├── clippy.toml ├── codecov.yml ├── .gitattributes ├── crates ├── snapshots │ ├── rsync.txt │ ├── Cargo.toml │ ├── vendor │ │ ├── github.com │ │ │ └── containerd │ │ │ │ └── containerd │ │ │ │ ├── api │ │ │ │ └── types │ │ │ │ │ └── mount.proto │ │ │ │ └── vendor │ │ │ │ └── github.com │ │ │ │ └── containerd │ │ │ │ └── containerd │ │ │ │ └── api │ │ │ │ └── types │ │ │ │ └── mount.proto │ │ └── google │ │ │ └── protobuf │ │ │ └── empty.proto │ ├── build.rs │ └── src │ │ └── convert.rs ├── client │ ├── rsync.txt │ ├── vendor │ │ ├── README.md │ │ ├── github.com │ │ │ └── containerd │ │ │ │ └── containerd │ │ │ │ ├── api │ │ │ │ ├── types │ │ │ │ │ ├── runtimeoptions │ │ │ │ │ │ └── v1 │ │ │ │ │ │ │ └── api.proto │ │ │ │ │ ├── transfer │ │ │ │ │ │ ├── streaming.proto │ │ │ │ │ │ ├── progress.proto │ │ │ │ │ │ ├── importexport.proto │ │ │ │ │ │ └── registry.proto │ │ │ │ │ ├── metrics.proto │ │ │ │ │ ├── platform.proto │ │ │ │ │ ├── event.proto │ │ │ │ │ ├── descriptor.proto │ │ │ │ │ ├── mount.proto │ │ │ │ │ ├── task │ │ │ │ │ │ └── task.proto │ │ │ │ │ ├── introspection.proto │ │ │ │ │ ├── fieldpath.proto │ │ │ │ │ ├── runc │ │ │ │ │ │ └── options │ │ │ │ │ │ │ └── oci.proto │ │ │ │ │ └── sandbox.proto │ │ │ │ ├── services │ │ │ │ │ ├── streaming │ │ │ │ │ │ └── v1 │ │ │ │ │ │ │ └── streaming.proto │ │ │ │ │ ├── version │ │ │ │ │ │ └── v1 │ │ │ │ │ │ │ └── version.proto │ │ │ │ │ ├── transfer │ │ │ │ │ │ └── v1 │ │ │ │ │ │ │ └── transfer.proto │ │ │ │ │ ├── ttrpc │ │ │ │ │ │ └── events │ │ │ │ │ │ │ └── v1 │ │ │ │ │ │ │ └── events.proto │ │ │ │ │ └── events │ │ │ │ │ │ └── v1 │ │ │ │ │ │ └── events.proto │ │ │ │ └── events │ │ │ │ │ ├── content.proto │ │ │ │ │ ├── sandbox.proto │ │ │ │ │ ├── image.proto │ │ │ │ │ ├── namespace.proto │ │ │ │ │ ├── snapshot.proto │ │ │ │ │ ├── container.proto │ │ │ │ │ └── task.proto │ │ │ │ └── vendor │ │ │ │ └── github.com │ │ │ │ └── containerd │ │ │ │ └── containerd │ │ │ │ └── api │ │ │ │ ├── types │ │ │ │ ├── runtimeoptions │ │ │ │ │ └── v1 │ │ │ │ │ │ └── api.proto │ │ │ │ ├── transfer │ │ │ │ │ ├── streaming.proto │ │ │ │ │ ├── progress.proto │ │ │ │ │ └── importexport.proto │ │ │ │ ├── metrics.proto │ │ │ │ ├── platform.proto │ │ │ │ ├── event.proto │ │ │ │ ├── descriptor.proto │ │ │ │ ├── mount.proto │ │ │ │ ├── task │ │ │ │ │ └── task.proto │ │ │ │ ├── introspection.proto │ │ │ │ ├── fieldpath.proto │ │ │ │ ├── runc │ │ │ │ │ └── options │ │ │ │ │ │ └── oci.proto │ │ │ │ └── sandbox.proto │ │ │ │ ├── services │ │ │ │ ├── streaming │ │ │ │ │ └── v1 │ │ │ │ │ │ └── streaming.proto │ │ │ │ ├── version │ │ │ │ │ └── v1 │ │ │ │ │ │ └── version.proto │ │ │ │ ├── transfer │ │ │ │ │ └── v1 │ │ │ │ │ │ └── transfer.proto │ │ │ │ ├── ttrpc │ │ │ │ │ └── events │ │ │ │ │ │ └── v1 │ │ │ │ │ │ └── events.proto │ │ │ │ └── events │ │ │ │ │ └── v1 │ │ │ │ │ └── events.proto │ │ │ │ └── events │ │ │ │ ├── content.proto │ │ │ │ ├── sandbox.proto │ │ │ │ ├── image.proto │ │ │ │ ├── namespace.proto │ │ │ │ ├── snapshot.proto │ │ │ │ ├── container.proto │ │ │ │ └── task.proto │ │ └── google │ │ │ ├── rpc │ │ │ └── status.proto │ │ │ └── protobuf │ │ │ └── empty.proto │ ├── README.md │ ├── examples │ │ └── version.rs │ └── Cargo.toml ├── shim-protos │ ├── rsync.txt │ ├── vendor │ │ ├── README.md │ │ ├── github.com │ │ │ └── containerd │ │ │ │ └── containerd │ │ │ │ ├── api │ │ │ │ ├── events │ │ │ │ │ ├── content.proto │ │ │ │ │ ├── sandbox.proto │ │ │ │ │ ├── image.proto │ │ │ │ │ ├── namespace.proto │ │ │ │ │ ├── snapshot.proto │ │ │ │ │ ├── container.proto │ │ │ │ │ └── task.proto │ │ │ │ ├── types │ │ │ │ │ ├── platform.proto │ │ │ │ │ ├── metrics.proto │ │ │ │ │ ├── descriptor.proto │ │ │ │ │ ├── mount.proto │ │ │ │ │ ├── task │ │ │ │ │ │ └── task.proto │ │ │ │ │ ├── introspection.proto │ │ │ │ │ └── sandbox.proto │ │ │ │ └── services │ │ │ │ │ └── ttrpc │ │ │ │ │ └── events │ │ │ │ │ └── v1 │ │ │ │ │ └── events.proto │ │ │ │ ├── protobuf │ │ │ │ └── plugin │ │ │ │ │ └── fieldpath.proto │ │ │ │ └── runtime │ │ │ │ └── v2 │ │ │ │ └── runc │ │ │ │ └── options │ │ │ │ └── oci.proto │ │ ├── microsoft │ │ │ └── hcsshim │ │ │ │ └── cmd │ │ │ │ └── containerd-shim-runhcs-v1 │ │ │ │ └── stats │ │ │ │ └── stats.proto │ │ └── google │ │ │ └── protobuf │ │ │ └── empty.proto │ ├── src │ │ ├── cgroups.rs │ │ ├── windows.rs │ │ ├── sandbox.rs │ │ ├── types.rs │ │ ├── topics.rs │ │ ├── events.rs │ │ ├── shim.rs │ │ └── lib.rs │ ├── Cargo.toml │ └── examples │ │ ├── ttrpc-client.rs │ │ ├── ttrpc-client-async.rs │ │ ├── connect.rs │ │ ├── connect-async.rs │ │ ├── ttrpc-server.rs │ │ └── ttrpc-server-async.rs ├── logging │ ├── Cargo.toml │ ├── examples │ │ └── journal.rs │ └── README.md ├── runc │ ├── src │ │ └── synchronous │ │ │ └── pipe.rs │ ├── Cargo.toml │ └── README.md ├── shim │ ├── src │ │ ├── mount_other.rs │ │ ├── event.rs │ │ ├── reap.rs │ │ └── monitor.rs │ ├── Cargo.toml │ └── examples │ │ ├── windows_log_reader.rs │ │ ├── publish.rs │ │ ├── skeleton_async.rs │ │ └── skeleton.rs └── runc-shim │ ├── src │ ├── io.rs │ ├── console.rs │ └── main.rs │ ├── build.rs │ ├── Cargo.toml │ └── README.md ├── rust-toolchain.toml ├── rustfmt.toml ├── .gitignore ├── MAINTAINERS ├── scripts ├── install-protobuf.sh └── update-vendor.sh ├── .github ├── dependabot.yml ├── release.yml ├── labeler.yml └── workflows │ ├── labeler.yml │ ├── cover.yml │ ├── stale.yml │ └── publish.yml └── Cargo.toml /clippy.toml: -------------------------------------------------------------------------------- 1 | msrv = "1.66" 2 | -------------------------------------------------------------------------------- /codecov.yml: -------------------------------------------------------------------------------- 1 | comment: false 2 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto eol=lf 2 | -------------------------------------------------------------------------------- /crates/snapshots/rsync.txt: -------------------------------------------------------------------------------- 1 | api/services/snapshots/v1/snapshots.proto 2 | api/types/mount.proto 3 | -------------------------------------------------------------------------------- /rust-toolchain.toml: -------------------------------------------------------------------------------- 1 | [toolchain] 2 | channel = "1.82" 3 | components = ["rustfmt", "clippy", "llvm-tools"] 4 | -------------------------------------------------------------------------------- /crates/client/rsync.txt: -------------------------------------------------------------------------------- 1 | api/events/*.proto 2 | api/services/**/*.proto 3 | api/types/*.proto 4 | api/types/**/*.proto 5 | protobuf/plugin/fieldpath.proto 6 | -------------------------------------------------------------------------------- /crates/shim-protos/rsync.txt: -------------------------------------------------------------------------------- 1 | api/events/*.proto 2 | api/types/*.proto 3 | api/types/task/*.proto 4 | api/services/ttrpc/events/v1/*.proto 5 | protobuf/plugin/fieldpath.proto 6 | runtime/v2/runc/options/oci.proto 7 | api/runtime/sandbox/v1/sandbox.proto 8 | api/runtime/task/v2/shim.proto 9 | -------------------------------------------------------------------------------- /rustfmt.toml: -------------------------------------------------------------------------------- 1 | newline_style = "Unix" 2 | unstable_features = true # Cargo fmt now needs to be called with `cargo +nightly fmt` 3 | group_imports = "StdExternalCrate" # Create 3 groups: std, external crates, and self. 4 | imports_granularity = "Crate" # Merge imports from the same crate into a single use statement 5 | -------------------------------------------------------------------------------- /crates/client/vendor/README.md: -------------------------------------------------------------------------------- 1 | # Vendor 2 | 3 | This directory contains vendor dependencies needed to generate protobuf bindings. 4 | 5 | Proto files are copy-pasted directly from upstream repos: 6 | + https://github.com/containerd/containerd 7 | + https://github.com/protocolbuffers/protobuf 8 | + https://github.com/gogo/protobuf 9 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Generated by Cargo 2 | # will have compiled files and executables 3 | /target/ 4 | 5 | # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries 6 | # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html 7 | Cargo.lock 8 | 9 | # These are backup files generated by rustfmt 10 | **/*.rs.bk 11 | log 12 | 13 | .vscode 14 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/README.md: -------------------------------------------------------------------------------- 1 | # Vendor 2 | 3 | This directory contains vendor dependencies needed to generate protobuf bindings. 4 | 5 | Proto files are copy-pasted directly from upstream repos: 6 | + https://github.com/containerd/containerd 7 | + https://github.com/protocolbuffers/protobuf 8 | + https://github.com/gogo/protobuf 9 | + https://github.com/containerd/cgroups 10 | + https://github.com/microsoft/hcsshim 11 | -------------------------------------------------------------------------------- /MAINTAINERS: -------------------------------------------------------------------------------- 1 | # rust-extensions maintainers 2 | # 3 | # As a containerd sub-project, containerd maintainers are also included from https://github.com/containerd/project/blob/main/MAINTAINERS. 4 | # See https://github.com/containerd/project/blob/main/GOVERNANCE.md for description of maintainer role 5 | # 6 | 7 | # REVIEWERS 8 | # GitHub ID, Name, Email address 9 | "Burning1020","Zhang Tianyang","burning9699@gmail.com" 10 | "jsturtevant","James Sturtevant","jstur@microsoft.com" 11 | "mossaka","Jiaxiao Zhou","jiazho@microsoft.com" 12 | "jokemanfire","Dingyang Hu","hu.dingyang@zte.com.cn" 13 | -------------------------------------------------------------------------------- /crates/logging/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-shim-logging" 3 | version = "0.1.1" 4 | authors = [ 5 | "Maksym Pavlenko ", 6 | "The containerd Authors", 7 | ] 8 | description = "Logger extension for containerd v2 runtime" 9 | keywords = ["containerd", "shim", "containers"] 10 | categories = ["api-bindings", "asynchronous"] 11 | 12 | edition.workspace = true 13 | license.workspace = true 14 | repository.workspace = true 15 | homepage.workspace = true 16 | 17 | [features] 18 | docs = [] 19 | 20 | [package.metadata.docs.rs] 21 | features = ["docs"] 22 | -------------------------------------------------------------------------------- /scripts/install-protobuf.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Helper script for Github Actions to install protobuf on different runners. 4 | echo "OS: $RUNNER_OS" 5 | 6 | if [ "$RUNNER_OS" == 'Linux' ]; then 7 | # Install on Linux 8 | sudo apt-get update 9 | sudo apt-get install -y protobuf-compiler 10 | elif [ "$RUNNER_OS" == 'macOS' ]; then 11 | # Install on macOS 12 | brew install protobuf 13 | elif [ "$RUNNER_OS" == 'Windows' ]; then 14 | # Install on Windows 15 | choco install -y protoc 16 | else 17 | echo "Unsupported OS: $RUNNER_OS" 18 | exit 1 19 | fi 20 | 21 | # Check the installed Protobuf version 22 | protoc --version 23 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "cargo" 4 | directory: "/" 5 | schedule: 6 | interval: "daily" 7 | labels: 8 | - T-dependencies 9 | 10 | # Ensure that references to actions in a repository's workflow.yml file are kept up to date. 11 | # See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot 12 | - package-ecosystem: "github-actions" 13 | directory: "/" 14 | schedule: 15 | interval: "daily" 16 | labels: 17 | # Mark PRs as CI related change. 18 | - T-CI 19 | -------------------------------------------------------------------------------- /.github/release.yml: -------------------------------------------------------------------------------- 1 | changelog: 2 | categories: 3 | - title: Runc crate 4 | labels: 5 | - C-runc 6 | - title: Runc shim crate 7 | labels: 8 | - C-runc-shim 9 | - title: Shim crate 10 | labels: 11 | - C-shim 12 | - title: Shim protos crate 13 | labels: 14 | - C-shim-protos 15 | - title: Snapshots crate 16 | labels: 17 | - C-snapshots 18 | - title: Client crate 19 | labels: 20 | - C-client 21 | - title: Logging crate 22 | labels: 23 | - C-logging 24 | - title: Other changes 25 | labels: 26 | - T-CI 27 | - T-docs 28 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/runtimeoptions/v1/api.proto: -------------------------------------------------------------------------------- 1 | // To regenerate api.pb.go run `make protos` 2 | syntax = "proto3"; 3 | 4 | package runtimeoptions.v1; 5 | 6 | option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions"; 7 | 8 | message Options { 9 | // TypeUrl specifies the type of the content inside the config file. 10 | string type_url = 1; 11 | // ConfigPath specifies the filesystem location of the config file 12 | // used by the runtime. 13 | string config_path = 2; 14 | // Blob specifies an in-memory TOML blob passed from containerd's configuration section 15 | // for this runtime. This will be used if config_path is not specified. 16 | bytes config_body = 3; 17 | } 18 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/runtimeoptions/v1/api.proto: -------------------------------------------------------------------------------- 1 | // To regenerate api.pb.go run `make protos` 2 | syntax = "proto3"; 3 | 4 | package runtimeoptions.v1; 5 | 6 | option go_package = "github.com/containerd/containerd/api/types/runtimeoptions/v1;runtimeoptions"; 7 | 8 | message Options { 9 | // TypeUrl specifies the type of the content inside the config file. 10 | string type_url = 1; 11 | // ConfigPath specifies the filesystem location of the config file 12 | // used by the runtime. 13 | string config_path = 2; 14 | // Blob specifies an in-memory TOML blob passed from containerd's configuration section 15 | // for this runtime. This will be used if config_path is not specified. 16 | bytes config_body = 3; 17 | } 18 | -------------------------------------------------------------------------------- /crates/shim-protos/src/cgroups.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod metrics { 18 | include!(concat!(env!("OUT_DIR"), "/cgroups/metrics.rs")); 19 | } 20 | 21 | mod gogo { 22 | pub use crate::types::gogo::*; 23 | } 24 | -------------------------------------------------------------------------------- /crates/shim-protos/src/windows.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod stats { 18 | include!(concat!(env!("OUT_DIR"), "/stats/stats.rs")); 19 | } 20 | 21 | pub mod metrics { 22 | pub use crate::cgroups::metrics::{file_descriptor, Metrics}; 23 | } 24 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/transfer/streaming.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 22 | 23 | message Data { 24 | bytes data = 1; 25 | } 26 | 27 | message WindowUpdate { 28 | int32 update = 1; 29 | } 30 | -------------------------------------------------------------------------------- /.github/labeler.yml: -------------------------------------------------------------------------------- 1 | # Automatically assign labels to PRs. 2 | # `C-` project crate(s) affected. 3 | # `T-` change type (CI, docs, etc). 4 | 5 | C-client: 6 | - changed-files: 7 | - any-glob-to-any-file: crates/client/** 8 | 9 | C-logging: 10 | - changed-files: 11 | - any-glob-to-any-file: crates/logging/** 12 | 13 | C-runc: 14 | - changed-files: 15 | - any-glob-to-any-file: crates/runc/** 16 | 17 | C-runc-shim: 18 | - changed-files: 19 | - any-glob-to-any-file: crates/runc-shim/** 20 | 21 | C-shim: 22 | - changed-files: 23 | - any-glob-to-any-file: crates/shim/** 24 | 25 | C-shim-protos: 26 | - changed-files: 27 | - any-glob-to-any-file: crates/shim-protos/** 28 | 29 | C-snapshots: 30 | - changed-files: 31 | - any-glob-to-any-file: crates/snapshots/** 32 | 33 | T-CI: 34 | - changed-files: 35 | - any-glob-to-any-file: [".github/**", "*.toml"] 36 | 37 | T-docs: 38 | - changed-files: 39 | - any-glob-to-any-file: "**/*.md" 40 | -------------------------------------------------------------------------------- /.github/workflows/labeler.yml: -------------------------------------------------------------------------------- 1 | name: PR Labeler 2 | on: 3 | # Runs workflow when activity on a PR in the workflow's repository occurs. 4 | pull_request_target: 5 | 6 | jobs: 7 | triage: 8 | permissions: 9 | contents: read 10 | pull-requests: write 11 | 12 | name: Assign labels 13 | runs-on: ubuntu-latest 14 | timeout-minutes: 5 15 | 16 | # Required by gh 17 | env: 18 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 19 | PR_URL: ${{ github.event.pull_request.html_url }} 20 | 21 | steps: 22 | - uses: actions/labeler@v6 23 | with: 24 | # Auto-include paths starting with dot (e.g. .github) 25 | dot: true 26 | # Remove labels when matching files are reverted or no longer changed by the PR 27 | sync-labels: true 28 | 29 | # Apply OS-windows label if PR title contains 'Windows' 30 | - run: gh pr edit $PR_URL --add-label OS-windows 31 | if: contains(github.event.pull_request.title, 'Windows') 32 | -------------------------------------------------------------------------------- /crates/runc/src/synchronous/pipe.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use os_pipe::{pipe, PipeReader, PipeWriter}; 18 | 19 | #[derive(Debug)] 20 | pub struct Pipe { 21 | pub rd: PipeReader, 22 | pub wr: PipeWriter, 23 | } 24 | 25 | impl Pipe { 26 | pub fn new() -> std::io::Result { 27 | let (rd, wr) = pipe()?; 28 | Ok(Self { rd, wr }) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/transfer/streaming.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 22 | 23 | message Data { 24 | bytes data = 1; 25 | } 26 | 27 | message WindowUpdate { 28 | int32 update = 1; 29 | } 30 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/content.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.plugin.fieldpath_all) = true; 25 | 26 | message ContentDelete { 27 | string digest = 1; 28 | } 29 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/platform.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Platform follows the structure of the OCI platform specification, from 24 | // descriptors. 25 | message Platform { 26 | string os = 1; 27 | string architecture = 2; 28 | string variant = 3; 29 | } 30 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/metrics.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | message Metric { 27 | google.protobuf.Timestamp timestamp = 1; 28 | string id = 2; 29 | google.protobuf.Any data = 3; 30 | } 31 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/metrics.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | message Metric { 27 | google.protobuf.Timestamp timestamp = 1; 28 | string id = 2; 29 | google.protobuf.Any data = 3; 30 | } 31 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/platform.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Platform follows the structure of the OCI platform specification, from 24 | // descriptors. 25 | message Platform { 26 | string os = 1; 27 | string architecture = 2; 28 | string variant = 3; 29 | string os_version = 4; 30 | } 31 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/metrics.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | message Metric { 27 | google.protobuf.Timestamp timestamp = 1; 28 | string id = 2; 29 | google.protobuf.Any data = 3; 30 | } 31 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.streaming.v1; 20 | 21 | import "google/protobuf/any.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming"; 24 | 25 | service Streaming { 26 | rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any); 27 | } 28 | 29 | message StreamInit { 30 | string id = 1; 31 | } 32 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/platform.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Platform follows the structure of the OCI platform specification, from 24 | // descriptors. 25 | message Platform { 26 | string os = 1; 27 | string architecture = 2; 28 | string variant = 3; 29 | string os_version = 4; 30 | } 31 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/content.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message ContentCreate { 27 | string digest = 1; 28 | int64 size = 2; 29 | } 30 | 31 | message ContentDelete { 32 | string digest = 1; 33 | } 34 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/transfer/progress.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | import "github.com/containerd/containerd/api/types/descriptor.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 24 | 25 | message Progress { 26 | string event = 1; 27 | string name = 2; 28 | repeated string parents = 3; 29 | int64 progress = 4; 30 | int64 total = 5; 31 | containerd.types.Descriptor desc = 6; 32 | } 33 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/services/streaming/v1/streaming.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.streaming.v1; 20 | 21 | import "google/protobuf/any.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/services/streaming/v1;streaming"; 24 | 25 | service Streaming { 26 | rpc Stream(stream google.protobuf.Any) returns (stream google.protobuf.Any); 27 | } 28 | 29 | message StreamInit { 30 | string id = 1; 31 | } 32 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/content.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message ContentCreate { 27 | string digest = 1; 28 | int64 size = 2; 29 | } 30 | 31 | message ContentDelete { 32 | string digest = 1; 33 | } 34 | -------------------------------------------------------------------------------- /crates/shim/src/mount_other.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | #![allow(unused)] 17 | 18 | use std::path::Path; 19 | 20 | use crate::error::{Error, Result}; 21 | 22 | pub fn mount_rootfs( 23 | fs_type: Option<&str>, 24 | source: Option<&str>, 25 | options: &[String], 26 | target: impl AsRef, 27 | ) -> Result<()> { 28 | // On on-Linux systems, we should return OK 29 | // instead of exiting with an error. 30 | Ok(()) 31 | } 32 | 33 | pub fn umount_recursive(target: Option<&str>, flags: i32) -> Result<()> { 34 | Ok(()) 35 | } 36 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | 25 | message SandboxCreate { 26 | string sandbox_id = 1; 27 | } 28 | 29 | message SandboxStart { 30 | string sandbox_id = 1; 31 | } 32 | 33 | message SandboxExit { 34 | string sandbox_id = 1; 35 | uint32 exit_status = 2; 36 | google.protobuf.Timestamp exited_at = 3; 37 | } 38 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | 25 | message SandboxCreate { 26 | string sandbox_id = 1; 27 | } 28 | 29 | message SandboxStart { 30 | string sandbox_id = 1; 31 | } 32 | 33 | message SandboxExit { 34 | string sandbox_id = 1; 35 | uint32 exit_status = 2; 36 | google.protobuf.Timestamp exited_at = 3; 37 | } 38 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/transfer/progress.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | import "github.com/containerd/containerd/api/types/descriptor.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 24 | 25 | message Progress { 26 | string event = 1; 27 | string name = 2; 28 | repeated string parents = 3; 29 | int64 progress = 4; 30 | int64 total = 5; 31 | containerd.types.Descriptor desc = 6; 32 | } 33 | -------------------------------------------------------------------------------- /crates/client/README.md: -------------------------------------------------------------------------------- 1 | # containerd GRPC client 2 | 3 | [![Crates.io](https://img.shields.io/crates/v/containerd-client)](https://crates.io/crates/containerd-client) 4 | [![docs.rs](https://img.shields.io/docsrs/containerd-client)](https://docs.rs/containerd-client/latest/containerd_client/) 5 | [![Crates.io](https://img.shields.io/crates/l/containerd-client)](https://github.com/containerd/rust-extensions/blob/main/LICENSE) 6 | [![CI](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml) 7 | 8 | This crate implements a GRPC client to query containerd APIs. 9 | 10 | ## Example 11 | 12 | Run with `cargo run --example version` 13 | 14 | ```rust 15 | use containerd_client::{connect, services::v1::version_client::VersionClient}; 16 | 17 | async fn query_version() { 18 | // Launch containerd at /run/containerd/containerd.sock 19 | let channel = connect("/run/containerd/containerd.sock").await.unwrap(); 20 | 21 | let mut client = VersionClient::new(channel); 22 | let resp = client.version(()).await.unwrap(); 23 | 24 | println!("Response: {:?}", resp.get_ref()); 25 | } 26 | ``` 27 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/services/version/v1/version.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.version.v1; 20 | 21 | import "google/protobuf/empty.proto"; 22 | 23 | // TODO(stevvooe): Should version service actually be versioned? 24 | option go_package = "github.com/containerd/containerd/api/services/version/v1;version"; 25 | 26 | service Version { 27 | rpc Version(google.protobuf.Empty) returns (VersionResponse); 28 | } 29 | 30 | message VersionResponse { 31 | string version = 1; 32 | string revision = 2; 33 | } 34 | -------------------------------------------------------------------------------- /crates/shim-protos/src/sandbox.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod sandbox { 18 | include!(concat!(env!("OUT_DIR"), "/sandbox/sandbox.rs")); 19 | } 20 | 21 | pub mod sandbox_ttrpc { 22 | include!(concat!(env!("OUT_DIR"), "/sandbox/sandbox_ttrpc.rs")); 23 | } 24 | 25 | #[cfg(feature = "async")] 26 | pub mod sandbox_async { 27 | include!(concat!(env!("OUT_DIR"), "/sandbox_async/sandbox_ttrpc.rs")); 28 | } 29 | 30 | pub(crate) mod mount { 31 | pub use crate::types::mount::*; 32 | } 33 | 34 | pub(crate) mod platform { 35 | pub use crate::types::platform::*; 36 | } 37 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | 25 | message SandboxCreate { 26 | string sandbox_id = 1; 27 | } 28 | 29 | message SandboxStart { 30 | string sandbox_id = 1; 31 | } 32 | 33 | message SandboxExit { 34 | string sandbox_id = 1; 35 | uint32 exit_status = 2; 36 | google.protobuf.Timestamp exited_at = 3; 37 | } 38 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/event.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | import "google/protobuf/any.proto"; 23 | import "google/protobuf/timestamp.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/types;types"; 26 | 27 | message Envelope { 28 | option (containerd.types.fieldpath) = true; 29 | google.protobuf.Timestamp timestamp = 1; 30 | string namespace = 2; 31 | string topic = 3; 32 | google.protobuf.Any event = 4; 33 | } 34 | -------------------------------------------------------------------------------- /crates/snapshots/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-snapshots" 3 | version = "0.3.0" 4 | authors = [ 5 | "Maksym Pavlenko ", 6 | "The containerd Authors", 7 | ] 8 | description = "Remote snapshotter extension for containerd" 9 | keywords = ["containerd", "server", "grpc", "containers"] 10 | categories = ["api-bindings", "asynchronous"] 11 | 12 | edition.workspace = true 13 | license.workspace = true 14 | repository.workspace = true 15 | homepage.workspace = true 16 | 17 | [features] 18 | docs = [] 19 | 20 | [dependencies] 21 | async-stream = "0.3.3" 22 | futures.workspace = true 23 | pin-utils = "0.1.0" 24 | prost.workspace = true 25 | prost-types.workspace = true 26 | serde.workspace = true 27 | thiserror.workspace = true 28 | tonic.workspace = true 29 | tonic-prost.workspace = true 30 | tokio-stream = "0.1.8" 31 | 32 | [dev-dependencies] 33 | futures.workspace = true 34 | log.workspace = true 35 | simple_logger.workspace = true 36 | tokio = { workspace = true, features = ["sync"] } 37 | 38 | [build-dependencies] 39 | tonic-prost-build.workspace = true 40 | 41 | [package.metadata.docs.rs] 42 | features = ["docs"] 43 | 44 | [package.metadata.cargo-machete] 45 | ignored = ["prost", "tonic-prost"] 46 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/services/version/v1/version.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.version.v1; 20 | 21 | import "google/protobuf/empty.proto"; 22 | 23 | // TODO(stevvooe): Should version service actually be versioned? 24 | option go_package = "github.com/containerd/containerd/api/services/version/v1;version"; 25 | 26 | service Version { 27 | rpc Version(google.protobuf.Empty) returns (VersionResponse); 28 | } 29 | 30 | message VersionResponse { 31 | string version = 1; 32 | string revision = 2; 33 | } 34 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/image.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.images.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message ImageCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message ImageUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message ImageDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/runc/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "runc" 3 | version = "0.3.0" 4 | authors = ["Yuna Tomida ", "The containerd Authors"] 5 | description = "A crate for consuming the runc binary in your Rust applications" 6 | keywords = ["containerd", "containers", "runc"] 7 | categories = ["api-bindings", "asynchronous"] 8 | 9 | edition.workspace = true 10 | license.workspace = true 11 | repository.workspace = true 12 | homepage.workspace = true 13 | 14 | [features] 15 | async = ["tokio", "async-trait", "tokio-pipe"] 16 | docs = [] 17 | 18 | [dependencies] 19 | libc.workspace = true 20 | log.workspace = true 21 | nix = { workspace = true, features = ["user", "fs"] } 22 | oci-spec.workspace = true 23 | path-absolutize = "3.0.11" 24 | prctl.workspace = true 25 | serde.workspace = true 26 | serde_json.workspace = true 27 | tempfile.workspace = true 28 | thiserror.workspace = true 29 | time.workspace = true 30 | uuid.workspace = true 31 | os_pipe.workspace = true 32 | 33 | # Async dependencies 34 | async-trait = { workspace = true, optional = true } 35 | tokio = { workspace = true, features = ["full"], optional = true } 36 | tokio-pipe = { version = "0.2.10", optional = true } 37 | 38 | [package.metadata.docs.rs] 39 | features = ["docs"] 40 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/namespace.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message NamespaceCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message NamespaceUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message NamespaceDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/descriptor.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Descriptor describes a blob in a content store. 24 | // 25 | // This descriptor can be used to reference content from an 26 | // oci descriptor found in a manifest. 27 | // See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor 28 | message Descriptor { 29 | string media_type = 1; 30 | string digest = 2; 31 | int64 size = 3; 32 | map annotations = 5; 33 | } 34 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/image.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.images.v1; 20 | 21 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.plugin.fieldpath_all) = true; 25 | 26 | message ImageCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message ImageUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message ImageDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/event.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | import "google/protobuf/any.proto"; 23 | import "google/protobuf/timestamp.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/types;types"; 26 | 27 | message Envelope { 28 | option (containerd.types.fieldpath) = true; 29 | google.protobuf.Timestamp timestamp = 1; 30 | string namespace = 2; 31 | string topic = 3; 32 | google.protobuf.Any event = 4; 33 | } 34 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/namespace.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.plugin.fieldpath_all) = true; 25 | 26 | message NamespaceCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message NamespaceUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message NamespaceDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/descriptor.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Descriptor describes a blob in a content store. 24 | // 25 | // This descriptor can be used to reference content from an 26 | // oci descriptor found in a manifest. 27 | // See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor 28 | message Descriptor { 29 | string media_type = 1; 30 | string digest = 2; 31 | int64 size = 3; 32 | map annotations = 5; 33 | } 34 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/image.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.images.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message ImageCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message ImageUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message ImageDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/namespace.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message NamespaceCreate { 27 | string name = 1; 28 | map labels = 2; 29 | } 30 | 31 | message NamespaceUpdate { 32 | string name = 1; 33 | map labels = 2; 34 | } 35 | 36 | message NamespaceDelete { 37 | string name = 1; 38 | } 39 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/descriptor.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Descriptor describes a blob in a content store. 24 | // 25 | // This descriptor can be used to reference content from an 26 | // oci descriptor found in a manifest. 27 | // See https://godoc.org/github.com/opencontainers/image-spec/specs-go/v1#Descriptor 28 | message Descriptor { 29 | string media_type = 1; 30 | string digest = 2; 31 | int64 size = 3; 32 | map annotations = 5; 33 | } 34 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/snapshot.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message SnapshotPrepare { 27 | string key = 1; 28 | string parent = 2; 29 | string snapshotter = 5; 30 | } 31 | 32 | message SnapshotCommit { 33 | string key = 1; 34 | string name = 2; 35 | string snapshotter = 5; 36 | } 37 | 38 | message SnapshotRemove { 39 | string key = 1; 40 | string snapshotter = 5; 41 | } 42 | -------------------------------------------------------------------------------- /crates/client/examples/version.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use containerd_client::Client; 18 | 19 | /// Make sure you run containerd before running this example. 20 | #[tokio::main(flavor = "current_thread")] 21 | async fn main() { 22 | #[cfg(unix)] 23 | let path = "/var/run/containerd/containerd.sock"; 24 | 25 | #[cfg(windows)] 26 | let path = r"\\.\pipe\containerd-containerd"; 27 | 28 | let client = Client::from_path(path).await.expect("Connect failed"); 29 | 30 | let resp = client 31 | .version() 32 | .version(()) 33 | .await 34 | .expect("Failed to query version"); 35 | 36 | println!("Response: {:?}", resp.get_ref()); 37 | } 38 | -------------------------------------------------------------------------------- /crates/runc-shim/src/io.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | #[derive(Clone, Debug, Default)] 18 | pub struct Stdio { 19 | pub stdin: String, 20 | pub stdout: String, 21 | pub stderr: String, 22 | pub terminal: bool, 23 | } 24 | 25 | impl Stdio { 26 | pub fn new(stdin: &str, stdout: &str, stderr: &str, terminal: bool) -> Self { 27 | Self { 28 | stdin: stdin.to_string(), 29 | stdout: stdout.to_string(), 30 | stderr: stderr.to_string(), 31 | terminal, 32 | } 33 | } 34 | 35 | pub fn is_null(&self) -> bool { 36 | self.stdin.is_empty() && self.stdout.is_empty() && self.stderr.is_empty() 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/snapshot.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.plugin.fieldpath_all) = true; 25 | 26 | message SnapshotPrepare { 27 | string key = 1; 28 | string parent = 2; 29 | string snapshotter = 5; 30 | } 31 | 32 | message SnapshotCommit { 33 | string key = 1; 34 | string name = 2; 35 | string snapshotter = 5; 36 | } 37 | 38 | message SnapshotRemove { 39 | string key = 1; 40 | string snapshotter = 5; 41 | } 42 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/snapshot.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/events;events"; 24 | option (containerd.types.fieldpath_all) = true; 25 | 26 | message SnapshotPrepare { 27 | string key = 1; 28 | string parent = 2; 29 | string snapshotter = 5; 30 | } 31 | 32 | message SnapshotCommit { 33 | string key = 1; 34 | string name = 2; 35 | string snapshotter = 5; 36 | } 37 | 38 | message SnapshotRemove { 39 | string key = 1; 40 | string snapshotter = 5; 41 | } 42 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.transfer.v1; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/empty.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer"; 25 | 26 | service Transfer { 27 | rpc Transfer(TransferRequest) returns (google.protobuf.Empty); 28 | } 29 | 30 | message TransferRequest { 31 | google.protobuf.Any source = 1; 32 | google.protobuf.Any destination = 2; 33 | TransferOptions options = 3; 34 | } 35 | 36 | message TransferOptions { 37 | string progress_stream = 1; 38 | // Progress min interval 39 | } 40 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/services/transfer/v1/transfer.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.transfer.v1; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/empty.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/services/transfer/v1;transfer"; 25 | 26 | service Transfer { 27 | rpc Transfer(TransferRequest) returns (google.protobuf.Empty); 28 | } 29 | 30 | message TransferRequest { 31 | google.protobuf.Any source = 1; 32 | google.protobuf.Any destination = 2; 33 | TransferOptions options = 3; 34 | } 35 | 36 | message TransferOptions { 37 | string progress_stream = 1; 38 | // Progress min interval 39 | } 40 | -------------------------------------------------------------------------------- /crates/runc-shim/build.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::{process::Command, str::from_utf8}; 18 | 19 | fn main() { 20 | let output = match Command::new("git").arg("rev-parse").arg("HEAD").output() { 21 | Ok(output) => output, 22 | Err(_) => { 23 | return; 24 | } 25 | }; 26 | let mut hash = from_utf8(&output.stdout).unwrap().trim().to_string(); 27 | 28 | let output_dirty = match Command::new("git").arg("diff").arg("--exit-code").output() { 29 | Ok(output) => output, 30 | Err(_) => { 31 | return; 32 | } 33 | }; 34 | 35 | if !output_dirty.status.success() { 36 | hash.push_str(".m"); 37 | } 38 | println!("cargo:rustc-env=CARGO_GIT_HASH={}", hash); 39 | } 40 | -------------------------------------------------------------------------------- /crates/shim-protos/src/types.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod empty { 18 | include!(concat!(env!("OUT_DIR"), "/types/empty.rs")); 19 | } 20 | 21 | pub mod gogo { 22 | include!(concat!(env!("OUT_DIR"), "/types/gogo.rs")); 23 | } 24 | 25 | pub mod mount { 26 | include!(concat!(env!("OUT_DIR"), "/types/mount.rs")); 27 | } 28 | 29 | pub mod task { 30 | include!(concat!(env!("OUT_DIR"), "/types/task.rs")); 31 | } 32 | 33 | pub mod fieldpath { 34 | include!(concat!(env!("OUT_DIR"), "/types/fieldpath.rs")); 35 | } 36 | 37 | pub mod introspection { 38 | include!(concat!(env!("OUT_DIR"), "/types/introspection.rs")); 39 | } 40 | #[cfg(feature = "sandbox")] 41 | pub mod platform { 42 | include!(concat!(env!("OUT_DIR"), "/types/platform.rs")); 43 | } 44 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/container.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/events;events"; 25 | option (containerd.types.fieldpath_all) = true; 26 | 27 | message ContainerCreate { 28 | string id = 1; 29 | string image = 2; 30 | message Runtime { 31 | string name = 1; 32 | google.protobuf.Any options = 2; 33 | } 34 | Runtime runtime = 3; 35 | } 36 | 37 | message ContainerUpdate { 38 | string id = 1; 39 | string image = 2; 40 | map labels = 3; 41 | string snapshot_key = 4; 42 | } 43 | 44 | message ContainerDelete { 45 | string id = 1; 46 | } 47 | -------------------------------------------------------------------------------- /crates/shim-protos/src/topics.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | //! Task event topic typically used in shim implementations. 18 | 19 | pub const TASK_CREATE_EVENT_TOPIC: &str = "/tasks/create"; 20 | pub const TASK_START_EVENT_TOPIC: &str = "/tasks/start"; 21 | pub const TASK_OOM_EVENT_TOPIC: &str = "/tasks/oom"; 22 | pub const TASK_EXIT_EVENT_TOPIC: &str = "/tasks/exit"; 23 | pub const TASK_DELETE_EVENT_TOPIC: &str = "/tasks/delete"; 24 | pub const TASK_EXEC_ADDED_EVENT_TOPIC: &str = "/tasks/exec-added"; 25 | pub const TASK_EXEC_STARTED_EVENT_TOPIC: &str = "/tasks/exec-started"; 26 | pub const TASK_PAUSED_EVENT_TOPIC: &str = "/tasks/paused"; 27 | pub const TASK_RESUMED_EVENT_TOPIC: &str = "/tasks/resumed"; 28 | pub const TASK_CHECKPOINTED_EVENT_TOPIC: &str = "/tasks/checkpointed"; 29 | pub const TASK_UNKNOWN_TOPIC: &str = "/tasks/?"; 30 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/container.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/events;events"; 25 | option (containerd.plugin.fieldpath_all) = true; 26 | 27 | message ContainerCreate { 28 | string id = 1; 29 | string image = 2; 30 | message Runtime { 31 | string name = 1; 32 | google.protobuf.Any options = 2; 33 | } 34 | Runtime runtime = 3; 35 | } 36 | 37 | message ContainerUpdate { 38 | string id = 1; 39 | string image = 2; 40 | map labels = 3; 41 | string snapshot_key = 4; 42 | } 43 | 44 | message ContainerDelete { 45 | string id = 1; 46 | } 47 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/services/ttrpc/events/v1/events.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.events.ttrpc.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/event.proto"; 22 | import "google/protobuf/empty.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events"; 25 | 26 | service Events { 27 | // Forward sends an event that has already been packaged into an envelope 28 | // with a timestamp and namespace. 29 | // 30 | // This is useful if earlier timestamping is required or when forwarding on 31 | // behalf of another component, namespace or publisher. 32 | rpc Forward(ForwardRequest) returns (google.protobuf.Empty); 33 | } 34 | 35 | message ForwardRequest { 36 | containerd.types.Envelope envelope = 1; 37 | } 38 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/container.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/events;events"; 25 | option (containerd.types.fieldpath_all) = true; 26 | 27 | message ContainerCreate { 28 | string id = 1; 29 | string image = 2; 30 | message Runtime { 31 | string name = 1; 32 | google.protobuf.Any options = 2; 33 | } 34 | Runtime runtime = 3; 35 | } 36 | 37 | message ContainerUpdate { 38 | string id = 1; 39 | string image = 2; 40 | map labels = 3; 41 | string snapshot_key = 4; 42 | } 43 | 44 | message ContainerDelete { 45 | string id = 1; 46 | } 47 | -------------------------------------------------------------------------------- /crates/shim/src/event.rs: -------------------------------------------------------------------------------- 1 | use containerd_shim_protos::{events::task::*, protobuf::MessageDyn}; 2 | 3 | pub trait Event: MessageDyn { 4 | fn topic(&self) -> String; 5 | } 6 | 7 | impl Event for TaskCreate { 8 | fn topic(&self) -> String { 9 | "/tasks/create".to_string() 10 | } 11 | } 12 | 13 | impl Event for TaskStart { 14 | fn topic(&self) -> String { 15 | "/tasks/start".to_string() 16 | } 17 | } 18 | 19 | impl Event for TaskExecAdded { 20 | fn topic(&self) -> String { 21 | "/tasks/exec-added".to_string() 22 | } 23 | } 24 | 25 | impl Event for TaskExecStarted { 26 | fn topic(&self) -> String { 27 | "/tasks/exec-started".to_string() 28 | } 29 | } 30 | 31 | impl Event for TaskPaused { 32 | fn topic(&self) -> String { 33 | "/tasks/paused".to_string() 34 | } 35 | } 36 | 37 | impl Event for TaskResumed { 38 | fn topic(&self) -> String { 39 | "/tasks/resumed".to_string() 40 | } 41 | } 42 | 43 | impl Event for TaskExit { 44 | fn topic(&self) -> String { 45 | "/tasks/exit".to_string() 46 | } 47 | } 48 | 49 | impl Event for TaskDelete { 50 | fn topic(&self) -> String { 51 | "/tasks/delete".to_string() 52 | } 53 | } 54 | 55 | impl Event for TaskOOM { 56 | fn topic(&self) -> String { 57 | "/tasks/oom".to_string() 58 | } 59 | } 60 | 61 | impl Event for TaskCheckpointed { 62 | fn topic(&self) -> String { 63 | "/tasks/checkpointed".to_string() 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/services/ttrpc/events/v1/events.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.events.ttrpc.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/event.proto"; 22 | import "google/protobuf/empty.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events"; 25 | 26 | service Events { 27 | // Forward sends an event that has already been packaged into an envelope 28 | // with a timestamp and namespace. 29 | // 30 | // This is useful if earlier timestamping is required or when forwarding on 31 | // behalf of another component, namespace or publisher. 32 | rpc Forward(ForwardRequest) returns (google.protobuf.Empty); 33 | } 34 | 35 | message ForwardRequest { 36 | containerd.types.Envelope envelope = 1; 37 | } 38 | -------------------------------------------------------------------------------- /Cargo.toml: -------------------------------------------------------------------------------- 1 | [workspace] 2 | members = [ 3 | "crates/client", 4 | "crates/logging", 5 | "crates/runc", 6 | "crates/runc-shim", 7 | "crates/shim", 8 | "crates/shim-protos", 9 | "crates/snapshots", 10 | ] 11 | resolver = "2" 12 | 13 | [profile.release] 14 | # Keep binary as small as possible 15 | # https://doc.rust-lang.org/book/ch09-01-unrecoverable-errors-with-panic.html 16 | panic = 'abort' 17 | 18 | # Common for all crates 19 | # See https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#inheriting-a-dependency-from-a-workspace 20 | [workspace.package] 21 | license = "Apache-2.0" 22 | repository = "https://github.com/containerd/rust-extensions" 23 | homepage = "https://containerd.io" 24 | edition = "2021" 25 | 26 | # Common dependencies for all crates 27 | [workspace.dependencies] 28 | async-trait = "0.1.52" 29 | cgroups-rs = "0.4.0" 30 | crossbeam = "0.8.1" 31 | futures = "0.3.19" 32 | libc = "0.2.112" 33 | log = {version = "0.4.2", features=["kv_unstable"]} 34 | nix = "0.30" 35 | oci-spec = "0.7" 36 | os_pipe = "1.1" 37 | prctl = "1.0.0" 38 | prost = "0.14" 39 | prost-build = "0.14" 40 | prost-types = "0.14" 41 | serde = { version = "1.0", features = ["derive"] } 42 | serde_json = "1.0" 43 | simple_logger = { version = "5.0", default-features = false } 44 | tempfile = "3.6" 45 | thiserror = "2.0" 46 | time = { version = "0.3.29", features = ["serde", "std", "formatting"] } 47 | tokio = "1.26" 48 | tonic = "0.14" 49 | tonic-prost = "0.14" 50 | tonic-prost-build = "0.14" 51 | tower = "0.5" 52 | uuid = { version = "1.0", features = ["v4"] } 53 | -------------------------------------------------------------------------------- /scripts/update-vendor.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # A simple bash script to synchronize proto files from containerd to vendor/ directories of 4 | # each crate. 5 | # 6 | # VERSION specified containerd release that script will download to extract protobuf files. 7 | # 8 | # For each crate, the script expects a text file named `rsync.txt` in the crate's directory. 9 | # The file should contain a list of proto files that should be synchronized from containerd. 10 | 11 | VERSION="v2.1.1" 12 | 13 | set -x 14 | 15 | # Download containerd source code. 16 | wget https://github.com/containerd/containerd/archive/refs/tags/$VERSION.tar.gz -O containerd.tar.gz 17 | if [ $? -ne 0 ]; then 18 | echo "Error: Failed to download containerd source code." 19 | exit 1 20 | fi 21 | 22 | # Ensure the file is removed on exit 23 | trap 'rm containerd.tar.gz' EXIT 24 | 25 | # Extract zip archive to a temporary directory. 26 | TEMP_DIR=$(mktemp -d) 27 | tar --extract \ 28 | --file containerd.tar.gz \ 29 | --strip-components=1 \ 30 | --directory $TEMP_DIR 31 | 32 | function sync_crate() { 33 | local crate_name=$1 34 | local temp_dir=$2 35 | 36 | rm -rf crates/$crate_name/vendor/github.com/containerd/containerd/ 37 | 38 | rsync -avm \ 39 | --include='*/' \ 40 | --include-from=crates/$crate_name/rsync.txt \ 41 | --exclude='*' \ 42 | $temp_dir/ \ 43 | crates/$crate_name/vendor/github.com/containerd/containerd/ 44 | } 45 | 46 | sync_crate "shim_protos" $TEMP_DIR 47 | sync_crate "snapshots" $TEMP_DIR 48 | sync_crate "client" $TEMP_DIR 49 | -------------------------------------------------------------------------------- /crates/shim-protos/src/events.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod container { 18 | include!(concat!(env!("OUT_DIR"), "/events/container.rs")); 19 | } 20 | 21 | pub mod content { 22 | include!(concat!(env!("OUT_DIR"), "/events/content.rs")); 23 | } 24 | 25 | pub mod image { 26 | include!(concat!(env!("OUT_DIR"), "/events/image.rs")); 27 | } 28 | 29 | pub mod namespace { 30 | include!(concat!(env!("OUT_DIR"), "/events/namespace.rs")); 31 | } 32 | 33 | pub mod snapshot { 34 | include!(concat!(env!("OUT_DIR"), "/events/snapshot.rs")); 35 | } 36 | 37 | pub mod task { 38 | include!(concat!(env!("OUT_DIR"), "/events/task.rs")); 39 | } 40 | 41 | pub mod sandbox { 42 | include!(concat!(env!("OUT_DIR"), "/events/sandbox.rs")); 43 | } 44 | 45 | mod mount { 46 | pub use crate::types::mount::*; 47 | } 48 | 49 | mod gogo { 50 | pub use crate::types::gogo::*; 51 | } 52 | 53 | mod fieldpath { 54 | pub use crate::types::fieldpath::*; 55 | } 56 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/mount.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Mount describes mounts for a container. 24 | // 25 | // This type is the lingua franca of ContainerD. All services provide mounts 26 | // to be used with the container at creation time. 27 | // 28 | // The Mount type follows the structure of the mount syscall, including a type, 29 | // source, target and options. 30 | message Mount { 31 | // Type defines the nature of the mount. 32 | string type = 1; 33 | 34 | // Source specifies the name of the mount. Depending on mount type, this 35 | // may be a volume name or a host path, or even ignored. 36 | string source = 2; 37 | 38 | // Target path in container 39 | string target = 3; 40 | 41 | // Options specifies zero or more fstab style mount options. 42 | repeated string options = 4; 43 | } 44 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/mount.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Mount describes mounts for a container. 24 | // 25 | // This type is the lingua franca of ContainerD. All services provide mounts 26 | // to be used with the container at creation time. 27 | // 28 | // The Mount type follows the structure of the mount syscall, including a type, 29 | // source, target and options. 30 | message Mount { 31 | // Type defines the nature of the mount. 32 | string type = 1; 33 | 34 | // Source specifies the name of the mount. Depending on mount type, this 35 | // may be a volume name or a host path, or even ignored. 36 | string source = 2; 37 | 38 | // Target path in container 39 | string target = 3; 40 | 41 | // Options specifies zero or more fstab style mount options. 42 | repeated string options = 4; 43 | } 44 | -------------------------------------------------------------------------------- /crates/snapshots/vendor/github.com/containerd/containerd/api/types/mount.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Mount describes mounts for a container. 24 | // 25 | // This type is the lingua franca of ContainerD. All services provide mounts 26 | // to be used with the container at creation time. 27 | // 28 | // The Mount type follows the structure of the mount syscall, including a type, 29 | // source, target and options. 30 | message Mount { 31 | // Type defines the nature of the mount. 32 | string type = 1; 33 | 34 | // Source specifies the name of the mount. Depending on mount type, this 35 | // may be a volume name or a host path, or even ignored. 36 | string source = 2; 37 | 38 | // Target path in container 39 | string target = 3; 40 | 41 | // Options specifies zero or more fstab style mount options. 42 | repeated string options = 4; 43 | } 44 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/task/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.v1.types; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "google/protobuf/any.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types/task"; 25 | 26 | enum Status { 27 | UNKNOWN = 0; 28 | CREATED = 1; 29 | RUNNING = 2; 30 | STOPPED = 3; 31 | PAUSED = 4; 32 | PAUSING = 5; 33 | } 34 | 35 | message Process { 36 | string container_id = 1; 37 | string id = 2; 38 | uint32 pid = 3; 39 | Status status = 4; 40 | string stdin = 5; 41 | string stdout = 6; 42 | string stderr = 7; 43 | bool terminal = 8; 44 | uint32 exit_status = 9; 45 | google.protobuf.Timestamp exited_at = 10; 46 | } 47 | 48 | message ProcessInfo { 49 | // PID is the process ID. 50 | uint32 pid = 1; 51 | // Info contains additional process information. 52 | // 53 | // Info varies by platform. 54 | google.protobuf.Any info = 2; 55 | } 56 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/task/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.v1.types; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "google/protobuf/any.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types/task"; 25 | 26 | enum Status { 27 | UNKNOWN = 0; 28 | CREATED = 1; 29 | RUNNING = 2; 30 | STOPPED = 3; 31 | PAUSED = 4; 32 | PAUSING = 5; 33 | } 34 | 35 | message Process { 36 | string container_id = 1; 37 | string id = 2; 38 | uint32 pid = 3; 39 | Status status = 4; 40 | string stdin = 5; 41 | string stdout = 6; 42 | string stderr = 7; 43 | bool terminal = 8; 44 | uint32 exit_status = 9; 45 | google.protobuf.Timestamp exited_at = 10; 46 | } 47 | 48 | message ProcessInfo { 49 | // PID is the process ID. 50 | uint32 pid = 1; 51 | // Info contains additional process information. 52 | // 53 | // Info varies by platform. 54 | google.protobuf.Any info = 2; 55 | } 56 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/mount.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Mount describes mounts for a container. 24 | // 25 | // This type is the lingua franca of ContainerD. All services provide mounts 26 | // to be used with the container at creation time. 27 | // 28 | // The Mount type follows the structure of the mount syscall, including a type, 29 | // source, target and options. 30 | message Mount { 31 | // Type defines the nature of the mount. 32 | string type = 1; 33 | 34 | // Source specifies the name of the mount. Depending on mount type, this 35 | // may be a volume name or a host path, or even ignored. 36 | string source = 2; 37 | 38 | // Target path in container 39 | string target = 3; 40 | 41 | // Options specifies zero or more fstab style mount options. 42 | repeated string options = 4; 43 | } 44 | -------------------------------------------------------------------------------- /crates/snapshots/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/mount.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types;types"; 22 | 23 | // Mount describes mounts for a container. 24 | // 25 | // This type is the lingua franca of ContainerD. All services provide mounts 26 | // to be used with the container at creation time. 27 | // 28 | // The Mount type follows the structure of the mount syscall, including a type, 29 | // source, target and options. 30 | message Mount { 31 | // Type defines the nature of the mount. 32 | string type = 1; 33 | 34 | // Source specifies the name of the mount. Depending on mount type, this 35 | // may be a volume name or a host path, or even ignored. 36 | string source = 2; 37 | 38 | // Target path in container 39 | string target = 3; 40 | 41 | // Options specifies zero or more fstab style mount options. 42 | repeated string options = 4; 43 | } 44 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/task/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.v1.types; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "google/protobuf/any.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types/task"; 25 | 26 | enum Status { 27 | UNKNOWN = 0; 28 | CREATED = 1; 29 | RUNNING = 2; 30 | STOPPED = 3; 31 | PAUSED = 4; 32 | PAUSING = 5; 33 | } 34 | 35 | message Process { 36 | string container_id = 1; 37 | string id = 2; 38 | uint32 pid = 3; 39 | Status status = 4; 40 | string stdin = 5; 41 | string stdout = 6; 42 | string stderr = 7; 43 | bool terminal = 8; 44 | uint32 exit_status = 9; 45 | google.protobuf.Timestamp exited_at = 10; 46 | } 47 | 48 | message ProcessInfo { 49 | // PID is the process ID. 50 | uint32 pid = 1; 51 | // Info contains additional process information. 52 | // 53 | // Info varies by platform. 54 | google.protobuf.Any info = 2; 55 | } 56 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/introspection.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types;types"; 24 | 25 | message RuntimeRequest { 26 | string runtime_path = 1; 27 | // Options correspond to CreateTaskRequest.options. 28 | // This is needed to pass the runc binary path, etc. 29 | google.protobuf.Any options = 2; 30 | } 31 | 32 | message RuntimeVersion { 33 | string version = 1; 34 | string revision = 2; 35 | } 36 | 37 | message RuntimeInfo { 38 | string name = 1; 39 | RuntimeVersion version = 2; 40 | // Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.) 41 | google.protobuf.Any options = 3; 42 | // OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md 43 | google.protobuf.Any features = 4; 44 | // Annotations of the shim. Irrelevant to features.Annotations. 45 | map annotations = 5; 46 | } 47 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/introspection.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types;types"; 24 | 25 | message RuntimeRequest { 26 | string runtime_path = 1; 27 | // Options correspond to CreateTaskRequest.options. 28 | // This is needed to pass the runc binary path, etc. 29 | google.protobuf.Any options = 2; 30 | } 31 | 32 | message RuntimeVersion { 33 | string version = 1; 34 | string revision = 2; 35 | } 36 | 37 | message RuntimeInfo { 38 | string name = 1; 39 | RuntimeVersion version = 2; 40 | // Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.) 41 | google.protobuf.Any options = 3; 42 | // OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md 43 | google.protobuf.Any features = 4; 44 | // Annotations of the shim. Irrelevant to features.Annotations. 45 | map annotations = 5; 46 | } 47 | -------------------------------------------------------------------------------- /crates/client/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-client" 3 | version = "0.8.0" 4 | authors = [ 5 | "Maksym Pavlenko ", 6 | "The containerd Authors", 7 | ] 8 | description = "GRPC bindings to containerd APIs" 9 | keywords = ["containerd", "client", "grpc", "containers"] 10 | categories = ["api-bindings", "asynchronous"] 11 | 12 | edition.workspace = true 13 | license.workspace = true 14 | repository.workspace = true 15 | homepage.workspace = true 16 | 17 | [[example]] 18 | name = "container" 19 | path = "examples/container.rs" 20 | 21 | [[example]] 22 | name = "version" 23 | path = "examples/version.rs" 24 | 25 | [dependencies] 26 | hyper-util = "0.1.6" # https://github.com/hyperium/hyper/issues/3110 27 | prost.workspace = true 28 | prost-types.workspace = true 29 | tokio = { workspace = true, optional = true } 30 | tonic.workspace = true 31 | tonic-prost.workspace = true 32 | tower = { workspace = true, optional = true } 33 | 34 | [build-dependencies] 35 | tonic-prost-build.workspace = true 36 | 37 | [dev-dependencies] 38 | tokio = { workspace = true, features = ["rt", "macros"]} 39 | 40 | [features] 41 | connect = ["tokio", "tower"] 42 | docs = [] 43 | 44 | # Technically Tonic doesn't require Tokio and Tower dependencies here. 45 | # However we need them to implement `connect` helper and it's highly unlikely 46 | # that Tonic will be used with any other async runtime (see https://github.com/hyperium/tonic/issues/152) 47 | # So we enable `connect` feature by default (use `--no-default-features` otherwise). 48 | default = ["connect"] 49 | 50 | [package.metadata.docs.rs] 51 | features = ["docs"] 52 | 53 | [package.metadata.cargo-machete] 54 | ignored = ["prost", "tonic-prost"] 55 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/introspection.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types;types"; 24 | 25 | message RuntimeRequest { 26 | string runtime_path = 1; 27 | // Options correspond to CreateTaskRequest.options. 28 | // This is needed to pass the runc binary path, etc. 29 | google.protobuf.Any options = 2; 30 | } 31 | 32 | message RuntimeVersion { 33 | string version = 1; 34 | string revision = 2; 35 | } 36 | 37 | message RuntimeInfo { 38 | string name = 1; 39 | RuntimeVersion version = 2; 40 | // Options correspond to RuntimeInfoRequest.Options (contains runc binary path, etc.) 41 | google.protobuf.Any options = 3; 42 | // OCI-compatible runtimes should use https://github.com/opencontainers/runtime-spec/blob/main/features.md 43 | google.protobuf.Any features = 4; 44 | // Annotations of the shim. Irrelevant to features.Annotations. 45 | map annotations = 5; 46 | } 47 | -------------------------------------------------------------------------------- /.github/workflows/cover.yml: -------------------------------------------------------------------------------- 1 | name: Coverage 2 | on: 3 | push: 4 | branches: "main" 5 | pull_request: 6 | branches: "main" 7 | 8 | jobs: 9 | coverage: 10 | name: Collect 11 | runs-on: ubuntu-latest 12 | timeout-minutes: 15 13 | 14 | permissions: 15 | statuses: write 16 | 17 | steps: 18 | - uses: actions/checkout@v6 19 | 20 | - run: | 21 | sudo apt-get install protobuf-compiler 22 | 23 | - name: Install grcov 24 | run: | 25 | cargo install --locked grcov@0.8.24 26 | grcov --version 27 | 28 | - name: Tests 29 | env: 30 | RUSTFLAGS: "-Cinstrument-coverage" 31 | LLVM_PROFILE_FILE: "target/coverage/%p-%m.profraw" 32 | run: | 33 | sudo -E $(command -v cargo) test --all-features 34 | 35 | # Fix permissions after sudo. 36 | sudo chown -R $(whoami) target/coverage/ 37 | 38 | - name: Collect coverage data 39 | run: | 40 | grcov . \ 41 | --source-dir . \ 42 | --binary-path ./target/debug/ \ 43 | --branch \ 44 | --ignore-not-existing \ 45 | --output-types markdown,lcov \ 46 | --keep-only 'crates/*' \ 47 | --output-path ./target/coverage/ 48 | 49 | - name: Upload coverage data 50 | uses: codecov/codecov-action@v5 51 | with: 52 | token: ${{ secrets.CODECOV_TOKEN }} 53 | flags: unittests 54 | files: ./target/coverage/lcov 55 | verbose: true 56 | 57 | - name: Publish job summary 58 | run: | 59 | echo "# Coverage" >> $GITHUB_STEP_SUMMARY 60 | cat target/coverage/markdown.md >> $GITHUB_STEP_SUMMARY 61 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/services/ttrpc/events/v1/events.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.events.ttrpc.v1; 20 | 21 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 22 | import "google/protobuf/any.proto"; 23 | import "google/protobuf/empty.proto"; 24 | import "google/protobuf/timestamp.proto"; 25 | 26 | option go_package = "github.com/containerd/containerd/api/services/ttrpc/events/v1;events"; 27 | 28 | service Events { 29 | // Forward sends an event that has already been packaged into an envelope 30 | // with a timestamp and namespace. 31 | // 32 | // This is useful if earlier timestamping is required or when forwarding on 33 | // behalf of another component, namespace or publisher. 34 | rpc Forward(ForwardRequest) returns (google.protobuf.Empty); 35 | } 36 | 37 | message ForwardRequest { 38 | Envelope envelope = 1; 39 | } 40 | 41 | message Envelope { 42 | option (containerd.plugin.fieldpath) = true; 43 | google.protobuf.Timestamp timestamp = 1; 44 | string namespace = 2; 45 | string topic = 3; 46 | google.protobuf.Any event = 4; 47 | } 48 | -------------------------------------------------------------------------------- /.github/workflows/stale.yml: -------------------------------------------------------------------------------- 1 | name: 'Close stale issues and PRs' 2 | on: 3 | schedule: 4 | - cron: "0 0 * * *" # Every day at midnight 5 | pull_request: 6 | paths: 7 | - '.github/workflows/stale.yml' 8 | 9 | permissions: read-all 10 | 11 | jobs: 12 | stale: 13 | runs-on: ubuntu-latest 14 | 15 | permissions: 16 | actions: write 17 | contents: write # only for delete-branch option 18 | issues: write 19 | pull-requests: write 20 | 21 | steps: 22 | - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 23 | # All stale bot options: https://github.com/actions/stale#all-options 24 | with: 25 | # Idle number of days before marking issues/PRs stale 26 | days-before-stale: 90 27 | # Idle number of days before closing stale issues/PRs 28 | days-before-close: 7 29 | # Comment on the staled issues 30 | stale-issue-message: 'This issue is stale because it has been open 90 days with no activity. This issue will be closed in 7 days unless new comments are made or the stale label is removed.' 31 | # Comment on the staled PRs 32 | stale-pr-message: 'This PR is stale because it has been open 90 days with no activity. This PR will be closed in 7 days unless new comments are made or the stale label is removed.' 33 | # Comment on the staled issues while closed 34 | close-issue-message: 'This issue was closed because it has been stalled for 7 days with no activity.' 35 | # Comment on the staled PRs while closed 36 | close-pr-message: 'This PR was closed because it has been stalled for 7 days with no activity.' 37 | # Enable dry-run when changing this file from a PR. 38 | debug-only: ${{ github.event_name == 'pull_request' }} 39 | -------------------------------------------------------------------------------- /crates/shim-protos/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-shim-protos" 3 | version = "0.10.0" 4 | authors = [ 5 | "Maksym Pavlenko ", 6 | "The containerd Authors", 7 | ] 8 | description = "TTRPC bindings for containerd shim interfaces" 9 | keywords = ["containerd", "shim", "containers", "ttrpc", "client"] 10 | categories = ["api-bindings", "asynchronous"] 11 | 12 | edition.workspace = true 13 | license.workspace = true 14 | repository.workspace = true 15 | homepage.workspace = true 16 | 17 | [features] 18 | default = [] 19 | async = ["ttrpc/async", "async-trait"] 20 | sandbox = [] 21 | docs = [] 22 | 23 | [[example]] 24 | name = "shim-proto-server" 25 | path = "examples/ttrpc-server.rs" 26 | 27 | [[example]] 28 | name = "shim-proto-client" 29 | path = "examples/ttrpc-client.rs" 30 | 31 | [[example]] 32 | name = "shim-proto-connect" 33 | path = "examples/connect.rs" 34 | 35 | [[example]] 36 | name = "shim-proto-server-async" 37 | path = "examples/ttrpc-server-async.rs" 38 | required-features = ["async"] 39 | 40 | [[example]] 41 | name = "shim-proto-client-async" 42 | path = "examples/ttrpc-client-async.rs" 43 | required-features = ["async"] 44 | 45 | [[example]] 46 | name = "shim-proto-connect-async" 47 | path = "examples/connect-async.rs" 48 | required-features = ["async"] 49 | 50 | [dependencies] 51 | async-trait = { workspace = true, optional = true } 52 | protobuf = "3.7.2" 53 | ttrpc = "0.8.3" 54 | 55 | [build-dependencies] 56 | ttrpc-codegen = "0.6.0" 57 | 58 | [dev-dependencies] 59 | ctrlc = { version = "3.0", features = ["termination"] } 60 | simple_logger = { workspace = true, features = ["stderr"] } 61 | tokio = { workspace = true, features = ["full"] } 62 | crossbeam.workspace = true # Used by create_ttrpc_context() 63 | 64 | [package.metadata.docs.rs] 65 | features = ["docs"] 66 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/ttrpc-client.rs: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 Ant Financial 2 | // Copyright (c) 2021 Ant Group 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | 16 | use containerd_shim_protos::{api::CreateTaskRequest, TaskClient}; 17 | use ttrpc::{ 18 | context::{self, Context}, 19 | Client, 20 | }; 21 | 22 | fn main() { 23 | let c = Client::connect("unix:///tmp/shim-proto-ttrpc-001").unwrap(); 24 | let task = TaskClient::new(c); 25 | let now = std::time::Instant::now(); 26 | 27 | let mut req = CreateTaskRequest::new(); 28 | req.set_id("id1".to_owned()); 29 | println!( 30 | "OS Thread {:?} - task.create() started: {:?}", 31 | std::thread::current().id(), 32 | now.elapsed(), 33 | ); 34 | let resp = task.create(default_ctx(), &req).unwrap(); 35 | assert_eq!(resp.pid, 0x10c0); 36 | println!( 37 | "OS Thread {:?} - task.create() -> {:?} ended: {:?}", 38 | std::thread::current().id(), 39 | resp, 40 | now.elapsed(), 41 | ); 42 | } 43 | 44 | fn default_ctx() -> Context { 45 | let mut ctx = context::with_timeout(0); 46 | ctx.add("key-1".to_string(), "value-1-1".to_string()); 47 | ctx.add("key-1".to_string(), "value-1-2".to_string()); 48 | ctx.set("key-2".to_string(), vec!["value-2".to_string()]); 49 | 50 | ctx 51 | } 52 | -------------------------------------------------------------------------------- /crates/runc-shim/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-runc-shim" 3 | version = "0.1.1" 4 | authors = [ 5 | "Shaobao Feng ", 6 | "Tianyang Zhang ", 7 | "The containerd Authors", 8 | ] 9 | description = "Rust implementation of containerd's runc v2 shim runtime" 10 | keywords = ["containerd", "shim", "containers"] 11 | categories = ["api-bindings", "asynchronous"] 12 | 13 | edition.workspace = true 14 | license.workspace = true 15 | repository.workspace = true 16 | homepage.workspace = true 17 | 18 | [[bin]] 19 | # Overwrite the binary name so it can be referred as "io.containerd.runc.v2-rs" from containerd. 20 | # Note: the runtime's binary name must start with "io.containerd.runc" in order to 21 | # keep compatibility with Go runc runtime and the containerd client. 22 | # Example: https://github.com/containerd/containerd/blob/8047eb2fcac1f4553ee7652862194b1e10855ce7/task_opts_unix.go#L33 23 | name = "containerd-shim-runc-v2-rs" 24 | path = "src/main.rs" 25 | doc = false 26 | 27 | [dependencies] 28 | containerd-shim = { path = "../shim", version = "0.10.0", features = ["async"] } 29 | libc.workspace = true 30 | log.workspace = true 31 | nix = { workspace = true, features = ["socket", "uio", "term"] } 32 | oci-spec.workspace = true 33 | prctl.workspace = true 34 | runc = { path = "../runc", version = "0.3.0", features = ["async"] } 35 | serde.workspace = true 36 | serde_json.workspace = true 37 | time.workspace = true 38 | uuid.workspace = true 39 | # Async dependencies 40 | async-trait.workspace = true 41 | tokio = { workspace = true, features = ["full"] } 42 | rustix = { version = "1", features = ["termios"] } 43 | 44 | [package.metadata.cargo-machete] 45 | ignored = ["libc"] 46 | 47 | [target.'cfg(target_os = "linux")'.dependencies] 48 | cgroups-rs.workspace = true 49 | nix = { workspace = true, features = ["event"] } 50 | tokio-eventfd = "0.2.1" 51 | -------------------------------------------------------------------------------- /crates/shim/src/reap.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use crate::error::Result; 18 | 19 | #[cfg(target_os = "linux")] 20 | /// Set current process as subreaper for child processes. 21 | /// 22 | /// A subreaper fulfills the role of `init` for its descendant processes. When a process becomes 23 | /// orphaned (i.e., its immediate parent terminates), then that process will be reparented to the 24 | /// nearest still living ancestor subreaper. Subsequently, calls to `getppid()` in the orphaned 25 | /// process will now return the PID of the subreaper process, and when the orphan terminates, 26 | /// it is the subreaper process that will receive a SIGCHLD signal and will be able to `wait()` 27 | /// on the process to discover its termination status. 28 | pub fn set_subreaper() -> Result<()> { 29 | use crate::error::Error; 30 | prctl::set_child_subreaper(true).map_err(other_error!("linux prctl returned")) 31 | } 32 | 33 | #[cfg(not(target_os = "linux"))] 34 | pub fn set_subreaper() -> Result<()> { 35 | Ok(()) 36 | } 37 | 38 | #[cfg(test)] 39 | #[cfg(target_os = "linux")] 40 | mod tests { 41 | use crate::reap::set_subreaper; 42 | 43 | #[test] 44 | fn test_set_subreaper() { 45 | set_subreaper().unwrap(); 46 | assert!(prctl::get_child_subreaper().unwrap()); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/ttrpc-client-async.rs: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 Ant Financial 2 | // Copyright (c) 2021 Ant Group 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | 16 | use containerd_shim_protos::{api::CreateTaskRequest, shim::shim_ttrpc_async::TaskClient}; 17 | use ttrpc::{ 18 | asynchronous::Client, 19 | context::{self, Context}, 20 | }; 21 | 22 | fn default_ctx() -> Context { 23 | let mut ctx = context::with_timeout(0); 24 | ctx.add("key-1".to_string(), "value-1-1".to_string()); 25 | ctx.add("key-1".to_string(), "value-1-2".to_string()); 26 | ctx.set("key-2".to_string(), vec!["value-2".to_string()]); 27 | 28 | ctx 29 | } 30 | 31 | #[tokio::main] 32 | async fn main() { 33 | let c = Client::connect("unix:///tmp/shim-proto-ttrpc-001").unwrap(); 34 | let task = TaskClient::new(c); 35 | let now = std::time::Instant::now(); 36 | 37 | let mut req = CreateTaskRequest::new(); 38 | req.set_id("id1".to_owned()); 39 | println!( 40 | "OS Thread {:?} - task.create() started: {:?}", 41 | std::thread::current().id(), 42 | now.elapsed(), 43 | ); 44 | let resp = task.create(default_ctx(), &req).await.unwrap(); 45 | assert_eq!(resp.pid, 0x10c0); 46 | println!( 47 | "OS Thread {:?} - task.create() -> {:?} ended: {:?}", 48 | std::thread::current().id(), 49 | resp, 50 | now.elapsed(), 51 | ); 52 | } 53 | -------------------------------------------------------------------------------- /crates/shim/src/monitor.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | use std::fmt; 17 | 18 | #[cfg(feature = "async")] 19 | pub use crate::asynchronous::monitor::*; 20 | #[cfg(not(feature = "async"))] 21 | pub use crate::synchronous::monitor::*; 22 | 23 | #[derive(Clone, Eq, Hash, PartialEq)] 24 | pub enum Topic { 25 | Pid, 26 | Exec, 27 | All, 28 | } 29 | 30 | #[derive(Debug)] 31 | pub struct ExitEvent { 32 | // what kind of a thing exit 33 | pub subject: Subject, 34 | pub exit_code: i32, 35 | } 36 | 37 | impl fmt::Display for ExitEvent { 38 | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { 39 | match &self.subject { 40 | Subject::Pid(pid) => { 41 | write!(f, "PID {} exit with code {}", pid, self.exit_code) 42 | } 43 | Subject::Exec(cid, eid) => { 44 | write!( 45 | f, 46 | "EXEC process {} inside {} exit with code {}", 47 | eid, cid, self.exit_code 48 | ) 49 | } 50 | } 51 | } 52 | } 53 | 54 | #[derive(Clone, Debug)] 55 | pub enum Subject { 56 | // process pid 57 | Pid(i32), 58 | // exec with containerd id and exec id for vm container, 59 | // if exec is empty, then the event is for the container 60 | Exec(String, String), 61 | } 62 | -------------------------------------------------------------------------------- /crates/runc/README.md: -------------------------------------------------------------------------------- 1 | # Rust bindings for runc CLI 2 | 3 | [![Crates.io](https://img.shields.io/crates/v/runc)](https://crates.io/crates/runc) 4 | [![docs.rs](https://img.shields.io/docsrs/runc)](https://docs.rs/runc/latest/runc/) 5 | [![Crates.io](https://img.shields.io/crates/l/containerd-shim)](https://github.com/containerd/rust-extensions/blob/main/LICENSE) 6 | [![CI](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml) 7 | 8 | A crate for consuming the runc binary in your Rust applications, similar to [go-runc](https://github.com/containerd/go-runc) for Go. 9 | This crate is based on archived [rust-runc](https://github.com/pwFoo/rust-runc). 10 | 11 | ## Usage 12 | Both sync/async version is available. 13 | You can build runc client with `RuncConfig` in method chaining style. 14 | Call `build()` or `build_async()` to get client. 15 | Note that async client depends on [tokio](https://github.com/tokio-rs/tokio), then please use it on tokio runtime. 16 | 17 | ```rust,ignore 18 | #[tokio::main] 19 | async fn main() { 20 | let config = runc::GlobalOpts::new() 21 | .root("./new_root") 22 | .debug(false) 23 | .log("/path/to/logfile.json") 24 | .log_format(runc::LogFormat::Json) 25 | .rootless(true); 26 | 27 | let client = config.build_async().unwrap(); 28 | 29 | let opts = runc::options::CreateOpts::new() 30 | .pid_file("/path/to/pid/file") 31 | .no_pivot(true); 32 | 33 | client.create("container-id", "path/to/bundle", Some(&opts)).unwrap(); 34 | } 35 | ``` 36 | 37 | ## Limitations 38 | - Supported commands are only: 39 | - create 40 | - start 41 | - state 42 | - kill 43 | - delete 44 | - Exec is **not** available in `RuncAsyncClient` now. 45 | - Console utilites are **not** available 46 | - see [Go version](https://github.com/containerd/go-runc/blob/main/console.go) 47 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/fieldpath.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers for Go with Gadgets 2 | // 3 | // Copyright (c) 2013, The GoGo Authors. All rights reserved. 4 | // http://github.com/gogo/protobuf 5 | // 6 | // Redistribution and use in source and binary forms, with or without 7 | // modification, are permitted provided that the following conditions are 8 | // met: 9 | // 10 | // * Redistributions of source code must retain the above copyright 11 | // notice, this list of conditions and the following disclaimer. 12 | // * Redistributions in binary form must reproduce the above 13 | // copyright notice, this list of conditions and the following disclaimer 14 | // in the documentation and/or other materials provided with the 15 | // distribution. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | 29 | syntax = "proto3"; 30 | package containerd.types; 31 | 32 | import "google/protobuf/descriptor.proto"; 33 | 34 | option go_package = "github.com/containerd/containerd/api/types;types"; 35 | 36 | extend google.protobuf.FileOptions { 37 | optional bool fieldpath_all = 63300; 38 | } 39 | 40 | extend google.protobuf.MessageOptions { 41 | optional bool fieldpath = 64400; 42 | } 43 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/protobuf/plugin/fieldpath.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers for Go with Gadgets 2 | // 3 | // Copyright (c) 2013, The GoGo Authors. All rights reserved. 4 | // http://github.com/gogo/protobuf 5 | // 6 | // Redistribution and use in source and binary forms, with or without 7 | // modification, are permitted provided that the following conditions are 8 | // met: 9 | // 10 | // * Redistributions of source code must retain the above copyright 11 | // notice, this list of conditions and the following disclaimer. 12 | // * Redistributions in binary form must reproduce the above 13 | // copyright notice, this list of conditions and the following disclaimer 14 | // in the documentation and/or other materials provided with the 15 | // distribution. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | 29 | syntax = "proto2"; 30 | package containerd.plugin; 31 | 32 | import "google/protobuf/descriptor.proto"; 33 | 34 | option go_package = "github.com/containerd/containerd/protobuf/plugin"; 35 | 36 | extend google.protobuf.FileOptions { 37 | optional bool fieldpath_all = 63300; 38 | } 39 | 40 | extend google.protobuf.MessageOptions { 41 | optional bool fieldpath = 64400; 42 | } 43 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/transfer/importexport.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 22 | 23 | import "github.com/containerd/containerd/api/types/platform.proto"; 24 | 25 | message ImageImportStream { 26 | // Stream is used to identify the binary input stream for the import operation. 27 | // The stream uses the transfer binary stream protocol with the client as the sender. 28 | // The binary data is expected to be a raw tar stream. 29 | string stream = 1; 30 | 31 | string media_type = 2; 32 | 33 | bool force_compress = 3; 34 | } 35 | 36 | message ImageExportStream { 37 | // Stream is used to identify the binary output stream for the export operation. 38 | // The stream uses the transfer binary stream protocol with the server as the sender. 39 | // The binary data is expected to be a raw tar stream. 40 | string stream = 1; 41 | 42 | string media_type = 2; 43 | 44 | // The specified platforms 45 | repeated types.Platform platforms = 3; 46 | // Whether to include all platforms 47 | bool all_platforms = 4; 48 | // Skips the creation of the Docker compatible manifest.json file 49 | bool skip_compatibility_manifest = 5; 50 | // Excludes non-distributable blobs such as Windows base layers. 51 | bool skip_non_distributable = 6; 52 | } 53 | -------------------------------------------------------------------------------- /crates/shim-protos/src/shim.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | pub mod oci { 18 | include!(concat!(env!("OUT_DIR"), "/shim/oci.rs")); 19 | } 20 | 21 | pub mod events { 22 | include!(concat!(env!("OUT_DIR"), "/shim/events.rs")); 23 | } 24 | 25 | pub mod events_ttrpc { 26 | include!(concat!(env!("OUT_DIR"), "/shim/events_ttrpc.rs")); 27 | } 28 | 29 | #[cfg(feature = "async")] 30 | pub mod events_ttrpc_async { 31 | include!(concat!(env!("OUT_DIR"), "/shim_async/events_ttrpc.rs")); 32 | } 33 | 34 | pub mod shim { 35 | include!(concat!(env!("OUT_DIR"), "/shim/shim.rs")); 36 | } 37 | 38 | pub mod shim_ttrpc { 39 | include!(concat!(env!("OUT_DIR"), "/shim/shim_ttrpc.rs")); 40 | } 41 | 42 | #[cfg(feature = "async")] 43 | pub mod shim_ttrpc_async { 44 | include!(concat!(env!("OUT_DIR"), "/shim_async/shim_ttrpc.rs")); 45 | } 46 | 47 | pub(crate) mod empty { 48 | pub use crate::types::empty::*; 49 | } 50 | 51 | pub(crate) mod mount { 52 | pub use crate::types::mount::*; 53 | } 54 | 55 | pub(crate) mod task { 56 | pub use crate::types::task::*; 57 | } 58 | 59 | mod fieldpath { 60 | pub use crate::types::fieldpath::*; 61 | } 62 | 63 | mod gogo { 64 | pub use crate::types::gogo::*; 65 | } 66 | 67 | /// Shim events service. 68 | pub use events_ttrpc::{create_events, Events, EventsClient}; 69 | /// Shim task service. 70 | pub use shim_ttrpc::{create_task, Task, TaskClient}; 71 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/fieldpath.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers for Go with Gadgets 2 | // 3 | // Copyright (c) 2013, The GoGo Authors. All rights reserved. 4 | // http://github.com/gogo/protobuf 5 | // 6 | // Redistribution and use in source and binary forms, with or without 7 | // modification, are permitted provided that the following conditions are 8 | // met: 9 | // 10 | // * Redistributions of source code must retain the above copyright 11 | // notice, this list of conditions and the following disclaimer. 12 | // * Redistributions in binary form must reproduce the above 13 | // copyright notice, this list of conditions and the following disclaimer 14 | // in the documentation and/or other materials provided with the 15 | // distribution. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | 29 | syntax = "proto3"; 30 | package containerd.types; 31 | 32 | import "google/protobuf/descriptor.proto"; 33 | 34 | option go_package = "github.com/containerd/containerd/api/types;types"; 35 | 36 | extend google.protobuf.FileOptions { 37 | optional bool fieldpath_all = 63300; 38 | } 39 | 40 | extend google.protobuf.MessageOptions { 41 | optional bool fieldpath = 64400; 42 | } 43 | -------------------------------------------------------------------------------- /crates/logging/examples/journal.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::{fs, io, io::BufRead, thread}; 18 | 19 | use containerd_shim_logging as logging; 20 | use logging::{Config, Driver}; 21 | 22 | fn pump(reader: fs::File) { 23 | io::BufReader::new(reader) 24 | .lines() 25 | .map_while(Result::ok) 26 | .for_each(|_str| { 27 | // Write log string to destination here. 28 | // For instance with journald: 29 | // systemd::journal::print(0, &str); 30 | }); 31 | } 32 | 33 | struct Journal { 34 | stdout_handle: thread::JoinHandle<()>, 35 | stderr_handle: thread::JoinHandle<()>, 36 | } 37 | 38 | impl Driver for Journal { 39 | type Error = String; 40 | 41 | fn new(config: Config) -> Result { 42 | let stdout = config.stdout; 43 | let stderr = config.stderr; 44 | 45 | Ok(Journal { 46 | stdout_handle: thread::spawn(|| pump(stdout)), 47 | stderr_handle: thread::spawn(|| pump(stderr)), 48 | }) 49 | } 50 | 51 | fn wait(self) -> Result<(), Self::Error> { 52 | self.stdout_handle 53 | .join() 54 | .map_err(|err| format!("{:?}", err))?; 55 | self.stderr_handle 56 | .join() 57 | .map_err(|err| format!("{:?}", err))?; 58 | Ok(()) 59 | } 60 | } 61 | 62 | fn main() { 63 | logging::run::() 64 | } 65 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/runtime/v2/runc/options/oci.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto3"; 2 | 3 | package containerd.runc.v1; 4 | 5 | option go_package = "github.com/containerd/containerd/runtime/v2/runc/options;options"; 6 | 7 | message Options { 8 | // disable pivot root when creating a container 9 | bool no_pivot_root = 1; 10 | // create a new keyring for the container 11 | bool no_new_keyring = 2; 12 | // place the shim in a cgroup 13 | string shim_cgroup = 3; 14 | // set the I/O's pipes uid 15 | uint32 io_uid = 4; 16 | // set the I/O's pipes gid 17 | uint32 io_gid = 5; 18 | // binary name of the runc binary 19 | string binary_name = 6; 20 | // runc root directory 21 | string root = 7; 22 | // criu binary path. 23 | // 24 | // Deprecated: runc option --criu is now ignored (with a warning), and the 25 | // option will be removed entirely in a future release. Users who need a non- 26 | // standard criu binary should rely on the standard way of looking up binaries 27 | // in $PATH. 28 | string criu_path = 8 [deprecated = true]; 29 | // enable systemd cgroups 30 | bool systemd_cgroup = 9; 31 | // criu image path 32 | string criu_image_path = 10; 33 | // criu work path 34 | string criu_work_path = 11; 35 | } 36 | 37 | message CheckpointOptions { 38 | // exit the container after a checkpoint 39 | bool exit = 1; 40 | // checkpoint open tcp connections 41 | bool open_tcp = 2; 42 | // checkpoint external unix sockets 43 | bool external_unix_sockets = 3; 44 | // checkpoint terminals (ptys) 45 | bool terminal = 4; 46 | // allow checkpointing of file locks 47 | bool file_locks = 5; 48 | // restore provided namespaces as empty namespaces 49 | repeated string empty_namespaces = 6; 50 | // set the cgroups mode, soft, full, strict 51 | string cgroups_mode = 7; 52 | // checkpoint image path 53 | string image_path = 8; 54 | // checkpoint work path 55 | string work_path = 9; 56 | } 57 | 58 | message ProcessDetails { 59 | // exec process id if the process is managed by a shim 60 | string exec_id = 1; 61 | } 62 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/transfer/importexport.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 22 | 23 | import "github.com/containerd/containerd/api/types/platform.proto"; 24 | 25 | message ImageImportStream { 26 | // Stream is used to identify the binary input stream for the import operation. 27 | // The stream uses the transfer binary stream protocol with the client as the sender. 28 | // The binary data is expected to be a raw tar stream. 29 | string stream = 1; 30 | 31 | string media_type = 2; 32 | 33 | bool force_compress = 3; 34 | } 35 | 36 | message ImageExportStream { 37 | // Stream is used to identify the binary output stream for the export operation. 38 | // The stream uses the transfer binary stream protocol with the server as the sender. 39 | // The binary data is expected to be a raw tar stream. 40 | string stream = 1; 41 | 42 | string media_type = 2; 43 | 44 | // The specified platforms 45 | repeated types.Platform platforms = 3; 46 | // Whether to include all platforms 47 | bool all_platforms = 4; 48 | // Skips the creation of the Docker compatible manifest.json file 49 | bool skip_compatibility_manifest = 5; 50 | // Excludes non-distributable blobs such as Windows base layers. 51 | bool skip_non_distributable = 6; 52 | } 53 | -------------------------------------------------------------------------------- /.github/workflows/publish.yml: -------------------------------------------------------------------------------- 1 | # Automates crate publishing 2 | # - Submit a PR to bump crate version. 3 | # - Specify crate to publish from the menu. 4 | # - Launch the job: 5 | # + The job will extract version from Cargo.toml 6 | # + Will publish to crates.io 7 | # + Will add and push a git tag "-v" 8 | 9 | name: Release 10 | on: 11 | workflow_dispatch: 12 | inputs: 13 | crate: 14 | description: 'Crate to publish' 15 | required: true 16 | type: choice 17 | options: 18 | - client 19 | - logging 20 | - runc 21 | - runc-shim 22 | - shim 23 | - shim-protos 24 | - snapshots 25 | 26 | dryrun: 27 | description: 'Dry run' 28 | required: false 29 | type: boolean 30 | default: false 31 | 32 | jobs: 33 | publish: 34 | name: 'Publish ${{ inputs.crate }}' 35 | runs-on: ubuntu-latest 36 | timeout-minutes: 10 37 | 38 | permissions: 39 | contents: write 40 | 41 | env: 42 | CARGO_FILE: "crates/${{ inputs.crate }}/Cargo.toml" 43 | 44 | steps: 45 | - uses: actions/checkout@v6 46 | 47 | - name: Extract package version 48 | id: extract_version 49 | run: | 50 | cargo generate-lockfile 51 | echo "version=$(cargo pkgid --manifest-path $CARGO_FILE | sed 's/.*@//')" >> $GITHUB_OUTPUT 52 | 53 | - name: Install protobuf 54 | run: | 55 | sudo apt update 56 | sudo apt install protobuf-compiler 57 | 58 | - name: Publish on crates.io 59 | run: cargo publish $DRYRUN --manifest-path $CARGO_FILE 60 | env: 61 | DRYRUN: ${{ inputs.dryrun && '--dry-run' || '' }} 62 | CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} 63 | 64 | - name: Push version tag 65 | if: ${{ !inputs.dryrun }} 66 | env: 67 | TAG: "${{ inputs.crate }}-v${{ steps.extract_version.outputs.version }}" 68 | run: | 69 | git tag $TAG 70 | git push origin $TAG 71 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/runc/options/oci.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto3"; 2 | 3 | package containerd.runc.v1; 4 | 5 | option go_package = "github.com/containerd/containerd/api/types/runc/options;options"; 6 | 7 | message Options { 8 | // disable pivot root when creating a container 9 | bool no_pivot_root = 1; 10 | // create a new keyring for the container 11 | bool no_new_keyring = 2; 12 | // place the shim in a cgroup 13 | string shim_cgroup = 3; 14 | // set the I/O's pipes uid 15 | uint32 io_uid = 4; 16 | // set the I/O's pipes gid 17 | uint32 io_gid = 5; 18 | // binary name of the runc binary 19 | string binary_name = 6; 20 | // runc root directory 21 | string root = 7; 22 | // criu binary path. 23 | // 24 | // Removed in containerd v2.0: string criu_path = 8; 25 | reserved 8; 26 | // enable systemd cgroups 27 | bool systemd_cgroup = 9; 28 | // criu image path 29 | string criu_image_path = 10; 30 | // criu work path 31 | string criu_work_path = 11; 32 | // task api address, can be a unix domain socket, or vsock address. 33 | // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. 34 | string task_api_address = 12; 35 | // task api version, currently supported value is 2 and 3. 36 | uint32 task_api_version = 13; 37 | } 38 | 39 | message CheckpointOptions { 40 | // exit the container after a checkpoint 41 | bool exit = 1; 42 | // checkpoint open tcp connections 43 | bool open_tcp = 2; 44 | // checkpoint external unix sockets 45 | bool external_unix_sockets = 3; 46 | // checkpoint terminals (ptys) 47 | bool terminal = 4; 48 | // allow checkpointing of file locks 49 | bool file_locks = 5; 50 | // restore provided namespaces as empty namespaces 51 | repeated string empty_namespaces = 6; 52 | // set the cgroups mode, soft, full, strict 53 | string cgroups_mode = 7; 54 | // checkpoint image path 55 | string image_path = 8; 56 | // checkpoint work path 57 | string work_path = 9; 58 | } 59 | 60 | message ProcessDetails { 61 | // exec process id if the process is managed by a shim 62 | string exec_id = 1; 63 | } 64 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/connect.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::env; 18 | 19 | use client::api; 20 | use containerd_shim_protos as client; 21 | use ttrpc::context::Context; 22 | 23 | fn main() { 24 | let args: Vec = env::args().collect(); 25 | 26 | let socket_path = args 27 | .get(1) 28 | .ok_or("First argument must be shim socket path") 29 | .unwrap(); 30 | 31 | let pid = args.get(2).map(|str| str.to_owned()).unwrap_or_default(); 32 | 33 | println!("Connecting to {}...", socket_path); 34 | let client = client::Client::connect(socket_path).expect("Failed to connect to shim"); 35 | 36 | let task_client = client::TaskClient::new(client); 37 | 38 | let context = Context::default(); 39 | 40 | let req = api::ConnectRequest { 41 | id: pid, 42 | ..Default::default() 43 | }; 44 | 45 | println!("Sending `Connect` request..."); 46 | let resp = task_client 47 | .connect(context.clone(), &req) 48 | .expect("Connect request failed"); 49 | println!("Connect response: {:?}", resp); 50 | 51 | let req = api::ShutdownRequest { 52 | id: "123".to_string(), 53 | now: true, 54 | ..Default::default() 55 | }; 56 | 57 | println!("Sending `Shutdown` request..."); 58 | let resp = task_client 59 | .shutdown(context, &req) 60 | .expect("Failed to send shutdown request"); 61 | 62 | println!("Shutdown response: {:?}", resp) 63 | } 64 | -------------------------------------------------------------------------------- /crates/client/vendor/google/rpc/status.proto: -------------------------------------------------------------------------------- 1 | // Copyright 2020 Google LLC 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | syntax = "proto3"; 16 | 17 | package google.rpc; 18 | 19 | import "google/protobuf/any.proto"; 20 | 21 | option cc_enable_arenas = true; 22 | option go_package = "google.golang.org/genproto/googleapis/rpc/status;status"; 23 | option java_multiple_files = true; 24 | option java_outer_classname = "StatusProto"; 25 | option java_package = "com.google.rpc"; 26 | option objc_class_prefix = "RPC"; 27 | 28 | // The `Status` type defines a logical error model that is suitable for 29 | // different programming environments, including REST APIs and RPC APIs. It is 30 | // used by [gRPC](https://github.com/grpc). Each `Status` message contains 31 | // three pieces of data: error code, error message, and error details. 32 | // 33 | // You can find out more about this error model and how to work with it in the 34 | // [API Design Guide](https://cloud.google.com/apis/design/errors). 35 | message Status { 36 | // The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. 37 | int32 code = 1; 38 | 39 | // A developer-facing error message, which should be in English. Any 40 | // user-facing error message should be localized and sent in the 41 | // [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client. 42 | string message = 2; 43 | 44 | // A list of messages that carry the error details. There is a common set of 45 | // message types for APIs to use. 46 | repeated google.protobuf.Any details = 3; 47 | } 48 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/runc/options/oci.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto3"; 2 | 3 | package containerd.runc.v1; 4 | 5 | option go_package = "github.com/containerd/containerd/api/types/runc/options;options"; 6 | 7 | message Options { 8 | // disable pivot root when creating a container 9 | bool no_pivot_root = 1; 10 | // create a new keyring for the container 11 | bool no_new_keyring = 2; 12 | // place the shim in a cgroup 13 | string shim_cgroup = 3; 14 | // set the I/O's pipes uid 15 | uint32 io_uid = 4; 16 | // set the I/O's pipes gid 17 | uint32 io_gid = 5; 18 | // binary name of the runc binary 19 | string binary_name = 6; 20 | // runc root directory 21 | string root = 7; 22 | // criu binary path. 23 | // 24 | // Removed in containerd v2.0: string criu_path = 8; 25 | reserved 8; 26 | // enable systemd cgroups 27 | bool systemd_cgroup = 9; 28 | // criu image path 29 | string criu_image_path = 10; 30 | // criu work path 31 | string criu_work_path = 11; 32 | // task api address, can be a unix domain socket, or vsock address. 33 | // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://:. 34 | string task_api_address = 12; 35 | // task api version, currently supported value is 2 and 3. 36 | uint32 task_api_version = 13; 37 | } 38 | 39 | message CheckpointOptions { 40 | // exit the container after a checkpoint 41 | bool exit = 1; 42 | // checkpoint open tcp connections 43 | bool open_tcp = 2; 44 | // checkpoint external unix sockets 45 | bool external_unix_sockets = 3; 46 | // checkpoint terminals (ptys) 47 | bool terminal = 4; 48 | // allow checkpointing of file locks 49 | bool file_locks = 5; 50 | // restore provided namespaces as empty namespaces 51 | repeated string empty_namespaces = 6; 52 | // set the cgroups mode, soft, full, strict 53 | string cgroups_mode = 7; 54 | // checkpoint image path 55 | string image_path = 8; 56 | // checkpoint work path 57 | string work_path = 9; 58 | } 59 | 60 | message ProcessDetails { 61 | // exec process id if the process is managed by a shim 62 | string exec_id = 1; 63 | } 64 | -------------------------------------------------------------------------------- /crates/logging/README.md: -------------------------------------------------------------------------------- 1 | # Shim logging binaries for containerd 2 | 3 | [![Crates.io](https://img.shields.io/crates/v/containerd-shim-logging)](https://crates.io/crates/containerd-shim-logging) 4 | [![docs.rs](https://img.shields.io/docsrs/containerd-shim-logging)](https://docs.rs/containerd-shim-logging/latest/containerd_shim_logging/) 5 | [![Crates.io](https://img.shields.io/crates/l/containerd-shim-logging)](https://github.com/containerd/rust-extensions/blob/main/LICENSE) 6 | [![CI](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml) 7 | 8 | Shim v2 runtime supports pluggable logging binaries via stdio URIs. 9 | This crate implement `logging::run` to easy custom logger implementations in Rust. 10 | 11 | [containerd Documentation](https://github.com/containerd/containerd/tree/master/core/runtime/v2#logging) 12 | 13 | ## Example 14 | 15 | There is a journal example available as reference (originally written in Go [here](https://github.com/containerd/containerd/tree/dbef1d56d7ebc05bc4553d72c419ed5ce025b05d/runtime/v2#logging)): 16 | 17 | ```bash 18 | # Build 19 | $ sudo yum install systemd-devel 20 | $ cargo build --example journal 21 | 22 | # Run 23 | $ ctr i pull docker.io/library/hello-world:latest 24 | $ ctr run --rm --log-uri=binary:////path/to/journal_binary docker.io/library/hello-world:latest hello 25 | $ journalctl -f _COMM=journal 26 | -- Logs begin at Thu 2021-05-20 15:47:51 PDT. -- 27 | Jul 22 11:53:35 dev journal[3233968]: 28 | Jul 22 11:53:35 dev journal[3233968]: To try something more ambitious, you can run an Ubuntu container with: 29 | Jul 22 11:53:35 dev journal[3233968]: $ docker run -it ubuntu bash 30 | Jul 22 11:53:35 dev journal[3233968]: 31 | Jul 22 11:53:35 dev journal[3233968]: Share images, automate workflows, and more with a free Docker ID: 32 | Jul 22 11:53:35 dev journal[3233968]: https://hub.docker.com/ 33 | Jul 22 11:53:35 dev journal[3233968]: 34 | Jul 22 11:53:35 dev journal[3233968]: For more examples and ideas, visit: 35 | Jul 22 11:53:35 dev journal[3233968]: https://docs.docker.com/get-started/ 36 | Jul 22 11:53:35 dev journal[3233968]: 37 | ``` 38 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/stats/stats.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto3"; 2 | 3 | package containerd.runhcs.stats.v1; 4 | 5 | import "google/protobuf/timestamp.proto"; 6 | import "github.com/containerd/cgroups/v3/cgroup1/stats/metrics.proto"; 7 | 8 | option go_package = "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/stats;stats"; 9 | 10 | message Statistics { 11 | oneof container { 12 | WindowsContainerStatistics windows = 1; 13 | io.containerd.cgroups.v1.Metrics linux = 2; 14 | } 15 | VirtualMachineStatistics vm = 3; 16 | } 17 | 18 | message WindowsContainerStatistics { 19 | google.protobuf.Timestamp timestamp = 1; 20 | google.protobuf.Timestamp container_start_time = 2; 21 | uint64 uptime_ns = 3; 22 | WindowsContainerProcessorStatistics processor = 4; 23 | WindowsContainerMemoryStatistics memory = 5; 24 | WindowsContainerStorageStatistics storage = 6; 25 | } 26 | 27 | message WindowsContainerProcessorStatistics { 28 | uint64 total_runtime_ns = 1; 29 | uint64 runtime_user_ns = 2; 30 | uint64 runtime_kernel_ns = 3; 31 | } 32 | 33 | message WindowsContainerMemoryStatistics { 34 | uint64 memory_usage_commit_bytes = 1; 35 | uint64 memory_usage_commit_peak_bytes = 2; 36 | uint64 memory_usage_private_working_set_bytes = 3; 37 | } 38 | 39 | message WindowsContainerStorageStatistics { 40 | uint64 read_count_normalized = 1; 41 | uint64 read_size_bytes = 2; 42 | uint64 write_count_normalized = 3; 43 | uint64 write_size_bytes = 4; 44 | } 45 | 46 | message VirtualMachineStatistics { 47 | VirtualMachineProcessorStatistics processor = 1; 48 | VirtualMachineMemoryStatistics memory = 2; 49 | } 50 | 51 | message VirtualMachineProcessorStatistics { 52 | uint64 total_runtime_ns = 1; 53 | } 54 | 55 | message VirtualMachineMemoryStatistics { 56 | uint64 working_set_bytes = 1; 57 | uint32 virtual_node_count = 2; 58 | VirtualMachineMemory vm_memory = 3; 59 | } 60 | 61 | message VirtualMachineMemory { 62 | int32 available_memory = 1; 63 | int32 available_memory_buffer = 2; 64 | uint64 reserved_memory = 3; 65 | uint64 assigned_memory = 4; 66 | bool slp_active = 5; 67 | bool balancing_enabled = 6; 68 | bool dm_operation_in_progress = 7; 69 | } 70 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/connect-async.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::env; 18 | 19 | use client::{api, shim::shim_ttrpc_async::TaskClient}; 20 | use containerd_shim_protos as client; 21 | use ttrpc::{asynchronous::Client, context::Context}; 22 | 23 | #[tokio::main] 24 | async fn main() { 25 | let args: Vec = env::args().collect(); 26 | 27 | let socket_path = args 28 | .get(1) 29 | .ok_or("First argument must be shim socket path") 30 | .unwrap(); 31 | 32 | let pid = args.get(2).map(|str| str.to_owned()).unwrap_or_default(); 33 | 34 | println!("Connecting to {}...", socket_path); 35 | let client = Client::connect(socket_path).expect("Failed to connect to shim"); 36 | 37 | let task_client = TaskClient::new(client); 38 | 39 | let context = Context::default(); 40 | 41 | let req = api::ConnectRequest { 42 | id: pid, 43 | ..Default::default() 44 | }; 45 | 46 | println!("Sending `Connect` request..."); 47 | let resp = task_client 48 | .connect(context.clone(), &req) 49 | .await 50 | .expect("Connect request failed"); 51 | println!("Connect response: {:?}", resp); 52 | 53 | let req = api::ShutdownRequest { 54 | id: "123".to_string(), 55 | now: true, 56 | ..Default::default() 57 | }; 58 | 59 | println!("Sending `Shutdown` request..."); 60 | let resp = task_client 61 | .shutdown(context, &req) 62 | .await 63 | .expect("Failed to send shutdown request"); 64 | 65 | println!("Shutdown response: {:?}", resp) 66 | } 67 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/types/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | // Sandbox represents a sandbox metadata object that keeps all info required by controller to 27 | // work with a particular instance. 28 | message Sandbox { 29 | // SandboxID is a unique instance identifier within namespace 30 | string sandbox_id = 1; 31 | message Runtime { 32 | // Name is the name of the runtime. 33 | string name = 1; 34 | // Options specify additional runtime initialization options for the shim (this data will be available in StartShim). 35 | // Typically this data expected to be runtime shim implementation specific. 36 | google.protobuf.Any options = 2; 37 | } 38 | // Runtime specifies which runtime to use for executing this container. 39 | Runtime runtime = 2; 40 | // Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the 41 | // bundle directory (similary to OCI spec). 42 | google.protobuf.Any spec = 3; 43 | // Labels provides an area to include arbitrary data on containers. 44 | map labels = 4; 45 | // CreatedAt is the time the container was first created. 46 | google.protobuf.Timestamp created_at = 5; 47 | // UpdatedAt is the last time the container was mutated. 48 | google.protobuf.Timestamp updated_at = 6; 49 | // Extensions allow clients to provide optional blobs that can be handled by runtime. 50 | map extensions = 7; 51 | } 52 | -------------------------------------------------------------------------------- /crates/shim-protos/src/lib.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | #![cfg_attr(feature = "docs", doc = include_str!("../README.md"))] 18 | #![allow(warnings)] 19 | 20 | pub use protobuf; 21 | pub use ttrpc; 22 | 23 | pub mod cgroups; 24 | pub mod events; 25 | #[cfg(feature = "sandbox")] 26 | mod sandbox; 27 | pub mod shim; 28 | pub mod types; 29 | pub mod windows; 30 | 31 | /// Includes event names shims can publish to containerd. 32 | pub mod topics; 33 | 34 | pub mod shim_sync { 35 | /// TTRPC client reexport for easier access. 36 | pub use ttrpc::Client; 37 | 38 | /// Shim events service. 39 | pub use crate::shim::events_ttrpc::{create_events, Events, EventsClient}; 40 | /// Shim task service. 41 | pub use crate::shim::shim_ttrpc::{create_task, Task, TaskClient}; 42 | } 43 | 44 | pub use shim_sync::*; 45 | 46 | #[cfg(feature = "async")] 47 | pub mod shim_async { 48 | /// TTRPC client reexport for easier access. 49 | pub use ttrpc::asynchronous::Client; 50 | 51 | /// Shim events service. 52 | pub use crate::shim::events_ttrpc_async::{create_events, Events, EventsClient}; 53 | /// Shim task service. 54 | pub use crate::shim::shim_ttrpc_async::{create_task, Task, TaskClient}; 55 | } 56 | 57 | /// Reexport auto-generated public data structures. 58 | pub mod api { 59 | pub use crate::shim::{empty::*, events::*, mount::*, shim::*, task::*}; 60 | } 61 | 62 | #[cfg(feature = "sandbox")] 63 | pub use sandbox::sandbox as sandbox_api; 64 | 65 | #[cfg(feature = "sandbox")] 66 | pub mod sandbox_sync { 67 | pub use crate::sandbox::sandbox_ttrpc::*; 68 | } 69 | 70 | #[cfg(all(feature = "sandbox", feature = "async"))] 71 | pub mod sandbox_async { 72 | pub use crate::sandbox::sandbox_async::*; 73 | } 74 | -------------------------------------------------------------------------------- /crates/shim/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "containerd-shim" 3 | version = "0.10.0" 4 | authors = [ 5 | "Maksym Pavlenko ", 6 | "The containerd Authors", 7 | ] 8 | description = "containerd shim extension" 9 | keywords = ["containerd", "shim", "containers"] 10 | categories = ["api-bindings", "asynchronous"] 11 | 12 | edition.workspace = true 13 | license.workspace = true 14 | repository.workspace = true 15 | homepage.workspace = true 16 | 17 | [features] 18 | async = ["async-trait", "containerd-shim-protos/async", "futures", "tokio"] 19 | tracing = ["dep:tracing"] 20 | docs = [] 21 | 22 | [[example]] 23 | name = "skeleton_async" 24 | required-features = ["async"] 25 | 26 | [[example]] 27 | name = "windows-log-reader" 28 | path = "examples/windows_log_reader.rs" 29 | 30 | [dependencies] 31 | which = "8.0.0" 32 | containerd-shim-protos = { path = "../shim-protos", version = "0.10.0" } 33 | go-flag = "0.1.0" 34 | lazy_static = "1.4.0" 35 | sha2 = "0.10.2" 36 | libc.workspace = true 37 | log = { workspace = true, features = ["std", "kv_unstable"] } 38 | nix = { workspace = true, features = [ 39 | "ioctl", 40 | "fs", 41 | "socket", 42 | "signal", 43 | "mount", 44 | "sched", 45 | ] } 46 | oci-spec.workspace = true 47 | page_size = "0.6.0" 48 | prctl.workspace = true 49 | signal-hook = "0.3.13" 50 | serde.workspace = true 51 | serde_json.workspace = true 52 | tempfile.workspace = true 53 | thiserror.workspace = true 54 | time.workspace = true 55 | 56 | # tracing 57 | tracing = { version = "0.1", optional = true } 58 | 59 | # Async dependencies 60 | async-trait = { workspace = true, optional = true } 61 | futures = { workspace = true, optional = true } 62 | tokio = { workspace = true, features = ["full"], optional = true } 63 | 64 | [target.'cfg(target_os = "linux")'.dependencies] 65 | cgroups-rs.workspace = true 66 | 67 | [target.'cfg(windows)'.dependencies] 68 | mio = { version = "1.0", features = ["os-ext", "os-poll"] } 69 | windows-sys = { version = "0.52.0", features = [ 70 | "Win32_Foundation", 71 | "Win32_System_WindowsProgramming", 72 | "Win32_System_Console", 73 | "Win32_System_Pipes", 74 | "Win32_Security", 75 | "Win32_Storage_FileSystem", 76 | "Win32_System_Threading", 77 | ] } 78 | 79 | [dev-dependencies] 80 | tempfile.workspace = true 81 | 82 | [package.metadata.docs.rs] 83 | features = ["docs"] 84 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/services/events/v1/events.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.events.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/event.proto"; 22 | import "google/protobuf/any.proto"; 23 | import "google/protobuf/empty.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/services/events/v1;events"; 26 | 27 | service Events { 28 | // Publish an event to a topic. 29 | // 30 | // The event will be packed into a timestamp envelope with the namespace 31 | // introspected from the context. The envelope will then be dispatched. 32 | rpc Publish(PublishRequest) returns (google.protobuf.Empty); 33 | 34 | // Forward sends an event that has already been packaged into an envelope 35 | // with a timestamp and namespace. 36 | // 37 | // This is useful if earlier timestamping is required or when forwarding on 38 | // behalf of another component, namespace or publisher. 39 | rpc Forward(ForwardRequest) returns (google.protobuf.Empty); 40 | 41 | // Subscribe to a stream of events, possibly returning only that match any 42 | // of the provided filters. 43 | // 44 | // Unlike many other methods in containerd, subscribers will get messages 45 | // from all namespaces unless otherwise specified. If this is not desired, 46 | // a filter can be provided in the format 'namespace==' to 47 | // restrict the received events. 48 | rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope); 49 | } 50 | 51 | message PublishRequest { 52 | string topic = 1; 53 | google.protobuf.Any event = 2; 54 | } 55 | 56 | message ForwardRequest { 57 | containerd.types.Envelope envelope = 1; 58 | } 59 | 60 | message SubscribeRequest { 61 | repeated string filters = 1; 62 | } 63 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | // Sandbox represents a sandbox metadata object that keeps all info required by controller to 27 | // work with a particular instance. 28 | message Sandbox { 29 | // SandboxID is a unique instance identifier within namespace 30 | string sandbox_id = 1; 31 | message Runtime { 32 | // Name is the name of the runtime. 33 | string name = 1; 34 | // Options specify additional runtime initialization options for the shim (this data will be available in StartShim). 35 | // Typically this data expected to be runtime shim implementation specific. 36 | google.protobuf.Any options = 2; 37 | } 38 | // Runtime specifies which runtime to use for executing this container. 39 | Runtime runtime = 2; 40 | // Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the 41 | // bundle directory (similary to OCI spec). 42 | google.protobuf.Any spec = 3; 43 | // Labels provides an area to include arbitrary data on containers. 44 | map labels = 4; 45 | // CreatedAt is the time the container was first created. 46 | google.protobuf.Timestamp created_at = 5; 47 | // UpdatedAt is the last time the container was mutated. 48 | google.protobuf.Timestamp updated_at = 6; 49 | // Extensions allow clients to provide optional blobs that can be handled by runtime. 50 | map extensions = 7; 51 | // Sandboxer is the name of the sandbox controller who manages the sandbox. 52 | string sandboxer = 10; 53 | 54 | } 55 | -------------------------------------------------------------------------------- /crates/shim/examples/windows_log_reader.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | #[cfg(windows)] 17 | use std::error::Error; 18 | 19 | #[cfg(windows)] 20 | fn main() -> Result<(), Box> { 21 | use std::{ 22 | env, 23 | fs::OpenOptions, 24 | os::windows::{ 25 | fs::OpenOptionsExt, 26 | io::{FromRawHandle, IntoRawHandle}, 27 | }, 28 | time::Duration, 29 | }; 30 | 31 | use mio::{windows::NamedPipe, Events, Interest, Poll, Token}; 32 | use windows_sys::Win32::Storage::FileSystem::FILE_FLAG_OVERLAPPED; 33 | 34 | let args: Vec = env::args().collect(); 35 | 36 | let address = args 37 | .get(1) 38 | .ok_or("First argument must be shims address to read logs (\\\\.\\pipe\\containerd-shim-{ns}-{id}-log) ") 39 | .unwrap(); 40 | 41 | println!("Reading logs from: {}", &address); 42 | 43 | let mut opts = OpenOptions::new(); 44 | opts.read(true) 45 | .write(true) 46 | .custom_flags(FILE_FLAG_OVERLAPPED); 47 | let file = opts.open(address).unwrap(); 48 | let mut client = unsafe { NamedPipe::from_raw_handle(file.into_raw_handle()) }; 49 | 50 | let mut stdio = std::io::stdout(); 51 | let mut poll = Poll::new().unwrap(); 52 | poll.registry() 53 | .register(&mut client, Token(1), Interest::READABLE) 54 | .unwrap(); 55 | let mut events = Events::with_capacity(128); 56 | loop { 57 | poll.poll(&mut events, Some(Duration::from_millis(10))) 58 | .unwrap(); 59 | match std::io::copy(&mut client, &mut stdio) { 60 | Ok(_) => break, 61 | Err(_) => continue, 62 | } 63 | } 64 | 65 | Ok(()) 66 | } 67 | 68 | #[cfg(unix)] 69 | fn main() { 70 | println!("This example is only for Windows"); 71 | } 72 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/services/events/v1/events.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.services.events.v1; 20 | 21 | import "github.com/containerd/containerd/api/types/event.proto"; 22 | import "google/protobuf/any.proto"; 23 | import "google/protobuf/empty.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/services/events/v1;events"; 26 | 27 | service Events { 28 | // Publish an event to a topic. 29 | // 30 | // The event will be packed into a timestamp envelope with the namespace 31 | // introspected from the context. The envelope will then be dispatched. 32 | rpc Publish(PublishRequest) returns (google.protobuf.Empty); 33 | 34 | // Forward sends an event that has already been packaged into an envelope 35 | // with a timestamp and namespace. 36 | // 37 | // This is useful if earlier timestamping is required or when forwarding on 38 | // behalf of another component, namespace or publisher. 39 | rpc Forward(ForwardRequest) returns (google.protobuf.Empty); 40 | 41 | // Subscribe to a stream of events, possibly returning only that match any 42 | // of the provided filters. 43 | // 44 | // Unlike many other methods in containerd, subscribers will get messages 45 | // from all namespaces unless otherwise specified. If this is not desired, 46 | // a filter can be provided in the format 'namespace==' to 47 | // restrict the received events. 48 | rpc Subscribe(SubscribeRequest) returns (stream containerd.types.Envelope); 49 | } 50 | 51 | message PublishRequest { 52 | string topic = 1; 53 | google.protobuf.Any event = 2; 54 | } 55 | 56 | message ForwardRequest { 57 | containerd.types.Envelope envelope = 1; 58 | } 59 | 60 | message SubscribeRequest { 61 | repeated string filters = 1; 62 | } 63 | -------------------------------------------------------------------------------- /crates/shim/examples/publish.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | use std::env; 17 | 18 | use containerd_shim::{publisher::RemotePublisher, Context}; 19 | use containerd_shim_protos::events::task::TaskOOM; 20 | 21 | #[cfg(not(feature = "async"))] 22 | fn main() { 23 | let args: Vec = env::args().collect(); 24 | 25 | // Must not start with unix:// 26 | let address = args 27 | .get(1) 28 | .ok_or("First argument must be containerd's TTRPC address to publish events") 29 | .unwrap(); 30 | 31 | println!("Connecting: {}", &address); 32 | 33 | let publisher = RemotePublisher::new(address).expect("Connect failed"); 34 | 35 | let mut event = TaskOOM::new(); 36 | event.set_container_id("123".into()); 37 | 38 | let ctx = Context::default(); 39 | 40 | println!("Sending event"); 41 | 42 | publisher 43 | .publish(ctx, "/tasks/oom", "default", Box::new(event)) 44 | .expect("Publish failed"); 45 | 46 | println!("Done"); 47 | } 48 | 49 | #[cfg(feature = "async")] 50 | #[tokio::main] 51 | async fn main() { 52 | let args: Vec = env::args().collect(); 53 | 54 | // Must not start with unix:// 55 | let address = args 56 | .get(1) 57 | .ok_or("First argument must be containerd's TTRPC address to publish events") 58 | .unwrap(); 59 | 60 | println!("Connecting: {}", &address); 61 | 62 | let publisher = RemotePublisher::new(address).await.expect("Connect failed"); 63 | 64 | let mut event = TaskOOM::new(); 65 | event.set_container_id("123".into()); 66 | 67 | let ctx = Context::default(); 68 | 69 | println!("Sending event"); 70 | 71 | publisher 72 | .publish(ctx, "/tasks/oom", "default", Box::new(event)) 73 | .await 74 | .expect("Publish failed"); 75 | 76 | println!("Done"); 77 | } 78 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/types/sandbox.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types; 20 | 21 | import "google/protobuf/any.proto"; 22 | import "google/protobuf/timestamp.proto"; 23 | 24 | option go_package = "github.com/containerd/containerd/api/types;types"; 25 | 26 | // Sandbox represents a sandbox metadata object that keeps all info required by controller to 27 | // work with a particular instance. 28 | message Sandbox { 29 | // SandboxID is a unique instance identifier within namespace 30 | string sandbox_id = 1; 31 | message Runtime { 32 | // Name is the name of the runtime. 33 | string name = 1; 34 | // Options specify additional runtime initialization options for the shim (this data will be available in StartShim). 35 | // Typically this data expected to be runtime shim implementation specific. 36 | google.protobuf.Any options = 2; 37 | } 38 | // Runtime specifies which runtime to use for executing this container. 39 | Runtime runtime = 2; 40 | // Spec is sandbox configuration (kin of OCI runtime spec), spec's data will be written to a config.json file in the 41 | // bundle directory (similary to OCI spec). 42 | google.protobuf.Any spec = 3; 43 | // Labels provides an area to include arbitrary data on containers. 44 | map labels = 4; 45 | // CreatedAt is the time the container was first created. 46 | google.protobuf.Timestamp created_at = 5; 47 | // UpdatedAt is the last time the container was mutated. 48 | google.protobuf.Timestamp updated_at = 6; 49 | // Extensions allow clients to provide optional blobs that can be handled by runtime. 50 | map extensions = 7; 51 | // Sandboxer is the name of the sandbox controller who manages the sandbox. 52 | string sandboxer = 10; 53 | 54 | } 55 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/ttrpc-server.rs: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 Ant Financial 2 | // Copyright (c) 2021 Ant Group 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | 16 | use std::{sync::Arc, thread}; 17 | 18 | use containerd_shim_protos::{ 19 | api::{CreateTaskRequest, CreateTaskResponse}, 20 | create_task, Task, 21 | }; 22 | use ttrpc::Server; 23 | 24 | #[derive(Debug, PartialEq)] 25 | struct FakeServer { 26 | magic: u32, 27 | } 28 | 29 | impl FakeServer { 30 | fn new() -> Self { 31 | FakeServer { magic: 0xadcbdacf } 32 | } 33 | } 34 | 35 | impl Task for FakeServer { 36 | fn create( 37 | &self, 38 | ctx: &::ttrpc::TtrpcContext, 39 | req: CreateTaskRequest, 40 | ) -> ::ttrpc::Result { 41 | let mut resp = CreateTaskResponse::default(); 42 | let md = &ctx.metadata; 43 | let v1 = md.get("key-1").unwrap(); 44 | let v2 = md.get("key-2").unwrap(); 45 | 46 | assert_eq!(v1[0], "value-1-1"); 47 | assert_eq!(v1[1], "value-1-2"); 48 | assert_eq!(v2[0], "value-2"); 49 | assert_eq!(&req.id, "id1"); 50 | 51 | resp.set_pid(0x10c0); 52 | 53 | Ok(resp) 54 | } 55 | } 56 | 57 | fn main() { 58 | simple_logger::SimpleLogger::new().init().unwrap(); 59 | 60 | let tservice = create_task(Arc::new(FakeServer::new())); 61 | 62 | let mut server = Server::new() 63 | .bind("unix:///tmp/shim-proto-ttrpc-001") 64 | .unwrap() 65 | .register_service(tservice); 66 | 67 | server.start().unwrap(); 68 | 69 | // Hold the main thread until receiving signal SIGTERM 70 | let (tx, rx) = std::sync::mpsc::channel(); 71 | thread::spawn(move || { 72 | ctrlc::set_handler(move || { 73 | tx.send(()).unwrap(); 74 | }) 75 | .expect("Error setting Ctrl-C handler"); 76 | println!("Server is running, press Ctrl + C to exit"); 77 | }); 78 | 79 | rx.recv().unwrap(); 80 | } 81 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/events/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "github.com/containerd/containerd/api/types/mount.proto"; 23 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/events;events"; 26 | option (containerd.types.fieldpath_all) = true; 27 | 28 | message TaskCreate { 29 | string container_id = 1; 30 | string bundle = 2; 31 | repeated containerd.types.Mount rootfs = 3; 32 | TaskIO io = 4; 33 | string checkpoint = 5; 34 | uint32 pid = 6; 35 | } 36 | 37 | message TaskStart { 38 | string container_id = 1; 39 | uint32 pid = 2; 40 | } 41 | 42 | message TaskDelete { 43 | string container_id = 1; 44 | uint32 pid = 2; 45 | uint32 exit_status = 3; 46 | google.protobuf.Timestamp exited_at = 4; 47 | // id is the specific exec. By default if omitted will be `""` thus matches 48 | // the init exec of the task matching `container_id`. 49 | string id = 5; 50 | } 51 | 52 | message TaskIO { 53 | string stdin = 1; 54 | string stdout = 2; 55 | string stderr = 3; 56 | bool terminal = 4; 57 | } 58 | 59 | message TaskExit { 60 | string container_id = 1; 61 | string id = 2; 62 | uint32 pid = 3; 63 | uint32 exit_status = 4; 64 | google.protobuf.Timestamp exited_at = 5; 65 | } 66 | 67 | message TaskOOM { 68 | string container_id = 1; 69 | } 70 | 71 | message TaskExecAdded { 72 | string container_id = 1; 73 | string exec_id = 2; 74 | } 75 | 76 | message TaskExecStarted { 77 | string container_id = 1; 78 | string exec_id = 2; 79 | uint32 pid = 3; 80 | } 81 | 82 | message TaskPaused { 83 | string container_id = 1; 84 | } 85 | 86 | message TaskResumed { 87 | string container_id = 1; 88 | } 89 | 90 | message TaskCheckpointed { 91 | string container_id = 1; 92 | string checkpoint = 2; 93 | } 94 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/github.com/containerd/containerd/api/events/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "github.com/containerd/containerd/api/types/mount.proto"; 23 | import "github.com/containerd/containerd/protobuf/plugin/fieldpath.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/events;events"; 26 | option (containerd.plugin.fieldpath_all) = true; 27 | 28 | message TaskCreate { 29 | string container_id = 1; 30 | string bundle = 2; 31 | repeated containerd.types.Mount rootfs = 3; 32 | TaskIO io = 4; 33 | string checkpoint = 5; 34 | uint32 pid = 6; 35 | } 36 | 37 | message TaskStart { 38 | string container_id = 1; 39 | uint32 pid = 2; 40 | } 41 | 42 | message TaskDelete { 43 | string container_id = 1; 44 | uint32 pid = 2; 45 | uint32 exit_status = 3; 46 | google.protobuf.Timestamp exited_at = 4; 47 | // id is the specific exec. By default if omitted will be `""` thus matches 48 | // the init exec of the task matching `container_id`. 49 | string id = 5; 50 | } 51 | 52 | message TaskIO { 53 | string stdin = 1; 54 | string stdout = 2; 55 | string stderr = 3; 56 | bool terminal = 4; 57 | } 58 | 59 | message TaskExit { 60 | string container_id = 1; 61 | string id = 2; 62 | uint32 pid = 3; 63 | uint32 exit_status = 4; 64 | google.protobuf.Timestamp exited_at = 5; 65 | } 66 | 67 | message TaskOOM { 68 | string container_id = 1; 69 | } 70 | 71 | message TaskExecAdded { 72 | string container_id = 1; 73 | string exec_id = 2; 74 | } 75 | 76 | message TaskExecStarted { 77 | string container_id = 1; 78 | string exec_id = 2; 79 | uint32 pid = 3; 80 | } 81 | 82 | message TaskPaused { 83 | string container_id = 1; 84 | } 85 | 86 | message TaskResumed { 87 | string container_id = 1; 88 | } 89 | 90 | message TaskCheckpointed { 91 | string container_id = 1; 92 | string checkpoint = 2; 93 | } 94 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/vendor/github.com/containerd/containerd/api/events/task.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.events; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | import "github.com/containerd/containerd/api/types/mount.proto"; 23 | import "github.com/containerd/containerd/api/types/fieldpath.proto"; 24 | 25 | option go_package = "github.com/containerd/containerd/api/events;events"; 26 | option (containerd.types.fieldpath_all) = true; 27 | 28 | message TaskCreate { 29 | string container_id = 1; 30 | string bundle = 2; 31 | repeated containerd.types.Mount rootfs = 3; 32 | TaskIO io = 4; 33 | string checkpoint = 5; 34 | uint32 pid = 6; 35 | } 36 | 37 | message TaskStart { 38 | string container_id = 1; 39 | uint32 pid = 2; 40 | } 41 | 42 | message TaskDelete { 43 | string container_id = 1; 44 | uint32 pid = 2; 45 | uint32 exit_status = 3; 46 | google.protobuf.Timestamp exited_at = 4; 47 | // id is the specific exec. By default if omitted will be `""` thus matches 48 | // the init exec of the task matching `container_id`. 49 | string id = 5; 50 | } 51 | 52 | message TaskIO { 53 | string stdin = 1; 54 | string stdout = 2; 55 | string stderr = 3; 56 | bool terminal = 4; 57 | } 58 | 59 | message TaskExit { 60 | string container_id = 1; 61 | string id = 2; 62 | uint32 pid = 3; 63 | uint32 exit_status = 4; 64 | google.protobuf.Timestamp exited_at = 5; 65 | } 66 | 67 | message TaskOOM { 68 | string container_id = 1; 69 | } 70 | 71 | message TaskExecAdded { 72 | string container_id = 1; 73 | string exec_id = 2; 74 | } 75 | 76 | message TaskExecStarted { 77 | string container_id = 1; 78 | string exec_id = 2; 79 | uint32 pid = 3; 80 | } 81 | 82 | message TaskPaused { 83 | string container_id = 1; 84 | } 85 | 86 | message TaskResumed { 87 | string container_id = 1; 88 | } 89 | 90 | message TaskCheckpointed { 91 | string container_id = 1; 92 | string checkpoint = 2; 93 | } 94 | -------------------------------------------------------------------------------- /crates/runc-shim/src/console.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::path::{Path, PathBuf}; 18 | 19 | use containerd_shim::{io_error, util::mkdir, Error, Result}; 20 | use log::warn; 21 | use tokio::net::{UnixListener, UnixStream}; 22 | use uuid::Uuid; 23 | 24 | use crate::common::xdg_runtime_dir; 25 | 26 | pub struct ConsoleSocket { 27 | pub listener: UnixListener, 28 | pub path: PathBuf, 29 | pub rmdir: bool, 30 | } 31 | 32 | impl ConsoleSocket { 33 | pub async fn new() -> Result { 34 | let dir = format!("{}/pty{}", xdg_runtime_dir(), Uuid::new_v4()); 35 | mkdir(&dir, 0o711).await?; 36 | let file_name = Path::new(&dir).join("pty.sock"); 37 | let listener = UnixListener::bind(&file_name).map_err(io_error!( 38 | e, 39 | "bind socket {}", 40 | file_name.display() 41 | ))?; 42 | Ok(ConsoleSocket { 43 | listener, 44 | path: file_name, 45 | rmdir: true, 46 | }) 47 | } 48 | 49 | pub async fn accept(&self) -> Result { 50 | let (stream, _addr) = self 51 | .listener 52 | .accept() 53 | .await 54 | .map_err(io_error!(e, "failed to list console socket"))?; 55 | Ok(stream) 56 | } 57 | 58 | // async drop is not supported yet, we can only call clean manually after socket received 59 | pub async fn clean(self) { 60 | if self.rmdir { 61 | if let Some(tmp_socket_dir) = self.path.parent() { 62 | tokio::fs::remove_dir_all(tmp_socket_dir) 63 | .await 64 | .unwrap_or_else(|e| { 65 | warn!( 66 | "remove tmp console socket path {} : {}", 67 | tmp_socket_dir.display(), 68 | e 69 | ) 70 | }) 71 | } 72 | } 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /crates/runc-shim/README.md: -------------------------------------------------------------------------------- 1 | # Rust containerd shim v2 for runc container 2 | 3 | [![Crates.io](https://img.shields.io/crates/v/containerd-runc-shim)](https://crates.io/crates/containerd-runc-shim) 4 | [![docs.rs](https://img.shields.io/docsrs/containerd-runc-shim)](https://docs.rs/containerd-runc-shim/latest/containerd-runc-shim/) 5 | [![Crates.io](https://img.shields.io/crates/l/containerd-shim)](https://github.com/containerd/rust-extensions/blob/main/LICENSE) 6 | [![CI](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/containerd/rust-extensions/actions/workflows/ci.yml) 7 | 8 | By default [containerd](https://github.com/containerd/containerd) relies on runc shim v2 runtime (written in `Go`) to launch containers. 9 | This crate is an alternative Rust implementation of the shim runtime. 10 | It conforms to containerd's integration tests and can be replaced with the original Go runtime interchangeably. 11 | 12 | ## Usage 13 | 14 | To build binary, run: 15 | ```shell 16 | cargo build --release --bin containerd-shim-runc-v2-rs 17 | ``` 18 | 19 | Replace it to the containerd shim dir: `/usr/local/bin/containerd-shim-runc-v2-rs` 20 | 21 | In order to use it from containerd, use: 22 | 23 | ```shell 24 | $ sudo ctr run --rm --runtime io.containerd.runc.v2-rs -t docker.io/library/hello-world:latest hello 25 | ``` 26 | 27 | You can run a container by `ctr`, `crictl` or kubernetes API. 28 | 29 | ## Performance test 30 | 31 | ### Memory overhead 32 | 33 | Three different kinds of shim binaries are used to compare memory overhead, first is `containerd-shimv2-runc-v2` 34 | compiled by golang, next is our sync `containerd-shim-runc-v2-rs` and the last one is our async `containerd-shim-runc-v2-rs` 35 | but limited to 2 work threads. 36 | 37 | We run a *busybox* container inside a pod on a *16U32G Ubuntu20.04* mechine with *containerd v1.6.8* and *runc v1.1.4*. 38 | To measure the memory size of shim process we parse the output of *smaps* file and add up all RSS segments. 39 | In addition, we also run 100 pods and collect the total memory overhead. 40 | 41 | | | Single Process RSS | 100 Processes RSS | 42 | | :----------------------------------------------------------- | :----------------- | :---------------- | 43 | | containerd-shim-runc-v2 | 11.02MB | 1106.52MB | 44 | | containerd-shim-runc-v2-rs(sync) | 3.45MB | 345.39MB | 45 | | containerd-shim-runc-v2-rs(async, limited to 2 work threads) | 3.90MB | 396.83MB | 46 | -------------------------------------------------------------------------------- /crates/client/vendor/google/protobuf/empty.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers - Google's data interchange format 2 | // Copyright 2008 Google Inc. All rights reserved. 3 | // https://developers.google.com/protocol-buffers/ 4 | // 5 | // Redistribution and use in source and binary forms, with or without 6 | // modification, are permitted provided that the following conditions are 7 | // met: 8 | // 9 | // * Redistributions of source code must retain the above copyright 10 | // notice, this list of conditions and the following disclaimer. 11 | // * Redistributions in binary form must reproduce the above 12 | // copyright notice, this list of conditions and the following disclaimer 13 | // in the documentation and/or other materials provided with the 14 | // distribution. 15 | // * Neither the name of Google Inc. nor the names of its 16 | // contributors may be used to endorse or promote products derived from 17 | // this software without specific prior written permission. 18 | // 19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | 31 | syntax = "proto3"; 32 | 33 | package google.protobuf; 34 | 35 | option csharp_namespace = "Google.Protobuf.WellKnownTypes"; 36 | option go_package = "google.golang.org/protobuf/types/known/emptypb"; 37 | option java_package = "com.google.protobuf"; 38 | option java_outer_classname = "EmptyProto"; 39 | option java_multiple_files = true; 40 | option objc_class_prefix = "GPB"; 41 | option cc_enable_arenas = true; 42 | 43 | // A generic empty message that you can re-use to avoid defining duplicated 44 | // empty messages in your APIs. A typical example is to use it as the request 45 | // or the response type of an API method. For instance: 46 | // 47 | // service Foo { 48 | // rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 49 | // } 50 | // 51 | // The JSON representation for `Empty` is empty JSON object `{}`. 52 | message Empty {} 53 | -------------------------------------------------------------------------------- /crates/shim-protos/vendor/google/protobuf/empty.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers - Google's data interchange format 2 | // Copyright 2008 Google Inc. All rights reserved. 3 | // https://developers.google.com/protocol-buffers/ 4 | // 5 | // Redistribution and use in source and binary forms, with or without 6 | // modification, are permitted provided that the following conditions are 7 | // met: 8 | // 9 | // * Redistributions of source code must retain the above copyright 10 | // notice, this list of conditions and the following disclaimer. 11 | // * Redistributions in binary form must reproduce the above 12 | // copyright notice, this list of conditions and the following disclaimer 13 | // in the documentation and/or other materials provided with the 14 | // distribution. 15 | // * Neither the name of Google Inc. nor the names of its 16 | // contributors may be used to endorse or promote products derived from 17 | // this software without specific prior written permission. 18 | // 19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | 31 | syntax = "proto3"; 32 | 33 | package google.protobuf; 34 | 35 | option csharp_namespace = "Google.Protobuf.WellKnownTypes"; 36 | option go_package = "google.golang.org/protobuf/types/known/emptypb"; 37 | option java_package = "com.google.protobuf"; 38 | option java_outer_classname = "EmptyProto"; 39 | option java_multiple_files = true; 40 | option objc_class_prefix = "GPB"; 41 | option cc_enable_arenas = true; 42 | 43 | // A generic empty message that you can re-use to avoid defining duplicated 44 | // empty messages in your APIs. A typical example is to use it as the request 45 | // or the response type of an API method. For instance: 46 | // 47 | // service Foo { 48 | // rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 49 | // } 50 | // 51 | // The JSON representation for `Empty` is empty JSON object `{}`. 52 | message Empty {} 53 | -------------------------------------------------------------------------------- /crates/snapshots/vendor/google/protobuf/empty.proto: -------------------------------------------------------------------------------- 1 | // Protocol Buffers - Google's data interchange format 2 | // Copyright 2008 Google Inc. All rights reserved. 3 | // https://developers.google.com/protocol-buffers/ 4 | // 5 | // Redistribution and use in source and binary forms, with or without 6 | // modification, are permitted provided that the following conditions are 7 | // met: 8 | // 9 | // * Redistributions of source code must retain the above copyright 10 | // notice, this list of conditions and the following disclaimer. 11 | // * Redistributions in binary form must reproduce the above 12 | // copyright notice, this list of conditions and the following disclaimer 13 | // in the documentation and/or other materials provided with the 14 | // distribution. 15 | // * Neither the name of Google Inc. nor the names of its 16 | // contributors may be used to endorse or promote products derived from 17 | // this software without specific prior written permission. 18 | // 19 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | 31 | syntax = "proto3"; 32 | 33 | package google.protobuf; 34 | 35 | option csharp_namespace = "Google.Protobuf.WellKnownTypes"; 36 | option go_package = "google.golang.org/protobuf/types/known/emptypb"; 37 | option java_package = "com.google.protobuf"; 38 | option java_outer_classname = "EmptyProto"; 39 | option java_multiple_files = true; 40 | option objc_class_prefix = "GPB"; 41 | option cc_enable_arenas = true; 42 | 43 | // A generic empty message that you can re-use to avoid defining duplicated 44 | // empty messages in your APIs. A typical example is to use it as the request 45 | // or the response type of an API method. For instance: 46 | // 47 | // service Foo { 48 | // rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 49 | // } 50 | // 51 | // The JSON representation for `Empty` is empty JSON object `{}`. 52 | message Empty {} 53 | -------------------------------------------------------------------------------- /crates/shim-protos/examples/ttrpc-server-async.rs: -------------------------------------------------------------------------------- 1 | // Copyright (c) 2019 Ant Financial 2 | // Copyright (c) 2021 Ant Group 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | 16 | use std::{sync::Arc, thread}; 17 | 18 | use async_trait::async_trait; 19 | use containerd_shim_protos::{ 20 | api::{CreateTaskRequest, CreateTaskResponse}, 21 | shim::shim_ttrpc_async::{create_task, Task}, 22 | }; 23 | use ttrpc::asynchronous::Server; 24 | 25 | #[derive(Debug, PartialEq)] 26 | struct FakeServer { 27 | magic: u32, 28 | } 29 | 30 | impl FakeServer { 31 | fn new() -> Self { 32 | FakeServer { magic: 0xadcbdacf } 33 | } 34 | } 35 | 36 | #[async_trait] 37 | impl Task for FakeServer { 38 | async fn create( 39 | &self, 40 | ctx: &::ttrpc::asynchronous::TtrpcContext, 41 | req: CreateTaskRequest, 42 | ) -> ::ttrpc::Result { 43 | let mut resp = CreateTaskResponse::default(); 44 | let md = &ctx.metadata; 45 | let v1 = md.get("key-1").unwrap(); 46 | let v2 = md.get("key-2").unwrap(); 47 | 48 | assert_eq!(v1[0], "value-1-1"); 49 | assert_eq!(v1[1], "value-1-2"); 50 | assert_eq!(v2[0], "value-2"); 51 | assert_eq!(&req.id, "id1"); 52 | 53 | resp.set_pid(0x10c0); 54 | 55 | Ok(resp) 56 | } 57 | } 58 | 59 | #[tokio::main] 60 | async fn main() { 61 | simple_logger::SimpleLogger::new().init().unwrap(); 62 | 63 | let tservice = create_task(Arc::new(FakeServer::new())); 64 | 65 | let mut server = Server::new() 66 | .bind("unix:///tmp/shim-proto-ttrpc-001") 67 | .unwrap() 68 | .register_service(tservice); 69 | 70 | server.start().await.unwrap(); 71 | 72 | // Hold the main thread until receiving signal SIGTERM 73 | let (tx, rx) = std::sync::mpsc::channel(); 74 | thread::spawn(move || { 75 | ctrlc::set_handler(move || { 76 | tx.send(()).unwrap(); 77 | }) 78 | .expect("Error setting Ctrl-C handler"); 79 | println!("Server is running, press Ctrl + C to exit"); 80 | }); 81 | 82 | rx.recv().unwrap(); 83 | } 84 | -------------------------------------------------------------------------------- /crates/snapshots/build.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::{env, fs, io}; 18 | 19 | const PROTO_FILES: &[&str] = &[ 20 | "vendor/github.com/containerd/containerd/api/types/mount.proto", 21 | "vendor/github.com/containerd/containerd/api/services/snapshots/v1/snapshots.proto", 22 | ]; 23 | 24 | const FIXUP_MODULES: &[&str] = &["containerd.services.snapshots.v1"]; 25 | 26 | fn main() { 27 | tonic_prost_build::configure() 28 | .build_server(true) 29 | .compile_protos(PROTO_FILES, &["vendor/"]) 30 | .expect("Failed to generate GRPC bindings"); 31 | 32 | for module in FIXUP_MODULES { 33 | fixup_imports(module).expect("Failed to fixup module"); 34 | } 35 | } 36 | 37 | // Original containerd's protobuf files contain Go style imports: 38 | // import "github.com/containerd/containerd/api/types/mount.proto"; 39 | // 40 | // Tonic produces invalid code for these imports: 41 | // error[E0433]: failed to resolve: there are too many leading `super` keywords 42 | // --> /containerd-rust-extensions/target/debug/build/containerd-client-protos-0a328c0c63f60cd0/out/containerd.services.diff.v1.rs:47:52 43 | // | 44 | // 47 | pub diff: ::core::option::Option, 45 | // | ^^^^^ there are too many leading `super` keywords 46 | // 47 | // This func fixes imports to crate level ones, like `crate::types::Mount` 48 | fn fixup_imports(path: &str) -> Result<(), io::Error> { 49 | let out_dir = env::var("OUT_DIR").unwrap(); 50 | let path = format!("{}/{}.rs", out_dir, path); 51 | 52 | let contents = fs::read_to_string(&path)? 53 | .replace("super::super::super::types", "crate::api::types") 54 | .replace( 55 | "/// filters\\[0\\] or filters\\[1\\] or ... or filters\\[n-1\\] or filters\\[n\\]", 56 | r#" 57 | /// ```notrust 58 | /// filters[0] or filters[1] or ... or filters[n-1] or filters[n] 59 | /// ```"#, 60 | ); 61 | 62 | fs::write(path, contents)?; 63 | Ok(()) 64 | } 65 | -------------------------------------------------------------------------------- /crates/runc-shim/src/main.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::{env, io::Write}; 18 | 19 | use containerd_shim::{ 20 | asynchronous::run, 21 | parse, 22 | protos::protobuf::{well_known_types::any::Any, Message}, 23 | run_info, 24 | }; 25 | 26 | mod cgroup_memory; 27 | mod common; 28 | mod console; 29 | mod container; 30 | mod io; 31 | mod processes; 32 | mod runc; 33 | mod service; 34 | mod task; 35 | 36 | use service::Service; 37 | 38 | fn parse_version() { 39 | let os_args: Vec<_> = env::args_os().collect(); 40 | let flags = match parse(&os_args[1..]) { 41 | Ok(flags) => flags, 42 | Err(e) => { 43 | eprintln!("Error parsing arguments: {}", e); 44 | std::process::exit(1); 45 | } 46 | }; 47 | if flags.version { 48 | println!("{}:", os_args[0].to_string_lossy()); 49 | println!(" Version: {}", env!("CARGO_PKG_VERSION")); 50 | println!(" Revision: {}", env!("CARGO_GIT_HASH")); 51 | println!(); 52 | 53 | std::process::exit(0); 54 | } 55 | if flags.info { 56 | let r = run_info(); 57 | match r { 58 | Ok(rinfo) => { 59 | let mut info = Any::new(); 60 | info.type_url = "io.containerd.runc.v2.Info".to_string(); 61 | info.value = match rinfo.write_to_bytes() { 62 | Ok(bytes) => bytes, 63 | Err(e) => { 64 | eprintln!("Failed to write runtime info to bytes: {}", e); 65 | std::process::exit(1); 66 | } 67 | }; 68 | std::io::stdout() 69 | .write_all(info.write_to_bytes().unwrap().as_slice()) 70 | .expect("Failed to write to stdout"); 71 | } 72 | Err(_) => { 73 | eprintln!("Failed to get runtime info"); 74 | std::process::exit(1); 75 | } 76 | } 77 | std::process::exit(0); 78 | } 79 | } 80 | 81 | #[tokio::main] 82 | async fn main() { 83 | parse_version(); 84 | run::("io.containerd.runc.v2-rs", None).await; 85 | } 86 | -------------------------------------------------------------------------------- /crates/shim/examples/skeleton_async.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | use std::sync::Arc; 18 | 19 | use async_trait::async_trait; 20 | use containerd_shim::{ 21 | asynchronous::{run, spawn, ExitSignal, Shim}, 22 | publisher::RemotePublisher, 23 | Config, Error, Flags, StartOpts, TtrpcResult, 24 | }; 25 | use containerd_shim_protos::{ 26 | api, api::DeleteResponse, shim_async::Task, ttrpc::r#async::TtrpcContext, 27 | }; 28 | use log::info; 29 | 30 | #[derive(Clone)] 31 | struct Service { 32 | exit: Arc, 33 | } 34 | 35 | #[async_trait] 36 | impl Shim for Service { 37 | type T = Service; 38 | 39 | async fn new(_runtime_id: &str, _args: &Flags, _config: &mut Config) -> Self { 40 | Service { 41 | exit: Arc::new(ExitSignal::default()), 42 | } 43 | } 44 | 45 | async fn start_shim(&mut self, opts: StartOpts) -> Result { 46 | let grouping = opts.id.clone(); 47 | let address = spawn(opts, &grouping, Vec::new()).await?; 48 | Ok(address) 49 | } 50 | 51 | async fn delete_shim(&mut self) -> Result { 52 | Ok(DeleteResponse::new()) 53 | } 54 | 55 | async fn wait(&mut self) { 56 | self.exit.wait().await; 57 | } 58 | 59 | async fn create_task_service(&self, _publisher: RemotePublisher) -> Self::T { 60 | self.clone() 61 | } 62 | } 63 | 64 | #[async_trait] 65 | impl Task for Service { 66 | async fn connect( 67 | &self, 68 | _ctx: &TtrpcContext, 69 | _req: api::ConnectRequest, 70 | ) -> TtrpcResult { 71 | info!("Connect request"); 72 | Ok(api::ConnectResponse { 73 | version: String::from("example"), 74 | ..Default::default() 75 | }) 76 | } 77 | 78 | async fn shutdown( 79 | &self, 80 | _ctx: &TtrpcContext, 81 | _req: api::ShutdownRequest, 82 | ) -> TtrpcResult { 83 | info!("Shutdown request"); 84 | self.exit.signal(); 85 | Ok(api::Empty::default()) 86 | } 87 | } 88 | 89 | #[tokio::main] 90 | async fn main() { 91 | run::("io.containerd.empty.v1", None).await; 92 | } 93 | -------------------------------------------------------------------------------- /crates/snapshots/src/convert.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | //! Various conversions between GRPC and native types. 18 | 19 | use std::convert::{TryFrom, TryInto}; 20 | 21 | use thiserror::Error; 22 | use tonic::Status; 23 | 24 | use crate::{api::snapshots::v1 as grpc, Info, Kind}; 25 | 26 | impl From for i32 { 27 | fn from(kind: Kind) -> i32 { 28 | match kind { 29 | Kind::Unknown => 0, 30 | Kind::View => 1, 31 | Kind::Active => 2, 32 | Kind::Committed => 3, 33 | } 34 | } 35 | } 36 | 37 | impl TryFrom for Kind { 38 | type Error = Error; 39 | 40 | fn try_from(value: i32) -> Result { 41 | Ok(match value { 42 | 0 => Kind::Unknown, 43 | 1 => Kind::View, 44 | 2 => Kind::Active, 45 | 3 => Kind::Committed, 46 | _ => return Err(Error::InvalidEnumValue(value)), 47 | }) 48 | } 49 | } 50 | 51 | impl TryFrom for Info { 52 | type Error = Error; 53 | 54 | fn try_from(info: grpc::Info) -> Result { 55 | Ok(Info { 56 | kind: info.kind.try_into()?, 57 | name: info.name, 58 | parent: info.parent, 59 | labels: info.labels, 60 | created_at: info.created_at.unwrap_or_default().try_into()?, 61 | updated_at: info.updated_at.unwrap_or_default().try_into()?, 62 | }) 63 | } 64 | } 65 | 66 | impl From for grpc::Info { 67 | fn from(info: Info) -> Self { 68 | grpc::Info { 69 | name: info.name, 70 | parent: info.parent, 71 | kind: info.kind.into(), 72 | created_at: Some(info.created_at.into()), 73 | updated_at: Some(info.updated_at.into()), 74 | labels: info.labels, 75 | } 76 | } 77 | } 78 | 79 | #[derive(Debug, Error)] 80 | pub enum Error { 81 | #[error("Failed to convert GRPC timestamp: {0}")] 82 | Timestamp(#[from] prost_types::TimestampError), 83 | 84 | #[error("Invalid enum value: {0}")] 85 | InvalidEnumValue(i32), 86 | } 87 | 88 | impl From for tonic::Status { 89 | fn from(err: Error) -> Self { 90 | Status::internal(format!("{}", err)) 91 | } 92 | } 93 | -------------------------------------------------------------------------------- /crates/client/vendor/github.com/containerd/containerd/api/types/transfer/registry.proto: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | syntax = "proto3"; 18 | 19 | package containerd.types.transfer; 20 | 21 | import "google/protobuf/timestamp.proto"; 22 | 23 | option go_package = "github.com/containerd/containerd/api/types/transfer"; 24 | 25 | message OCIRegistry { 26 | string reference = 1; 27 | RegistryResolver resolver = 2; 28 | } 29 | 30 | enum HTTPDebug { 31 | DISABLED = 0; 32 | // Enable HTTP debugging 33 | DEBUG = 1; 34 | // Enable HTTP requests tracing 35 | TRACE = 2; 36 | // Enable both HTTP debugging and requests tracing 37 | BOTH = 3; 38 | } 39 | 40 | message RegistryResolver { 41 | // auth_stream is used to refer to a stream which auth callbacks may be 42 | // made on. 43 | string auth_stream = 1; 44 | 45 | // Headers 46 | map headers = 2; 47 | 48 | string host_dir = 3; 49 | 50 | string default_scheme = 4; 51 | // Force skip verify 52 | // CA callback? Client TLS callback? 53 | 54 | // Whether to debug/trace HTTP requests to OCI registry. 55 | HTTPDebug http_debug = 5; 56 | 57 | // Stream ID to use for HTTP logs (when logs are streamed to client). 58 | // When empty, logs are written to containerd logs. 59 | string logs_stream = 6; 60 | } 61 | 62 | // AuthRequest is sent as a callback on a stream 63 | message AuthRequest { 64 | // host is the registry host 65 | string host = 1; 66 | 67 | // reference is the namespace and repository name requested from the registry 68 | string reference = 2; 69 | 70 | // wwwauthenticate is the HTTP WWW-Authenticate header values returned from the registry 71 | repeated string wwwauthenticate = 3; 72 | } 73 | 74 | enum AuthType { 75 | NONE = 0; 76 | 77 | // CREDENTIALS is used to exchange username/password for access token 78 | // using an oauth or "Docker Registry Token" server 79 | CREDENTIALS = 1; 80 | 81 | // REFRESH is used to exchange secret for access token using an oauth 82 | // or "Docker Registry Token" server 83 | REFRESH = 2; 84 | 85 | // HEADER is used to set the HTTP Authorization header to secret 86 | // directly for the registry. 87 | // Value should be ` ` 88 | HEADER = 3; 89 | } 90 | 91 | message AuthResponse { 92 | AuthType authType = 1; 93 | string secret = 2; 94 | string username = 3; 95 | google.protobuf.Timestamp expire_at = 4; 96 | // TODO: Stream error 97 | } 98 | -------------------------------------------------------------------------------- /crates/shim/examples/skeleton.rs: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright The containerd Authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | #[cfg(not(feature = "async"))] 17 | use containerd_shim as shim; 18 | 19 | #[cfg(not(feature = "async"))] 20 | mod skeleton { 21 | use std::sync::Arc; 22 | 23 | use containerd_shim as shim; 24 | use log::info; 25 | use shim::{ 26 | api, synchronous::publisher::RemotePublisher, Config, DeleteResponse, ExitSignal, Flags, 27 | TtrpcContext, TtrpcResult, 28 | }; 29 | 30 | #[derive(Clone)] 31 | pub(crate) struct Service { 32 | exit: Arc, 33 | } 34 | 35 | impl shim::Shim for Service { 36 | type T = Service; 37 | 38 | fn new(_runtime_id: &str, _args: &Flags, _config: &mut Config) -> Self { 39 | Service { 40 | exit: Arc::new(ExitSignal::default()), 41 | } 42 | } 43 | 44 | fn start_shim(&mut self, opts: shim::StartOpts) -> Result { 45 | let grouping = opts.id.clone(); 46 | let (_child_id, address) = shim::spawn(opts, &grouping, Vec::new())?; 47 | Ok(address) 48 | } 49 | 50 | fn delete_shim(&mut self) -> Result { 51 | Ok(DeleteResponse::new()) 52 | } 53 | 54 | fn wait(&mut self) { 55 | self.exit.wait(); 56 | } 57 | 58 | fn create_task_service(&self, _publisher: RemotePublisher) -> Self::T { 59 | self.clone() 60 | } 61 | } 62 | 63 | impl shim::Task for Service { 64 | fn connect( 65 | &self, 66 | _ctx: &TtrpcContext, 67 | _req: api::ConnectRequest, 68 | ) -> TtrpcResult { 69 | info!("Connect request"); 70 | Ok(api::ConnectResponse { 71 | version: String::from("example"), 72 | ..Default::default() 73 | }) 74 | } 75 | 76 | fn shutdown( 77 | &self, 78 | _ctx: &TtrpcContext, 79 | _req: api::ShutdownRequest, 80 | ) -> TtrpcResult { 81 | info!("Shutdown request"); 82 | self.exit.signal(); 83 | Ok(api::Empty::default()) 84 | } 85 | } 86 | } 87 | 88 | fn main() { 89 | #[cfg(not(feature = "async"))] 90 | shim::run::("io.containerd.empty.v1", None) 91 | } 92 | --------------------------------------------------------------------------------