
||||
serde = { workspace = true }
|
||||
serde_json = { workspace = true }
|
||||
clap = { version = "4.5.37", features = ["derive"] }
|
||||
clap = { version = "4.5.40", features = ["derive"] }
|
||||
indexmap = "2.9.0"
|
||||
oci-wasm = { version = "0.2.1", default-features = false, features = ["rustls-tls"] }
|
||||
oci-wasm = { version = "0.3.0", default-features = false, features = ["rustls-tls"] }
|
||||
tokio = { workspace = true, features = ["rt-multi-thread"] }
|
||||
|
||||
[lib]
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ After installation, you can test your setup by pulling and running a test image:
|
|||
1. Pull the test image:
|
||||
|
||||
```bash
|
||||
sudo ctr pull ghcr.io/containerd/runwasi/wasi-demo-app:latest
|
||||
sudo ctr images pull ghcr.io/containerd/runwasi/wasi-demo-app:latest
|
||||
```
|
||||
|
||||
2. Run a test container:
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ kind create cluster --name runwasi-cluster --config kind-config.yaml
|
|||
kubectl cluster-info --context kind-runwasi-cluster
|
||||
|
||||
cat << EOF | docker exec -i runwasi-cluster-control-plane tee /etc/containerd/config.toml
|
||||
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.wasm]
|
||||
[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.wasm]
|
||||
runtime_type = "io.containerd.wasmtime.v1"
|
||||
EOF
|
||||
|
||||
|
|
@ -73,7 +73,7 @@ sudo make install-wasmtime
|
|||
sudo mkdir -p /var/lib/rancher/k3s/agent/etc/containerd/
|
||||
|
||||
cat << EOF | sudo tee -a /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
|
||||
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.wasm]
|
||||
[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.wasm]
|
||||
runtime_type = "io.containerd.wasmtime.v1"
|
||||
EOF
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue