├── gce-containers-startup ├── vendor │ ├── github.com │ │ ├── Sirupsen │ │ │ └── logrus │ │ │ │ ├── .gitignore │ │ │ │ ├── .travis.yml │ │ │ │ ├── terminal_darwin.go │ │ │ │ ├── terminal_linux.go │ │ │ │ ├── terminal_freebsd.go │ │ │ │ ├── terminal_notwindows.go │ │ │ │ ├── json_formatter.go │ │ │ │ ├── terminal_windows.go │ │ │ │ ├── LICENSE │ │ │ │ ├── hooks.go │ │ │ │ └── formatter.go │ │ ├── docker │ │ │ ├── go-connections │ │ │ │ ├── sockets │ │ │ │ │ ├── README.md │ │ │ │ │ ├── sockets_windows.go │ │ │ │ │ ├── sockets_unix.go │ │ │ │ │ ├── tcp_socket.go │ │ │ │ │ ├── sockets.go │ │ │ │ │ └── proxy.go │ │ │ │ ├── tlsconfig │ │ │ │ │ ├── config_legacy_client_ciphers.go │ │ │ │ │ └── config_client_ciphers.go │ │ │ │ └── nat │ │ │ │ │ └── parse.go │ │ │ ├── docker │ │ │ │ ├── pkg │ │ │ │ │ ├── mount │ │ │ │ │ │ ├── mountinfo_windows.go │ │ │ │ │ │ ├── mounter_unsupported.go │ │ │ │ │ │ ├── mountinfo_unsupported.go │ │ │ │ │ │ ├── mounter_linux.go │ │ │ │ │ │ ├── flags_unsupported.go │ │ │ │ │ │ ├── mountinfo_freebsd.go │ │ │ │ │ │ ├── flags_freebsd.go │ │ │ │ │ │ ├── mountinfo.go │ │ │ │ │ │ └── mounter_freebsd.go │ │ │ │ │ ├── symlink │ │ │ │ │ │ ├── fs_unix.go │ │ │ │ │ │ ├── README.md │ │ │ │ │ │ └── LICENSE.BSD │ │ │ │ │ ├── system │ │ │ │ │ │ ├── utimes_darwin.go │ │ │ │ │ │ ├── meminfo_unsupported.go │ │ │ │ │ │ ├── errors.go │ │ │ │ │ │ ├── path_windows.go │ │ │ │ │ │ ├── umask_windows.go │ │ │ │ │ │ ├── umask.go │ │ │ │ │ │ ├── path_unix.go │ │ │ │ │ │ ├── utimes_unsupported.go │ │ │ │ │ │ ├── chtimes_unix.go │ │ │ │ │ │ ├── mknod_windows.go │ │ │ │ │ │ ├── stat_openbsd.go │ │ │ │ │ │ ├── stat_solaris.go │ │ │ │ │ │ ├── xattrs_unsupported.go │ │ │ │ │ │ ├── stat_unsupported.go │ │ │ │ │ │ ├── lstat.go │ │ │ │ │ │ ├── meminfo.go │ │ │ │ │ │ ├── filesys.go │ │ │ │ │ │ ├── syscall_unix.go │ │ │ │ │ │ ├── lstat_windows.go │ │ │ │ │ │ ├── utimes_freebsd.go │ │ │ │ │ │ ├── stat_freebsd.go │ │ │ │ │ │ ├── chtimes_windows.go │ │ │ │ │ │ ├── utimes_linux.go │ │ │ │ │ │ ├── mknod.go │ │ │ │ │ │ ├── stat_linux.go │ │ │ │ │ │ ├── stat_windows.go │ │ │ │ │ │ ├── stat.go │ │ │ │ │ │ ├── chtimes.go │ │ │ │ │ │ ├── meminfo_windows.go │ │ │ │ │ │ ├── meminfo_linux.go │ │ │ │ │ │ └── syscall_windows.go │ │ │ │ │ ├── term │ │ │ │ │ │ ├── windows │ │ │ │ │ │ │ └── windows.go │ │ │ │ │ │ ├── tc_other.go │ │ │ │ │ │ ├── ascii.go │ │ │ │ │ │ ├── tc_linux_cgo.go │ │ │ │ │ │ └── termios_linux.go │ │ │ │ │ ├── longpath │ │ │ │ │ │ └── longpath.go │ │ │ │ │ └── jsonlog │ │ │ │ │ │ ├── time_marshalling.go │ │ │ │ │ │ └── jsonlog.go │ │ │ │ └── NOTICE │ │ │ ├── engine-api │ │ │ │ ├── client │ │ │ │ │ ├── client_darwin.go │ │ │ │ │ ├── client_windows.go │ │ │ │ │ ├── client_unix.go │ │ │ │ │ ├── volume_remove.go │ │ │ │ │ ├── network_remove.go │ │ │ │ │ ├── container_start.go │ │ │ │ │ ├── container_unpause.go │ │ │ │ │ ├── container_pause.go │ │ │ │ │ ├── container_update.go │ │ │ │ │ ├── container_rename.go │ │ │ │ │ ├── container_kill.go │ │ │ │ │ ├── network_disconnect.go │ │ │ │ │ ├── container_export.go │ │ │ │ │ ├── image_save.go │ │ │ │ │ ├── version.go │ │ │ │ │ ├── container_stop.go │ │ │ │ │ ├── transport │ │ │ │ │ │ ├── cancellable │ │ │ │ │ │ │ ├── canceler.go │ │ │ │ │ │ │ ├── canceler_go14.go │ │ │ │ │ │ │ └── LICENSE │ │ │ │ │ │ ├── client.go │ │ │ │ │ │ └── transport.go │ │ │ │ │ ├── volume_create.go │ │ │ │ │ ├── container_restart.go │ │ │ │ │ ├── network_connect.go │ │ │ │ │ ├── container_stats.go │ │ │ │ │ ├── image_history.go │ │ │ │ │ ├── info.go │ │ │ │ │ ├── container_diff.go │ │ │ │ │ ├── container_remove.go │ │ │ │ │ ├── volume_inspect.go │ │ │ │ │ ├── container_wait.go │ │ │ │ │ ├── network_create.go │ │ │ │ │ ├── image_remove.go │ │ │ │ │ ├── network_inspect.go │ │ │ │ │ ├── container_top.go │ │ │ │ │ ├── login.go │ │ │ │ │ ├── volume_list.go │ │ │ │ │ ├── image_load.go │ │ │ │ │ ├── network_list.go │ │ │ │ │ ├── container_resize.go │ │ │ │ │ ├── image_import.go │ │ │ │ │ ├── image_create.go │ │ │ │ │ ├── container_attach.go │ │ │ │ │ ├── image_inspect.go │ │ │ │ │ ├── image_list.go │ │ │ │ │ ├── image_tag.go │ │ │ │ │ ├── events.go │ │ │ │ │ ├── container_logs.go │ │ │ │ │ ├── container_list.go │ │ │ │ │ ├── container_create.go │ │ │ │ │ ├── image_pull.go │ │ │ │ │ ├── image_search.go │ │ │ │ │ └── container_commit.go │ │ │ │ └── types │ │ │ │ │ ├── blkiodev │ │ │ │ │ └── blkio.go │ │ │ │ │ ├── auth.go │ │ │ │ │ ├── strslice │ │ │ │ │ └── strslice.go │ │ │ │ │ ├── reference │ │ │ │ │ └── image_reference.go │ │ │ │ │ ├── versions │ │ │ │ │ ├── README.md │ │ │ │ │ └── compare.go │ │ │ │ │ └── network │ │ │ │ │ └── network.go │ │ │ ├── spdystream │ │ │ │ ├── utils.go │ │ │ │ ├── CONTRIBUTING.md │ │ │ │ ├── MAINTAINERS │ │ │ │ └── handlers.go │ │ │ ├── go-units │ │ │ │ ├── circle.yml │ │ │ │ ├── README.md │ │ │ │ ├── MAINTAINERS │ │ │ │ └── duration.go │ │ │ └── distribution │ │ │ │ └── digest │ │ │ │ ├── verifiers.go │ │ │ │ └── doc.go │ │ ├── opencontainers │ │ │ └── runc │ │ │ │ ├── libcontainer │ │ │ │ ├── cgroups │ │ │ │ │ ├── fs │ │ │ │ │ │ ├── fs_unsupported.go │ │ │ │ │ │ ├── name.go │ │ │ │ │ │ ├── perf_event.go │ │ │ │ │ │ ├── net_prio.go │ │ │ │ │ │ ├── net_cls.go │ │ │ │ │ │ └── freezer.go │ │ │ │ │ ├── cgroups_unsupported.go │ │ │ │ │ ├── systemd │ │ │ │ │ │ └── apply_nosystemd.go │ │ │ │ │ └── cgroups.go │ │ │ │ ├── criurpc │ │ │ │ │ └── Makefile │ │ │ │ ├── stacktrace │ │ │ │ │ ├── stacktrace.go │ │ │ │ │ ├── capture.go │ │ │ │ │ └── frame.go │ │ │ │ ├── configs │ │ │ │ │ ├── namespaces.go │ │ │ │ │ ├── cgroup_unsupported.go │ │ │ │ │ ├── cgroup_windows.go │ │ │ │ │ ├── hugepage_limit.go │ │ │ │ │ ├── namespaces_unsupported.go │ │ │ │ │ ├── interface_priority_map.go │ │ │ │ │ ├── namespaces_syscall_unsupported.go │ │ │ │ │ ├── namespaces_syscall.go │ │ │ │ │ ├── mount.go │ │ │ │ │ ├── device.go │ │ │ │ │ └── config_unix.go │ │ │ │ ├── stats_freebsd.go │ │ │ │ ├── stats_windows.go │ │ │ │ ├── user │ │ │ │ │ ├── MAINTAINERS │ │ │ │ │ ├── lookup_unsupported.go │ │ │ │ │ └── lookup_unix.go │ │ │ │ ├── stats_solaris.go │ │ │ │ ├── criu_opts_windows.go │ │ │ │ ├── stats_linux.go │ │ │ │ ├── system │ │ │ │ │ ├── unsupported.go │ │ │ │ │ ├── sysconfig.go │ │ │ │ │ ├── sysconfig_notcgo.go │ │ │ │ │ ├── syscall_linux_386.go │ │ │ │ │ ├── syscall_linux_arm.go │ │ │ │ │ ├── syscall_linux_64.go │ │ │ │ │ ├── proc.go │ │ │ │ │ └── setns_linux.go │ │ │ │ ├── compat_1.5_linux.go │ │ │ │ ├── stats.go │ │ │ │ ├── console.go │ │ │ │ ├── setgroups_linux.go │ │ │ │ ├── apparmor │ │ │ │ │ ├── apparmor_disabled.go │ │ │ │ │ └── apparmor.go │ │ │ │ ├── console_solaris.go │ │ │ │ ├── console_freebsd.go │ │ │ │ ├── container_solaris.go │ │ │ │ ├── container_windows.go │ │ │ │ ├── seccomp │ │ │ │ │ └── seccomp_unsupported.go │ │ │ │ ├── console_windows.go │ │ │ │ ├── utils │ │ │ │ │ └── utils_unix.go │ │ │ │ ├── setns_init_linux.go │ │ │ │ ├── factory.go │ │ │ │ ├── error.go │ │ │ │ └── criu_opts_unix.go │ │ │ │ └── NOTICE │ │ └── google │ │ │ └── shlex │ │ │ └── README │ ├── golang.org │ │ └── x │ │ │ └── net │ │ │ ├── http2 │ │ │ ├── .gitignore │ │ │ ├── Makefile │ │ │ ├── README │ │ │ ├── flow.go │ │ │ ├── go16.go │ │ │ ├── not_go16.go │ │ │ ├── not_go17.go │ │ │ ├── fixed_buffer.go │ │ │ ├── Dockerfile │ │ │ └── headermap.go │ │ │ ├── proxy │ │ │ └── direct.go │ │ │ ├── PATENTS │ │ │ └── LICENSE │ └── gopkg.in │ │ └── yaml.v2 │ │ └── LICENSE.libyaml ├── command │ ├── BUILD │ └── runner.go ├── metadata │ ├── BUILD │ └── provider_stub.go ├── types │ └── BUILD ├── utils │ ├── registry.go │ └── BUILD └── volumes │ └── BUILD ├── .gitignore ├── cloudbuild.yaml ├── .github └── dependabot.yml ├── WORKSPACE ├── docker └── Dockerfile ├── scripts ├── konlet-startup.service └── konlet-startup └── CONTRIBUTING.md /gce-containers-startup/vendor/github.com/Sirupsen/logrus/.gitignore: -------------------------------------------------------------------------------- 1 | logrus 2 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | h2i/h2i 3 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/Makefile: -------------------------------------------------------------------------------- 1 | curlimage: 2 | docker build -t gohttp2/curl . 3 | 4 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | bazel-bin 2 | bazel-gce-containers-startup 3 | bazel-genfiles 4 | bazel-out 5 | bazel-testlogs 6 | bazel-konlet 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/fs_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux 2 | 3 | package fs 4 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux 2 | 3 | package cgroups 4 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/criurpc/Makefile: -------------------------------------------------------------------------------- 1 | gen: criurpc.proto 2 | protoc --go_out=. criurpc.proto 3 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/google/shlex/README: -------------------------------------------------------------------------------- 1 | go-shlex is a simple lexer for go that supports shell-style quoting, 2 | commenting, and escaping. 3 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stacktrace/stacktrace.go: -------------------------------------------------------------------------------- 1 | package stacktrace 2 | 3 | type Stacktrace struct { 4 | Frames []Frame 5 | } 6 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/namespaces.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | type NamespaceType string 4 | 5 | type Namespaces []Namespace 6 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stats_freebsd.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | type Stats struct { 4 | Interfaces []*NetworkInterface 5 | } 6 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stats_windows.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | type Stats struct { 4 | Interfaces []*NetworkInterface 5 | } 6 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/user/MAINTAINERS: -------------------------------------------------------------------------------- 1 | Tianon Gravi (@tianon) 2 | Aleksa Sarai (@cyphar) 3 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !windows,!linux,!freebsd 2 | 3 | package configs 4 | 5 | type Cgroup struct { 6 | } 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mountinfo_windows.go: -------------------------------------------------------------------------------- 1 | package mount 2 | 3 | func parseMountTable() ([]*Info, error) { 4 | // Do NOT return an error! 5 | return nil, nil 6 | } 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stats_solaris.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | // Solaris - TODO 4 | 5 | type Stats struct { 6 | Interfaces []*NetworkInterface 7 | } 8 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/client_darwin.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | // DefaultDockerHost defines os specific default if DOCKER_HOST is unset 4 | const DefaultDockerHost = "tcp://127.0.0.1:2375" 5 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/client_windows.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | // DefaultDockerHost defines os specific default if DOCKER_HOST is unset 4 | const DefaultDockerHost = "npipe:////./pipe/docker_engine" 5 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_windows.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | // TODO Windows: This can ultimately be entirely factored out on Windows as 4 | // cgroups are a Unix-specific construct. 5 | type Cgroup struct { 6 | } 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_windows.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | // TODO Windows: This can ultimately be entirely factored out as criu is 4 | // a Unix concept not relevant on Windows. 5 | type CriuOpts struct { 6 | } 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/symlink/fs_unix.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package symlink 4 | 5 | import ( 6 | "path/filepath" 7 | ) 8 | 9 | func evalSymlinks(path string) (string, error) { 10 | return filepath.EvalSymlinks(path) 11 | } 12 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stats_linux.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | import "github.com/opencontainers/runc/libcontainer/cgroups" 4 | 5 | type Stats struct { 6 | Interfaces []*NetworkInterface 7 | CgroupStats *cgroups.Stats 8 | } 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/client_unix.go: -------------------------------------------------------------------------------- 1 | // +build linux freebsd solaris openbsd 2 | 3 | package client 4 | 5 | // DefaultDockerHost defines os specific default if DOCKER_HOST is unset 6 | const DefaultDockerHost = "unix:///var/run/docker.sock" 7 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/utimes_darwin.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import "syscall" 4 | 5 | // LUtimesNano is not supported by darwin platform. 6 | func LUtimesNano(path string, ts []syscall.Timespec) error { 7 | return ErrNotSupportedPlatform 8 | } 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux 2 | 3 | package system 4 | 5 | // RunningInUserNS is a stub for non-Linux systems 6 | // Always returns false 7 | func RunningInUserNS() bool { 8 | return false 9 | } 10 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go: -------------------------------------------------------------------------------- 1 | // +build cgo,linux cgo,freebsd 2 | 3 | package system 4 | 5 | /* 6 | #include 7 | */ 8 | import "C" 9 | 10 | func GetClockTicks() int { 11 | return int(C.sysconf(C._SC_CLK_TCK)) 12 | } 13 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/meminfo_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!windows 2 | 3 | package system 4 | 5 | // ReadMemInfo is not supported on platforms other than linux and windows. 6 | func ReadMemInfo() (*MemInfo, error) { 7 | return nil, ErrNotSupportedPlatform 8 | } 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/errors.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | var ( 8 | // ErrNotSupportedPlatform means the platform is not supported. 9 | ErrNotSupportedPlatform = errors.New("platform and architecture is not supported") 10 | ) 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/hugepage_limit.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | type HugepageLimit struct { 4 | // which type of hugepage to limit. 5 | Pagesize string `json:"page_size"` 6 | 7 | // usage limit for hugepage. 8 | Limit uint64 `json:"limit"` 9 | } 10 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/.travis.yml: -------------------------------------------------------------------------------- 1 | language: go 2 | go: 3 | - 1.2 4 | - 1.3 5 | - tip 6 | install: 7 | - go get github.com/stretchr/testify 8 | - go get github.com/stvp/go-udp-testing 9 | - go get github.com/tobi/airbrake-go 10 | - go get github.com/getsentry/raven-go 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/path_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | // DefaultPathEnv is deliberately empty on Windows as the default path will be set by 6 | // the container. Docker has no context of what the default path should be. 7 | const DefaultPathEnv = "" 8 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/spdystream/utils.go: -------------------------------------------------------------------------------- 1 | package spdystream 2 | 3 | import ( 4 | "log" 5 | "os" 6 | ) 7 | 8 | var ( 9 | DEBUG = os.Getenv("DEBUG") 10 | ) 11 | 12 | func debugMessage(fmt string, args ...interface{}) { 13 | if DEBUG != "" { 14 | log.Printf(fmt, args...) 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/namespaces_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!freebsd 2 | 3 | package configs 4 | 5 | // Namespace defines configuration for each namespace. It specifies an 6 | // alternate path that is able to be joined via setns. 7 | type Namespace struct { 8 | } 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/umask_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | // Umask is not supported on the windows platform. 6 | func Umask(newmask int) (oldmask int, err error) { 7 | // should not be called on cli code path 8 | return 0, ErrNotSupportedPlatform 9 | } 10 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/compat_1.5_linux.go: -------------------------------------------------------------------------------- 1 | // +build linux,!go1.5 2 | 3 | package libcontainer 4 | 5 | import "syscall" 6 | 7 | // GidMappingsEnableSetgroups was added in Go 1.5, so do nothing when building 8 | // with earlier versions 9 | func enableSetgroups(sys *syscall.SysProcAttr) { 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mounter_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!freebsd freebsd,!cgo 2 | 3 | package mount 4 | 5 | func mount(device, target, mType string, flag uintptr, data string) error { 6 | panic("Not implemented") 7 | } 8 | 9 | func unmount(target string, flag int) error { 10 | panic("Not implemented") 11 | } 12 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/umask.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Umask sets current process's file mode creation mask to newmask 10 | // and return oldmask. 11 | func Umask(newmask int) (oldmask int, err error) { 12 | return syscall.Umask(newmask), nil 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-units/circle.yml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | post: 3 | # install golint 4 | - go get github.com/golang/lint/golint 5 | 6 | test: 7 | pre: 8 | # run analysis before tests 9 | - go vet ./... 10 | - test -z "$(golint ./... | tee /dev/stderr)" 11 | - test -z "$(gofmt -s -l . | tee /dev/stderr)" 12 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/path_unix.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | // DefaultPathEnv is unix style list of directories to search for 6 | // executables. Each directory is separated from the next by a colon 7 | // ':' character . 8 | const DefaultPathEnv = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/utimes_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!freebsd,!darwin 2 | 3 | package system 4 | 5 | import "syscall" 6 | 7 | // LUtimesNano is not supported on platforms other than linux, freebsd and darwin. 8 | func LUtimesNano(path string, ts []syscall.Timespec) error { 9 | return ErrNotSupportedPlatform 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/sockets_windows.go: -------------------------------------------------------------------------------- 1 | package sockets 2 | 3 | import ( 4 | "net" 5 | "time" 6 | 7 | "github.com/Microsoft/go-winio" 8 | ) 9 | 10 | // DialPipe connects to a Windows named pipe. 11 | func DialPipe(addr string, timeout time.Duration) (net.Conn, error) { 12 | return winio.DialPipe(addr, &timeout) 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mountinfo_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !windows,!linux,!freebsd freebsd,!cgo 2 | 3 | package mount 4 | 5 | import ( 6 | "fmt" 7 | "runtime" 8 | ) 9 | 10 | func parseMountTable() ([]*Info, error) { 11 | return nil, fmt.Errorf("mount.parseMountTable is not implemented on %s/%s", runtime.GOOS, runtime.GOARCH) 12 | } 13 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/term/windows/windows.go: -------------------------------------------------------------------------------- 1 | // These files implement ANSI-aware input and output streams for use by the Docker Windows client. 2 | // When asked for the set of standard streams (e.g., stdin, stdout, stderr), the code will create 3 | // and return pseudo-streams that convert ANSI sequences to / from Windows Console API calls. 4 | 5 | package windows 6 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/interface_priority_map.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | import ( 4 | "fmt" 5 | ) 6 | 7 | type IfPrioMap struct { 8 | Interface string `json:"interface"` 9 | Priority int64 `json:"priority"` 10 | } 11 | 12 | func (i *IfPrioMap) CgroupString() string { 13 | return fmt.Sprintf("%s %d", i.Interface, i.Priority) 14 | } 15 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stats.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | type NetworkInterface struct { 4 | // Name is the name of the network interface. 5 | Name string 6 | 7 | RxBytes uint64 8 | RxPackets uint64 9 | RxErrors uint64 10 | RxDropped uint64 11 | TxBytes uint64 12 | TxPackets uint64 13 | TxErrors uint64 14 | TxDropped uint64 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/volume_remove.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import "golang.org/x/net/context" 4 | 5 | // VolumeRemove removes a volume from the docker host. 6 | func (cli *Client) VolumeRemove(ctx context.Context, volumeID string) error { 7 | resp, err := cli.delete(ctx, "/volumes/"+volumeID, nil, nil) 8 | ensureReaderClosed(resp) 9 | return err 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/sockets_unix.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package sockets 4 | 5 | import ( 6 | "net" 7 | "syscall" 8 | "time" 9 | ) 10 | 11 | // DialPipe connects to a Windows named pipe. 12 | // This is not supported on other OSes. 13 | func DialPipe(_ string, _ time.Duration) (net.Conn, error) { 14 | return nil, syscall.EAFNOSUPPORT 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/terminal_darwin.go: -------------------------------------------------------------------------------- 1 | // Based on ssh/terminal: 2 | // Copyright 2013 The Go Authors. All rights reserved. 3 | // Use of this source code is governed by a BSD-style 4 | // license that can be found in the LICENSE file. 5 | 6 | package logrus 7 | 8 | import "syscall" 9 | 10 | const ioctlReadTermios = syscall.TIOCGETA 11 | 12 | type Termios syscall.Termios 13 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/terminal_linux.go: -------------------------------------------------------------------------------- 1 | // Based on ssh/terminal: 2 | // Copyright 2013 The Go Authors. All rights reserved. 3 | // Use of this source code is governed by a BSD-style 4 | // license that can be found in the LICENSE file. 5 | 6 | package logrus 7 | 8 | import "syscall" 9 | 10 | const ioctlReadTermios = syscall.TCGETS 11 | 12 | type Termios syscall.Termios 13 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/console.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | import "io" 4 | 5 | // Console represents a pseudo TTY. 6 | type Console interface { 7 | io.ReadWriter 8 | io.Closer 9 | 10 | // Path returns the filesystem path to the slave side of the pty. 11 | Path() string 12 | 13 | // Fd returns the fd for the master of the pty. 14 | Fd() uintptr 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/chtimes_unix.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "time" 7 | ) 8 | 9 | //setCTime will set the create time on a file. On Unix, the create 10 | //time is updated as a side effect of setting the modified time, so 11 | //no action is required. 12 | func setCTime(path string, ctime time.Time) error { 13 | return nil 14 | } 15 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_remove.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import "golang.org/x/net/context" 4 | 5 | // NetworkRemove removes an existent network from the docker host. 6 | func (cli *Client) NetworkRemove(ctx context.Context, networkID string) error { 7 | resp, err := cli.delete(ctx, "/networks/"+networkID, nil, nil) 8 | ensureReaderClosed(resp) 9 | return err 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go: -------------------------------------------------------------------------------- 1 | // +build linux,go1.5 2 | 3 | package libcontainer 4 | 5 | import "syscall" 6 | 7 | // Set the GidMappingsEnableSetgroups member to true, so the process's 8 | // setgroups proc entry wont be set to 'deny' if GidMappings are set 9 | func enableSetgroups(sys *syscall.SysProcAttr) { 10 | sys.GidMappingsEnableSetgroups = true 11 | } 12 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/mknod_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | // Mknod is not implemented on Windows. 6 | func Mknod(path string, mode uint32, dev int) error { 7 | return ErrNotSupportedPlatform 8 | } 9 | 10 | // Mkdev is not implemented on Windows. 11 | func Mkdev(major int64, minor int64) uint32 { 12 | panic("Mkdev not implemented on Windows.") 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_openbsd.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | ) 6 | 7 | // fromStatT creates a system.StatT type from a syscall.Stat_t type 8 | func fromStatT(s *syscall.Stat_t) (*StatT, error) { 9 | return &StatT{size: s.Size, 10 | mode: uint32(s.Mode), 11 | uid: s.Uid, 12 | gid: s.Gid, 13 | rdev: uint64(s.Rdev), 14 | mtim: s.Mtim}, nil 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_start.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import "golang.org/x/net/context" 4 | 5 | // ContainerStart sends a request to the docker daemon to start a container. 6 | func (cli *Client) ContainerStart(ctx context.Context, containerID string) error { 7 | resp, err := cli.post(ctx, "/containers/"+containerID+"/start", nil, nil, nil) 8 | ensureReaderClosed(resp) 9 | return err 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_unpause.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import "golang.org/x/net/context" 4 | 5 | // ContainerUnpause resumes the process execution within a container 6 | func (cli *Client) ContainerUnpause(ctx context.Context, containerID string) error { 7 | resp, err := cli.post(ctx, "/containers/"+containerID+"/unpause", nil, nil, nil) 8 | ensureReaderClosed(resp) 9 | return err 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_solaris.go: -------------------------------------------------------------------------------- 1 | // +build solaris 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // fromStatT creates a system.StatT type from a syscall.Stat_t type 10 | func fromStatT(s *syscall.Stat_t) (*StatT, error) { 11 | return &StatT{size: s.Size, 12 | mode: uint32(s.Mode), 13 | uid: s.Uid, 14 | gid: s.Gid, 15 | rdev: uint64(s.Rdev), 16 | mtim: s.Mtim}, nil 17 | } 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_pause.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import "golang.org/x/net/context" 4 | 5 | // ContainerPause pauses the main process of a given container without terminating it. 6 | func (cli *Client) ContainerPause(ctx context.Context, containerID string) error { 7 | resp, err := cli.post(ctx, "/containers/"+containerID+"/pause", nil, nil, nil) 8 | ensureReaderClosed(resp) 9 | return err 10 | } 11 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/symlink/README.md: -------------------------------------------------------------------------------- 1 | Package symlink implements EvalSymlinksInScope which is an extension of filepath.EvalSymlinks, 2 | as well as a Windows long-path aware version of filepath.EvalSymlinks 3 | from the [Go standard library](https://golang.org/pkg/path/filepath). 4 | 5 | The code from filepath.EvalSymlinks has been adapted in fs.go. 6 | Please read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_test.go. 7 | -------------------------------------------------------------------------------- /cloudbuild.yaml: -------------------------------------------------------------------------------- 1 | steps: 2 | - name: 'gcr.io/cloud-builders/bazel' 3 | args: ['build', 'gce-containers-startup'] 4 | - name: 'gcr.io/google-containers/busybox' 5 | args: ['cp', 'bazel-bin/gce-containers-startup/gce-containers-startup_/gce-containers-startup', 'docker/gce-containers-startup'] 6 | - name: 'gcr.io/cloud-builders/docker' 7 | args: ['build', '-t', 'gcr.io/gce-containers/konlet:$BRANCH_NAME-HEAD', 'docker'] 8 | images: ['gcr.io/gce-containers/konlet:$BRANCH_NAME-HEAD'] 9 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor_disabled.go: -------------------------------------------------------------------------------- 1 | // +build !apparmor !linux 2 | 3 | package apparmor 4 | 5 | import ( 6 | "errors" 7 | ) 8 | 9 | var ErrApparmorNotEnabled = errors.New("apparmor: config provided but apparmor not supported") 10 | 11 | func IsEnabled() bool { 12 | return false 13 | } 14 | 15 | func ApplyProfile(name string) error { 16 | if name != "" { 17 | return ErrApparmorNotEnabled 18 | } 19 | return nil 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/terminal_freebsd.go: -------------------------------------------------------------------------------- 1 | /* 2 | Go 1.2 doesn't include Termios for FreeBSD. This should be added in 1.3 and this could be merged with terminal_darwin. 3 | */ 4 | package logrus 5 | 6 | import ( 7 | "syscall" 8 | ) 9 | 10 | const ioctlReadTermios = syscall.TIOCGETA 11 | 12 | type Termios struct { 13 | Iflag uint32 14 | Oflag uint32 15 | Cflag uint32 16 | Lflag uint32 17 | Cc [20]uint8 18 | Ispeed uint32 19 | Ospeed uint32 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/xattrs_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux 2 | 3 | package system 4 | 5 | // Lgetxattr is not supported on platforms other than linux. 6 | func Lgetxattr(path string, attr string) ([]byte, error) { 7 | return nil, ErrNotSupportedPlatform 8 | } 9 | 10 | // Lsetxattr is not supported on platforms other than linux. 11 | func Lsetxattr(path string, attr string, data []byte, flags int) error { 12 | return ErrNotSupportedPlatform 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/console_solaris.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | import ( 4 | "errors" 5 | ) 6 | 7 | // NewConsole returns an initalized console that can be used within a container by copying bytes 8 | // from the master side to the slave that is attached as the tty for the container's init process. 9 | func NewConsole(uid, gid int) (Console, error) { 10 | return nil, errors.New("libcontainer console is not supported on Solaris") 11 | } 12 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!windows,!freebsd,!solaris,!openbsd 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // fromStatT creates a system.StatT type from a syscall.Stat_t type 10 | func fromStatT(s *syscall.Stat_t) (*StatT, error) { 11 | return &StatT{size: s.Size, 12 | mode: uint32(s.Mode), 13 | uid: s.Uid, 14 | gid: s.Gid, 15 | rdev: uint64(s.Rdev), 16 | mtim: s.Mtimespec}, nil 17 | } 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/lstat.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Lstat takes a path to a file and returns 10 | // a system.StatT type pertaining to that file. 11 | // 12 | // Throws an error if the file does not exist 13 | func Lstat(path string) (*StatT, error) { 14 | s := &syscall.Stat_t{} 15 | if err := syscall.Lstat(path, s); err != nil { 16 | return nil, err 17 | } 18 | return fromStatT(s) 19 | } 20 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/meminfo.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | // MemInfo contains memory statistics of the host system. 4 | type MemInfo struct { 5 | // Total usable RAM (i.e. physical RAM minus a few reserved bits and the 6 | // kernel binary code). 7 | MemTotal int64 8 | 9 | // Amount of free memory. 10 | MemFree int64 11 | 12 | // Total amount of swap space available. 13 | SwapTotal int64 14 | 15 | // Amount of swap space that is currently unused. 16 | SwapFree int64 17 | } 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/console_freebsd.go: -------------------------------------------------------------------------------- 1 | // +build freebsd 2 | 3 | package libcontainer 4 | 5 | import ( 6 | "errors" 7 | ) 8 | 9 | // NewConsole returns an initalized console that can be used within a container by copying bytes 10 | // from the master side to the slave that is attached as the tty for the container's init process. 11 | func NewConsole(uid, gid int) (Console, error) { 12 | return nil, errors.New("libcontainer console is not supported on FreeBSD") 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_update.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "github.com/docker/engine-api/types/container" 5 | "golang.org/x/net/context" 6 | ) 7 | 8 | // ContainerUpdate updates resources of a container 9 | func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, updateConfig container.UpdateConfig) error { 10 | resp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil) 11 | ensureReaderClosed(resp) 12 | return err 13 | } 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/proxy/direct.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package proxy 6 | 7 | import ( 8 | "net" 9 | ) 10 | 11 | type direct struct{} 12 | 13 | // Direct is a direct proxy: one that makes network connections directly. 14 | var Direct = direct{} 15 | 16 | func (direct) Dial(network, addr string) (net.Conn, error) { 17 | return net.Dial(network, addr) 18 | } 19 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/tlsconfig/config_legacy_client_ciphers.go: -------------------------------------------------------------------------------- 1 | // +build !go1.5 2 | 3 | // Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. 4 | // 5 | package tlsconfig 6 | 7 | import ( 8 | "crypto/tls" 9 | ) 10 | 11 | // Client TLS cipher suites (dropping CBC ciphers for client preferred suite set) 12 | var clientCipherSuites = []uint16{ 13 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 14 | tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_rename.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | 6 | "golang.org/x/net/context" 7 | ) 8 | 9 | // ContainerRename changes the name of a given container. 10 | func (cli *Client) ContainerRename(ctx context.Context, containerID, newContainerName string) error { 11 | query := url.Values{} 12 | query.Set("name", newContainerName) 13 | resp, err := cli.post(ctx, "/containers/"+containerID+"/rename", query, nil, nil) 14 | ensureReaderClosed(resp) 15 | return err 16 | } 17 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/spdystream/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to SpdyStream 2 | 3 | Want to hack on spdystream? Awesome! Here are instructions to get you 4 | started. 5 | 6 | SpdyStream is a part of the [Docker](https://docker.io) project, and follows 7 | the same rules and principles. If you're already familiar with the way 8 | Docker does things, you'll feel right at home. 9 | 10 | Otherwise, go read 11 | [Docker's contributions guidelines](https://github.com/dotcloud/docker/blob/master/CONTRIBUTING.md). 12 | 13 | Happy hacking! 14 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/namespaces_syscall_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!windows 2 | 3 | package configs 4 | 5 | func (n *Namespace) Syscall() int { 6 | panic("No namespace syscall support") 7 | return 0 8 | } 9 | 10 | // CloneFlags parses the container's Namespaces options to set the correct 11 | // flags on clone, unshare. This function returns flags only for new namespaces. 12 | func (n *Namespaces) CloneFlags() uintptr { 13 | panic("No namespace syscall support") 14 | return uintptr(0) 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/term/tc_other.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | // +build !linux !cgo 3 | 4 | package term 5 | 6 | import ( 7 | "syscall" 8 | "unsafe" 9 | ) 10 | 11 | func tcget(fd uintptr, p *Termios) syscall.Errno { 12 | _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, uintptr(getTermios), uintptr(unsafe.Pointer(p))) 13 | return err 14 | } 15 | 16 | func tcset(fd uintptr, p *Termios) syscall.Errno { 17 | _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, setTermios, uintptr(unsafe.Pointer(p))) 18 | return err 19 | } 20 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris 2 | 3 | package user 4 | 5 | import "io" 6 | 7 | func GetPasswdPath() (string, error) { 8 | return "", ErrUnsupported 9 | } 10 | 11 | func GetPasswd() (io.ReadCloser, error) { 12 | return nil, ErrUnsupported 13 | } 14 | 15 | func GetGroupPath() (string, error) { 16 | return "", ErrUnsupported 17 | } 18 | 19 | func GetGroup() (io.ReadCloser, error) { 20 | return nil, ErrUnsupported 21 | } 22 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/filesys.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "os" 7 | "path/filepath" 8 | ) 9 | 10 | // MkdirAll creates a directory named path along with any necessary parents, 11 | // with permission specified by attribute perm for all dir created. 12 | func MkdirAll(path string, perm os.FileMode) error { 13 | return os.MkdirAll(path, perm) 14 | } 15 | 16 | // IsAbs is a platform-specific wrapper for filepath.IsAbs. 17 | func IsAbs(path string) bool { 18 | return filepath.IsAbs(path) 19 | } 20 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/syscall_unix.go: -------------------------------------------------------------------------------- 1 | // +build linux freebsd 2 | 3 | package system 4 | 5 | import "syscall" 6 | 7 | // Unmount is a platform-specific helper function to call 8 | // the unmount syscall. 9 | func Unmount(dest string) error { 10 | return syscall.Unmount(dest, 0) 11 | } 12 | 13 | // CommandLineToArgv should not be used on Unix. 14 | // It simply returns commandLine in the only element in the returned array. 15 | func CommandLineToArgv(commandLine string) ([]string, error) { 16 | return []string{commandLine}, nil 17 | } 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_kill.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | 6 | "golang.org/x/net/context" 7 | ) 8 | 9 | // ContainerKill terminates the container process but does not remove the container from the docker host. 10 | func (cli *Client) ContainerKill(ctx context.Context, containerID, signal string) error { 11 | query := url.Values{} 12 | query.Set("signal", signal) 13 | 14 | resp, err := cli.post(ctx, "/containers/"+containerID+"/kill", query, nil, nil) 15 | ensureReaderClosed(resp) 16 | return err 17 | } 18 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # To get started with Dependabot version updates, you'll need to specify which 2 | # package ecosystems to update and where the package manifests are located. 3 | # Please see the documentation for all configuration options: 4 | # https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file 5 | 6 | version: 2 7 | updates: 8 | - package-ecosystem: "gomod" 9 | directory: "/" 10 | labels: 11 | - "dependencies" 12 | schedule: 13 | interval: "daily" 14 | allow: 15 | - dependency-type: "all" 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_disconnect.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "github.com/docker/engine-api/types" 5 | "golang.org/x/net/context" 6 | ) 7 | 8 | // NetworkDisconnect disconnects a container from an existent network in the docker host. 9 | func (cli *Client) NetworkDisconnect(ctx context.Context, networkID, containerID string, force bool) error { 10 | nd := types.NetworkDisconnect{Container: containerID, Force: force} 11 | resp, err := cli.post(ctx, "/networks/"+networkID+"/disconnect", nil, nd, nil) 12 | ensureReaderClosed(resp) 13 | return err 14 | } 15 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig_notcgo.go: -------------------------------------------------------------------------------- 1 | // +build !cgo windows 2 | 3 | package system 4 | 5 | func GetClockTicks() int { 6 | // TODO figure out a better alternative for platforms where we're missing cgo 7 | // 8 | // TODO Windows. This could be implemented using Win32 QueryPerformanceFrequency(). 9 | // https://msdn.microsoft.com/en-us/library/windows/desktop/ms644905(v=vs.85).aspx 10 | // 11 | // An example of its usage can be found here. 12 | // https://msdn.microsoft.com/en-us/library/windows/desktop/dn553408(v=vs.85).aspx 13 | 14 | return 100 15 | } 16 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/container_solaris.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | // State represents a running container's state 4 | type State struct { 5 | BaseState 6 | 7 | // Platform specific fields below here 8 | } 9 | 10 | // A libcontainer container object. 11 | // 12 | // Each container is thread-safe within the same process. Since a container can 13 | // be destroyed by a separate process, any function may return that the container 14 | // was not found. 15 | type Container interface { 16 | BaseContainer 17 | 18 | // Methods below here are platform specific 19 | 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/container_windows.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | // State represents a running container's state 4 | type State struct { 5 | BaseState 6 | 7 | // Platform specific fields below here 8 | } 9 | 10 | // A libcontainer container object. 11 | // 12 | // Each container is thread-safe within the same process. Since a container can 13 | // be destroyed by a separate process, any function may return that the container 14 | // was not found. 15 | type Container interface { 16 | BaseContainer 17 | 18 | // Methods below here are platform specific 19 | 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/blkiodev/blkio.go: -------------------------------------------------------------------------------- 1 | package blkiodev 2 | 3 | import "fmt" 4 | 5 | // WeightDevice is a structure that holds device:weight pair 6 | type WeightDevice struct { 7 | Path string 8 | Weight uint16 9 | } 10 | 11 | func (w *WeightDevice) String() string { 12 | return fmt.Sprintf("%s:%d", w.Path, w.Weight) 13 | } 14 | 15 | // ThrottleDevice is a structure that holds device:rate_per_second pair 16 | type ThrottleDevice struct { 17 | Path string 18 | Rate uint64 19 | } 20 | 21 | func (t *ThrottleDevice) String() string { 22 | return fmt.Sprintf("%s:%d", t.Path, t.Rate) 23 | } 24 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go: -------------------------------------------------------------------------------- 1 | // +build go1.5 2 | 3 | // Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. 4 | // 5 | package tlsconfig 6 | 7 | import ( 8 | "crypto/tls" 9 | ) 10 | 11 | // Client TLS cipher suites (dropping CBC ciphers for client preferred suite set) 12 | var clientCipherSuites = []uint16{ 13 | tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 14 | tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 15 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16 | tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 17 | } 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-units/README.md: -------------------------------------------------------------------------------- 1 | [![GoDoc](https://godoc.org/github.com/docker/go-units?status.svg)](https://godoc.org/github.com/docker/go-units) 2 | 3 | # Introduction 4 | 5 | go-units is a library to transform human friendly measurements into machine friendly values. 6 | 7 | ## Usage 8 | 9 | See the [docs in godoc](https://godoc.org/github.com/docker/go-units) for examples and documentation. 10 | 11 | ## Copyright and license 12 | 13 | Copyright © 2015 Docker, Inc. 14 | 15 | go-units is licensed under the Apache License, Version 2.0. 16 | See [LICENSE](LICENSE) for the full text of the license. 17 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_export.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerExport retrieves the raw contents of a container 11 | // and returns them as an io.ReadCloser. It's up to the caller 12 | // to close the stream. 13 | func (cli *Client) ContainerExport(ctx context.Context, containerID string) (io.ReadCloser, error) { 14 | serverResp, err := cli.get(ctx, "/containers/"+containerID+"/export", url.Values{}, nil) 15 | if err != nil { 16 | return nil, err 17 | } 18 | 19 | return serverResp.body, nil 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_save.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ImageSave retrieves one or more images from the docker host as an io.ReadCloser. 11 | // It's up to the caller to store the images and close the stream. 12 | func (cli *Client) ImageSave(ctx context.Context, imageIDs []string) (io.ReadCloser, error) { 13 | query := url.Values{ 14 | "names": imageIDs, 15 | } 16 | 17 | resp, err := cli.get(ctx, "/images/get", query, nil) 18 | if err != nil { 19 | return nil, err 20 | } 21 | return resp.body, nil 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/version.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | 6 | "github.com/docker/engine-api/types" 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ServerVersion returns information of the docker client and server host. 11 | func (cli *Client) ServerVersion(ctx context.Context) (types.Version, error) { 12 | resp, err := cli.get(ctx, "/version", nil, nil) 13 | if err != nil { 14 | return types.Version{}, err 15 | } 16 | 17 | var server types.Version 18 | err = json.NewDecoder(resp.body).Decode(&server) 19 | ensureReaderClosed(resp) 20 | return server, err 21 | } 22 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/NOTICE: -------------------------------------------------------------------------------- 1 | runc 2 | 3 | Copyright 2012-2015 Docker, Inc. 4 | 5 | This product includes software developed at Docker, Inc. (http://www.docker.com). 6 | 7 | The following is courtesy of our legal counsel: 8 | 9 | 10 | Use and transfer of Docker may be subject to certain restrictions by the 11 | United States and other governments. 12 | It is your responsibility to ensure that your use and/or transfer does not 13 | violate applicable laws. 14 | 15 | For more information, please see http://www.bis.doc.gov 16 | 17 | See also http://www.apache.org/dev/crypto.html and/or seek legal counsel. 18 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_stop.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | "strconv" 6 | 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerStop stops a container without terminating the process. 11 | // The process is blocked until the container stops or the timeout expires. 12 | func (cli *Client) ContainerStop(ctx context.Context, containerID string, timeout int) error { 13 | query := url.Values{} 14 | query.Set("t", strconv.Itoa(timeout)) 15 | resp, err := cli.post(ctx, "/containers/"+containerID+"/stop", query, nil, nil) 16 | ensureReaderClosed(resp) 17 | return err 18 | } 19 | -------------------------------------------------------------------------------- /WORKSPACE: -------------------------------------------------------------------------------- 1 | load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") 2 | 3 | http_archive( 4 | name = "io_bazel_rules_go", 5 | sha256 = "f4a9314518ca6acfa16cc4ab43b0b8ce1e4ea64b81c38d8a3772883f153346b8", 6 | urls = [ 7 | "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.50.1/rules_go-v0.50.1.zip", 8 | "https://github.com/bazelbuild/rules_go/releases/download/v0.50.1/rules_go-v0.50.1.zip", 9 | ], 10 | ) 11 | 12 | load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies") 13 | 14 | go_rules_dependencies() 15 | 16 | go_register_toolchains(version = "1.23.0") 17 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/transport/cancellable/canceler.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build go1.5 6 | 7 | package cancellable 8 | 9 | import ( 10 | "net/http" 11 | 12 | "github.com/docker/engine-api/client/transport" 13 | ) 14 | 15 | func canceler(client transport.Sender, req *http.Request) func() { 16 | // TODO(djd): Respect any existing value of req.Cancel. 17 | ch := make(chan struct{}) 18 | req.Cancel = ch 19 | 20 | return func() { 21 | close(ch) 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/volume_create.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | 6 | "github.com/docker/engine-api/types" 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // VolumeCreate creates a volume in the docker host. 11 | func (cli *Client) VolumeCreate(ctx context.Context, options types.VolumeCreateRequest) (types.Volume, error) { 12 | var volume types.Volume 13 | resp, err := cli.post(ctx, "/volumes/create", nil, options, nil) 14 | if err != nil { 15 | return volume, err 16 | } 17 | err = json.NewDecoder(resp.body).Decode(&volume) 18 | ensureReaderClosed(resp) 19 | return volume, err 20 | } 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mounter_linux.go: -------------------------------------------------------------------------------- 1 | package mount 2 | 3 | import ( 4 | "syscall" 5 | ) 6 | 7 | func mount(device, target, mType string, flag uintptr, data string) error { 8 | if err := syscall.Mount(device, target, mType, flag, data); err != nil { 9 | return err 10 | } 11 | 12 | // If we have a bind mount or remount, remount... 13 | if flag&syscall.MS_BIND == syscall.MS_BIND && flag&syscall.MS_RDONLY == syscall.MS_RDONLY { 14 | return syscall.Mount(device, target, mType, flag|syscall.MS_REMOUNT, data) 15 | } 16 | return nil 17 | } 18 | 19 | func unmount(target string, flag int) error { 20 | return syscall.Unmount(target, flag) 21 | } 22 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_restart.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | "strconv" 6 | 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerRestart stops and starts a container again. 11 | // It makes the daemon to wait for the container to be up again for 12 | // a specific amount of time, given the timeout. 13 | func (cli *Client) ContainerRestart(ctx context.Context, containerID string, timeout int) error { 14 | query := url.Values{} 15 | query.Set("t", strconv.Itoa(timeout)) 16 | resp, err := cli.post(ctx, "/containers/"+containerID+"/restart", query, nil, nil) 17 | ensureReaderClosed(resp) 18 | return err 19 | } 20 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_386.go: -------------------------------------------------------------------------------- 1 | // +build linux,386 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Setuid sets the uid of the calling thread to the specified uid. 10 | func Setuid(uid int) (err error) { 11 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETUID32, uintptr(uid), 0, 0) 12 | if e1 != 0 { 13 | err = e1 14 | } 15 | return 16 | } 17 | 18 | // Setgid sets the gid of the calling thread to the specified gid. 19 | func Setgid(gid int) (err error) { 20 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETGID32, uintptr(gid), 0, 0) 21 | if e1 != 0 { 22 | err = e1 23 | } 24 | return 25 | } 26 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_arm.go: -------------------------------------------------------------------------------- 1 | // +build linux,arm 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Setuid sets the uid of the calling thread to the specified uid. 10 | func Setuid(uid int) (err error) { 11 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETUID32, uintptr(uid), 0, 0) 12 | if e1 != 0 { 13 | err = e1 14 | } 15 | return 16 | } 17 | 18 | // Setgid sets the gid of the calling thread to the specified gid. 19 | func Setgid(gid int) (err error) { 20 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETGID32, uintptr(gid), 0, 0) 21 | if e1 != 0 { 22 | err = e1 23 | } 24 | return 25 | } 26 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux !cgo !seccomp 2 | 3 | package seccomp 4 | 5 | import ( 6 | "errors" 7 | 8 | "github.com/opencontainers/runc/libcontainer/configs" 9 | ) 10 | 11 | var ErrSeccompNotEnabled = errors.New("seccomp: config provided but seccomp not supported") 12 | 13 | // InitSeccomp does nothing because seccomp is not supported. 14 | func InitSeccomp(config *configs.Seccomp) error { 15 | if config != nil { 16 | return ErrSeccompNotEnabled 17 | } 18 | return nil 19 | } 20 | 21 | // IsEnabled returns false, because it is not supported. 22 | func IsEnabled() bool { 23 | return false 24 | } 25 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/flags_unsupported.go: -------------------------------------------------------------------------------- 1 | // +build !linux,!freebsd freebsd,!cgo 2 | 3 | package mount 4 | 5 | // These flags are unsupported. 6 | const ( 7 | BIND = 0 8 | DIRSYNC = 0 9 | MANDLOCK = 0 10 | NOATIME = 0 11 | NODEV = 0 12 | NODIRATIME = 0 13 | NOEXEC = 0 14 | NOSUID = 0 15 | UNBINDABLE = 0 16 | RUNBINDABLE = 0 17 | PRIVATE = 0 18 | RPRIVATE = 0 19 | SHARED = 0 20 | RSHARED = 0 21 | SLAVE = 0 22 | RSLAVE = 0 23 | RBIND = 0 24 | RELATIME = 0 25 | RELATIVE = 0 26 | REMOUNT = 0 27 | STRICTATIME = 0 28 | SYNCHRONOUS = 0 29 | RDONLY = 0 30 | ) 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_connect.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "github.com/docker/engine-api/types" 5 | "github.com/docker/engine-api/types/network" 6 | "golang.org/x/net/context" 7 | ) 8 | 9 | // NetworkConnect connects a container to an existent network in the docker host. 10 | func (cli *Client) NetworkConnect(ctx context.Context, networkID, containerID string, config *network.EndpointSettings) error { 11 | nc := types.NetworkConnect{ 12 | Container: containerID, 13 | EndpointConfig: config, 14 | } 15 | resp, err := cli.post(ctx, "/networks/"+networkID+"/connect", nil, nc, nil) 16 | ensureReaderClosed(resp) 17 | return err 18 | } 19 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/terminal_notwindows.go: -------------------------------------------------------------------------------- 1 | // Based on ssh/terminal: 2 | // Copyright 2011 The Go Authors. All rights reserved. 3 | // Use of this source code is governed by a BSD-style 4 | // license that can be found in the LICENSE file. 5 | 6 | // +build linux,!appengine darwin freebsd 7 | 8 | package logrus 9 | 10 | import ( 11 | "syscall" 12 | "unsafe" 13 | ) 14 | 15 | // IsTerminal returns true if the given file descriptor is a terminal. 16 | func IsTerminal() bool { 17 | fd := syscall.Stdout 18 | var termios Termios 19 | _, _, err := syscall.Syscall6(syscall.SYS_IOCTL, uintptr(fd), ioctlReadTermios, uintptr(unsafe.Pointer(&termios)), 0, 0, 0) 20 | return err == 0 21 | } 22 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/json_formatter.go: -------------------------------------------------------------------------------- 1 | package logrus 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "time" 7 | ) 8 | 9 | type JSONFormatter struct{} 10 | 11 | func (f *JSONFormatter) Format(entry *Entry) ([]byte, error) { 12 | data := make(Fields, len(entry.Data)+3) 13 | for k, v := range entry.Data { 14 | data[k] = v 15 | } 16 | prefixFieldClashes(data) 17 | data["time"] = entry.Time.Format(time.RFC3339) 18 | data["msg"] = entry.Message 19 | data["level"] = entry.Level.String() 20 | 21 | serialized, err := json.Marshal(data) 22 | if err != nil { 23 | return nil, fmt.Errorf("Failed to marshal fields to JSON, %v", err) 24 | } 25 | return append(serialized, '\n'), nil 26 | } 27 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_stats.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerStats returns near realtime stats for a given container. 11 | // It's up to the caller to close the io.ReadCloser returned. 12 | func (cli *Client) ContainerStats(ctx context.Context, containerID string, stream bool) (io.ReadCloser, error) { 13 | query := url.Values{} 14 | query.Set("stream", "0") 15 | if stream { 16 | query.Set("stream", "1") 17 | } 18 | 19 | resp, err := cli.get(ctx, "/containers/"+containerID+"/stats", query, nil) 20 | if err != nil { 21 | return nil, err 22 | } 23 | return resp.body, err 24 | } 25 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_history.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // ImageHistory returns the changes in an image in history format. 12 | func (cli *Client) ImageHistory(ctx context.Context, imageID string) ([]types.ImageHistory, error) { 13 | var history []types.ImageHistory 14 | serverResp, err := cli.get(ctx, "/images/"+imageID+"/history", url.Values{}, nil) 15 | if err != nil { 16 | return history, err 17 | } 18 | 19 | err = json.NewDecoder(serverResp.body).Decode(&history) 20 | ensureReaderClosed(serverResp) 21 | return history, err 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/lstat_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | import ( 6 | "os" 7 | ) 8 | 9 | // Lstat calls os.Lstat to get a fileinfo interface back. 10 | // This is then copied into our own locally defined structure. 11 | // Note the Linux version uses fromStatT to do the copy back, 12 | // but that not strictly necessary when already in an OS specific module. 13 | func Lstat(path string) (*StatT, error) { 14 | fi, err := os.Lstat(path) 15 | if err != nil { 16 | return nil, err 17 | } 18 | 19 | return &StatT{ 20 | name: fi.Name(), 21 | size: fi.Size(), 22 | mode: fi.Mode(), 23 | modTime: fi.ModTime(), 24 | isDir: fi.IsDir()}, nil 25 | } 26 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/transport/cancellable/canceler_go14.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !go1.5 6 | 7 | package cancellable 8 | 9 | import ( 10 | "net/http" 11 | 12 | "github.com/docker/engine-api/client/transport" 13 | ) 14 | 15 | type requestCanceler interface { 16 | CancelRequest(*http.Request) 17 | } 18 | 19 | func canceler(client transport.Sender, req *http.Request) func() { 20 | rc, ok := client.(requestCanceler) 21 | if !ok { 22 | return func() {} 23 | } 24 | return func() { 25 | rc.CancelRequest(req) 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go: -------------------------------------------------------------------------------- 1 | // +build linux,arm64 linux,amd64 linux,ppc linux,ppc64 linux,ppc64le linux,s390x 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Setuid sets the uid of the calling thread to the specified uid. 10 | func Setuid(uid int) (err error) { 11 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETUID, uintptr(uid), 0, 0) 12 | if e1 != 0 { 13 | err = e1 14 | } 15 | return 16 | } 17 | 18 | // Setgid sets the gid of the calling thread to the specified gid. 19 | func Setgid(gid int) (err error) { 20 | _, _, e1 := syscall.RawSyscall(syscall.SYS_SETGID, uintptr(gid), 0, 0) 21 | if e1 != 0 { 22 | err = e1 23 | } 24 | return 25 | } 26 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unix.go: -------------------------------------------------------------------------------- 1 | // +build darwin dragonfly freebsd linux netbsd openbsd solaris 2 | 3 | package user 4 | 5 | import ( 6 | "io" 7 | "os" 8 | ) 9 | 10 | // Unix-specific path to the passwd and group formatted files. 11 | const ( 12 | unixPasswdPath = "/etc/passwd" 13 | unixGroupPath = "/etc/group" 14 | ) 15 | 16 | func GetPasswdPath() (string, error) { 17 | return unixPasswdPath, nil 18 | } 19 | 20 | func GetPasswd() (io.ReadCloser, error) { 21 | return os.Open(unixPasswdPath) 22 | } 23 | 24 | func GetGroupPath() (string, error) { 25 | return unixGroupPath, nil 26 | } 27 | 28 | func GetGroup() (io.ReadCloser, error) { 29 | return os.Open(unixGroupPath) 30 | } 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/utimes_freebsd.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | "unsafe" 6 | ) 7 | 8 | // LUtimesNano is used to change access and modification time of the specified path. 9 | // It's used for symbol link file because syscall.UtimesNano doesn't support a NOFOLLOW flag atm. 10 | func LUtimesNano(path string, ts []syscall.Timespec) error { 11 | var _path *byte 12 | _path, err := syscall.BytePtrFromString(path) 13 | if err != nil { 14 | return err 15 | } 16 | 17 | if _, _, err := syscall.Syscall(syscall.SYS_LUTIMES, uintptr(unsafe.Pointer(_path)), uintptr(unsafe.Pointer(&ts[0])), 0); err != 0 && err != syscall.ENOSYS { 18 | return err 19 | } 20 | 21 | return nil 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/info.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "net/url" 7 | 8 | "github.com/docker/engine-api/types" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // Info returns information about the docker server. 13 | func (cli *Client) Info(ctx context.Context) (types.Info, error) { 14 | var info types.Info 15 | serverResp, err := cli.get(ctx, "/info", url.Values{}, nil) 16 | if err != nil { 17 | return info, err 18 | } 19 | defer ensureReaderClosed(serverResp) 20 | 21 | if err := json.NewDecoder(serverResp.body).Decode(&info); err != nil { 22 | return info, fmt.Errorf("Error reading remote info: %v", err) 23 | } 24 | 25 | return info, nil 26 | } 27 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/README: -------------------------------------------------------------------------------- 1 | This is a work-in-progress HTTP/2 implementation for Go. 2 | 3 | It will eventually live in the Go standard library and won't require 4 | any changes to your code to use. It will just be automatic. 5 | 6 | Status: 7 | 8 | * The server support is pretty good. A few things are missing 9 | but are being worked on. 10 | * The client work has just started but shares a lot of code 11 | is coming along much quicker. 12 | 13 | Docs are at https://godoc.org/golang.org/x/net/http2 14 | 15 | Demo test server at https://http2.golang.org/ 16 | 17 | Help & bug reports welcome! 18 | 19 | Contributing: https://golang.org/doc/contribute.html 20 | Bugs: https://golang.org/issue/new?title=x/net/http2:+ 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/NOTICE: -------------------------------------------------------------------------------- 1 | Docker 2 | Copyright 2012-2016 Docker, Inc. 3 | 4 | This product includes software developed at Docker, Inc. (https://www.docker.com). 5 | 6 | This product contains software (https://github.com/kr/pty) developed 7 | by Keith Rarick, licensed under the MIT License. 8 | 9 | The following is courtesy of our legal counsel: 10 | 11 | 12 | Use and transfer of Docker may be subject to certain restrictions by the 13 | United States and other governments. 14 | It is your responsibility to ensure that your use and/or transfer does not 15 | violate applicable laws. 16 | 17 | For more information, please see https://www.bis.doc.gov 18 | 19 | See also https://www.apache.org/dev/crypto.html and/or seek legal counsel. 20 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_diff.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // ContainerDiff shows differences in a container filesystem since it was started. 12 | func (cli *Client) ContainerDiff(ctx context.Context, containerID string) ([]types.ContainerChange, error) { 13 | var changes []types.ContainerChange 14 | 15 | serverResp, err := cli.get(ctx, "/containers/"+containerID+"/changes", url.Values{}, nil) 16 | if err != nil { 17 | return changes, err 18 | } 19 | 20 | err = json.NewDecoder(serverResp.body).Decode(&changes) 21 | ensureReaderClosed(serverResp) 22 | return changes, err 23 | } 24 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/tcp_socket.go: -------------------------------------------------------------------------------- 1 | // Package sockets provides helper functions to create and configure Unix or TCP sockets. 2 | package sockets 3 | 4 | import ( 5 | "crypto/tls" 6 | "net" 7 | ) 8 | 9 | // NewTCPSocket creates a TCP socket listener with the specified address and 10 | // and the specified tls configuration. If TLSConfig is set, will encapsulate the 11 | // TCP listener inside a TLS one. 12 | func NewTCPSocket(addr string, tlsConfig *tls.Config) (net.Listener, error) { 13 | l, err := net.Listen("tcp", addr) 14 | if err != nil { 15 | return nil, err 16 | } 17 | if tlsConfig != nil { 18 | tlsConfig.NextProtos = []string{"http/1.1"} 19 | l = tls.NewListener(l, tlsConfig) 20 | } 21 | return l, nil 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_freebsd.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | ) 6 | 7 | // fromStatT converts a syscall.Stat_t type to a system.Stat_t type 8 | func fromStatT(s *syscall.Stat_t) (*StatT, error) { 9 | return &StatT{size: s.Size, 10 | mode: uint32(s.Mode), 11 | uid: s.Uid, 12 | gid: s.Gid, 13 | rdev: uint64(s.Rdev), 14 | mtim: s.Mtimespec}, nil 15 | } 16 | 17 | // Stat takes a path to a file and returns 18 | // a system.Stat_t type pertaining to that file. 19 | // 20 | // Throws an error if the file does not exist 21 | func Stat(path string) (*StatT, error) { 22 | s := &syscall.Stat_t{} 23 | if err := syscall.Stat(path, s); err != nil { 24 | return nil, err 25 | } 26 | return fromStatT(s) 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_remove.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | 6 | "github.com/docker/engine-api/types" 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerRemove kills and removes a container from the docker host. 11 | func (cli *Client) ContainerRemove(ctx context.Context, containerID string, options types.ContainerRemoveOptions) error { 12 | query := url.Values{} 13 | if options.RemoveVolumes { 14 | query.Set("v", "1") 15 | } 16 | if options.RemoveLinks { 17 | query.Set("link", "1") 18 | } 19 | 20 | if options.Force { 21 | query.Set("force", "1") 22 | } 23 | 24 | resp, err := cli.delete(ctx, "/containers/"+containerID, query, nil) 25 | ensureReaderClosed(resp) 26 | return err 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/volume_inspect.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // VolumeInspect returns the information about a specific volume in the docker host. 12 | func (cli *Client) VolumeInspect(ctx context.Context, volumeID string) (types.Volume, error) { 13 | var volume types.Volume 14 | resp, err := cli.get(ctx, "/volumes/"+volumeID, nil, nil) 15 | if err != nil { 16 | if resp.statusCode == http.StatusNotFound { 17 | return volume, volumeNotFoundError{volumeID} 18 | } 19 | return volume, err 20 | } 21 | err = json.NewDecoder(resp.body).Decode(&volume) 22 | ensureReaderClosed(resp) 23 | return volume, err 24 | } 25 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_wait.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | 6 | "golang.org/x/net/context" 7 | 8 | "github.com/docker/engine-api/types" 9 | ) 10 | 11 | // ContainerWait pauses execution until a container exits. 12 | // It returns the API status code as response of its readiness. 13 | func (cli *Client) ContainerWait(ctx context.Context, containerID string) (int, error) { 14 | resp, err := cli.post(ctx, "/containers/"+containerID+"/wait", nil, nil, nil) 15 | if err != nil { 16 | return -1, err 17 | } 18 | defer ensureReaderClosed(resp) 19 | 20 | var res types.ContainerWaitResponse 21 | if err := json.NewDecoder(resp.body).Decode(&res); err != nil { 22 | return -1, err 23 | } 24 | 25 | return res.StatusCode, nil 26 | } 27 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/console_windows.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | // NewConsole returns an initalized console that can be used within a container 4 | func NewConsole(uid, gid int) (Console, error) { 5 | return &windowsConsole{}, nil 6 | } 7 | 8 | // windowsConsole is a Windows psuedo TTY for use within a container. 9 | type windowsConsole struct { 10 | } 11 | 12 | func (c *windowsConsole) Fd() uintptr { 13 | return 0 14 | } 15 | 16 | func (c *windowsConsole) Path() string { 17 | return "" 18 | } 19 | 20 | func (c *windowsConsole) Read(b []byte) (int, error) { 21 | return 0, nil 22 | } 23 | 24 | func (c *windowsConsole) Write(b []byte) (int, error) { 25 | return 0, nil 26 | } 27 | 28 | func (c *windowsConsole) Close() error { 29 | return nil 30 | } 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stacktrace/capture.go: -------------------------------------------------------------------------------- 1 | package stacktrace 2 | 3 | import "runtime" 4 | 5 | // Capture captures a stacktrace for the current calling go program 6 | // 7 | // skip is the number of frames to skip 8 | func Capture(userSkip int) Stacktrace { 9 | var ( 10 | skip = userSkip + 1 // add one for our own function 11 | frames []Frame 12 | prevPc uintptr 13 | ) 14 | for i := skip; ; i++ { 15 | pc, file, line, ok := runtime.Caller(i) 16 | //detect if caller is repeated to avoid loop, gccgo 17 | //currently runs into a loop without this check 18 | if !ok || pc == prevPc { 19 | break 20 | } 21 | frames = append(frames, NewFrame(pc, file, line)) 22 | prevPc = pc 23 | } 24 | return Stacktrace{ 25 | Frames: frames, 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/terminal_windows.go: -------------------------------------------------------------------------------- 1 | // Based on ssh/terminal: 2 | // Copyright 2011 The Go Authors. All rights reserved. 3 | // Use of this source code is governed by a BSD-style 4 | // license that can be found in the LICENSE file. 5 | 6 | // +build windows 7 | 8 | package logrus 9 | 10 | import ( 11 | "syscall" 12 | "unsafe" 13 | ) 14 | 15 | var kernel32 = syscall.NewLazyDLL("kernel32.dll") 16 | 17 | var ( 18 | procGetConsoleMode = kernel32.NewProc("GetConsoleMode") 19 | ) 20 | 21 | // IsTerminal returns true if the given file descriptor is a terminal. 22 | func IsTerminal() bool { 23 | fd := syscall.Stdout 24 | var st uint32 25 | r, _, e := syscall.Syscall(procGetConsoleMode.Addr(), 2, uintptr(fd), uintptr(unsafe.Pointer(&st)), 0) 26 | return r != 0 && e == 0 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_create.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | 6 | "github.com/docker/engine-api/types" 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // NetworkCreate creates a new network in the docker host. 11 | func (cli *Client) NetworkCreate(ctx context.Context, name string, options types.NetworkCreate) (types.NetworkCreateResponse, error) { 12 | networkCreateRequest := types.NetworkCreateRequest{ 13 | NetworkCreate: options, 14 | Name: name, 15 | } 16 | var response types.NetworkCreateResponse 17 | serverResp, err := cli.post(ctx, "/networks/create", nil, networkCreateRequest, nil) 18 | if err != nil { 19 | return response, err 20 | } 21 | 22 | json.NewDecoder(serverResp.body).Decode(&response) 23 | ensureReaderClosed(serverResp) 24 | return response, err 25 | } 26 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_remove.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // ImageRemove removes an image from the docker host. 12 | func (cli *Client) ImageRemove(ctx context.Context, imageID string, options types.ImageRemoveOptions) ([]types.ImageDelete, error) { 13 | query := url.Values{} 14 | 15 | if options.Force { 16 | query.Set("force", "1") 17 | } 18 | if !options.PruneChildren { 19 | query.Set("noprune", "1") 20 | } 21 | 22 | resp, err := cli.delete(ctx, "/images/"+imageID, query, nil) 23 | if err != nil { 24 | return nil, err 25 | } 26 | 27 | var dels []types.ImageDelete 28 | err = json.NewDecoder(resp.body).Decode(&dels) 29 | ensureReaderClosed(resp) 30 | return dels, err 31 | } 32 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_inspect.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // NetworkInspect returns the information for a specific network configured in the docker host. 12 | func (cli *Client) NetworkInspect(ctx context.Context, networkID string) (types.NetworkResource, error) { 13 | var networkResource types.NetworkResource 14 | resp, err := cli.get(ctx, "/networks/"+networkID, nil, nil) 15 | if err != nil { 16 | if resp.statusCode == http.StatusNotFound { 17 | return networkResource, networkNotFoundError{networkID} 18 | } 19 | return networkResource, err 20 | } 21 | err = json.NewDecoder(resp.body).Decode(&networkResource) 22 | ensureReaderClosed(resp) 23 | return networkResource, err 24 | } 25 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_top.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | "strings" 7 | 8 | "github.com/docker/engine-api/types" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // ContainerTop shows process information from within a container. 13 | func (cli *Client) ContainerTop(ctx context.Context, containerID string, arguments []string) (types.ContainerProcessList, error) { 14 | var response types.ContainerProcessList 15 | query := url.Values{} 16 | if len(arguments) > 0 { 17 | query.Set("ps_args", strings.Join(arguments, " ")) 18 | } 19 | 20 | resp, err := cli.get(ctx, "/containers/"+containerID+"/top", query, nil) 21 | if err != nil { 22 | return response, err 23 | } 24 | 25 | err = json.NewDecoder(resp.body).Decode(&response) 26 | ensureReaderClosed(resp) 27 | return response, err 28 | } 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/chtimes_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | "time" 8 | ) 9 | 10 | //setCTime will set the create time on a file. On Windows, this requires 11 | //calling SetFileTime and explicitly including the create time. 12 | func setCTime(path string, ctime time.Time) error { 13 | ctimespec := syscall.NsecToTimespec(ctime.UnixNano()) 14 | pathp, e := syscall.UTF16PtrFromString(path) 15 | if e != nil { 16 | return e 17 | } 18 | h, e := syscall.CreateFile(pathp, 19 | syscall.FILE_WRITE_ATTRIBUTES, syscall.FILE_SHARE_WRITE, nil, 20 | syscall.OPEN_EXISTING, syscall.FILE_FLAG_BACKUP_SEMANTICS, 0) 21 | if e != nil { 22 | return e 23 | } 24 | defer syscall.Close(h) 25 | c := syscall.NsecToFiletime(syscall.TimespecToNsec(ctimespec)) 26 | return syscall.SetFileTime(h, &c, nil, nil) 27 | } 28 | -------------------------------------------------------------------------------- /docker/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | FROM gcr.io/cloud-marketplace/google/debian12:latest 16 | RUN apt-get update && apt-get install -y iptables mount e2fsprogs util-linux 17 | COPY gce-containers-startup /bin/gce-containers-startup 18 | 19 | CMD ["/bin/gce-containers-startup"] 20 | 21 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/utimes_linux.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | "unsafe" 6 | ) 7 | 8 | // LUtimesNano is used to change access and modification time of the specified path. 9 | // It's used for symbol link file because syscall.UtimesNano doesn't support a NOFOLLOW flag atm. 10 | func LUtimesNano(path string, ts []syscall.Timespec) error { 11 | // These are not currently available in syscall 12 | atFdCwd := -100 13 | atSymLinkNoFollow := 0x100 14 | 15 | var _path *byte 16 | _path, err := syscall.BytePtrFromString(path) 17 | if err != nil { 18 | return err 19 | } 20 | 21 | if _, _, err := syscall.Syscall6(syscall.SYS_UTIMENSAT, uintptr(atFdCwd), uintptr(unsafe.Pointer(_path)), uintptr(unsafe.Pointer(&ts[0])), uintptr(atSymLinkNoFollow), 0, 0); err != 0 && err != syscall.ENOSYS { 22 | return err 23 | } 24 | 25 | return nil 26 | } 27 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/longpath/longpath.go: -------------------------------------------------------------------------------- 1 | // longpath introduces some constants and helper functions for handling long paths 2 | // in Windows, which are expected to be prepended with `\\?\` and followed by either 3 | // a drive letter, a UNC server\share, or a volume identifier. 4 | 5 | package longpath 6 | 7 | import ( 8 | "strings" 9 | ) 10 | 11 | // Prefix is the longpath prefix for Windows file paths. 12 | const Prefix = `\\?\` 13 | 14 | // AddPrefix will add the Windows long path prefix to the path provided if 15 | // it does not already have it. 16 | func AddPrefix(path string) string { 17 | if !strings.HasPrefix(path, Prefix) { 18 | if strings.HasPrefix(path, `\\`) { 19 | // This is a UNC path, so we need to add 'UNC' to the path as well. 20 | path = Prefix + `UNC` + path[1:] 21 | } else { 22 | path = Prefix + path 23 | } 24 | } 25 | return path 26 | } 27 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/auth.go: -------------------------------------------------------------------------------- 1 | package types 2 | 3 | // AuthConfig contains authorization information for connecting to a Registry 4 | type AuthConfig struct { 5 | Username string `json:"username,omitempty"` 6 | Password string `json:"password,omitempty"` 7 | Auth string `json:"auth,omitempty"` 8 | 9 | // Email is an optional value associated with the username. 10 | // This field is deprecated and will be removed in a later 11 | // version of docker. 12 | Email string `json:"email,omitempty"` 13 | 14 | ServerAddress string `json:"serveraddress,omitempty"` 15 | 16 | // IdentityToken is used to authenticate the user and get 17 | // an access token for the registry. 18 | IdentityToken string `json:"identitytoken,omitempty"` 19 | 20 | // RegistryToken is a bearer token to be sent to a registry 21 | RegistryToken string `json:"registrytoken,omitempty"` 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/namespaces_syscall.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package configs 4 | 5 | import "syscall" 6 | 7 | func (n *Namespace) Syscall() int { 8 | return namespaceInfo[n.Type] 9 | } 10 | 11 | var namespaceInfo = map[NamespaceType]int{ 12 | NEWNET: syscall.CLONE_NEWNET, 13 | NEWNS: syscall.CLONE_NEWNS, 14 | NEWUSER: syscall.CLONE_NEWUSER, 15 | NEWIPC: syscall.CLONE_NEWIPC, 16 | NEWUTS: syscall.CLONE_NEWUTS, 17 | NEWPID: syscall.CLONE_NEWPID, 18 | } 19 | 20 | // CloneFlags parses the container's Namespaces options to set the correct 21 | // flags on clone, unshare. This function returns flags only for new namespaces. 22 | func (n *Namespaces) CloneFlags() uintptr { 23 | var flag int 24 | for _, v := range *n { 25 | if v.Path != "" { 26 | continue 27 | } 28 | flag |= namespaceInfo[v.Type] 29 | } 30 | return uintptr(flag) 31 | } 32 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/mknod.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // Mknod creates a filesystem node (file, device special file or named pipe) named path 10 | // with attributes specified by mode and dev. 11 | func Mknod(path string, mode uint32, dev int) error { 12 | return syscall.Mknod(path, mode, dev) 13 | } 14 | 15 | // Mkdev is used to build the value of linux devices (in /dev/) which specifies major 16 | // and minor number of the newly created device special file. 17 | // Linux device nodes are a bit weird due to backwards compat with 16 bit device nodes. 18 | // They are, from low to high: the lower 8 bits of the minor, then 12 bits of the major, 19 | // then the top 12 bits of the minor. 20 | func Mkdev(major int64, minor int64) uint32 { 21 | return uint32(((minor & 0xfff00) << 12) | ((major & 0xfff) << 8) | (minor & 0xff)) 22 | } 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_linux.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | ) 6 | 7 | // fromStatT converts a syscall.Stat_t type to a system.Stat_t type 8 | func fromStatT(s *syscall.Stat_t) (*StatT, error) { 9 | return &StatT{size: s.Size, 10 | mode: s.Mode, 11 | uid: s.Uid, 12 | gid: s.Gid, 13 | rdev: s.Rdev, 14 | mtim: s.Mtim}, nil 15 | } 16 | 17 | // FromStatT exists only on linux, and loads a system.StatT from a 18 | // syscal.Stat_t. 19 | func FromStatT(s *syscall.Stat_t) (*StatT, error) { 20 | return fromStatT(s) 21 | } 22 | 23 | // Stat takes a path to a file and returns 24 | // a system.StatT type pertaining to that file. 25 | // 26 | // Throws an error if the file does not exist 27 | func Stat(path string) (*StatT, error) { 28 | s := &syscall.Stat_t{} 29 | if err := syscall.Stat(path, s); err != nil { 30 | return nil, err 31 | } 32 | return fromStatT(s) 33 | } 34 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/login.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | "net/url" 7 | 8 | "github.com/docker/engine-api/types" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // RegistryLogin authenticates the docker server with a given docker registry. 13 | // It returns UnauthorizerError when the authentication fails. 14 | func (cli *Client) RegistryLogin(ctx context.Context, auth types.AuthConfig) (types.AuthResponse, error) { 15 | resp, err := cli.post(ctx, "/auth", url.Values{}, auth, nil) 16 | 17 | if resp != nil && resp.statusCode == http.StatusUnauthorized { 18 | return types.AuthResponse{}, unauthorizedError{err} 19 | } 20 | if err != nil { 21 | return types.AuthResponse{}, err 22 | } 23 | 24 | var response types.AuthResponse 25 | err = json.NewDecoder(resp.body).Decode(&response) 26 | ensureReaderClosed(resp) 27 | return response, err 28 | } 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/spdystream/MAINTAINERS: -------------------------------------------------------------------------------- 1 | # Spdystream maintainers file 2 | # 3 | # This file describes who runs the docker/spdystream project and how. 4 | # This is a living document - if you see something out of date or missing, speak up! 5 | # 6 | # It is structured to be consumable by both humans and programs. 7 | # To extract its contents programmatically, use any TOML-compliant parser. 8 | # 9 | # This file is compiled into the MAINTAINERS file in docker/opensource. 10 | # 11 | [Org] 12 | [Org."Core maintainers"] 13 | people = [ 14 | "dmcgowan", 15 | ] 16 | 17 | [people] 18 | 19 | # A reference list of all people associated with the project. 20 | # All other sections should refer to people by their canonical key 21 | # in the people section. 22 | 23 | # ADD YOURSELF HERE IN ALPHABETICAL ORDER 24 | 25 | [people.dmcgowan] 26 | Name = "Derek McGowan" 27 | Email = "derek@docker.com" 28 | GitHub = "dmcgowan" 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/utils/utils_unix.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package utils 4 | 5 | import ( 6 | "io/ioutil" 7 | "strconv" 8 | "syscall" 9 | ) 10 | 11 | func CloseExecFrom(minFd int) error { 12 | fdList, err := ioutil.ReadDir("/proc/self/fd") 13 | if err != nil { 14 | return err 15 | } 16 | for _, fi := range fdList { 17 | fd, err := strconv.Atoi(fi.Name()) 18 | if err != nil { 19 | // ignore non-numeric file names 20 | continue 21 | } 22 | 23 | if fd < minFd { 24 | // ignore descriptors lower than our specified minimum 25 | continue 26 | } 27 | 28 | // intentionally ignore errors from syscall.CloseOnExec 29 | syscall.CloseOnExec(fd) 30 | // the cases where this might fail are basically file descriptors that have already been closed (including and especially the one that was created when ioutil.ReadDir did the "opendir" syscall) 31 | } 32 | return nil 33 | } 34 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/volume_list.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "github.com/docker/engine-api/types/filters" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // VolumeList returns the volumes configured in the docker host. 13 | func (cli *Client) VolumeList(ctx context.Context, filter filters.Args) (types.VolumesListResponse, error) { 14 | var volumes types.VolumesListResponse 15 | query := url.Values{} 16 | 17 | if filter.Len() > 0 { 18 | filterJSON, err := filters.ToParam(filter) 19 | if err != nil { 20 | return volumes, err 21 | } 22 | query.Set("filters", filterJSON) 23 | } 24 | resp, err := cli.get(ctx, "/volumes", query, nil) 25 | if err != nil { 26 | return volumes, err 27 | } 28 | 29 | err = json.NewDecoder(resp.body).Decode(&volumes) 30 | ensureReaderClosed(resp) 31 | return volumes, err 32 | } 33 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-units/MAINTAINERS: -------------------------------------------------------------------------------- 1 | # go-connections maintainers file 2 | # 3 | # This file describes who runs the docker/go-connections project and how. 4 | # This is a living document - if you see something out of date or missing, speak up! 5 | # 6 | # It is structured to be consumable by both humans and programs. 7 | # To extract its contents programmatically, use any TOML-compliant parser. 8 | # 9 | # This file is compiled into the MAINTAINERS file in docker/opensource. 10 | # 11 | [Org] 12 | [Org."Core maintainers"] 13 | people = [ 14 | "calavera", 15 | ] 16 | 17 | [people] 18 | 19 | # A reference list of all people associated with the project. 20 | # All other sections should refer to people by their canonical key 21 | # in the people section. 22 | 23 | # ADD YOURSELF HERE IN ALPHABETICAL ORDER 24 | [people.calavera] 25 | Name = "David Calavera" 26 | Email = "david.calavera@gmail.com" 27 | GitHub = "calavera" 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/mount.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | type Mount struct { 4 | // Source path for the mount. 5 | Source string `json:"source"` 6 | 7 | // Destination path for the mount inside the container. 8 | Destination string `json:"destination"` 9 | 10 | // Device the mount is for. 11 | Device string `json:"device"` 12 | 13 | // Mount flags. 14 | Flags int `json:"flags"` 15 | 16 | // Propagation Flags 17 | PropagationFlags []int `json:"propagation_flags"` 18 | 19 | // Mount data applied to the mount. 20 | Data string `json:"data"` 21 | 22 | // Relabel source if set, "z" indicates shared, "Z" indicates unshared. 23 | Relabel string `json:"relabel"` 24 | 25 | // Optional Command to be run before Source is mounted. 26 | PremountCmds []Command `json:"premount_cmds"` 27 | 28 | // Optional Command to be run after Source is mounted. 29 | PostmountCmds []Command `json:"postmount_cmds"` 30 | } 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/strslice/strslice.go: -------------------------------------------------------------------------------- 1 | package strslice 2 | 3 | import "encoding/json" 4 | 5 | // StrSlice represents a string or an array of strings. 6 | // We need to override the json decoder to accept both options. 7 | type StrSlice []string 8 | 9 | // UnmarshalJSON decodes the byte slice whether it's a string or an array of 10 | // strings. This method is needed to implement json.Unmarshaler. 11 | func (e *StrSlice) UnmarshalJSON(b []byte) error { 12 | if len(b) == 0 { 13 | // With no input, we preserve the existing value by returning nil and 14 | // leaving the target alone. This allows defining default values for 15 | // the type. 16 | return nil 17 | } 18 | 19 | p := make([]string, 0, 1) 20 | if err := json.Unmarshal(b, &p); err != nil { 21 | var s string 22 | if err := json.Unmarshal(b, &s); err != nil { 23 | return err 24 | } 25 | p = append(p, s) 26 | } 27 | 28 | *e = p 29 | return nil 30 | } 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/spdystream/handlers.go: -------------------------------------------------------------------------------- 1 | package spdystream 2 | 3 | import ( 4 | "io" 5 | "net/http" 6 | ) 7 | 8 | // MirrorStreamHandler mirrors all streams. 9 | func MirrorStreamHandler(stream *Stream) { 10 | replyErr := stream.SendReply(http.Header{}, false) 11 | if replyErr != nil { 12 | return 13 | } 14 | 15 | go func() { 16 | io.Copy(stream, stream) 17 | stream.Close() 18 | }() 19 | go func() { 20 | for { 21 | header, receiveErr := stream.ReceiveHeader() 22 | if receiveErr != nil { 23 | return 24 | } 25 | sendErr := stream.SendHeader(header, false) 26 | if sendErr != nil { 27 | return 28 | } 29 | } 30 | }() 31 | } 32 | 33 | // NoopStreamHandler does nothing when stream connects, most 34 | // likely used with RejectAuthHandler which will not allow any 35 | // streams to make it to the stream handler. 36 | func NoOpStreamHandler(stream *Stream) { 37 | stream.SendReply(http.Header{}, false) 38 | } 39 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/name.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package fs 4 | 5 | import ( 6 | "github.com/opencontainers/runc/libcontainer/cgroups" 7 | "github.com/opencontainers/runc/libcontainer/configs" 8 | ) 9 | 10 | type NameGroup struct { 11 | GroupName string 12 | Join bool 13 | } 14 | 15 | func (s *NameGroup) Name() string { 16 | return s.GroupName 17 | } 18 | 19 | func (s *NameGroup) Apply(d *cgroupData) error { 20 | if s.Join { 21 | // ignore errors if the named cgroup does not exist 22 | d.join(s.GroupName) 23 | } 24 | return nil 25 | } 26 | 27 | func (s *NameGroup) Set(path string, cgroup *configs.Cgroup) error { 28 | return nil 29 | } 30 | 31 | func (s *NameGroup) Remove(d *cgroupData) error { 32 | if s.Join { 33 | removePath(d.path(s.GroupName)) 34 | } 35 | return nil 36 | } 37 | 38 | func (s *NameGroup) GetStats(path string, stats *cgroups.Stats) error { 39 | return nil 40 | } 41 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/proc.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "io/ioutil" 5 | "path/filepath" 6 | "strconv" 7 | "strings" 8 | ) 9 | 10 | // look in /proc to find the process start time so that we can verify 11 | // that this pid has started after ourself 12 | func GetProcessStartTime(pid int) (string, error) { 13 | data, err := ioutil.ReadFile(filepath.Join("/proc", strconv.Itoa(pid), "stat")) 14 | if err != nil { 15 | return "", err 16 | } 17 | 18 | parts := strings.Split(string(data), " ") 19 | // the starttime is located at pos 22 20 | // from the man page 21 | // 22 | // starttime %llu (was %lu before Linux 2.6) 23 | // (22) The time the process started after system boot. In kernels before Linux 2.6, this 24 | // value was expressed in jiffies. Since Linux 2.6, the value is expressed in clock ticks 25 | // (divide by sysconf(_SC_CLK_TCK)). 26 | return parts[22-1], nil // starts at 1 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/stacktrace/frame.go: -------------------------------------------------------------------------------- 1 | package stacktrace 2 | 3 | import ( 4 | "path/filepath" 5 | "runtime" 6 | "strings" 7 | ) 8 | 9 | // NewFrame returns a new stack frame for the provided information 10 | func NewFrame(pc uintptr, file string, line int) Frame { 11 | fn := runtime.FuncForPC(pc) 12 | if fn == nil { 13 | return Frame{} 14 | } 15 | pack, name := parseFunctionName(fn.Name()) 16 | return Frame{ 17 | Line: line, 18 | File: filepath.Base(file), 19 | Package: pack, 20 | Function: name, 21 | } 22 | } 23 | 24 | func parseFunctionName(name string) (string, string) { 25 | i := strings.LastIndex(name, ".") 26 | if i == -1 { 27 | return "", name 28 | } 29 | return name[:i], name[i+1:] 30 | } 31 | 32 | // Frame contains all the information for a stack frame within a go program 33 | type Frame struct { 34 | File string 35 | Function string 36 | Package string 37 | Line int 38 | } 39 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_load.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | 9 | "github.com/docker/engine-api/types" 10 | ) 11 | 12 | // ImageLoad loads an image in the docker host from the client host. 13 | // It's up to the caller to close the io.ReadCloser in the 14 | // ImageLoadResponse returned by this function. 15 | func (cli *Client) ImageLoad(ctx context.Context, input io.Reader, quiet bool) (types.ImageLoadResponse, error) { 16 | v := url.Values{} 17 | v.Set("quiet", "0") 18 | if quiet { 19 | v.Set("quiet", "1") 20 | } 21 | headers := map[string][]string{"Content-Type": {"application/x-tar"}} 22 | resp, err := cli.postRaw(ctx, "/images/load", v, input, headers) 23 | if err != nil { 24 | return types.ImageLoadResponse{}, err 25 | } 26 | return types.ImageLoadResponse{ 27 | Body: resp.body, 28 | JSON: resp.header.Get("Content-Type") == "application/json", 29 | }, nil 30 | } 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/perf_event.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package fs 4 | 5 | import ( 6 | "github.com/opencontainers/runc/libcontainer/cgroups" 7 | "github.com/opencontainers/runc/libcontainer/configs" 8 | ) 9 | 10 | type PerfEventGroup struct { 11 | } 12 | 13 | func (s *PerfEventGroup) Name() string { 14 | return "perf_event" 15 | } 16 | 17 | func (s *PerfEventGroup) Apply(d *cgroupData) error { 18 | // we just want to join this group even though we don't set anything 19 | if _, err := d.join("perf_event"); err != nil && !cgroups.IsNotFound(err) { 20 | return err 21 | } 22 | return nil 23 | } 24 | 25 | func (s *PerfEventGroup) Set(path string, cgroup *configs.Cgroup) error { 26 | return nil 27 | } 28 | 29 | func (s *PerfEventGroup) Remove(d *cgroupData) error { 30 | return removePath(d.path("perf_event")) 31 | } 32 | 33 | func (s *PerfEventGroup) GetStats(path string, stats *cgroups.Stats) error { 34 | return nil 35 | } 36 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat_windows.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package system 4 | 5 | import ( 6 | "os" 7 | "time" 8 | ) 9 | 10 | // StatT type contains status of a file. It contains metadata 11 | // like name, permission, size, etc about a file. 12 | type StatT struct { 13 | name string 14 | size int64 15 | mode os.FileMode 16 | modTime time.Time 17 | isDir bool 18 | } 19 | 20 | // Name returns file's name. 21 | func (s StatT) Name() string { 22 | return s.name 23 | } 24 | 25 | // Size returns file's size. 26 | func (s StatT) Size() int64 { 27 | return s.size 28 | } 29 | 30 | // Mode returns file's permission mode. 31 | func (s StatT) Mode() os.FileMode { 32 | return s.mode 33 | } 34 | 35 | // ModTime returns file's last modification time. 36 | func (s StatT) ModTime() time.Time { 37 | return s.modTime 38 | } 39 | 40 | // IsDir returns whether file is actually a directory. 41 | func (s StatT) IsDir() bool { 42 | return s.isDir 43 | } 44 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/network_list.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "github.com/docker/engine-api/types/filters" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // NetworkList returns the list of networks configured in the docker host. 13 | func (cli *Client) NetworkList(ctx context.Context, options types.NetworkListOptions) ([]types.NetworkResource, error) { 14 | query := url.Values{} 15 | if options.Filters.Len() > 0 { 16 | filterJSON, err := filters.ToParam(options.Filters) 17 | if err != nil { 18 | return nil, err 19 | } 20 | 21 | query.Set("filters", filterJSON) 22 | } 23 | var networkResources []types.NetworkResource 24 | resp, err := cli.get(ctx, "/networks", query, nil) 25 | if err != nil { 26 | return networkResources, err 27 | } 28 | err = json.NewDecoder(resp.body).Decode(&networkResources) 29 | ensureReaderClosed(resp) 30 | return networkResources, err 31 | } 32 | -------------------------------------------------------------------------------- /gce-containers-startup/command/BUILD: -------------------------------------------------------------------------------- 1 | # Copyright 2018 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | package(default_visibility = ["//visibility:public"]) 16 | 17 | load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") 18 | 19 | go_library( 20 | name = "command", 21 | srcs = [ 22 | "mock_runner.go", 23 | "runner.go", 24 | ], 25 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/command", 26 | ) 27 | -------------------------------------------------------------------------------- /gce-containers-startup/metadata/BUILD: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | package(default_visibility = ["//visibility:public"]) 16 | 17 | load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") 18 | 19 | go_library( 20 | name = "metadata", 21 | srcs = [ 22 | "provider.go", 23 | "provider_stub.go", 24 | ], 25 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/metadata", 26 | ) 27 | -------------------------------------------------------------------------------- /gce-containers-startup/types/BUILD: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | package(default_visibility = ["//visibility:public"]) 16 | 17 | licenses(["notice"]) 18 | 19 | load( 20 | "@io_bazel_rules_go//go:def.bzl", 21 | "go_library", 22 | ) 23 | 24 | go_library( 25 | name = "go_default_library", 26 | srcs = [ 27 | "api.go", 28 | ], 29 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/types", 30 | ) 31 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/jsonlog/time_marshalling.go: -------------------------------------------------------------------------------- 1 | // Package jsonlog provides helper functions to parse and print time (time.Time) as JSON. 2 | package jsonlog 3 | 4 | import ( 5 | "errors" 6 | "time" 7 | ) 8 | 9 | const ( 10 | // RFC3339NanoFixed is our own version of RFC339Nano because we want one 11 | // that pads the nano seconds part with zeros to ensure 12 | // the timestamps are aligned in the logs. 13 | RFC3339NanoFixed = "2006-01-02T15:04:05.000000000Z07:00" 14 | // JSONFormat is the format used by FastMarshalJSON 15 | JSONFormat = `"` + time.RFC3339Nano + `"` 16 | ) 17 | 18 | // FastTimeMarshalJSON avoids one of the extra allocations that 19 | // time.MarshalJSON is making. 20 | func FastTimeMarshalJSON(t time.Time) (string, error) { 21 | if y := t.Year(); y < 0 || y >= 10000 { 22 | // RFC 3339 is clear that years are 4 digits exactly. 23 | // See golang.org/issue/4556#c15 for more discussion. 24 | return "", errors.New("time.MarshalJSON: year outside of range [0,9999]") 25 | } 26 | return t.Format(JSONFormat), nil 27 | } 28 | -------------------------------------------------------------------------------- /gce-containers-startup/metadata/provider_stub.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 Google Inc. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package metadata 16 | 17 | type ProviderStub struct { 18 | Manifest string 19 | DiskMetadataJson string 20 | } 21 | 22 | func (provider ProviderStub) RetrieveManifest() ([]byte, error) { 23 | return []byte(provider.Manifest), nil 24 | } 25 | 26 | func (provider ProviderStub) RetrieveDisksMetadataAsJson() ([]byte, error) { 27 | return []byte(provider.DiskMetadataJson), nil 28 | } 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_prio.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package fs 4 | 5 | import ( 6 | "github.com/opencontainers/runc/libcontainer/cgroups" 7 | "github.com/opencontainers/runc/libcontainer/configs" 8 | ) 9 | 10 | type NetPrioGroup struct { 11 | } 12 | 13 | func (s *NetPrioGroup) Name() string { 14 | return "net_prio" 15 | } 16 | 17 | func (s *NetPrioGroup) Apply(d *cgroupData) error { 18 | _, err := d.join("net_prio") 19 | if err != nil && !cgroups.IsNotFound(err) { 20 | return err 21 | } 22 | return nil 23 | } 24 | 25 | func (s *NetPrioGroup) Set(path string, cgroup *configs.Cgroup) error { 26 | for _, prioMap := range cgroup.Resources.NetPrioIfpriomap { 27 | if err := writeFile(path, "net_prio.ifpriomap", prioMap.CgroupString()); err != nil { 28 | return err 29 | } 30 | } 31 | 32 | return nil 33 | } 34 | 35 | func (s *NetPrioGroup) Remove(d *cgroupData) error { 36 | return removePath(d.path("net_prio")) 37 | } 38 | 39 | func (s *NetPrioGroup) GetStats(path string, stats *cgroups.Stats) error { 40 | return nil 41 | } 42 | -------------------------------------------------------------------------------- /scripts/konlet-startup.service: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | [Unit] 16 | Description=Containers on GCE Setup 17 | Wants=network-online.target google-startup-scripts.service gcr-online.target docker.socket 18 | After=network-online.target google-startup-scripts.service gcr-online.target docker.socket 19 | 20 | [Service] 21 | ExecStart=/usr/share/gce-containers/konlet-startup 22 | Restart=on-failure 23 | RestartSec=30 24 | StandardOutput=journal+console 25 | 26 | [Install] 27 | WantedBy=multi-user.target 28 | 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/net_cls.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package fs 4 | 5 | import ( 6 | "strconv" 7 | 8 | "github.com/opencontainers/runc/libcontainer/cgroups" 9 | "github.com/opencontainers/runc/libcontainer/configs" 10 | ) 11 | 12 | type NetClsGroup struct { 13 | } 14 | 15 | func (s *NetClsGroup) Name() string { 16 | return "net_cls" 17 | } 18 | 19 | func (s *NetClsGroup) Apply(d *cgroupData) error { 20 | _, err := d.join("net_cls") 21 | if err != nil && !cgroups.IsNotFound(err) { 22 | return err 23 | } 24 | return nil 25 | } 26 | 27 | func (s *NetClsGroup) Set(path string, cgroup *configs.Cgroup) error { 28 | if cgroup.Resources.NetClsClassid != 0 { 29 | if err := writeFile(path, "net_cls.classid", strconv.FormatUint(uint64(cgroup.Resources.NetClsClassid), 10)); err != nil { 30 | return err 31 | } 32 | } 33 | 34 | return nil 35 | } 36 | 37 | func (s *NetClsGroup) Remove(d *cgroupData) error { 38 | return removePath(d.path("net_cls")) 39 | } 40 | 41 | func (s *NetClsGroup) GetStats(path string, stats *cgroups.Stats) error { 42 | return nil 43 | } 44 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/reference/image_reference.go: -------------------------------------------------------------------------------- 1 | package reference 2 | 3 | import ( 4 | distreference "github.com/docker/distribution/reference" 5 | ) 6 | 7 | // Parse parses the given references and returns the repository and 8 | // tag (if present) from it. If there is an error during parsing, it will 9 | // return an error. 10 | func Parse(ref string) (string, string, error) { 11 | distributionRef, err := distreference.ParseNamed(ref) 12 | if err != nil { 13 | return "", "", err 14 | } 15 | 16 | tag := GetTagFromNamedRef(distributionRef) 17 | return distributionRef.Name(), tag, nil 18 | } 19 | 20 | // GetTagFromNamedRef returns a tag from the specified reference. 21 | // This function is necessary as long as the docker "server" api makes the distinction between repository 22 | // and tags. 23 | func GetTagFromNamedRef(ref distreference.Named) string { 24 | var tag string 25 | switch x := ref.(type) { 26 | case distreference.Digested: 27 | tag = x.Digest().String() 28 | case distreference.NamedTagged: 29 | tag = x.Tag() 30 | default: 31 | tag = "latest" 32 | } 33 | return tag 34 | } 35 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_resize.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | "strconv" 6 | 7 | "github.com/docker/engine-api/types" 8 | "golang.org/x/net/context" 9 | ) 10 | 11 | // ContainerResize changes the size of the tty for a container. 12 | func (cli *Client) ContainerResize(ctx context.Context, containerID string, options types.ResizeOptions) error { 13 | return cli.resize(ctx, "/containers/"+containerID, options.Height, options.Width) 14 | } 15 | 16 | // ContainerExecResize changes the size of the tty for an exec process running inside a container. 17 | func (cli *Client) ContainerExecResize(ctx context.Context, execID string, options types.ResizeOptions) error { 18 | return cli.resize(ctx, "/exec/"+execID, options.Height, options.Width) 19 | } 20 | 21 | func (cli *Client) resize(ctx context.Context, basePath string, height, width int) error { 22 | query := url.Values{} 23 | query.Set("h", strconv.Itoa(height)) 24 | query.Set("w", strconv.Itoa(width)) 25 | 26 | resp, err := cli.post(ctx, basePath+"/resize", query, nil, nil) 27 | ensureReaderClosed(resp) 28 | return err 29 | } 30 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mountinfo_freebsd.go: -------------------------------------------------------------------------------- 1 | package mount 2 | 3 | /* 4 | #include 5 | #include 6 | #include 7 | */ 8 | import "C" 9 | 10 | import ( 11 | "fmt" 12 | "reflect" 13 | "unsafe" 14 | ) 15 | 16 | // Parse /proc/self/mountinfo because comparing Dev and ino does not work from 17 | // bind mounts. 18 | func parseMountTable() ([]*Info, error) { 19 | var rawEntries *C.struct_statfs 20 | 21 | count := int(C.getmntinfo(&rawEntries, C.MNT_WAIT)) 22 | if count == 0 { 23 | return nil, fmt.Errorf("Failed to call getmntinfo") 24 | } 25 | 26 | var entries []C.struct_statfs 27 | header := (*reflect.SliceHeader)(unsafe.Pointer(&entries)) 28 | header.Cap = count 29 | header.Len = count 30 | header.Data = uintptr(unsafe.Pointer(rawEntries)) 31 | 32 | var out []*Info 33 | for _, entry := range entries { 34 | var mountinfo Info 35 | mountinfo.Mountpoint = C.GoString(&entry.f_mntonname[0]) 36 | mountinfo.Source = C.GoString(&entry.f_mntfromname[0]) 37 | mountinfo.Fstype = C.GoString(&entry.f_fstypename[0]) 38 | out = append(out, &mountinfo) 39 | } 40 | return out, nil 41 | } 42 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_import.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | 9 | "github.com/docker/distribution/reference" 10 | "github.com/docker/engine-api/types" 11 | ) 12 | 13 | // ImageImport creates a new image based in the source options. 14 | // It returns the JSON content in the response body. 15 | func (cli *Client) ImageImport(ctx context.Context, source types.ImageImportSource, ref string, options types.ImageImportOptions) (io.ReadCloser, error) { 16 | if ref != "" { 17 | //Check if the given image name can be resolved 18 | if _, err := reference.ParseNamed(ref); err != nil { 19 | return nil, err 20 | } 21 | } 22 | 23 | query := url.Values{} 24 | query.Set("fromSrc", source.SourceName) 25 | query.Set("repo", ref) 26 | query.Set("tag", options.Tag) 27 | query.Set("message", options.Message) 28 | for _, change := range options.Changes { 29 | query.Add("changes", change) 30 | } 31 | 32 | resp, err := cli.postRaw(ctx, "/images/create", query, source.Source, nil) 33 | if err != nil { 34 | return nil, err 35 | } 36 | return resp.body, nil 37 | } 38 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_create.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | 7 | "golang.org/x/net/context" 8 | 9 | "github.com/docker/engine-api/types" 10 | "github.com/docker/engine-api/types/reference" 11 | ) 12 | 13 | // ImageCreate creates a new image based in the parent options. 14 | // It returns the JSON content in the response body. 15 | func (cli *Client) ImageCreate(ctx context.Context, parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error) { 16 | repository, tag, err := reference.Parse(parentReference) 17 | if err != nil { 18 | return nil, err 19 | } 20 | 21 | query := url.Values{} 22 | query.Set("fromImage", repository) 23 | query.Set("tag", tag) 24 | resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth) 25 | if err != nil { 26 | return nil, err 27 | } 28 | return resp.body, nil 29 | } 30 | 31 | func (cli *Client) tryImageCreate(ctx context.Context, query url.Values, registryAuth string) (*serverResponse, error) { 32 | headers := map[string][]string{"X-Registry-Auth": {registryAuth}} 33 | return cli.post(ctx, "/images/create", query, nil, headers) 34 | } 35 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_attach.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "net/url" 5 | 6 | "github.com/docker/engine-api/types" 7 | "golang.org/x/net/context" 8 | ) 9 | 10 | // ContainerAttach attaches a connection to a container in the server. 11 | // It returns a types.HijackedConnection with the hijacked connection 12 | // and the a reader to get output. It's up to the called to close 13 | // the hijacked connection by calling types.HijackedResponse.Close. 14 | func (cli *Client) ContainerAttach(ctx context.Context, container string, options types.ContainerAttachOptions) (types.HijackedResponse, error) { 15 | query := url.Values{} 16 | if options.Stream { 17 | query.Set("stream", "1") 18 | } 19 | if options.Stdin { 20 | query.Set("stdin", "1") 21 | } 22 | if options.Stdout { 23 | query.Set("stdout", "1") 24 | } 25 | if options.Stderr { 26 | query.Set("stderr", "1") 27 | } 28 | if options.DetachKeys != "" { 29 | query.Set("detachKeys", options.DetachKeys) 30 | } 31 | 32 | headers := map[string][]string{"Content-Type": {"text/plain"}} 33 | return cli.postHijacked(ctx, "/containers/"+container+"/attach", query, nil, headers) 34 | } 35 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_inspect.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "bytes" 5 | "encoding/json" 6 | "io/ioutil" 7 | "net/http" 8 | "net/url" 9 | 10 | "github.com/docker/engine-api/types" 11 | "golang.org/x/net/context" 12 | ) 13 | 14 | // ImageInspectWithRaw returns the image information and its raw representation. 15 | func (cli *Client) ImageInspectWithRaw(ctx context.Context, imageID string, getSize bool) (types.ImageInspect, []byte, error) { 16 | query := url.Values{} 17 | if getSize { 18 | query.Set("size", "1") 19 | } 20 | serverResp, err := cli.get(ctx, "/images/"+imageID+"/json", query, nil) 21 | if err != nil { 22 | if serverResp.statusCode == http.StatusNotFound { 23 | return types.ImageInspect{}, nil, imageNotFoundError{imageID} 24 | } 25 | return types.ImageInspect{}, nil, err 26 | } 27 | defer ensureReaderClosed(serverResp) 28 | 29 | body, err := ioutil.ReadAll(serverResp.body) 30 | if err != nil { 31 | return types.ImageInspect{}, nil, err 32 | } 33 | 34 | var response types.ImageInspect 35 | rdr := bytes.NewReader(body) 36 | err = json.NewDecoder(rdr).Decode(&response) 37 | return response, body, err 38 | } 39 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_list.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | 7 | "github.com/docker/engine-api/types" 8 | "github.com/docker/engine-api/types/filters" 9 | "golang.org/x/net/context" 10 | ) 11 | 12 | // ImageList returns a list of images in the docker host. 13 | func (cli *Client) ImageList(ctx context.Context, options types.ImageListOptions) ([]types.Image, error) { 14 | var images []types.Image 15 | query := url.Values{} 16 | 17 | if options.Filters.Len() > 0 { 18 | filterJSON, err := filters.ToParam(options.Filters) 19 | if err != nil { 20 | return images, err 21 | } 22 | query.Set("filters", filterJSON) 23 | } 24 | if options.MatchName != "" { 25 | // FIXME rename this parameter, to not be confused with the filters flag 26 | query.Set("filter", options.MatchName) 27 | } 28 | if options.All { 29 | query.Set("all", "1") 30 | } 31 | 32 | serverResp, err := cli.get(ctx, "/images/json", query, nil) 33 | if err != nil { 34 | return images, err 35 | } 36 | 37 | err = json.NewDecoder(serverResp.body).Decode(&images) 38 | ensureReaderClosed(serverResp) 39 | return images, err 40 | } 41 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go: -------------------------------------------------------------------------------- 1 | // +build apparmor,linux 2 | 3 | package apparmor 4 | 5 | // #cgo LDFLAGS: -lapparmor 6 | // #include 7 | // #include 8 | import "C" 9 | import ( 10 | "fmt" 11 | "io/ioutil" 12 | "os" 13 | "unsafe" 14 | ) 15 | 16 | // IsEnabled returns true if apparmor is enabled for the host. 17 | func IsEnabled() bool { 18 | if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil && os.Getenv("container") == "" { 19 | if _, err = os.Stat("/sbin/apparmor_parser"); err == nil { 20 | buf, err := ioutil.ReadFile("/sys/module/apparmor/parameters/enabled") 21 | return err == nil && len(buf) > 1 && buf[0] == 'Y' 22 | } 23 | } 24 | return false 25 | } 26 | 27 | // ApplyProfile will apply the profile with the specified name to the process after 28 | // the next exec. 29 | func ApplyProfile(name string) error { 30 | if name == "" { 31 | return nil 32 | } 33 | cName := C.CString(name) 34 | defer C.free(unsafe.Pointer(cName)) 35 | if _, err := C.aa_change_onexec(cName); err != nil { 36 | return fmt.Errorf("apparmor failed to apply profile: %s", err) 37 | } 38 | return nil 39 | } 40 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2014 Simon Eskildsen 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/flags_freebsd.go: -------------------------------------------------------------------------------- 1 | // +build freebsd,cgo 2 | 3 | package mount 4 | 5 | /* 6 | #include 7 | */ 8 | import "C" 9 | 10 | const ( 11 | // RDONLY will mount the filesystem as read-only. 12 | RDONLY = C.MNT_RDONLY 13 | 14 | // NOSUID will not allow set-user-identifier or set-group-identifier bits to 15 | // take effect. 16 | NOSUID = C.MNT_NOSUID 17 | 18 | // NOEXEC will not allow execution of any binaries on the mounted file system. 19 | NOEXEC = C.MNT_NOEXEC 20 | 21 | // SYNCHRONOUS will allow any I/O to the file system to be done synchronously. 22 | SYNCHRONOUS = C.MNT_SYNCHRONOUS 23 | 24 | // NOATIME will not update the file access time when reading from a file. 25 | NOATIME = C.MNT_NOATIME 26 | ) 27 | 28 | // These flags are unsupported. 29 | const ( 30 | BIND = 0 31 | DIRSYNC = 0 32 | MANDLOCK = 0 33 | NODEV = 0 34 | NODIRATIME = 0 35 | UNBINDABLE = 0 36 | RUNBINDABLE = 0 37 | PRIVATE = 0 38 | RPRIVATE = 0 39 | SHARED = 0 40 | RSHARED = 0 41 | SLAVE = 0 42 | RSLAVE = 0 43 | RBIND = 0 44 | RELATIVE = 0 45 | RELATIME = 0 46 | REMOUNT = 0 47 | STRICTATIME = 0 48 | ) 49 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_tag.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "errors" 5 | "fmt" 6 | "net/url" 7 | 8 | "golang.org/x/net/context" 9 | 10 | distreference "github.com/docker/distribution/reference" 11 | "github.com/docker/engine-api/types" 12 | "github.com/docker/engine-api/types/reference" 13 | ) 14 | 15 | // ImageTag tags an image in the docker host 16 | func (cli *Client) ImageTag(ctx context.Context, imageID, ref string, options types.ImageTagOptions) error { 17 | distributionRef, err := distreference.ParseNamed(ref) 18 | if err != nil { 19 | return fmt.Errorf("Error parsing reference: %q is not a valid repository/tag", ref) 20 | } 21 | 22 | if _, isCanonical := distributionRef.(distreference.Canonical); isCanonical { 23 | return errors.New("refusing to create a tag with a digest reference") 24 | } 25 | 26 | tag := reference.GetTagFromNamedRef(distributionRef) 27 | 28 | query := url.Values{} 29 | query.Set("repo", distributionRef.Name()) 30 | query.Set("tag", tag) 31 | if options.Force { 32 | query.Set("force", "1") 33 | } 34 | 35 | resp, err := cli.post(ctx, "/images/"+imageID+"/tag", query, nil, nil) 36 | ensureReaderClosed(resp) 37 | return err 38 | } 39 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/system/setns_linux.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "fmt" 5 | "runtime" 6 | "syscall" 7 | ) 8 | 9 | // Via http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7b21fddd087678a70ad64afc0f632e0f1071b092 10 | // 11 | // We need different setns values for the different platforms and arch 12 | // We are declaring the macro here because the SETNS syscall does not exist in th stdlib 13 | var setNsMap = map[string]uintptr{ 14 | "linux/386": 346, 15 | "linux/arm64": 268, 16 | "linux/amd64": 308, 17 | "linux/arm": 375, 18 | "linux/ppc": 350, 19 | "linux/ppc64": 350, 20 | "linux/ppc64le": 350, 21 | "linux/s390x": 339, 22 | } 23 | 24 | var sysSetns = setNsMap[fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH)] 25 | 26 | func SysSetns() uint32 { 27 | return uint32(sysSetns) 28 | } 29 | 30 | func Setns(fd uintptr, flags uintptr) error { 31 | ns, exists := setNsMap[fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH)] 32 | if !exists { 33 | return fmt.Errorf("unsupported platform %s/%s", runtime.GOOS, runtime.GOARCH) 34 | } 35 | _, _, err := syscall.RawSyscall(ns, fd, flags, 0) 36 | if err != 0 { 37 | return err 38 | } 39 | return nil 40 | } 41 | -------------------------------------------------------------------------------- /gce-containers-startup/utils/registry.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package utils 16 | 17 | import "strings" 18 | 19 | // UseGcpTokenForImage returns true iff the provided image string points to 20 | // a repository that uses a GCP token. Currently, that is: 21 | // - gcr.io 22 | // - pkg.dev 23 | func UseGcpTokenForImage(image string) bool { 24 | parts := strings.SplitN(image, "/", 2) 25 | 26 | if len(parts) < 2 || len(parts[0]) == 0 { 27 | return false 28 | } 29 | 30 | hostname := strings.ToLower(parts[0]) 31 | 32 | return hostname == "gcr.io" || strings.HasSuffix(hostname, ".gcr.io") || strings.HasSuffix(hostname, ".pkg.dev") 33 | } 34 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/distribution/digest/verifiers.go: -------------------------------------------------------------------------------- 1 | package digest 2 | 3 | import ( 4 | "hash" 5 | "io" 6 | ) 7 | 8 | // Verifier presents a general verification interface to be used with message 9 | // digests and other byte stream verifications. Users instantiate a Verifier 10 | // from one of the various methods, write the data under test to it then check 11 | // the result with the Verified method. 12 | type Verifier interface { 13 | io.Writer 14 | 15 | // Verified will return true if the content written to Verifier matches 16 | // the digest. 17 | Verified() bool 18 | } 19 | 20 | // NewDigestVerifier returns a verifier that compares the written bytes 21 | // against a passed in digest. 22 | func NewDigestVerifier(d Digest) (Verifier, error) { 23 | if err := d.Validate(); err != nil { 24 | return nil, err 25 | } 26 | 27 | return hashVerifier{ 28 | hash: d.Algorithm().Hash(), 29 | digest: d, 30 | }, nil 31 | } 32 | 33 | type hashVerifier struct { 34 | digest Digest 35 | hash hash.Hash 36 | } 37 | 38 | func (hv hashVerifier) Write(p []byte) (n int, err error) { 39 | return hv.hash.Write(p) 40 | } 41 | 42 | func (hv hashVerifier) Verified() bool { 43 | return hv.digest == NewDigest(hv.digest.Algorithm(), hv.hash) 44 | } 45 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/stat.go: -------------------------------------------------------------------------------- 1 | // +build !windows 2 | 3 | package system 4 | 5 | import ( 6 | "syscall" 7 | ) 8 | 9 | // StatT type contains status of a file. It contains metadata 10 | // like permission, owner, group, size, etc about a file. 11 | type StatT struct { 12 | mode uint32 13 | uid uint32 14 | gid uint32 15 | rdev uint64 16 | size int64 17 | mtim syscall.Timespec 18 | } 19 | 20 | // Mode returns file's permission mode. 21 | func (s StatT) Mode() uint32 { 22 | return s.mode 23 | } 24 | 25 | // UID returns file's user id of owner. 26 | func (s StatT) UID() uint32 { 27 | return s.uid 28 | } 29 | 30 | // GID returns file's group id of owner. 31 | func (s StatT) GID() uint32 { 32 | return s.gid 33 | } 34 | 35 | // Rdev returns file's device ID (if it's special file). 36 | func (s StatT) Rdev() uint64 { 37 | return s.rdev 38 | } 39 | 40 | // Size returns file's size. 41 | func (s StatT) Size() int64 { 42 | return s.size 43 | } 44 | 45 | // Mtim returns file's last modification time. 46 | func (s StatT) Mtim() syscall.Timespec { 47 | return s.mtim 48 | } 49 | 50 | // GetLastModification returns file's last modification time. 51 | func (s StatT) GetLastModification() syscall.Timespec { 52 | return s.Mtim() 53 | } 54 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-units/duration.go: -------------------------------------------------------------------------------- 1 | // Package units provides helper function to parse and print size and time units 2 | // in human-readable format. 3 | package units 4 | 5 | import ( 6 | "fmt" 7 | "time" 8 | ) 9 | 10 | // HumanDuration returns a human-readable approximation of a duration 11 | // (eg. "About a minute", "4 hours ago", etc.). 12 | func HumanDuration(d time.Duration) string { 13 | if seconds := int(d.Seconds()); seconds < 1 { 14 | return "Less than a second" 15 | } else if seconds == 1 { 16 | return "1 second" 17 | } else if seconds < 60 { 18 | return fmt.Sprintf("%d seconds", seconds) 19 | } else if minutes := int(d.Minutes()); minutes == 1 { 20 | return "About a minute" 21 | } else if minutes < 46 { 22 | return fmt.Sprintf("%d minutes", minutes) 23 | } else if hours := int(d.Hours() + 0.5); hours == 1 { 24 | return "About an hour" 25 | } else if hours < 48 { 26 | return fmt.Sprintf("%d hours", hours) 27 | } else if hours < 24*7*2 { 28 | return fmt.Sprintf("%d days", hours/24) 29 | } else if hours < 24*30*2 { 30 | return fmt.Sprintf("%d weeks", hours/24/7) 31 | } else if hours < 24*365*2 { 32 | return fmt.Sprintf("%d months", hours/24/30) 33 | } 34 | return fmt.Sprintf("%d years", int(d.Hours())/24/365) 35 | } 36 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/hooks.go: -------------------------------------------------------------------------------- 1 | package logrus 2 | 3 | // A hook to be fired when logging on the logging levels returned from 4 | // `Levels()` on your implementation of the interface. Note that this is not 5 | // fired in a goroutine or a channel with workers, you should handle such 6 | // functionality yourself if your call is non-blocking and you don't wish for 7 | // the logging calls for levels returned from `Levels()` to block. 8 | type Hook interface { 9 | Levels() []Level 10 | Fire(*Entry) error 11 | } 12 | 13 | // Internal type for storing the hooks on a logger instance. 14 | type levelHooks map[Level][]Hook 15 | 16 | // Add a hook to an instance of logger. This is called with 17 | // `log.Hooks.Add(new(MyHook))` where `MyHook` implements the `Hook` interface. 18 | func (hooks levelHooks) Add(hook Hook) { 19 | for _, level := range hook.Levels() { 20 | hooks[level] = append(hooks[level], hook) 21 | } 22 | } 23 | 24 | // Fire all the hooks for the passed level. Used by `entry.log` to fire 25 | // appropriate hooks for a log entry. 26 | func (hooks levelHooks) Fire(level Level, entry *Entry) error { 27 | for _, hook := range hooks[level] { 28 | if err := hook.Fire(entry); err != nil { 29 | return err 30 | } 31 | } 32 | 33 | return nil 34 | } 35 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mountinfo.go: -------------------------------------------------------------------------------- 1 | package mount 2 | 3 | // Info reveals information about a particular mounted filesystem. This 4 | // struct is populated from the content in the /proc//mountinfo file. 5 | type Info struct { 6 | // ID is a unique identifier of the mount (may be reused after umount). 7 | ID int 8 | 9 | // Parent indicates the ID of the mount parent (or of self for the top of the 10 | // mount tree). 11 | Parent int 12 | 13 | // Major indicates one half of the device ID which identifies the device class. 14 | Major int 15 | 16 | // Minor indicates one half of the device ID which identifies a specific 17 | // instance of device. 18 | Minor int 19 | 20 | // Root of the mount within the filesystem. 21 | Root string 22 | 23 | // Mountpoint indicates the mount point relative to the process's root. 24 | Mountpoint string 25 | 26 | // Opts represents mount-specific options. 27 | Opts string 28 | 29 | // Optional represents optional fields. 30 | Optional string 31 | 32 | // Fstype indicates the type of filesystem, such as EXT3. 33 | Fstype string 34 | 35 | // Source indicates filesystem specific information or "none". 36 | Source string 37 | 38 | // VfsOpts represents per super block options. 39 | VfsOpts string 40 | } 41 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/jsonlog/jsonlog.go: -------------------------------------------------------------------------------- 1 | package jsonlog 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "time" 7 | ) 8 | 9 | // JSONLog represents a log message, typically a single entry from a given log stream. 10 | // JSONLogs can be easily serialized to and from JSON and support custom formatting. 11 | type JSONLog struct { 12 | // Log is the log message 13 | Log string `json:"log,omitempty"` 14 | // Stream is the log source 15 | Stream string `json:"stream,omitempty"` 16 | // Created is the created timestamp of log 17 | Created time.Time `json:"time"` 18 | } 19 | 20 | // Format returns the log formatted according to format 21 | // If format is nil, returns the log message 22 | // If format is json, returns the log marshaled in json format 23 | // By default, returns the log with the log time formatted according to format. 24 | func (jl *JSONLog) Format(format string) (string, error) { 25 | if format == "" { 26 | return jl.Log, nil 27 | } 28 | if format == "json" { 29 | m, err := json.Marshal(jl) 30 | return string(m), err 31 | } 32 | return fmt.Sprintf("%s %s", jl.Created.Format(format), jl.Log), nil 33 | } 34 | 35 | // Reset resets the log to nil. 36 | func (jl *JSONLog) Reset() { 37 | jl.Log = "" 38 | jl.Stream = "" 39 | jl.Created = time.Time{} 40 | } 41 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/versions/README.md: -------------------------------------------------------------------------------- 1 | ## Legacy API type versions 2 | 3 | This package includes types for legacy API versions. The stable version of the API types live in `api/types/*.go`. 4 | 5 | Consider moving a type here when you need to keep backwards compatibility in the API. This legacy types are organized by the latest API version they appear in. For instance, types in the `v1p19` package are valid for API versions below or equal `1.19`. Types in the `v1p20` package are valid for the API version `1.20`, since the versions below that will use the legacy types in `v1p19`. 6 | 7 | ### Package name conventions 8 | 9 | The package name convention is to use `v` as a prefix for the version number and `p`(patch) as a separator. We use this nomenclature due to a few restrictions in the Go package name convention: 10 | 11 | 1. We cannot use `.` because it's interpreted by the language, think of `v1.20.CallFunction`. 12 | 2. We cannot use `_` because golint complains abount it. The code is actually valid, but it looks probably more weird: `v1_20.CallFunction`. 13 | 14 | For instance, if you want to modify a type that was available in the version `1.21` of the API but it will have different fields in the version `1.22`, you want to create a new package under `api/types/versions/v1p21`. 15 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/events.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | "time" 7 | 8 | "golang.org/x/net/context" 9 | 10 | "github.com/docker/engine-api/types" 11 | "github.com/docker/engine-api/types/filters" 12 | timetypes "github.com/docker/engine-api/types/time" 13 | ) 14 | 15 | // Events returns a stream of events in the daemon in a ReadCloser. 16 | // It's up to the caller to close the stream. 17 | func (cli *Client) Events(ctx context.Context, options types.EventsOptions) (io.ReadCloser, error) { 18 | query := url.Values{} 19 | ref := time.Now() 20 | 21 | if options.Since != "" { 22 | ts, err := timetypes.GetTimestamp(options.Since, ref) 23 | if err != nil { 24 | return nil, err 25 | } 26 | query.Set("since", ts) 27 | } 28 | if options.Until != "" { 29 | ts, err := timetypes.GetTimestamp(options.Until, ref) 30 | if err != nil { 31 | return nil, err 32 | } 33 | query.Set("until", ts) 34 | } 35 | if options.Filters.Len() > 0 { 36 | filterJSON, err := filters.ToParam(options.Filters) 37 | if err != nil { 38 | return nil, err 39 | } 40 | query.Set("filters", filterJSON) 41 | } 42 | 43 | serverResponse, err := cli.get(ctx, "/events", query, nil) 44 | if err != nil { 45 | return nil, err 46 | } 47 | return serverResponse.body, nil 48 | } 49 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_logs.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/url" 6 | "time" 7 | 8 | "golang.org/x/net/context" 9 | 10 | "github.com/docker/engine-api/types" 11 | timetypes "github.com/docker/engine-api/types/time" 12 | ) 13 | 14 | // ContainerLogs returns the logs generated by a container in an io.ReadCloser. 15 | // It's up to the caller to close the stream. 16 | func (cli *Client) ContainerLogs(ctx context.Context, container string, options types.ContainerLogsOptions) (io.ReadCloser, error) { 17 | query := url.Values{} 18 | if options.ShowStdout { 19 | query.Set("stdout", "1") 20 | } 21 | 22 | if options.ShowStderr { 23 | query.Set("stderr", "1") 24 | } 25 | 26 | if options.Since != "" { 27 | ts, err := timetypes.GetTimestamp(options.Since, time.Now()) 28 | if err != nil { 29 | return nil, err 30 | } 31 | query.Set("since", ts) 32 | } 33 | 34 | if options.Timestamps { 35 | query.Set("timestamps", "1") 36 | } 37 | 38 | if options.Details { 39 | query.Set("details", "1") 40 | } 41 | 42 | if options.Follow { 43 | query.Set("follow", "1") 44 | } 45 | query.Set("tail", options.Tail) 46 | 47 | resp, err := cli.get(ctx, "/containers/"+container+"/logs", query, nil) 48 | if err != nil { 49 | return nil, err 50 | } 51 | return resp.body, nil 52 | } 53 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/transport/client.go: -------------------------------------------------------------------------------- 1 | package transport 2 | 3 | import ( 4 | "crypto/tls" 5 | "net/http" 6 | ) 7 | 8 | // Sender is an interface that clients must implement 9 | // to be able to send requests to a remote connection. 10 | type Sender interface { 11 | // Do sends request to a remote endpoint. 12 | Do(*http.Request) (*http.Response, error) 13 | } 14 | 15 | // Client is an interface that abstracts all remote connections. 16 | type Client interface { 17 | Sender 18 | // Secure tells whether the connection is secure or not. 19 | Secure() bool 20 | // Scheme returns the connection protocol the client uses. 21 | Scheme() string 22 | // TLSConfig returns any TLS configuration the client uses. 23 | TLSConfig() *tls.Config 24 | } 25 | 26 | // tlsInfo returns information about the TLS configuration. 27 | type tlsInfo struct { 28 | tlsConfig *tls.Config 29 | } 30 | 31 | // TLSConfig returns the TLS configuration. 32 | func (t *tlsInfo) TLSConfig() *tls.Config { 33 | return t.tlsConfig 34 | } 35 | 36 | // Scheme returns protocol scheme to use. 37 | func (t *tlsInfo) Scheme() string { 38 | if t.tlsConfig != nil { 39 | return "https" 40 | } 41 | return "http" 42 | } 43 | 44 | // Secure returns true if there is a TLS configuration. 45 | func (t *tlsInfo) Secure() bool { 46 | return t.tlsConfig != nil 47 | } 48 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/flow.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Flow control 6 | 7 | package http2 8 | 9 | // flow is the flow control window's size. 10 | type flow struct { 11 | // n is the number of DATA bytes we're allowed to send. 12 | // A flow is kept both on a conn and a per-stream. 13 | n int32 14 | 15 | // conn points to the shared connection-level flow that is 16 | // shared by all streams on that conn. It is nil for the flow 17 | // that's on the conn directly. 18 | conn *flow 19 | } 20 | 21 | func (f *flow) setConnFlow(cf *flow) { f.conn = cf } 22 | 23 | func (f *flow) available() int32 { 24 | n := f.n 25 | if f.conn != nil && f.conn.n < n { 26 | n = f.conn.n 27 | } 28 | return n 29 | } 30 | 31 | func (f *flow) take(n int32) { 32 | if n > f.available() { 33 | panic("internal error: took too much") 34 | } 35 | f.n -= n 36 | if f.conn != nil { 37 | f.conn.n -= n 38 | } 39 | } 40 | 41 | // add adds n bytes (positive or negative) to the flow control window. 42 | // It returns false if the sum would exceed 2^31-1. 43 | func (f *flow) add(n int32) bool { 44 | remain := (1<<31 - 1) - f.n 45 | if n > remain { 46 | return false 47 | } 48 | f.n += n 49 | return true 50 | } 51 | -------------------------------------------------------------------------------- /gce-containers-startup/utils/BUILD: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | package(default_visibility = ["//visibility:public"]) 16 | 17 | load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") 18 | 19 | go_library( 20 | name = "go_default_library", 21 | srcs = [ 22 | "auth.go", 23 | "iptables.go", 24 | "registry.go", 25 | "testing.go", 26 | "welcome-message.go", 27 | ], 28 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/utils", 29 | ) 30 | 31 | go_test( 32 | name = "go_default_test", 33 | srcs = [ 34 | "utils_test.go", 35 | ], 36 | embed = [":go_default_library"], 37 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/utils", 38 | ) 39 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/chtimes.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "os" 5 | "syscall" 6 | "time" 7 | "unsafe" 8 | ) 9 | 10 | var ( 11 | maxTime time.Time 12 | ) 13 | 14 | func init() { 15 | if unsafe.Sizeof(syscall.Timespec{}.Nsec) == 8 { 16 | // This is a 64 bit timespec 17 | // os.Chtimes limits time to the following 18 | maxTime = time.Unix(0, 1<<63-1) 19 | } else { 20 | // This is a 32 bit timespec 21 | maxTime = time.Unix(1<<31-1, 0) 22 | } 23 | } 24 | 25 | // Chtimes changes the access time and modified time of a file at the given path 26 | func Chtimes(name string, atime time.Time, mtime time.Time) error { 27 | unixMinTime := time.Unix(0, 0) 28 | unixMaxTime := maxTime 29 | 30 | // If the modified time is prior to the Unix Epoch, or after the 31 | // end of Unix Time, os.Chtimes has undefined behavior 32 | // default to Unix Epoch in this case, just in case 33 | 34 | if atime.Before(unixMinTime) || atime.After(unixMaxTime) { 35 | atime = unixMinTime 36 | } 37 | 38 | if mtime.Before(unixMinTime) || mtime.After(unixMaxTime) { 39 | mtime = unixMinTime 40 | } 41 | 42 | if err := os.Chtimes(name, atime, mtime); err != nil { 43 | return err 44 | } 45 | 46 | // Take platform specific action for setting create time. 47 | if err := setCTime(name, mtime); err != nil { 48 | return err 49 | } 50 | 51 | return nil 52 | } 53 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/sockets.go: -------------------------------------------------------------------------------- 1 | // Package sockets provides helper functions to create and configure Unix or TCP sockets. 2 | package sockets 3 | 4 | import ( 5 | "net" 6 | "net/http" 7 | "time" 8 | ) 9 | 10 | // Why 32? See https://github.com/docker/docker/pull/8035. 11 | const defaultTimeout = 32 * time.Second 12 | 13 | // ConfigureTransport configures the specified Transport according to the 14 | // specified proto and addr. 15 | // If the proto is unix (using a unix socket to communicate) or npipe the 16 | // compression is disabled. 17 | func ConfigureTransport(tr *http.Transport, proto, addr string) error { 18 | switch proto { 19 | case "unix": 20 | // No need for compression in local communications. 21 | tr.DisableCompression = true 22 | tr.Dial = func(_, _ string) (net.Conn, error) { 23 | return net.DialTimeout(proto, addr, defaultTimeout) 24 | } 25 | case "npipe": 26 | // No need for compression in local communications. 27 | tr.DisableCompression = true 28 | tr.Dial = func(_, _ string) (net.Conn, error) { 29 | return DialPipe(addr, defaultTimeout) 30 | } 31 | default: 32 | tr.Proxy = http.ProxyFromEnvironment 33 | dialer, err := DialerFromEnvironment(&net.Dialer{ 34 | Timeout: defaultTimeout, 35 | }) 36 | if err != nil { 37 | return err 38 | } 39 | tr.Dial = dialer.Dial 40 | } 41 | return nil 42 | } 43 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/meminfo_windows.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "syscall" 5 | "unsafe" 6 | ) 7 | 8 | var ( 9 | modkernel32 = syscall.NewLazyDLL("kernel32.dll") 10 | 11 | procGlobalMemoryStatusEx = modkernel32.NewProc("GlobalMemoryStatusEx") 12 | ) 13 | 14 | // https://msdn.microsoft.com/en-us/library/windows/desktop/aa366589(v=vs.85).aspx 15 | // https://msdn.microsoft.com/en-us/library/windows/desktop/aa366770(v=vs.85).aspx 16 | type memorystatusex struct { 17 | dwLength uint32 18 | dwMemoryLoad uint32 19 | ullTotalPhys uint64 20 | ullAvailPhys uint64 21 | ullTotalPageFile uint64 22 | ullAvailPageFile uint64 23 | ullTotalVirtual uint64 24 | ullAvailVirtual uint64 25 | ullAvailExtendedVirtual uint64 26 | } 27 | 28 | // ReadMemInfo retrieves memory statistics of the host system and returns a 29 | // MemInfo type. 30 | func ReadMemInfo() (*MemInfo, error) { 31 | msi := &memorystatusex{ 32 | dwLength: 64, 33 | } 34 | r1, _, _ := procGlobalMemoryStatusEx.Call(uintptr(unsafe.Pointer(msi))) 35 | if r1 == 0 { 36 | return &MemInfo{}, nil 37 | } 38 | return &MemInfo{ 39 | MemTotal: int64(msi.ullTotalPhys), 40 | MemFree: int64(msi.ullAvailPhys), 41 | SwapTotal: int64(msi.ullTotalPageFile), 42 | SwapFree: int64(msi.ullAvailPageFile), 43 | }, nil 44 | } 45 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/term/ascii.go: -------------------------------------------------------------------------------- 1 | package term 2 | 3 | import ( 4 | "fmt" 5 | "strings" 6 | ) 7 | 8 | // ASCII list the possible supported ASCII key sequence 9 | var ASCII = []string{ 10 | "ctrl-@", 11 | "ctrl-a", 12 | "ctrl-b", 13 | "ctrl-c", 14 | "ctrl-d", 15 | "ctrl-e", 16 | "ctrl-f", 17 | "ctrl-g", 18 | "ctrl-h", 19 | "ctrl-i", 20 | "ctrl-j", 21 | "ctrl-k", 22 | "ctrl-l", 23 | "ctrl-m", 24 | "ctrl-n", 25 | "ctrl-o", 26 | "ctrl-p", 27 | "ctrl-q", 28 | "ctrl-r", 29 | "ctrl-s", 30 | "ctrl-t", 31 | "ctrl-u", 32 | "ctrl-v", 33 | "ctrl-w", 34 | "ctrl-x", 35 | "ctrl-y", 36 | "ctrl-z", 37 | "ctrl-[", 38 | "ctrl-\\", 39 | "ctrl-]", 40 | "ctrl-^", 41 | "ctrl-_", 42 | } 43 | 44 | // ToBytes converts a string representing a suite of key-sequence to the corresponding ASCII code. 45 | func ToBytes(keys string) ([]byte, error) { 46 | codes := []byte{} 47 | next: 48 | for _, key := range strings.Split(keys, ",") { 49 | if len(key) != 1 { 50 | for code, ctrl := range ASCII { 51 | if ctrl == key { 52 | codes = append(codes, byte(code)) 53 | continue next 54 | } 55 | } 56 | if key == "DEL" { 57 | codes = append(codes, 127) 58 | } else { 59 | return nil, fmt.Errorf("Unknown character: '%s'", key) 60 | } 61 | } else { 62 | codes = append(codes, byte(key[0])) 63 | } 64 | } 65 | return codes, nil 66 | } 67 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/PATENTS: -------------------------------------------------------------------------------- 1 | Additional IP Rights Grant (Patents) 2 | 3 | "This implementation" means the copyrightable works distributed by 4 | Google as part of the Go project. 5 | 6 | Google hereby grants to You a perpetual, worldwide, non-exclusive, 7 | no-charge, royalty-free, irrevocable (except as stated in this section) 8 | patent license to make, have made, use, offer to sell, sell, import, 9 | transfer and otherwise run, modify and propagate the contents of this 10 | implementation of Go, where such license applies only to those patent 11 | claims, both currently owned or controlled by Google and acquired in 12 | the future, licensable by Google that are necessarily infringed by this 13 | implementation of Go. This grant does not include claims that would be 14 | infringed only as a consequence of further modification of this 15 | implementation. If you or your agent or exclusive licensee institute or 16 | order or agree to the institution of patent litigation against any 17 | entity (including a cross-claim or counterclaim in a lawsuit) alleging 18 | that this implementation of Go or any code incorporated within this 19 | implementation of Go constitutes direct or contributory patent 20 | infringement, or inducement of patent infringement, then any patent 21 | rights granted to you under this License for this implementation of Go 22 | shall terminate as of the date such litigation is filed. 23 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_list.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | "strconv" 7 | 8 | "github.com/docker/engine-api/types" 9 | "github.com/docker/engine-api/types/filters" 10 | "golang.org/x/net/context" 11 | ) 12 | 13 | // ContainerList returns the list of containers in the docker host. 14 | func (cli *Client) ContainerList(ctx context.Context, options types.ContainerListOptions) ([]types.Container, error) { 15 | query := url.Values{} 16 | 17 | if options.All { 18 | query.Set("all", "1") 19 | } 20 | 21 | if options.Limit != -1 { 22 | query.Set("limit", strconv.Itoa(options.Limit)) 23 | } 24 | 25 | if options.Since != "" { 26 | query.Set("since", options.Since) 27 | } 28 | 29 | if options.Before != "" { 30 | query.Set("before", options.Before) 31 | } 32 | 33 | if options.Size { 34 | query.Set("size", "1") 35 | } 36 | 37 | if options.Filter.Len() > 0 { 38 | filterJSON, err := filters.ToParamWithVersion(cli.version, options.Filter) 39 | 40 | if err != nil { 41 | return nil, err 42 | } 43 | 44 | query.Set("filters", filterJSON) 45 | } 46 | 47 | resp, err := cli.get(ctx, "/containers/json", query, nil) 48 | if err != nil { 49 | return nil, err 50 | } 51 | 52 | var containers []types.Container 53 | err = json.NewDecoder(resp.body).Decode(&containers) 54 | ensureReaderClosed(resp) 55 | return containers, err 56 | } 57 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/sockets/proxy.go: -------------------------------------------------------------------------------- 1 | package sockets 2 | 3 | import ( 4 | "net" 5 | "net/url" 6 | "os" 7 | "strings" 8 | 9 | "golang.org/x/net/proxy" 10 | ) 11 | 12 | // GetProxyEnv allows access to the uppercase and the lowercase forms of 13 | // proxy-related variables. See the Go specification for details on these 14 | // variables. https://golang.org/pkg/net/http/ 15 | func GetProxyEnv(key string) string { 16 | proxyValue := os.Getenv(strings.ToUpper(key)) 17 | if proxyValue == "" { 18 | return os.Getenv(strings.ToLower(key)) 19 | } 20 | return proxyValue 21 | } 22 | 23 | // DialerFromEnvironment takes in a "direct" *net.Dialer and returns a 24 | // proxy.Dialer which will route the connections through the proxy using the 25 | // given dialer. 26 | func DialerFromEnvironment(direct *net.Dialer) (proxy.Dialer, error) { 27 | allProxy := GetProxyEnv("all_proxy") 28 | if len(allProxy) == 0 { 29 | return direct, nil 30 | } 31 | 32 | proxyURL, err := url.Parse(allProxy) 33 | if err != nil { 34 | return direct, err 35 | } 36 | 37 | proxyFromURL, err := proxy.FromURL(proxyURL, direct) 38 | if err != nil { 39 | return direct, err 40 | } 41 | 42 | noProxy := GetProxyEnv("no_proxy") 43 | if len(noProxy) == 0 { 44 | return proxyFromURL, nil 45 | } 46 | 47 | perHost := proxy.NewPerHost(proxyFromURL, direct) 48 | perHost.AddFromString(noProxy) 49 | 50 | return perHost, nil 51 | } 52 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/term/tc_linux_cgo.go: -------------------------------------------------------------------------------- 1 | // +build linux,cgo 2 | 3 | package term 4 | 5 | import ( 6 | "syscall" 7 | "unsafe" 8 | ) 9 | 10 | // #include 11 | import "C" 12 | 13 | // Termios is the Unix API for terminal I/O. 14 | // It is passthgrouh for syscall.Termios in order to make it portable with 15 | // other platforms where it is not available or handled differently. 16 | type Termios syscall.Termios 17 | 18 | // MakeRaw put the terminal connected to the given file descriptor into raw 19 | // mode and returns the previous state of the terminal so that it can be 20 | // restored. 21 | func MakeRaw(fd uintptr) (*State, error) { 22 | var oldState State 23 | if err := tcget(fd, &oldState.termios); err != 0 { 24 | return nil, err 25 | } 26 | 27 | newState := oldState.termios 28 | 29 | C.cfmakeraw((*C.struct_termios)(unsafe.Pointer(&newState))) 30 | if err := tcset(fd, &newState); err != 0 { 31 | return nil, err 32 | } 33 | return &oldState, nil 34 | } 35 | 36 | func tcget(fd uintptr, p *Termios) syscall.Errno { 37 | ret, err := C.tcgetattr(C.int(fd), (*C.struct_termios)(unsafe.Pointer(p))) 38 | if ret != 0 { 39 | return err.(syscall.Errno) 40 | } 41 | return 0 42 | } 43 | 44 | func tcset(fd uintptr, p *Termios) syscall.Errno { 45 | ret, err := C.tcsetattr(C.int(fd), C.TCSANOW, (*C.struct_termios)(unsafe.Pointer(p))) 46 | if ret != 0 { 47 | return err.(syscall.Errno) 48 | } 49 | return 0 50 | } 51 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/go16.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build go1.6 6 | 7 | package http2 8 | 9 | import ( 10 | "crypto/tls" 11 | "net/http" 12 | "time" 13 | ) 14 | 15 | func transportExpectContinueTimeout(t1 *http.Transport) time.Duration { 16 | return t1.ExpectContinueTimeout 17 | } 18 | 19 | // isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec. 20 | func isBadCipher(cipher uint16) bool { 21 | switch cipher { 22 | case tls.TLS_RSA_WITH_RC4_128_SHA, 23 | tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24 | tls.TLS_RSA_WITH_AES_128_CBC_SHA, 25 | tls.TLS_RSA_WITH_AES_256_CBC_SHA, 26 | tls.TLS_RSA_WITH_AES_128_GCM_SHA256, 27 | tls.TLS_RSA_WITH_AES_256_GCM_SHA384, 28 | tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 29 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 30 | tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 31 | tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, 32 | tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 33 | tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 34 | tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 35 | // Reject cipher suites from Appendix A. 36 | // "This list includes those cipher suites that do not 37 | // offer an ephemeral key exchange and those that are 38 | // based on the TLS null, stream or block cipher type" 39 | return true 40 | default: 41 | return false 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/gopkg.in/yaml.v2/LICENSE.libyaml: -------------------------------------------------------------------------------- 1 | The following files were ported to Go from C files of libyaml, and thus 2 | are still covered by their original copyright and license: 3 | 4 | apic.go 5 | emitterc.go 6 | parserc.go 7 | readerc.go 8 | scannerc.go 9 | writerc.go 10 | yamlh.go 11 | yamlprivateh.go 12 | 13 | Copyright (c) 2006 Kirill Simonov 14 | 15 | Permission is hereby granted, free of charge, to any person obtaining a copy of 16 | this software and associated documentation files (the "Software"), to deal in 17 | the Software without restriction, including without limitation the rights to 18 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies 19 | of the Software, and to permit persons to whom the Software is furnished to do 20 | so, subject to the following conditions: 21 | 22 | The above copyright notice and this permission notice shall be included in all 23 | copies or substantial portions of the Software. 24 | 25 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 26 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 27 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 28 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 29 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 30 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 31 | SOFTWARE. 32 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go: -------------------------------------------------------------------------------- 1 | // +build !linux 2 | 3 | package systemd 4 | 5 | import ( 6 | "fmt" 7 | 8 | "github.com/opencontainers/runc/libcontainer/cgroups" 9 | "github.com/opencontainers/runc/libcontainer/configs" 10 | ) 11 | 12 | type Manager struct { 13 | Cgroups *configs.Cgroup 14 | Paths map[string]string 15 | } 16 | 17 | func UseSystemd() bool { 18 | return false 19 | } 20 | 21 | func (m *Manager) Apply(pid int) error { 22 | return fmt.Errorf("Systemd not supported") 23 | } 24 | 25 | func (m *Manager) GetPids() ([]int, error) { 26 | return nil, fmt.Errorf("Systemd not supported") 27 | } 28 | 29 | func (m *Manager) GetAllPids() ([]int, error) { 30 | return nil, fmt.Errorf("Systemd not supported") 31 | } 32 | 33 | func (m *Manager) Destroy() error { 34 | return fmt.Errorf("Systemd not supported") 35 | } 36 | 37 | func (m *Manager) GetPaths() map[string]string { 38 | return nil 39 | } 40 | 41 | func (m *Manager) GetStats() (*cgroups.Stats, error) { 42 | return nil, fmt.Errorf("Systemd not supported") 43 | } 44 | 45 | func (m *Manager) Set(container *configs.Config) error { 46 | return nil, fmt.Errorf("Systemd not supported") 47 | } 48 | 49 | func (m *Manager) Freeze(state configs.FreezerState) error { 50 | return fmt.Errorf("Systemd not supported") 51 | } 52 | 53 | func Freeze(c *configs.Cgroup, state configs.FreezerState) error { 54 | return fmt.Errorf("Systemd not supported") 55 | } 56 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/not_go16.go: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !go1.6 6 | 7 | package http2 8 | 9 | import ( 10 | "crypto/tls" 11 | "net/http" 12 | "time" 13 | ) 14 | 15 | func configureTransport(t1 *http.Transport) (*Transport, error) { 16 | return nil, errTransportVersion 17 | } 18 | 19 | func transportExpectContinueTimeout(t1 *http.Transport) time.Duration { 20 | return 0 21 | 22 | } 23 | 24 | // isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec. 25 | func isBadCipher(cipher uint16) bool { 26 | switch cipher { 27 | case tls.TLS_RSA_WITH_RC4_128_SHA, 28 | tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, 29 | tls.TLS_RSA_WITH_AES_128_CBC_SHA, 30 | tls.TLS_RSA_WITH_AES_256_CBC_SHA, 31 | tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 32 | tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 33 | tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 34 | tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, 35 | tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 36 | tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 37 | tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 38 | // Reject cipher suites from Appendix A. 39 | // "This list includes those cipher suites that do not 40 | // offer an ephemeral key exchange and those that are 41 | // based on the TLS null, stream or block cipher type" 42 | return true 43 | default: 44 | return false 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/term/termios_linux.go: -------------------------------------------------------------------------------- 1 | // +build !cgo 2 | 3 | package term 4 | 5 | import ( 6 | "syscall" 7 | "unsafe" 8 | ) 9 | 10 | const ( 11 | getTermios = syscall.TCGETS 12 | setTermios = syscall.TCSETS 13 | ) 14 | 15 | // Termios is the Unix API for terminal I/O. 16 | type Termios struct { 17 | Iflag uint32 18 | Oflag uint32 19 | Cflag uint32 20 | Lflag uint32 21 | Cc [20]byte 22 | Ispeed uint32 23 | Ospeed uint32 24 | } 25 | 26 | // MakeRaw put the terminal connected to the given file descriptor into raw 27 | // mode and returns the previous state of the terminal so that it can be 28 | // restored. 29 | func MakeRaw(fd uintptr) (*State, error) { 30 | var oldState State 31 | if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, getTermios, uintptr(unsafe.Pointer(&oldState.termios))); err != 0 { 32 | return nil, err 33 | } 34 | 35 | newState := oldState.termios 36 | 37 | newState.Iflag &^= (syscall.IGNBRK | syscall.BRKINT | syscall.PARMRK | syscall.ISTRIP | syscall.INLCR | syscall.IGNCR | syscall.ICRNL | syscall.IXON) 38 | newState.Oflag &^= syscall.OPOST 39 | newState.Lflag &^= (syscall.ECHO | syscall.ECHONL | syscall.ICANON | syscall.ISIG | syscall.IEXTEN) 40 | newState.Cflag &^= (syscall.CSIZE | syscall.PARENB) 41 | newState.Cflag |= syscall.CS8 42 | 43 | if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, setTermios, uintptr(unsafe.Pointer(&newState))); err != 0 { 44 | return nil, err 45 | } 46 | return &oldState, nil 47 | } 48 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/device.go: -------------------------------------------------------------------------------- 1 | package configs 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | ) 7 | 8 | const ( 9 | Wildcard = -1 10 | ) 11 | 12 | // TODO Windows: This can be factored out in the future 13 | 14 | type Device struct { 15 | // Device type, block, char, etc. 16 | Type rune `json:"type"` 17 | 18 | // Path to the device. 19 | Path string `json:"path"` 20 | 21 | // Major is the device's major number. 22 | Major int64 `json:"major"` 23 | 24 | // Minor is the device's minor number. 25 | Minor int64 `json:"minor"` 26 | 27 | // Cgroup permissions format, rwm. 28 | Permissions string `json:"permissions"` 29 | 30 | // FileMode permission bits for the device. 31 | FileMode os.FileMode `json:"file_mode"` 32 | 33 | // Uid of the device. 34 | Uid uint32 `json:"uid"` 35 | 36 | // Gid of the device. 37 | Gid uint32 `json:"gid"` 38 | 39 | // Write the file to the allowed list 40 | Allow bool `json:"allow"` 41 | } 42 | 43 | func (d *Device) CgroupString() string { 44 | return fmt.Sprintf("%c %s:%s %s", d.Type, deviceNumberString(d.Major), deviceNumberString(d.Minor), d.Permissions) 45 | } 46 | 47 | func (d *Device) Mkdev() int { 48 | return int((d.Major << 8) | (d.Minor & 0xff) | ((d.Minor & 0xfff00) << 12)) 49 | } 50 | 51 | // deviceNumberString converts the device number to a string return result. 52 | func deviceNumberString(number int64) string { 53 | if number == Wildcard { 54 | return "*" 55 | } 56 | return fmt.Sprint(number) 57 | } 58 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/not_go17.go: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !go1.7 6 | 7 | package http2 8 | 9 | import ( 10 | "net" 11 | "net/http" 12 | ) 13 | 14 | type contextContext interface{} 15 | 16 | type fakeContext struct{} 17 | 18 | func (fakeContext) Done() <-chan struct{} { return nil } 19 | func (fakeContext) Err() error { panic("should not be called") } 20 | 21 | func reqContext(r *http.Request) fakeContext { 22 | return fakeContext{} 23 | } 24 | 25 | func setResponseUncompressed(res *http.Response) { 26 | // Nothing. 27 | } 28 | 29 | type clientTrace struct{} 30 | 31 | func requestTrace(*http.Request) *clientTrace { return nil } 32 | func traceGotConn(*http.Request, *ClientConn) {} 33 | func traceFirstResponseByte(*clientTrace) {} 34 | func traceWroteHeaders(*clientTrace) {} 35 | func traceWroteRequest(*clientTrace, error) {} 36 | func traceGot100Continue(trace *clientTrace) {} 37 | func traceWait100Continue(trace *clientTrace) {} 38 | 39 | func nop() {} 40 | 41 | func serverConnBaseContext(c net.Conn, opts *ServeConnOpts) (ctx contextContext, cancel func()) { 42 | return nil, nop 43 | } 44 | 45 | func contextWithCancel(ctx contextContext) (_ contextContext, cancel func()) { 46 | return ctx, nop 47 | } 48 | 49 | func requestWithContext(req *http.Request, ctx contextContext) *http.Request { 50 | return req 51 | } 52 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | Want to contribute? Great! First, read this page (including the small print at the end). 2 | 3 | ### Before you contribute 4 | Before we can use your code, you must sign the 5 | [Google Individual Contributor License Agreement] 6 | (https://cla.developers.google.com/about/google-individual) 7 | (CLA), which you can do online. The CLA is necessary mainly because you own the 8 | copyright to your changes, even after your contribution becomes part of our 9 | codebase, so we need your permission to use and distribute your code. We also 10 | need to be sure of various other things—for instance that you'll tell us if you 11 | know that your code infringes on other people's patents. You don't have to sign 12 | the CLA until after you've submitted your code for review and a member has 13 | approved it, but you must do it before we can put your code into our codebase. 14 | Before you start working on a larger contribution, you should get in touch with 15 | us first through the issue tracker with your idea so that we can help out and 16 | possibly guide you. Coordinating up front makes it much easier to avoid 17 | frustration later on. 18 | 19 | ### Code reviews 20 | All submissions, including submissions by project members, require review. We 21 | use Github pull requests for this purpose. 22 | 23 | ### The small print 24 | Contributions made by corporations are covered by a different agreement than 25 | the one above, the 26 | [Software Grant and Corporate Contributor License Agreement] 27 | (https://cla.developers.google.com/about/google-corporate). 28 | 29 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/Sirupsen/logrus/formatter.go: -------------------------------------------------------------------------------- 1 | package logrus 2 | 3 | // The Formatter interface is used to implement a custom Formatter. It takes an 4 | // `Entry`. It exposes all the fields, including the default ones: 5 | // 6 | // * `entry.Data["msg"]`. The message passed from Info, Warn, Error .. 7 | // * `entry.Data["time"]`. The timestamp. 8 | // * `entry.Data["level"]. The level the entry was logged at. 9 | // 10 | // Any additional fields added with `WithField` or `WithFields` are also in 11 | // `entry.Data`. Format is expected to return an array of bytes which are then 12 | // logged to `logger.Out`. 13 | type Formatter interface { 14 | Format(*Entry) ([]byte, error) 15 | } 16 | 17 | // This is to not silently overwrite `time`, `msg` and `level` fields when 18 | // dumping it. If this code wasn't there doing: 19 | // 20 | // logrus.WithField("level", 1).Info("hello") 21 | // 22 | // Would just silently drop the user provided level. Instead with this code 23 | // it'll logged as: 24 | // 25 | // {"level": "info", "fields.level": 1, "msg": "hello", "time": "..."} 26 | // 27 | // It's not exported because it's still using Data in an opinionated way. It's to 28 | // avoid code duplication between the two default formatters. 29 | func prefixFieldClashes(data Fields) { 30 | _, ok := data["time"] 31 | if ok { 32 | data["fields.time"] = data["time"] 33 | } 34 | 35 | _, ok = data["msg"] 36 | if ok { 37 | data["fields.msg"] = data["msg"] 38 | } 39 | 40 | _, ok = data["level"] 41 | if ok { 42 | data["fields.level"] = data["level"] 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/mount/mounter_freebsd.go: -------------------------------------------------------------------------------- 1 | package mount 2 | 3 | /* 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | */ 11 | import "C" 12 | 13 | import ( 14 | "fmt" 15 | "strings" 16 | "syscall" 17 | "unsafe" 18 | ) 19 | 20 | func allocateIOVecs(options []string) []C.struct_iovec { 21 | out := make([]C.struct_iovec, len(options)) 22 | for i, option := range options { 23 | out[i].iov_base = unsafe.Pointer(C.CString(option)) 24 | out[i].iov_len = C.size_t(len(option) + 1) 25 | } 26 | return out 27 | } 28 | 29 | func mount(device, target, mType string, flag uintptr, data string) error { 30 | isNullFS := false 31 | 32 | xs := strings.Split(data, ",") 33 | for _, x := range xs { 34 | if x == "bind" { 35 | isNullFS = true 36 | } 37 | } 38 | 39 | options := []string{"fspath", target} 40 | if isNullFS { 41 | options = append(options, "fstype", "nullfs", "target", device) 42 | } else { 43 | options = append(options, "fstype", mType, "from", device) 44 | } 45 | rawOptions := allocateIOVecs(options) 46 | for _, rawOption := range rawOptions { 47 | defer C.free(rawOption.iov_base) 48 | } 49 | 50 | if errno := C.nmount(&rawOptions[0], C.uint(len(options)), C.int(flag)); errno != 0 { 51 | reason := C.GoString(C.strerror(*C.__error())) 52 | return fmt.Errorf("Failed to call nmount: %s", reason) 53 | } 54 | return nil 55 | } 56 | 57 | func unmount(target string, flag int) error { 58 | return syscall.Unmount(target, flag) 59 | } 60 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package fs 4 | 5 | import ( 6 | "fmt" 7 | "strings" 8 | "time" 9 | 10 | "github.com/opencontainers/runc/libcontainer/cgroups" 11 | "github.com/opencontainers/runc/libcontainer/configs" 12 | ) 13 | 14 | type FreezerGroup struct { 15 | } 16 | 17 | func (s *FreezerGroup) Name() string { 18 | return "freezer" 19 | } 20 | 21 | func (s *FreezerGroup) Apply(d *cgroupData) error { 22 | _, err := d.join("freezer") 23 | if err != nil && !cgroups.IsNotFound(err) { 24 | return err 25 | } 26 | return nil 27 | } 28 | 29 | func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error { 30 | switch cgroup.Resources.Freezer { 31 | case configs.Frozen, configs.Thawed: 32 | if err := writeFile(path, "freezer.state", string(cgroup.Resources.Freezer)); err != nil { 33 | return err 34 | } 35 | 36 | for { 37 | state, err := readFile(path, "freezer.state") 38 | if err != nil { 39 | return err 40 | } 41 | if strings.TrimSpace(state) == string(cgroup.Resources.Freezer) { 42 | break 43 | } 44 | time.Sleep(1 * time.Millisecond) 45 | } 46 | case configs.Undefined: 47 | return nil 48 | default: 49 | return fmt.Errorf("Invalid argument '%s' to freezer.state", string(cgroup.Resources.Freezer)) 50 | } 51 | 52 | return nil 53 | } 54 | 55 | func (s *FreezerGroup) Remove(d *cgroupData) error { 56 | return removePath(d.path("freezer")) 57 | } 58 | 59 | func (s *FreezerGroup) GetStats(path string, stats *cgroups.Stats) error { 60 | return nil 61 | } 62 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_create.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/url" 6 | "strings" 7 | 8 | "github.com/docker/engine-api/types" 9 | "github.com/docker/engine-api/types/container" 10 | "github.com/docker/engine-api/types/network" 11 | "golang.org/x/net/context" 12 | ) 13 | 14 | type configWrapper struct { 15 | *container.Config 16 | HostConfig *container.HostConfig 17 | NetworkingConfig *network.NetworkingConfig 18 | } 19 | 20 | // ContainerCreate creates a new container based in the given configuration. 21 | // It can be associated with a name, but it's not mandatory. 22 | func (cli *Client) ContainerCreate(ctx context.Context, config *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, containerName string) (types.ContainerCreateResponse, error) { 23 | var response types.ContainerCreateResponse 24 | query := url.Values{} 25 | if containerName != "" { 26 | query.Set("name", containerName) 27 | } 28 | 29 | body := configWrapper{ 30 | Config: config, 31 | HostConfig: hostConfig, 32 | NetworkingConfig: networkingConfig, 33 | } 34 | 35 | serverResp, err := cli.post(ctx, "/containers/create", query, body, nil) 36 | if err != nil { 37 | if serverResp != nil && serverResp.statusCode == 404 && strings.Contains(err.Error(), "No such image") { 38 | return response, imageNotFoundError{config.Image} 39 | } 40 | return response, err 41 | } 42 | 43 | err = json.NewDecoder(serverResp.body).Decode(&response) 44 | ensureReaderClosed(serverResp) 45 | return response, err 46 | } 47 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/symlink/LICENSE.BSD: -------------------------------------------------------------------------------- 1 | Copyright (c) 2014-2016 The Docker & Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/transport/cancellable/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_pull.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "io" 5 | "net/http" 6 | "net/url" 7 | 8 | "golang.org/x/net/context" 9 | 10 | "github.com/docker/engine-api/types" 11 | "github.com/docker/engine-api/types/reference" 12 | ) 13 | 14 | // ImagePull requests the docker host to pull an image from a remote registry. 15 | // It executes the privileged function if the operation is unauthorized 16 | // and it tries one more time. 17 | // It's up to the caller to handle the io.ReadCloser and close it properly. 18 | // 19 | // FIXME(vdemeester): there is currently used in a few way in docker/docker 20 | // - if not in trusted content, ref is used to pass the whole reference, and tag is empty 21 | // - if in trusted content, ref is used to pass the reference name, and tag for the digest 22 | func (cli *Client) ImagePull(ctx context.Context, ref string, options types.ImagePullOptions) (io.ReadCloser, error) { 23 | repository, tag, err := reference.Parse(ref) 24 | if err != nil { 25 | return nil, err 26 | } 27 | 28 | query := url.Values{} 29 | query.Set("fromImage", repository) 30 | if tag != "" && !options.All { 31 | query.Set("tag", tag) 32 | } 33 | 34 | resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth) 35 | if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil { 36 | newAuthHeader, privilegeErr := options.PrivilegeFunc() 37 | if privilegeErr != nil { 38 | return nil, privilegeErr 39 | } 40 | resp, err = cli.tryImageCreate(ctx, query, newAuthHeader) 41 | } 42 | if err != nil { 43 | return nil, err 44 | } 45 | return resp.body, nil 46 | } 47 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/fixed_buffer.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package http2 6 | 7 | import ( 8 | "errors" 9 | ) 10 | 11 | // fixedBuffer is an io.ReadWriter backed by a fixed size buffer. 12 | // It never allocates, but moves old data as new data is written. 13 | type fixedBuffer struct { 14 | buf []byte 15 | r, w int 16 | } 17 | 18 | var ( 19 | errReadEmpty = errors.New("read from empty fixedBuffer") 20 | errWriteFull = errors.New("write on full fixedBuffer") 21 | ) 22 | 23 | // Read copies bytes from the buffer into p. 24 | // It is an error to read when no data is available. 25 | func (b *fixedBuffer) Read(p []byte) (n int, err error) { 26 | if b.r == b.w { 27 | return 0, errReadEmpty 28 | } 29 | n = copy(p, b.buf[b.r:b.w]) 30 | b.r += n 31 | if b.r == b.w { 32 | b.r = 0 33 | b.w = 0 34 | } 35 | return n, nil 36 | } 37 | 38 | // Len returns the number of bytes of the unread portion of the buffer. 39 | func (b *fixedBuffer) Len() int { 40 | return b.w - b.r 41 | } 42 | 43 | // Write copies bytes from p into the buffer. 44 | // It is an error to write more data than the buffer can hold. 45 | func (b *fixedBuffer) Write(p []byte) (n int, err error) { 46 | // Slide existing data to beginning. 47 | if b.r > 0 && len(p) > len(b.buf)-b.w { 48 | copy(b.buf, b.buf[b.r:b.w]) 49 | b.w -= b.r 50 | b.r = 0 51 | } 52 | 53 | // Write new data. 54 | n = copy(b.buf[b.w:], p) 55 | b.w += n 56 | if n < len(p) { 57 | err = errWriteFull 58 | } 59 | return n, err 60 | } 61 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/versions/compare.go: -------------------------------------------------------------------------------- 1 | package versions 2 | 3 | import ( 4 | "strconv" 5 | "strings" 6 | ) 7 | 8 | // compare compares two version strings 9 | // returns -1 if v1 < v2, 1 if v1 > v2, 0 otherwise. 10 | func compare(v1, v2 string) int { 11 | var ( 12 | currTab = strings.Split(v1, ".") 13 | otherTab = strings.Split(v2, ".") 14 | ) 15 | 16 | max := len(currTab) 17 | if len(otherTab) > max { 18 | max = len(otherTab) 19 | } 20 | for i := 0; i < max; i++ { 21 | var currInt, otherInt int 22 | 23 | if len(currTab) > i { 24 | currInt, _ = strconv.Atoi(currTab[i]) 25 | } 26 | if len(otherTab) > i { 27 | otherInt, _ = strconv.Atoi(otherTab[i]) 28 | } 29 | if currInt > otherInt { 30 | return 1 31 | } 32 | if otherInt > currInt { 33 | return -1 34 | } 35 | } 36 | return 0 37 | } 38 | 39 | // LessThan checks if a version is less than another 40 | func LessThan(v, other string) bool { 41 | return compare(v, other) == -1 42 | } 43 | 44 | // LessThanOrEqualTo checks if a version is less than or equal to another 45 | func LessThanOrEqualTo(v, other string) bool { 46 | return compare(v, other) <= 0 47 | } 48 | 49 | // GreaterThan checks if a version is greater than another 50 | func GreaterThan(v, other string) bool { 51 | return compare(v, other) == 1 52 | } 53 | 54 | // GreaterThanOrEqualTo checks if a version is greater than or equal to another 55 | func GreaterThanOrEqualTo(v, other string) bool { 56 | return compare(v, other) >= 0 57 | } 58 | 59 | // Equal checks if a version is equal to another 60 | func Equal(v, other string) bool { 61 | return compare(v, other) == 0 62 | } 63 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/image_search.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "net/http" 6 | "net/url" 7 | 8 | "github.com/docker/engine-api/types" 9 | "github.com/docker/engine-api/types/filters" 10 | "github.com/docker/engine-api/types/registry" 11 | "golang.org/x/net/context" 12 | ) 13 | 14 | // ImageSearch makes the docker host to search by a term in a remote registry. 15 | // The list of results is not sorted in any fashion. 16 | func (cli *Client) ImageSearch(ctx context.Context, term string, options types.ImageSearchOptions) ([]registry.SearchResult, error) { 17 | var results []registry.SearchResult 18 | query := url.Values{} 19 | query.Set("term", term) 20 | 21 | if options.Filters.Len() > 0 { 22 | filterJSON, err := filters.ToParam(options.Filters) 23 | if err != nil { 24 | return results, err 25 | } 26 | query.Set("filters", filterJSON) 27 | } 28 | 29 | resp, err := cli.tryImageSearch(ctx, query, options.RegistryAuth) 30 | if resp.statusCode == http.StatusUnauthorized { 31 | newAuthHeader, privilegeErr := options.PrivilegeFunc() 32 | if privilegeErr != nil { 33 | return results, privilegeErr 34 | } 35 | resp, err = cli.tryImageSearch(ctx, query, newAuthHeader) 36 | } 37 | if err != nil { 38 | return results, err 39 | } 40 | 41 | err = json.NewDecoder(resp.body).Decode(&results) 42 | ensureReaderClosed(resp) 43 | return results, err 44 | } 45 | 46 | func (cli *Client) tryImageSearch(ctx context.Context, query url.Values, registryAuth string) (*serverResponse, error) { 47 | headers := map[string][]string{"X-Registry-Auth": {registryAuth}} 48 | return cli.get(ctx, "/images/search", query, headers) 49 | } 50 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/setns_init_linux.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package libcontainer 4 | 5 | import ( 6 | "fmt" 7 | "os" 8 | 9 | "github.com/opencontainers/runc/libcontainer/apparmor" 10 | "github.com/opencontainers/runc/libcontainer/keys" 11 | "github.com/opencontainers/runc/libcontainer/label" 12 | "github.com/opencontainers/runc/libcontainer/seccomp" 13 | "github.com/opencontainers/runc/libcontainer/system" 14 | ) 15 | 16 | // linuxSetnsInit performs the container's initialization for running a new process 17 | // inside an existing container. 18 | type linuxSetnsInit struct { 19 | config *initConfig 20 | } 21 | 22 | func (l *linuxSetnsInit) getSessionRingName() string { 23 | return fmt.Sprintf("_ses.%s", l.config.ContainerId) 24 | } 25 | 26 | func (l *linuxSetnsInit) Init() error { 27 | if !l.config.Config.NoNewKeyring { 28 | // do not inherit the parent's session keyring 29 | if _, err := keys.JoinSessionKeyring(l.getSessionRingName()); err != nil { 30 | return err 31 | } 32 | } 33 | if l.config.NoNewPrivileges { 34 | if err := system.Prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); err != nil { 35 | return err 36 | } 37 | } 38 | if l.config.Config.Seccomp != nil { 39 | if err := seccomp.InitSeccomp(l.config.Config.Seccomp); err != nil { 40 | return err 41 | } 42 | } 43 | if err := finalizeNamespace(l.config); err != nil { 44 | return err 45 | } 46 | if err := apparmor.ApplyProfile(l.config.AppArmorProfile); err != nil { 47 | return err 48 | } 49 | if err := label.SetProcessLabel(l.config.ProcessLabel); err != nil { 50 | return err 51 | } 52 | return system.Execv(l.config.Args[0], l.config.Args[0:], os.Environ()) 53 | } 54 | -------------------------------------------------------------------------------- /gce-containers-startup/volumes/BUILD: -------------------------------------------------------------------------------- 1 | # Copyright 2018 Google Inc. All Rights Reserved. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | package(default_visibility = ["//visibility:public"]) 16 | 17 | load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") 18 | 19 | go_library( 20 | name = "volumes", 21 | srcs = [ 22 | "volumes.go", 23 | ], 24 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/volumes", 25 | deps = [ 26 | "//gce-containers-startup/metadata", 27 | "//gce-containers-startup/types:go_default_library", 28 | ], 29 | ) 30 | 31 | go_test( 32 | name = "volumes_test", 33 | srcs = [ 34 | "volumes_test.go", 35 | ], 36 | embed = [":volumes"], 37 | importpath = "github.com/GoogleCloudPlatform/konlet/gce-containers-startup/volumes", 38 | deps = [ 39 | "//gce-containers-startup/command", 40 | "//gce-containers-startup/metadata", 41 | "//gce-containers-startup/types:go_default_library", 42 | "//gce-containers-startup/utils:go_default_library", 43 | "//gce-containers-startup/vendor:gopkg.in/yaml.v2", 44 | ], 45 | ) 46 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/meminfo_linux.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "bufio" 5 | "io" 6 | "os" 7 | "strconv" 8 | "strings" 9 | 10 | "github.com/docker/go-units" 11 | ) 12 | 13 | // ReadMemInfo retrieves memory statistics of the host system and returns a 14 | // MemInfo type. 15 | func ReadMemInfo() (*MemInfo, error) { 16 | file, err := os.Open("/proc/meminfo") 17 | if err != nil { 18 | return nil, err 19 | } 20 | defer file.Close() 21 | return parseMemInfo(file) 22 | } 23 | 24 | // parseMemInfo parses the /proc/meminfo file into 25 | // a MemInfo object given an io.Reader to the file. 26 | // Throws error if there are problems reading from the file 27 | func parseMemInfo(reader io.Reader) (*MemInfo, error) { 28 | meminfo := &MemInfo{} 29 | scanner := bufio.NewScanner(reader) 30 | for scanner.Scan() { 31 | // Expected format: ["MemTotal:", "1234", "kB"] 32 | parts := strings.Fields(scanner.Text()) 33 | 34 | // Sanity checks: Skip malformed entries. 35 | if len(parts) < 3 || parts[2] != "kB" { 36 | continue 37 | } 38 | 39 | // Convert to bytes. 40 | size, err := strconv.Atoi(parts[1]) 41 | if err != nil { 42 | continue 43 | } 44 | bytes := int64(size) * units.KiB 45 | 46 | switch parts[0] { 47 | case "MemTotal:": 48 | meminfo.MemTotal = bytes 49 | case "MemFree:": 50 | meminfo.MemFree = bytes 51 | case "SwapTotal:": 52 | meminfo.SwapTotal = bytes 53 | case "SwapFree:": 54 | meminfo.SwapFree = bytes 55 | } 56 | 57 | } 58 | 59 | // Handle errors that may have occurred during the reading of the file. 60 | if err := scanner.Err(); err != nil { 61 | return nil, err 62 | } 63 | 64 | return meminfo, nil 65 | } 66 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/go-connections/nat/parse.go: -------------------------------------------------------------------------------- 1 | package nat 2 | 3 | import ( 4 | "fmt" 5 | "strconv" 6 | "strings" 7 | ) 8 | 9 | // PartParser parses and validates the specified string (data) using the specified template 10 | // e.g. ip:public:private -> 192.168.0.1:80:8000 11 | func PartParser(template, data string) (map[string]string, error) { 12 | // ip:public:private 13 | var ( 14 | templateParts = strings.Split(template, ":") 15 | parts = strings.Split(data, ":") 16 | out = make(map[string]string, len(templateParts)) 17 | ) 18 | if len(parts) != len(templateParts) { 19 | return nil, fmt.Errorf("Invalid format to parse. %s should match template %s", data, template) 20 | } 21 | 22 | for i, t := range templateParts { 23 | value := "" 24 | if len(parts) > i { 25 | value = parts[i] 26 | } 27 | out[t] = value 28 | } 29 | return out, nil 30 | } 31 | 32 | // ParsePortRange parses and validates the specified string as a port-range (8000-9000) 33 | func ParsePortRange(ports string) (uint64, uint64, error) { 34 | if ports == "" { 35 | return 0, 0, fmt.Errorf("Empty string specified for ports.") 36 | } 37 | if !strings.Contains(ports, "-") { 38 | start, err := strconv.ParseUint(ports, 10, 16) 39 | end := start 40 | return start, end, err 41 | } 42 | 43 | parts := strings.Split(ports, "-") 44 | start, err := strconv.ParseUint(parts[0], 10, 16) 45 | if err != nil { 46 | return 0, 0, err 47 | } 48 | end, err := strconv.ParseUint(parts[1], 10, 16) 49 | if err != nil { 50 | return 0, 0, err 51 | } 52 | if end < start { 53 | return 0, 0, fmt.Errorf("Invalid range specified for the Port: %s", ports) 54 | } 55 | return start, end, nil 56 | } 57 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/factory.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | import ( 4 | "github.com/opencontainers/runc/libcontainer/configs" 5 | ) 6 | 7 | type Factory interface { 8 | // Creates a new container with the given id and starts the initial process inside it. 9 | // id must be a string containing only letters, digits and underscores and must contain 10 | // between 1 and 1024 characters, inclusive. 11 | // 12 | // The id must not already be in use by an existing container. Containers created using 13 | // a factory with the same path (and file system) must have distinct ids. 14 | // 15 | // Returns the new container with a running process. 16 | // 17 | // errors: 18 | // IdInUse - id is already in use by a container 19 | // InvalidIdFormat - id has incorrect format 20 | // ConfigInvalid - config is invalid 21 | // Systemerror - System error 22 | // 23 | // On error, any partially created container parts are cleaned up (the operation is atomic). 24 | Create(id string, config *configs.Config) (Container, error) 25 | 26 | // Load takes an ID for an existing container and returns the container information 27 | // from the state. This presents a read only view of the container. 28 | // 29 | // errors: 30 | // Path does not exist 31 | // Container is stopped 32 | // System error 33 | Load(id string) (Container, error) 34 | 35 | // StartInitialization is an internal API to libcontainer used during the reexec of the 36 | // container. 37 | // 38 | // Errors: 39 | // Pipe connection error 40 | // System error 41 | StartInitialization() error 42 | 43 | // Type returns info string about factory type (e.g. lxc, libcontainer...) 44 | Type() string 45 | } 46 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/error.go: -------------------------------------------------------------------------------- 1 | package libcontainer 2 | 3 | import "io" 4 | 5 | // ErrorCode is the API error code type. 6 | type ErrorCode int 7 | 8 | // API error codes. 9 | const ( 10 | // Factory errors 11 | IdInUse ErrorCode = iota 12 | InvalidIdFormat 13 | 14 | // Container errors 15 | ContainerNotExists 16 | ContainerPaused 17 | ContainerNotStopped 18 | ContainerNotRunning 19 | ContainerNotPaused 20 | 21 | // Process errors 22 | NoProcessOps 23 | 24 | // Common errors 25 | ConfigInvalid 26 | ConsoleExists 27 | SystemError 28 | ) 29 | 30 | func (c ErrorCode) String() string { 31 | switch c { 32 | case IdInUse: 33 | return "Id already in use" 34 | case InvalidIdFormat: 35 | return "Invalid format" 36 | case ContainerPaused: 37 | return "Container paused" 38 | case ConfigInvalid: 39 | return "Invalid configuration" 40 | case SystemError: 41 | return "System error" 42 | case ContainerNotExists: 43 | return "Container does not exist" 44 | case ContainerNotStopped: 45 | return "Container is not stopped" 46 | case ContainerNotRunning: 47 | return "Container is not running" 48 | case ConsoleExists: 49 | return "Console exists for process" 50 | case ContainerNotPaused: 51 | return "Container is not paused" 52 | case NoProcessOps: 53 | return "No process operations" 54 | default: 55 | return "Unknown error" 56 | } 57 | } 58 | 59 | // Error is the API error type. 60 | type Error interface { 61 | error 62 | 63 | // Returns a verbose string including the error message 64 | // and a representation of the stack trace suitable for 65 | // printing. 66 | Detail(w io.Writer) error 67 | 68 | // Returns the error code for this error. 69 | Code() ErrorCode 70 | } 71 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/Dockerfile: -------------------------------------------------------------------------------- 1 | # 2 | # This Dockerfile builds a recent curl with HTTP/2 client support, using 3 | # a recent nghttp2 build. 4 | # 5 | # See the Makefile for how to tag it. If Docker and that image is found, the 6 | # Go tests use this curl binary for integration tests. 7 | # 8 | 9 | FROM ubuntu:trusty 10 | 11 | RUN apt-get update && \ 12 | apt-get upgrade -y && \ 13 | apt-get install -y git-core build-essential wget 14 | 15 | RUN apt-get install -y --no-install-recommends \ 16 | autotools-dev libtool pkg-config zlib1g-dev \ 17 | libcunit1-dev libssl-dev libxml2-dev libevent-dev \ 18 | automake autoconf 19 | 20 | # The list of packages nghttp2 recommends for h2load: 21 | RUN apt-get install -y --no-install-recommends make binutils \ 22 | autoconf automake autotools-dev \ 23 | libtool pkg-config zlib1g-dev libcunit1-dev libssl-dev libxml2-dev \ 24 | libev-dev libevent-dev libjansson-dev libjemalloc-dev \ 25 | cython python3.4-dev python-setuptools 26 | 27 | # Note: setting NGHTTP2_VER before the git clone, so an old git clone isn't cached: 28 | ENV NGHTTP2_VER 895da9a 29 | RUN cd /root && git clone https://github.com/tatsuhiro-t/nghttp2.git 30 | 31 | WORKDIR /root/nghttp2 32 | RUN git reset --hard $NGHTTP2_VER 33 | RUN autoreconf -i 34 | RUN automake 35 | RUN autoconf 36 | RUN ./configure 37 | RUN make 38 | RUN make install 39 | 40 | WORKDIR /root 41 | RUN wget http://curl.haxx.se/download/curl-7.45.0.tar.gz 42 | RUN tar -zxvf curl-7.45.0.tar.gz 43 | WORKDIR /root/curl-7.45.0 44 | RUN ./configure --with-ssl --with-nghttp2=/usr/local 45 | RUN make 46 | RUN make install 47 | RUN ldconfig 48 | 49 | CMD ["-h"] 50 | ENTRYPOINT ["/usr/local/bin/curl"] 51 | 52 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/cgroups/cgroups.go: -------------------------------------------------------------------------------- 1 | // +build linux 2 | 3 | package cgroups 4 | 5 | import ( 6 | "fmt" 7 | 8 | "github.com/opencontainers/runc/libcontainer/configs" 9 | ) 10 | 11 | type Manager interface { 12 | // Applies cgroup configuration to the process with the specified pid 13 | Apply(pid int) error 14 | 15 | // Returns the PIDs inside the cgroup set 16 | GetPids() ([]int, error) 17 | 18 | // Returns the PIDs inside the cgroup set & all sub-cgroups 19 | GetAllPids() ([]int, error) 20 | 21 | // Returns statistics for the cgroup set 22 | GetStats() (*Stats, error) 23 | 24 | // Toggles the freezer cgroup according with specified state 25 | Freeze(state configs.FreezerState) error 26 | 27 | // Destroys the cgroup set 28 | Destroy() error 29 | 30 | // NewCgroupManager() and LoadCgroupManager() require following attributes: 31 | // Paths map[string]string 32 | // Cgroups *cgroups.Cgroup 33 | // Paths maps cgroup subsystem to path at which it is mounted. 34 | // Cgroups specifies specific cgroup settings for the various subsystems 35 | 36 | // Returns cgroup paths to save in a state file and to be able to 37 | // restore the object later. 38 | GetPaths() map[string]string 39 | 40 | // Sets the cgroup as configured. 41 | Set(container *configs.Config) error 42 | } 43 | 44 | type NotFoundError struct { 45 | Subsystem string 46 | } 47 | 48 | func (e *NotFoundError) Error() string { 49 | return fmt.Sprintf("mountpoint for %s not found", e.Subsystem) 50 | } 51 | 52 | func NewNotFoundError(sub string) error { 53 | return &NotFoundError{ 54 | Subsystem: sub, 55 | } 56 | } 57 | 58 | func IsNotFound(err error) bool { 59 | if err == nil { 60 | return false 61 | } 62 | _, ok := err.(*NotFoundError) 63 | return ok 64 | } 65 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/types/network/network.go: -------------------------------------------------------------------------------- 1 | package network 2 | 3 | // Address represents an IP address 4 | type Address struct { 5 | Addr string 6 | PrefixLen int 7 | } 8 | 9 | // IPAM represents IP Address Management 10 | type IPAM struct { 11 | Driver string 12 | Options map[string]string //Per network IPAM driver options 13 | Config []IPAMConfig 14 | } 15 | 16 | // IPAMConfig represents IPAM configurations 17 | type IPAMConfig struct { 18 | Subnet string `json:",omitempty"` 19 | IPRange string `json:",omitempty"` 20 | Gateway string `json:",omitempty"` 21 | AuxAddress map[string]string `json:"AuxiliaryAddresses,omitempty"` 22 | } 23 | 24 | // EndpointIPAMConfig represents IPAM configurations for the endpoint 25 | type EndpointIPAMConfig struct { 26 | IPv4Address string `json:",omitempty"` 27 | IPv6Address string `json:",omitempty"` 28 | } 29 | 30 | // EndpointSettings stores the network endpoint details 31 | type EndpointSettings struct { 32 | // Configurations 33 | IPAMConfig *EndpointIPAMConfig 34 | Links []string 35 | Aliases []string 36 | // Operational data 37 | NetworkID string 38 | EndpointID string 39 | Gateway string 40 | IPAddress string 41 | IPPrefixLen int 42 | IPv6Gateway string 43 | GlobalIPv6Address string 44 | GlobalIPv6PrefixLen int 45 | MacAddress string 46 | } 47 | 48 | // NetworkingConfig represents the container's networking configuration for each of its interfaces 49 | // Carries the networking configs specified in the `docker run` and `docker network connect` commands 50 | type NetworkingConfig struct { 51 | EndpointsConfig map[string]*EndpointSettings // Endpoint configs for each connecting network 52 | } 53 | -------------------------------------------------------------------------------- /scripts/konlet-startup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2017 Google Inc. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | readonly GET_METADATA_VALUE='/usr/share/google/get_metadata_value' 18 | readonly KONLET_VERSION_TAG='v.0.13-latest' 19 | 20 | SPEC=$(${GET_METADATA_VALUE} 'attributes/gce-container-declaration') 21 | if [[ $? -ne 0 ]]; then 22 | echo 'No metadata present - not running containers' 23 | exit 0 24 | fi 25 | 26 | # Make sure that Docker events collector is running for Konlet (only if the 27 | # metadata is present). 28 | systemctl start docker-events-collector.service 29 | 30 | ACTUAL_KONLET_VERSION=$(${GET_METADATA_VALUE} 'attributes/gce-container-runner-version-override') 31 | if [[ $? -ne 0 ]]; then 32 | ACTUAL_KONLET_VERSION="${KONLET_VERSION_TAG}" 33 | fi 34 | 35 | HOST_IPTABLES=$(iptables -V | grep -q "nf_tables" && echo "nf_tables" || echo "legacy") 36 | 37 | docker run -e HOST_IPTABLES=${HOST_IPTABLES} \ 38 | --rm \ 39 | --privileged \ 40 | --log-driver=json-file \ 41 | --net="host" \ 42 | -v=/var/run/docker.sock:/var/run/docker.sock \ 43 | -v=/etc/profile.d:/host/etc/profile.d \ 44 | -v=/dev:/dev \ 45 | -v=/mnt:/mnt \ 46 | -v=/proc:/host_proc \ 47 | "gcr.io/gce-containers/konlet:${ACTUAL_KONLET_VERSION}" -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/configs/config_unix.go: -------------------------------------------------------------------------------- 1 | // +build freebsd linux 2 | 3 | package configs 4 | 5 | import "fmt" 6 | 7 | // HostUID gets the root uid for the process on host which could be non-zero 8 | // when user namespaces are enabled. 9 | func (c Config) HostUID() (int, error) { 10 | if c.Namespaces.Contains(NEWUSER) { 11 | if c.UidMappings == nil { 12 | return -1, fmt.Errorf("User namespaces enabled, but no user mappings found.") 13 | } 14 | id, found := c.hostIDFromMapping(0, c.UidMappings) 15 | if !found { 16 | return -1, fmt.Errorf("User namespaces enabled, but no root user mapping found.") 17 | } 18 | return id, nil 19 | } 20 | // Return default root uid 0 21 | return 0, nil 22 | } 23 | 24 | // HostGID gets the root gid for the process on host which could be non-zero 25 | // when user namespaces are enabled. 26 | func (c Config) HostGID() (int, error) { 27 | if c.Namespaces.Contains(NEWUSER) { 28 | if c.GidMappings == nil { 29 | return -1, fmt.Errorf("User namespaces enabled, but no gid mappings found.") 30 | } 31 | id, found := c.hostIDFromMapping(0, c.GidMappings) 32 | if !found { 33 | return -1, fmt.Errorf("User namespaces enabled, but no root group mapping found.") 34 | } 35 | return id, nil 36 | } 37 | // Return default root gid 0 38 | return 0, nil 39 | } 40 | 41 | // Utility function that gets a host ID for a container ID from user namespace map 42 | // if that ID is present in the map. 43 | func (c Config) hostIDFromMapping(containerID int, uMap []IDMap) (int, bool) { 44 | for _, m := range uMap { 45 | if (containerID >= m.ContainerID) && (containerID <= (m.ContainerID + m.Size - 1)) { 46 | hostID := m.HostID + (containerID - m.ContainerID) 47 | return hostID, true 48 | } 49 | } 50 | return -1, false 51 | } 52 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/container_commit.go: -------------------------------------------------------------------------------- 1 | package client 2 | 3 | import ( 4 | "encoding/json" 5 | "errors" 6 | "net/url" 7 | 8 | distreference "github.com/docker/distribution/reference" 9 | "github.com/docker/engine-api/types" 10 | "github.com/docker/engine-api/types/reference" 11 | "golang.org/x/net/context" 12 | ) 13 | 14 | // ContainerCommit applies changes into a container and creates a new tagged image. 15 | func (cli *Client) ContainerCommit(ctx context.Context, container string, options types.ContainerCommitOptions) (types.ContainerCommitResponse, error) { 16 | var repository, tag string 17 | if options.Reference != "" { 18 | distributionRef, err := distreference.ParseNamed(options.Reference) 19 | if err != nil { 20 | return types.ContainerCommitResponse{}, err 21 | } 22 | 23 | if _, isCanonical := distributionRef.(distreference.Canonical); isCanonical { 24 | return types.ContainerCommitResponse{}, errors.New("refusing to create a tag with a digest reference") 25 | } 26 | 27 | tag = reference.GetTagFromNamedRef(distributionRef) 28 | repository = distributionRef.Name() 29 | } 30 | 31 | query := url.Values{} 32 | query.Set("container", container) 33 | query.Set("repo", repository) 34 | query.Set("tag", tag) 35 | query.Set("comment", options.Comment) 36 | query.Set("author", options.Author) 37 | for _, change := range options.Changes { 38 | query.Add("changes", change) 39 | } 40 | if options.Pause != true { 41 | query.Set("pause", "0") 42 | } 43 | 44 | var response types.ContainerCommitResponse 45 | resp, err := cli.post(ctx, "/commit", query, options.Config, nil) 46 | if err != nil { 47 | return response, err 48 | } 49 | 50 | err = json.NewDecoder(resp.body).Decode(&response) 51 | ensureReaderClosed(resp) 52 | return response, err 53 | } 54 | -------------------------------------------------------------------------------- /gce-containers-startup/command/runner.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package command 16 | 17 | import ( 18 | "fmt" 19 | "os" 20 | "os/exec" 21 | ) 22 | 23 | type Runner struct{} 24 | 25 | // Wrap around os.exec.Command(...).CombinedOutput() to glue together output 26 | // (STDERR+STDOUT) and execution error message upon failure. 27 | // 28 | // Convert the []byte output to string as well. 29 | func (r Runner) Run(commandAndArgs ...string) (string, error) { 30 | if len(commandAndArgs) == 0 { 31 | return "", fmt.Errorf("No command provided.") 32 | } 33 | output, err := exec.Command(commandAndArgs[0], commandAndArgs[1:]...).CombinedOutput() 34 | outputString := string(output) 35 | if err != nil { 36 | errorString := fmt.Sprintf("%s", err) 37 | if outputString != "" { 38 | errorString = fmt.Sprintf("%s, details: %s", errorString, outputString) 39 | } 40 | return "", fmt.Errorf("Failed to execute command %s: %s", commandAndArgs, errorString) 41 | } 42 | return outputString, nil 43 | } 44 | 45 | func (r Runner) MkdirAll(path string, perm os.FileMode) error { 46 | return os.MkdirAll(path, perm) 47 | } 48 | 49 | func (r Runner) Stat(name string) (os.FileInfo, error) { 50 | return os.Stat(name) 51 | } 52 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/golang.org/x/net/http2/headermap.go: -------------------------------------------------------------------------------- 1 | // Copyright 2014 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package http2 6 | 7 | import ( 8 | "net/http" 9 | "strings" 10 | ) 11 | 12 | var ( 13 | commonLowerHeader = map[string]string{} // Go-Canonical-Case -> lower-case 14 | commonCanonHeader = map[string]string{} // lower-case -> Go-Canonical-Case 15 | ) 16 | 17 | func init() { 18 | for _, v := range []string{ 19 | "accept", 20 | "accept-charset", 21 | "accept-encoding", 22 | "accept-language", 23 | "accept-ranges", 24 | "age", 25 | "access-control-allow-origin", 26 | "allow", 27 | "authorization", 28 | "cache-control", 29 | "content-disposition", 30 | "content-encoding", 31 | "content-language", 32 | "content-length", 33 | "content-location", 34 | "content-range", 35 | "content-type", 36 | "cookie", 37 | "date", 38 | "etag", 39 | "expect", 40 | "expires", 41 | "from", 42 | "host", 43 | "if-match", 44 | "if-modified-since", 45 | "if-none-match", 46 | "if-unmodified-since", 47 | "last-modified", 48 | "link", 49 | "location", 50 | "max-forwards", 51 | "proxy-authenticate", 52 | "proxy-authorization", 53 | "range", 54 | "referer", 55 | "refresh", 56 | "retry-after", 57 | "server", 58 | "set-cookie", 59 | "strict-transport-security", 60 | "trailer", 61 | "transfer-encoding", 62 | "user-agent", 63 | "vary", 64 | "via", 65 | "www-authenticate", 66 | } { 67 | chk := http.CanonicalHeaderKey(v) 68 | commonLowerHeader[chk] = v 69 | commonCanonHeader[v] = chk 70 | } 71 | } 72 | 73 | func lowerHeader(v string) string { 74 | if s, ok := commonLowerHeader[v]; ok { 75 | return s 76 | } 77 | return strings.ToLower(v) 78 | } 79 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/distribution/digest/doc.go: -------------------------------------------------------------------------------- 1 | // Package digest provides a generalized type to opaquely represent message 2 | // digests and their operations within the registry. The Digest type is 3 | // designed to serve as a flexible identifier in a content-addressable system. 4 | // More importantly, it provides tools and wrappers to work with 5 | // hash.Hash-based digests with little effort. 6 | // 7 | // Basics 8 | // 9 | // The format of a digest is simply a string with two parts, dubbed the 10 | // "algorithm" and the "digest", separated by a colon: 11 | // 12 | // : 13 | // 14 | // An example of a sha256 digest representation follows: 15 | // 16 | // sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc 17 | // 18 | // In this case, the string "sha256" is the algorithm and the hex bytes are 19 | // the "digest". 20 | // 21 | // Because the Digest type is simply a string, once a valid Digest is 22 | // obtained, comparisons are cheap, quick and simple to express with the 23 | // standard equality operator. 24 | // 25 | // Verification 26 | // 27 | // The main benefit of using the Digest type is simple verification against a 28 | // given digest. The Verifier interface, modeled after the stdlib hash.Hash 29 | // interface, provides a common write sink for digest verification. After 30 | // writing is complete, calling the Verifier.Verified method will indicate 31 | // whether or not the stream of bytes matches the target digest. 32 | // 33 | // Missing Features 34 | // 35 | // In addition to the above, we intend to add the following features to this 36 | // package: 37 | // 38 | // 1. A Digester type that supports write sink digest calculation. 39 | // 40 | // 2. Suspend and resume of ongoing digest calculations to support efficient digest verification in the registry. 41 | // 42 | package digest 43 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/docker/pkg/system/syscall_windows.go: -------------------------------------------------------------------------------- 1 | package system 2 | 3 | import ( 4 | "fmt" 5 | "syscall" 6 | "unsafe" 7 | ) 8 | 9 | // OSVersion is a wrapper for Windows version information 10 | // https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx 11 | type OSVersion struct { 12 | Version uint32 13 | MajorVersion uint8 14 | MinorVersion uint8 15 | Build uint16 16 | } 17 | 18 | // GetOSVersion gets the operating system version on Windows. Note that 19 | // docker.exe must be manifested to get the correct version information. 20 | func GetOSVersion() (OSVersion, error) { 21 | var err error 22 | osv := OSVersion{} 23 | osv.Version, err = syscall.GetVersion() 24 | if err != nil { 25 | return osv, fmt.Errorf("Failed to call GetVersion()") 26 | } 27 | osv.MajorVersion = uint8(osv.Version & 0xFF) 28 | osv.MinorVersion = uint8(osv.Version >> 8 & 0xFF) 29 | osv.Build = uint16(osv.Version >> 16) 30 | return osv, nil 31 | } 32 | 33 | // Unmount is a platform-specific helper function to call 34 | // the unmount syscall. Not supported on Windows 35 | func Unmount(dest string) error { 36 | return nil 37 | } 38 | 39 | // CommandLineToArgv wraps the Windows syscall to turn a commandline into an argument array. 40 | func CommandLineToArgv(commandLine string) ([]string, error) { 41 | var argc int32 42 | 43 | argsPtr, err := syscall.UTF16PtrFromString(commandLine) 44 | if err != nil { 45 | return nil, err 46 | } 47 | 48 | argv, err := syscall.CommandLineToArgv(argsPtr, &argc) 49 | if err != nil { 50 | return nil, err 51 | } 52 | defer syscall.LocalFree(syscall.Handle(uintptr(unsafe.Pointer(argv)))) 53 | 54 | newArgs := make([]string, argc) 55 | for i, v := range (*argv)[:argc] { 56 | newArgs[i] = string(syscall.UTF16ToString((*v)[:])) 57 | } 58 | 59 | return newArgs, nil 60 | } 61 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/docker/engine-api/client/transport/transport.go: -------------------------------------------------------------------------------- 1 | // Package transport provides function to send request to remote endpoints. 2 | package transport 3 | 4 | import ( 5 | "fmt" 6 | "net/http" 7 | 8 | "github.com/docker/go-connections/sockets" 9 | ) 10 | 11 | // apiTransport holds information about the http transport to connect with the API. 12 | type apiTransport struct { 13 | *http.Client 14 | *tlsInfo 15 | transport *http.Transport 16 | } 17 | 18 | // NewTransportWithHTTP creates a new transport based on the provided proto, address and http client. 19 | // It uses Docker's default http transport configuration if the client is nil. 20 | // It does not modify the client's transport if it's not nil. 21 | func NewTransportWithHTTP(proto, addr string, client *http.Client) (Client, error) { 22 | var transport *http.Transport 23 | 24 | if client != nil { 25 | tr, ok := client.Transport.(*http.Transport) 26 | if !ok { 27 | return nil, fmt.Errorf("unable to verify TLS configuration, invalid transport %v", client.Transport) 28 | } 29 | transport = tr 30 | } else { 31 | transport = defaultTransport(proto, addr) 32 | client = &http.Client{ 33 | Transport: transport, 34 | } 35 | } 36 | 37 | return &apiTransport{ 38 | Client: client, 39 | tlsInfo: &tlsInfo{transport.TLSClientConfig}, 40 | transport: transport, 41 | }, nil 42 | } 43 | 44 | // CancelRequest stops a request execution. 45 | func (a *apiTransport) CancelRequest(req *http.Request) { 46 | a.transport.CancelRequest(req) 47 | } 48 | 49 | // defaultTransport creates a new http.Transport with Docker's 50 | // default transport configuration. 51 | func defaultTransport(proto, addr string) *http.Transport { 52 | tr := new(http.Transport) 53 | sockets.ConfigureTransport(tr, proto, addr) 54 | return tr 55 | } 56 | 57 | var _ Client = &apiTransport{} 58 | -------------------------------------------------------------------------------- /gce-containers-startup/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_unix.go: -------------------------------------------------------------------------------- 1 | // +build linux freebsd 2 | 3 | package libcontainer 4 | 5 | // cgroup restoring strategy provided by criu 6 | type cgMode uint32 7 | 8 | const ( 9 | CRIU_CG_MODE_SOFT cgMode = 3 + iota // restore cgroup properties if only dir created by criu 10 | CRIU_CG_MODE_FULL // always restore all cgroups and their properties 11 | CRIU_CG_MODE_STRICT // restore all, requiring them to not present in the system 12 | CRIU_CG_MODE_DEFAULT // the same as CRIU_CG_MODE_SOFT 13 | ) 14 | 15 | type CriuPageServerInfo struct { 16 | Address string // IP address of CRIU page server 17 | Port int32 // port number of CRIU page server 18 | } 19 | 20 | type VethPairName struct { 21 | ContainerInterfaceName string 22 | HostInterfaceName string 23 | } 24 | 25 | type CriuOpts struct { 26 | ImagesDirectory string // directory for storing image files 27 | WorkDirectory string // directory to cd and write logs/pidfiles/stats to 28 | LeaveRunning bool // leave container in running state after checkpoint 29 | TcpEstablished bool // checkpoint/restore established TCP connections 30 | ExternalUnixConnections bool // allow external unix connections 31 | ShellJob bool // allow to dump and restore shell jobs 32 | FileLocks bool // handle file locks, for safety 33 | PageServer CriuPageServerInfo // allow to dump to criu page server 34 | VethPairs []VethPairName // pass the veth to criu when restore 35 | ManageCgroupsMode cgMode // dump or restore cgroup mode 36 | EmptyNs uint32 // don't c/r properties for namespace from this mask 37 | } 38 | --------------------------------------------------------------------------------