diff --git a/contrib/systemd/crio-wipe.service b/contrib/systemd/crio-wipe.service index 6763ce39ecb..81c87745ce5 100644 --- a/contrib/systemd/crio-wipe.service +++ b/contrib/systemd/crio-wipe.service @@ -1,11 +1,12 @@ [Unit] Description=CRI-O Auto Update Script Before=crio.service -RequiresMountsFor=/var/lib/containers +Wants=crio.service [Service] -EnvironmentFile=-/etc/sysconfig/crio -ExecStart=/usr/local/bin/crio \ +Type=oneshot +EnvironmentFile=-/etc/default/crio +ExecStart=/usr/bin/crio \ $CRIO_CONFIG_OPTIONS \ $CRIO_RUNTIME_OPTIONS \ $CRIO_STORAGE_OPTIONS \ @@ -13,7 +14,5 @@ ExecStart=/usr/local/bin/crio \ $CRIO_METRICS_OPTIONS \ wipe -Type=oneshot - [Install] WantedBy=multi-user.target diff --git a/contrib/systemd/crio.service b/contrib/systemd/crio.service index 041a84746cb..042c17a97bd 100644 --- a/contrib/systemd/crio.service +++ b/contrib/systemd/crio.service @@ -1,15 +1,14 @@ [Unit] Description=Container Runtime Interface for OCI (CRI-O) Documentation=https://github.com/cri-o/cri-o -Wants=network-online.target -Before=kubelet.service -After=network-online.target +After=network-online.target local-fs.target remote-fs.target time-sync.target +Wants=network-online.target local-fs.target remote-fs.target time-sync.target [Service] Type=notify -EnvironmentFile=-/etc/sysconfig/crio +EnvironmentFile=-/etc/default/crio Environment=GOTRACEBACK=crash -ExecStart=/usr/local/bin/crio \ +ExecStart=/usr/bin/crio \ $CRIO_CONFIG_OPTIONS \ $CRIO_RUNTIME_OPTIONS \ $CRIO_STORAGE_OPTIONS \ diff --git a/cri-o.spec b/cri-o.spec new file mode 100644 index 00000000000..70c95ce1537 --- /dev/null +++ b/cri-o.spec @@ -0,0 +1,154 @@ +# Copyright 2023 Wong Hoi Sing Edison +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +%global debug_package %{nil} + +Name: cri-o +Epoch: 100 +Version: 1.26.4 +Release: 1%{?dist} +Summary: OCI-based implementation of Kubernetes Container Runtime Interface +License: Apache-2.0 +URL: https://github.com/cri-o/cri-o/tags +Source0: %{name}_%{version}.orig.tar.gz +BuildRequires: glib2-devel +BuildRequires: glibc-static +BuildRequires: golang-1.21 +BuildRequires: gpgme-devel +BuildRequires: libassuan-devel +BuildRequires: libgpg-error-devel +BuildRequires: libseccomp-devel +BuildRequires: make +BuildRequires: pkgconfig +BuildRequires: systemd-devel +BuildRequires: tzdata +Requires: conmon +Requires: conntrack-tools +Requires: containernetworking-plugins +Requires: containers-common +Requires: iproute +Requires: iptables +Requires: oci-runtime +Requires: socat +Requires: tzdata + +%description +CRI-O provides an integration path between OCI conformant runtimes and +the kubelet. Specifically, it implements the Kubelet Container Runtime +Interface (CRI) using OCI conformant runtimes. The scope of CRI-O is +tied to the scope of the CRI. + +%prep +%autosetup -T -c -n %{name}_%{version}-%{release} +tar -zx -f %{S:0} --strip-components=1 -C . + +%build +mkdir -p bin +set -ex && \ + export CGO_ENABLED=1 && \ + go build \ + -mod vendor -buildmode pie -v \ + -ldflags "-s -w" \ + -tags "netgo osusergo exclude_graphdriver_devicemapper exclude_graphdriver_btrfs containers_image_openpgp seccomp selinux" \ + -o ./bin/crio ./cmd/crio && \ + go build \ + -mod vendor -buildmode pie -v \ + -ldflags "-s -w" \ + -tags "netgo osusergo exclude_graphdriver_devicemapper exclude_graphdriver_btrfs containers_image_openpgp seccomp selinux" \ + -o ./bin/crio-status ./cmd/crio-status && \ + make bin/pinns +./bin/crio --config="" --config-dir "" \ + --apparmor-profile "crio-default" \ + --cni-config-dir "/etc/cni/net.d" \ + --cni-plugin-dir "/usr/local/libexec/cni" \ + --cni-plugin-dir "/usr/libexec/cni" \ + --cni-plugin-dir "/usr/local/lib/cni" \ + --cni-plugin-dir "/usr/lib/cni" \ + --cni-plugin-dir "/opt/cni/bin" \ + --conmon-cgroup "system.slice" \ + --conmon-env "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" \ + --conmon-env "TERM=xterm" \ + --decryption-keys-path "/etc/crio/keys" \ + --default-capabilities "AUDIT_WRITE" \ + --default-capabilities "CHOWN" \ + --default-capabilities "DAC_OVERRIDE" \ + --default-capabilities "FOWNER" \ + --default-capabilities "FSETID" \ + --default-capabilities "KILL" \ + --default-capabilities "MKNOD" \ + --default-capabilities "NET_BIND_SERVICE" \ + --default-capabilities "NET_RAW" \ + --default-capabilities "SETFCAP" \ + --default-capabilities "SETGID" \ + --default-capabilities "SETPCAP" \ + --default-capabilities "SETUID" \ + --default-capabilities "SYS_CHROOT" \ + --pause-image "registry.k8s.io/pause:3.9" \ + --root "/var/lib/containers/storage" \ + --runroot "/run/containers/storage" \ + --seccomp-profile "/usr/share/containers/seccomp.json" \ + --storage-driver "overlay" \ + --storage-opt "overlay.mount_program=/usr/bin/fuse-overlayfs" \ + --storage-opt "overlay.mountopt=nodev" \ + --version-file "/var/run/crio/version" \ + --version-file-persist "/var/run/crio/version" \ + config > crio.conf + +%install +install -Dpm755 -d %{buildroot}%{_sysconfdir}/cni/net.d +install -Dpm755 -d %{buildroot}%{_sysconfdir}/default +install -Dpm755 -d %{buildroot}%{_bindir} +install -Dpm644 -T contrib/cni/11-crio-ipv4-bridge.conflist %{buildroot}%{_sysconfdir}/cni/net.d/87-crio-bridge.conflist +install -Dpm644 -T contrib/sysconfig/crio %{buildroot}%{_sysconfdir}/default/crio +install -Dpm755 -t %{buildroot}%{_bindir}/ bin/crio +install -Dpm755 -t %{buildroot}%{_bindir}/ bin/crio-status +install -Dpm755 -t %{buildroot}%{_bindir}/ bin/pinns +DESTDIR=%{buildroot} \ +PREFIX=%{buildroot}%{_prefix} \ + make install.completions install.config-nobuild +PREFIX=%{buildroot}%{_prefix} \ + make install.systemd + +%files +%license LICENSE +%dir %{_sysconfdir}/cni +%dir %{_sysconfdir}/cni/net.d +%dir %{_sysconfdir}/crio +%dir %{_sysconfdir}/crio/crio.conf.d +%dir %{_sysconfdir}/default +%dir %{_datadir}/containers +%dir %{_datadir}/containers/oci +%dir %{_datadir}/containers/oci/hooks.d +%dir %{_datadir}/fish +%dir %{_datadir}/fish/completions +%dir %{_datadir}/oci-umount +%dir %{_datadir}/oci-umount/oci-umount.d +%{_bindir}/crio +%{_bindir}/crio-status +%{_bindir}/pinns +%{_datadir}/bash-completion/completions/crio +%{_datadir}/bash-completion/completions/crio-status +%{_datadir}/fish/completions/crio-status.fish +%{_datadir}/fish/completions/crio.fish +%{_datadir}/oci-umount/oci-umount.d/crio-umount.conf +%{_datadir}/zsh/site-functions/_crio +%{_datadir}/zsh/site-functions/_crio-status +%{_sysconfdir}/cni/net.d/87-crio-bridge.conflist +%{_sysconfdir}/crictl.yaml +%{_sysconfdir}/crio/crio.conf +%{_sysconfdir}/default/crio +%{_unitdir}/crio-wipe.service +%{_unitdir}/crio.service + +%changelog diff --git a/debian/.gitignore b/debian/.gitignore new file mode 100644 index 00000000000..bd22301323a --- /dev/null +++ b/debian/.gitignore @@ -0,0 +1,6 @@ +*.substvars +*debhelper* +.debhelper +cri-o +files +tmp diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 00000000000..ceb23df82c9 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +cri-o (100:1.26.4-1) UNRELEASED; urgency=medium + + * https://github.com/cri-o/cri-o/releases/tag/v1.26.4 + + -- Wong Hoi Sing Edison Fri, 03 Nov 2023 11:28:07 +0800 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000000..e081ec01aa4 --- /dev/null +++ b/debian/control @@ -0,0 +1,47 @@ +Source: cri-o +Section: devel +Priority: optional +Standards-Version: 4.5.0 +Maintainer: Wong Hoi Sing Edison +Homepage: https://github.com/cri-o/cri-o/tags +Vcs-Browser: https://github.com/alvistack/cri-o-cri-o +Vcs-Git: https://github.com/alvistack/cri-o-cri-o.git +Build-Depends: + debhelper, + debhelper-compat (= 10), + golang-1.21, + libapparmor-dev, + libassuan-dev, + libglib2.0-dev, + libgpg-error-dev, + libgpgme-dev, + libseccomp-dev, + libsystemd-dev, + tzdata, + +Package: cri-o +Architecture: amd64 +Description: OCI-based implementation of Kubernetes Container Runtime Interface + CRI-O provides an integration path between OCI conformant runtimes and + the kubelet. Specifically, it implements the Kubelet Container Runtime + Interface (CRI) using OCI conformant runtimes. The scope of CRI-O is + tied to the scope of the CRI. +Depends: + ${shlibs:Depends}, + ${misc:Depends}, + conmon, + conntrack, + containernetworking-plugins, + containers-common, + iproute2, + iptables, + libapparmor1, + libassuan0, + libglib2.0-0, + libgpg-error0, + libgpgme11, + libseccomp2, + libsystemd0, + oci-runtime, + socat, + tzdata, diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 00000000000..dcb9a244859 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,21 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ + +Files: debian/* +Copyright: 2023 Wong Hoi Sing Edison +License: Apache-2.0 + +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + The complete text of the Apache version 2.0 license + can be found in "/usr/share/common-licenses/Apache-2.0". diff --git a/debian/cri-o.dirs b/debian/cri-o.dirs new file mode 100644 index 00000000000..572d3395c39 --- /dev/null +++ b/debian/cri-o.dirs @@ -0,0 +1,9 @@ +etc/cni +etc/cni/net.d +etc/crio +etc/crio/crio.conf.d +usr/share/containers +usr/share/containers/oci +usr/share/containers/oci/hooks.d +usr/share/oci-umount +usr/share/oci-umount/oci-umount.d diff --git a/debian/cri-o.install b/debian/cri-o.install new file mode 100644 index 00000000000..12a382a4869 --- /dev/null +++ b/debian/cri-o.install @@ -0,0 +1,16 @@ +etc/cni/net.d/87-crio-bridge.conflist +etc/crictl.yaml +etc/crio/crio.conf +etc/default/crio +lib/systemd/system/crio-wipe.service +lib/systemd/system/crio.service +usr/bin/crio +usr/bin/crio-status +usr/bin/pinns +usr/share/bash-completion/completions/crio +usr/share/bash-completion/completions/crio-status +usr/share/fish/completions/crio-status.fish +usr/share/fish/completions/crio.fish +usr/share/oci-umount/oci-umount.d/crio-umount.conf +usr/share/zsh/site-functions/_crio +usr/share/zsh/site-functions/_crio-status diff --git a/debian/cri-o.lintian-overrides b/debian/cri-o.lintian-overrides new file mode 100644 index 00000000000..8e17673e8da --- /dev/null +++ b/debian/cri-o.lintian-overrides @@ -0,0 +1,6 @@ +cri-o: copyright-without-copyright-notice +cri-o: hardening-no-pie +cri-o: initial-upload-closes-no-bugs +cri-o: no-manual-page +cri-o: statically-linked-binary +cri-o: zero-byte-file-in-doc-directory diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000000..e2d26a60792 --- /dev/null +++ b/debian/rules @@ -0,0 +1,77 @@ +#!/usr/bin/make -f + +SHELL := /bin/bash + +override_dh_auto_build: + mkdir -p bin + set -ex && \ + export CGO_ENABLED=1 && \ + go build \ + -mod vendor -buildmode pie -v \ + -ldflags "-s -w" \ + -tags "netgo osusergo exclude_graphdriver_devicemapper exclude_graphdriver_btrfs containers_image_openpgp seccomp apparmor" \ + -o ./bin/crio ./cmd/crio && \ + go build \ + -mod vendor -buildmode pie -v \ + -ldflags "-s -w" \ + -tags "netgo osusergo exclude_graphdriver_devicemapper exclude_graphdriver_btrfs containers_image_openpgp seccomp apparmor" \ + -o ./bin/crio-status ./cmd/crio-status && \ + make bin/pinns + ./bin/crio --config="" --config-dir "" \ + --apparmor-profile "crio-default" \ + --cni-config-dir "/etc/cni/net.d" \ + --cni-plugin-dir "/usr/local/libexec/cni" \ + --cni-plugin-dir "/usr/libexec/cni" \ + --cni-plugin-dir "/usr/local/lib/cni" \ + --cni-plugin-dir "/usr/lib/cni" \ + --cni-plugin-dir "/opt/cni/bin" \ + --conmon-cgroup "system.slice" \ + --conmon-env "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" \ + --conmon-env "TERM=xterm" \ + --decryption-keys-path "/etc/crio/keys" \ + --default-capabilities "AUDIT_WRITE" \ + --default-capabilities "CHOWN" \ + --default-capabilities "DAC_OVERRIDE" \ + --default-capabilities "FOWNER" \ + --default-capabilities "FSETID" \ + --default-capabilities "KILL" \ + --default-capabilities "MKNOD" \ + --default-capabilities "NET_BIND_SERVICE" \ + --default-capabilities "NET_RAW" \ + --default-capabilities "SETFCAP" \ + --default-capabilities "SETGID" \ + --default-capabilities "SETPCAP" \ + --default-capabilities "SETUID" \ + --default-capabilities "SYS_CHROOT" \ + --pause-image "registry.k8s.io/pause:3.9" \ + --root "/var/lib/containers/storage" \ + --runroot "/run/containers/storage" \ + --seccomp-profile "/usr/share/containers/seccomp.json" \ + --storage-driver "overlay" \ + --storage-opt "overlay.mount_program=/usr/bin/fuse-overlayfs" \ + --storage-opt "overlay.mountopt=nodev" \ + --version-file "/var/run/crio/version" \ + --version-file-persist "/var/run/crio/version" \ + config > crio.conf + +override_dh_auto_install: + install -Dpm755 -d debian/tmp/etc/cni/net.d + install -Dpm755 -d debian/tmp/etc/default + install -Dpm755 -d debian/tmp/usr/bin + install -Dpm644 -T contrib/cni/11-crio-ipv4-bridge.conflist debian/tmp/etc/cni/net.d/87-crio-bridge.conflist + install -Dpm755 -T contrib/sysconfig/crio debian/tmp/etc/default/crio + install -Dpm755 -t debian/tmp/usr/bin bin/crio + install -Dpm755 -t debian/tmp/usr/bin bin/crio-status + install -Dpm755 -t debian/tmp/usr/bin bin/pinns + DESTDIR=debian/tmp \ + PREFIX=debian/tmp/usr \ + make install.completions install.config-nobuild + PREFIX=debian/tmp \ + make install.systemd + +override_dh_auto_test: + +override_dh_auto_clean: + +%: + dh $@ diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 00000000000..163aaf8d82b --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides new file mode 100644 index 00000000000..8edca9b295c --- /dev/null +++ b/debian/source/lintian-overrides @@ -0,0 +1,2 @@ +cri-o source: file-without-copyright-information +cri-o source: no-debian-changes diff --git a/go.mod b/go.mod index 960047d8333..e0e7af8b849 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.2.0 github.com/containers/buildah v1.29.0 - github.com/containers/common v0.51.1 + github.com/containers/common v0.51.4-0.20231122052843-e32b6b970b75 github.com/containers/conmon v2.0.20+incompatible github.com/containers/conmon-rs v0.4.0 github.com/containers/image/v5 v5.24.2 @@ -469,3 +469,5 @@ replace ( k8s.io/pod-security-admission => k8s.io/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20221208195143-b46a3f887ca9 k8s.io/sample-apiserver => k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20221208195143-b46a3f887ca9 ) + +replace github.com/containers/common v0.51.4-0.20231122052843-e32b6b970b75 => github.com/alvistack/containers-common v0.51.4-0.20231122052843-e32b6b970b75 diff --git a/go.sum b/go.sum index a6579de3cbf..fc1f91b2c6c 100644 --- a/go.sum +++ b/go.sum @@ -271,6 +271,8 @@ github.com/alibabacloud-go/tea-xml v1.1.2/go.mod h1:Rq08vgCcCAjHyRi/M7xlHKUykZCE github.com/aliyun/credentials-go v1.1.2/go.mod h1:ozcZaMR5kLM7pwtCMEpVmQ242suV6qTJya2bDq4X1Tw= github.com/aliyun/credentials-go v1.2.3 h1:Vmodnr52Rz1mcbwn0kzMhLRKb6soizewuKXdfZiNemU= github.com/aliyun/credentials-go v1.2.3/go.mod h1:/KowD1cfGSLrLsH28Jr8W+xwoId0ywIy5lNzDz6O1vw= +github.com/alvistack/containers-common v0.51.4-0.20231122052843-e32b6b970b75 h1:cK95pzoe+iUgVOJVmvfp4LDvjqFt9CXjPNW1Xam74VI= +github.com/alvistack/containers-common v0.51.4-0.20231122052843-e32b6b970b75/go.mod h1:3W2WIdalgQfrsX/T5tjX+6CxgT3ThJVN2G9sNuFjuCM= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= @@ -595,8 +597,6 @@ github.com/containernetworking/plugins v1.2.0 h1:SWgg3dQG1yzUo4d9iD8cwSVh1VqI+bP github.com/containernetworking/plugins v1.2.0/go.mod h1:/VjX4uHecW5vVimFa1wkG4s+r/s9qIfPdqlLF4TW8c4= github.com/containers/buildah v1.29.0 h1:rA3S2SXJffrJjvY2kyxOsAaIseDY6Ib77FsD7n88Mj4= github.com/containers/buildah v1.29.0/go.mod h1:mah+CGmpOjkBJJ5rhOP0M2ETnODhiuhtnXusfh0hc6Q= -github.com/containers/common v0.51.1 h1:xMQpFSuUovZgPRWJu1+uBixKsPcRrD4aHADkouz2K9Q= -github.com/containers/common v0.51.1/go.mod h1:3W2WIdalgQfrsX/T5tjX+6CxgT3ThJVN2G9sNuFjuCM= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/conmon-rs v0.4.0 h1:Nl8/xFsc2/dlQUdYi2GTZ+aPCqcedeqnOUld09eiZHc= diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 4b1ab7d5a1a..0cf7cbc3e35 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -57,6 +57,17 @@ func (n *netavarkNetwork) NetworkUpdate(name string, options types.NetworkUpdate if err != nil { return err } + // Nameservers must be IP Addresses. + for _, dnsServer := range options.AddDNSServers { + if net.ParseIP(dnsServer) == nil { + return fmt.Errorf("unable to parse ip %s specified in AddDNSServer: %w", dnsServer, types.ErrInvalidArg) + } + } + for _, dnsServer := range options.RemoveDNSServers { + if net.ParseIP(dnsServer) == nil { + return fmt.Errorf("unable to parse ip %s specified in RemoveDNSServer: %w", dnsServer, types.ErrInvalidArg) + } + } networkDNSServersBefore := network.NetworkDNSServers networkDNSServersAfter := []string{} for _, server := range networkDNSServersBefore { @@ -273,6 +284,11 @@ func createMacvlan(network *types.Network) error { if err != nil { return err } + case types.BclimOption: + _, err := strconv.ParseInt(value, 10, 32) + if err != nil { + return fmt.Errorf("failed to parse %q option: %w", key, err) + } default: return fmt.Errorf("unsupported macvlan network option %s", key) } diff --git a/vendor/github.com/containers/common/libnetwork/types/const.go b/vendor/github.com/containers/common/libnetwork/types/const.go index e367f9ad3b7..10ba17437ef 100644 --- a/vendor/github.com/containers/common/libnetwork/types/const.go +++ b/vendor/github.com/containers/common/libnetwork/types/const.go @@ -41,6 +41,7 @@ const ( ModeOption = "mode" IsolateOption = "isolate" MetricOption = "metric" + BclimOption = "bclim" ) type NetworkBackend string diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go index 7ba63ba7447..435422c27de 100644 --- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go +++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go @@ -212,6 +212,11 @@ func parseAAParserVersion(output string) (int, error) { words := strings.Split(lines[0], " ") version := words[len(words)-1] + // trim "-beta1" suffix from version="3.0.0-beta1" if exists + version = strings.SplitN(version, "-", 2)[0] + // also trim "~..." suffix used historically (https://gitlab.com/apparmor/apparmor/-/commit/bca67d3d27d219d11ce8c9cc70612bd637f88c10) + version = strings.SplitN(version, "~", 2)[0] + // split by major minor version v := strings.Split(version, ".") if len(v) == 0 || len(v) > 3 { diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index 0654ec78db1..69a41fe1b00 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.51.1" +const Version = "0.51.4-dev" diff --git a/vendor/modules.txt b/vendor/modules.txt index e5bae1b672a..9f48580b5d2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -632,7 +632,7 @@ github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/util -# github.com/containers/common v0.51.1 +# github.com/containers/common v0.51.4-0.20231122052843-e32b6b970b75 => github.com/alvistack/containers-common v0.51.4-0.20231122052843-e32b6b970b75 ## explicit; go 1.17 github.com/containers/common/libimage github.com/containers/common/libimage/define