Skip to content

Commit

Permalink
go.mod: cut circular dependency on github.com/containerd/containerd
Browse files Browse the repository at this point in the history
This forces vendoring to only take dependencies of this repository to
be taken into account, effectively cutting the circular dependency (for
the vendored code), and to prevent depending on transitive dependencies
coming from older versions of containerd.

go mod does not allow using the main module as a local "replace" rule using
a path; see golang/go#45492 and golang/go#34417, so instead, an empty module
is used.

One change observed is that older versions containerd depended on an older
version of imgcrypt that had an "indirect" dependency on more current versions
of gopkg.in/yaml.v2 and prometheus/procfs.

For those, a temporary "indirect" dependency was added, until prometheus/client_golang
and kubernetes are updated.

from go mod graph (before):

    github.com/containerd/imgcrypt@v1.0.4-0.20210301171431-0ae5c75f59ba gopkg.in/yaml.v2@v2.4.0
    github.com/containerd/imgcrypt@v1.0.4-0.20210301171431-0ae5c75f59ba github.com/prometheus/procfs@v0.6.0

For some reason, some older versions of containerd are still taken into account,
causing satori/go.uuid to be added as "indirect" dependency, likely because some
modules have this dependency in their go.sum. This should likely disappear once
those plugins are updated to contain a current version of containerd.

    git grep 'github.com/satori/go.uuid'
    vendor/github.com/Microsoft/hcsshim/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/aufs/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/imgcrypt/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/nri/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
    vendor/github.com/containerd/zfs/go.sum:github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
  • Loading branch information
thaJeztah authored and fahedouch committed Oct 14, 2021
1 parent 659a85b commit e7452e4
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 199 deletions.
11 changes: 11 additions & 0 deletions .empty-mod/go.mod
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// module empty-mod is an empty module that's used to help with containerd
// having a circular dependency on itself through plugin modules.
//
// We use this module as a "replace" rule in containerd's go.mod, to prevent
// relying on transitive dependencies (coming from older versions of containerd
// defined on plugin go.mod).
//
// The replace rule forces go modules to consider the "current" version of
// containerd to be the source of truth, helping us catch missing go.mod rules,
// or version changes early.
module empty-mod
5 changes: 5 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ require (
github.com/pelletier/go-toml v1.8.1
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.7.1
github.com/prometheus/procfs v0.6.0 // indirect; temporarily force v0.6.0, which was previously defined in imgcrypt as explicit version
github.com/satori/go.uuid v1.2.0 // indirect
github.com/sirupsen/logrus v1.7.0
github.com/stretchr/testify v1.6.1
github.com/tchap/go-patricia v2.2.6+incompatible
Expand All @@ -68,6 +70,9 @@ require (

// When updating replace rules, make sure to also update the rules in integration/client/go.mod
replace (
// prevent transitional dependencies due to containerd having a circular
// dependency on itself through plugins. see .empty-mod/go.mod for details
github.com/containerd/containerd => ./.empty-mod/
github.com/gogo/googleapis => github.com/gogo/googleapis v1.3.2
github.com/golang/protobuf => github.com/golang/protobuf v1.3.5
// urfave/cli must be <= v1.22.1 due to a regression: https://github.com/urfave/cli/issues/1092
Expand Down
Loading

0 comments on commit e7452e4

Please sign in to comment.