diff --git a/go.mod b/go.mod index a610b2795c05..84d39459f8ca 100644 --- a/go.mod +++ b/go.mod @@ -8,11 +8,11 @@ require ( github.com/aws/aws-sdk-go-v2/config v1.31.3 github.com/compose-spec/compose-go/v2 v2.9.1 github.com/containerd/console v1.0.5 - github.com/containerd/containerd/v2 v2.2.0-rc.1 + github.com/containerd/containerd/v2 v2.2.0 github.com/containerd/continuity v0.4.5 github.com/containerd/errdefs v1.0.0 github.com/containerd/log v0.1.0 - github.com/containerd/platforms v1.0.0-rc.1 + github.com/containerd/platforms v1.0.0-rc.2 github.com/creack/pty v1.1.24 github.com/davecgh/go-spew v1.1.1 github.com/distribution/reference v0.6.0 @@ -29,7 +29,7 @@ require ( github.com/hashicorp/hcl/v2 v2.24.0 github.com/in-toto/in-toto-golang v0.9.0 github.com/mitchellh/hashstructure/v2 v2.0.2 - github.com/moby/buildkit v0.26.0-rc1 + github.com/moby/buildkit v0.26.0-rc2 github.com/moby/go-archive v0.1.0 github.com/moby/sys/atomicwriter v0.1.0 github.com/moby/sys/mountinfo v0.7.2 @@ -88,7 +88,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 // indirect github.com/aws/smithy-go v1.22.5 // indirect github.com/cenkalti/backoff/v5 v5.0.3 // indirect - github.com/containerd/containerd/api v1.10.0-rc.0 // indirect + github.com/containerd/containerd/api v1.10.0 // indirect github.com/containerd/errdefs/pkg v0.3.0 // indirect github.com/containerd/ttrpc v1.2.7 // indirect github.com/containerd/typeurl/v2 v2.2.3 // indirect diff --git a/go.sum b/go.sum index 8b136a95a60c..95b44cac4206 100644 --- a/go.sum +++ b/go.sum @@ -68,10 +68,10 @@ github.com/containerd/cgroups/v3 v3.1.0 h1:azxYVj+91ZgSnIBp2eI3k9y2iYQSR/ZQIgh9v github.com/containerd/cgroups/v3 v3.1.0/go.mod h1:SA5DLYnXO8pTGYiAHXz94qvLQTKfVM5GEVisn4jpins= github.com/containerd/console v1.0.5 h1:R0ymNeydRqH2DmakFNdmjR2k0t7UPuiOV/N/27/qqsc= github.com/containerd/console v1.0.5/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= -github.com/containerd/containerd/api v1.10.0-rc.0 h1:PEaPRT4atfXLlbr3HaZH/i7/2PZK/+sUnp210HkhXmY= -github.com/containerd/containerd/api v1.10.0-rc.0/go.mod h1:GhghKFmTR3hNtyznBoQ0EMWr9ju5AqHjcZPsSpTKutI= -github.com/containerd/containerd/v2 v2.2.0-rc.1 h1:806y9qsFiZkwl90DJhtAtedG43OcmGd57sJCFyvfxpo= -github.com/containerd/containerd/v2 v2.2.0-rc.1/go.mod h1:X7H17UATRidzfNzb5vS/l30qEJk0ktoTEU1thMh0Nbk= +github.com/containerd/containerd/api v1.10.0 h1:5n0oHYVBwN4VhoX9fFykCV9dF1/BvAXeg2F8W6UYq1o= +github.com/containerd/containerd/api v1.10.0/go.mod h1:NBm1OAk8ZL+LG8R0ceObGxT5hbUYj7CzTmR3xh0DlMM= +github.com/containerd/containerd/v2 v2.2.0 h1:K7TqcXy+LnFmZaui2DgHsnp2gAHhVNWYaHlx7HXfys8= +github.com/containerd/containerd/v2 v2.2.0/go.mod h1:YCMjKjA4ZA7egdHNi3/93bJR1+2oniYlnS+c0N62HdE= github.com/containerd/continuity v0.4.5 h1:ZRoN1sXq9u7V6QoHMcVWGhOwDFqZ4B9i5H6un1Wh0x4= github.com/containerd/continuity v0.4.5/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= @@ -84,8 +84,8 @@ github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/containerd/nydus-snapshotter v0.15.4 h1:l59kGRVMtwMLDLh322HsWhEsBCkRKMkGWYV5vBeLYCE= github.com/containerd/nydus-snapshotter v0.15.4/go.mod h1:eRJqnxQDr48HNop15kZdLZpFF5B6vf6Q11Aq1K0E4Ms= -github.com/containerd/platforms v1.0.0-rc.1 h1:83KIq4yy1erSRgOVHNk1HYdPvzdJ5CnsWaRoJX4C41E= -github.com/containerd/platforms v1.0.0-rc.1/go.mod h1:J71L7B+aiM5SdIEqmd9wp6THLVRzJGXfNuWCZCllLA4= +github.com/containerd/platforms v1.0.0-rc.2 h1:0SPgaNZPVWGEi4grZdV8VRYQn78y+nm6acgLGv/QzE4= +github.com/containerd/platforms v1.0.0-rc.2/go.mod h1:J71L7B+aiM5SdIEqmd9wp6THLVRzJGXfNuWCZCllLA4= github.com/containerd/plugin v1.0.0 h1:c8Kf1TNl6+e2TtMHZt+39yAPDbouRH9WAToRjex483Y= github.com/containerd/plugin v1.0.0/go.mod h1:hQfJe5nmWfImiqT1q8Si3jLv3ynMUIBB47bQ+KexvO8= github.com/containerd/stargz-snapshotter v0.17.0 h1:djNS4KU8ztFhLdEDZ1bsfzOiYuVHT6TgSU5qwRk+cNc= @@ -252,8 +252,8 @@ github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTS github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/buildkit v0.26.0-rc1 h1:gAroxWAvEcssyohcbCb82cK7BIbmqugFy9+93AQT1eo= -github.com/moby/buildkit v0.26.0-rc1/go.mod h1:LiT7ohcE83rF/GtmoOBHj75+nUry+ili3FqZtlDkspo= +github.com/moby/buildkit v0.26.0-rc2 h1:HLS1HtBlxdaz8NjHI5YAaN4c8NOPtUrIJ5jIq/b6tpI= +github.com/moby/buildkit v0.26.0-rc2/go.mod h1:ylDa7IqzVJgLdi/wO7H1qLREFQpmhFbw2fbn4yoTw40= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ= @@ -395,8 +395,8 @@ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab h1:H6aJ0yKQ0gF49Qb2z5hI1UHxSQt4JMyxebFR15KnApw= github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab/go.mod h1:ulncasL3N9uLrVann0m+CDlJKWsIAP34MPcOJF6VRvc= -github.com/vbatts/tar-split v0.12.1 h1:CqKoORW7BUWBe7UL/iqTVvkTBOF8UvOMKOIZykxnnbo= -github.com/vbatts/tar-split v0.12.1/go.mod h1:eF6B6i6ftWQcDqEn3/iGFRFRo8cBIMSJVOpnNdfTMFA= +github.com/vbatts/tar-split v0.12.2 h1:w/Y6tjxpeiFMR47yzZPlPj/FcPLpXbTUi/9H7d3CPa4= +github.com/vbatts/tar-split v0.12.2/go.mod h1:eF6B6i6ftWQcDqEn3/iGFRFRo8cBIMSJVOpnNdfTMFA= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= diff --git a/vendor/github.com/containerd/containerd/v2/defaults/defaults_darwin.go b/vendor/github.com/containerd/containerd/v2/defaults/defaults_darwin.go index 192abcdde7d1..ffc58cb9683a 100644 --- a/vendor/github.com/containerd/containerd/v2/defaults/defaults_darwin.go +++ b/vendor/github.com/containerd/containerd/v2/defaults/defaults_darwin.go @@ -17,6 +17,23 @@ package defaults const ( - // DefaultRuntime would be a multiple of choices, thus empty - DefaultRuntime = "" + // DefaultRuntime is the default darwin runtime for running containers + DefaultRuntime = "io.containerd.nerdbox.v1" + // DefaultAddress is the default unix socket address + DefaultAddress = "/var/run/containerd/containerd.sock" + // DefaultDebugAddress is the default unix socket address for pprof data + DefaultDebugAddress = "/var/run/containerd/debug.sock" + // DefaultFIFODir is the default location used by client-side cio library + // to store FIFOs. + DefaultFIFODir = "/var/run/containerd/fifo" + // DefaultSnapshotter will set the default snapshotter for the platform. + // Since mounts are not supported on Darwin, use erofs as the default + // which does not require mount support. + DefaultSnapshotter = "erofs" + // DefaultStateDir is the default location used by containerd to store + // transient data + DefaultStateDir = "/var/run/containerd" + // DefaultDiffer will set the default differ for the platform, use the + // erofs differ which does not require mount support. + DefaultDiffer = "erofs" ) diff --git a/vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_nolinux.go b/vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_other.go similarity index 97% rename from vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_nolinux.go rename to vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_other.go index 8e263eca6c15..6004c2017154 100644 --- a/vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_nolinux.go +++ b/vendor/github.com/containerd/containerd/v2/defaults/defaults_unix_other.go @@ -1,4 +1,4 @@ -//go:build unix && !linux +//go:build unix && !linux && !darwin /* Copyright The containerd Authors. diff --git a/vendor/github.com/containerd/containerd/v2/version/version.go b/vendor/github.com/containerd/containerd/v2/version/version.go index ffa43840ea37..773dd12d5d69 100644 --- a/vendor/github.com/containerd/containerd/v2/version/version.go +++ b/vendor/github.com/containerd/containerd/v2/version/version.go @@ -24,7 +24,7 @@ var ( Package = "github.com/containerd/containerd/v2" // Version holds the complete version number. Filled in at linking time. - Version = "2.2.0-rc+unknown" + Version = "2.2.0+unknown" // Revision is filled with the VCS (e.g. git) revision being used to build // the program at linking time. diff --git a/vendor/github.com/containerd/platforms/defaults_windows.go b/vendor/github.com/containerd/platforms/defaults_windows.go index 0165adea7e41..64e284667480 100644 --- a/vendor/github.com/containerd/platforms/defaults_windows.go +++ b/vendor/github.com/containerd/platforms/defaults_windows.go @@ -38,5 +38,5 @@ func DefaultSpec() specs.Platform { // Default returns the current platform's default platform specification. func Default() MatchComparer { - return Only(DefaultSpec()) + return &windowsMatchComparer{Matcher: NewMatcher(DefaultSpec())} } diff --git a/vendor/github.com/containerd/platforms/platform_windows_compat.go b/vendor/github.com/containerd/platforms/platform_windows_compat.go index 7f3d9966bcf0..f31ebe0c9e2e 100644 --- a/vendor/github.com/containerd/platforms/platform_windows_compat.go +++ b/vendor/github.com/containerd/platforms/platform_windows_compat.go @@ -42,18 +42,30 @@ const ( // rs5 (version 1809, codename "Redstone 5") corresponds to Windows Server // 2019 (ltsc2019), and Windows 10 (October 2018 Update). rs5 = 17763 + // ltsc2019 (Windows Server 2019) is an alias for [RS5]. + ltsc2019 = rs5 // v21H2Server corresponds to Windows Server 2022 (ltsc2022). v21H2Server = 20348 + // ltsc2022 (Windows Server 2022) is an alias for [v21H2Server] + ltsc2022 = v21H2Server // v22H2Win11 corresponds to Windows 11 (2022 Update). v22H2Win11 = 22621 + + // v23H2 is the 23H2 release in the Windows Server annual channel. + v23H2 = 25398 + + // Windows Server 2025 build 26100 + v25H1Server = 26100 + ltsc2025 = v25H1Server ) // List of stable ABI compliant ltsc releases // Note: List must be sorted in ascending order var compatLTSCReleases = []uint16{ - v21H2Server, + ltsc2022, + ltsc2025, } // CheckHostAndContainerCompat checks if given host and container @@ -70,18 +82,27 @@ func checkWindowsHostAndContainerCompat(host, ctr windowsOSVersion) bool { } // If host is < WS 2022, exact version match is required - if host.Build < v21H2Server { + if host.Build < ltsc2022 { return host.Build == ctr.Build } - var supportedLtscRelease uint16 + // Find the latest LTSC version that is earlier than the host version. + // This is the earliest version of container that the host can run. + // + // If the host version is an LTSC, then it supports compatibility with + // everything from the previous LTSC up to itself, so we want supportedLTSCRelease + // to be the previous entry. + // + // If no match is found, then we know that the host is LTSC2022 exactly, + // since we already checked that it's not less than LTSC2022. + var supportedLTSCRelease uint16 = ltsc2022 for i := len(compatLTSCReleases) - 1; i >= 0; i-- { - if host.Build >= compatLTSCReleases[i] { - supportedLtscRelease = compatLTSCReleases[i] + if host.Build > compatLTSCReleases[i] { + supportedLTSCRelease = compatLTSCReleases[i] break } } - return ctr.Build >= supportedLtscRelease && ctr.Build <= host.Build + return supportedLTSCRelease <= ctr.Build && ctr.Build <= host.Build } func getWindowsOSVersion(osVersionPrefix string) windowsOSVersion { @@ -114,18 +135,6 @@ func getWindowsOSVersion(osVersionPrefix string) windowsOSVersion { } } -func winRevision(v string) int { - parts := strings.Split(v, ".") - if len(parts) < 4 { - return 0 - } - r, err := strconv.Atoi(parts[3]) - if err != nil { - return 0 - } - return r -} - type windowsVersionMatcher struct { windowsOSVersion } @@ -149,8 +158,7 @@ type windowsMatchComparer struct { func (c *windowsMatchComparer) Less(p1, p2 specs.Platform) bool { m1, m2 := c.Match(p1), c.Match(p2) if m1 && m2 { - r1, r2 := winRevision(p1.OSVersion), winRevision(p2.OSVersion) - return r1 > r2 + return p1.OSVersion > p2.OSVersion } return m1 && !m2 } diff --git a/vendor/github.com/moby/buildkit/solver/pb/attr.go b/vendor/github.com/moby/buildkit/solver/pb/attr.go index 5d9a4176f90d..f04c30216b0d 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/attr.go +++ b/vendor/github.com/moby/buildkit/solver/pb/attr.go @@ -9,6 +9,11 @@ const AttrMountSSHSock = "git.mountsshsock" const AttrGitChecksum = "git.checksum" const AttrGitSkipSubmodules = "git.skipsubmodules" +const AttrGitSignatureVerifyPubKey = "git.sig.pubkey" +const AttrGitSignatureVerifyRejectExpired = "git.sig.rejectexpired" +const AttrGitSignatureVerifyRequireSignedTag = "git.sig.requiresignedtag" +const AttrGitSignatureVerifyIgnoreSignedTag = "git.sig.ignoresignedtag" + const AttrLocalSessionID = "local.session" const AttrLocalUniqueID = "local.unique" const AttrIncludePatterns = "local.includepattern" diff --git a/vendor/github.com/moby/buildkit/solver/pb/caps.go b/vendor/github.com/moby/buildkit/solver/pb/caps.go index 2c71d953219c..f29bbb94ee4e 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/caps.go +++ b/vendor/github.com/moby/buildkit/solver/pb/caps.go @@ -24,15 +24,16 @@ const ( CapSourceLocalDiffer apicaps.CapID = "source.local.differ" CapSourceMetadataTransfer apicaps.CapID = "source.local.metadatatransfer" - CapSourceGit apicaps.CapID = "source.git" - CapSourceGitKeepDir apicaps.CapID = "source.git.keepgitdir" - CapSourceGitFullURL apicaps.CapID = "source.git.fullurl" - CapSourceGitHTTPAuth apicaps.CapID = "source.git.httpauth" - CapSourceGitKnownSSHHosts apicaps.CapID = "source.git.knownsshhosts" - CapSourceGitMountSSHSock apicaps.CapID = "source.git.mountsshsock" - CapSourceGitSubdir apicaps.CapID = "source.git.subdir" - CapSourceGitChecksum apicaps.CapID = "source.git.checksum" - CapSourceGitSkipSubmodules apicaps.CapID = "source.git.skipsubmodules" + CapSourceGit apicaps.CapID = "source.git" + CapSourceGitKeepDir apicaps.CapID = "source.git.keepgitdir" + CapSourceGitFullURL apicaps.CapID = "source.git.fullurl" + CapSourceGitHTTPAuth apicaps.CapID = "source.git.httpauth" + CapSourceGitKnownSSHHosts apicaps.CapID = "source.git.knownsshhosts" + CapSourceGitMountSSHSock apicaps.CapID = "source.git.mountsshsock" + CapSourceGitSubdir apicaps.CapID = "source.git.subdir" + CapSourceGitChecksum apicaps.CapID = "source.git.checksum" + CapSourceGitSkipSubmodules apicaps.CapID = "source.git.skipsubmodules" + CapSourceGitSignatureVerify apicaps.CapID = "source.git.signatureverify" CapSourceHTTP apicaps.CapID = "source.http" CapSourceHTTPAuth apicaps.CapID = "source.http.auth" @@ -102,7 +103,8 @@ const ( CapMultipleExporters apicaps.CapID = "exporter.multiple" CapSessionExporter apicaps.CapID = "exporter.session" - CapSourcePolicy apicaps.CapID = "source.policy" + CapSourcePolicy apicaps.CapID = "source.policy" + CapSourcePolicySession apicaps.CapID = "source.policy.session" // GC/Prune controls allow MinFreeSpace and MaxUsedSpace to be set CapGCFreeSpaceFilter apicaps.CapID = "gc.freespacefilter" @@ -244,6 +246,12 @@ func init() { Status: apicaps.CapStatusExperimental, }) + Caps.Init(apicaps.Cap{ + ID: CapSourceGitSignatureVerify, + Enabled: true, + Status: apicaps.CapStatusExperimental, + }) + Caps.Init(apicaps.Cap{ ID: CapSourceHTTP, Enabled: true, @@ -567,6 +575,12 @@ func init() { Status: apicaps.CapStatusExperimental, }) + Caps.Init(apicaps.Cap{ + ID: CapSourcePolicySession, + Enabled: true, + Status: apicaps.CapStatusExperimental, + }) + Caps.Init(apicaps.Cap{ ID: CapGCFreeSpaceFilter, Enabled: true, diff --git a/vendor/modules.txt b/vendor/modules.txt index 4d39463cce9d..66fd3e7b3c7f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -142,10 +142,10 @@ github.com/compose-spec/compose-go/v2/validation # github.com/containerd/console v1.0.5 ## explicit; go 1.13 github.com/containerd/console -# github.com/containerd/containerd/api v1.10.0-rc.0 +# github.com/containerd/containerd/api v1.10.0 ## explicit; go 1.23.0 github.com/containerd/containerd/api/services/content/v1 -# github.com/containerd/containerd/v2 v2.2.0-rc.1 +# github.com/containerd/containerd/v2 v2.2.0 ## explicit; go 1.24.3 github.com/containerd/containerd/v2/core/content github.com/containerd/containerd/v2/core/content/proxy @@ -198,7 +198,7 @@ github.com/containerd/errdefs/pkg/internal/types # github.com/containerd/log v0.1.0 ## explicit; go 1.20 github.com/containerd/log -# github.com/containerd/platforms v1.0.0-rc.1 +# github.com/containerd/platforms v1.0.0-rc.2 ## explicit; go 1.20 github.com/containerd/platforms # github.com/containerd/ttrpc v1.2.7 @@ -443,7 +443,7 @@ github.com/mitchellh/go-wordwrap # github.com/mitchellh/hashstructure/v2 v2.0.2 ## explicit; go 1.14 github.com/mitchellh/hashstructure/v2 -# github.com/moby/buildkit v0.26.0-rc1 +# github.com/moby/buildkit v0.26.0-rc2 ## explicit; go 1.24.3 github.com/moby/buildkit/api/services/control github.com/moby/buildkit/api/types