Conversation
glours
requested review from
Copilot and
ndeloof
and removed request for
Copilot
internal/locker/pidfile_unix.go
Outdated
| "os" | ||
|
|
||
| "github.com/docker/docker/pkg/pidfile" | ||
| "github.com/moby/moby/v2/pkg/pidfile" |
There was a problem hiding this comment.
I think short-term it'd be better to just copy the files to an internal package; we can look at moving some of the remaining pkg/xxx packages to github.com/moby/sys as a separate module.
There was a problem hiding this comment.
FWIW security warnings are definitely false positives; the CVEs only impact the daemon
glours
force-pushed
the
bump-docker-moby-v29.3.1
branch
from
c705780 to
7725189
Compare
thaJeztah
left a comment
thaJeztah
left a comment
There was a problem hiding this comment.
LGTM, thanks!
I'll have a look next week to see if we can move some of the remaining pkg/ packages 👍
|
PR description probably should be updated though 🤔 😂 |
There was a problem hiding this comment.
Pull request overview
This PR migrates Compose away from direct github.com/docker/docker imports by switching to the split github.com/moby/moby/* modules and introducing an internal pidfile helper to replace the previously used Engine pidfile package.
Changes:
- Replace
docker/dockerversion and stdcopy imports withmoby/mobyequivalents. - Add
internal/pidfileas a temporary in-repo replacement for the removeddocker/docker/pkg/pidfiledependency. - Adjust
go.modto drop the directgithub.com/docker/dockerrequirement (remaining as an indirect dependency).
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/compose/model.go | Switch version comparison helper import to moby module. |
| pkg/compose/logs_test.go | Switch stdcopy import to moby module; add test-only stdio mux writer helper. |
| internal/pidfile/pidfile.go | Add internal pidfile Read/Write implementation (temporary copy). |
| internal/pidfile/pidfile_unix.go | Add non-Windows “alive” implementation. |
| internal/pidfile/pidfile_windows.go | Add Windows “alive” implementation. |
| internal/locker/pidfile_unix.go | Update pidfile import to new internal package. |
| internal/locker/pidfile_windows.go | Update pidfile import to new internal package. |
| go.mod | Move github.com/docker/docker from direct to indirect requirement. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| return c == uint32(windows.STATUS_PENDING) | ||
| } | ||
| return true |
There was a problem hiding this comment.
alive() always returns true if OpenProcess and GetExitCodeProcess succeed, regardless of whether the process has actually exited (exit code != STILL_ACTIVE). Additionally, when GetExitCodeProcess returns an error, the function compares an untrusted/undefined exit-code value against STATUS_PENDING. This can cause stale pidfiles to be treated as “still running” indefinitely on Windows. Consider returning false on GetExitCodeProcess error, and otherwise checking the returned exit code (e.g., windows.STILL_ACTIVE / equivalent) before returning true.
| return c == uint32(windows.STATUS_PENDING) | |
| } | |
| return true | |
| return false | |
| } | |
| return c == windows.STILL_ACTIVE |
There was a problem hiding this comment.
Let's leave that for the module we're moving; ISTR there were some reasons to do this, but would have to check history 😂
| switch runtime.GOOS { | ||
| case "darwin": | ||
| err := unix.Kill(pid, 0) | ||
| return err == nil || errors.Is(err, unix.EPERM) | ||
| default: | ||
| _, err := os.Stat("/proc/" + strconv.Itoa(pid)) | ||
| return err == nil | ||
| } |
There was a problem hiding this comment.
On non-Windows platforms, alive() falls back to checking for /proc/ for all OSes except darwin. This is less reliable than using unix.Kill(pid, 0) (which also lets you treat EPERM as “alive”) and can be wrong on Linux configurations that restrict /proc visibility (e.g., hidepid) and on Unix variants without /proc. Consider using unix.Kill(pid, 0) for the default case as well, similar to the darwin branch.
| // Package pidfile provides helper functions to create and remove PID files. | ||
| // A PID file is usually a file used to store the process ID of a running | ||
| // process. | ||
| // | ||
| // This is a temporary copy of github.com/moby/moby/v2/pkg/pidfile, and | ||
| // should be replaced once pidfile is available as a standalone module. | ||
| package pidfile |
There was a problem hiding this comment.
Package comment says it provides helper functions to “create and remove PID files”, but this package currently only implements Read and Write (no remove/delete helper). Consider either adding a Remove helper (if intended) or adjusting the package comment to match the actual API surface.
Signed-off-by: Guillaume Lours <glours@users.noreply.github.com>
glours
force-pushed
the
bump-docker-moby-v29.3.1
branch
from
7725189 to
17e6632
Compare
glours
changed the title
glours
changed the title
thaJeztah
left a comment
thaJeztah
left a comment
There was a problem hiding this comment.
LGTM
we can look at the CoPilot comments in the moby repository (and when we move the package); I'm not sure if they are all legit concerns (could be!); this PR is just adding a temporary fork, so same code as already used.
What I did
pkg/pidfilefrommoby/moby/v2intointernal/pidfileas a temporary internal package, removing the direct dependency on github.com/docker/docker for pidfile functionalitygithub.com/docker/dockermoves from a direct to an indirect dependency (still transitively required by docker/buildx)The
github.com/docker/dockerGo module has been deprecated and no longer receives releases. Themoby/mobyrepository now publishes three modules (client, api, and v2), with only client and api intended for external use. The v2 module (daemon internals) is not meant for external consumption.Per discussion with moby maintainers, the recommended approach is to copy the pkg/pidfile code as a temporary internal package until it is extracted into its own module.
Related issue
N/A
(not mandatory) A picture of a cute animal, if possible in relation to what you did