5935f2a65f
This updates containerd from 1.3.3 to 1.4.6, runc from 1.0.0-rc10 to 1.0.0-rc95 and crictl from 1.18 to 1.21 to align with what was used upstream for Kubernetes 1.21 testing. We could also remove the "no_btrfs" build flag by adding the btrfs-progs-devel RPM to the CentOS mirror. But we don't use btrfs anyway, so this way we make the package a bit smaller. Story: 2008972 Task: 42640 Change-Id: I3dc5465a80209eab34224e9e6e2d5aee49a8266e Signed-off-by: Chris Friesen <chris.friesen@windriver.com> Signed-off-by: Mihnea Saracin <Mihnea.Saracin@windriver.com>
54 lines
2.7 KiB
Diff
54 lines
2.7 KiB
Diff
From a8466190118c114d5ddeec381bbafa8441d7e638 Mon Sep 17 00:00:00 2001
|
|
From: Chris Friesen <chris.friesen@windriver.com>
|
|
Date: Thu, 17 Jun 2021 10:27:09 -0400
|
|
Subject: [PATCH] customize containerd for StarlingX
|
|
|
|
1. disable btrfs to avoid needing to pull in the devel package
|
|
2. docker registry in StarlingX 3.0 branch doesn't support POST method
|
|
for token and will return 400. Switch to GET method to get token if
|
|
StatusCode is 400.
|
|
3. hardcode version info due to miss git info in tarball.
|
|
---
|
|
containerd/Makefile | 3 ++-
|
|
containerd/remotes/docker/authorizer.go | 3 ++-
|
|
2 files changed, 4 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/containerd/Makefile b/containerd/Makefile
|
|
index c0fecb9..44dd5ad 100644
|
|
--- a/containerd/Makefile
|
|
+++ b/containerd/Makefile
|
|
@@ -20,7 +20,7 @@ ROOTDIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST))))
|
|
DESTDIR ?= /usr/local
|
|
|
|
# Used to populate variables in version package.
|
|
-VERSION=$(shell git describe --match 'v[0-9]*' --dirty='.m' --always)
|
|
+VERSION=v1.4.6
|
|
REVISION=$(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi)
|
|
PACKAGE=github.com/containerd/containerd
|
|
SHIM_CGO_ENABLED ?= 0
|
|
@@ -78,6 +78,7 @@ endif
|
|
# Build tags apparmor and selinux are needed by CRI plugin.
|
|
GO_BUILDTAGS ?= apparmor selinux
|
|
GO_BUILDTAGS += ${DEBUG_TAGS}
|
|
+GO_BUILDTAGS += no_btrfs
|
|
GO_TAGS=$(if $(GO_BUILDTAGS),-tags "$(GO_BUILDTAGS)",)
|
|
GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)'
|
|
SHIM_GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static" $(EXTRA_LDFLAGS)'
|
|
diff --git a/containerd/remotes/docker/authorizer.go b/containerd/remotes/docker/authorizer.go
|
|
index 001423a..2db8d60 100644
|
|
--- a/containerd/remotes/docker/authorizer.go
|
|
+++ b/containerd/remotes/docker/authorizer.go
|
|
@@ -366,7 +366,8 @@ func (ah *authHandler) fetchTokenWithOAuth(ctx context.Context, to tokenOptions)
|
|
// Registries without support for POST may return 404 for POST /v2/token.
|
|
// As of September 2017, GCR is known to return 404.
|
|
// As of February 2018, JFrog Artifactory is known to return 401.
|
|
- if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 {
|
|
+ // Registry in StarlingX 3.0 returns 400 for POST /v2/token. Should check if still applicable.
|
|
+ if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 || resp.StatusCode == 400 {
|
|
return ah.fetchToken(ctx, to)
|
|
} else if resp.StatusCode < 200 || resp.StatusCode >= 400 {
|
|
b, _ := ioutil.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB
|
|
--
|
|
2.29.2
|
|
|