Compare commits

...

255 Commits

Author SHA1 Message Date
Tim Zhang e4551b1013 shim-protos: replace ttrpc-codegen to the released crate version
The new version v0.6.0 has been released.

Signed-off-by: Tim Zhang <tim@hyper.sh>
2025-07-15 17:54:05 +00:00
jinda.ljd 0e4ff0c5da truncate backing file path exceeding 64 bytes in LoopInfo
When the backing file path exceeds 64 bytes, an 'out of range' error occurs due to the limitation of the `file_name` field in `LoopInfo`. This commit truncates the file path to ensure it does not exceed the maximum supported length, preventing the error while maintaining usability.

Signed-off-by: jinda.ljd <jinda.ljd@alibaba-inc.com>
2025-07-15 02:56:39 +00:00
zzzzzzzzzy9 afab3c8eba add some test for mount_rootfs and umount_recursive and setup_loop
Signed-off-by: zzzzzzzzzy9 <zhang.yu58@zte.com.cn>
2025-07-07 04:51:59 +00:00
zzzzzzzzzy9 11e97809b8 support loop-dev mount in mount_rootfs
Signed-off-by: zzzzzzzzzy9 <zhang.yu58@zte.com.cn>
2025-07-07 04:51:59 +00:00
zzzzzzzzzy9 15fbabcf8e Unmount the mount point of the container when the container is deleted.
Signed-off-by: zzzzzzzzzy9 <zhang.yu58@zte.com.cn>
2025-07-07 04:51:59 +00:00
zzzzzzzzzy9 6aa801807e move mount to mount_linux and mount_other
Signed-off-by: zzzzzzzzzy9 <zhang.yu58@zte.com.cn>
2025-07-07 04:51:59 +00:00
Maksym Pavlenko 220d6d6a65
Fix runc dependency
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-06-30 10:09:42 -07:00
Maksym Pavlenko b8107d6101
Bump runc crate version
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-06-30 09:54:17 -07:00
Bryant Biggs c0b92c4e96 chore: Update protobuf definitions using latest containerd version v2.1.1 2025-06-11 00:15:32 +00:00
Bryant Biggs 8469d6d7a8 chore: Bump ttrpc-codegen as well 2025-06-11 00:13:54 +00:00
Bryant Biggs ad6d647960 chore: Update protobuf dependency to latest 2025-06-11 00:13:54 +00:00
jokemanfire 055e49bf6f fix ut test
Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-06-11 00:13:30 +00:00
jokemanfire 0a07bdde72 runc: split the lib's trait from lib to async and sync
Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-06-11 00:13:30 +00:00
Bryant Biggs 468fbc0b4c chore: Move tokio dependency in `snapshots` to dev dependency 2025-06-11 00:09:51 +00:00
Bryant Biggs cd5a84d8a7 chore: Update tonic dependencies to latest 2025-06-11 00:07:41 +00:00
jokemanfire cea5523d20 fix(update): avoid update resource while the process is zombie
add a check in zombie init process

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-05-09 01:42:38 +00:00
dependabot[bot] 9b5727a28e build(deps): bump bnjbvr/cargo-machete from 0.7.0 to 0.8.0
Bumps [bnjbvr/cargo-machete](https://github.com/bnjbvr/cargo-machete) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/bnjbvr/cargo-machete/releases)
- [Changelog](https://github.com/bnjbvr/cargo-machete/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bnjbvr/cargo-machete/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: bnjbvr/cargo-machete
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-08 19:31:20 +00:00
Maksym Pavlenko 4744fafcd6 Remove Ubuntu 20.04 runners and bump containerd versions
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-05-08 18:40:27 +00:00
jokemanfire 3b42040af2 optimize: use a more user-friendly interface in ttrpc
Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-04-15 03:41:12 +00:00
Jorge Prendes 8130e41939 remove dependency on signal-hook-tokio
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-04-10 16:27:31 +00:00
Jorge Prendes 2a098d9f69 re-enable cargo machete
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-04-09 14:23:23 +00:00
Jorge Prendes 59589df20f ping grcov version
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-04-09 13:47:06 +00:00
Jorge Prendes 18fcf6bc52 remove unused dependencies
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-03-19 23:27:16 +00:00
Jorge Prendes 277a1a65f2 use windows activation strategy on async code
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-03-19 23:27:16 +00:00
Jorge Prendes df1b8f05dd use windows activation strategy on all platforms in sync code
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-03-19 23:27:16 +00:00
Jorge Prendes 35980682a6 Consolidate the NamedPipeLogger into the FifoLogger
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-03-19 23:25:14 +00:00
Jorge Prendes f4fdddc5e5 ignore advisory with proc-macro-error and protobuf to unblock CI
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
2025-03-19 22:54:47 +00:00
Jiaxiao (mossaka) Zhou 8fba47295b feat(shim): make logger module public
Downstream shim implementations can use this module to setup logger by
themselves. One example is runwasi's container process needs to use this
module to setup logger so that logs from the container process can be
populated to containerd.

Signed-off-by: Jiaxiao (mossaka) Zhou <duibao55328@gmail.com>
2025-02-25 23:17:12 +00:00
jokemanfire 906bd0f466 Update publisher err deal.
ref:https://github.com/containerd/ttrpc-rust/pull/259
Due to the inclusion of the latest version of ttrpc, this part of the code has been updated

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-02-24 18:54:43 +00:00
Kyle Kosic 559cc576b9 add experimental flag 2025-02-20 18:20:05 +00:00
Phil Estes 9d9cc05d18 Add example using the transfer service
Pulls an image to the containerd content store

Signed-off-by: Phil Estes <estesp@amazon.com>
2025-02-01 06:55:48 +00:00
Maksym Pavlenko 822a065062 Add Jiaxiao Zhou to reviewers
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-31 19:05:21 +00:00
Maksym Pavlenko cd926a2d89
Remove --files-with-diff
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-31 11:09:25 -08:00
Maksym Pavlenko ae876e3a33
Fix shim dependency
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-28 12:06:30 -08:00
Maksym Pavlenko c016d933ed
Bump shim crate version to 0.8
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-28 11:59:33 -08:00
Maksym Pavlenko 2d999680fe
Fix publish?
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-28 11:49:18 -08:00
Maksym Pavlenko ef81c80577
Bump shim protos to 0.8
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-28 11:30:33 -08:00
jokemanfire e5db241747 Fix complie error
1. update ttrpc version
2. proto3 syntax  "To define 'optional' fields in Proto3, simply remove the 'optional' label, as fields are 'optional' by default"
3. compile fail because "required for the cast from `Arc<std::boxed::Box<<T as asynchronous::Shim>::T>>` to `Arc<(dyn containerd_shim_protos::shim_async::Task + std::marker::Send + Sync + 'static)>`"

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-01-27 20:08:08 +00:00
dependabot[bot] 26b783c0b4 build(deps): bump actions/stale from 9.0.0 to 9.1.0
Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](28ca103628...5bef64f19d)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-27 20:06:30 +00:00
jokemanfire 545b0e789e Add info for get runtimeinfo
This interface is already in goshim.
Use containerd-shim-runc-v2 --info.

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-01-27 20:06:12 +00:00
Maksym Pavlenko 1f1e38dc06
Bump client to 0.8.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-16 13:46:49 -08:00
Phil Estes 2d47d88f13 Add a to_any helper in the containerd client crate
This provides a solution to Any->type matching that happens on
the containerd Go-based server side where the Any types in prost
use typeurl as defined in the protobuf spec and the server side
is matching on the fullname property of the type.

Signed-off-by: Phil Estes <estesp@amazon.com>
2025-01-16 20:44:01 +00:00
Maksym Pavlenko 2cb7714e76 Fix CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-16 19:22:09 +00:00
jokemanfire a345bac309 OpenOptions in blocking mod is a time-consuming operation.
1.Prevent it from blocking a tokio thread. Change sync to async.
2.Add pipe unit test which I found error in Pipe new.

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2025-01-09 02:57:43 +00:00
Phil Estes 41d2ded16a Add mod for transfer types
Makes the transfer types available in containerd_client imports

Signed-off-by: Phil Estes <estesp@amazon.com>
2025-01-08 19:50:56 +00:00
Maksym Pavlenko 95964f295e
Bump containerd client to 0.7.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-08 10:43:30 -08:00
Maksym Pavlenko ce05587af2 Update vendor
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-08 18:31:52 +00:00
Maksym Pavlenko 30be44066a Update vendor script
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-08 18:31:52 +00:00
Maksym Pavlenko 68bff89898
Don't check labels
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-07 16:05:15 -08:00
Maksym Pavlenko 92e4b8b4fb Update Go version
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-06 22:04:41 +00:00
Maksym Pavlenko c3620b7602 Update containerd versions for Linux integration
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-06 22:04:41 +00:00
Maksym Pavlenko 4c66dd46f5
Add stale bot
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-06 12:55:10 -08:00
Maksym Pavlenko bd5dd4fcbd
Remove unused fields
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-06 10:58:59 -08:00
jokemanfire feac9615e1 Fix publisher debug info is not correct
In the containerd log, it is not print correct
2025-01-06 10:52:50 -08:00
Maksym Pavlenko 314e384806
Fix unused fields on MacOS
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2025-01-06 10:50:54 -08:00
Maksym Pavlenko 346b82e673
Fix unused fields on Mac
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-12-31 15:09:58 -08:00
Maksym Pavlenko e27decc5ba
Fix clippy
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-12-31 14:33:44 -08:00
Maksym Pavlenko 6ad0a6e0d3
Bump Rust version to 1.81
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-12-31 14:33:32 -08:00
jokemanfire 4133fef4c0 Optimize: refine the scope of the lock.
We can discard the lock before reporting the incident.According to Goshim.

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-12-15 03:25:25 +00:00
jokemanfire a0f3bf13a1 Attemp to resolve fifo open deadlock
If long time no read side , may cause shim lock.
Avoid fifo open deadlock,use a easy timeout

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-12-13 20:04:38 +00:00
jokemanfire 6526c28e87 Prevent the init process from exiting and continuing with start
No need to wait for runc return an error

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-12-13 20:02:50 +00:00
jokemanfire eef8806871 fix process exit (not init) event not publish
1.add get id interface in process
2.add process event publish in service

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-12-11 20:10:31 +00:00
fengwei0328 1e17e1495e The task_dir successfully cleans when the file is absent
Signed-off-by: fengwei0328 <feng.wei8@zte.com.cn>
2024-12-06 18:54:16 +00:00
zzzzzzzzzy9 7051e312f5 if init is paused/pausing, exec state should be the same 2024-12-04 21:57:39 +00:00
ningmingxiao 8029a61a2b fix leftover shim processes 2024-12-03 23:34:03 +00:00
jokemanfire c6b623cb8b Attempt to change mutex to rwlock
In high concurrency environments, some operations are read-only and do not require mutex write locks.

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-12-03 23:33:04 +00:00
adsick 3044a44363 `with_namespace!`: fix formatting and accept `expr` instead of `ident` 2024-12-03 22:40:50 +00:00
dependabot[bot] 0db44b965c build(deps): update thiserror requirement from 1.0 to 2.0
Updates the requirements on [thiserror](https://github.com/dtolnay/thiserror) to permit the latest version.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.0...1.0.68)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-03 19:02:07 +00:00
dependabot[bot] 25f06b4c7f build(deps): bump codecov/codecov-action from 4 to 5
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-03 17:59:18 +00:00
Jiaxiao Zhou (Mossaka) f87972b9b0 runc/src/io: added the missing imports to unit tests
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
2024-12-03 17:58:52 +00:00
Jiaxiao Zhou (Mossaka) 3bb4e14fe5 .github/workflows/ci: add check to runc shim
The runc shim, like the containerd-shim, has a 'sync' feature that is not checked by the workspace.
Thus we need to add that individually to the CI to get full coverage

Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
2024-12-03 17:58:52 +00:00
Jiaxiao Zhou (Mossaka) 474db59c81 runc/src/io: expose Io as a public API
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
2024-12-03 17:58:52 +00:00
Jiaxiao Zhou (Mossaka) b7de553f9e runc/Cargo: add the missing os_pipe dependency
Signed-off-by: Jiaxiao Zhou (Mossaka) <duibao55328@gmail.com>
2024-12-03 17:58:52 +00:00
jiaxiao zhou 7efe8d8390 runc: split Pipe, Io, and PipedIo to async and sync modules
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
2024-12-03 17:58:52 +00:00
Maksym Pavlenko 3da6d80b0b Disable cargo machete
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-12-03 09:51:32 -08:00
Maksym Pavlenko 9cfc6454f0 Fix CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-12-03 09:43:44 -08:00
jokemanfire 6d496ef7fa In delete: Process not found should not return ok
Compatible with goshim

Signed-off-by: jokemanfire <hu.dingyang@zte.com.cn>
2024-11-19 19:31:22 +00:00
Christos Katsakioris ac89daa9b1 snapshots: Add handy `Clone`, `Copy` derivations
Derive `Clone` for `Info`, as well as both `Clone` and `Copy` for `Kind`
and `Usage`, which allows for convenient manipulation of these types.

Signed-off-by: Christos Katsakioris <ckatsak@gmail.com>
2024-11-13 21:41:08 +00:00
jiaxiao zhou 857ace0e3f crates/runc: removed unused dep
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
2024-11-06 18:26:42 +00:00
jiaxiao zhou a665cfcfc0 client, snapshots/Cargo.toml: Ignore `prost` in cargo-machete metadata
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
2024-11-06 18:26:42 +00:00
jiaxiao zhou b535a030d1 .github/workflows/ci: add machete to CI
this will check if there are unused deps in this repo
2024-11-06 18:26:42 +00:00
dependabot[bot] d584728948 build(deps): update oci-spec requirement from 0.6 to 0.7
Updates the requirements on [oci-spec](https://github.com/containers/oci-spec-rs) to permit the latest version.
- [Release notes](https://github.com/containers/oci-spec-rs/releases)
- [Changelog](https://github.com/containers/oci-spec-rs/blob/main/release.md)
- [Commits](https://github.com/containers/oci-spec-rs/compare/v0.6.0...v0.6.7)

---
updated-dependencies:
- dependency-name: oci-spec
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-05 19:34:27 +00:00
Lei Liu 2689bbf250 Ignore notFound error when collect from pid cgroup
When `pids.current` or `pids.max` not exist in cgroup root
(/sys/fs/cgroup/pids/) collect_metrics will print out error level
log "...unable to read a control group file /sys/fs/cgroup/pids/./
pids.current..." continually, this commit will ignore these not
found errors.

As a supplement,if or not set pids.current file in cgroup controller
root directory decided by `CFTYPE_NOT_ON_ROOT` flag, in many commen
environment it is default to enabled. And as a contrast, go version
code will ignore all not found error when collect cgroupv1 metrics:
b67a788072/runtime/v2/runc/task/service.go (L625)

Co-authored-by: Yukiteru <wfly1998@gmail.com>

Signed-off-by: Lei Liu <liulei.pt@bytedance.com>
2024-11-05 19:33:58 +00:00
yummyMax 7c01662306 change socket path
Some containerd test use shim.SocketAddress directly.
So for Goshim-compatible socket path

Signed-off-by: yummyMax <yu.sihui@zte.com.cn>
2024-10-30 23:15:24 +00:00
jokemanfire 6cb625da04 <rshim>Improve the events report
1.add timeout in ctx
2.add queue in publisher report
3.add reconnect client method
2024-10-30 23:14:55 +00:00
zzzzzzzzzy9 792c2e619e shim: Implement the pause and resume interfaces 2024-10-30 16:53:26 +00:00
Lei Liu c22dba6201 fix: remove meaningless input from other_error macro
Signed-off-by: Lei Liu <liulei.pt@bytedance.com>
2024-10-30 00:05:16 +00:00
ningmingxiao a6b4286542 fix os_pipe doesn't work with async IO 2024-10-21 23:04:57 +00:00
dependabot[bot] 7794b07f16 build(deps): update tower requirement from 0.4 to 0.5
Updates the requirements on [tower](https://github.com/tower-rs/tower) to permit the latest version.
- [Release notes](https://github.com/tower-rs/tower/releases)
- [Commits](https://github.com/tower-rs/tower/compare/tower-0.4.0...tower-0.5.1)

---
updated-dependencies:
- dependency-name: tower
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 22:58:49 +00:00
Maksym Pavlenko 304d67069b Bump client to 0.6.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-07 11:35:55 -07:00
Bryant Biggs 3f541b9454 fix: All unused re-export to pass clippy 2024-10-05 14:55:48 +00:00
Bryant Biggs da4d1f48bf fix: Replace `tonic` deprecated methods to fix clippy warnings 2024-10-05 14:55:48 +00:00
Bryant Biggs ece6516da5 fix: Switch `write` to `write_all` to consume 2024-10-05 14:55:48 +00:00
Bryant Biggs 6f2812f4b8 fix: Correct lint warnings, bump toolchain version due to `cargo::key=value` build directive which is reserved for future use 2024-10-05 14:55:48 +00:00
Bryant Biggs fb4cb85d66 chore: Run `cargo fmt` 2024-10-05 14:55:48 +00:00
Bryant Biggs 2265428508 Update lib.rs
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
Signed-off-by: Bryant Biggs <bryantbiggs@gmail.com>
2024-10-05 14:55:48 +00:00
Bryant Biggs 81f51386f0 chore: Revert change to windows target 2024-10-05 14:55:48 +00:00
Bryant Biggs ece15e9275 fix: Windows client is not awaitable 2024-10-05 14:55:48 +00:00
Bryant Biggs 2050c857d6 chore: Update `tonic` and `prost` dependencies to latest 2024-10-05 14:55:48 +00:00
Maksym Pavlenko 4b8bd82ea9 Bump shim protos and fix dependencies
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-04 11:57:47 -07:00
Maksym Pavlenko 4e60e8a6fa Bump containerd shim to 0.7.4
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-04 11:30:19 -07:00
jiaxiao zhou 15f51b0899 crates/shim-protos/Cargo: relex version requirement for protobuf
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
2024-10-04 17:40:53 +00:00
Maksym Pavlenko 202c756d26 Fix shim dependency to shim-protos and bump to 0.7.3
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-03 11:50:13 -07:00
Maksym Pavlenko 32f8deb6e4 Bump shim-protos to 0.7.1 and shim to 0.7.2
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-03 11:26:35 -07:00
Maksym Pavlenko 06156f88c8 Pin ttrpc version
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-03 18:11:07 +00:00
Maksym Pavlenko 6f2a8c1894 Fix crates that depend on new ttrpc
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-10-03 18:11:07 +00:00
jiaxiao zhou 217f0ee935 Cargo.toml: remove unused dependnecies
Signed-off-by: jiaxiao zhou <duibao55328@gmail.com>
2024-09-23 17:03:41 +00:00
jokemanfire 7519a0161e If parse arguments error do not panic, just exit without zero 2024-09-18 16:43:40 +00:00
zzzzzzzzzy9 71de1b435d process_info should be ProcessDetails, otherwise it can't be parsed 2024-09-03 18:21:15 +00:00
zzzzzzzzzy9 0911c1cfff When get_container return an error, just return pid=0 to connect interface 2024-08-03 02:59:27 +00:00
dependabot[bot] bd36de0f6d build(deps): update protobuf requirement from =3.1 to =3.5
Updates the requirements on [protobuf](https://github.com/stepancheg/rust-protobuf) to permit the latest version.
- [Changelog](https://github.com/stepancheg/rust-protobuf/blob/master/CHANGELOG-before-3.md)
- [Commits](https://github.com/stepancheg/rust-protobuf/compare/v3.1.0...v3.5.0)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-03 02:56:05 +00:00
Bryant Biggs 3a9ceb351f chore: Update `nix` package to latest 2024-08-02 19:28:24 +00:00
zzzzzzzzzy9 288cc8082d add process info to pids() interface 2024-08-02 16:29:04 +00:00
张钰10307750 b308d13c28 add pid to delete response 2024-08-02 16:21:03 +00:00
Bryant Biggs 765111e3b1 fix: Correct clippy lint suggestion part tres 2024-07-30 16:54:34 +00:00
Bryant Biggs e771f15ce2 fix: Correct clippy lint suggestion part deux 2024-07-30 16:54:34 +00:00
Bryant Biggs 150ec63cbc fix: Correct clippy lint suggestion 2024-07-30 16:54:34 +00:00
Bryant Biggs ab17df086a chore: Fix whitespace 2024-07-30 16:54:34 +00:00
Bryant Biggs 303b2e3009 chore: Fix cargo deny failed checks and de-duplicate crates using workspace shared dependency 2024-07-30 16:54:34 +00:00
刘磊 369a73f9d9 fix: too new version protobuf break build
issue: https://github.com/containerd/rust-extensions/issues/295

Signed-off-by: 刘磊 <liulei.pt@bytedance.com>
2024-07-18 22:17:41 +00:00
Gabriel Dolberg 666a5ec112 Typos
Signed-off-by: Gabriel Dolberg <gbd199@gmail.com>
2024-06-17 20:20:51 +00:00
dependabot[bot] cecfee80b3 build(deps): update mio requirement from 0.8 to 1.0
Updates the requirements on [mio](https://github.com/tokio-rs/mio) to permit the latest version.
- [Release notes](https://github.com/tokio-rs/mio/releases)
- [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/mio/compare/v0.8.0...v1.0.0)

---
updated-dependencies:
- dependency-name: mio
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-17 20:20:36 +00:00
Gabriel Dolberg 26e238edf8 Update namespace gRPC header reference path
Signed-off-by: Gabriel Dolberg <gbd199@gmail.com>
2024-06-05 21:30:12 +00:00
jingxu.zm 6b225fb414 monitor_notify_by_pid may be blocked by send msg to channel because bounded channel is full(but monitor lock has not be freed), on the other hand,monitor_unsubscribe may block because monitor lock is holded by the monitor_notify_by_pid 2024-06-05 00:35:05 +00:00
Yuhang Wei e69120e6db docs: fix broken links
Signed-off-by: Yuhang Wei <weiyuhang2011@126.com>
2024-05-29 23:33:58 +00:00
zzzzzzzzzy9 dafb1b6735 fix(overlay): If there are a large number of overlay layers, the container cannot be started 2024-05-28 22:14:28 +00:00
jiaxiao zhou 200f788a0d remove parent attribute in tracing macro
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-05-20 19:44:29 +00:00
jiaxiao zhou 1a905f4daf remove instrument proc-macro and use cfg_attr instead
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-05-20 19:44:29 +00:00
jiaxiao zhou 3688bc4a04 make clippy happy
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-05-20 19:44:29 +00:00
jiaxiao zhou cb1e5b1510 conditionally compile tracing behind a feature
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-05-20 19:44:29 +00:00
jiaxiao zhou fee0c653af add tracing macros
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-05-20 19:44:29 +00:00
fcfangcc e4558356cc add comment 2024-05-07 01:51:59 +00:00
fcfangcc 97321c7d56 fixed client if tonic has tls feature 2024-05-07 01:51:59 +00:00
dependabot[bot] 3d7180f85f build(deps): update simple_logger requirement from 4.0 to 5.0
Updates the requirements on [simple_logger](https://github.com/borntyping/rust-simple_logger) to permit the latest version.
- [Release notes](https://github.com/borntyping/rust-simple_logger/releases)
- [Commits](https://github.com/borntyping/rust-simple_logger/compare/v4.0.0...v5.0.0)

---
updated-dependencies:
- dependency-name: simple_logger
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-02 16:52:37 +00:00
Toby Lawrence dcc8e395fd Fix Clippy lint. 2024-04-26 18:30:24 +00:00
Toby Lawrence 74da0e6d59 Fix example to handle decoding event payloads with malformed type URLs. 2024-04-26 18:30:24 +00:00
Toby Lawrence 3d73fd3660 fix formatting 2024-04-26 18:30:24 +00:00
Toby Lawrence 33d4d81850 add unit test + example 2024-04-26 18:30:24 +00:00
Toby Lawrence 4a0f9292c6 Enable type names for Protocol Buffer message types to support Any decoding. 2024-04-26 18:30:24 +00:00
James Sturtevant de245d1c3f Use the correct shell
Signed-off-by: James Sturtevant <jsturtevant@gmail.com>
2024-04-24 22:31:39 +00:00
James Sturtevant 58d43274d7 Unattended install for protoc
Signed-off-by: James Sturtevant <jsturtevant@gmail.com>
2024-04-24 22:31:39 +00:00
James Sturtevant c836f13370 Add support for windows to containerd client
Adds support to containerd client and enables running the examples

Signed-off-by: James Sturtevant <jsturtevant@gmail.com>
2024-04-24 22:31:39 +00:00
James Sturtevant c696ce477d Release fix for cgroup parsing
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-19 21:25:23 +00:00
Jiaxiao Zhou 6b9e5b28be Update crates/shim/src/cgroup.rs
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
Signed-off-by: Jiaxiao Zhou <duibao55328@gmail.com>
2024-03-18 23:27:49 +00:00
jiaxiao zhou 69a7e651ea cargo clippy
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-03-18 23:27:49 +00:00
jiaxiao zhou f4753c3493 fix: make parse_cgroups_v2_path clearer
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-03-18 23:27:49 +00:00
jiaxiao zhou a5613a27df fix: more gracefully handle multiple lines in the cgroups file
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-03-18 23:27:49 +00:00
jiaxiao zhou 85a15724d0 fix(shim): rewrite cgroups v2 parsing logic
this commit rewrites the cgroups v2 parsing logic in get_cgroup function
which is used to fetch stats of a container. The reason for the rewrite
was that in some cases the original logic would panic due to index
of bound for parsing paths like

0::/kubepods-besteffort-pod162385e5_7f69_4c38_ba9c_db0a8f02b35e.slice:cri-containerd:278a0aac1fff30dfbc41b4a32ba9de4519928fe7480213dba87aa1498838ef34

we ran into this issue in deleting a spin container in the spin shim.

the rewrite replaces index access to properly propogate the error to
the caller of the function and added a few unit tests for the parsing logic.

Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2024-03-18 23:27:49 +00:00
James Sturtevant 7591cb8ee7 Mark Error for windows only
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-15 20:37:48 +00:00
James Sturtevant 31c28428d9 Run clippy and tests on sync code in containerd-shim
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-15 20:37:48 +00:00
Maksym Pavlenko 66e513a449 Fix containerd shim
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-03-14 17:32:51 +00:00
James Sturtevant 798ab74d20 Release 0.7.0 of Shim and 0.5.0 of client
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-13 19:20:17 +00:00
James Sturtevant b15a1dd0c9 Transfer ownership of FD
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-12 18:56:40 +00:00
dependabot[bot] d32d023eb3 build(deps): update command-fds requirement from 0.2.1 to 0.3.0
Updates the requirements on [command-fds](https://github.com/google/command-fds) to permit the latest version.
- [Commits](https://github.com/google/command-fds/compare/0.2.1...0.3.0)

---
updated-dependencies:
- dependency-name: command-fds
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-12 18:56:40 +00:00
James Sturtevant 9c375635b6 Remove depreciated functions
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-12 05:03:06 +00:00
dependabot[bot] e76ba41079 build(deps): update nix requirement from 0.27 to 0.28
Updates the requirements on [nix](https://github.com/nix-rust/nix) to permit the latest version.
- [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nix-rust/nix/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: nix
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-12 05:03:06 +00:00
Qiao 21973bd49e add oom monitor for rustshim 2024-03-06 20:29:02 +00:00
James Sturtevant 0e7760806f Use RUST_LOG env to configure logging if present
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2024-03-06 20:28:03 +00:00
Maksym Pavlenko e37e0ac639 Fix windows CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-23 23:03:10 +00:00
Maksym Pavlenko 2b83df8303 Remove ci-windows.yml
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-23 23:03:10 +00:00
Maksym Pavlenko 08c563b51a Consolidate windows and linux CIs
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-23 23:03:10 +00:00
Maksym Pavlenko 84cc3d9f7b
[codecov] Suppress PR comments
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 12:14:10 -08:00
Maksym Pavlenko cc445f54c0 Use wget to download containerd archive
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 17:49:39 +00:00
Maksym Pavlenko af09869cee Patch invalid proto comments
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 17:49:39 +00:00
Maksym Pavlenko 1d819cc0c4 Suppress warnings for generated code
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 17:49:39 +00:00
Maksym Pavlenko b769e85b33 Update vendor
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 17:49:39 +00:00
Maksym Pavlenko 202c785059 Add update vendor script
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-22 17:49:39 +00:00
zhang yu 10307750 3a7b9ce173 feat: set THP_DISABLE=true in shim, and restore it before starting runc
If /sys/kernel/mm/transparent_hugepage/enabled=always, the shim process
will use huge pages, which will consume a lot of memory.

Just like this:
ps -efo pid,rss,comm | grep shim
    PID   RSS COMMAND
   2614  7464 containerd-shim

I don't think shim needs to use huge pages, and if we turn off the huge
pages option, we can save a lot of memory resources.

After we set THP_DISABLE=true:
ps -efo pid,comm,rss
    PID COMMAND           RSS
1629841 containerd-shim  5648

containerd
    |
    |--shim1   --start
        |
        |--shim2    (this shim will on host)
            |
            |--runc create (when containerd send create request by ttrpc)
                |
                |--runc init (this is the pid 1 in container)

    we should set thp_disabled=1 in shim1 --start, because if we set this
    in shim 2, the huge page has been setted while func main() running,
    we set thp_disabled cannot change the setted huge pages.
    So We need to set thp_disabled=1 in shim1 so that shim2 inherits the
    settings of the parent process shim1, and shim2 has closed the
    hugepage when it starts.

    For runc processes, we need to set thp_disabled='before' in shim2 after
    fork() and before execve(). So we use cmd.pre_exec to do this.
2024-02-20 02:43:24 +00:00
dependabot[bot] 1b2a74aa8a build(deps): update tonic requirement from 0.10 to 0.11
Updates the requirements on [tonic](https://github.com/hyperium/tonic) to permit the latest version.
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/tonic/compare/v0.10.0...v0.10.2)

---
updated-dependencies:
- dependency-name: tonic
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-15 21:02:42 +00:00
Maksym Pavlenko 9734a00462 Add job to finalize statuses
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-15 20:33:35 +00:00
Maksym Pavlenko 2d18a663a4 Add 2.0 beta 2 to CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-15 20:33:35 +00:00
Maksym Pavlenko 2e58639737 Update containerd versions on CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-15 20:33:35 +00:00
Maksym Pavlenko 49a4a832c6
Add coverage badge
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-15 12:39:37 -08:00
Maksym Pavlenko cffe94bf0b
Fix coverage CI job
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-02-15 10:09:07 -08:00
dependabot[bot] 2f0ffb98b5 build(deps): update tonic-build requirement from 0.10 to 0.11
Updates the requirements on [tonic-build](https://github.com/hyperium/tonic) to permit the latest version.
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/tonic/compare/v0.10.0...v0.10.2)

---
updated-dependencies:
- dependency-name: tonic-build
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-12 17:27:15 +00:00
BaiQiuLi 3d4de340d8 Fix the issue of process freezing when there is a large amount of sigpipe signals occurring during containerd process restart.
Signed-off-by: BaiQiuLi <bo.qiuli@zte.com.cn>
2024-02-02 16:31:59 +00:00
dependabot[bot] bca3554a52 build(deps): bump codecov/codecov-action from 3 to 4
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 23:45:23 +00:00
Maksym Pavlenko 566ccd336c Run coverage against main branch only
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-01-30 20:32:39 +00:00
Maksym Pavlenko dd07aefac5 Use codecov for tests coverage info
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-01-30 20:32:39 +00:00
Maksym Pavlenko 90e58b7b9f Fix labeler config
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2024-01-08 22:47:51 +00:00
jokemanfire 2236ba39d9 fmt modify 2024-01-03 19:59:52 +00:00
jokemanfire a9f1dcf777 fmt modify 2024-01-03 19:59:52 +00:00
jokemanfire 9675c9a4ab "Subsystem::Mem" add judge for the limit and swap
this error wiil ocurr
in  containerd's TestUpdateContainerResources_MemoryLimit
2024-01-03 19:59:52 +00:00
Andrew Baxter 9ac1f26516 `Runc::state()` returns wrong type with async feature
It's a very small change so I figured it's simpler to open a PR than an issue first.

The sync `state` method returns `Container` but for async returns `Vec<usize>`, and I couldn't locate an explanation for why these might be different so I assume it's a mistake.  From a user perspective too I want Container rather than a usize vec.

Signed-off-by: Andrew Baxter <i@isandrew.com>
2023-12-25 17:56:09 +00:00
dependabot[bot] 0b6ffc3b35 build(deps): bump actions/labeler from 4 to 5
Bumps [actions/labeler](https://github.com/actions/labeler) from 4 to 5.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-16 09:18:55 +00:00
dependabot[bot] d29d91b888 build(deps): bump actions/upload-artifact from 3 to 4
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-16 09:18:34 +00:00
dependabot[bot] 26e4cd56de build(deps): bump actions/github-script from 6 to 7
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-15 22:02:51 +00:00
dependabot[bot] c43b1e4a41 build(deps): update windows-sys requirement from 0.48.0 to 0.52.0
Updates the requirements on [windows-sys](https://github.com/microsoft/windows-rs) to permit the latest version.
- [Release notes](https://github.com/microsoft/windows-rs/releases)
- [Commits](https://github.com/microsoft/windows-rs/compare/0.48.0...0.52.0)

---
updated-dependencies:
- dependency-name: windows-sys
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-15 22:02:09 +00:00
dependabot[bot] db720f3608 build(deps): bump actions/setup-go from 4 to 5
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-15 22:01:32 +00:00
James Sturtevant 9e1c40d634 Bump to recent go version
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-12-15 09:50:10 +00:00
Maksym Pavlenko a003dac568 Fix publisher
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-30 13:32:54 -07:00
James Sturtevant fca511e235 Create v0.6.0 release of containerd-shim and shim-protos
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-30 18:05:57 +00:00
James Sturtevant 74a67025ad use process thread group id for the process
in cgroupv2 we should use the cgroups.proc file when adding a process (https://www.man7.org/linux/man-pages/man7/cgroups.7.html).  The add_tasks function was writing to the cgroup.threads file which is only avaliable when in threaded mode.  In either case our intent is to add the process not the individual threads to we should use add_task_by_tgid. See https://github.com/kata-containers/cgroups-rs/pull/104 for when this was added

Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-25 02:13:26 +00:00
James Sturtevant 11a6559c39 Updates cgroup rs to latest version
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-25 02:13:26 +00:00
Maksym Pavlenko b9a1e14721
Merge pull request #213 from mxpv/ttrpc
Update TTRPC
2023-10-23 09:30:05 -07:00
Maksym Pavlenko 0701d3602a
Update TTRPC
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-19 12:44:58 -07:00
James Sturtevant e31b3c634f fix up windows
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-11 20:13:32 +00:00
James Sturtevant f446bdb64d Add support for structured logging
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-11 20:13:32 +00:00
Maksym Pavlenko 7e7a969e45
Merge pull request #211 from mxpv/nix
Update nix crate to 0.27
2023-10-06 15:57:23 -07:00
Maksym Pavlenko e8ad07d5fd
Update nix crate
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-05 11:37:27 -07:00
Maksym Pavlenko a0e042a46e
Merge pull request #208 from mxpv/docs
Simplify doc management and update READMEs
2023-10-04 11:24:21 -07:00
Maksym Pavlenko 7b69bd68c2
Enable docs feature on CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-04 10:11:42 -07:00
Maksym Pavlenko 85557745e0 Make examples compilable
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-03 20:41:38 -07:00
Maksym Pavlenko e9910f30b8 Simplify doc management
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-03 20:41:38 -07:00
James Sturtevant fd734b4e7a Use format similiar to containerd
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-04 03:40:46 +00:00
James Sturtevant 75d6deeac3 Retry when pipe is busy
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-10-04 03:36:08 +00:00
Maksym Pavlenko b86034092c
Merge pull request #209 from mxpv/ci
Temporarily disable a few more CI tests
2023-10-03 14:51:08 -07:00
Maksym Pavlenko 61f0db613e
Temporarily disable CI tests
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-10-03 09:56:34 -07:00
Maksym Pavlenko 1a181967b6
Merge pull request #181 from jsturtevant/remove-temp-ci-fix
Remove temporary work around and bump containerd versions
2023-09-27 12:21:34 -07:00
James Sturtevant ed4e5e1499 Remove temporary work around and bump containerd versions
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-09-26 22:08:06 +00:00
Bryant Biggs e559735b69 chore: Update `gh` pattern 2023-09-23 04:15:45 +00:00
Bryant Biggs bb6e6b9106 chore: Switch from action to use `gh` CLI 2023-09-23 04:15:45 +00:00
Bryant Biggs 0531ae54e4 ci: Download containerd binaries from GitHub release archives for integration tests 2023-09-23 04:15:45 +00:00
Maksym Pavlenko 38a67acc04
Merge pull request #200 from bryantbiggs/chore/standardize-cargo-files
chore: Standardize Cargo.toml files, enable more workspace dependencies
2023-09-21 16:49:21 -07:00
Bryant Biggs 5e1b7760a1 chore: Standardize Cargo.toml files, enable more workspace dependencies 2023-09-21 13:04:22 -04:00
Bryant Biggs d3088c42ee fix: Use `rfind` to slice string up to last `/` 2023-09-21 16:27:28 +00:00
Bryant Biggs 3489707748 feat: Replace use of regex crate 2023-09-21 16:27:28 +00:00
Bryant Biggs 2c98dae3f1 refactor: Simplify longest common prefix logic 2023-09-21 16:27:28 +00:00
Bryant Biggs 0a5bf7d816 deps: Replace `regex` with the lighter weight `regex-lite` 2023-09-21 16:27:28 +00:00
Bryant Biggs 7e35afe8b5 revert: Update CI versions of containerd since protos are being updated 2023-09-18 21:31:53 +00:00
Bryant Biggs cbc7aeed00 chore: Update CI versions of containerd since protos are being updated 2023-09-18 21:31:53 +00:00
Bryant Biggs 125ad82a43 fix: Remove runtime protos and add streaming and transfer services into build.rs 2023-09-18 21:31:53 +00:00
Bryant Biggs 273b527bd2 fix: Replace tabs with spaces to pass CI 2023-09-18 21:31:53 +00:00
Bryant Biggs 3143c26bd2 feat: Update proto files to latest and remove gogo use 2023-09-18 21:31:53 +00:00
Maksym Pavlenko 3ca32d8135
Merge pull request #199 from mxpv/protobuf
Use shell script to install protobuf
2023-09-18 10:04:56 -07:00
Maksym Pavlenko a664279065
Merge pull request #196 from mxpv/cov
Measure test coverage
2023-09-17 07:55:40 -07:00
Maksym Pavlenko ece06a08be
Use shell script to install protobuf
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-09-16 18:36:04 -07:00
Maksym Pavlenko bef92da237
Measure test coverage
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-09-14 17:52:19 -07:00
Maksym Pavlenko 9388ecf699
Merge pull request #194 from mxpv/prost
Update tonic and prost dependencies
2023-09-08 01:11:52 +00:00
Maksym Pavlenko 8d9e5357f2 Update tonic and prost dependencies 2023-09-07 11:13:03 -07:00
Maksym Pavlenko 14e2f4df66
Merge pull request #190 from mxpv/ci
Pin ttrpc crate to 0.8.0 (fix CI)
2023-09-05 18:36:49 -07:00
Maksym Pavlenko c3999253a1 Fix CI
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-09-05 10:39:25 -07:00
Maksym Pavlenko bc096787b1
Merge pull request #189 from containerd/dependabot/github_actions/actions/checkout-4
build(deps): bump actions/checkout from 3 to 4
2023-09-05 10:13:51 -07:00
dependabot[bot] 7855d51fbd
build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 21:08:45 +00:00
Maksym Pavlenko f95be51638 Fix publish script
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-24 15:00:09 -07:00
Maksym Pavlenko d2049d72bc Fix 'bad substitution' error
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-24 14:41:18 -07:00
Maksym Pavlenko 54383ef2f0 Fix formatting
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-24 14:28:52 -07:00
Maksym Pavlenko 3712b74fde
Merge pull request #182 from mxpv/publish
Automate crates publishing
2023-08-24 14:22:27 -07:00
Maksym Pavlenko fd9cde3d43 Automate crates publishing
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-24 13:36:37 -07:00
Maksym Pavlenko e86cf9082b
Merge pull request #180 from jsturtevant/release-shim
Bump the version for shim protos and containerd-shim
2023-08-24 12:04:22 -07:00
James Sturtevant fd1b235913 Bump the version for shim protos and containerd-shim
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-08-24 16:40:16 +00:00
Maksym Pavlenko 621ebbbe53
Merge pull request #167 from Mossaka/version
feat(runc-shim): add a version flag
2023-08-23 19:07:18 -07:00
jiaxiao zhou deea90ff83
feat(runc-shim): add a version flag
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
2023-08-21 21:45:01 +00:00
Maksym Pavlenko a5a29fc82a
Merge pull request #166 from jsturtevant/use-containerd-release-binary
Use Go version associated with containerd release in CI
2023-08-21 10:04:54 -07:00
Maksym Pavlenko 8590ef8d12
Merge pull request #177 from jsturtevant/fix-update-cgroup-taskupdate
Handle cgroup v1 or v2 to enable resource updates
2023-08-21 09:52:03 -07:00
Maksym Pavlenko 11a1618cdd
Merge pull request #178 from jsturtevant/windows-stats-protogeneration
Add Windows statistics protobuf pacakge
2023-08-21 09:51:00 -07:00
James Sturtevant 2e3b3ef70e Use Go version associated with containerd release
This ensures that there isn't flakes with testing when go version doesn't match the release as experienced in #147

Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-08-21 16:24:00 +00:00
James Sturtevant 3e7647d620 Handle cgroup v1 or v2 to enable resource updates
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-08-21 16:19:34 +00:00
James Sturtevant 8fde77f1c8 Add Windows statistics protobuf pacakge
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-08-21 16:18:44 +00:00
Maksym Pavlenko a80d2dfe51 Fix windows labeler
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-21 09:09:24 -07:00
Maksym Pavlenko 0adc36d012
Merge pull request #173 from mxpv/review
MAINTAINERS : Add James Sturtevant to reviewers
2023-08-21 08:57:41 -07:00
Maksym Pavlenko d3e1b46182
Merge pull request #179 from jsturtevant/temp-ci-fix
Fix nightly CI and Pull Request CI
2023-08-21 08:56:44 -07:00
James Sturtevant c7d813440c Testing CI
Signed-off-by: James Sturtevant <jstur@microsoft.com>
2023-08-19 00:24:39 +00:00
Maksym Pavlenko 0659a93663
Bump snapshots to 0.3.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-10 15:09:05 -07:00
Maksym Pavlenko bd4333e74d Add James Sturtevant to reviewers
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2023-08-10 10:50:35 -07:00
192 changed files with 9650 additions and 2827 deletions

42
.github/labeler.yml vendored
View File

@ -2,18 +2,38 @@
# `C-` project crate(s) affected.
# `T-` change type (CI, docs, etc).
C-client: crates/client/**
C-logging: crates/logging/**
C-runc: crates/runc/**
C-runc-shim: crates/runc-shim/**
C-shim: crates/shim/**
C-shim-protos: crates/shim-protos/**
C-snapshots: crates/snapshots/**
C-client:
- changed-files:
- any-glob-to-any-file: crates/client/**
C-logging:
- changed-files:
- any-glob-to-any-file: crates/logging/**
C-runc:
- changed-files:
- any-glob-to-any-file: crates/runc/**
C-runc-shim:
- changed-files:
- any-glob-to-any-file: crates/runc-shim/**
C-shim:
- changed-files:
- any-glob-to-any-file: crates/shim/**
C-shim-protos:
- changed-files:
- any-glob-to-any-file: crates/shim-protos/**
C-snapshots:
- changed-files:
- any-glob-to-any-file: crates/snapshots/**
T-CI:
- '.github/**'
- '*.toml'
- changed-files:
- any-glob-to-any-file: [".github/**", "*.toml"]
T-docs:
- '**/*.md'
- changed-files:
- any-glob-to-any-file: "**/*.md"

View File

@ -1,101 +0,0 @@
name: CI-windows
on:
pull_request:
push:
schedule:
- cron: '0 0 * * *' # Every day at midnight
jobs:
checks:
name: Checks
runs-on: ${{ matrix.os }}
timeout-minutes: 20
strategy:
matrix:
os: [windows-latest]
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- run: cargo check --examples --tests -p containerd-shim -p containerd-shim-protos
- run: rustup toolchain install nightly --component rustfmt
- run: cargo +nightly fmt -p containerd-shim -p containerd-shim-protos -- --check --files-with-diff
- run: cargo clippy -p containerd-shim -p containerd-shim-protos -- -D warnings
- run: cargo doc --no-deps -p containerd-shim -p containerd-shim-protos
env:
RUSTDOCFLAGS: -Dwarnings
tests:
name: Tests
runs-on: ${{ matrix.os }}
timeout-minutes: 15
strategy:
matrix:
os: [windows-latest]
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Tests
run: |
cargo test -p containerd-shim -p containerd-shim-protos
integration:
name: Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [windows-latest]
containerd: [1.7.0]
steps:
- name: Checkout extensions
uses: actions/checkout@v3
- name: Install containerd
run: |
$ErrorActionPreference = "Stop"
# Install containerd https://github.com/containerd/containerd/blob/v1.7.0/docs/getting-started.md#installing-containerd-on-windows
# Download and extract desired containerd Windows binaries
curl.exe -L https://github.com/containerd/containerd/releases/download/v${{ matrix.containerd }}/containerd-${{ matrix.containerd }}-windows-amd64.tar.gz -o containerd-windows-amd64.tar.gz
tar.exe xvf .\containerd-windows-amd64.tar.gz
# Copy and configure
mkdir "$Env:ProgramFiles\containerd"
Copy-Item -Path ".\bin\*" -Destination "$Env:ProgramFiles\containerd" -Recurse -Force
cd $Env:ProgramFiles\containerd\
.\containerd.exe config default | Out-File config.toml -Encoding ascii
# Review the configuration. Depending on setup you may want to adjust:
# - the sandbox_image (Kubernetes pause image)
# - cni bin_dir and conf_dir locations
Get-Content config.toml
# Register and start service
.\containerd.exe --register-service
Start-Service containerd
working-directory: ${{ runner.temp }}
- name: Run integration test
run: |
$ErrorActionPreference = "Stop"
get-service containerd
$env:TTRPC_ADDRESS="\\.\pipe\containerd-containerd.ttrpc"
# run the example
cargo run -p containerd-shim --example skeleton -- -namespace default -id 1234 -address "\\.\pipe\containerd-containerd" -publish-binary ./bin/containerd start
ps skeleton
cargo run -p containerd-shim-protos --example shim-proto-connect \\.\pipe\containerd-shim-17630016127144989388-pipe
$skeleton = get-process skeleton -ErrorAction SilentlyContinue
if ($skeleton) { exit 1 }

View File

@ -17,20 +17,52 @@ jobs:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- run: cargo check --examples --tests --all-targets
- run: cargo check --examples --tests --all-targets --all-features
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: rustup toolchain install nightly --component rustfmt
- run: cargo +nightly fmt --all -- --check --files-with-diff
- run: cargo +nightly fmt --all -- --check
# the "runc" and "containerd-shim" crates have `sync` code that is not covered by the workspace
- run: cargo check -p runc --all-targets
- run: cargo clippy -p runc --all-targets -- -D warnings
- run: cargo check -p containerd-shim --all-targets
- run: cargo clippy -p containerd-shim --all-targets -- -D warnings
# check the workspace
- run: cargo check --examples --tests --all-targets
- run: cargo check --examples --tests --all-targets --all-features
- run: cargo clippy --all-targets -- -D warnings
- run: cargo clippy --all-targets --all-features -- -D warnings
- run: cargo doc --no-deps
- run: cargo doc --no-deps --features docs
env:
RUSTDOCFLAGS: -Dwarnings
- name: check unused dependencies
uses: bnjbvr/cargo-machete@v0.8.0
env:
RUSTUP_TOOLCHAIN: "stable"
# TODO: Merge this with the checks job above
windows-checks:
name: Windows Checks
runs-on: windows-latest
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: cargo check --examples --tests -p containerd-shim -p containerd-shim-protos -p containerd-client
- run: rustup toolchain install nightly --component rustfmt
- run: cargo +nightly fmt -p containerd-shim -p containerd-shim-protos -p containerd-client -- --check
- run: cargo clippy -p containerd-shim -p containerd-shim-protos -- -D warnings
- run: cargo doc --no-deps -p containerd-shim -p containerd-shim-protos -p containerd-client
env:
RUSTDOCFLAGS: -Dwarnings
@ -41,23 +73,27 @@ jobs:
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- env:
# runc::tests::test_exec needs $XDG_RUNTIME_DIR to be set
XDG_RUNTIME_DIR: /tmp/dummy-xdr
run: |
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: |
# runc-shim::cgroup::test_add_cgroup needs root permission to set cgroup
mkdir -p /tmp/dummy-xdr
export PROTOC=$(which protoc)
sudo -E $(command -v cargo) test
sudo -E $(command -v cargo) test --all-features
# the shim has sync code that is not covered when running with --all-features
sudo -E $(command -v cargo) test -p containerd-shim
if: ${{ !contains(matrix.os, 'windows') }}
env:
# runc::tests::test_exec needs $XDG_RUNTIME_DIR to be set
XDG_RUNTIME_DIR: /tmp/dummy-xdr
- run: cargo test -p containerd-shim -p containerd-shim-protos -p containerd-client
if: ${{ contains(matrix.os, 'windows') }}
# Collect build timings
# See https://blog.rust-lang.org/2022/04/07/Rust-1.60.0.html#cargo---timings
timings:
@ -66,14 +102,13 @@ jobs:
timeout-minutes: 15
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: cargo build --all-features --timings
- uses: actions/upload-artifact@v3
- uses: actions/upload-artifact@v4
with:
name: cargo-timing
name: timings
path: target/cargo-timings/cargo-timing.html
if-no-files-found: error
@ -83,60 +118,141 @@ jobs:
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@v1
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
integration:
name: Integration
linux-integration:
name: Linux Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [ubuntu-20.04, ubuntu-22.04]
containerd: [v1.6.21, v1.7.1]
os: [ubuntu-latest]
containerd: [v1.6.38, v1.7.27, v2.1.1]
steps:
- name: Checkout extensions
uses: actions/checkout@v3
uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.20.4'
- name: Download containerd archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release download ${{ matrix.containerd }} \
--repo containerd/containerd \
--pattern 'containerd-1.*-linux-amd64.tar.gz' \
--pattern 'containerd-2.*-linux-amd64.tar.gz' \
--output containerd.tar.gz
- name: Extract containerd binaries to $HOME/.local/bin
run: |
mkdir -p $HOME/.local/bin
echo "$HOME/.local/bin" >> $GITHUB_PATH
tar -xf containerd.tar.gz -C $HOME/.local
- name: Checkout containerd
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: containerd/containerd
path: src/github.com/containerd/containerd
ref: ${{ matrix.containerd }}
- name: Install containerd
env:
GOFLAGS: -modcacherw
CGO_ENABLED: 1
run: |
# Install containerd dependencies first
sudo apt-get install -y gperf
sudo -E PATH=$PATH script/setup/install-seccomp
sudo -E PATH=$PATH script/setup/install-runc
sudo -E PATH=$PATH script/setup/install-cni $(grep containernetworking/plugins go.mod | awk '{print $2}')
# Install containerd
make bin/containerd GO_BUILD_FLAGS="-mod=vendor" BUILDTAGS="no_btrfs no_devmapper"
sudo -E PATH=$PATH install bin/containerd /usr/local/bin/
working-directory: src/github.com/containerd/containerd
- name: Install shim
run: |
cargo build --release --bin containerd-shim-runc-v2-rs
sudo install -D ./target/release/containerd-shim-runc-v2-rs /usr/local/bin/
## get latest go version for integrations tests so we can skip runnings tests
- uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: Integration
env:
GOPROXY: direct
TEST_RUNTIME: "io.containerd.runc.v2-rs"
TESTFLAGS_PARALLEL: 1
EXTRA_TESTFLAGS: "-no-criu -test.skip='(TestContainerPTY|TestContainerExecLargeOutputWithTTY|TestTaskUpdate|TestTaskResize)'"
EXTRA_TESTFLAGS: "-no-criu -test.skip='(TestContainerPTY|TestContainerExecLargeOutputWithTTY|TestTaskUpdate|TestTaskResize|TestContainerAttach|TestContainerAttachProcess|TestRuntimeInfo)'"
TESTFLAGS_RACE: "-race"
run: sudo -E PATH=$PATH make integration
# Pretend crun for now, remove after https://github.com/containerd/containerd/pull/9829
RUNC_FLAVOR: "crun"
run: |
sudo -E PATH=$PATH make integration
working-directory: src/github.com/containerd/containerd
windows-integration:
name: Windows Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [windows-latest]
containerd: [1.7.0]
steps:
- name: Checkout extensions
uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- name: Install containerd
run: |
$ErrorActionPreference = "Stop"
# Install containerd https://github.com/containerd/containerd/blob/v1.7.0/docs/getting-started.md#installing-containerd-on-windows
# Download and extract desired containerd Windows binaries
curl.exe -L https://github.com/containerd/containerd/releases/download/v${{ matrix.containerd }}/containerd-${{ matrix.containerd }}-windows-amd64.tar.gz -o containerd-windows-amd64.tar.gz
tar.exe xvf .\containerd-windows-amd64.tar.gz
# Copy and configure
mkdir "$Env:ProgramFiles\containerd"
Copy-Item -Path ".\bin\*" -Destination "$Env:ProgramFiles\containerd" -Recurse -Force
cd $Env:ProgramFiles\containerd\
.\containerd.exe config default | Out-File config.toml -Encoding ascii
# Review the configuration. Depending on setup you may want to adjust:
# - the sandbox_image (Kubernetes pause image)
# - cni bin_dir and conf_dir locations
Get-Content config.toml
# Register and start service
.\containerd.exe --register-service
Start-Service containerd
working-directory: ${{ runner.temp }}
- name: Run integration test
run: |
$ErrorActionPreference = "Stop"
get-service containerd
$env:TTRPC_ADDRESS="\\.\pipe\containerd-containerd.ttrpc"
# run the example
cargo run -p containerd-shim --example skeleton -- -namespace default -id 1234 -address "\\.\pipe\containerd-containerd" -publish-binary ./bin/containerd start
ps skeleton
cargo run -p containerd-shim-protos --example shim-proto-connect \\.\pipe\containerd-shim-bc764c65e177434fcefe8257dc440be8b8acf7c96156320d965938f7e9ae1a35-pipe
$skeleton = get-process skeleton -ErrorAction SilentlyContinue
if ($skeleton) { exit 1 }
- name: Run client
run: |
$ErrorActionPreference = "Stop"
get-service containerd
cargo run -p containerd-client --example version
# Currently Github actions UI supports no masks to mark matrix jobs as required to pass status checks.
# This means that every time version of Go, containerd, or OS is changed, a corresponding job should
# be added to the list of required checks. Which is not very convenient.
# To workaround this, a special job is added to report statuses of all other jobs, with fixed title.
# So it needs to be added to the list of required checks only once.
#
# See https://github.com/orgs/community/discussions/26822
results:
name: Report required job statuses
runs-on: ubuntu-latest
# List job dependencies which are required to pass status checks in order to be merged via merge queue.
needs: [checks, windows-checks, tests, deny, linux-integration, windows-integration]
if: ${{ always() }}
steps:
- run: exit 1
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}

60
.github/workflows/cover.yml vendored Normal file
View File

@ -0,0 +1,60 @@
name: Coverage
on:
push:
branches: "main"
pull_request:
branches: "main"
jobs:
coverage:
name: Collect
runs-on: ubuntu-latest
timeout-minutes: 15
permissions:
statuses: write
steps:
- uses: actions/checkout@v4
- run: |
sudo apt-get install protobuf-compiler
- name: Install grcov
run: |
cargo install --locked grcov@0.8.24
grcov --version
- name: Tests
env:
RUSTFLAGS: "-Cinstrument-coverage"
LLVM_PROFILE_FILE: "target/coverage/%p-%m.profraw"
run: |
sudo -E $(command -v cargo) test --all-features
# Fix permissions after sudo.
sudo chown -R $(whoami) target/coverage/
- name: Collect coverage data
run: |
grcov . \
--source-dir . \
--binary-path ./target/debug/ \
--branch \
--ignore-not-existing \
--output-types markdown,lcov \
--keep-only 'crates/*' \
--output-path ./target/coverage/
- name: Upload coverage data
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: unittests
files: ./target/coverage/lcov
verbose: true
- name: Publish job summary
run: |
echo "# Coverage" >> $GITHUB_STEP_SUMMARY
cat target/coverage/markdown.md >> $GITHUB_STEP_SUMMARY

View File

@ -16,10 +16,10 @@ jobs:
# Required by gh
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ github.event.number }}
PR_URL: ${{ github.event.pull_request.html_url }}
steps:
- uses: actions/labeler@v4
- uses: actions/labeler@v5
with:
# Auto-include paths starting with dot (e.g. .github)
dot: true
@ -27,5 +27,5 @@ jobs:
sync-labels: true
# Apply OS-windows label if PR title contains 'Windows'
- run: gh pr edit $PR_NUMBER --add-label OS-windows
- run: gh pr edit $PR_URL --add-label OS-windows
if: contains(github.event.pull_request.title, 'Windows')

70
.github/workflows/publish.yml vendored Normal file
View File

@ -0,0 +1,70 @@
# Automates crate publishing
# - Submit a PR to bump crate version.
# - Specify crate to publish from the menu.
# - Launch the job:
# + The job will extract version from Cargo.toml
# + Will publish to crates.io
# + Will add and push a git tag "<crate>-v<version>"
name: Release
on:
workflow_dispatch:
inputs:
crate:
description: 'Crate to publish'
required: true
type: choice
options:
- client
- logging
- runc
- runc-shim
- shim
- shim-protos
- snapshots
dryrun:
description: 'Dry run'
required: false
type: boolean
default: false
jobs:
publish:
name: 'Publish ${{ inputs.crate }}'
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
contents: write
env:
CARGO_FILE: "crates/${{ inputs.crate }}/Cargo.toml"
steps:
- uses: actions/checkout@v4
- name: Extract package version
id: extract_version
run: |
cargo generate-lockfile
echo "version=$(cargo pkgid --manifest-path $CARGO_FILE | sed 's/.*@//')" >> $GITHUB_OUTPUT
- name: Install protobuf
run: |
sudo apt update
sudo apt install protobuf-compiler
- name: Publish on crates.io
run: cargo publish $DRYRUN --manifest-path $CARGO_FILE
env:
DRYRUN: ${{ inputs.dryrun && '--dry-run' || '' }}
CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
- name: Push version tag
if: ${{ !inputs.dryrun }}
env:
TAG: "${{ inputs.crate }}-v${{ steps.extract_version.outputs.version }}"
run: |
git tag $TAG
git push origin $TAG

36
.github/workflows/stale.yml vendored Normal file
View File

@ -0,0 +1,36 @@
name: 'Close stale issues and PRs'
on:
schedule:
- cron: "0 0 * * *" # Every day at midnight
pull_request:
paths:
- '.github/workflows/stale.yml'
permissions: read-all
jobs:
stale:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
# All stale bot options: https://github.com/actions/stale#all-options
with:
# Idle number of days before marking issues/PRs stale
days-before-stale: 90
# Idle number of days before closing stale issues/PRs
days-before-close: 7
# Comment on the staled issues
stale-issue-message: 'This issue is stale because it has been open 90 days with no activity. This issue will be closed in 7 days unless new comments are made or the stale label is removed.'
# Comment on the staled PRs
stale-pr-message: 'This PR is stale because it has been open 90 days with no activity. This PR will be closed in 7 days unless new comments are made or the stale label is removed.'
# Comment on the staled issues while closed
close-issue-message: 'This issue was closed because it has been stalled for 7 days with no activity.'
# Comment on the staled PRs while closed
close-pr-message: 'This PR was closed because it has been stalled for 7 days with no activity.'
# Enable dry-run when changing this file from a PR.
debug-only: github.event_name == 'pull_request'

View File

@ -1,13 +1,14 @@
[workspace]
members = [
"crates/client",
"crates/logging",
"crates/shim-protos",
"crates/shim",
"crates/snapshots",
"crates/runc",
"crates/runc-shim",
"crates/client",
"crates/logging",
"crates/runc",
"crates/runc-shim",
"crates/shim",
"crates/shim-protos",
"crates/snapshots",
]
resolver = "2"
[profile.release]
# Keep binary as small as possible
@ -24,14 +25,27 @@ edition = "2021"
# Common dependencies for all crates
[workspace.dependencies]
tokio = "1.26"
tower = "0.4"
tonic = "0.9.2"
tonic-build = "0.9.2"
prost = "0.11"
prost-types = "0.11"
async-trait = "0.1.52"
cgroups-rs = "0.3.4"
crossbeam = "0.8.1"
futures = "0.3.19"
libc = "0.2.112"
log = {version = "0.4.2", features=["kv_unstable"]}
nix = "0.29"
oci-spec = "0.7"
os_pipe = "1.1"
prctl = "1.0.0"
prost = "0.13"
prost-build = "0.13"
prost-types = "0.13"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
simple_logger = { version = "5.0", default-features = false }
tempfile = "3.6"
thiserror = "2.0"
time = { version = "0.3.29", features = ["serde", "std", "formatting"] }
tokio = "1.26"
tonic = "0.13"
tonic-build = "0.13"
tower = "0.5"
uuid = { version = "1.0", features = ["v4"] }

View File

@ -7,3 +7,6 @@
# REVIEWERS
# GitHub ID, Name, Email address
"Burning1020","Zhang Tianyang","burning9699@gmail.com"
"jsturtevant","James Sturtevant","jstur@microsoft.com"
"mossaka","Jiaxiao Zhou","jiazho@microsoft.com"

View File

@ -1,6 +1,7 @@
# Rust extensions for containerd
[![CI](https://github.com/mxpv/shim-rs/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/mxpv/shim-rs/actions/workflows/ci.yml)
[![codecov](https://codecov.io/gh/containerd/rust-extensions/graph/badge.svg?token=VPUPN3MOFX)](https://codecov.io/gh/containerd/rust-extensions)
[![Crates.io](https://img.shields.io/crates/l/containerd-client)](https://github.com/containerd/rust-extensions/blob/main/LICENSE)
[![dependency status](https://deps.rs/repo/github/containerd/rust-extensions/status.svg)](https://deps.rs/repo/github/containerd/rust-extensions)

1
codecov.yml Normal file
View File

@ -0,0 +1 @@
comment: false

View File

@ -1,9 +1,9 @@
[package]
name = "containerd-client"
version = "0.4.0"
version = "0.8.0"
authors = [
"Maksym Pavlenko <pavlenko.maksym@gmail.com>",
"The containerd Authors",
"Maksym Pavlenko <pavlenko.maksym@gmail.com>",
"The containerd Authors",
]
description = "GRPC bindings to containerd APIs"
keywords = ["containerd", "client", "grpc", "containers"]
@ -14,21 +14,41 @@ license.workspace = true
repository.workspace = true
homepage.workspace = true
[[example]]
name = "container"
path = "examples/container.rs"
[[example]]
name = "version"
path = "examples/version.rs"
[dependencies]
tonic.workspace = true
hyper-util = "0.1.6" # https://github.com/hyperium/hyper/issues/3110
prost.workspace = true
prost-types.workspace = true
tokio = { workspace = true, optional = true }
tonic.workspace = true
tower = { workspace = true, optional = true }
[build-dependencies]
tonic-build.workspace = true
prost-build.workspace = true
[dev-dependencies]
tokio = { workspace = true, features = ["rt", "macros"]}
[features]
connect = ["tokio", "tower"]
docs = []
# Technically Tonic doesn't require Tokio and Tower dependencies here.
# However we need them to implement `connect` helper and it's highly unlikely
# that Tonic will be used with any other async runtime (see https://github.com/hyperium/tonic/issues/152)
# So we enable `connect` feature by default (use `--no-default-features` otherwise).
default = ["connect"]
[package.metadata.docs.rs]
features = ["docs"]
[package.metadata.cargo-machete]
ignored = ["prost"]

View File

@ -9,12 +9,18 @@ This crate implements a GRPC client to query containerd APIs.
## Example
Run with `cargo run --example version`
```rust
// Launch containerd at /run/containerd/containerd.sock
let channel = connect("/run/containerd/containerd.sock").await?;
use containerd_client::{connect, services::v1::version_client::VersionClient};
let mut client = VersionClient::new(channel);
let resp = client.version(()).await?;
async fn query_version() {
// Launch containerd at /run/containerd/containerd.sock
let channel = connect("/run/containerd/containerd.sock").await.unwrap();
println!("Response: {:?}", resp.get_ref());
let mut client = VersionClient::new(channel);
let resp = client.version(()).await.unwrap();
println!("Response: {:?}", resp.get_ref());
}
```

View File

@ -24,6 +24,11 @@ const PROTO_FILES: &[&str] = &[
"vendor/github.com/containerd/containerd/api/types/platform.proto",
"vendor/github.com/containerd/containerd/api/types/sandbox.proto",
"vendor/github.com/containerd/containerd/api/types/task/task.proto",
"vendor/github.com/containerd/containerd/api/types/transfer/imagestore.proto",
"vendor/github.com/containerd/containerd/api/types/transfer/importexport.proto",
"vendor/github.com/containerd/containerd/api/types/transfer/progress.proto",
"vendor/github.com/containerd/containerd/api/types/transfer/registry.proto",
"vendor/github.com/containerd/containerd/api/types/transfer/streaming.proto",
// Services
"vendor/github.com/containerd/containerd/api/services/containers/v1/containers.proto",
"vendor/github.com/containerd/containerd/api/services/content/v1/content.proto",
@ -35,8 +40,10 @@ const PROTO_FILES: &[&str] = &[
"vendor/github.com/containerd/containerd/api/services/namespaces/v1/namespace.proto",
"vendor/github.com/containerd/containerd/api/services/sandbox/v1/sandbox.proto",
"vendor/github.com/containerd/containerd/api/services/snapshots/v1/snapshots.proto",
"vendor/github.com/containerd/containerd/api/services/version/v1/version.proto",
"vendor/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto",
"vendor/github.com/containerd/containerd/api/services/tasks/v1/tasks.proto",
"vendor/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto",
"vendor/github.com/containerd/containerd/api/services/version/v1/version.proto",
// Events
"vendor/github.com/containerd/containerd/api/events/container.proto",
"vendor/github.com/containerd/containerd/api/events/content.proto",
@ -53,12 +60,19 @@ const FIXUP_MODULES: &[&str] = &[
"containerd.services.sandbox.v1",
"containerd.services.snapshots.v1",
"containerd.services.tasks.v1",
"containerd.services.containers.v1",
"containerd.services.content.v1",
"containerd.services.events.v1",
];
fn main() {
let mut config = prost_build::Config::new();
config.protoc_arg("--experimental_allow_proto3_optional");
config.enable_type_names();
tonic_build::configure()
.build_server(false)
.compile(PROTO_FILES, &["vendor/"])
.compile_protos_with_config(config, PROTO_FILES, &["vendor/"])
.expect("Failed to generate GRPC bindings");
for module in FIXUP_MODULES {
@ -83,8 +97,16 @@ fn fixup_imports(path: &str) -> Result<(), io::Error> {
let contents = fs::read_to_string(&path)?
.replace("super::super::super::v1::types", "crate::types::v1") // for tasks service
.replace("super::super::super::super::types", "crate::types")
.replace("super::super::super::types", "crate::types")
.replace("super::super::super::super::google", "crate::google");
.replace("super::super::super::super::google", "crate::google")
.replace(
"/// filters\\[0\\] or filters\\[1\\] or ... or filters\\[n-1\\] or filters\\[n\\]",
r#"
/// ```notrust
/// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
/// ```"#,
);
fs::write(path, contents)?;
Ok(())
}

View File

@ -0,0 +1,92 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
use client::{
events::{ContainerCreate, ContainerDelete},
services::v1::{events_client::EventsClient, SubscribeRequest},
};
use containerd_client as client;
/// Make sure you run containerd before running this example.
#[tokio::main(flavor = "current_thread")]
async fn main() {
let channel = client::connect("/run/containerd/containerd.sock")
.await
.expect("Connect Failed");
let mut client = EventsClient::new(channel.clone());
let request = SubscribeRequest::default();
let mut response = client
.subscribe(request)
.await
.expect("failed to subscribe to events")
.into_inner();
loop {
match response.message().await {
Ok(event) => {
if let Some(event) = event {
match event.topic.as_str() {
"/containers/create" => {
if let Some(mut payload) = event.event {
// Containerd doesn't send event payloads with a leading slash on the type URL, which is
// required by the `Any` type specification. We add it manually here so that `prost` can
// properly decode the payload.
if !payload.type_url.starts_with('/') {
payload.type_url.insert(0, '/');
}
let payload: ContainerCreate = payload
.to_msg()
.expect("failed to parse ContainerCreate payload");
println!(
"container created: id={} payload={:?}",
payload.id, payload
);
}
}
"/containers/delete" => {
if let Some(mut payload) = event.event {
// Containerd doesn't send event payloads with a leading slash on the type URL, which is
// required by the `Any` type specification. We add it manually here so that `prost` can
// properly decode the payload.
if !payload.type_url.starts_with('/') {
payload.type_url.insert(0, '/');
}
let payload: ContainerDelete = payload
.to_msg()
.expect("failed to parse ContainerDelete payload");
println!(
"container deleted: id={} payload={:?}",
payload.id, payload
);
}
}
_ => {}
}
}
}
Err(e) => {
eprintln!("error while streaming events: {:?}", e);
break;
}
}
}
}

View File

@ -0,0 +1,91 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
use std::env::consts;
use client::{
services::v1::{transfer_client::TransferClient, TransferOptions, TransferRequest},
to_any,
types::{
transfer::{ImageStore, OciRegistry, UnpackConfiguration},
Platform,
},
with_namespace,
};
use containerd_client as client;
use tonic::Request;
const IMAGE: &str = "docker.io/library/alpine:latest";
const NAMESPACE: &str = "default";
/// Make sure you run containerd before running this example.
/// NOTE: to run this example, you must prepare a rootfs.
#[tokio::main(flavor = "current_thread")]
async fn main() {
let arch = match consts::ARCH {
"x86_64" => "amd64",
"aarch64" => "arm64",
_ => consts::ARCH,
};
let channel = client::connect("/run/containerd/containerd.sock")
.await
.expect("Connect Failed");
let mut client = TransferClient::new(channel.clone());
// Create the source (OCIRegistry)
let source = OciRegistry {
reference: IMAGE.to_string(),
resolver: Default::default(),
};
let platform = Platform {
os: "linux".to_string(),
architecture: arch.to_string(),
variant: "".to_string(),
os_version: "".to_string(),
};
// Create the destination (ImageStore)
let destination = ImageStore {
name: IMAGE.to_string(),
platforms: vec![platform.clone()],
unpacks: vec![UnpackConfiguration {
platform: Some(platform),
..Default::default()
}],
..Default::default()
};
let anys = to_any(&source);
let anyd = to_any(&destination);
println!("Pulling image for linux/{} from source: {:?}", arch, source);
// Create the transfer request
let request = TransferRequest {
source: Some(anys),
destination: Some(anyd),
options: Some(TransferOptions {
..Default::default()
}),
};
// Execute the transfer (pull)
client
.transfer(with_namespace!(request, NAMESPACE))
.await
.expect("unable to transfer image");
}

View File

@ -155,4 +155,4 @@
"/proc/sysrq-trigger"
]
}
}
}

View File

@ -19,9 +19,13 @@ use containerd_client::Client;
/// Make sure you run containerd before running this example.
#[tokio::main(flavor = "current_thread")]
async fn main() {
let client = Client::from_path("/var/run/containerd/containerd.sock")
.await
.expect("Connect failed");
#[cfg(unix)]
let path = "/var/run/containerd/containerd.sock";
#[cfg(windows)]
let path = r"\\.\pipe\containerd-containerd";
let client = Client::from_path(path).await.expect("Connect failed");
let resp = client
.version()

5
crates/client/rsync.txt Normal file
View File

@ -0,0 +1,5 @@
api/events/*.proto
api/services/**/*.proto
api/types/*.proto
api/types/**/*.proto
protobuf/plugin/fieldpath.proto

View File

@ -14,12 +14,11 @@
limitations under the License.
*/
#![cfg_attr(feature = "docs", doc = include_str!("../README.md"))]
// No way to derive Eq with tonic :(
// See https://github.com/hyperium/tonic/issues/1056
#![allow(clippy::derive_partial_eq_without_eq)]
//! A GRPC client to query containerd's API.
pub use tonic;
/// Generated `containerd.types` types.
@ -29,6 +28,9 @@ pub mod types {
pub mod v1 {
tonic::include_proto!("containerd.v1.types");
}
pub mod transfer {
tonic::include_proto!("containerd.types.transfer");
}
}
/// Generated `google.rpc` types, containerd services typically use some of these types.
@ -40,6 +42,9 @@ pub mod google {
/// Generated `containerd.services.*` services.
pub mod services {
#[allow(clippy::tabs_in_doc_comments)]
#[allow(rustdoc::invalid_rust_codeblocks)]
#[allow(rustdoc::invalid_html_tags)]
pub mod v1 {
tonic::include_proto!("containerd.services.containers.v1");
tonic::include_proto!("containerd.services.content.v1");
@ -49,7 +54,9 @@ pub mod services {
tonic::include_proto!("containerd.services.introspection.v1");
tonic::include_proto!("containerd.services.leases.v1");
tonic::include_proto!("containerd.services.namespaces.v1");
tonic::include_proto!("containerd.services.streaming.v1");
tonic::include_proto!("containerd.services.tasks.v1");
tonic::include_proto!("containerd.services.transfer.v1");
// Sandbox services (Controller and Store) don't make it clear that they are for sandboxes.
// Wrap these into a sub module to make the names more clear.
@ -73,36 +80,67 @@ pub mod events {
/// Connect creates a unix channel to containerd GRPC socket.
///
/// This helper inteded to be used in conjuction with [Tokio](https://tokio.rs) runtime.
/// This helper intended to be used in conjunction with [Tokio](https://tokio.rs) runtime.
#[cfg(feature = "connect")]
pub async fn connect(
path: impl AsRef<std::path::Path>,
) -> Result<tonic::transport::Channel, tonic::transport::Error> {
use tokio::net::UnixStream;
use tonic::transport::Endpoint;
let path = path.as_ref().to_path_buf();
// Taken from https://github.com/hyperium/tonic/commit/b90c3408001f762a32409f7e2cf688ebae39d89e#diff-f27114adeedf7b42e8656c8a86205685a54bae7a7929b895ab62516bdf9ff252R15
let channel = Endpoint::try_from("https://[::]")
.unwrap()
// Taken from https://github.com/hyperium/tonic/blob/71fca362d7ffbb230547f23b3f2fb75c414063a8/examples/src/uds/client.rs#L21-L28
// There will ignore this uri because uds do not use it
// and make connection with UnixStream::connect.
let channel = Endpoint::try_from("http://[::]")?
.connect_with_connector(tower::service_fn(move |_| {
UnixStream::connect(path.clone())
let path = path.clone();
async move {
#[cfg(unix)]
{
Ok::<_, std::io::Error>(hyper_util::rt::TokioIo::new(
tokio::net::UnixStream::connect(path).await?,
))
}
#[cfg(windows)]
{
let client = tokio::net::windows::named_pipe::ClientOptions::new()
.open(&path)
.map_err(|e| std::io::Error::from(e))?;
Ok::<_, std::io::Error>(hyper_util::rt::TokioIo::new(client))
}
}
}))
.await?;
Ok(channel)
}
use prost::{Message, Name};
use prost_types::Any;
// to_any provides a helper to match the current use of the protobuf "fullname" trait
// in the Go code on the gRPC server side in containerd when handling matching of Any
// types to registered types on the server. Further discussion on future direction
// of typeurl in this issue: https://github.com/containerd/rust-extensions/issues/362
pub fn to_any<T: Message + Name>(m: &T) -> Any {
let mut anyt = Any::from_msg(m).unwrap();
anyt.type_url = T::full_name();
anyt
}
/// Help to inject namespace into request.
///
/// To use this macro, the `tonic::Request` is needed.
#[macro_export]
macro_rules! with_namespace {
($req : ident, $ns: expr) => {{
($req:expr, $ns:expr) => {{
let mut req = Request::new($req);
let md = req.metadata_mut();
// https://github.com/containerd/containerd/blob/main/namespaces/grpc.go#L27
// https://github.com/containerd/containerd/blob/main/pkg/namespaces/grpc.go#L27
md.insert("containerd-namespace", $ns.parse().unwrap());
req
}};
@ -119,7 +157,9 @@ use services::v1::{
namespaces_client::NamespacesClient,
sandbox::{controller_client::ControllerClient, store_client::StoreClient},
snapshots::snapshots_client::SnapshotsClient,
streaming_client::StreamingClient,
tasks_client::TasksClient,
transfer_client::TransferClient,
version_client::VersionClient,
};
use tonic::transport::{Channel, Error};
@ -161,12 +201,24 @@ impl Client {
TasksClient::new(self.channel())
}
/// Transfer service client.
#[inline]
pub fn transfer(&self) -> TransferClient<Channel> {
TransferClient::new(self.channel())
}
/// Sandbox store client.
#[inline]
pub fn sandbox_store(&self) -> StoreClient<Channel> {
StoreClient::new(self.channel())
}
/// Streaming services client.
#[inline]
pub fn streaming(&self) -> StreamingClient<Channel> {
StreamingClient::new(self.channel())
}
/// Sandbox controller client.
#[inline]
pub fn sandbox_controller(&self) -> ControllerClient<Channel> {
@ -227,3 +279,24 @@ impl Client {
ContainersClient::new(self.channel())
}
}
#[cfg(test)]
mod tests {
use prost_types::Any;
use crate::events::ContainerCreate;
#[test]
fn any_roundtrip() {
let original = ContainerCreate {
id: "test".to_string(),
image: "test".to_string(),
runtime: None,
};
let any = Any::from_msg(&original).expect("should not fail to encode");
let decoded: ContainerCreate = any.to_msg().expect("should not fail to decode");
assert_eq!(original, decoded)
}
}

View File

@ -19,11 +19,10 @@ syntax = "proto3";
package containerd.events;
import "google/protobuf/any.proto";
import weak "gogoproto/gogo.proto";
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message ContainerCreate {
string id = 1;

View File

@ -18,12 +18,16 @@ syntax = "proto3";
package containerd.events;
import weak "gogoproto/gogo.proto";
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message ContentCreate {
string digest = 1;
int64 size = 2;
}
message ContentDelete {
string digest = 1 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 1;
}

View File

@ -18,10 +18,10 @@ syntax = "proto3";
package containerd.services.images.v1;
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message ImageCreate {
string name = 1;

View File

@ -18,11 +18,10 @@ syntax = "proto3";
package containerd.events;
import weak "gogoproto/gogo.proto";
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message NamespaceCreate {
string name = 1;

View File

@ -0,0 +1,37 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
message SandboxCreate {
string sandbox_id = 1;
}
message SandboxStart {
string sandbox_id = 1;
}
message SandboxExit {
string sandbox_id = 1;
uint32 exit_status = 2;
google.protobuf.Timestamp exited_at = 3;
}

View File

@ -18,21 +18,24 @@ syntax = "proto3";
package containerd.events;
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message SnapshotPrepare {
string key = 1;
string parent = 2;
string snapshotter = 5;
}
message SnapshotCommit {
string key = 1;
string name = 2;
string snapshotter = 5;
}
message SnapshotRemove {
string key = 1;
string snapshotter = 5;
}

View File

@ -18,19 +18,18 @@ syntax = "proto3";
package containerd.events;
import weak "gogoproto/gogo.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.plugin.fieldpath_all) = true;
option (containerd.types.fieldpath_all) = true;
message TaskCreate {
string container_id = 1;
string bundle = 2;
repeated containerd.types.Mount rootfs = 3;
TaskIO io = 4 [(gogoproto.customname) = "IO"];
TaskIO io = 4;
string checkpoint = 5;
uint32 pid = 6;
}
@ -44,7 +43,7 @@ message TaskDelete {
string container_id = 1;
uint32 pid = 2;
uint32 exit_status = 3;
google.protobuf.Timestamp exited_at = 4 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp exited_at = 4;
// id is the specific exec. By default if omitted will be `""` thus matches
// the init exec of the task matching `container_id`.
string id = 5;
@ -62,7 +61,7 @@ message TaskExit {
string id = 2;
uint32 pid = 3;
uint32 exit_status = 4;
google.protobuf.Timestamp exited_at = 5 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp exited_at = 5;
}
message TaskOOM {

View File

@ -18,7 +18,6 @@ syntax = "proto3";
package containerd.services.containers.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
@ -99,10 +98,10 @@ message Container {
string snapshot_key = 7;
// CreatedAt is the time the container was first created.
google.protobuf.Timestamp created_at = 8 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp created_at = 8;
// UpdatedAt is the last time the container was mutated.
google.protobuf.Timestamp updated_at = 9 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 9;
// Extensions allow clients to provide zero or more blobs that are directly
// associated with the container. One may provide protobuf, json, or other
@ -113,7 +112,10 @@ message Container {
// that should be unique against other extensions. When updating extension
// data, one should only update the specified extension using field paths
// to select a specific map key.
map<string, google.protobuf.Any> extensions = 10 [(gogoproto.nullable) = false];
map<string, google.protobuf.Any> extensions = 10;
// Sandbox ID this container belongs to.
string sandbox = 11;
}
message GetContainerRequest {
@ -121,7 +123,7 @@ message GetContainerRequest {
}
message GetContainerResponse {
Container container = 1 [(gogoproto.nullable) = false];
Container container = 1;
}
message ListContainersRequest {
@ -132,22 +134,22 @@ message ListContainersRequest {
// filters. Expanded, containers that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListContainersResponse {
repeated Container containers = 1 [(gogoproto.nullable) = false];
repeated Container containers = 1;
}
message CreateContainerRequest {
Container container = 1 [(gogoproto.nullable) = false];
Container container = 1;
}
message CreateContainerResponse {
Container container = 1 [(gogoproto.nullable) = false];
Container container = 1;
}
// UpdateContainerRequest updates the metadata on one or more container.
@ -159,7 +161,7 @@ message UpdateContainerRequest {
// Container provides the target values, as declared by the mask, for the update.
//
// The ID field must be set.
Container container = 1 [(gogoproto.nullable) = false];
Container container = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
@ -167,7 +169,7 @@ message UpdateContainerRequest {
}
message UpdateContainerResponse {
Container container = 1 [(gogoproto.nullable) = false];
Container container = 1;
}
message DeleteContainerRequest {

View File

@ -18,7 +18,6 @@ syntax = "proto3";
package containerd.services.content.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
import "google/protobuf/empty.proto";
@ -92,16 +91,16 @@ service Content {
message Info {
// Digest is the hash identity of the blob.
string digest = 1 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 1;
// Size is the total number of bytes in the blob.
int64 size = 2;
// CreatedAt provides the time at which the blob was committed.
google.protobuf.Timestamp created_at = 3 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp created_at = 3;
// UpdatedAt provides the time the info was last updated.
google.protobuf.Timestamp updated_at = 4 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 4;
// Labels are arbitrary data on snapshots.
//
@ -110,15 +109,15 @@ message Info {
}
message InfoRequest {
string digest = 1 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 1;
}
message InfoResponse {
Info info = 1 [(gogoproto.nullable) = false];
Info info = 1;
}
message UpdateRequest {
Info info = 1 [(gogoproto.nullable) = false];
Info info = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
@ -130,7 +129,7 @@ message UpdateRequest {
}
message UpdateResponse {
Info info = 1 [(gogoproto.nullable) = false];
Info info = 1;
}
message ListContentRequest {
@ -141,26 +140,26 @@ message ListContentRequest {
// filters. Expanded, containers that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListContentResponse {
repeated Info info = 1 [(gogoproto.nullable) = false];
repeated Info info = 1;
}
message DeleteContentRequest {
// Digest specifies which content to delete.
string digest = 1 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 1;
}
// ReadContentRequest defines the fields that make up a request to read a portion of
// data from a stored object.
message ReadContentRequest {
// Digest is the hash identity to read.
string digest = 1 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 1;
// Offset specifies the number of bytes from the start at which to begin
// the read. If zero or less, the read will be from the start. This uses
@ -179,12 +178,12 @@ message ReadContentResponse {
}
message Status {
google.protobuf.Timestamp started_at = 1 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp started_at = 1;
google.protobuf.Timestamp updated_at = 2;
string ref = 3;
int64 offset = 4;
int64 total = 5;
string expected = 6 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string expected = 6;
}
@ -201,17 +200,14 @@ message ListStatusesRequest {
}
message ListStatusesResponse {
repeated Status statuses = 1 [(gogoproto.nullable) = false];
repeated Status statuses = 1;
}
// WriteAction defines the behavior of a WriteRequest.
enum WriteAction {
option (gogoproto.goproto_enum_prefix) = false;
option (gogoproto.enum_customname) = "WriteAction";
// WriteActionStat instructs the writer to return the current status while
// holding the lock on the write.
STAT = 0 [(gogoproto.enumvalue_customname) = "WriteActionStat"];
STAT = 0;
// WriteActionWrite sets the action for the write request to write data.
//
@ -219,7 +215,7 @@ enum WriteAction {
// transaction will be left open for further writes.
//
// This is the default.
WRITE = 1 [(gogoproto.enumvalue_customname) = "WriteActionWrite"];
WRITE = 1;
// WriteActionCommit will write any outstanding data in the message and
// commit the write, storing it under the digest.
@ -228,7 +224,7 @@ enum WriteAction {
// commit it.
//
// This action will always terminate the write.
COMMIT = 2 [(gogoproto.enumvalue_customname) = "WriteActionCommit"];
COMMIT = 2;
}
// WriteContentRequest writes data to the request ref at offset.
@ -269,7 +265,7 @@ message WriteContentRequest {
// Only the latest version will be used to check the content against the
// digest. It is only required to include it on a single message, before or
// with the commit action message.
string expected = 4 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string expected = 4;
// Offset specifies the number of bytes from the start at which to begin
// the write. For most implementations, this means from the start of the
@ -304,13 +300,13 @@ message WriteContentResponse {
//
// This must be set for stat and commit write actions. All other write
// actions may omit this.
google.protobuf.Timestamp started_at = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp started_at = 2;
// UpdatedAt provides the last time of a successful write.
//
// This must be set for stat and commit write actions. All other write
// actions may omit this.
google.protobuf.Timestamp updated_at = 3 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 3;
// Offset is the current committed size for the write.
int64 offset = 4;
@ -326,7 +322,7 @@ message WriteContentResponse {
// Digest, if present, includes the digest up to the currently committed
// bytes. If action is commit, this field will be set. It is implementation
// defined if this is set for other actions.
string digest = 6 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 6;
}
message AbortRequest {

View File

@ -18,8 +18,8 @@ syntax = "proto3";
package containerd.services.diff.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/descriptor.proto";
@ -44,6 +44,8 @@ message ApplyRequest {
repeated containerd.types.Mount mounts = 2;
map<string, google.protobuf.Any> payloads = 3;
// SyncFs is to synchronize the underlying filesystem containing files.
bool sync_fs = 4;
}
message ApplyResponse {
@ -73,6 +75,13 @@ message DiffRequest {
// Labels are the labels to apply to the generated content
// on content store commit.
map<string, string> labels = 5;
// SourceDateEpoch specifies the timestamp used to provide control for reproducibility.
// See also https://reproducible-builds.org/docs/source-date-epoch/ .
//
// Since containerd v2.0, the whiteout timestamps are set to zero (1970-01-01),
// not to the source date epoch.
google.protobuf.Timestamp source_date_epoch = 6;
}
message DiffResponse {

View File

@ -18,11 +18,9 @@ syntax = "proto3";
package containerd.services.events.v1;
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import weak "gogoproto/gogo.proto";
import "github.com/containerd/containerd/api/types/event.proto";
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/events/v1;events";
@ -45,9 +43,9 @@ service Events {
//
// Unlike many other methods in containerd, subscribers will get messages
// from all namespaces unless otherwise specified. If this is not desired,
// a filter can be provided in the format 'namespace=={namespace}' to
// a filter can be provided in the format 'namespace==<namespace>' to
// restrict the received events.
rpc Subscribe(SubscribeRequest) returns (stream Envelope);
rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope);
}
message PublishRequest {
@ -56,17 +54,9 @@ message PublishRequest {
}
message ForwardRequest {
Envelope envelope = 1;
containerd.types.Envelope envelope = 1;
}
message SubscribeRequest {
repeated string filters = 1;
}
message Envelope {
option (containerd.plugin.fieldpath) = true;
google.protobuf.Timestamp timestamp = 1 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
string namespace = 2;
string topic = 3;
google.protobuf.Any event = 4;
}

View File

@ -18,7 +18,6 @@ syntax = "proto3";
package containerd.services.images.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
@ -71,13 +70,13 @@ message Image {
map<string, string> labels = 2;
// Target describes the content entry point of the image.
containerd.types.Descriptor target = 3 [(gogoproto.nullable) = false];
containerd.types.Descriptor target = 3;
// CreatedAt is the time the image was first created.
google.protobuf.Timestamp created_at = 7 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp created_at = 7;
// UpdatedAt is the last time the image was mutated.
google.protobuf.Timestamp updated_at = 8 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 8;
}
message GetImageRequest {
@ -89,26 +88,30 @@ message GetImageResponse {
}
message CreateImageRequest {
Image image = 1 [(gogoproto.nullable) = false];
Image image = 1;
google.protobuf.Timestamp source_date_epoch = 2;
}
message CreateImageResponse {
Image image = 1 [(gogoproto.nullable) = false];
Image image = 1;
}
message UpdateImageRequest {
// Image provides a full or partial image for update.
//
// The name field must be set or an error will be returned.
Image image = 1 [(gogoproto.nullable) = false];
Image image = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
google.protobuf.FieldMask update_mask = 2;
google.protobuf.Timestamp source_date_epoch = 3;
}
message UpdateImageResponse {
Image image = 1 [(gogoproto.nullable) = false];
Image image = 1;
}
message ListImagesRequest {
@ -119,14 +122,14 @@ message ListImagesRequest {
// filters. Expanded, images that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListImagesResponse {
repeated Image images = 1 [(gogoproto.nullable) = false];
repeated Image images = 1;
}
message DeleteImageRequest {
@ -137,4 +140,10 @@ message DeleteImageRequest {
//
// Default is false
bool sync = 2;
// Target value for image to be deleted
//
// If image descriptor does not match the same digest,
// the delete operation will return "not found" error.
optional containerd.types.Descriptor target = 3;
}

View File

@ -18,10 +18,12 @@ syntax = "proto3";
package containerd.services.introspection.v1;
import "google/protobuf/any.proto";
import "github.com/containerd/containerd/api/types/introspection.proto";
import "github.com/containerd/containerd/api/types/platform.proto";
import "google/rpc/status.proto";
import "google/protobuf/empty.proto";
import weak "gogoproto/gogo.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/introspection/v1;introspection";
@ -33,6 +35,8 @@ service Introspection {
rpc Plugins(PluginsRequest) returns (PluginsResponse);
// Server returns information about the containerd server
rpc Server(google.protobuf.Empty) returns (ServerResponse);
// PluginInfo returns information directly from a plugin if the plugin supports it
rpc PluginInfo(PluginInfoRequest) returns (PluginInfoResponse);
}
message Plugin {
@ -57,7 +61,7 @@ message Plugin {
//
// If the plugin prefers certain platforms over others, they should be
// listed from most to least preferred.
repeated types.Platform platforms = 4 [(gogoproto.nullable) = false];
repeated types.Platform platforms = 4;
// Exports allows plugins to provide values about state or configuration to
// interested parties.
@ -89,16 +93,41 @@ message PluginsRequest {
// filters. Expanded, plugins that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message PluginsResponse {
repeated Plugin plugins = 1 [(gogoproto.nullable) = false];
repeated Plugin plugins = 1;
}
message ServerResponse {
string uuid = 1 [(gogoproto.customname) = "UUID"];
string uuid = 1;
uint64 pid = 2;
uint64 pidns = 3; // PID namespace, such as 4026531836
repeated DeprecationWarning deprecations = 4;
}
message DeprecationWarning {
string id = 1;
string message = 2;
google.protobuf.Timestamp last_occurrence = 3;
}
message PluginInfoRequest {
string type = 1;
string id = 2;
// Options may be used to request extra dynamic information from
// a plugin.
// This object is determined by the plugin and the plugin may return
// NotImplemented or InvalidArgument if it is not supported
google.protobuf.Any options = 3;
}
message PluginInfoResponse {
Plugin plugin = 1;
google.protobuf.Any extra = 2;
}

View File

@ -17,7 +17,6 @@ syntax = "proto3";
package containerd.services.leases.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
@ -52,7 +51,7 @@ service Leases {
message Lease {
string id = 1;
google.protobuf.Timestamp created_at = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp created_at = 2;
map<string, string> labels = 3;
}
@ -99,13 +98,13 @@ message Resource {
message AddResourceRequest {
string id = 1;
Resource resource = 2 [(gogoproto.nullable) = false];
Resource resource = 2;
}
message DeleteResourceRequest {
string id = 1;
Resource resource = 2 [(gogoproto.nullable) = false];
Resource resource = 2;
}
message ListResourcesRequest {
@ -113,5 +112,5 @@ message ListResourcesRequest {
}
message ListResourcesResponse {
repeated Resource resources = 1 [(gogoproto.nullable) = false];
repeated Resource resources = 1 ;
}

View File

@ -18,7 +18,6 @@ syntax = "proto3";
package containerd.services.namespaces.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
@ -60,7 +59,7 @@ message GetNamespaceRequest {
}
message GetNamespaceResponse {
Namespace namespace = 1 [(gogoproto.nullable) = false];
Namespace namespace = 1;
}
message ListNamespacesRequest {
@ -68,15 +67,15 @@ message ListNamespacesRequest {
}
message ListNamespacesResponse {
repeated Namespace namespaces = 1 [(gogoproto.nullable) = false];
repeated Namespace namespaces = 1;
}
message CreateNamespaceRequest {
Namespace namespace = 1 [(gogoproto.nullable) = false];
Namespace namespace = 1;
}
message CreateNamespaceResponse {
Namespace namespace = 1 [(gogoproto.nullable) = false];
Namespace namespace = 1;
}
// UpdateNamespaceRequest updates the metadata for a namespace.
@ -88,7 +87,7 @@ message UpdateNamespaceRequest {
// Namespace provides the target value, as declared by the mask, for the update.
//
// The namespace field must be set.
Namespace namespace = 1 [(gogoproto.nullable) = false];
Namespace namespace = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
@ -100,7 +99,7 @@ message UpdateNamespaceRequest {
}
message UpdateNamespaceResponse {
Namespace namespace = 1 [(gogoproto.nullable) = false];
Namespace namespace = 1;
}
message DeleteNamespaceRequest {

View File

@ -31,6 +31,7 @@ import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/sandbox.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/platform.proto";
import "github.com/containerd/containerd/api/types/metrics.proto";
option go_package = "github.com/containerd/containerd/api/services/sandbox/v1;sandbox";
@ -93,6 +94,8 @@ service Controller {
rpc Wait(ControllerWaitRequest) returns (ControllerWaitResponse);
rpc Status(ControllerStatusRequest) returns (ControllerStatusResponse);
rpc Shutdown(ControllerShutdownRequest) returns (ControllerShutdownResponse);
rpc Metrics(ControllerMetricsRequest) returns (ControllerMetricsResponse);
rpc Update(ControllerUpdateRequest) returns (ControllerUpdateResponse);
}
message ControllerCreateRequest {
@ -100,6 +103,9 @@ message ControllerCreateRequest {
repeated containerd.types.Mount rootfs = 2;
google.protobuf.Any options = 3;
string netns_path = 4;
map<string, string> annotations = 5;
containerd.types.Sandbox sandbox = 6;
string sandboxer = 10;
}
message ControllerCreateResponse {
@ -108,6 +114,7 @@ message ControllerCreateResponse {
message ControllerStartRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerStartResponse {
@ -115,10 +122,16 @@ message ControllerStartResponse {
uint32 pid = 2;
google.protobuf.Timestamp created_at = 3;
map<string, string> labels = 4;
// Address of the sandbox for containerd to connect,
// for calling Task or other APIs serving in the sandbox.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string address = 5;
uint32 version = 6;
}
message ControllerPlatformRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerPlatformResponse {
@ -128,12 +141,14 @@ message ControllerPlatformResponse {
message ControllerStopRequest {
string sandbox_id = 1;
uint32 timeout_secs = 2;
string sandboxer = 10;
}
message ControllerStopResponse {}
message ControllerWaitRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerWaitResponse {
@ -144,6 +159,7 @@ message ControllerWaitResponse {
message ControllerStatusRequest {
string sandbox_id = 1;
bool verbose = 2;
string sandboxer = 10;
}
message ControllerStatusResponse {
@ -154,10 +170,35 @@ message ControllerStatusResponse {
google.protobuf.Timestamp created_at = 5;
google.protobuf.Timestamp exited_at = 6;
google.protobuf.Any extra = 7;
// Address of the sandbox for containerd to connect,
// for calling Task or other APIs serving in the sandbox.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string address = 8;
uint32 version = 9;
}
message ControllerShutdownRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerShutdownResponse {}
message ControllerShutdownResponse {}
message ControllerMetricsRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerMetricsResponse {
types.Metric metrics = 1;
}
message ControllerUpdateRequest {
string sandbox_id = 1;
string sandboxer = 2;
containerd.types.Sandbox sandbox = 3;
repeated string fields = 4;
}
message ControllerUpdateResponse {
}

View File

@ -18,7 +18,6 @@ syntax = "proto3";
package containerd.services.snapshots.v1;
import weak "gogoproto/gogo.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
@ -101,13 +100,10 @@ message StatSnapshotRequest {
}
enum Kind {
option (gogoproto.goproto_enum_prefix) = false;
option (gogoproto.enum_customname) = "Kind";
UNKNOWN = 0 [(gogoproto.enumvalue_customname) = "KindUnknown"];
VIEW = 1 [(gogoproto.enumvalue_customname) = "KindView"];
ACTIVE = 2 [(gogoproto.enumvalue_customname) = "KindActive"];
COMMITTED = 3 [(gogoproto.enumvalue_customname) = "KindCommitted"];
UNKNOWN = 0;
VIEW = 1;
ACTIVE = 2;
COMMITTED = 3;
}
message Info {
@ -116,10 +112,10 @@ message Info {
Kind kind = 3;
// CreatedAt provides the time at which the snapshot was created.
google.protobuf.Timestamp created_at = 4 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp created_at = 4;
// UpdatedAt provides the time the info was last updated.
google.protobuf.Timestamp updated_at = 5 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp updated_at = 5;
// Labels are arbitrary data on snapshots.
//
@ -128,12 +124,12 @@ message Info {
}
message StatSnapshotResponse {
Info info = 1 [(gogoproto.nullable) = false];
Info info = 1;
}
message UpdateSnapshotRequest {
string snapshotter = 1;
Info info = 2 [(gogoproto.nullable) = false];
Info info = 2;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
@ -145,7 +141,7 @@ message UpdateSnapshotRequest {
}
message UpdateSnapshotResponse {
Info info = 1 [(gogoproto.nullable) = false];
Info info = 1;
}
message ListSnapshotsRequest{
@ -158,14 +154,14 @@ message ListSnapshotsRequest{
// filters. Expanded, images that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 2;
}
message ListSnapshotsResponse {
repeated Info info = 1 [(gogoproto.nullable) = false];
repeated Info info = 1;
}
message UsageRequest {

View File

@ -0,0 +1,31 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.streaming.v1;
import "google/protobuf/any.proto";
option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming";
service Streaming {
rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any);
}
message StreamInit {
string id = 1;
}

View File

@ -20,7 +20,6 @@ package containerd.services.tasks.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/any.proto";
import weak "gogoproto/gogo.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/metrics.proto";
import "github.com/containerd/containerd/api/types/descriptor.proto";
@ -114,7 +113,7 @@ message DeleteResponse {
string id = 1;
uint32 pid = 2;
uint32 exit_status = 3;
google.protobuf.Timestamp exited_at = 4 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp exited_at = 4;
}
message DeleteProcessRequest {
@ -195,7 +194,7 @@ message ListPidsResponse {
message CheckpointTaskRequest {
string container_id = 1;
string parent_checkpoint = 2 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string parent_checkpoint = 2;
google.protobuf.Any options = 3;
}
@ -224,5 +223,5 @@ message WaitRequest {
message WaitResponse {
uint32 exit_status = 1;
google.protobuf.Timestamp exited_at = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp exited_at = 2;
}

View File

@ -0,0 +1,39 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.transfer.v1;
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer";
service Transfer {
rpc Transfer(TransferRequest) returns (google.protobuf.Empty);
}
message TransferRequest {
google.protobuf.Any source = 1;
google.protobuf.Any destination = 2;
TransferOptions options = 3;
}
message TransferOptions {
string progress_stream = 1;
// Progress min interval
}

View File

@ -18,11 +18,8 @@ syntax = "proto3";
package containerd.services.events.ttrpc.v1;
import weak "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto";
import weak "gogoproto/gogo.proto";
import "google/protobuf/any.proto";
import "github.com/containerd/containerd/api/types/event.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events";
@ -36,13 +33,5 @@ service Events {
}
message ForwardRequest {
Envelope envelope = 1;
}
message Envelope {
option (containerd.plugin.fieldpath) = true;
google.protobuf.Timestamp timestamp = 1 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
string namespace = 2;
string topic = 3;
google.protobuf.Any event = 4;
containerd.types.Envelope envelope = 1;
}

View File

@ -19,7 +19,6 @@ syntax = "proto3";
package containerd.services.version.v1;
import "google/protobuf/empty.proto";
import weak "gogoproto/gogo.proto";
// TODO(stevvooe): Should version service actually be versioned?
option go_package = "github.com/containerd/containerd/api/services/version/v1;version";

View File

@ -18,8 +18,6 @@ syntax = "proto3";
package containerd.types;
import weak "gogoproto/gogo.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
// Descriptor describes a blob in a content store.
@ -29,7 +27,7 @@ option go_package = "github.com/containerd/containerd/api/types;types";
// See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor
message Descriptor {
string media_type = 1;
string digest = 2 [(gogoproto.customtype) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false];
string digest = 2;
int64 size = 3;
map<string, string> annotations = 5;
}

View File

@ -0,0 +1,33 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message Envelope {
option (containerd.types.fieldpath) = true;
google.protobuf.Timestamp timestamp = 1;
string namespace = 2;
string topic = 3;
google.protobuf.Any event = 4;
}

View File

@ -26,11 +26,13 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
syntax = "proto2";
package containerd.plugin;
syntax = "proto3";
package containerd.types;
import "google/protobuf/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
extend google.protobuf.FileOptions {
optional bool fieldpath_all = 63300;
}

View File

@ -0,0 +1,46 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "google/protobuf/any.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message RuntimeRequest {
string runtime_path = 1;
// Options correspond to CreateTaskRequest.options.
// This is needed to pass the runc binary path, etc.
google.protobuf.Any options = 2;
}
message RuntimeVersion {
string version = 1;
string revision = 2;
}
message RuntimeInfo {
string name = 1;
RuntimeVersion version = 2;
// Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.)
google.protobuf.Any options = 3;
// OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md
google.protobuf.Any features = 4;
// Annotations of the shim. Irrelevant to features.Annotations.
map<string, string> annotations = 5;
}

View File

@ -18,14 +18,13 @@ syntax = "proto3";
package containerd.types;
import weak "gogoproto/gogo.proto";
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message Metric {
google.protobuf.Timestamp timestamp = 1 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp timestamp = 1;
string id = 2;
google.protobuf.Any data = 3;
}

View File

@ -18,8 +18,6 @@ syntax = "proto3";
package containerd.types;
import weak "gogoproto/gogo.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
// Mount describes mounts for a container.

View File

@ -18,14 +18,13 @@ syntax = "proto3";
package containerd.types;
import weak "gogoproto/gogo.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
// Platform follows the structure of the OCI platform specification, from
// descriptors.
message Platform {
string os = 1 [(gogoproto.customname) = "OS"];
string os = 1;
string architecture = 2;
string variant = 3;
string os_version = 4;
}

View File

@ -0,0 +1,63 @@
syntax = "proto3";
package containerd.runc.v1;
option go_package = "github.com/containerd/containerd/api/types/runc/options;options";
message Options {
// disable pivot root when creating a container
bool no_pivot_root = 1;
// create a new keyring for the container
bool no_new_keyring = 2;
// place the shim in a cgroup
string shim_cgroup = 3;
// set the I/O's pipes uid
uint32 io_uid = 4;
// set the I/O's pipes gid
uint32 io_gid = 5;
// binary name of the runc binary
string binary_name = 6;
// runc root directory
string root = 7;
// criu binary path.
//
// Removed in containerd v2.0: string criu_path = 8;
reserved 8;
// enable systemd cgroups
bool systemd_cgroup = 9;
// criu image path
string criu_image_path = 10;
// criu work path
string criu_work_path = 11;
// task api address, can be a unix domain socket, or vsock address.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string task_api_address = 12;
// task api version, currently supported value is 2 and 3.
uint32 task_api_version = 13;
}
message CheckpointOptions {
// exit the container after a checkpoint
bool exit = 1;
// checkpoint open tcp connections
bool open_tcp = 2;
// checkpoint external unix sockets
bool external_unix_sockets = 3;
// checkpoint terminals (ptys)
bool terminal = 4;
// allow checkpointing of file locks
bool file_locks = 5;
// restore provided namespaces as empty namespaces
repeated string empty_namespaces = 6;
// set the cgroups mode, soft, full, strict
string cgroups_mode = 7;
// checkpoint image path
string image_path = 8;
// checkpoint work path
string work_path = 9;
}
message ProcessDetails {
// exec process id if the process is managed by a shim
string exec_id = 1;
}

View File

@ -0,0 +1,17 @@
// To regenerate api.pb.go run `make protos`
syntax = "proto3";
package runtimeoptions.v1;
option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions";
message Options {
// TypeUrl specifies the type of the content inside the config file.
string type_url = 1;
// ConfigPath specifies the filesystem location of the config file
// used by the runtime.
string config_path = 2;
// Blob specifies an in-memory TOML blob passed from containerd's configuration section
// for this runtime. This will be used if config_path is not specified.
bytes config_body = 3;
}

View File

@ -26,26 +26,29 @@ option go_package = "github.com/containerd/containerd/api/types;types";
// Sandbox represents a sandbox metadata object that keeps all info required by controller to
// work with a particular instance.
message Sandbox {
// SandboxID is a unique instance identifier within namespace
string sandbox_id = 1;
message Runtime {
// Name is the name of the runtime.
string name = 1;
// Options specify additional runtime initialization options for the shim (this data will be available in StartShim).
// Typically this data expected to be runtime shim implementation specific.
google.protobuf.Any options = 2;
}
// Runtime specifies which runtime to use for executing this container.
Runtime runtime = 2;
// Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the
// bundle directory (similary to OCI spec).
google.protobuf.Any spec = 3;
// Labels provides an area to include arbitrary data on containers.
map<string, string> labels = 4;
// CreatedAt is the time the container was first created.
google.protobuf.Timestamp created_at = 5;
// UpdatedAt is the last time the container was mutated.
google.protobuf.Timestamp updated_at = 6;
// Extensions allow clients to provide optional blobs that can be handled by runtime.
map<string, google.protobuf.Any> extensions = 7;
}
// SandboxID is a unique instance identifier within namespace
string sandbox_id = 1;
message Runtime {
// Name is the name of the runtime.
string name = 1;
// Options specify additional runtime initialization options for the shim (this data will be available in StartShim).
// Typically this data expected to be runtime shim implementation specific.
google.protobuf.Any options = 2;
}
// Runtime specifies which runtime to use for executing this container.
Runtime runtime = 2;
// Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the
// bundle directory (similary to OCI spec).
google.protobuf.Any spec = 3;
// Labels provides an area to include arbitrary data on containers.
map<string, string> labels = 4;
// CreatedAt is the time the container was first created.
google.protobuf.Timestamp created_at = 5;
// UpdatedAt is the last time the container was mutated.
google.protobuf.Timestamp updated_at = 6;
// Extensions allow clients to provide optional blobs that can be handled by runtime.
map<string, google.protobuf.Any> extensions = 7;
// Sandboxer is the name of the sandbox controller who manages the sandbox.
string sandboxer = 10;
}

View File

@ -18,20 +18,18 @@ syntax = "proto3";
package containerd.v1.types;
import weak "gogoproto/gogo.proto";
import "google/protobuf/timestamp.proto";
import "google/protobuf/any.proto";
enum Status {
option (gogoproto.goproto_enum_prefix) = false;
option (gogoproto.enum_customname) = "Status";
option go_package = "github.com/containerd/containerd/api/types/task";
UNKNOWN = 0 [(gogoproto.enumvalue_customname) = "StatusUnknown"];
CREATED = 1 [(gogoproto.enumvalue_customname) = "StatusCreated"];
RUNNING = 2 [(gogoproto.enumvalue_customname) = "StatusRunning"];
STOPPED = 3 [(gogoproto.enumvalue_customname) = "StatusStopped"];
PAUSED = 4 [(gogoproto.enumvalue_customname) = "StatusPaused"];
PAUSING = 5 [(gogoproto.enumvalue_customname) = "StatusPausing"];
enum Status {
UNKNOWN = 0;
CREATED = 1;
RUNNING = 2;
STOPPED = 3;
PAUSED = 4;
PAUSING = 5;
}
message Process {
@ -44,7 +42,7 @@ message Process {
string stderr = 7;
bool terminal = 8;
uint32 exit_status = 9;
google.protobuf.Timestamp exited_at = 10 [(gogoproto.stdtime) = true, (gogoproto.nullable) = false];
google.protobuf.Timestamp exited_at = 10;
}
message ProcessInfo {

View File

@ -0,0 +1,82 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "github.com/containerd/containerd/api/types/platform.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message ImageStore {
string name = 1;
map<string, string> labels = 2;
// Content filters
repeated types.Platform platforms = 3;
bool all_metadata = 4;
uint32 manifest_limit = 5;
// Import naming
// extra_references are used to set image names on imports of sub-images from the index
repeated ImageReference extra_references = 6;
// Unpack Configuration, multiple allowed
repeated UnpackConfiguration unpacks = 10;
}
message UnpackConfiguration {
// platform is the platform to unpack for, used for resolving manifest and snapshotter
// if not provided
types.Platform platform = 1;
// snapshotter to unpack to, if not provided default for platform shoudl be used
string snapshotter = 2;
}
// ImageReference is used to create or find a reference for an image
message ImageReference {
string name = 1;
// is_prefix determines whether the Name should be considered
// a prefix (without tag or digest).
// For lookup, this may allow matching multiple tags.
// For store, this must have a tag or digest added.
bool is_prefix = 2;
// allow_overwrite allows overwriting or ignoring the name if
// another reference is provided (such as through an annotation).
// Only used if IsPrefix is true.
bool allow_overwrite = 3;
// add_digest adds the manifest digest to the reference.
// For lookup, this allows matching tags with any digest.
// For store, this allows adding the digest to the name.
// Only used if IsPrefix is true.
bool add_digest = 4;
// skip_named_digest only considers digest references which do not
// have a non-digested named reference.
// For lookup, this will deduplicate digest references when there is a named match.
// For store, this only adds this digest reference when there is no matching full
// name reference from the prefix.
// Only used if IsPrefix is true.
bool skip_named_digest = 5;
}

View File

@ -0,0 +1,52 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
option go_package = "github.com/containerd/containerd/api/types/transfer";
import "github.com/containerd/containerd/api/types/platform.proto";
message ImageImportStream {
// Stream is used to identify the binary input stream for the import operation.
// The stream uses the transfer binary stream protocol with the client as the sender.
// The binary data is expected to be a raw tar stream.
string stream = 1;
string media_type = 2;
bool force_compress = 3;
}
message ImageExportStream {
// Stream is used to identify the binary output stream for the export operation.
// The stream uses the transfer binary stream protocol with the server as the sender.
// The binary data is expected to be a raw tar stream.
string stream = 1;
string media_type = 2;
// The specified platforms
repeated types.Platform platforms = 3;
// Whether to include all platforms
bool all_platforms = 4;
// Skips the creation of the Docker compatible manifest.json file
bool skip_compatibility_manifest = 5;
// Excludes non-distributable blobs such as Windows base layers.
bool skip_non_distributable = 6;
}

View File

@ -0,0 +1,32 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "github.com/containerd/containerd/api/types/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message Progress {
string event = 1;
string name = 2;
repeated string parents = 3;
int64 progress = 4;
int64 total = 5;
containerd.types.Descriptor desc = 6;
}

View File

@ -0,0 +1,97 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message OCIRegistry {
string reference = 1;
RegistryResolver resolver = 2;
}
enum HTTPDebug {
DISABLED = 0;
// Enable HTTP debugging
DEBUG = 1;
// Enable HTTP requests tracing
TRACE = 2;
// Enable both HTTP debugging and requests tracing
BOTH = 3;
}
message RegistryResolver {
// auth_stream is used to refer to a stream which auth callbacks may be
// made on.
string auth_stream = 1;
// Headers
map<string, string> headers = 2;
string host_dir = 3;
string default_scheme = 4;
// Force skip verify
// CA callback? Client TLS callback?
// Whether to debug/trace HTTP requests to OCI registry.
HTTPDebug http_debug = 5;
// Stream ID to use for HTTP logs (when logs are streamed to client).
// When empty, logs are written to containerd logs.
string logs_stream = 6;
}
// AuthRequest is sent as a callback on a stream
message AuthRequest {
// host is the registry host
string host = 1;
// reference is the namespace and repository name requested from the registry
string reference = 2;
// wwwauthenticate is the HTTP WWW-Authenticate header values returned from the registry
repeated string wwwauthenticate = 3;
}
enum AuthType {
NONE = 0;
// CREDENTIALS is used to exchange username/password for access token
// using an oauth or "Docker Registry Token" server
CREDENTIALS = 1;
// REFRESH is used to exchange secret for access token using an oauth
// or "Docker Registry Token" server
REFRESH = 2;
// HEADER is used to set the HTTP Authorization header to secret
// directly for the registry.
// Value should be `<auth-scheme> <authorization-parameters>`
HEADER = 3;
}
message AuthResponse {
AuthType authType = 1;
string secret = 2;
string username = 3;
google.protobuf.Timestamp expire_at = 4;
// TODO: Stream error
}

View File

@ -0,0 +1,29 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
option go_package = "github.com/containerd/containerd/api/types/transfer";
message Data {
bytes data = 1;
}
message WindowUpdate {
int32 update = 1;
}

View File

@ -0,0 +1,46 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "google/protobuf/any.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message ContainerCreate {
string id = 1;
string image = 2;
message Runtime {
string name = 1;
google.protobuf.Any options = 2;
}
Runtime runtime = 3;
}
message ContainerUpdate {
string id = 1;
string image = 2;
map<string, string> labels = 3;
string snapshot_key = 4;
}
message ContainerDelete {
string id = 1;
}

View File

@ -0,0 +1,33 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message ContentCreate {
string digest = 1;
int64 size = 2;
}
message ContentDelete {
string digest = 1;
}

View File

@ -0,0 +1,38 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.images.v1;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message ImageCreate {
string name = 1;
map<string, string> labels = 2;
}
message ImageUpdate {
string name = 1;
map<string, string> labels = 2;
}
message ImageDelete {
string name = 1;
}

View File

@ -0,0 +1,38 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message NamespaceCreate {
string name = 1;
map<string, string> labels = 2;
}
message NamespaceUpdate {
string name = 1;
map<string, string> labels = 2;
}
message NamespaceDelete {
string name = 1;
}

View File

@ -0,0 +1,37 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
message SandboxCreate {
string sandbox_id = 1;
}
message SandboxStart {
string sandbox_id = 1;
}
message SandboxExit {
string sandbox_id = 1;
uint32 exit_status = 2;
google.protobuf.Timestamp exited_at = 3;
}

View File

@ -0,0 +1,41 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message SnapshotPrepare {
string key = 1;
string parent = 2;
string snapshotter = 5;
}
message SnapshotCommit {
string key = 1;
string name = 2;
string snapshotter = 5;
}
message SnapshotRemove {
string key = 1;
string snapshotter = 5;
}

View File

@ -0,0 +1,93 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.events;
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/fieldpath.proto";
option go_package = "github.com/containerd/containerd/api/events;events";
option (containerd.types.fieldpath_all) = true;
message TaskCreate {
string container_id = 1;
string bundle = 2;
repeated containerd.types.Mount rootfs = 3;
TaskIO io = 4;
string checkpoint = 5;
uint32 pid = 6;
}
message TaskStart {
string container_id = 1;
uint32 pid = 2;
}
message TaskDelete {
string container_id = 1;
uint32 pid = 2;
uint32 exit_status = 3;
google.protobuf.Timestamp exited_at = 4;
// id is the specific exec. By default if omitted will be `""` thus matches
// the init exec of the task matching `container_id`.
string id = 5;
}
message TaskIO {
string stdin = 1;
string stdout = 2;
string stderr = 3;
bool terminal = 4;
}
message TaskExit {
string container_id = 1;
string id = 2;
uint32 pid = 3;
uint32 exit_status = 4;
google.protobuf.Timestamp exited_at = 5;
}
message TaskOOM {
string container_id = 1;
}
message TaskExecAdded {
string container_id = 1;
string exec_id = 2;
}
message TaskExecStarted {
string container_id = 1;
string exec_id = 2;
uint32 pid = 3;
}
message TaskPaused {
string container_id = 1;
}
message TaskResumed {
string container_id = 1;
}
message TaskCheckpointed {
string container_id = 1;
string checkpoint = 2;
}

View File

@ -0,0 +1,181 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.containers.v1;
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/containers/v1;containers";
// Containers provides metadata storage for containers used in the execution
// service.
//
// The objects here provide an state-independent view of containers for use in
// management and resource pinning. From that perspective, containers do not
// have a "state" but rather this is the set of resources that will be
// considered in use by the container.
//
// From the perspective of the execution service, these objects represent the
// base parameters for creating a container process.
//
// In general, when looking to add fields for this type, first ask yourself
// whether or not the function of the field has to do with runtime execution or
// is invariant of the runtime state of the container. If it has to do with
// runtime, or changes as the "container" is started and stops, it probably
// doesn't belong on this object.
service Containers {
rpc Get(GetContainerRequest) returns (GetContainerResponse);
rpc List(ListContainersRequest) returns (ListContainersResponse);
rpc ListStream(ListContainersRequest) returns (stream ListContainerMessage);
rpc Create(CreateContainerRequest) returns (CreateContainerResponse);
rpc Update(UpdateContainerRequest) returns (UpdateContainerResponse);
rpc Delete(DeleteContainerRequest) returns (google.protobuf.Empty);
}
message Container {
// ID is the user-specified identifier.
//
// This field may not be updated.
string id = 1;
// Labels provides an area to include arbitrary data on containers.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
//
// Note that to add a new value to this field, read the existing set and
// include the entire result in the update call.
map<string, string> labels = 2;
// Image contains the reference of the image used to build the
// specification and snapshots for running this container.
//
// If this field is updated, the spec and rootfs needed to updated, as well.
string image = 3;
message Runtime {
// Name is the name of the runtime.
string name = 1;
// Options specify additional runtime initialization options.
google.protobuf.Any options = 2;
}
// Runtime specifies which runtime to use for executing this container.
Runtime runtime = 4;
// Spec to be used when creating the container. This is runtime specific.
google.protobuf.Any spec = 5;
// Snapshotter specifies the snapshotter name used for rootfs
string snapshotter = 6;
// SnapshotKey specifies the snapshot key to use for the container's root
// filesystem. When starting a task from this container, a caller should
// look up the mounts from the snapshot service and include those on the
// task create request.
//
// Snapshots referenced in this field will not be garbage collected.
//
// This field is set to empty when the rootfs is not a snapshot.
//
// This field may be updated.
string snapshot_key = 7;
// CreatedAt is the time the container was first created.
google.protobuf.Timestamp created_at = 8;
// UpdatedAt is the last time the container was mutated.
google.protobuf.Timestamp updated_at = 9;
// Extensions allow clients to provide zero or more blobs that are directly
// associated with the container. One may provide protobuf, json, or other
// encoding formats. The primary use of this is to further decorate the
// container object with fields that may be specific to a client integration.
//
// The key portion of this map should identify a "name" for the extension
// that should be unique against other extensions. When updating extension
// data, one should only update the specified extension using field paths
// to select a specific map key.
map<string, google.protobuf.Any> extensions = 10;
// Sandbox ID this container belongs to.
string sandbox = 11;
}
message GetContainerRequest {
string id = 1;
}
message GetContainerResponse {
Container container = 1;
}
message ListContainersRequest {
// Filters contains one or more filters using the syntax defined in the
// containerd filter package.
//
// The returned result will be those that match any of the provided
// filters. Expanded, containers that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListContainersResponse {
repeated Container containers = 1;
}
message CreateContainerRequest {
Container container = 1;
}
message CreateContainerResponse {
Container container = 1;
}
// UpdateContainerRequest updates the metadata on one or more container.
//
// The operation should follow semantics described in
// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask,
// unless otherwise qualified.
message UpdateContainerRequest {
// Container provides the target values, as declared by the mask, for the update.
//
// The ID field must be set.
Container container = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
google.protobuf.FieldMask update_mask = 2;
}
message UpdateContainerResponse {
Container container = 1;
}
message DeleteContainerRequest {
string id = 1;
}
message ListContainerMessage {
Container container = 1;
}

View File

@ -0,0 +1,330 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.content.v1;
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
import "google/protobuf/empty.proto";
option go_package = "github.com/containerd/containerd/api/services/content/v1;content";
// Content provides access to a content addressable storage system.
service Content {
// Info returns information about a committed object.
//
// This call can be used for getting the size of content and checking for
// existence.
rpc Info(InfoRequest) returns (InfoResponse);
// Update updates content metadata.
//
// This call can be used to manage the mutable content labels. The
// immutable metadata such as digest, size, and committed at cannot
// be updated.
rpc Update(UpdateRequest) returns (UpdateResponse);
// List streams the entire set of content as Info objects and closes the
// stream.
//
// Typically, this will yield a large response, chunked into messages.
// Clients should make provisions to ensure they can handle the entire data
// set.
rpc List(ListContentRequest) returns (stream ListContentResponse);
// Delete will delete the referenced object.
rpc Delete(DeleteContentRequest) returns (google.protobuf.Empty);
// Read allows one to read an object based on the offset into the content.
//
// The requested data may be returned in one or more messages.
rpc Read(ReadContentRequest) returns (stream ReadContentResponse);
// Status returns the status for a single reference.
rpc Status(StatusRequest) returns (StatusResponse);
// ListStatuses returns the status of ongoing object ingestions, started via
// Write.
//
// Only those matching the regular expression will be provided in the
// response. If the provided regular expression is empty, all ingestions
// will be provided.
rpc ListStatuses(ListStatusesRequest) returns (ListStatusesResponse);
// Write begins or resumes writes to a resource identified by a unique ref.
// Only one active stream may exist at a time for each ref.
//
// Once a write stream has started, it may only write to a single ref, thus
// once a stream is started, the ref may be omitted on subsequent writes.
//
// For any write transaction represented by a ref, only a single write may
// be made to a given offset. If overlapping writes occur, it is an error.
// Writes should be sequential and implementations may throw an error if
// this is required.
//
// If expected_digest is set and already part of the content store, the
// write will fail.
//
// When completed, the commit flag should be set to true. If expected size
// or digest is set, the content will be validated against those values.
rpc Write(stream WriteContentRequest) returns (stream WriteContentResponse);
// Abort cancels the ongoing write named in the request. Any resources
// associated with the write will be collected.
rpc Abort(AbortRequest) returns (google.protobuf.Empty);
}
message Info {
// Digest is the hash identity of the blob.
string digest = 1;
// Size is the total number of bytes in the blob.
int64 size = 2;
// CreatedAt provides the time at which the blob was committed.
google.protobuf.Timestamp created_at = 3;
// UpdatedAt provides the time the info was last updated.
google.protobuf.Timestamp updated_at = 4;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 5;
}
message InfoRequest {
string digest = 1;
}
message InfoResponse {
Info info = 1;
}
message UpdateRequest {
Info info = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
//
// In info, Digest, Size, and CreatedAt are immutable,
// other field may be updated using this mask.
// If no mask is provided, all mutable field are updated.
google.protobuf.FieldMask update_mask = 2;
}
message UpdateResponse {
Info info = 1;
}
message ListContentRequest {
// Filters contains one or more filters using the syntax defined in the
// containerd filter package.
//
// The returned result will be those that match any of the provided
// filters. Expanded, containers that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListContentResponse {
repeated Info info = 1;
}
message DeleteContentRequest {
// Digest specifies which content to delete.
string digest = 1;
}
// ReadContentRequest defines the fields that make up a request to read a portion of
// data from a stored object.
message ReadContentRequest {
// Digest is the hash identity to read.
string digest = 1;
// Offset specifies the number of bytes from the start at which to begin
// the read. If zero or less, the read will be from the start. This uses
// standard zero-indexed semantics.
int64 offset = 2;
// size is the total size of the read. If zero, the entire blob will be
// returned by the service.
int64 size = 3;
}
// ReadContentResponse carries byte data for a read request.
message ReadContentResponse {
int64 offset = 1; // offset of the returned data
bytes data = 2; // actual data
}
message Status {
google.protobuf.Timestamp started_at = 1;
google.protobuf.Timestamp updated_at = 2;
string ref = 3;
int64 offset = 4;
int64 total = 5;
string expected = 6;
}
message StatusRequest {
string ref = 1;
}
message StatusResponse {
Status status = 1;
}
message ListStatusesRequest {
repeated string filters = 1;
}
message ListStatusesResponse {
repeated Status statuses = 1;
}
// WriteAction defines the behavior of a WriteRequest.
enum WriteAction {
// WriteActionStat instructs the writer to return the current status while
// holding the lock on the write.
STAT = 0;
// WriteActionWrite sets the action for the write request to write data.
//
// Any data included will be written at the provided offset. The
// transaction will be left open for further writes.
//
// This is the default.
WRITE = 1;
// WriteActionCommit will write any outstanding data in the message and
// commit the write, storing it under the digest.
//
// This can be used in a single message to send the data, verify it and
// commit it.
//
// This action will always terminate the write.
COMMIT = 2;
}
// WriteContentRequest writes data to the request ref at offset.
message WriteContentRequest {
// Action sets the behavior of the write.
//
// When this is a write and the ref is not yet allocated, the ref will be
// allocated and the data will be written at offset.
//
// If the action is write and the ref is allocated, it will accept data to
// an offset that has not yet been written.
//
// If the action is write and there is no data, the current write status
// will be returned. This works differently from status because the stream
// holds a lock.
WriteAction action = 1;
// Ref identifies the pre-commit object to write to.
string ref = 2;
// Total can be set to have the service validate the total size of the
// committed content.
//
// The latest value before or with the commit action message will be use to
// validate the content. If the offset overflows total, the service may
// report an error. It is only required on one message for the write.
//
// If the value is zero or less, no validation of the final content will be
// performed.
int64 total = 3;
// Expected can be set to have the service validate the final content against
// the provided digest.
//
// If the digest is already present in the object store, an AlreadyExists
// error will be returned.
//
// Only the latest version will be used to check the content against the
// digest. It is only required to include it on a single message, before or
// with the commit action message.
string expected = 4;
// Offset specifies the number of bytes from the start at which to begin
// the write. For most implementations, this means from the start of the
// file. This uses standard, zero-indexed semantics.
//
// If the action is write, the remote may remove all previously written
// data after the offset. Implementations may support arbitrary offsets but
// MUST support reseting this value to zero with a write. If an
// implementation does not support a write at a particular offset, an
// OutOfRange error must be returned.
int64 offset = 5;
// Data is the actual bytes to be written.
//
// If this is empty and the message is not a commit, a response will be
// returned with the current write state.
bytes data = 6;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 7;
}
// WriteContentResponse is returned on the culmination of a write call.
message WriteContentResponse {
// Action contains the action for the final message of the stream. A writer
// should confirm that they match the intended result.
WriteAction action = 1;
// StartedAt provides the time at which the write began.
//
// This must be set for stat and commit write actions. All other write
// actions may omit this.
google.protobuf.Timestamp started_at = 2;
// UpdatedAt provides the last time of a successful write.
//
// This must be set for stat and commit write actions. All other write
// actions may omit this.
google.protobuf.Timestamp updated_at = 3;
// Offset is the current committed size for the write.
int64 offset = 4;
// Total provides the current, expected total size of the write.
//
// We include this to provide consistency with the Status structure on the
// client writer.
//
// This is only valid on the Stat and Commit response.
int64 total = 5;
// Digest, if present, includes the digest up to the currently committed
// bytes. If action is commit, this field will be set. It is implementation
// defined if this is set for other actions.
string digest = 6;
}
message AbortRequest {
string ref = 1;
}

View File

@ -0,0 +1,90 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.diff.v1;
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/services/diff/v1;diff";
// Diff service creates and applies diffs
service Diff {
// Apply applies the content associated with the provided digests onto
// the provided mounts. Archive content will be extracted and
// decompressed if necessary.
rpc Apply(ApplyRequest) returns (ApplyResponse);
// Diff creates a diff between the given mounts and uploads the result
// to the content store.
rpc Diff(DiffRequest) returns (DiffResponse);
}
message ApplyRequest {
// Diff is the descriptor of the diff to be extracted
containerd.types.Descriptor diff = 1;
repeated containerd.types.Mount mounts = 2;
map<string, google.protobuf.Any> payloads = 3;
// SyncFs is to synchronize the underlying filesystem containing files.
bool sync_fs = 4;
}
message ApplyResponse {
// Applied is the descriptor for the object which was applied.
// If the input was a compressed blob then the result will be
// the descriptor for the uncompressed blob.
containerd.types.Descriptor applied = 1;
}
message DiffRequest {
// Left are the mounts which represent the older copy
// in which is the base of the computed changes.
repeated containerd.types.Mount left = 1;
// Right are the mounts which represents the newer copy
// in which changes from the left were made into.
repeated containerd.types.Mount right = 2;
// MediaType is the media type descriptor for the created diff
// object
string media_type = 3;
// Ref identifies the pre-commit content store object. This
// reference can be used to get the status from the content store.
string ref = 4;
// Labels are the labels to apply to the generated content
// on content store commit.
map<string, string> labels = 5;
// SourceDateEpoch specifies the timestamp used to provide control for reproducibility.
// See also https://reproducible-builds.org/docs/source-date-epoch/ .
//
// Since containerd v2.0, the whiteout timestamps are set to zero (1970-01-01),
// not to the source date epoch.
google.protobuf.Timestamp source_date_epoch = 6;
}
message DiffResponse {
// Diff is the descriptor of the diff which can be applied
containerd.types.Descriptor diff = 3;
}

View File

@ -0,0 +1,62 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.events.v1;
import "github.com/containerd/containerd/api/types/event.proto";
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
option go_package = "github.com/containerd/containerd/api/services/events/v1;events";
service Events {
// Publish an event to a topic.
//
// The event will be packed into a timestamp envelope with the namespace
// introspected from the context. The envelope will then be dispatched.
rpc Publish(PublishRequest) returns (google.protobuf.Empty);
// Forward sends an event that has already been packaged into an envelope
// with a timestamp and namespace.
//
// This is useful if earlier timestamping is required or when forwarding on
// behalf of another component, namespace or publisher.
rpc Forward(ForwardRequest) returns (google.protobuf.Empty);
// Subscribe to a stream of events, possibly returning only that match any
// of the provided filters.
//
// Unlike many other methods in containerd, subscribers will get messages
// from all namespaces unless otherwise specified. If this is not desired,
// a filter can be provided in the format 'namespace==<namespace>' to
// restrict the received events.
rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope);
}
message PublishRequest {
string topic = 1;
google.protobuf.Any event = 2;
}
message ForwardRequest {
containerd.types.Envelope envelope = 1;
}
message SubscribeRequest {
repeated string filters = 1;
}

View File

@ -0,0 +1,149 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.images.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/services/images/v1;images";
// Images is a service that allows one to register images with containerd.
//
// In containerd, an image is merely the mapping of a name to a content root,
// described by a descriptor. The behavior and state of image is purely
// dictated by the type of the descriptor.
//
// From the perspective of this service, these references are mostly shallow,
// in that the existence of the required content won't be validated until
// required by consuming services.
//
// As such, this can really be considered a "metadata service".
service Images {
// Get returns an image by name.
rpc Get(GetImageRequest) returns (GetImageResponse);
// List returns a list of all images known to containerd.
rpc List(ListImagesRequest) returns (ListImagesResponse);
// Create an image record in the metadata store.
//
// The name of the image must be unique.
rpc Create(CreateImageRequest) returns (CreateImageResponse);
// Update assigns the name to a given target image based on the provided
// image.
rpc Update(UpdateImageRequest) returns (UpdateImageResponse);
// Delete deletes the image by name.
rpc Delete(DeleteImageRequest) returns (google.protobuf.Empty);
}
message Image {
// Name provides a unique name for the image.
//
// Containerd treats this as the primary identifier.
string name = 1;
// Labels provides free form labels for the image. These are runtime only
// and do not get inherited into the package image in any way.
//
// Labels may be updated using the field mask.
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 2;
// Target describes the content entry point of the image.
containerd.types.Descriptor target = 3;
// CreatedAt is the time the image was first created.
google.protobuf.Timestamp created_at = 7;
// UpdatedAt is the last time the image was mutated.
google.protobuf.Timestamp updated_at = 8;
}
message GetImageRequest {
string name = 1;
}
message GetImageResponse {
Image image = 1;
}
message CreateImageRequest {
Image image = 1;
google.protobuf.Timestamp source_date_epoch = 2;
}
message CreateImageResponse {
Image image = 1;
}
message UpdateImageRequest {
// Image provides a full or partial image for update.
//
// The name field must be set or an error will be returned.
Image image = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
google.protobuf.FieldMask update_mask = 2;
google.protobuf.Timestamp source_date_epoch = 3;
}
message UpdateImageResponse {
Image image = 1;
}
message ListImagesRequest {
// Filters contains one or more filters using the syntax defined in the
// containerd filter package.
//
// The returned result will be those that match any of the provided
// filters. Expanded, images that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message ListImagesResponse {
repeated Image images = 1;
}
message DeleteImageRequest {
string name = 1;
// Sync indicates that the delete and cleanup should be done
// synchronously before returning to the caller
//
// Default is false
bool sync = 2;
// Target value for image to be deleted
//
// If image descriptor does not match the same digest,
// the delete operation will return "not found" error.
optional containerd.types.Descriptor target = 3;
}

View File

@ -0,0 +1,133 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.introspection.v1;
import "google/protobuf/any.proto";
import "github.com/containerd/containerd/api/types/introspection.proto";
import "github.com/containerd/containerd/api/types/platform.proto";
import "google/rpc/status.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/introspection/v1;introspection";
service Introspection {
// Plugins returns a list of plugins in containerd.
//
// Clients can use this to detect features and capabilities when using
// containerd.
rpc Plugins(PluginsRequest) returns (PluginsResponse);
// Server returns information about the containerd server
rpc Server(google.protobuf.Empty) returns (ServerResponse);
// PluginInfo returns information directly from a plugin if the plugin supports it
rpc PluginInfo(PluginInfoRequest) returns (PluginInfoResponse);
}
message Plugin {
// Type defines the type of plugin.
//
// See package plugin for a list of possible values. Non core plugins may
// define their own values during registration.
string type = 1;
// ID identifies the plugin uniquely in the system.
string id = 2;
// Requires lists the plugin types required by this plugin.
repeated string requires = 3;
// Platforms enumerates the platforms this plugin will support.
//
// If values are provided here, the plugin will only be operable under the
// provided platforms.
//
// If this is empty, the plugin will work across all platforms.
//
// If the plugin prefers certain platforms over others, they should be
// listed from most to least preferred.
repeated types.Platform platforms = 4;
// Exports allows plugins to provide values about state or configuration to
// interested parties.
//
// One example is exposing the configured path of a snapshotter plugin.
map<string, string> exports = 5;
// Capabilities allows plugins to communicate feature switches to allow
// clients to detect features that may not be on be default or may be
// different from version to version.
//
// Use this sparingly.
repeated string capabilities = 6;
// InitErr will be set if the plugin fails initialization.
//
// This means the plugin may have been registered but a non-terminal error
// was encountered during initialization.
//
// Plugins that have this value set cannot be used.
google.rpc.Status init_err = 7;
}
message PluginsRequest {
// Filters contains one or more filters using the syntax defined in the
// containerd filter package.
//
// The returned result will be those that match any of the provided
// filters. Expanded, plugins that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 1;
}
message PluginsResponse {
repeated Plugin plugins = 1;
}
message ServerResponse {
string uuid = 1;
uint64 pid = 2;
uint64 pidns = 3; // PID namespace, such as 4026531836
repeated DeprecationWarning deprecations = 4;
}
message DeprecationWarning {
string id = 1;
string message = 2;
google.protobuf.Timestamp last_occurrence = 3;
}
message PluginInfoRequest {
string type = 1;
string id = 2;
// Options may be used to request extra dynamic information from
// a plugin.
// This object is determined by the plugin and the plugin may return
// NotImplemented or InvalidArgument if it is not supported
google.protobuf.Any options = 3;
}
message PluginInfoResponse {
Plugin plugin = 1;
google.protobuf.Any extra = 2;
}

View File

@ -0,0 +1,116 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.leases.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/leases/v1;leases";
// Leases service manages resources leases within the metadata store.
service Leases {
// Create creates a new lease for managing changes to metadata. A lease
// can be used to protect objects from being removed.
rpc Create(CreateRequest) returns (CreateResponse);
// Delete deletes the lease and makes any unreferenced objects created
// during the lease eligible for garbage collection if not referenced
// or retained by other resources during the lease.
rpc Delete(DeleteRequest) returns (google.protobuf.Empty);
// List lists all active leases, returning the full list of
// leases and optionally including the referenced resources.
rpc List(ListRequest) returns (ListResponse);
// AddResource references the resource by the provided lease.
rpc AddResource(AddResourceRequest) returns (google.protobuf.Empty);
// DeleteResource dereferences the resource by the provided lease.
rpc DeleteResource(DeleteResourceRequest) returns (google.protobuf.Empty);
// ListResources lists all the resources referenced by the lease.
rpc ListResources(ListResourcesRequest) returns (ListResourcesResponse);
}
// Lease is an object which retains resources while it exists.
message Lease {
string id = 1;
google.protobuf.Timestamp created_at = 2;
map<string, string> labels = 3;
}
message CreateRequest {
// ID is used to identity the lease, when the id is not set the service
// generates a random identifier for the lease.
string id = 1;
map<string, string> labels = 3;
}
message CreateResponse {
Lease lease = 1;
}
message DeleteRequest {
string id = 1;
// Sync indicates that the delete and cleanup should be done
// synchronously before returning to the caller
//
// Default is false
bool sync = 2;
}
message ListRequest {
repeated string filters = 1;
}
message ListResponse {
repeated Lease leases = 1;
}
message Resource {
string id = 1;
// For snapshotter resource, there are many snapshotter types here, like
// overlayfs, devmapper etc. The type will be formatted with type,
// like "snapshotter/overlayfs".
string type = 2;
}
message AddResourceRequest {
string id = 1;
Resource resource = 2;
}
message DeleteResourceRequest {
string id = 1;
Resource resource = 2;
}
message ListResourcesRequest {
string id = 1;
}
message ListResourcesResponse {
repeated Resource resources = 1 ;
}

View File

@ -0,0 +1,107 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.namespaces.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
option go_package = "github.com/containerd/containerd/api/services/namespaces/v1;namespaces";
// Namespaces provides the ability to manipulate containerd namespaces.
//
// All objects in the system are required to be a member of a namespace. If a
// namespace is deleted, all objects, including containers, images and
// snapshots, will be deleted, as well.
//
// Unless otherwise noted, operations in containerd apply only to the namespace
// supplied per request.
//
// I hope this goes without saying, but namespaces are themselves NOT
// namespaced.
service Namespaces {
rpc Get(GetNamespaceRequest) returns (GetNamespaceResponse);
rpc List(ListNamespacesRequest) returns (ListNamespacesResponse);
rpc Create(CreateNamespaceRequest) returns (CreateNamespaceResponse);
rpc Update(UpdateNamespaceRequest) returns (UpdateNamespaceResponse);
rpc Delete(DeleteNamespaceRequest) returns (google.protobuf.Empty);
}
message Namespace {
string name = 1;
// Labels provides an area to include arbitrary data on namespaces.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
//
// Note that to add a new value to this field, read the existing set and
// include the entire result in the update call.
map<string, string> labels = 2;
}
message GetNamespaceRequest {
string name = 1;
}
message GetNamespaceResponse {
Namespace namespace = 1;
}
message ListNamespacesRequest {
string filter = 1;
}
message ListNamespacesResponse {
repeated Namespace namespaces = 1;
}
message CreateNamespaceRequest {
Namespace namespace = 1;
}
message CreateNamespaceResponse {
Namespace namespace = 1;
}
// UpdateNamespaceRequest updates the metadata for a namespace.
//
// The operation should follow semantics described in
// https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/field-mask,
// unless otherwise qualified.
message UpdateNamespaceRequest {
// Namespace provides the target value, as declared by the mask, for the update.
//
// The namespace field must be set.
Namespace namespace = 1;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
//
// For the most part, this applies only to selectively updating labels on
// the namespace. While field masks are typically limited to ascii alphas
// and digits, we just take everything after the "labels." as the map key.
google.protobuf.FieldMask update_mask = 2;
}
message UpdateNamespaceResponse {
Namespace namespace = 1;
}
message DeleteNamespaceRequest {
string name = 1;
}

View File

@ -0,0 +1,204 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
// Sandbox is a v2 runtime extension that allows more complex execution environments for containers.
// This adds a notion of groups of containers that share same lifecycle and/or resources.
// A few good fits for sandbox can be:
// - A "pause" container in k8s, that acts as a parent process for child containers to hold network namespace.
// - (micro)VMs that launch a VM process and executes containers inside guest OS.
// containerd in this case remains implementation agnostic and delegates sandbox handling to runtimes.
// See proposal and discussion here: https://github.com/containerd/containerd/issues/4131
package containerd.services.sandbox.v1;
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/sandbox.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/platform.proto";
import "github.com/containerd/containerd/api/types/metrics.proto";
option go_package = "github.com/containerd/containerd/api/services/sandbox/v1;sandbox";
// Store provides a metadata storage interface for sandboxes. Similarly to `Containers`,
// sandbox object includes info required to start a new instance, but no runtime state.
// When running a new sandbox instance, store objects are used as base type to create from.
service Store {
rpc Create(StoreCreateRequest) returns (StoreCreateResponse);
rpc Update(StoreUpdateRequest) returns (StoreUpdateResponse);
rpc Delete(StoreDeleteRequest) returns (StoreDeleteResponse);
rpc List(StoreListRequest) returns (StoreListResponse);
rpc Get(StoreGetRequest) returns (StoreGetResponse);
}
message StoreCreateRequest {
containerd.types.Sandbox sandbox = 1;
}
message StoreCreateResponse {
containerd.types.Sandbox sandbox = 1;
}
message StoreUpdateRequest {
containerd.types.Sandbox sandbox = 1;
repeated string fields = 2;
}
message StoreUpdateResponse {
containerd.types.Sandbox sandbox = 1;
}
message StoreDeleteRequest {
string sandbox_id = 1;
}
message StoreDeleteResponse {}
message StoreListRequest {
repeated string filters = 1;
}
message StoreListResponse {
repeated containerd.types.Sandbox list = 1;
}
message StoreGetRequest {
string sandbox_id = 1;
}
message StoreGetResponse {
containerd.types.Sandbox sandbox = 1;
}
// Controller is an interface to manage runtime sandbox instances.
service Controller {
rpc Create(ControllerCreateRequest) returns (ControllerCreateResponse);
rpc Start(ControllerStartRequest) returns (ControllerStartResponse);
rpc Platform(ControllerPlatformRequest) returns (ControllerPlatformResponse);
rpc Stop(ControllerStopRequest) returns (ControllerStopResponse);
rpc Wait(ControllerWaitRequest) returns (ControllerWaitResponse);
rpc Status(ControllerStatusRequest) returns (ControllerStatusResponse);
rpc Shutdown(ControllerShutdownRequest) returns (ControllerShutdownResponse);
rpc Metrics(ControllerMetricsRequest) returns (ControllerMetricsResponse);
rpc Update(ControllerUpdateRequest) returns (ControllerUpdateResponse);
}
message ControllerCreateRequest {
string sandbox_id = 1;
repeated containerd.types.Mount rootfs = 2;
google.protobuf.Any options = 3;
string netns_path = 4;
map<string, string> annotations = 5;
containerd.types.Sandbox sandbox = 6;
string sandboxer = 10;
}
message ControllerCreateResponse {
string sandbox_id = 1;
}
message ControllerStartRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerStartResponse {
string sandbox_id = 1;
uint32 pid = 2;
google.protobuf.Timestamp created_at = 3;
map<string, string> labels = 4;
// Address of the sandbox for containerd to connect,
// for calling Task or other APIs serving in the sandbox.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string address = 5;
uint32 version = 6;
}
message ControllerPlatformRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerPlatformResponse {
containerd.types.Platform platform = 1;
}
message ControllerStopRequest {
string sandbox_id = 1;
uint32 timeout_secs = 2;
string sandboxer = 10;
}
message ControllerStopResponse {}
message ControllerWaitRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerWaitResponse {
uint32 exit_status = 1;
google.protobuf.Timestamp exited_at = 2;
}
message ControllerStatusRequest {
string sandbox_id = 1;
bool verbose = 2;
string sandboxer = 10;
}
message ControllerStatusResponse {
string sandbox_id = 1;
uint32 pid = 2;
string state = 3;
map<string, string> info = 4;
google.protobuf.Timestamp created_at = 5;
google.protobuf.Timestamp exited_at = 6;
google.protobuf.Any extra = 7;
// Address of the sandbox for containerd to connect,
// for calling Task or other APIs serving in the sandbox.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string address = 8;
uint32 version = 9;
}
message ControllerShutdownRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerShutdownResponse {}
message ControllerMetricsRequest {
string sandbox_id = 1;
string sandboxer = 10;
}
message ControllerMetricsResponse {
types.Metric metrics = 1;
}
message ControllerUpdateRequest {
string sandbox_id = 1;
string sandboxer = 2;
containerd.types.Sandbox sandbox = 3;
repeated string fields = 4;
}
message ControllerUpdateResponse {
}

View File

@ -0,0 +1,179 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.snapshots.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
option go_package = "github.com/containerd/containerd/api/services/snapshots/v1;snapshots";
// Snapshot service manages snapshots
service Snapshots {
rpc Prepare(PrepareSnapshotRequest) returns (PrepareSnapshotResponse);
rpc View(ViewSnapshotRequest) returns (ViewSnapshotResponse);
rpc Mounts(MountsRequest) returns (MountsResponse);
rpc Commit(CommitSnapshotRequest) returns (google.protobuf.Empty);
rpc Remove(RemoveSnapshotRequest) returns (google.protobuf.Empty);
rpc Stat(StatSnapshotRequest) returns (StatSnapshotResponse);
rpc Update(UpdateSnapshotRequest) returns (UpdateSnapshotResponse);
rpc List(ListSnapshotsRequest) returns (stream ListSnapshotsResponse);
rpc Usage(UsageRequest) returns (UsageResponse);
rpc Cleanup(CleanupRequest) returns (google.protobuf.Empty);
}
message PrepareSnapshotRequest {
string snapshotter = 1;
string key = 2;
string parent = 3;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 4;
}
message PrepareSnapshotResponse {
repeated containerd.types.Mount mounts = 1;
}
message ViewSnapshotRequest {
string snapshotter = 1;
string key = 2;
string parent = 3;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 4;
}
message ViewSnapshotResponse {
repeated containerd.types.Mount mounts = 1;
}
message MountsRequest {
string snapshotter = 1;
string key = 2;
}
message MountsResponse {
repeated containerd.types.Mount mounts = 1;
}
message RemoveSnapshotRequest {
string snapshotter = 1;
string key = 2;
}
message CommitSnapshotRequest {
string snapshotter = 1;
string name = 2;
string key = 3;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 4;
}
message StatSnapshotRequest {
string snapshotter = 1;
string key = 2;
}
enum Kind {
UNKNOWN = 0;
VIEW = 1;
ACTIVE = 2;
COMMITTED = 3;
}
message Info {
string name = 1;
string parent = 2;
Kind kind = 3;
// CreatedAt provides the time at which the snapshot was created.
google.protobuf.Timestamp created_at = 4;
// UpdatedAt provides the time the info was last updated.
google.protobuf.Timestamp updated_at = 5;
// Labels are arbitrary data on snapshots.
//
// The combined size of a key/value pair cannot exceed 4096 bytes.
map<string, string> labels = 6;
}
message StatSnapshotResponse {
Info info = 1;
}
message UpdateSnapshotRequest {
string snapshotter = 1;
Info info = 2;
// UpdateMask specifies which fields to perform the update on. If empty,
// the operation applies to all fields.
//
// In info, Name, Parent, Kind, Created are immutable,
// other field may be updated using this mask.
// If no mask is provided, all mutable field are updated.
google.protobuf.FieldMask update_mask = 3;
}
message UpdateSnapshotResponse {
Info info = 1;
}
message ListSnapshotsRequest{
string snapshotter = 1;
// Filters contains one or more filters using the syntax defined in the
// containerd filter package.
//
// The returned result will be those that match any of the provided
// filters. Expanded, images that match the following will be
// returned:
//
// filters[0] or filters[1] or ... or filters[n-1] or filters[n]
//
// If filters is zero-length or nil, all items will be returned.
repeated string filters = 2;
}
message ListSnapshotsResponse {
repeated Info info = 1;
}
message UsageRequest {
string snapshotter = 1;
string key = 2;
}
message UsageResponse {
int64 size = 1;
int64 inodes = 2;
}
message CleanupRequest {
string snapshotter = 1;
}

View File

@ -0,0 +1,31 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.streaming.v1;
import "google/protobuf/any.proto";
option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming";
service Streaming {
rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any);
}
message StreamInit {
string id = 1;
}

View File

@ -0,0 +1,227 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.tasks.v1;
import "google/protobuf/empty.proto";
import "google/protobuf/any.proto";
import "github.com/containerd/containerd/api/types/mount.proto";
import "github.com/containerd/containerd/api/types/metrics.proto";
import "github.com/containerd/containerd/api/types/descriptor.proto";
import "github.com/containerd/containerd/api/types/task/task.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/services/tasks/v1;tasks";
service Tasks {
// Create a task.
rpc Create(CreateTaskRequest) returns (CreateTaskResponse);
// Start a process.
rpc Start(StartRequest) returns (StartResponse);
// Delete a task and on disk state.
rpc Delete(DeleteTaskRequest) returns (DeleteResponse);
rpc DeleteProcess(DeleteProcessRequest) returns (DeleteResponse);
rpc Get(GetRequest) returns (GetResponse);
rpc List(ListTasksRequest) returns (ListTasksResponse);
// Kill a task or process.
rpc Kill(KillRequest) returns (google.protobuf.Empty);
rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty);
rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty);
rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty);
rpc Pause(PauseTaskRequest) returns (google.protobuf.Empty);
rpc Resume(ResumeTaskRequest) returns (google.protobuf.Empty);
rpc ListPids(ListPidsRequest) returns (ListPidsResponse);
rpc Checkpoint(CheckpointTaskRequest) returns (CheckpointTaskResponse);
rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty);
rpc Metrics(MetricsRequest) returns (MetricsResponse);
rpc Wait(WaitRequest) returns (WaitResponse);
}
message CreateTaskRequest {
string container_id = 1;
// RootFS provides the pre-chroot mounts to perform in the shim before
// executing the container task.
//
// These are for mounts that cannot be performed in the user namespace.
// Typically, these mounts should be resolved from snapshots specified on
// the container object.
repeated containerd.types.Mount rootfs = 3;
string stdin = 4;
string stdout = 5;
string stderr = 6;
bool terminal = 7;
containerd.types.Descriptor checkpoint = 8;
google.protobuf.Any options = 9;
string runtime_path = 10;
}
message CreateTaskResponse {
string container_id = 1;
uint32 pid = 2;
}
message StartRequest {
string container_id = 1;
string exec_id = 2;
}
message StartResponse {
uint32 pid = 1;
}
message DeleteTaskRequest {
string container_id = 1;
}
message DeleteResponse {
string id = 1;
uint32 pid = 2;
uint32 exit_status = 3;
google.protobuf.Timestamp exited_at = 4;
}
message DeleteProcessRequest {
string container_id = 1;
string exec_id = 2;
}
message GetRequest {
string container_id = 1;
string exec_id = 2;
}
message GetResponse {
containerd.v1.types.Process process = 1;
}
message ListTasksRequest {
string filter = 1;
}
message ListTasksResponse {
repeated containerd.v1.types.Process tasks = 1;
}
message KillRequest {
string container_id = 1;
string exec_id = 2;
uint32 signal = 3;
bool all = 4;
}
message ExecProcessRequest {
string container_id = 1;
string stdin = 2;
string stdout = 3;
string stderr = 4;
bool terminal = 5;
// Spec for starting a process in the target container.
//
// For runc, this is a process spec, for example.
google.protobuf.Any spec = 6;
// id of the exec process
string exec_id = 7;
}
message ExecProcessResponse {
}
message ResizePtyRequest {
string container_id = 1;
string exec_id = 2;
uint32 width = 3;
uint32 height = 4;
}
message CloseIORequest {
string container_id = 1;
string exec_id = 2;
bool stdin = 3;
}
message PauseTaskRequest {
string container_id = 1;
}
message ResumeTaskRequest {
string container_id = 1;
}
message ListPidsRequest {
string container_id = 1;
}
message ListPidsResponse {
// Processes includes the process ID and additional process information
repeated containerd.v1.types.ProcessInfo processes = 1;
}
message CheckpointTaskRequest {
string container_id = 1;
string parent_checkpoint = 2;
google.protobuf.Any options = 3;
}
message CheckpointTaskResponse {
repeated containerd.types.Descriptor descriptors = 1;
}
message UpdateTaskRequest {
string container_id = 1;
google.protobuf.Any resources = 2;
map<string, string> annotations = 3;
}
message MetricsRequest {
repeated string filters = 1;
}
message MetricsResponse {
repeated types.Metric metrics = 1;
}
message WaitRequest {
string container_id = 1;
string exec_id = 2;
}
message WaitResponse {
uint32 exit_status = 1;
google.protobuf.Timestamp exited_at = 2;
}

View File

@ -0,0 +1,39 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.transfer.v1;
import "google/protobuf/any.proto";
import "google/protobuf/empty.proto";
option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer";
service Transfer {
rpc Transfer(TransferRequest) returns (google.protobuf.Empty);
}
message TransferRequest {
google.protobuf.Any source = 1;
google.protobuf.Any destination = 2;
TransferOptions options = 3;
}
message TransferOptions {
string progress_stream = 1;
// Progress min interval
}

View File

@ -0,0 +1,37 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.events.ttrpc.v1;
import "github.com/containerd/containerd/api/types/event.proto";
import "google/protobuf/empty.proto";
option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events";
service Events {
// Forward sends an event that has already been packaged into an envelope
// with a timestamp and namespace.
//
// This is useful if earlier timestamping is required or when forwarding on
// behalf of another component, namespace or publisher.
rpc Forward(ForwardRequest) returns (google.protobuf.Empty);
}
message ForwardRequest {
containerd.types.Envelope envelope = 1;
}

View File

@ -0,0 +1,33 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.services.version.v1;
import "google/protobuf/empty.proto";
// TODO(stevvooe): Should version service actually be versioned?
option go_package = "github.com/containerd/containerd/api/services/version/v1;version";
service Version {
rpc Version(google.protobuf.Empty) returns (VersionResponse);
}
message VersionResponse {
string version = 1;
string revision = 2;
}

View File

@ -0,0 +1,33 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
option go_package = "github.com/containerd/containerd/api/types;types";
// Descriptor describes a blob in a content store.
//
// This descriptor can be used to reference content from an
// oci descriptor found in a manifest.
// See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor
message Descriptor {
string media_type = 1;
string digest = 2;
int64 size = 3;
map<string, string> annotations = 5;
}

View File

@ -0,0 +1,33 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "github.com/containerd/containerd/api/types/fieldpath.proto";
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message Envelope {
option (containerd.types.fieldpath) = true;
google.protobuf.Timestamp timestamp = 1;
string namespace = 2;
string topic = 3;
google.protobuf.Any event = 4;
}

View File

@ -0,0 +1,42 @@
// Protocol Buffers for Go with Gadgets
//
// Copyright (c) 2013, The GoGo Authors. All rights reserved.
// http://github.com/gogo/protobuf
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following disclaimer
// in the documentation and/or other materials provided with the
// distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
syntax = "proto3";
package containerd.types;
import "google/protobuf/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
extend google.protobuf.FileOptions {
optional bool fieldpath_all = 63300;
}
extend google.protobuf.MessageOptions {
optional bool fieldpath = 64400;
}

View File

@ -0,0 +1,46 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "google/protobuf/any.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message RuntimeRequest {
string runtime_path = 1;
// Options correspond to CreateTaskRequest.options.
// This is needed to pass the runc binary path, etc.
google.protobuf.Any options = 2;
}
message RuntimeVersion {
string version = 1;
string revision = 2;
}
message RuntimeInfo {
string name = 1;
RuntimeVersion version = 2;
// Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.)
google.protobuf.Any options = 3;
// OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md
google.protobuf.Any features = 4;
// Annotations of the shim. Irrelevant to features.Annotations.
map<string, string> annotations = 5;
}

View File

@ -0,0 +1,30 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
message Metric {
google.protobuf.Timestamp timestamp = 1;
string id = 2;
google.protobuf.Any data = 3;
}

View File

@ -0,0 +1,43 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
option go_package = "github.com/containerd/containerd/api/types;types";
// Mount describes mounts for a container.
//
// This type is the lingua franca of ContainerD. All services provide mounts
// to be used with the container at creation time.
//
// The Mount type follows the structure of the mount syscall, including a type,
// source, target and options.
message Mount {
// Type defines the nature of the mount.
string type = 1;
// Source specifies the name of the mount. Depending on mount type, this
// may be a volume name or a host path, or even ignored.
string source = 2;
// Target path in container
string target = 3;
// Options specifies zero or more fstab style mount options.
repeated string options = 4;
}

View File

@ -0,0 +1,30 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
option go_package = "github.com/containerd/containerd/api/types;types";
// Platform follows the structure of the OCI platform specification, from
// descriptors.
message Platform {
string os = 1;
string architecture = 2;
string variant = 3;
string os_version = 4;
}

View File

@ -0,0 +1,63 @@
syntax = "proto3";
package containerd.runc.v1;
option go_package = "github.com/containerd/containerd/api/types/runc/options;options";
message Options {
// disable pivot root when creating a container
bool no_pivot_root = 1;
// create a new keyring for the container
bool no_new_keyring = 2;
// place the shim in a cgroup
string shim_cgroup = 3;
// set the I/O's pipes uid
uint32 io_uid = 4;
// set the I/O's pipes gid
uint32 io_gid = 5;
// binary name of the runc binary
string binary_name = 6;
// runc root directory
string root = 7;
// criu binary path.
//
// Removed in containerd v2.0: string criu_path = 8;
reserved 8;
// enable systemd cgroups
bool systemd_cgroup = 9;
// criu image path
string criu_image_path = 10;
// criu work path
string criu_work_path = 11;
// task api address, can be a unix domain socket, or vsock address.
// it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>.
string task_api_address = 12;
// task api version, currently supported value is 2 and 3.
uint32 task_api_version = 13;
}
message CheckpointOptions {
// exit the container after a checkpoint
bool exit = 1;
// checkpoint open tcp connections
bool open_tcp = 2;
// checkpoint external unix sockets
bool external_unix_sockets = 3;
// checkpoint terminals (ptys)
bool terminal = 4;
// allow checkpointing of file locks
bool file_locks = 5;
// restore provided namespaces as empty namespaces
repeated string empty_namespaces = 6;
// set the cgroups mode, soft, full, strict
string cgroups_mode = 7;
// checkpoint image path
string image_path = 8;
// checkpoint work path
string work_path = 9;
}
message ProcessDetails {
// exec process id if the process is managed by a shim
string exec_id = 1;
}

View File

@ -0,0 +1,17 @@
// To regenerate api.pb.go run `make protos`
syntax = "proto3";
package runtimeoptions.v1;
option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions";
message Options {
// TypeUrl specifies the type of the content inside the config file.
string type_url = 1;
// ConfigPath specifies the filesystem location of the config file
// used by the runtime.
string config_path = 2;
// Blob specifies an in-memory TOML blob passed from containerd's configuration section
// for this runtime. This will be used if config_path is not specified.
bytes config_body = 3;
}

View File

@ -0,0 +1,54 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types;
import "google/protobuf/any.proto";
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types;types";
// Sandbox represents a sandbox metadata object that keeps all info required by controller to
// work with a particular instance.
message Sandbox {
// SandboxID is a unique instance identifier within namespace
string sandbox_id = 1;
message Runtime {
// Name is the name of the runtime.
string name = 1;
// Options specify additional runtime initialization options for the shim (this data will be available in StartShim).
// Typically this data expected to be runtime shim implementation specific.
google.protobuf.Any options = 2;
}
// Runtime specifies which runtime to use for executing this container.
Runtime runtime = 2;
// Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the
// bundle directory (similary to OCI spec).
google.protobuf.Any spec = 3;
// Labels provides an area to include arbitrary data on containers.
map<string, string> labels = 4;
// CreatedAt is the time the container was first created.
google.protobuf.Timestamp created_at = 5;
// UpdatedAt is the last time the container was mutated.
google.protobuf.Timestamp updated_at = 6;
// Extensions allow clients to provide optional blobs that can be handled by runtime.
map<string, google.protobuf.Any> extensions = 7;
// Sandboxer is the name of the sandbox controller who manages the sandbox.
string sandboxer = 10;
}

View File

@ -0,0 +1,55 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.v1.types;
import "google/protobuf/timestamp.proto";
import "google/protobuf/any.proto";
option go_package = "github.com/containerd/containerd/api/types/task";
enum Status {
UNKNOWN = 0;
CREATED = 1;
RUNNING = 2;
STOPPED = 3;
PAUSED = 4;
PAUSING = 5;
}
message Process {
string container_id = 1;
string id = 2;
uint32 pid = 3;
Status status = 4;
string stdin = 5;
string stdout = 6;
string stderr = 7;
bool terminal = 8;
uint32 exit_status = 9;
google.protobuf.Timestamp exited_at = 10;
}
message ProcessInfo {
// PID is the process ID.
uint32 pid = 1;
// Info contains additional process information.
//
// Info varies by platform.
google.protobuf.Any info = 2;
}

View File

@ -0,0 +1,82 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "github.com/containerd/containerd/api/types/platform.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message ImageStore {
string name = 1;
map<string, string> labels = 2;
// Content filters
repeated types.Platform platforms = 3;
bool all_metadata = 4;
uint32 manifest_limit = 5;
// Import naming
// extra_references are used to set image names on imports of sub-images from the index
repeated ImageReference extra_references = 6;
// Unpack Configuration, multiple allowed
repeated UnpackConfiguration unpacks = 10;
}
message UnpackConfiguration {
// platform is the platform to unpack for, used for resolving manifest and snapshotter
// if not provided
types.Platform platform = 1;
// snapshotter to unpack to, if not provided default for platform shoudl be used
string snapshotter = 2;
}
// ImageReference is used to create or find a reference for an image
message ImageReference {
string name = 1;
// is_prefix determines whether the Name should be considered
// a prefix (without tag or digest).
// For lookup, this may allow matching multiple tags.
// For store, this must have a tag or digest added.
bool is_prefix = 2;
// allow_overwrite allows overwriting or ignoring the name if
// another reference is provided (such as through an annotation).
// Only used if IsPrefix is true.
bool allow_overwrite = 3;
// add_digest adds the manifest digest to the reference.
// For lookup, this allows matching tags with any digest.
// For store, this allows adding the digest to the name.
// Only used if IsPrefix is true.
bool add_digest = 4;
// skip_named_digest only considers digest references which do not
// have a non-digested named reference.
// For lookup, this will deduplicate digest references when there is a named match.
// For store, this only adds this digest reference when there is no matching full
// name reference from the prefix.
// Only used if IsPrefix is true.
bool skip_named_digest = 5;
}

View File

@ -0,0 +1,52 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
option go_package = "github.com/containerd/containerd/api/types/transfer";
import "github.com/containerd/containerd/api/types/platform.proto";
message ImageImportStream {
// Stream is used to identify the binary input stream for the import operation.
// The stream uses the transfer binary stream protocol with the client as the sender.
// The binary data is expected to be a raw tar stream.
string stream = 1;
string media_type = 2;
bool force_compress = 3;
}
message ImageExportStream {
// Stream is used to identify the binary output stream for the export operation.
// The stream uses the transfer binary stream protocol with the server as the sender.
// The binary data is expected to be a raw tar stream.
string stream = 1;
string media_type = 2;
// The specified platforms
repeated types.Platform platforms = 3;
// Whether to include all platforms
bool all_platforms = 4;
// Skips the creation of the Docker compatible manifest.json file
bool skip_compatibility_manifest = 5;
// Excludes non-distributable blobs such as Windows base layers.
bool skip_non_distributable = 6;
}

View File

@ -0,0 +1,32 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "github.com/containerd/containerd/api/types/descriptor.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message Progress {
string event = 1;
string name = 2;
repeated string parents = 3;
int64 progress = 4;
int64 total = 5;
containerd.types.Descriptor desc = 6;
}

View File

@ -0,0 +1,97 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
import "google/protobuf/timestamp.proto";
option go_package = "github.com/containerd/containerd/api/types/transfer";
message OCIRegistry {
string reference = 1;
RegistryResolver resolver = 2;
}
enum HTTPDebug {
DISABLED = 0;
// Enable HTTP debugging
DEBUG = 1;
// Enable HTTP requests tracing
TRACE = 2;
// Enable both HTTP debugging and requests tracing
BOTH = 3;
}
message RegistryResolver {
// auth_stream is used to refer to a stream which auth callbacks may be
// made on.
string auth_stream = 1;
// Headers
map<string, string> headers = 2;
string host_dir = 3;
string default_scheme = 4;
// Force skip verify
// CA callback? Client TLS callback?
// Whether to debug/trace HTTP requests to OCI registry.
HTTPDebug http_debug = 5;
// Stream ID to use for HTTP logs (when logs are streamed to client).
// When empty, logs are written to containerd logs.
string logs_stream = 6;
}
// AuthRequest is sent as a callback on a stream
message AuthRequest {
// host is the registry host
string host = 1;
// reference is the namespace and repository name requested from the registry
string reference = 2;
// wwwauthenticate is the HTTP WWW-Authenticate header values returned from the registry
repeated string wwwauthenticate = 3;
}
enum AuthType {
NONE = 0;
// CREDENTIALS is used to exchange username/password for access token
// using an oauth or "Docker Registry Token" server
CREDENTIALS = 1;
// REFRESH is used to exchange secret for access token using an oauth
// or "Docker Registry Token" server
REFRESH = 2;
// HEADER is used to set the HTTP Authorization header to secret
// directly for the registry.
// Value should be `<auth-scheme> <authorization-parameters>`
HEADER = 3;
}
message AuthResponse {
AuthType authType = 1;
string secret = 2;
string username = 3;
google.protobuf.Timestamp expire_at = 4;
// TODO: Stream error
}

View File

@ -0,0 +1,29 @@
/*
Copyright The containerd Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
syntax = "proto3";
package containerd.types.transfer;
option go_package = "github.com/containerd/containerd/api/types/transfer";
message Data {
bytes data = 1;
}
message WindowUpdate {
int32 update = 1;
}

View File

@ -1,144 +0,0 @@
// Protocol Buffers for Go with Gadgets
//
// Copyright (c) 2013, The GoGo Authors. All rights reserved.
// http://github.com/gogo/protobuf
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following disclaimer
// in the documentation and/or other materials provided with the
// distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
syntax = "proto2";
package gogoproto;
import "google/protobuf/descriptor.proto";
option java_package = "com.google.protobuf";
option java_outer_classname = "GoGoProtos";
option go_package = "github.com/gogo/protobuf/gogoproto";
extend google.protobuf.EnumOptions {
optional bool goproto_enum_prefix = 62001;
optional bool goproto_enum_stringer = 62021;
optional bool enum_stringer = 62022;
optional string enum_customname = 62023;
optional bool enumdecl = 62024;
}
extend google.protobuf.EnumValueOptions {
optional string enumvalue_customname = 66001;
}
extend google.protobuf.FileOptions {
optional bool goproto_getters_all = 63001;
optional bool goproto_enum_prefix_all = 63002;
optional bool goproto_stringer_all = 63003;
optional bool verbose_equal_all = 63004;
optional bool face_all = 63005;
optional bool gostring_all = 63006;
optional bool populate_all = 63007;
optional bool stringer_all = 63008;
optional bool onlyone_all = 63009;
optional bool equal_all = 63013;
optional bool description_all = 63014;
optional bool testgen_all = 63015;
optional bool benchgen_all = 63016;
optional bool marshaler_all = 63017;
optional bool unmarshaler_all = 63018;
optional bool stable_marshaler_all = 63019;
optional bool sizer_all = 63020;
optional bool goproto_enum_stringer_all = 63021;
optional bool enum_stringer_all = 63022;
optional bool unsafe_marshaler_all = 63023;
optional bool unsafe_unmarshaler_all = 63024;
optional bool goproto_extensions_map_all = 63025;
optional bool goproto_unrecognized_all = 63026;
optional bool gogoproto_import = 63027;
optional bool protosizer_all = 63028;
optional bool compare_all = 63029;
optional bool typedecl_all = 63030;
optional bool enumdecl_all = 63031;
optional bool goproto_registration = 63032;
optional bool messagename_all = 63033;
optional bool goproto_sizecache_all = 63034;
optional bool goproto_unkeyed_all = 63035;
}
extend google.protobuf.MessageOptions {
optional bool goproto_getters = 64001;
optional bool goproto_stringer = 64003;
optional bool verbose_equal = 64004;
optional bool face = 64005;
optional bool gostring = 64006;
optional bool populate = 64007;
optional bool stringer = 67008;
optional bool onlyone = 64009;
optional bool equal = 64013;
optional bool description = 64014;
optional bool testgen = 64015;
optional bool benchgen = 64016;
optional bool marshaler = 64017;
optional bool unmarshaler = 64018;
optional bool stable_marshaler = 64019;
optional bool sizer = 64020;
optional bool unsafe_marshaler = 64023;
optional bool unsafe_unmarshaler = 64024;
optional bool goproto_extensions_map = 64025;
optional bool goproto_unrecognized = 64026;
optional bool protosizer = 64028;
optional bool compare = 64029;
optional bool typedecl = 64030;
optional bool messagename = 64033;
optional bool goproto_sizecache = 64034;
optional bool goproto_unkeyed = 64035;
}
extend google.protobuf.FieldOptions {
optional bool nullable = 65001;
optional bool embed = 65002;
optional string customtype = 65003;
optional string customname = 65004;
optional string jsontag = 65005;
optional string moretags = 65006;
optional string casttype = 65007;
optional string castkey = 65008;
optional string castvalue = 65009;
optional bool stdtime = 65010;
optional bool stdduration = 65011;
optional bool wktpointer = 65012;
}

View File

@ -1,11 +1,21 @@
[package]
name = "containerd-shim-logging"
version = "0.1.1"
authors = ["Maksym Pavlenko <pavlenko.maksym@gmail.com>", "The containerd Authors"]
authors = [
"Maksym Pavlenko <pavlenko.maksym@gmail.com>",
"The containerd Authors",
]
description = "Logger extension for containerd v2 runtime"
keywords = ["containerd", "shim", "containers"]
categories = ["api-bindings", "asynchronous"]
edition.workspace = true
license.workspace = true
repository.workspace = true
homepage.workspace = true
[features]
docs = []
[package.metadata.docs.rs]
features = ["docs"]

View File

@ -8,7 +8,7 @@
Shim v2 runtime supports pluggable logging binaries via stdio URIs.
This crate implement `logging::run` to easy custom logger implementations in Rust.
[containerd Documentation](https://github.com/containerd/containerd/tree/master/runtime/v2#logging)
[containerd Documentation](https://github.com/containerd/containerd/tree/master/core/runtime/v2#logging)
## Example

View File

@ -14,14 +14,7 @@
limitations under the License.
*/
//! Helper library to implement custom shim loggers for containerd.
//!
//! # Runtime
//! containerd shims may support pluggable logging via stdio URIs. Binary logging has the ability to
//! forward a container's STDIO to an external binary for consumption.
//!
//! This crates replicates APIs provided by Go [version](https://github.com/containerd/containerd/blob/main/runtime/v2/README.md#logging).
//!
#![cfg_attr(feature = "docs", doc = include_str!("../README.md"))]
use std::{env, fmt, fs, os::unix::io::FromRawFd, process};

Some files were not shown because too many files have changed in this diff Show More