diff --git a/nodeup/pkg/model/containerd.go b/nodeup/pkg/model/containerd.go index 5f40c02ae0..9612214d0b 100644 --- a/nodeup/pkg/model/containerd.go +++ b/nodeup/pkg/model/containerd.go @@ -99,12 +99,13 @@ func (b *ContainerdBuilder) Build(c *fi.ModelBuilderContext) error { return fmt.Errorf("unable to find any containerd binaries in assets") } for k, v := range f { - c.AddTask(&nodetasks.File{ + fileTask := &nodetasks.File{ Path: filepath.Join("/usr/bin", k), Contents: v, Type: nodetasks.FileType_File, Mode: fi.String("0755"), - }) + } + c.AddTask(fileTask) } } diff --git a/nodeup/pkg/model/context.go b/nodeup/pkg/model/context.go index e3b5f4cf39..8bb55182b4 100644 --- a/nodeup/pkg/model/context.go +++ b/nodeup/pkg/model/context.go @@ -599,7 +599,7 @@ func (c *NodeupModelContext) GetPrivateKey(name string) ([]byte, error) { func (b *NodeupModelContext) AddCNIBinAssets(c *fi.ModelBuilderContext, assetNames []string) error { for _, assetName := range assetNames { - re, err := regexp.Compile(fmt.Sprintf("^%s$", assetName)) + re, err := regexp.Compile(fmt.Sprintf("^%s$", regexp.QuoteMeta(assetName))) if err != nil { return err } @@ -611,19 +611,17 @@ func (b *NodeupModelContext) AddCNIBinAssets(c *fi.ModelBuilderContext, assetNam } func (b *NodeupModelContext) addCNIBinAsset(c *fi.ModelBuilderContext, assetPath *regexp.Regexp) error { - a := b.Assets.FindMatches(assetPath) - if len(a) != 1 { - return fmt.Errorf("unable to locate asset %q", assetPath.String()) + name, res, err := b.Assets.FindMatch(assetPath) + if err != nil { + return err } - for k, v := range a { - c.AddTask(&nodetasks.File{ - Path: filepath.Join(b.CNIBinDir(), k), - Contents: v, - Type: nodetasks.FileType_File, - Mode: fi.String("0755"), - }) - } + c.AddTask(&nodetasks.File{ + Path: filepath.Join(b.CNIBinDir(), name), + Contents: res, + Type: nodetasks.FileType_File, + Mode: fi.String("0755"), + }) return nil } diff --git a/nodeup/pkg/model/docker.go b/nodeup/pkg/model/docker.go index 3be2c51a7d..52696f08f7 100644 --- a/nodeup/pkg/model/docker.go +++ b/nodeup/pkg/model/docker.go @@ -79,6 +79,15 @@ func (b *DockerBuilder) Build(c *fi.ModelBuilderContext) error { return nil } + dockerVersion, err := b.dockerVersion() + if err != nil { + return err + } + sv, err := semver.ParseTolerant(dockerVersion) + if err != nil { + return fmt.Errorf("error parsing docker version %q: %v", dockerVersion, err) + } + c.AddTask(b.buildDockerGroup()) c.AddTask(b.buildSystemdSocket()) @@ -89,13 +98,23 @@ func (b *DockerBuilder) Build(c *fi.ModelBuilderContext) error { return fmt.Errorf("unable to find any Docker binaries in assets") } for k, v := range f { - klog.V(4).Infof("Found matching Docker asset: %q", k) - c.AddTask(&nodetasks.File{ + fileTask := &nodetasks.File{ Path: filepath.Join("/usr/bin", k), Contents: v, Type: nodetasks.FileType_File, Mode: fi.String("0755"), - }) + } + c.AddTask(fileTask) + + // As a mitigation for CVE-2019-5736 we chattr docker-runc to be immutable + // https://github.com/kubernetes/kops/blob/master/docs/advisories/cve_2019_5736.md + if strings.HasSuffix(k, "runc") && sv.LT(semver.MustParse("18.9.2")) { + c.AddTask(&nodetasks.Chattr{ + File: filepath.Join("/usr/bin", k), + Mode: "+i", + Deps: []fi.Task{fileTask}, + }) + } } } @@ -109,16 +128,7 @@ func (b *DockerBuilder) Build(c *fi.ModelBuilderContext) error { c.AddTask(t) } - dockerVersion, err := b.dockerVersion() - if err != nil { - return err - } - - v, err := semver.ParseTolerant(dockerVersion) - if err != nil { - return fmt.Errorf("error parsing docker version %q: %v", dockerVersion, err) - } - c.AddTask(b.buildSystemdService(v)) + c.AddTask(b.buildSystemdService(sv)) if err := b.buildSysconfig(c); err != nil { return err diff --git a/nodeup/pkg/model/docker_test.go b/nodeup/pkg/model/docker_test.go index 6b1d192ce2..8f0c8d2251 100644 --- a/nodeup/pkg/model/docker_test.go +++ b/nodeup/pkg/model/docker_test.go @@ -21,6 +21,8 @@ import ( "path/filepath" "testing" + "github.com/blang/semver/v4" + "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/flagbuilder" "k8s.io/kops/pkg/testutils" @@ -120,15 +122,38 @@ func runDockerBuilderTest(t *testing.T, key string) { nodeUpModelContext.Distribution = distributions.DistributionUbuntu1604 - nodeUpModelContext.Assets = fi.NewAssetStore("") - nodeUpModelContext.Assets.AddForTest("containerd", "docker/containerd", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("containerd-shim", "docker/containerd-shim", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("ctr", "docker/ctr", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("docker", "docker/docker", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("docker-init", "docker/docker-init", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("docker-proxy", "docker/docker-proxy", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("dockerd", "docker/dockerd", "testing Docker content") - nodeUpModelContext.Assets.AddForTest("runc", "docker/runc", "testing Docker content") + if nodeUpModelContext.Cluster.Spec.Docker.SkipInstall == false { + if nodeUpModelContext.Cluster == nil || nodeUpModelContext.Cluster.Spec.Docker == nil || nodeUpModelContext.Cluster.Spec.Docker.Version == nil { + t.Fatalf("error finding Docker version") + return + } + dv := fi.StringValue(nodeUpModelContext.Cluster.Spec.Docker.Version) + sv, err := semver.ParseTolerant(dv) + if err != nil { + t.Fatalf("error parsing Docker version %q: %v", dv, err) + return + } + nodeUpModelContext.Assets = fi.NewAssetStore("") + if sv.GTE(semver.MustParse("19.3.0")) { + nodeUpModelContext.Assets.AddForTest("containerd", "docker/containerd", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("containerd-shim", "docker/containerd-shim", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("ctr", "docker/ctr", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker", "docker/docker", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-init", "docker/docker-init", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-proxy", "docker/docker-proxy", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("dockerd", "docker/dockerd", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("runc", "docker/runc", "testing Docker content") + } else { + nodeUpModelContext.Assets.AddForTest("docker", "docker/docker", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-containerd", "docker/docker-containerd", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-containerd-ctr", "docker/docker-containerd-ctr", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-containerd-shim", "docker/docker-containerd-shim", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-init", "docker/docker-init", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-proxy", "docker/docker-proxy", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("docker-runc", "docker/docker-runc", "testing Docker content") + nodeUpModelContext.Assets.AddForTest("dockerd", "docker/dockerd", "testing Docker content") + } + } context := &fi.ModelBuilderContext{ Tasks: make(map[string]fi.Task), diff --git a/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml index 7d593dabc6..ade0854131 100644 --- a/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml +++ b/nodeup/pkg/model/tests/dockerbuilder/docker_18.06.3/tasks.yaml @@ -1,3 +1,6 @@ +file: /usr/bin/docker-runc +mode: +i +--- contents: |- DOCKER_OPTS= DOCKER_NOFILE=1000000 @@ -72,30 +75,6 @@ mode: "0755" path: /opt/kops/bin/docker-healthcheck type: file --- -contents: - Asset: - AssetPath: docker/containerd - Key: containerd -mode: "0755" -path: /usr/bin/containerd -type: file ---- -contents: - Asset: - AssetPath: docker/containerd-shim - Key: containerd-shim -mode: "0755" -path: /usr/bin/containerd-shim -type: file ---- -contents: - Asset: - AssetPath: docker/ctr - Key: ctr -mode: "0755" -path: /usr/bin/ctr -type: file ---- contents: Asset: AssetPath: docker/docker @@ -104,6 +83,30 @@ mode: "0755" path: /usr/bin/docker type: file --- +contents: + Asset: + AssetPath: docker/docker-containerd + Key: docker-containerd +mode: "0755" +path: /usr/bin/docker-containerd +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-ctr + Key: docker-containerd-ctr +mode: "0755" +path: /usr/bin/docker-containerd-ctr +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-shim + Key: docker-containerd-shim +mode: "0755" +path: /usr/bin/docker-containerd-shim +type: file +--- contents: Asset: AssetPath: docker/docker-init @@ -122,18 +125,18 @@ type: file --- contents: Asset: - AssetPath: docker/dockerd - Key: dockerd + AssetPath: docker/docker-runc + Key: docker-runc mode: "0755" -path: /usr/bin/dockerd +path: /usr/bin/docker-runc type: file --- contents: Asset: - AssetPath: docker/runc - Key: runc + AssetPath: docker/dockerd + Key: dockerd mode: "0755" -path: /usr/bin/runc +path: /usr/bin/dockerd type: file --- contents: |2 diff --git a/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml index 7d593dabc6..ade0854131 100644 --- a/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml +++ b/nodeup/pkg/model/tests/dockerbuilder/healthcheck/tasks.yaml @@ -1,3 +1,6 @@ +file: /usr/bin/docker-runc +mode: +i +--- contents: |- DOCKER_OPTS= DOCKER_NOFILE=1000000 @@ -72,30 +75,6 @@ mode: "0755" path: /opt/kops/bin/docker-healthcheck type: file --- -contents: - Asset: - AssetPath: docker/containerd - Key: containerd -mode: "0755" -path: /usr/bin/containerd -type: file ---- -contents: - Asset: - AssetPath: docker/containerd-shim - Key: containerd-shim -mode: "0755" -path: /usr/bin/containerd-shim -type: file ---- -contents: - Asset: - AssetPath: docker/ctr - Key: ctr -mode: "0755" -path: /usr/bin/ctr -type: file ---- contents: Asset: AssetPath: docker/docker @@ -104,6 +83,30 @@ mode: "0755" path: /usr/bin/docker type: file --- +contents: + Asset: + AssetPath: docker/docker-containerd + Key: docker-containerd +mode: "0755" +path: /usr/bin/docker-containerd +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-ctr + Key: docker-containerd-ctr +mode: "0755" +path: /usr/bin/docker-containerd-ctr +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-shim + Key: docker-containerd-shim +mode: "0755" +path: /usr/bin/docker-containerd-shim +type: file +--- contents: Asset: AssetPath: docker/docker-init @@ -122,18 +125,18 @@ type: file --- contents: Asset: - AssetPath: docker/dockerd - Key: dockerd + AssetPath: docker/docker-runc + Key: docker-runc mode: "0755" -path: /usr/bin/dockerd +path: /usr/bin/docker-runc type: file --- contents: Asset: - AssetPath: docker/runc - Key: runc + AssetPath: docker/dockerd + Key: dockerd mode: "0755" -path: /usr/bin/runc +path: /usr/bin/dockerd type: file --- contents: |2 diff --git a/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml index 7d593dabc6..ade0854131 100644 --- a/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml +++ b/nodeup/pkg/model/tests/dockerbuilder/logflags/tasks.yaml @@ -1,3 +1,6 @@ +file: /usr/bin/docker-runc +mode: +i +--- contents: |- DOCKER_OPTS= DOCKER_NOFILE=1000000 @@ -72,30 +75,6 @@ mode: "0755" path: /opt/kops/bin/docker-healthcheck type: file --- -contents: - Asset: - AssetPath: docker/containerd - Key: containerd -mode: "0755" -path: /usr/bin/containerd -type: file ---- -contents: - Asset: - AssetPath: docker/containerd-shim - Key: containerd-shim -mode: "0755" -path: /usr/bin/containerd-shim -type: file ---- -contents: - Asset: - AssetPath: docker/ctr - Key: ctr -mode: "0755" -path: /usr/bin/ctr -type: file ---- contents: Asset: AssetPath: docker/docker @@ -104,6 +83,30 @@ mode: "0755" path: /usr/bin/docker type: file --- +contents: + Asset: + AssetPath: docker/docker-containerd + Key: docker-containerd +mode: "0755" +path: /usr/bin/docker-containerd +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-ctr + Key: docker-containerd-ctr +mode: "0755" +path: /usr/bin/docker-containerd-ctr +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-shim + Key: docker-containerd-shim +mode: "0755" +path: /usr/bin/docker-containerd-shim +type: file +--- contents: Asset: AssetPath: docker/docker-init @@ -122,18 +125,18 @@ type: file --- contents: Asset: - AssetPath: docker/dockerd - Key: dockerd + AssetPath: docker/docker-runc + Key: docker-runc mode: "0755" -path: /usr/bin/dockerd +path: /usr/bin/docker-runc type: file --- contents: Asset: - AssetPath: docker/runc - Key: runc + AssetPath: docker/dockerd + Key: dockerd mode: "0755" -path: /usr/bin/runc +path: /usr/bin/dockerd type: file --- contents: |2 diff --git a/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml b/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml index 7d593dabc6..ade0854131 100644 --- a/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml +++ b/nodeup/pkg/model/tests/dockerbuilder/simple/tasks.yaml @@ -1,3 +1,6 @@ +file: /usr/bin/docker-runc +mode: +i +--- contents: |- DOCKER_OPTS= DOCKER_NOFILE=1000000 @@ -72,30 +75,6 @@ mode: "0755" path: /opt/kops/bin/docker-healthcheck type: file --- -contents: - Asset: - AssetPath: docker/containerd - Key: containerd -mode: "0755" -path: /usr/bin/containerd -type: file ---- -contents: - Asset: - AssetPath: docker/containerd-shim - Key: containerd-shim -mode: "0755" -path: /usr/bin/containerd-shim -type: file ---- -contents: - Asset: - AssetPath: docker/ctr - Key: ctr -mode: "0755" -path: /usr/bin/ctr -type: file ---- contents: Asset: AssetPath: docker/docker @@ -104,6 +83,30 @@ mode: "0755" path: /usr/bin/docker type: file --- +contents: + Asset: + AssetPath: docker/docker-containerd + Key: docker-containerd +mode: "0755" +path: /usr/bin/docker-containerd +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-ctr + Key: docker-containerd-ctr +mode: "0755" +path: /usr/bin/docker-containerd-ctr +type: file +--- +contents: + Asset: + AssetPath: docker/docker-containerd-shim + Key: docker-containerd-shim +mode: "0755" +path: /usr/bin/docker-containerd-shim +type: file +--- contents: Asset: AssetPath: docker/docker-init @@ -122,18 +125,18 @@ type: file --- contents: Asset: - AssetPath: docker/dockerd - Key: dockerd + AssetPath: docker/docker-runc + Key: docker-runc mode: "0755" -path: /usr/bin/dockerd +path: /usr/bin/docker-runc type: file --- contents: Asset: - AssetPath: docker/runc - Key: runc + AssetPath: docker/dockerd + Key: dockerd mode: "0755" -path: /usr/bin/runc +path: /usr/bin/dockerd type: file --- contents: |2 diff --git a/pkg/apis/kops/validation/validation.go b/pkg/apis/kops/validation/validation.go index 9e48953dac..442afdad61 100644 --- a/pkg/apis/kops/validation/validation.go +++ b/pkg/apis/kops/validation/validation.go @@ -1078,7 +1078,7 @@ func validateContainerdConfig(config *kops.ContainerdConfig, fldPath *field.Path allErrs = append(allErrs, field.Invalid(fldPath.Child("version"), config.Version, fmt.Sprintf("unable to parse version string: %s", err.Error()))) } - if sv.LT(semver.MustParse("1.2.6")) { + if sv.LT(semver.MustParse("1.2.4")) { allErrs = append(allErrs, field.Invalid(fldPath.Child("version"), config.Version, "unsupported legacy version")) } } diff --git a/upup/pkg/fi/assetstore.go b/upup/pkg/fi/assetstore.go index e46e777a05..fa2fc246d5 100644 --- a/upup/pkg/fi/assetstore.go +++ b/upup/pkg/fi/assetstore.go @@ -103,7 +103,7 @@ func NewAssetStore(cacheDir string) *AssetStore { func (a *AssetStore) FindMatches(expr *regexp.Regexp) map[string]Resource { matches := make(map[string]Resource) - klog.Infof("Matching assets:") + klog.Infof("Matching assets for %q:", expr.String()) for _, a := range a.assets { if expr.MatchString(a.AssetPath) { klog.Infof(" %s", a.AssetPath) @@ -114,6 +114,26 @@ func (a *AssetStore) FindMatches(expr *regexp.Regexp) map[string]Resource { return matches } +func (a *AssetStore) FindMatch(expr *regexp.Regexp) (name string, res Resource, err error) { + matches := a.FindMatches(expr) + + switch len(matches) { + case 0: + return "", nil, fmt.Errorf("found no matching assets for expr: %q", expr.String()) + case 1: + var n string + var r Resource + for k, v := range matches { + klog.Infof("Found single matching asset for expr %q: %q", expr.String(), k) + n = k + r = v + } + return n, r, nil + default: + return "", nil, fmt.Errorf("found multiple matching assets for expr: %q", expr.String()) + } +} + func (a *AssetStore) Find(key string, assetPath string) (Resource, error) { var matches []*asset for _, asset := range a.assets { diff --git a/upup/pkg/fi/cloudup/apply_cluster.go b/upup/pkg/fi/cloudup/apply_cluster.go index 24d86fd5c8..851f470cda 100644 --- a/upup/pkg/fi/cloudup/apply_cluster.go +++ b/upup/pkg/fi/cloudup/apply_cluster.go @@ -1100,9 +1100,9 @@ func (c *ApplyClusterCmd) addFileAssets(assetBuilder *assets.AssetBuilder) error var containerRuntimeAssetHash *hashing.Hash switch c.Cluster.Spec.ContainerRuntime { case "docker": - containerRuntimeAssetUrl, containerRuntimeAssetHash, err = findDockerAssets(c.Cluster, assetBuilder, arch) + containerRuntimeAssetUrl, containerRuntimeAssetHash, err = findDockerAsset(c.Cluster, assetBuilder, arch) case "containerd": - containerRuntimeAssetUrl, containerRuntimeAssetHash, err = findContainerdAssets(c.Cluster, assetBuilder, arch) + containerRuntimeAssetUrl, containerRuntimeAssetHash, err = findContainerdAsset(c.Cluster, assetBuilder, arch) default: err = fmt.Errorf("unknown container runtime: %q", c.Cluster.Spec.ContainerRuntime) } diff --git a/upup/pkg/fi/cloudup/containerd.go b/upup/pkg/fi/cloudup/containerd.go index 6147246b2e..4e9b8769df 100644 --- a/upup/pkg/fi/cloudup/containerd.go +++ b/upup/pkg/fi/cloudup/containerd.go @@ -38,7 +38,7 @@ const ( containerdFallbackVersion = "1.2.13" ) -func findContainerdAssets(c *kops.Cluster, assetBuilder *assets.AssetBuilder, arch architectures.Architecture) (*url.URL, *hashing.Hash, error) { +func findContainerdAsset(c *kops.Cluster, assetBuilder *assets.AssetBuilder, arch architectures.Architecture) (*url.URL, *hashing.Hash, error) { if c.Spec.Containerd == nil || fi.StringValue(c.Spec.Containerd.Version) == "" { return nil, nil, fmt.Errorf("unable to find containerd version") } @@ -162,10 +162,12 @@ func findAllContainerdHashesAmd64() map[string]string { func findAllContainerdDockerMappings() map[string]string { versions := map[string]string{ + "1.2.4": "18.09.3", + "1.2.5": "18.09.4", "1.2.6": "19.03.2", "1.2.10": "19.03.5", "1.2.12": "19.03.6", - "1.2.13": "19.03.12", + "1.2.13": "19.03.11", "1.3.7": "19.03.13", } diff --git a/upup/pkg/fi/cloudup/containerd_test.go b/upup/pkg/fi/cloudup/containerd_test.go index d0f4e5c092..ec77e49a53 100644 --- a/upup/pkg/fi/cloudup/containerd_test.go +++ b/upup/pkg/fi/cloudup/containerd_test.go @@ -43,8 +43,8 @@ func TestContainerdVersionUrlHash(t *testing.T) { { arch: architectures.ArchitectureArm64, version: "1.3.4", - url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.12.tgz", - hash: "bc7810d58e32360652abfddc9cb43405feee4ed9592aedc1132fb35eede9fa9e", + url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.11.tgz", + hash: "9cd49fe82f6b7ec413b04daef35bc0c87b01d6da67611e5beef36291538d3145", err: nil, }, { @@ -71,8 +71,8 @@ func TestContainerdVersionUrlHash(t *testing.T) { { arch: architectures.ArchitectureArm64, version: "1.4.1", - url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.12.tgz", - hash: "bc7810d58e32360652abfddc9cb43405feee4ed9592aedc1132fb35eede9fa9e", + url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.11.tgz", + hash: "9cd49fe82f6b7ec413b04daef35bc0c87b01d6da67611e5beef36291538d3145", err: nil, }, } @@ -159,7 +159,7 @@ func TestContainerdVersionUrl(t *testing.T) { { arch: architectures.ArchitectureArm64, version: "1.3.4", - url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.12.tgz", + url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.11.tgz", err: nil, }, { @@ -171,7 +171,7 @@ func TestContainerdVersionUrl(t *testing.T) { { arch: architectures.ArchitectureArm64, version: "1.4.1", - url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.12.tgz", + url: "https://download.docker.com/linux/static/stable/aarch64/docker-19.03.11.tgz", err: nil, }, } @@ -254,7 +254,7 @@ func TestContainerdVersionHash(t *testing.T) { { arch: architectures.ArchitectureArm64, version: "1.4.1", - hash: "bc7810d58e32360652abfddc9cb43405feee4ed9592aedc1132fb35eede9fa9e", + hash: "9cd49fe82f6b7ec413b04daef35bc0c87b01d6da67611e5beef36291538d3145", err: nil, }, } diff --git a/upup/pkg/fi/cloudup/docker.go b/upup/pkg/fi/cloudup/docker.go index 7d3eaafd80..a5f55e5f41 100644 --- a/upup/pkg/fi/cloudup/docker.go +++ b/upup/pkg/fi/cloudup/docker.go @@ -41,7 +41,7 @@ const ( dockerFallbackVersion = "17.09.0" ) -func findDockerAssets(c *kops.Cluster, assetBuilder *assets.AssetBuilder, arch architectures.Architecture) (*url.URL, *hashing.Hash, error) { +func findDockerAsset(c *kops.Cluster, assetBuilder *assets.AssetBuilder, arch architectures.Architecture) (*url.URL, *hashing.Hash, error) { if c.Spec.Docker == nil || fi.StringValue(c.Spec.Docker.Version) == "" { return nil, nil, fmt.Errorf("unable to find Docker version") }