New Upstream Release - golang-k8s-system-validators

Ready changes

Summary

Merged new upstream version: 1.8.0 (was: 1.4.0).

Resulting package

Built on 2022-11-18T11:50 (took 3m15s)

The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:

apt install -t fresh-releases golang-k8s-system-validators-dev

Lintian Result

Diff

diff --git a/debian/changelog b/debian/changelog
index db240cf..a6d4ec0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+golang-k8s-system-validators (1.8.0-1) UNRELEASED; urgency=low
+
+  * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk>  Fri, 18 Nov 2022 11:47:46 -0000
+
 golang-k8s-system-validators (1.4.0-1) unstable; urgency=medium
 
   * Team upload.
diff --git a/go.mod b/go.mod
index c0f532b..750245c 100644
--- a/go.mod
+++ b/go.mod
@@ -1,9 +1,9 @@
 module k8s.io/system-validators
 
-go 1.13
+go 1.16
 
 require (
-	github.com/blang/semver v3.5.0+incompatible
+	github.com/blang/semver/v4 v4.0.0
 	github.com/pkg/errors v0.8.0
 	github.com/stretchr/testify v1.3.0
 	golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7
diff --git a/go.sum b/go.sum
index 29d356a..a19dfd9 100644
--- a/go.sum
+++ b/go.sum
@@ -1,5 +1,5 @@
-github.com/blang/semver v3.5.0+incompatible h1:CGxCgetQ64DKk7rdZ++Vfnb1+ogGNnB17OJKJXD2Cfs=
-github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
+github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
+github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
diff --git a/hack/verify-spelling.sh b/hack/verify-spelling.sh
index 3883785..684ffe3 100755
--- a/hack/verify-spelling.sh
+++ b/hack/verify-spelling.sh
@@ -39,6 +39,7 @@ echo "Cloning ${URL} in ${TMP_DIR}..."
 git clone --quiet --depth=1 "${URL}" "${TMP_DIR}"
 pushd "${TMP_DIR}" > /dev/null
 go mod init misspell
+go mod tidy
 popd > /dev/null
 
 # build misspell
diff --git a/validators/cgroup_validator_linux.go b/validators/cgroup_validator_linux.go
index 0d14e7c..2122ca8 100644
--- a/validators/cgroup_validator_linux.go
+++ b/validators/cgroup_validator_linux.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 /*
diff --git a/validators/cgroup_validator_other.go b/validators/cgroup_validator_other.go
index 394b619..9d74a7b 100644
--- a/validators/cgroup_validator_other.go
+++ b/validators/cgroup_validator_other.go
@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 /*
diff --git a/validators/cgroup_validator_test.go b/validators/cgroup_validator_test.go
index 17516a1..8ea9376 100644
--- a/validators/cgroup_validator_test.go
+++ b/validators/cgroup_validator_test.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 /*
diff --git a/validators/docker_validator.go b/validators/docker_validator.go
index 6cb0ab2..4ebed9f 100644
--- a/validators/docker_validator.go
+++ b/validators/docker_validator.go
@@ -17,6 +17,7 @@ limitations under the License.
 package system
 
 import (
+	"bytes"
 	"encoding/json"
 	"os/exec"
 	"regexp"
@@ -63,16 +64,27 @@ func (d *DockerValidator) Validate(spec SysSpec) ([]error, []error) {
 
 	// Run 'docker info' with a JSON output and unmarshal it into a dockerInfo object
 	info := dockerInfo{}
-	out, err := exec.Command("docker", "info", "--format", "{{json .}}").CombinedOutput()
+	cmd := exec.Command("docker", "info", "--format", "{{json .}}")
+
+	// Stderr can contain warnings despite docker info success.
+	var outb, errb bytes.Buffer
+	cmd.Stdout = &outb
+	cmd.Stderr = &errb
+	err := cmd.Run()
 	if err != nil {
-		return nil, []error{errors.Errorf(`failed executing "docker info --format '{{json .}}'"\noutput: %s\nerror: %v`, string(out), err)}
+		return nil, []error{errors.Errorf(`failed executing "docker info --format '{{json .}}'"\noutput: %s\nstderr: %s\nerror: %v`, outb.String(), errb.String(), err)}
 	}
-	if err := d.unmarshalDockerInfo(out, &info); err != nil {
+	if err := d.unmarshalDockerInfo(outb.Bytes(), &info); err != nil {
 		return nil, []error{err}
 	}
 
 	// validate the resulted docker info object against the spec
-	return d.validateDockerInfo(spec.RuntimeSpec.DockerSpec, info)
+	warnings, errs := d.validateDockerInfo(spec.RuntimeSpec.DockerSpec, info)
+
+	if len(errb.String()) > 0 {
+		warnings = append(warnings, errors.Errorf(`the command "docker info --format '{{json.}}'" succeeded with potential warnings\noutput: %s`, errb.String()))
+	}
+	return warnings, errs
 }
 
 func (d *DockerValidator) unmarshalDockerInfo(b []byte, info *dockerInfo) error {
diff --git a/validators/package_validator_linux.go b/validators/package_validator_linux.go
index 07fbe5f..4e22999 100644
--- a/validators/package_validator_linux.go
+++ b/validators/package_validator_linux.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 /*
@@ -24,7 +25,7 @@ import (
 	"os/exec"
 	"strings"
 
-	"github.com/blang/semver"
+	"github.com/blang/semver/v4"
 	"github.com/pkg/errors"
 )
 
diff --git a/validators/package_validator_other.go b/validators/package_validator_other.go
index 27f6a25..b345a34 100644
--- a/validators/package_validator_other.go
+++ b/validators/package_validator_other.go
@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 /*
diff --git a/validators/package_validator_test.go b/validators/package_validator_test.go
index 149c837..f142030 100644
--- a/validators/package_validator_test.go
+++ b/validators/package_validator_test.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 /*
diff --git a/validators/types_unix.go b/validators/types_unix.go
index a315bb6..b70947f 100644
--- a/validators/types_unix.go
+++ b/validators/types_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 /*
@@ -57,6 +58,8 @@ var DefaultSysSpec = SysSpec{
 			{Name: "BLK_DEV_DM", Description: "Required for devicemapper."},
 			{Name: "CFS_BANDWIDTH", Description: "Required for CPU quota."},
 			{Name: "CGROUP_HUGETLB", Description: "Required for hugetlb cgroup."},
+			{Name: "SECCOMP", Description: "Required for seccomp."},
+			{Name: "SECCOMP_FILTER", Description: "Required for seccomp mode 2."},
 		},
 		Forbidden: []KernelConfig{},
 	},
@@ -65,13 +68,20 @@ var DefaultSysSpec = SysSpec{
 		// The hugetlb cgroup is optional since some kernels are compiled without support for huge pages
 		// and therefore lacks corresponding hugetlb cgroup
 		"hugetlb",
+		// The blkio cgroup is optional since some kernels are compiled without support for block I/O throttling.
+		// Containerd and cri-o will use blkio to track disk I/O and throttling in both cgroup v1 and v2.
+		"blkio",
+	},
+	CgroupsV2: []string{"cpu", "cpuset", "devices", "freezer", "memory", "pids"},
+	CgroupsV2Optional: []string{
+		"hugetlb",
+		// The cgroups v2 io controller is the successor of the v1 blkio controller.
+		"io",
 	},
-	CgroupsV2:         []string{"cpu", "cpuset", "devices", "freezer", "memory", "pids"},
-	CgroupsV2Optional: []string{"hugetlb"},
 	RuntimeSpec: RuntimeSpec{
 		DockerSpec: &DockerSpec{
 			Version:     []string{`1\.1[1-3]\..*`, `17\.0[3,6,9]\..*`, `18\.0[6,9]\..*`, `19\.03\..*`, `20\.10\..*`},
-			GraphDriver: []string{"aufs", "overlay", "overlay2", "devicemapper", "zfs"},
+			GraphDriver: []string{"aufs", "btrfs", "overlay", "overlay2", "devicemapper", "zfs"},
 		},
 	},
 }
diff --git a/validators/types_windows.go b/validators/types_windows.go
index afabfea..cce90f6 100644
--- a/validators/types_windows.go
+++ b/validators/types_windows.go
@@ -1,3 +1,4 @@
+//go:build windows
 // +build windows
 
 /*

Debdiff

File lists identical (after any substitutions)

No differences were encountered in the control files

More details

Full run details