diff --git a/node-installer/node-installer_test.go b/node-installer/node-installer_test.go index aa7b09bdc1..a99b289094 100644 --- a/node-installer/node-installer_test.go +++ b/node-installer/node-installer_test.go @@ -23,97 +23,90 @@ func TestPatchContainerdConfig(t *testing.T) { configData, err := os.ReadFile(configPath) require.NoError(err) - assert.Equal(`disabled_plugins = [] -imports = [] -oom_score = 0 -plugin_dir = "" + assert.Equal(`version = 2 +root = '' +state = '' +temp = '' +plugin_dir = '' +disabled_plugins = [] required_plugins = [] -root = "" -state = "" -temp = "" -version = 2 +oom_score = 0 +imports = [] [metrics] - address = "0.0.0.0:10257" +address = '0.0.0.0:10257' [plugins] +[plugins.'io.containerd.grpc.v1.cri'] +sandbox_image = 'mcr.microsoft.com/oss/kubernetes/pause:3.6' - [plugins."io.containerd.grpc.v1.cri"] - sandbox_image = "mcr.microsoft.com/oss/kubernetes/pause:3.6" - - [plugins."io.containerd.grpc.v1.cri".cni] - bin_dir = "/opt/cni/bin" - conf_dir = "/etc/cni/net.d" - conf_template = "/etc/containerd/kubenet_template.conf" +[plugins.'io.containerd.grpc.v1.cri'.cni] +bin_dir = '/opt/cni/bin' +conf_dir = '/etc/cni/net.d' +conf_template = '/etc/containerd/kubenet_template.conf' - [plugins."io.containerd.grpc.v1.cri".containerd] - default_runtime_name = "runc" - disable_snapshot_annotations = false +[plugins.'io.containerd.grpc.v1.cri'.containerd] +default_runtime_name = 'runc' +disable_snapshot_annotations = false - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes] +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.kata] +runtime_type = 'io.containerd.kata.v2' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata] - runtime_type = "io.containerd.kata.v2" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.kata-cc] +pod_annotations = ['io.katacontainers.*'] +privileged_without_host_devices = true +runtime_type = 'io.containerd.kata-cc.v2' +snapshotter = 'tardev' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata-cc] - pod_annotations = ["io.katacontainers.*"] - privileged_without_host_devices = true - runtime_type = "io.containerd.kata-cc.v2" - snapshotter = "tardev" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.kata-cc.options] +ConfigPath = '/opt/confidential-containers/share/defaults/kata-containers/configuration-clh-snp.toml' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata-cc.options] - ConfigPath = "/opt/confidential-containers/share/defaults/kata-containers/configuration-clh-snp.toml" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.katacli] +runtime_type = 'io.containerd.runc.v1' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.katacli] - runtime_type = "io.containerd.runc.v1" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.katacli.options] +BinaryName = '/usr/bin/kata-runtime' +CriuPath = '' +IoGid = 0 +IoUid = 0 +NoNewKeyring = false +NoPivotRoot = false +Root = '' +ShimCgroup = '' +SystemdCgroup = false - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.katacli.options] - BinaryName = "/usr/bin/kata-runtime" - CriuPath = "" - IoGid = 0 - IoUid = 0 - NoNewKeyring = false - NoPivotRoot = false - Root = "" - ShimCgroup = "" - SystemdCgroup = false +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.my-runtime] +runtime_type = 'io.containerd.contrast-cc.v2' +runtime_path = '/opt/edgeless/my-runtime/bin/containerd-shim-contrast-cc-v2' +pod_annotations = ['io.katacontainers.*'] +privileged_without_host_devices = true +snapshotter = 'tardev' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.my-runtime] - pod_annotations = ["io.katacontainers.*"] - privileged_without_host_devices = true - runtime_path = "/opt/edgeless/my-runtime/bin/containerd-shim-contrast-cc-v2" - runtime_type = "io.containerd.contrast-cc.v2" - snapshotter = "tardev" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.my-runtime.options] +ConfigPath = '/opt/edgeless/my-runtime/etc/configuration-clh-snp.toml' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.my-runtime.options] - ConfigPath = "/opt/edgeless/my-runtime/etc/configuration-clh-snp.toml" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.runc] +runtime_type = 'io.containerd.runc.v2' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - runtime_type = "io.containerd.runc.v2" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.runc.options] +BinaryName = '/usr/bin/runc' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] - BinaryName = "/usr/bin/runc" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.untrusted] +runtime_type = 'io.containerd.runc.v2' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.untrusted] - runtime_type = "io.containerd.runc.v2" +[plugins.'io.containerd.grpc.v1.cri'.containerd.runtimes.untrusted.options] +BinaryName = '/usr/bin/runc' - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.untrusted.options] - BinaryName = "/usr/bin/runc" +[plugins.'io.containerd.grpc.v1.cri'.registry] +config_path = '/etc/containerd/certs.d' - [plugins."io.containerd.grpc.v1.cri".registry] - config_path = "/etc/containerd/certs.d" - - [plugins."io.containerd.grpc.v1.cri".registry.headers] - X-Meta-Source-Client = ["azure/aks"] +[plugins.'io.containerd.grpc.v1.cri'.registry.headers] +X-Meta-Source-Client = ['azure/aks'] [proxy_plugins] - - [proxy_plugins.tardev] - address = "/run/containerd/tardev-snapshotter.sock" - type = "snapshot" - -[stream_processors] - -[timeouts] +[proxy_plugins.tardev] +type = 'snapshot' +address = '/run/containerd/tardev-snapshotter.sock' `, string(configData)) } diff --git a/packages/by-name/contrast-node-installer/package.nix b/packages/by-name/contrast-node-installer/package.nix index 114d886a3f..ab12552bd6 100644 --- a/packages/by-name/contrast-node-installer/package.nix +++ b/packages/by-name/contrast-node-installer/package.nix @@ -25,7 +25,7 @@ buildGoModule rec { }; proxyVendor = true; - vendorHash = "sha256-uCmDgm68Q9ClAqKYIHVYIDAVWkUm2tyQ4eoP3L8+wLg="; + vendorHash = "sha256-eARJWnSKrAXygXp2ELyJsFpTTzWX2CwW5zAwLbY+3z0="; subPackages = [ "." ];