Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NVIDIA/nvidia-container-toolkit
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.12.0
Choose a base ref
...
head repository: NVIDIA/nvidia-container-toolkit
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.13.0
Choose a head ref
Loading
Showing with 10,885 additions and 2,262 deletions.
  1. +37 −35 .common-ci.yml
  2. +113 −0 .github/workflows/blossom-ci.yaml
  3. +2 −0 .gitignore
  4. +14 −73 .gitlab-ci.yml
  5. +4 −23 .nvidia-ci.yml
  6. +65 −0 CHANGELOG.md
  7. +1 −1 Makefile
  8. +1 −0 build/container/Dockerfile.packaging
  9. +3 −9 build/container/Makefile
  10. +22 −18 cmd/nvidia-container-runtime-hook/container_config.go
  11. +5 −3 cmd/nvidia-container-runtime-hook/hook_config.go
  12. +1 −1 cmd/nvidia-container-runtime-hook/main.go
  13. +34 −0 cmd/nvidia-container-runtime.cdi/main.go
  14. +34 −0 cmd/nvidia-container-runtime.legacy/main.go
  15. +3 −77 cmd/nvidia-container-runtime/main.go
  16. +9 −7 cmd/nvidia-container-runtime/main_test.go
  17. +2 −0 cmd/nvidia-ctk/cdi/cdi.go
  18. +113 −213 cmd/nvidia-ctk/cdi/generate/generate.go
  19. +117 −0 cmd/nvidia-ctk/cdi/generate/generate_test.go
  20. +0 −75 cmd/nvidia-ctk/cdi/generate/mig-device.go
  21. +159 −0 cmd/nvidia-ctk/cdi/transform/root/root.go
  22. +51 −0 cmd/nvidia-ctk/cdi/transform/transform.go
  23. +7 −1 cmd/nvidia-ctk/hook/chmod/chmod.go
  24. +22 −12 cmd/nvidia-ctk/runtime/configure/configure.go
  25. +107 −0 cmd/nvidia-ctk/system/create-device-nodes/create-device-nodes.go
  26. +2 −0 cmd/nvidia-ctk/system/system.go
  27. +6 −28 docker/docker.mk
  28. +2 −2 go.mod
  29. +4 −0 go.sum
  30. +15 −3 internal/config/config.go
  31. +28 −0 internal/config/config_test.go
  32. +0 −125 internal/config/crio/crio.go
  33. +0 −117 internal/config/docker/docker.go
  34. +25 −0 internal/config/engine/api.go
  35. +140 −0 internal/config/engine/containerd/config_v1.go
  36. +161 −0 internal/config/engine/containerd/config_v2.go
  37. +40 −0 internal/config/engine/containerd/containerd.go
  38. +149 −0 internal/config/engine/containerd/option.go
  39. +131 −0 internal/config/engine/crio/crio.go
  40. +73 −0 internal/config/engine/crio/option.go
  41. +140 −0 internal/config/engine/docker/docker.go
  42. +4 −4 internal/config/{ → engine}/docker/docker_test.go
  43. +80 −0 internal/config/engine/docker/option.go
  44. +62 −0 internal/config/hook.go
  45. +43 −0 internal/config/image/privileged.go
  46. +11 −0 internal/config/runtime.go
  47. +5 −1 internal/discover/char_devices.go
  48. +1 −0 internal/discover/discover.go
  49. +114 −0 internal/discover/graphics.go
  50. +41 −3 internal/discover/hooks.go
  51. +60 −0 internal/discover/icp_test.go
  52. +78 −0 internal/discover/ipc.go
  53. +11 −0 internal/discover/mounts.go
  54. +17 −9 internal/discover/mounts_test.go
  55. +64 −0 internal/dxcore/api.go
  56. +334 −0 internal/dxcore/dxcore.c
  57. +59 −0 internal/dxcore/dxcore.go
  58. +39 −0 internal/dxcore/dxcore.h
  59. +1 −6 internal/edits/mount.go
  60. +102 −0 internal/lookup/cuda/cuda.go
  61. +1 −0 internal/lookup/library.go
  62. +63 −31 internal/modifier/cdi.go
  63. +92 −0 internal/modifier/cdi_test.go
  64. +7 −8 internal/{runtime → oci}/runtime_modifier.go
  65. +7 −8 internal/{runtime → oci}/runtime_modifier_test.go
  66. +33 −0 internal/runtime/api.go
  67. +29 −22 {cmd/nvidia-container-runtime → internal/runtime}/logger.go
  68. +34 −0 internal/runtime/logger_test.go
  69. +109 −0 internal/runtime/runtime.go
  70. +2 −3 {cmd/nvidia-container-runtime → internal/runtime}/runtime_factory.go
  71. +33 −1 {cmd/nvidia-container-runtime → internal/runtime}/runtime_factory_test.go
  72. +36 −0 internal/system/options.go
  73. +149 −0 internal/system/system.go
  74. +6 −0 packaging/debian/control
  75. +2 −0 packaging/debian/nvidia-container-toolkit-operator-extensions.install
  76. +31 −11 packaging/rpm/SPECS/nvidia-container-toolkit.spec
  77. +50 −0 pkg/nvcdi/api.go
  78. +4 −3 cmd/nvidia-ctk/cdi/generate/common.go → pkg/nvcdi/common-nvml.go
  79. +10 −15 cmd/nvidia-ctk/cdi/generate/ipc.go → pkg/nvcdi/device-wsl.go
  80. +32 −19 cmd/nvidia-ctk/cdi/generate/driver.go → pkg/nvcdi/driver-nvml.go
  81. +106 −0 pkg/nvcdi/driver-wsl.go
  82. +73 −3 cmd/nvidia-ctk/cdi/generate/full-gpu.go → pkg/nvcdi/full-gpu-nvml.go
  83. +82 −0 pkg/nvcdi/gds.go
  84. +105 −0 pkg/nvcdi/lib-nvml.go
  85. +82 −0 pkg/nvcdi/lib-wsl.go
  86. +175 −0 pkg/nvcdi/lib.go
  87. +88 −0 pkg/nvcdi/lib_test.go
  88. +190 −0 pkg/nvcdi/management.go
  89. +124 −0 pkg/nvcdi/mig-device-nvml.go
  90. +82 −0 pkg/nvcdi/mofed.go
  91. +19 −14 {cmd/nvidia-ctk/cdi/generate → pkg/nvcdi}/namer.go
  92. +89 −0 pkg/nvcdi/options.go
  93. +40 −0 pkg/nvcdi/spec/api.go
  94. +159 −0 pkg/nvcdi/spec/builder.go
  95. +120 −0 pkg/nvcdi/spec/spec.go
  96. +24 −0 pkg/nvcdi/transform/api.go
  97. +151 −0 pkg/nvcdi/transform/deduplicate.go
  98. +250 −0 pkg/nvcdi/transform/deduplicate_test.go
  99. +166 −0 pkg/nvcdi/transform/edits.go
  100. +35 −0 pkg/nvcdi/transform/no-op.go
  101. +105 −0 pkg/nvcdi/transform/remove.go
  102. +113 −0 pkg/nvcdi/transform/root.go
  103. +162 −0 pkg/nvcdi/transform/root_test.go
  104. +74 −0 pkg/nvcdi/transform/simplify.go
  105. +125 −0 pkg/nvcdi/transform/simplify_test.go
  106. +46 −33 ...tk/cdi/generate/device-folder-permissions.go → pkg/nvcdi/workarounds-device-folder-permissions.go
  107. +0 −6 scripts/build-packages.sh
  108. +6 −0 scripts/extract-packages.sh
  109. +5 −3 scripts/get-component-versions.sh
  110. +16 −10 scripts/release-kitmaker-artifactory.sh
  111. +6 −6 scripts/release-packages.sh
  112. +2 −2 test/container/containerd_test.sh
  113. +1 −1 test/container/docker_test.sh
  114. +1 −1 test/container/shared/run/nvidia/driver/usr/lib64/libnvidia-ml.so
  115. +5 −4 test/container/toolkit_test.sh
  116. +1 −1 third_party/libnvidia-container
  117. +2 −2 tools/container/README.md
  118. +0 −114 tools/container/containerd/config.go
  119. +0 −134 tools/container/containerd/config_v1.go
  120. +504 −155 tools/container/containerd/config_v1_test.go
  121. +0 −58 tools/container/containerd/config_v2.go
  122. +460 −143 tools/container/containerd/config_v2_test.go
  123. +61 −192 tools/container/containerd/containerd.go
  124. +0 −106 tools/container/containerd/containerd_test.go
  125. +46 −11 tools/container/crio/crio.go
  126. +38 −68 tools/container/docker/docker.go
  127. +104 −55 tools/container/docker/docker_test.go
  128. +135 −0 tools/container/operator/operator.go
  129. +207 −0 tools/container/operator/operator_test.go
  130. +31 −19 tools/container/toolkit/runtime.go
  131. +1 −1 tools/container/toolkit/runtime_test.go
  132. +258 −38 tools/container/toolkit/toolkit.go
  133. +278 −42 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/const.go
  134. +360 −3 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/device.go
  135. +387 −0 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/nvml.go
  136. +1,288 −58 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/nvml.h
  137. +138 −0 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/types_gen.go
  138. +18 −0 vendor/github.com/NVIDIA/go-nvml/pkg/nvml/vgpu.go
  139. +30 −6 vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvlib/info/info.go
  140. +2 −2 vendor/modules.txt
  141. +11 −4 versions.mk
72 changes: 37 additions & 35 deletions .common-ci.yml
Original file line number Diff line number Diff line change
@@ -23,6 +23,7 @@ variables:
BUILD_MULTI_ARCH_IMAGES: "true"

stages:
- trigger
- image
- lint
- go-checks
@@ -34,13 +35,44 @@ stages:
- scan
- release

.main-or-manual:
.pipeline-trigger-rules:
rules:
# We trigger the pipeline if started manually
- if: $CI_PIPELINE_SOURCE == "web"
# We trigger the pipeline on the main branch
- if: $CI_COMMIT_BRANCH == "main"
# We trigger the pipeline on the release- branches
- if: $CI_COMMIT_BRANCH =~ /^release-.*$/
# We trigger the pipeline on tags
- if: $CI_COMMIT_TAG && $CI_COMMIT_TAG != ""

workflow:
rules:
# We trigger the pipeline on a merge request
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
# We then add all the regular triggers
- !reference [.pipeline-trigger-rules, rules]

# The main or manual job is used to filter out distributions or architectures that are not required on
# every build.
.main-or-manual:
rules:
- !reference [.pipeline-trigger-rules, rules]
- if: $CI_PIPELINE_SOURCE == "schedule"
when: manual

# The trigger-pipeline job adds a manualy triggered job to the pipeline on merge requests.
trigger-pipeline:
stage: trigger
script:
- echo "starting pipeline"
rules:
- !reference [.main-or-manual, rules]
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
when: manual
allow_failure: false
- when: always

# Define the distribution targets
.dist-amazonlinux2:
rules:
@@ -70,20 +102,6 @@ stages:
DIST: debian10
PACKAGE_REPO_TYPE: debian

.dist-debian9:
rules:
- !reference [.main-or-manual, rules]
variables:
DIST: debian9
PACKAGE_REPO_TYPE: debian

.dist-fedora35:
rules:
- !reference [.main-or-manual, rules]
variables:
DIST: fedora35
PACKAGE_REPO_TYPE: rpm

.dist-opensuse-leap15.1:
rules:
- !reference [.main-or-manual, rules]
@@ -99,22 +117,13 @@ stages:
CVE_UPDATES: "cyrus-sasl-lib"
PACKAGE_REPO_TYPE: rpm

.dist-ubuntu16.04:
rules:
- !reference [.main-or-manual, rules]
variables:
DIST: ubuntu16.04
PACKAGE_REPO_TYPE: debian

.dist-ubuntu18.04:
variables:
DIST: ubuntu18.04
CVE_UPDATES: "libsasl2-2 libsasl2-modules-db"
PACKAGE_REPO_TYPE: debian

.dist-ubuntu20.04:
rules:
- !reference [.main-or-manual, rules]
variables:
DIST: ubuntu20.04
CVE_UPDATES: "libsasl2-2 libsasl2-modules-db"
@@ -259,22 +268,15 @@ release:staging-ubi8:
needs:
- image-ubi8

release:staging-ubuntu18.04:
extends:
- .release:staging
- .dist-ubuntu18.04
needs:
- test-toolkit-ubuntu18.04
- test-containerd-ubuntu18.04
- test-crio-ubuntu18.04
- test-docker-ubuntu18.04

release:staging-ubuntu20.04:
extends:
- .release:staging
- .dist-ubuntu20.04
needs:
- image-ubuntu20.04
- test-toolkit-ubuntu20.04
- test-containerd-ubuntu20.04
- test-crio-ubuntu20.04
- test-docker-ubuntu20.04

release:staging-packaging:
extends:
113 changes: 113 additions & 0 deletions .github/workflows/blossom-ci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
# Copyright (c) 2020-2023, NVIDIA CORPORATION.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# A workflow to trigger ci on hybrid infra (github + self hosted runner)
name: Blossom-CI
on:
issue_comment:
types: [created]
workflow_dispatch:
inputs:
platform:
description: 'runs-on argument'
required: false
args:
description: 'argument'
required: false
jobs:
Authorization:
name: Authorization
runs-on: blossom
outputs:
args: ${{ env.args }}

# This job only runs for pull request comments
if: |
contains( '\
anstockatnv,\
rohitrajani2018,\
cdesiniotis,\
shivamerla,\
ArangoGutierrez,\
elezar,\
klueska,\
zvonkok,\
', format('{0},', github.actor)) &&
github.event.comment.body == '/blossom-ci'
steps:
- name: Check if comment is issued by authorized person
run: blossom-ci
env:
OPERATION: 'AUTH'
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}

Vulnerability-scan:
name: Vulnerability scan
needs: [Authorization]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
repository: ${{ fromJson(needs.Authorization.outputs.args).repo }}
ref: ${{ fromJson(needs.Authorization.outputs.args).ref }}
lfs: 'true'

# repo specific steps
#- name: Setup java
# uses: actions/setup-java@v1
# with:
# java-version: 1.8

# add blackduck properties https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631308372/Methods+for+Configuring+Analysis#Using-a-configuration-file
#- name: Setup blackduck properties
# run: |
# PROJECTS=$(mvn -am dependency:tree | grep maven-dependency-plugin | awk '{ out="com.nvidia:"$(NF-1);print out }' | grep rapids | xargs | sed -e 's/ /,/g')
# echo detect.maven.build.command="-pl=$PROJECTS -am" >> application.properties
# echo detect.maven.included.scopes=compile >> application.properties

- name: Run blossom action
uses: NVIDIA/blossom-action@main
env:
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }}
with:
args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }}
args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }}
args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }}

Job-trigger:
name: Start ci job
needs: [Vulnerability-scan]
runs-on: blossom
steps:
- name: Start ci job
run: blossom-ci
env:
OPERATION: 'START-CI-JOB'
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Upload-Log:
name: Upload log
runs-on: blossom
if : github.event_name == 'workflow_dispatch'
steps:
- name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here)
run: blossom-ci
env:
OPERATION: 'POST-PROCESSING'
CI_SERVER: ${{ secrets.CI_SERVER }}
REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
dist
artifacts
*.swp
*.swo
/coverage.out*
/test/output/
/nvidia-container-runtime
/nvidia-container-runtime.*
/nvidia-container-runtime-hook
/nvidia-container-toolkit
/nvidia-ctk
Loading