Update container-device-interface (CDI) to v0.6.2

This updates the container-device-interface dependency to v0.6.2 and renames the import to
tags.cncf.io/container-device-interface to make use of the new vanity URL.

[NO NEW TESTS NEEDED]

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Evan Lezar <elezar@nvidia.com>

RELEASE_NOTES.md

@@ -1511,7 +1511,7 @@
 - The `podman run` and `podman create` commands now support a new option, `--pidfile`. This will create a file when the container is started containing the PID of the first process in the container.
 - The `podman run` and `podman create` commands now support a new option, `--requires`. The `--requires` option adds dependency containers - containers that must be running before the current container. Commands like `podman start` will automatically start the requirements of a container before starting the container itself.
 - Auto-updating containers can now be done with locally-built images, not just images hosted on a registry, by creating containers with the `io.containers.autoupdate` label set to `local`.
-- Podman now supports the [Container Device Interface](https://github.com/container-orchestrated-devices/container-device-interface) (CDI) standard.
+- Podman now supports the [Container Device Interface](https://tags.cncf.io/container-device-interface) (CDI) standard.
 - Podman now adds an entry to `/etc/hosts`, `host.containers.internal`, pointing to the current gateway (which, for root containers, is usually a bridge interface on the host system) ([#5651](https://github.com/containers/podman/issues/5651)).
 - The `podman ps`, `podman pod ps`, `podman network list`, `podman secret list`, and `podman volume list` commands now support a `--noheading` option, which will cause Podman to omit the heading line including column names.
 - The `podman unshare` command now supports a new flag, `--rootless-cni`, to join the rootless network namespace. This allows commands to be run in the same network environment as rootless containers with CNI networking.

go.mod

@@ -9,7 +9,6 @@ require (
 	github.com/buger/goterm v1.0.4
 	github.com/checkpoint-restore/checkpointctl v1.1.0
 	github.com/checkpoint-restore/go-criu/v7 v7.0.0
-	github.com/container-orchestrated-devices/container-device-interface v0.6.1
 	github.com/containernetworking/cni v1.1.2
 	github.com/containernetworking/plugins v1.3.0
 	github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761
@@ -78,6 +77,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1
 	k8s.io/kubernetes v1.28.3
 	sigs.k8s.io/yaml v1.4.0
+	tags.cncf.io/container-device-interface v0.6.2
 )
 
 require (
@@ -212,7 +212,7 @@ require (
 	gopkg.in/go-jose/go-jose.v2 v2.6.1 // indirect
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	tags.cncf.io/container-device-interface v0.6.2 // indirect
+	tags.cncf.io/container-device-interface/specs-go v0.6.0 // indirect
 )
 
 replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.1-0.20230904132852-a0466dd76f23

go.sum

@@ -157,8 +157,6 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
-github.com/container-orchestrated-devices/container-device-interface v0.6.1 h1:mz77uJoP8im/4Zins+mPqt677ZMaflhoGaYrRAl5jvA=
-github.com/container-orchestrated-devices/container-device-interface v0.6.1/go.mod h1:40T6oW59rFrL/ksiSs7q45GzjGlbvxnA4xaK6cyq+kA=
 github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
 github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU=
 github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
@@ -1656,3 +1654,5 @@ sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
 src.elv.sh v0.16.0-rc1.0.20220116211855-fda62502ad7f h1:pjVeIo9Ba6K1Wy+rlwX91zT7A+xGEmxiNRBdN04gDTQ=
 tags.cncf.io/container-device-interface v0.6.2 h1:dThE6dtp/93ZDGhqaED2Pu374SOeUkBfuvkLuiTdwzg=
 tags.cncf.io/container-device-interface v0.6.2/go.mod h1:Shusyhjs1A5Na/kqPVLL0KqnHQHuunol9LFeUNkuGVE=
+tags.cncf.io/container-device-interface/specs-go v0.6.0 h1:V+tJJN6dqu8Vym6p+Ru+K5mJ49WL6Aoc5SJFSY0RLsQ=
+tags.cncf.io/container-device-interface/specs-go v0.6.0/go.mod h1:hMAwAbMZyBLdmYqWgYcKH0F/yctNpV3P35f+/088A80=

libpod/container_internal_common.go

@@ -22,7 +22,6 @@ import (
 
 	metadata "github.com/checkpoint-restore/checkpointctl/lib"
 	"github.com/checkpoint-restore/go-criu/v7/stats"
-	cdi "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
 	"github.com/containers/buildah"
 	"github.com/containers/buildah/pkg/chrootuser"
 	"github.com/containers/buildah/pkg/overlay"
@@ -58,6 +57,7 @@ import (
 	"github.com/opencontainers/selinux/go-selinux/label"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/sys/unix"
+	cdi "tags.cncf.io/container-device-interface/pkg/cdi"
 )
 
 func parseOptionIDs(ctrMappings []idtools.IDMap, option string) ([]idtools.IDMap, error) {

pkg/specgen/generate/config_freebsd.go

@@ -10,10 +10,10 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/sys/unix"
+	"tags.cncf.io/container-device-interface/pkg/cdi"
 )
 
 // DevicesFromPath computes a list of devices

pkg/specgen/generate/config_linux.go

@@ -11,7 +11,6 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
 	"github.com/containers/podman/v4/libpod/define"
 	"github.com/containers/podman/v4/pkg/rootless"
 	"github.com/containers/podman/v4/pkg/util"
@@ -20,6 +19,7 @@ import (
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/sys/unix"
+	"tags.cncf.io/container-device-interface/pkg/cdi"
 )
 
 // DevicesFromPath computes a list of devices

pkg/specgen/generate/container_create.go

@@ -12,7 +12,6 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
 	"github.com/containers/common/libimage"
 	"github.com/containers/common/libnetwork/pasta"
 	"github.com/containers/common/libnetwork/slirp4netns"
@@ -26,6 +25,7 @@ import (
 	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/selinux/go-selinux/label"
 	"github.com/sirupsen/logrus"
+	"tags.cncf.io/container-device-interface/pkg/parser"
 )
 
 // MakeContainer creates a container based on the SpecGenerator.

vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/parser/parser.go

@@ -1,212 +0,0 @@
-/*
-   Copyright © The CDI Authors
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package parser
-
-import (
-	"fmt"
-	"strings"
-)
-
-// QualifiedName returns the qualified name for a device.
-// The syntax for a qualified device names is
-//
-//	"<vendor>/<class>=<name>".
-//
-// A valid vendor and class name may contain the following runes:
-//
-//	'A'-'Z', 'a'-'z', '0'-'9', '.', '-', '_'.
-//
-// A valid device name may contain the following runes:
-//
-//	'A'-'Z', 'a'-'z', '0'-'9', '-', '_', '.', ':'
-func QualifiedName(vendor, class, name string) string {
-	return vendor + "/" + class + "=" + name
-}
-
-// IsQualifiedName tests if a device name is qualified.
-func IsQualifiedName(device string) bool {
-	_, _, _, err := ParseQualifiedName(device)
-	return err == nil
-}
-
-// ParseQualifiedName splits a qualified name into device vendor, class,
-// and name. If the device fails to parse as a qualified name, or if any
-// of the split components fail to pass syntax validation, vendor and
-// class are returned as empty, together with the verbatim input as the
-// name and an error describing the reason for failure.
-func ParseQualifiedName(device string) (string, string, string, error) {
-	vendor, class, name := ParseDevice(device)
-
-	if vendor == "" {
-		return "", "", device, fmt.Errorf("unqualified device %q, missing vendor", device)
-	}
-	if class == "" {
-		return "", "", device, fmt.Errorf("unqualified device %q, missing class", device)
-	}
-	if name == "" {
-		return "", "", device, fmt.Errorf("unqualified device %q, missing device name", device)
-	}
-
-	if err := ValidateVendorName(vendor); err != nil {
-		return "", "", device, fmt.Errorf("invalid device %q: %w", device, err)
-	}
-	if err := ValidateClassName(class); err != nil {
-		return "", "", device, fmt.Errorf("invalid device %q: %w", device, err)
-	}
-	if err := ValidateDeviceName(name); err != nil {
-		return "", "", device, fmt.Errorf("invalid device %q: %w", device, err)
-	}
-
-	return vendor, class, name, nil
-}
-
-// ParseDevice tries to split a device name into vendor, class, and name.
-// If this fails, for instance in the case of unqualified device names,
-// ParseDevice returns an empty vendor and class together with name set
-// to the verbatim input.
-func ParseDevice(device string) (string, string, string) {
-	if device == "" || device[0] == '/' {
-		return "", "", device
-	}
-
-	parts := strings.SplitN(device, "=", 2)
-	if len(parts) != 2 || parts[0] == "" || parts[1] == "" {
-		return "", "", device
-	}
-
-	name := parts[1]
-	vendor, class := ParseQualifier(parts[0])
-	if vendor == "" {
-		return "", "", device
-	}
-
-	return vendor, class, name
-}
-
-// ParseQualifier splits a device qualifier into vendor and class.
-// The syntax for a device qualifier is
-//
-//	"<vendor>/<class>"
-//
-// If parsing fails, an empty vendor and the class set to the
-// verbatim input is returned.
-func ParseQualifier(kind string) (string, string) {
-	parts := strings.SplitN(kind, "/", 2)
-	if len(parts) != 2 || parts[0] == "" || parts[1] == "" {
-		return "", kind
-	}
-	return parts[0], parts[1]
-}
-
-// ValidateVendorName checks the validity of a vendor name.
-// A vendor name may contain the following ASCII characters:
-//   - upper- and lowercase letters ('A'-'Z', 'a'-'z')
-//   - digits ('0'-'9')
-//   - underscore, dash, and dot ('_', '-', and '.')
-func ValidateVendorName(vendor string) error {
-	err := validateVendorOrClassName(vendor)
-	if err != nil {
-		err = fmt.Errorf("invalid vendor. %w", err)
-	}
-	return err
-}
-
-// ValidateClassName checks the validity of class name.
-// A class name may contain the following ASCII characters:
-//   - upper- and lowercase letters ('A'-'Z', 'a'-'z')
-//   - digits ('0'-'9')
-//   - underscore, dash, and dot ('_', '-', and '.')
-func ValidateClassName(class string) error {
-	err := validateVendorOrClassName(class)
-	if err != nil {
-		err = fmt.Errorf("invalid class. %w", err)
-	}
-	return err
-}
-
-// validateVendorOrClassName checks the validity of vendor or class name.
-// A name may contain the following ASCII characters:
-//   - upper- and lowercase letters ('A'-'Z', 'a'-'z')
-//   - digits ('0'-'9')
-//   - underscore, dash, and dot ('_', '-', and '.')
-func validateVendorOrClassName(name string) error {
-	if name == "" {
-		return fmt.Errorf("empty name")
-	}
-	if !IsLetter(rune(name[0])) {
-		return fmt.Errorf("%q, should start with letter", name)
-	}
-	for _, c := range string(name[1 : len(name)-1]) {
-		switch {
-		case IsAlphaNumeric(c):
-		case c == '_' || c == '-' || c == '.':
-		default:
-			return fmt.Errorf("invalid character '%c' in name %q",
-				c, name)
-		}
-	}
-	if !IsAlphaNumeric(rune(name[len(name)-1])) {
-		return fmt.Errorf("%q, should end with a letter or digit", name)
-	}
-
-	return nil
-}
-
-// ValidateDeviceName checks the validity of a device name.
-// A device name may contain the following ASCII characters:
-//   - upper- and lowercase letters ('A'-'Z', 'a'-'z')
-//   - digits ('0'-'9')
-//   - underscore, dash, dot, colon ('_', '-', '.', ':')
-func ValidateDeviceName(name string) error {
-	if name == "" {
-		return fmt.Errorf("invalid (empty) device name")
-	}
-	if !IsAlphaNumeric(rune(name[0])) {
-		return fmt.Errorf("invalid class %q, should start with a letter or digit", name)
-	}
-	if len(name) == 1 {
-		return nil
-	}
-	for _, c := range string(name[1 : len(name)-1]) {
-		switch {
-		case IsAlphaNumeric(c):
-		case c == '_' || c == '-' || c == '.' || c == ':':
-		default:
-			return fmt.Errorf("invalid character '%c' in device name %q",
-				c, name)
-		}
-	}
-	if !IsAlphaNumeric(rune(name[len(name)-1])) {
-		return fmt.Errorf("invalid name %q, should end with a letter or digit", name)
-	}
-	return nil
-}
-
-// IsLetter reports whether the rune is a letter.
-func IsLetter(c rune) bool {
-	return ('A' <= c && c <= 'Z') || ('a' <= c && c <= 'z')
-}
-
-// IsDigit reports whether the rune is a digit.
-func IsDigit(c rune) bool {
-	return '0' <= c && c <= '9'
-}
-
-// IsAlphaNumeric reports whether the rune is a letter or digit.
-func IsAlphaNumeric(c rune) bool {
-	return IsLetter(c) || IsDigit(c)
-}

vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go

@@ -1,113 +0,0 @@
-package specs
-
-import (
-	"errors"
-	"fmt"
-
-	spec "github.com/opencontainers/runtime-spec/specs-go"
-)
-
-// ApplyOCIEditsForDevice applies devices OCI edits, in other words
-// it finds the device in the CDI spec and applies the OCI patches that device
-// requires to the OCI specification.
-func ApplyOCIEditsForDevice(config *spec.Spec, cdi *Spec, dev string) error {
-	for _, d := range cdi.Devices {
-		if d.Name != dev {
-			continue
-		}
-
-		return ApplyEditsToOCISpec(config, &d.ContainerEdits)
-	}
-
-	return fmt.Errorf("CDI: device %q not found for spec %q", dev, cdi.Kind)
-}
-
-// ApplyOCIEdits applies the OCI edits the CDI spec declares globally
-func ApplyOCIEdits(config *spec.Spec, cdi *Spec) error {
-	return ApplyEditsToOCISpec(config, &cdi.ContainerEdits)
-}
-
-// ApplyEditsToOCISpec applies the specified edits to the OCI spec.
-func ApplyEditsToOCISpec(config *spec.Spec, edits *ContainerEdits) error {
-	if config == nil {
-		return errors.New("spec is nil")
-	}
-	if edits == nil {
-		return nil
-	}
-
-	if len(edits.Env) > 0 {
-		if config.Process == nil {
-			config.Process = &spec.Process{}
-		}
-		config.Process.Env = append(config.Process.Env, edits.Env...)
-	}
-
-	for _, d := range edits.DeviceNodes {
-		if config.Linux == nil {
-			config.Linux = &spec.Linux{}
-		}
-		config.Linux.Devices = append(config.Linux.Devices, d.ToOCI())
-	}
-
-	for _, m := range edits.Mounts {
-		config.Mounts = append(config.Mounts, m.ToOCI())
-	}
-
-	for _, h := range edits.Hooks {
-		if config.Hooks == nil {
-			config.Hooks = &spec.Hooks{}
-		}
-		switch h.HookName {
-		case "prestart":
-			config.Hooks.Prestart = append(config.Hooks.Prestart, h.ToOCI())
-		case "createRuntime":
-			config.Hooks.CreateRuntime = append(config.Hooks.CreateRuntime, h.ToOCI())
-		case "createContainer":
-			config.Hooks.CreateContainer = append(config.Hooks.CreateContainer, h.ToOCI())
-		case "startContainer":
-			config.Hooks.StartContainer = append(config.Hooks.StartContainer, h.ToOCI())
-		case "poststart":
-			config.Hooks.Poststart = append(config.Hooks.Poststart, h.ToOCI())
-		case "poststop":
-			config.Hooks.Poststop = append(config.Hooks.Poststop, h.ToOCI())
-		default:
-			fmt.Printf("CDI: Unknown hook %q\n", h.HookName)
-		}
-	}
-
-	return nil
-}
-
-// ToOCI returns the opencontainers runtime Spec Hook for this Hook.
-func (h *Hook) ToOCI() spec.Hook {
-	return spec.Hook{
-		Path:    h.Path,
-		Args:    h.Args,
-		Env:     h.Env,
-		Timeout: h.Timeout,
-	}
-}
-
-// ToOCI returns the opencontainers runtime Spec Mount for this Mount.
-func (m *Mount) ToOCI() spec.Mount {
-	return spec.Mount{
-		Source:      m.HostPath,
-		Destination: m.ContainerPath,
-		Options:     m.Options,
-		Type:        m.Type,
-	}
-}
-
-// ToOCI returns the opencontainers runtime Spec LinuxDevice for this DeviceNode.
-func (d *DeviceNode) ToOCI() spec.LinuxDevice {
-	return spec.LinuxDevice{
-		Path:     d.Path,
-		Type:     d.Type,
-		Major:    d.Major,
-		Minor:    d.Minor,
-		FileMode: d.FileMode,
-		UID:      d.UID,
-		GID:      d.GID,
-	}
-}

vendor/modules.txt

@@ -104,14 +104,6 @@ github.com/chenzhuoyu/iasm/x86_64
 # github.com/chzyer/readline v1.5.1
 ## explicit; go 1.15
 github.com/chzyer/readline
-# github.com/container-orchestrated-devices/container-device-interface v0.6.1
-## explicit; go 1.17
-github.com/container-orchestrated-devices/container-device-interface/internal/multierror
-github.com/container-orchestrated-devices/container-device-interface/internal/validation
-github.com/container-orchestrated-devices/container-device-interface/internal/validation/k8s
-github.com/container-orchestrated-devices/container-device-interface/pkg/cdi
-github.com/container-orchestrated-devices/container-device-interface/pkg/parser
-github.com/container-orchestrated-devices/container-device-interface/specs-go
 # github.com/containerd/cgroups/v3 v3.0.2
 ## explicit; go 1.18
 github.com/containerd/cgroups/v3/cgroup1/stats
@@ -1355,5 +1347,12 @@ sigs.k8s.io/yaml
 sigs.k8s.io/yaml/goyaml.v2
 # tags.cncf.io/container-device-interface v0.6.2
 ## explicit; go 1.19
+tags.cncf.io/container-device-interface/internal/multierror
+tags.cncf.io/container-device-interface/internal/validation
+tags.cncf.io/container-device-interface/internal/validation/k8s
+tags.cncf.io/container-device-interface/pkg/cdi
 tags.cncf.io/container-device-interface/pkg/parser
+# tags.cncf.io/container-device-interface/specs-go v0.6.0
+## explicit; go 1.19
+tags.cncf.io/container-device-interface/specs-go
 # github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.1-0.20230904132852-a0466dd76f23

vendor/tags.cncf.io/container-device-interface/internal/validation/k8s/objectmeta.go

@@ -23,7 +23,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/internal/multierror"
+	"tags.cncf.io/container-device-interface/internal/multierror"
 )
 
 // TotalAnnotationSizeLimitB defines the maximum size of all annotations in characters.

vendor/tags.cncf.io/container-device-interface/internal/validation/validate.go

@@ -20,7 +20,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/internal/validation/k8s"
+	"tags.cncf.io/container-device-interface/internal/validation/k8s"
 )
 
 // ValidateSpecAnnotations checks whether spec annotations are valid.

vendor/tags.cncf.io/container-device-interface/pkg/cdi/annotations.go

@@ -21,7 +21,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
+	"tags.cncf.io/container-device-interface/pkg/parser"
 )
 
 const (

vendor/tags.cncf.io/container-device-interface/pkg/cdi/cache.go

@@ -26,10 +26,10 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/container-orchestrated-devices/container-device-interface/internal/multierror"
-	cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
 	"github.com/fsnotify/fsnotify"
 	oci "github.com/opencontainers/runtime-spec/specs-go"
+	"tags.cncf.io/container-device-interface/internal/multierror"
+	cdi "tags.cncf.io/container-device-interface/specs-go"
 )
 
 // Option is an option to change some aspect of default CDI behavior.

vendor/tags.cncf.io/container-device-interface/pkg/cdi/container-edits.go

@@ -24,9 +24,9 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/container-orchestrated-devices/container-device-interface/specs-go"
 	oci "github.com/opencontainers/runtime-spec/specs-go"
 	ocigen "github.com/opencontainers/runtime-tools/generate"
+	"tags.cncf.io/container-device-interface/specs-go"
 )
 
 const (

vendor/tags.cncf.io/container-device-interface/pkg/cdi/device.go

@@ -19,10 +19,10 @@ package cdi
 import (
 	"fmt"
 
-	"github.com/container-orchestrated-devices/container-device-interface/internal/validation"
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
-	cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
 	oci "github.com/opencontainers/runtime-spec/specs-go"
+	"tags.cncf.io/container-device-interface/internal/validation"
+	"tags.cncf.io/container-device-interface/pkg/parser"
+	cdi "tags.cncf.io/container-device-interface/specs-go"
 )
 
 // Device represents a CDI device of a Spec.

vendor/tags.cncf.io/container-device-interface/pkg/cdi/doc.go

@@ -2,9 +2,9 @@
 // interacting with CDI and consuming CDI devices.
 //
 // For more information about Container Device Interface, please refer to
-// https://github.com/container-orchestrated-devices/container-device-interface
+// https://tags.cncf.io/container-device-interface
 //
-// Container Device Interface
+// # Container Device Interface
 //
 // Container Device Interface, or CDI for short, provides comprehensive
 // third party device support for container runtimes. CDI uses vendor
@@ -29,7 +29,7 @@
 // the vast majority of CDI consumers need. The API should be usable both
 // by OCI runtime clients and runtime implementations.
 //
-// CDI Registry
+// # CDI Registry
 //
 // The primary interface to interact with CDI devices is the Registry. It
 // is essentially a cache of all Specs and devices discovered in standard
@@ -37,34 +37,34 @@
 // injecting devices into an OCI Spec and refreshing the cache of CDI
 // Specs and devices.
 //
-// Device Injection
+// # Device Injection
 //
 // Using the Registry one can inject CDI devices into a container with code
 // similar to the following snippet:
 //
-//  import (
-//      "fmt"
-//      "strings"
+//	import (
+//	    "fmt"
+//	    "strings"
 //
-//      log "github.com/sirupsen/logrus"
+//	    log "github.com/sirupsen/logrus"
 //
-//      "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
-//      oci "github.com/opencontainers/runtime-spec/specs-go"
-//  )
+//	    "tags.cncf.io/container-device-interface/pkg/cdi"
+//	    oci "github.com/opencontainers/runtime-spec/specs-go"
+//	)
 //
-//  func injectCDIDevices(spec *oci.Spec, devices []string) error {
-//      log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
+//	func injectCDIDevices(spec *oci.Spec, devices []string) error {
+//	    log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
 //
-//      unresolved, err := cdi.GetRegistry().InjectDevices(spec, devices)
-//      if err != nil {
-//          return fmt.Errorf("CDI device injection failed: %w", err)
-//      }
+//	    unresolved, err := cdi.GetRegistry().InjectDevices(spec, devices)
+//	    if err != nil {
+//	        return fmt.Errorf("CDI device injection failed: %w", err)
+//	    }
 //
-//      log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
-//      return nil
-//  }
+//	    log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
+//	    return nil
+//	}
 //
-// Cache Refresh
+// # Cache Refresh
 //
 // By default the CDI Spec cache monitors the configured Spec directories
 // and automatically refreshes itself when necessary. This behavior can be
@@ -85,42 +85,42 @@
 // CDI Spec cache is up to date before performing device injection.
 // A code snippet similar to the following accmplishes that:
 //
-//  import (
-//      "fmt"
-//      "strings"
+//	import (
+//	    "fmt"
+//	    "strings"
 //
-//      log "github.com/sirupsen/logrus"
+//	    log "github.com/sirupsen/logrus"
 //
-//      "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
-//      oci "github.com/opencontainers/runtime-spec/specs-go"
-//  )
+//	    "tags.cncf.io/container-device-interface/pkg/cdi"
+//	    oci "github.com/opencontainers/runtime-spec/specs-go"
+//	)
 //
-//  func injectCDIDevices(spec *oci.Spec, devices []string) error {
-//      registry := cdi.GetRegistry()
+//	func injectCDIDevices(spec *oci.Spec, devices []string) error {
+//	    registry := cdi.GetRegistry()
 //
-//      if err := registry.Refresh(); err != nil {
-//          // Note:
-//          //   It is up to the implementation to decide whether
-//          //   to abort injection on errors. A failed Refresh()
-//          //   does not necessarily render the registry unusable.
-//          //   For instance, a parse error in a Spec file for
-//          //   vendor A does not have any effect on devices of
-//          //   vendor B...
-//          log.Warnf("pre-injection Refresh() failed: %v", err)
-//      }
+//	    if err := registry.Refresh(); err != nil {
+//	        // Note:
+//	        //   It is up to the implementation to decide whether
+//	        //   to abort injection on errors. A failed Refresh()
+//	        //   does not necessarily render the registry unusable.
+//	        //   For instance, a parse error in a Spec file for
+//	        //   vendor A does not have any effect on devices of
+//	        //   vendor B...
+//	        log.Warnf("pre-injection Refresh() failed: %v", err)
+//	    }
 //
-//      log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
+//	    log.Debug("pristine OCI Spec: %s", dumpSpec(spec))
 //
-//      unresolved, err := registry.InjectDevices(spec, devices)
-//      if err != nil {
-//          return fmt.Errorf("CDI device injection failed: %w", err)
-//      }
+//	    unresolved, err := registry.InjectDevices(spec, devices)
+//	    if err != nil {
+//	        return fmt.Errorf("CDI device injection failed: %w", err)
+//	    }
 //
-//      log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
-//      return nil
-//  }
+//	    log.Debug("CDI-updated OCI Spec: %s", dumpSpec(spec))
+//	    return nil
+//	}
 //
-// Generated Spec Files, Multiple Directories, Device Precedence
+// # Generated Spec Files, Multiple Directories, Device Precedence
 //
 // It is often necessary to generate Spec files dynamically. On some
 // systems the available or usable set of CDI devices might change
@@ -149,7 +149,7 @@
 // '/etc/cdi' while all the dynamically generated Spec files, transient
 // or other, go into '/var/run/cdi'.
 //
-// Spec File Generation
+// # Spec File Generation
 //
 // CDI offers two functions for writing and removing dynamically generated
 // Specs from CDI Spec directories. These functions, WriteSpec() and
@@ -169,33 +169,35 @@
 // code snippet similar to the following:
 //
 // import (
-//     "fmt"
-//     ...
-//     "github.com/container-orchestrated-devices/container-device-interface/specs-go"
-//     "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
+//
+//	"fmt"
+//	...
+//	"tags.cncf.io/container-device-interface/specs-go"
+//	"tags.cncf.io/container-device-interface/pkg/cdi"
+//
 // )
 //
-// func generateDeviceSpecs() error {
-//     registry := cdi.GetRegistry()
-//     spec := &specs.Spec{
-//         Version: specs.CurrentVersion,
-//         Kind:    vendor+"/"+class,
-//     }
+//	func generateDeviceSpecs() error {
+//	    registry := cdi.GetRegistry()
+//	    spec := &specs.Spec{
+//	        Version: specs.CurrentVersion,
+//	        Kind:    vendor+"/"+class,
+//	    }
 //
-//     for _, dev := range enumerateDevices() {
-//         spec.Devices = append(spec.Devices, specs.Device{
-//             Name: dev.Name,
-//             ContainerEdits: getContainerEditsForDevice(dev),
-//         })
-//     }
+//	    for _, dev := range enumerateDevices() {
+//	        spec.Devices = append(spec.Devices, specs.Device{
+//	            Name: dev.Name,
+//	            ContainerEdits: getContainerEditsForDevice(dev),
+//	        })
+//	    }
 //
-//     specName, err := cdi.GenerateNameForSpec(spec)
-//     if err != nil {
-//         return fmt.Errorf("failed to generate Spec name: %w", err)
-//     }
+//	    specName, err := cdi.GenerateNameForSpec(spec)
+//	    if err != nil {
+//	        return fmt.Errorf("failed to generate Spec name: %w", err)
+//	    }
 //
-//     return registry.SpecDB().WriteSpec(spec, specName)
-// }
+//	    return registry.SpecDB().WriteSpec(spec, specName)
+//	}
 //
 // Similarly, generating and later cleaning up transient Spec files can be
 // done with code fragments similar to the following. These transient Spec
@@ -204,53 +206,55 @@
 // and removed once that container is removed.
 //
 // import (
-//     "fmt"
-//     ...
-//     "github.com/container-orchestrated-devices/container-device-interface/specs-go"
-//     "github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
+//
+//	"fmt"
+//	...
+//	"tags.cncf.io/container-device-interface/specs-go"
+//	"tags.cncf.io/container-device-interface/pkg/cdi"
+//
 // )
 //
-// func generateTransientSpec(ctr Container) error {
-//     registry := cdi.GetRegistry()
-//     devices := getContainerDevs(ctr, vendor, class)
-//     spec := &specs.Spec{
-//         Version: specs.CurrentVersion,
-//         Kind:    vendor+"/"+class,
-//     }
+//	func generateTransientSpec(ctr Container) error {
+//	    registry := cdi.GetRegistry()
+//	    devices := getContainerDevs(ctr, vendor, class)
+//	    spec := &specs.Spec{
+//	        Version: specs.CurrentVersion,
+//	        Kind:    vendor+"/"+class,
+//	    }
 //
-//     for _, dev := range devices {
-//         spec.Devices = append(spec.Devices, specs.Device{
-//             // the generated name needs to be unique within the
-//             // vendor/class domain on the host/node.
-//             Name: generateUniqueDevName(dev, ctr),
-//             ContainerEdits: getEditsForContainer(dev),
-//         })
-//     }
+//	    for _, dev := range devices {
+//	        spec.Devices = append(spec.Devices, specs.Device{
+//	            // the generated name needs to be unique within the
+//	            // vendor/class domain on the host/node.
+//	            Name: generateUniqueDevName(dev, ctr),
+//	            ContainerEdits: getEditsForContainer(dev),
+//	        })
+//	    }
 //
-//     // transientID is expected to guarantee that the Spec file name
-//     // generated using <vendor, class, transientID> is unique within
-//     // the host/node. If more than one device is allocated with the
-//     // same vendor/class domain, either all generated Spec entries
-//     // should go to a single Spec file (like in this sample snippet),
-//     // or transientID should be unique for each generated Spec file.
-//     transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
-//     specName, err := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
-//     if err != nil {
-//         return fmt.Errorf("failed to generate Spec name: %w", err)
-//     }
+//	    // transientID is expected to guarantee that the Spec file name
+//	    // generated using <vendor, class, transientID> is unique within
+//	    // the host/node. If more than one device is allocated with the
+//	    // same vendor/class domain, either all generated Spec entries
+//	    // should go to a single Spec file (like in this sample snippet),
+//	    // or transientID should be unique for each generated Spec file.
+//	    transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
+//	    specName, err := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
+//	    if err != nil {
+//	        return fmt.Errorf("failed to generate Spec name: %w", err)
+//	    }
 //
-//     return registry.SpecDB().WriteSpec(spec, specName)
-// }
+//	    return registry.SpecDB().WriteSpec(spec, specName)
+//	}
 //
-// func removeTransientSpec(ctr Container) error {
-//     registry := cdi.GetRegistry()
-//     transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
-//     specName := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
+//	func removeTransientSpec(ctr Container) error {
+//	    registry := cdi.GetRegistry()
+//	    transientID := getSomeSufficientlyUniqueIDForContainer(ctr)
+//	    specName := cdi.GenerateNameForTransientSpec(vendor, class, transientID)
 //
-//     return registry.SpecDB().RemoveSpec(specName)
-// }
+//	    return registry.SpecDB().RemoveSpec(specName)
+//	}
 //
-// CDI Spec Validation
+// # CDI Spec Validation
 //
 // This package performs both syntactic and semantic validation of CDI
 // Spec file data when a Spec file is loaded via the registry or using

vendor/tags.cncf.io/container-device-interface/pkg/cdi/qualified-device.go

@@ -17,7 +17,7 @@
 package cdi
 
 import (
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
+	"tags.cncf.io/container-device-interface/pkg/parser"
 )
 
 // QualifiedName returns the qualified name for a device.

vendor/tags.cncf.io/container-device-interface/pkg/cdi/registry.go

@@ -19,8 +19,8 @@ package cdi
 import (
 	"sync"
 
-	cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
 	oci "github.com/opencontainers/runtime-spec/specs-go"
+	cdi "tags.cncf.io/container-device-interface/specs-go"
 )
 
 // Registry keeps a cache of all CDI Specs installed or generated on

vendor/tags.cncf.io/container-device-interface/pkg/cdi/spec.go

@@ -28,8 +28,8 @@ import (
 	oci "github.com/opencontainers/runtime-spec/specs-go"
 	"sigs.k8s.io/yaml"
 
-	"github.com/container-orchestrated-devices/container-device-interface/internal/validation"
-	cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
+	"tags.cncf.io/container-device-interface/internal/validation"
+	cdi "tags.cncf.io/container-device-interface/specs-go"
 )
 
 const (

vendor/tags.cncf.io/container-device-interface/pkg/cdi/version.go

@@ -21,8 +21,8 @@ import (
 
 	"golang.org/x/mod/semver"
 
-	"github.com/container-orchestrated-devices/container-device-interface/pkg/parser"
-	cdi "github.com/container-orchestrated-devices/container-device-interface/specs-go"
+	"tags.cncf.io/container-device-interface/pkg/parser"
+	cdi "tags.cncf.io/container-device-interface/specs-go"
 )
 
 const (

vendor/tags.cncf.io/container-device-interface/specs-go/oci.go

@@ -0,0 +1,38 @@
+package specs
+
+import (
+	spec "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+// ToOCI returns the opencontainers runtime Spec Hook for this Hook.
+func (h *Hook) ToOCI() spec.Hook {
+	return spec.Hook{
+		Path:    h.Path,
+		Args:    h.Args,
+		Env:     h.Env,
+		Timeout: h.Timeout,
+	}
+}
+
+// ToOCI returns the opencontainers runtime Spec Mount for this Mount.
+func (m *Mount) ToOCI() spec.Mount {
+	return spec.Mount{
+		Source:      m.HostPath,
+		Destination: m.ContainerPath,
+		Options:     m.Options,
+		Type:        m.Type,
+	}
+}
+
+// ToOCI returns the opencontainers runtime Spec LinuxDevice for this DeviceNode.
+func (d *DeviceNode) ToOCI() spec.LinuxDevice {
+	return spec.LinuxDevice{
+		Path:     d.Path,
+		Type:     d.Type,
+		Major:    d.Major,
+		Minor:    d.Minor,
+		FileMode: d.FileMode,
+		UID:      d.UID,
+		GID:      d.GID,
+	}
+}