| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to the newest 1.2.x, which contains the following commits:
f8777f130 Add release notes for v1.2.14
abbb17959 Add comment clarifying fix for security issue
1ead8d9de treat manifest provided URLs differently
f52fbb8a9 Bump Golang 1.13.15
0732aa7a6 Bump Golang 1.13.14
f6b342959 Bump Go 1.13.13
2f4dfde54 Bump Golang 1.13.12
cbdfca815 Build runc with selinux support
f8ae16778 Fix incorrect backport of setting octet-stream
17a506c94 golangci-lint update and fix
4f6dc01a8 Bump Golang 1.13.10
493665bd5 Bump Golang 1.13.9
053f4d6fd Update containerd/console vendor for fix
e72c2b5b1 Bump containerd console for os.File changes
8810a1387 bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
f8be3cf7f when kill container, check if container has been deleted
35a174382 Update Golang 1.13.8
305703670 Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
1591eb809 Update Golang 1.13.6
fc95ae8ed Update Golang 1.13.5
77499e24e Update to Golang 1.13.4
2adf308a2 Revert "Update Golang 1.12.14"
9d53ba930 Revert "Update Golang 1.12.15"
c5843f944 Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"
012c4c0af Revert "Update Golang 1.12.17"
30267a8da platforms: update known OS and arch values
591f6f491 Move flag.Parse in tests to TestMain
598f7a7b5 Try set GOGC for golint
dfff5b146 Switch to golangci-lint
a18c08347 fix additional linting failures
c1ceae579 Update timestamp atomic write
82ddedea2 Ensure close in content test
961c23a57 fix killall when use pidnamespace
a386eb648 Fix linter errors
971ad613c bugfix: cleanup dangling shim by brand new context
f141d0f7a Prepare v1.2.13 release
0c10aca55 Update .mailmap with changes from master
b97098762 Fix container pid.
567ca6785 Set octet-stream content-type on put request
28eb964b0 script: use github.com/kubernetes-sigs/cri-tools directly
2a0ca2d07 Update Golang 1.12.17
a7c9b7605 Fix incorrect comment from copy/paste of starting script
6ad255383 Pin to libseccomp 2.3.3
25a806c50 bump cgroups dependency to address blkio issue
79d65767e Prepare v1.2.12 release
9be62a7ee Update mailmap
8761b1bf8 Update name for btrfs headers package
5db3987eb Fix dependency in BUILDING.md
945611681 [release/1.2] vendor: bump containerd/cri b1052f3b73fb9f0a6805d3c20e884a4cef265a38
520c8cb84 bump google.golang.org/grpc v1.23.1
c12aaf0e5 vendor: bump gopkg.in/yaml.v2 v2.2.8
9d1954f2e vendor: bump containerd/cri b075cc4e9f394780dbed101601c48dcc3d37c828 (release/1.2 branch)
1bc2590d9 vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1
44b5bac0c Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)
4c03d5dfb Pick up fix for CVE-2019-16884 in opencontainers/selinux
87648d2a7 Bump to opencontainers/runc new version - v1.0.0-rc10
f106ae4ab Update Golang 1.12.15
4288ba10f runtime: only check killall for init process
e7b06baa6 Update Golang 1.12.14
34978bf3b Disable criu tests in Travis CI
de8ed89b1 Fix cleanup error on content client test
1b4aebd68 Prepare v1.2.11 release
128664b67 snapshots: return error if readSnapshot fails
342c953a5 Update to Golang 1.12.13
6b94990c1 Revert "[release/1.2] pin travis to go 1.12.12"
0b9135f1d Catch up vndr with state of vendor/ dir
435e05fd0 [release/1.2] pin travis to go 1.12.12
e319caedc Update Golang 1.12.12 (CVE-2019-17596)
0877136a9 Use cached state instead of `runc state`.
f71f6d39b Robust pid locking for shim processes
42aba6e0f Add timeout for I/O waitgroups
c471c95bc Add local-fs.target to service file
847f74c28 Fix delete error code on the containerd daemon side.
611766aff Fix shim delete error code.
639be3585 bump runc v1.0.0-rc9
b30190905 Bump runc to 1b8a1eeec3f337ab5d94f28980
8fb208fb1 Revert "Revert "bump libseccomp-golang v0.9.1""
889f5f803 Automate CRI tarball release.
9e6b7bb9f Prepare v1.2.10 release
8d33d0351 AppVeyor: bump golang 1.12.10 (CVE-2019-16276)
0c961b186 Bump runc for CVE-2019-16884
4be2ad78f Update cri to 40affe7c7402d41618b9791a8cf105ac74ce56d0.
5d464752c Update go-runc to e029b79d8cda8374981c64eba71f28e
b3a846068 Update mailmap
413609294 Prepare v1.2.9 release
b1e40b64f [release/1.2] Update cri to ad5dcc6cba067488d017540d06ebc08b21bb82bc
14ff021bd archive: truncate modification time
86ea2b726 Use default UNIX env when image has no environment
99c2e56e3 bump containerd/zfs 2ceb2dbb8154202ed1b8fd32e4ea25b491d7b251
0d6d883a6 Compute manifest metadata when not provided.
e6275a02b Add user agent header to all requests
4bffd8855 Explicitly stating utf-8 when fetching oauth token
09c68d083 Add custom headers option to dockerResolver
5c284a771 Revert "Add user agent header to all requests"
08325686b Update gRPC to v1.23.0
5fbd02f81 Update ttrpc to 92c8520ef9f86600c650dd540266a00
a9ba2e681 Prepare v1.2.8 point release
1c309d804 Remove the process default ENV
f1c661f78 Change bufferSize back to 32
d161ab632 Try to preserve exit event order
7e2864b8f Add retry and non-blocking send for exit events
dbf9a5017 Unifi reaper logic into package
9b5b55b14 Fix shim hung
c8d75ca5e do not mutate defaults in replaceOrAppendEnvValues
6c6b7e297 bugfix: override image.Env with process.Env, rather than be contrary
17690cc2f AppVeyor: update to go 1.12.9
8c0ec3c35 Revert "bump libseccomp-golang v0.9.1"
941dd9f2c Update cri to d928a4dd337fd2a992dbe72380eff2063c3ec62f.
4097217bb AppVeyor: update to go 1.12.8 (CVE-2019-9512, CVE-2019-9514)
bb238e05a AppVeyor: update to go 1.12.7
150468fcc contrib: Dockerfile: bump go 1.12
c675ea30c contrib: Dockerfile: add a base stage
59134eb99 contrib: Dockerfile: reformat, and use --no-install-recommends
ad3bfc9e3 contrib: Dockerfile: use build-arg for go-version
11a25c8a6 Move ctr run --isolation to Windows only
47e5d5fd4 Limit multiple platform manifests to one for size check
116e770a8 Call CloseIO when stdin closes in ctr
c8bbceb4e metadata: merge snapshot labels with metadata's labels
227ebf36a runtime/v1/linux: ignore ErrCgroupDeleted in Task.Start
d528a69a4 images: only fetch the best matched manifest info
46920a60f test/snapshots: umount before committing snapshot
452e9c532 Improve ARM platform matching
b207b3329 Skip rootfs unmount when no mounts are provided
d8f4da4fe bump libseccomp-golang v0.9.1
ed35eec32 Close the inherited socket fd
b2d260c4f Ensure labels is not nil in differ
1b2230eb3 AppVeyor: Bump golang 1.12.6
d0b89fd57 Add travis_wait to prevent vndr timing out
aab8e9d13 Update to Golang 1.12, and prepare for ppc64le
56f8ef8ce Update travis to xenial worker
bad4fdd76 Prepare release note for v1.2.7.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to 19.03.15 to pickup bugfixes and security changes. The
following commits comprise the change:
420b1d3625 pull: Validate layer digest format
5472f39022 buildkit: Apply apparmor profile
b96fb8837b vendor buildkit 396bfe20b590914cd77945ef0d70d976a0ed093c
67de83e70b Use real root with 0701 perms
5eff67a2c2 Do not set DOCKER_TMP to be owned by remapped root
1342c51d5e Ensure MkdirAllAndChown also sets perms
7d75c1d40d Merge pull request #41731 from thaJeztah/19.03_container_1.3.9
d3c5506330 update containerd binary to v1.3.9 (address CVE-2020-15257)
1babdf81e7 update containerd binary to v1.3.8
35968c420d Merge pull request #41685 from ameyag/19.03-bmp-libnetwork-nil-deference
f80f6304e2 Bump libnetwork
837baebb74 Merge pull request #41635 from AkihiroSuda/rootlesskit-0.11.0-1903
4b181db52b bump up rootlesskit to v0.11.0
619f1b54c6 Merge pull request #41596 from thaJeztah/19.03_backport_swagger_fix
7487dca8a5 docs: fix builder-version swagger
bb69504a4a Merge pull request #41557 from AkihiroSuda/cherrypick-41156-1903
c7253a0e1a dockerd-rootless.sh: support containerd v1.4 shim socket path convention
b27122246a Merge pull request #41542 from thaJeztah/19.03_backport_fix_41517
88eec2e811 Also trim "~..." from AppArmor versions
ecd3baca25 pkg/aaparser: support parsing version like "3.0.0-beta1"
233a6379e5 Merge pull request #41522 from thaJeztah/19.03_backport_gcp_leak
74c0c5b7f1 Fix gcplogs memory/connection leak
88623e101c Merge pull request #41293 from thaJeztah/19.03_backport_fix_getexecuser
705762f23c Merge pull request #41494 from thaJeztah/19.03_backport_aws_sdk_go
5f32bd9ced awslogs: Update aws-sdk-go to support IMDSv2
bd33bbf049 Merge pull request #41314 from thaJeztah/19.03_backport_fix_racey_logger_test
426396f438 Merge pull request #41451 from thaJeztah/19.03_update_buildkit
406dba269c Merge pull request #41446 from thaJeztah/19.03_backport_swagger_fixes
50b33bd3cd Merge pull request #41312 from thaJeztah/19.03_backport_pass_network_error
519462f3df Merge pull request #41334 from thaJeztah/19.03_backport_bump_golang_1.13.15
64fffefffa Merge pull request #40408 from thaJeztah/19.03_backport_update_containerd_1.3
8cf9d50fc0 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc
a4e96a486f swagger: fix MemTotal units in SystemInfo endpoint
9fe291827a Bump Golang 1.13.15
a15a770e1b update containerd to v1.3.7
9380ec7397 update containerd to v1.3.6
80cef48453 update containerd to v1.3.5
fc8f88dc14 update containerd to v1.3.4
89a4208757 update containerd binary to v1.3.3
490c45b756 Update containerd to v1.3.2
56d897347d Update containerd to v1.3.1
d4c63720e9 update containerd binary v1.3.0
ec14dc44d1 Fix log file rotation test.
a958fc3e65 Fix flakey test for log file rotate.
89da709cb7 Check for context error that is wrapped in url.Error
88820a4793 Merge pull request #41287 from thaJeztah/19.03_backport_bump_netns
83baeafc3c oci: correctly use user.GetExecUser interface
dae08c333e vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202
93cb737687 [19.03] vendor: vishvananda/netns 0a2b9b5464df8343199164a0321edf3313202f7e
7d597ee2c9 Merge pull request #41273 from thaJeztah/19.03_backport_swagger_fixes
22c458b67c Merge pull request #41274 from thaJeztah/19.03_backport_Double_RLock
8b97280f11 Merge pull request #41279 from thaJeztah/19.03_bump_buildkit
eda52d433e [19.03] vendor: moby/buildkit v0.6.4-28-gda1f4bf1
168254fcfa Merge pull request #41277 from AkihiroSuda/rootlesskit-0.10.0-1903
9dc455dffb bump up rootlesskit to v0.10.0
c200868fa2 Merge pull request #41271 from thaJeztah/19.03_backport_remove_dockerproject_from_tests
9eade7d03c docs: API v1.39: move system version response to definitions
4685e9ef72 docs: API v1.40: move system version response to definitions
d8f22d0307 swagger: move system version response to definitions
32366de5f9 plugin: fix a double RLock bug
ad0278f002 docs: API v1.39: fix type for BuildCache CreatedAt and LastUsedAt
cb8b7a282d docs: API v1.40: fix type for BuildCache CreatedAt and LastUsedAt
e1ae07b7a0 swagger: fix type for BuildCache CreatedAt and LastUsedAt
d49278cc17 Merge pull request #41269 from thaJeztah/19.03_update_buildkit
892c228219 Remove apt.dockerproject.org from test
a7e309944b Merge pull request #41248 from thaJeztah/19.03_backport_swagger_updates
765245d54b [19.03] vendor: moby/buildkit v0.6.4-26-ga1e4f48e
2d4bfdc789 Merge pull request #41081 from thaJeztah/19.03_backport_fix_sandbox_cleanup
b990b6c2b0 Merge pull request #41235 from thaJeztah/19.03_backport_bump_golang_1.13.14
4d9397c268 swagger: sync updates to v1.39
51bd95dc95 swagger: sync updates to v1.40
d5ba93575c docs: sync API v1.40 swagger formatting with current version
12b7746a84 docs: sync API v1.39 swagger formatting with current version
0c6bdf5974 docs: add example calculations to container stats API
630185b4ae swagger: add DeviceRequests to container create, inspect example
d7423180e7 swagger: move NetworkingConfig to definitions
c30ff6885e swagger: reformat, and wrap to ~80-chars
7005841048 swagger: clarify the meaning of Image field in ContainerInspect endpoint
1608292c09 Bump Golang 1.13.14
1763b4e88b Bump Go 1.13.13
5e8ab898c7 Merge pull request #41222 from thaJeztah/19.03_bump_buildkit
23d47bd12e [19.03] vendor: moby/buildkit v0.6.4-20-g4cb720ef
789bd1c67b Merge pull request #41192 from ameyag/19.03-hcsshim-vndr
0eaa22b95d Merge pull request #41185 from thaJeztah/19.03_bump_buildkit
9d6053eda2 Revendor hcsshim to fix image import bug
589b07262c vendor: Microsoft/hcsshim v0.8.9
e7c2b106ec [19.03] vendor: buildkit dc6afa0f755f6cbb7e85f0df4ff4b87ec280cb32 (v0.6.4-15-gdc6afa0f)
a40b877fbb Merge pull request #41133 from roidelapluie/bsd2
7dd9fdcfbe Enable client on netbsd and dragonfly
9dc6525e61 Merge pull request #41124 from thaJeztah/19.03_bump_libnetwork
abb5beffff Merge pull request #41088 from thaJeztah/19.03_backport_invalid_cpu_shares_fix
b4ca19a992 vendor: docker/libnetwork 026aabaa659832804b01754aaadd2c0f420c68b6 (bump_19.03 branch)
d5a82971a4 Merge pull request #41082 from thaJeztah/19.03_backport_bump_golang_1.13.12
5fce12cf25 int-cli/TestRunInvalidCPUShares: fix for newer runc
058ea43c5c Bump Golang 1.13.12
ae158b371c allocateNetwork: fix network sandbox not cleaned up on failure
77e06fda0c vendor libnetwork to 153d0769a1181bf591a9637fd487a541ec7db1e6
b47e742558 Merge pull request #41027 from thaJeztah/19.03_bump_criu
b85d75e29a Merge pull request #41009 from tiborvass/19.03-fix-dns-fallback-regression
c104a50de4 integration: Add TestDaemonDNSFallback
9482566a5c vendor libnetwork to 71d4d82a5ce50453b1121d95544f0a2ae95bef9b
d4e12315cd hack: add more debugging to understand exit codepath
4c24512241 Dockerfile: bump CRIU 3.14
ad0f0b3970 Merge pull request #40978 from thaJeztah/19.03_backport_bump_golang_1.13.11
29796375c9 Bump Golang 1.13.11
c1cc6ec81a Merge pull request #40988 from thaJeztah/19.03_backport_fix_gotestsum_install
8f1ab4e612 Fix bug in gotestsum installer causing dependencies to not be downloaded
811a247d06 Merge pull request #40970 from AkihiroSuda/archive-40939-1903
4d1885fb94 Merge pull request #40964 from AkihiroSuda/rootless-requires-slirp4netns-040-1903
0a3b2bda34 pkg/archive: escape ":" symbol in overlay lowerdir
9057ddf37c dockerd-rootless.sh: bump up slirp4netns requirement to v0.4.0
ab567a4327 Merge pull request #40955 from tonistiigi/19.03-buildkit-update
ee3f3ece72 Merge pull request #40951 from AkihiroSuda/rootlesskit-095-1903
a76633684b vendor: update buildkit to a7d7b7f1
0803200be9 Merge pull request #40946 from thaJeztah/19.03_backport_fix_selinux_enotsup
706008a1da bump up rootlesskit to v0.9.5
57f6c9a0ef SELinux: fix ENOTSUP errors not being detected when relabeling
c4c6cf6b6a Merge pull request #40921 from cpuguy83/19.03_log_rotate_error_handling
7d4dd91a52 logfile: Check if log is closed on close error during rotate
edf2c49410 vendor: pkg/errors v0.9.1
1adcc64f40 Merge pull request #40877 from thaJeztah/19.03_update_buildkit
e7349349fd Merge pull request #40850 from thaJeztah/19.03_backport_criu_3.13
3677003554 Merge pull request #40782 from thaJeztah/19.03_backport_switch_to_s390x_ubuntu_1804
63841af153 [19.03] vendor: buildkit v0.6.4-5-g59e305aa
2fbb374ab7 Merge pull request #40863 from AkihiroSuda/rootlesskit-094-1903
946d0ff67e bump up rootlesskit to v0.9.4
70e7d6fe4a Update CRIU to v3.13 "Silicon Willet"
f432f71595 Merge pull request #40563 from thaJeztah/19.03_backport_fix_windows_file_handles
47a6d9b54f Merge pull request #40565 from thaJeztah/19.03_backport_fix_bip_subnet_config
6a0995e0d8 Merge pull request #40831 from thaJeztah/19.03_bump_swarmkit
e4f239d68e [19.03] vendor: swarmkit 0b8364e7d08aa0e972241eb59ae981a67a587a0e
25b82fa9b8 Merge pull request #40801 from thaJeztah/19.03_backport_update_go_events
e149ff62fe vendor: update go-events to fix alignment for 32bit systems
90a31c4829 Merge pull request #40809 from thaJeztah/19.03_update_libnetwork
aa98b4f5d6 Merge pull request #40803 from thaJeztah/19.03_backport_bump_golang_1.13.10
860e7e273d Merge pull request #40800 from thaJeztah/19.03_backport_api_docs_fix_link
a58b52b037 Merge pull request #40799 from thaJeztah/19.03_backport_fix_test_filter
a6beb24dc5 [19.03] update libnetwork b9bcf0c3fba9ef8897c9676c5b70ba0345b84b17
282567a58d Bump Golang 1.13.10
b66813eb45 api docs: fix broken link on GitHub
edbb1d9e95 Merge pull request #40784 from thaJeztah/19.03_update_buildkit
9d8eccec8e Fix TEST_FILTER to work for both "integration" and "integration-cli"
4275aec641 Merge pull request #40592 from thaJeztah/19.03_backport_bump_golang_1.13
4b040147cf Merge pull request #40417 from thaJeztah/19.03_backport_test_fixes
08a2fe0d56 [19.03] vendor buildkit b26cff2413cc6a466f8739262efa13bd126f8fc7
1e1caccb13 Merge pull request #40780 from thaJeztah/19.03_backport_map_sync
5ba2bf37a8 Bump Golang 1.13.9
f432a04243 Update Golang 1.13.8
81458b3144 Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
6e1d159680 Update Golang 1.13.6
4241093b63 Update Golang 1.13.5
162fd8b856 Bump Golang 1.13.4
05a1ebd0fd Bump Golang 1.13.3 (CVE-2019-17596)
f8d4276a89 bump golang 1.13.1 (CVE-2019-16276)
7df2d881f3 Bump Golang version 1.13.0
fed832e224 Update to using alpine 3.10
4581499848 Switch to s390x Ubuntu 18.04
f34a5b5af0 builder: fix concurrent map write
0df114a8f8 Merge pull request #40779 from thaJeztah/19.03_backport_unify_apis
9f5a5da4cb docs: add API versions v1.30 - v1.37
037d5a9e9a Merge pull request #40769 from thaJeztah/19.03_backport_seccomp_time64
5ed8f9a203 Merge pull request #40681 from thaJeztah/19.03_backport_schema2v1_dep_notice_on_error_only
284bbde996 seccomp: add 64-bit time_t syscalls
43b0a73273 Merge pull request #40758 from thaJeztah/19.03_backport_arm_matching
89f296a534 Merge pull request #40562 from thaJeztah/19.03_backport_39353_subgid_subuid
d12b6d24d1 Merge pull request #40628 from cpuguy83/19.03_backport_39360_swarm_log_fill_rate
359edd8cbf [19.03] vendor: containerd 481103c8793316c118d9f795cde18060847c370e
1454987253 Merge pull request #40617 from SamWhited/19.03
021258661b Update libnetwork and DNS library
1db5199ddc Merge pull request #40564 from thaJeztah/19.03_backport_apparmor_fixes
6ed0f6ab78 Merge pull request #40652 from thaJeztah/19.03_backport_fix_backingfs
100d240d86 Move schema1 deprecation notice
4a4b3ed37f Merge pull request #40558 from thaJeztah/19.03_backport_buster_or_bust
57d5105759 bump windows-container-utility aa1ba87e99b68e0113bd27ec26c60b88f9d4ccd9
68db0c1739 Dockerfile: switch to iptables-legacy to match the host
4aaf3ead97 Dockerfile: switch golang image to "buster" variant, and update btrfs packages
a070874828 hack/make: ignore failure to stop apparmor
237843a059 Dockerfile: align consecutive COPY lines
400b2850ff Dockerfile: order COPY lines by change frequency
ddfeaf32ff Dockerfile: sort packages alphabetically
cb813faebf Dockerfile: use build-arg for vpnkit
0499db23d1 Dockerfile: use spaces for indentation
c77e7cb3d0 [19.03] Dockerfile: move CRIU_VERSION lower
c6511ee4db bump vndr v0.1.1
0fa8a0c575 bump vndr v0.1.0 to support versioned import paths
f3009e2f51 Use build args to override binary commits in dockerfile
92ca652fc9 Revert "dockerfile: update vndr to 85886e1a"
fdad16840c go-swagger: fix panic
075e057de5 Dockerfile: set GO111MODULE=off
fe2a25a785 fix backingFs assignment
e6c9e2736f Fix rate limiting for logger, increase refill rate
911ecc3376 Set the bip network value as the subnet
08420b1c95 AppArmor: add missing rules for running in userns
fbb08f525f AppArmor: remove rules for linkgraph.db SQLite database
1a830501b7 Use FILE_SHARE_DELETE for log files on Windows.
dcae74c44a Fix docker crash when creating namespaces with UID in /etc/subuid and /etc/subgid
4076c57b50 Fix more signal handling issues in tests.
68e1150357 DaemonCli: Move check into startMetricsServer
b813c398bb Add `FromClient` to test env execution
No change to libnetwork or cli.
Tested on arm32 via cli.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The URI has been changed to 'https://linuxcontainers.org/downloads/lxc'
by the site maintainers recently. Updating the recipe to reflect the new
path.
Signed-off-by: Robi Buranyi <rburanyi@google.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
* otherwise libvirt build will incorrectly use host's gcc and fail with:
gcc: error: unrecognized command line option "-fmacro-prefix-map=/OE/libvirt/6.1.0-r0=/usr/src/debug/libvirt/6.1.0-r0"
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Ensure postinstall script for lxc-networking package can run at
build time for a read-only rootfs (with sysvinit).
Signed-off-by: Daniel Dragomir <Daniel.Dragomir@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An error occurs during the install step of libvirt when the variable
PACKAGECONFIG does not contain qemu.
Indeed, in this case, the operation "chown -R qemu:qemu
${D}/${localstatedir}/lib/libvirt/qemu" fails, since the folder
${D}/${localstatedir}/lib/libvirt/qemu has not been created.
The fix consist in doing this operation only if
the variable “PACKAGECONFIG” contains “qemu”.
remark: issue present since the Warrior release of yocto.
Upstream-Status: Pending
Signed-off-by: Nicolas Lavocat <nicolas.lavocat@harman.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2,
where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in
gaining access to unauthorized resources. This flaw allows an authenticated client to
modify the configuration and possibly conduct further attacks.
Upstream patches:
[master] https://github.com/ceph/ceph/commit/c7e7009a690621aacd4ac2c70c6469f25d692868
[v15.2.2] https://github.com/ceph/ceph/commit/f2cf2ce1bd9a86462510a7a12afa4e528b615df2
CVE: CVE-2020-10736
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
This reverts commit 237879d59e11187a49216a88b73a057408e4b3f7.
|
| |
|
|
|
|
|
|
| |
Refreshed patches to fix:
"WARNING: libvirt-6.3.0-r0 do_patch: Fuzz detected"
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix python3native inherit added in:
https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/commit/?id=a1e3f5c92cdee7c4259b7be643bd829ce7c1efa3
to actually work
* also remove the work arounds for /usr/bin/python being python3
on the target device
* I haven't tested this in runtime - I don't use it, it was just
showing that do_configure error in "bitbake world" builds, the
scripts might need some changes to be really compatible with
python3, but it was broken already, now it at least builds
* upgrade to new version with
https://github.com/hpcng/singularity/pull/1762/commits/3c05f06e6a1c490a4b4714bcdf5a0ce2b2498bb5
would be nice by someone who actually uses this
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
The go-pty module has moved to https://github.com/creack/pty.
Signed-off-by: Prashant Chikhalkar <prashant.chikhalkar@windriver.com>
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Runx needs busybox static binary that contains symlinks to mount. However, in
zeus, busybox by default uses BUSYBOX_SPLIT_SUID = 1. With the variable set,
busybox binary gets split into two busybox.suid and busybox.nosuid busybox.suid
contains links to mount while runx recipes pulls in busybox.nosuid.
When vmsep is enabled, set BUSYBOX_SPLIT_SUID = 0 so that an unstripped busybox
binary is generated which contains all the required links including mount.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Backport fix for CVE-2020-6581
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix CVE-2020-1759 and CVE-2020-1760
PR for fix: https://github.com/ceph/ceph/pull/34482
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The package name for xen-xl has changed, so we need to update the
runx rdepends .. or we are unbuildable.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The deploy for the uncompressed image was checking if a .gz file exists,
it should instead check for a straight xen file.
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Upgrade python3-docker to version 4.2.0.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Upgrade websocket_client from 0.44.0 to 0.57.0.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
License changes from lxc3.2.1 to lxc4.0.1:
1.File COPYING is renamed to LICENSE.LGPL2.1
2.Add a new file LICENSE.GPL2
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
...
|ERROR: ceph-15.2.0-r0 do_package_qa: QA Issue: ceph: The compile
log indicates that host include and/or library paths were used.
| Please check the log 'tmp-glibc/work/corei7-64-wrs-linux/
ceph/15.2.0-r0/temp/log.do_compile' for more information. [compile-host-path]
|ERROR: ceph-15.2.0-r0 do_package_qa: QA Issue: ceph: The install
log indicates that host include and/or library paths were used.
| Please check the log 'tmp-glibc/work/corei7-64-wrs-linux/
ceph/15.2.0-r0/temp/log.do_install' for more information. [install-host-path]
...
While python setup, test var-LIBPL contains recipe-sysrooot prefix,
add it back if lost
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
...
|ERROR: ceph-15.2.0-r0 do_package: QA Issue: ceph: Files/directories
were installed but not shipped in any package:
| /lib/systemd/system/ceph-immutable-object-cache@.service
| /lib/systemd/system/ceph-immutable-object-cache.target
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The recent uprev of lxc left some fuzz in a patches. devtool refresh
cleans this up, and no runtime issues have been detected.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Update to the just released 4.0.1. And drop some patches contained
in this released.
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Set GO_PARALLEL_BUILD to default to prevent the following error:
failed to create new OS thread (have 13 already; errno=11)
runtime: may need to increase max user processes (ulimit -u)
fatal error: newosproc
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
go-build recipe depends on runc source and during compilation tries to run the
command: go get github.com/opencontainers/runc.
This is incorrect as a source fetch shouldn't occur during compilation. Also,
even after a fetch occurs during compilation, the go build path GOPATH points
to the incorrect path hence the runc source is never found.
Fetch the opencontainers/runc source and create links in the correct GOPATH
before compilation for a successful build.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ceph uprev to v15.2.0
Refreshed oe-specific patch:
ceph/0001-ceph-fix-build-errors-for-cross-compile.patch
Removed merged patches:
ceph/0001-common-rgw-workaround-for-boost-1.72.patch
ceph/0001-rgw-add-executor-type-for-basic_waitable_timers.patch
ceph/0001-rgw-beast-handle_connection-takes-io_context.patch
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
virt-login-shell asks for setuid permission as follow.
"virt-login-shell: must be run as setuid root"
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While enabling multilib on qemumips64, lib32 assembler ends up
crashing on target sometimes due to branch out of range,
therefore using -O2 for now
[snip]
|../../libvirt-6.1.0/tests/qemuxml2argvtest.c: In function 'mymain':
|../../libvirt-6.1.0/tests/qemuxml2argvtest.c:608:1: note: variable
tracking size limit exceeded with '-fvar-tracking-assignments', retrying without
| 608 | mymain(void)
| | ^~~~~~
|/tmp/ccXJSwZR.s: Assembler messages:
|/tmp/ccXJSwZR.s:43943: Error: branch out of range
[snip]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the following message was printed on the console every 5
minutes:
INIT: Id "X0" respawning too fast: disabled for 5 minutes
Installing and using a getty-wrapper that will check for the hypervisor
(hvc0) device and if not present, will call sleep
Signed-off-by: Jaewon Lee <jaewon.lee@xilinx.com>
Signed-off-by: Mark Hatle <mark.hatle@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
Add dunfell, drop warrior/thud.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Replace distro_features_check bbclass which is deprecated, with
features_check bbclass.
Signed-off-by: Daniel Dragomir <Daniel.Dragomir@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
distro_features_check bbclass is deprecated, inherit features_check
instead.
Signed-off-by: Ming Liu <ming.liu@toradex.com>
|
| |
|
|
|
|
|
|
|
| |
Remove the placeholder code for go console integration.
Pin the recipe to use the latest commit and copy additional scripts needed at runtime.
Inlcude socat, daemonize and gobuild as required dependencies.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
go-build_git recipe manages go build dependencies for runX.
This is used to support a console access for runX.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Include bash as RDEPENDS for qemu-support to prevent the following
do_package_qa error: do_package_qa: QA Issue: /usr/bin/qemu-mips contained in
package qemu-support requires /bin/bash, but no providers found in
RDEPENDS_qemu-support? [file-rdeps]
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Rename bbappend file so that bitbake finds the right recipe. Else during parse
time, a dangling bbappend warning is generated.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping to 19.03.8 to pickup bugfixes and security changes. The
following commits comprise the chnage:
moby:
aa6a9891b0 vendor: add local copy of archive/tar
0d4f412ecd dockerfile: update vndr to 85886e1a
libnetwork:
c7bae399 Merge pull request #2525 from trapier/bump_19.03/cleanup-vfp-during-network-removal
8c407f52 Cleanup VFP during overlay network removal
bd5c6080 Merge pull request #2520 from SamWhited/19.03_backport_dns_update
74b17410 Bump the DNS library and revendor
cli:
eb310fca Merge pull request #2373 from tiborvass/19.03-bump-grpc-1.23.1
0e40b919 vendor: bump google.golang.org/grpc v1.23.1
a51e9e63 vendor: update grpc to v1.23.0
Testing has been performed across x86-64/arm64 via cli and through
higher level frameworks.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to 19.03.8 to pickup bugfixes and security changes. The
following commits comprise this update:
docker:
afacb8b7f0 Bump Version to 19.03.8
f0867e5a51 Merge component 'engine' from git@github.com:docker/engine 19.03
07428504dc vendor: add local copy of archive/tar
618fcb5466 dockerfile: update vndr to 85886e1a
7141c199a2 Merge pull request #644 from tiborvass/bump-19.03.7
3cf22484bf Bump Version to 19.03.7
70aa6b7044 Merge component 'cli' from git@github.com:docker/cli 19.03
43289e30e1 Merge pull request #2373 from tiborvass/19.03-bump-grpc-1.23.1
2887460cc7 vendor: bump google.golang.org/grpc v1.23.1
09986ab5ca vendor: update grpc to v1.23.0
e126c63873 Merge component 'engine' from git@github.com:docker/engine 19.03
8d208698a3 Merge pull request #40604 from thaJeztah/19.03_backport_mis_unlock
f096143c86 Merge pull request #40476 from cpuguy83/19.03_fix_exec_id_client
1aa048bde4 Merge pull request #40461 from AkihiroSuda/cherrypick-40243-1903
d3d2e44a59 daemon/cluster: add a missing Unlock
2de3fd06af Merge pull request #40566 from thaJeztah/19.03_backport_bump_grpc
f0e27e52c1 Merge component 'cli' from git@github.com:docker/cli 19.03
6c810a4023 Merge pull request #40586 from thaJeztah/19.03_revert_jenkinsfile_pin_older_windows
65550b7564 Merge pull request #2352 from thaJeztah/19.03_backport_add_daemon_redirect
118ddd9ac0 docs: add redirect for old location of daemon reference
baa53b1dcc Merge pull request #2344 from thaJeztah/19.03_backport_builder_prune_flags
29ef942a84 Revert "Jenkinsfile: temporarily pin windows image to 10.0.17763.973"
7b2f8d7926 Use certs.d from XDG_CONFIG_HOME when in rootless mode
169aca7c55 Merge pull request #40575 from thaJeztah/19.03_backport_unify_apis
2f8f8550c8 docs: add API versions v1.25 - v1.29, v1.38 - v1.40
56a7c6cd63 Merge pull request #40477 from cpuguy83/19.03_40446_check_other_mounts
7167b9b338 Merge pull request #40547 from thaJeztah/19.03_backport_update_selinux_v1.3.1
e631d419ad Merge pull request #40560 from thaJeztah/19.03_backport_33434_api_doc_base64url
ec69262a25 Merge pull request #40557 from thaJeztah/19.03_bump_buildkit_v0.6.4
84340bb84b Merge pull request #40555 from fuweid/cp1903-40137
2c8b487132 bump google.golang.org/grpc v1.23.1
b029f9629f Fixes #33434 - API docs to specify using base64url
c86ab2bc0e vendor: update buildkit v0.6.4
c17e991798 daemon: add grpc.WithBlock option
d9f362f57b Merge pull request #40549 from cpuguy83/19.03_stats_use_cond_var
4acaa303f2 Merge pull request #40551 from thaJeztah/19.03_backport_jenkinsfile_pin_older_windows
3336316a08 Jenkinsfile: temporarily pin windows image to 10.0.17763.973
bfb975ac72 Use condition variable to wake stats collector.
9b30897146 Merge pull request #40490 from thaJeztah/19.03_backport_swagger_document_constraints
0c7625e047 Merge pull request #40540 from thaJeztah/19.03_update_containerd_1.2.13
2175a93304 Merge pull request #40533 from thaJeztah/19.03_update_golang_1.12.17
dac6fed0eb vendor: update opencontainers/selinux v1.3.1
5321005e4e Merge component 'packaging' from git@github.com:docker/docker-ce-packaging 19.03
d97f4c303b Merge pull request #432 from thaJeztah/19.03_backport_bump_golang_1.12.17
e08e107ddc Merge component 'cli' from git@github.com:docker/cli 19.03
058ac7dc90 Merge pull request #2342 from thaJeztah/19.03_backport_bump_golang_1.12.17
c68e88f348 update containerd runtime v1.2.13
84d75db7ac Fix builder prune -a/--all flag description
29db22eecc unused-for is a deprecated synonym
6da959331a Merge pull request #40462 from AkihiroSuda/cherrypick-40210-1903
2f76c46e36 Update Golang 1.12.17
f49613c3ae Update Golang 1.12.17
afa2b687e0 Update Golang 1.12.17
499e12df0c Exec inspect field should be "ID" not "ExecID"
d4c418d850 swagger: document "node.platform.(arch|os)" constraints
789f1ad281 Merge pull request #40460 from AkihiroSuda/cherrypick-40406-1903
dcd9e43a90 Check tmpfs mounts before create anon volume
c3a1bdbbdb overlay[2]: rm fs checks
7f44c538ef Fix/improve overlay support check
a5c9db1fa1 overlay: move supportsMultipleLowerDir to utils
806947ebfa Use fewer modprobes
ec2e4c6eca dockerd-rootless.sh: remove confusing code comment
libnetwork:
c7bae399 Merge pull request #2525 from trapier/bump_19.03/cleanup-vfp-during-network-removal
8c407f52 Cleanup VFP during overlay network removal
bd5c6080 Merge pull request #2520 from SamWhited/19.03_backport_dns_update
74b17410 Bump the DNS library and revendor
Testing has been performed across x86-64/arm64 via cli and through
frameworks such as cri-o and kubernetes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While testing the cni uprev by building in a container with
network=none the following error was found:
go: github.com/Microsoft/go-winio@v0.4.11: Get
https://proxy.golang.org/github.com/%21microsoft/go-winio/@v/v0.4.11.mod:
dial tcp: lookup proxy.golang.org on 128.224.144.130:53:
dial udp 128.224.144.130:53: connect: network is unreachable
After some digging through the go documentation it was found that the
'-mod=vendor' is required for 'go build' to use shipped vendor modules
when building modules. This can be confirmed by look at the
'build_linux.sh' script which is found in the plugins repo.
By using '-mod=vendor' and also ensuring things are properly placed in
the GOPATH (ie $B) we can avoid having to create many of the links we
had been previously.
We also put all the build artifacts into $B to avoid mixing source and
build.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both uprev's are listed as 'minor' in the upstream release
notes. Neither introduces an uprev in spec. This fixes issues we
observed while testing the forthcoming cri-o uprev.
NOTE: this commit should only be used with the follow-on commit [cni:
prevent go from downloading stuff in the background] otherwise you
will end up with files not owned by you which will prevent the recipe
being properly cleaned.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Uprev to the latest release of cri-o to pick up some fixes and
CVEs. Makefile updates along with updates to the go.bbclass allow us
to remove most of the do_compile() tweaks that were in place. To test
that these removals are sane builds were done for x86_64 and arm64 in
docker containers with network=none, no issues were found.
Quite a few runtime tests were done as well since we are stepping up 2
releases, and we also just uprev'd 'cni' and wanted to validate its
runtime as well.
Once the system is started and cri-o is given time to start you can
use the new 'crio-status info' command to retrieve the runtime status
of cri-o:
root@qemux86-64:~# crio-status info
cgroup driver: cgroupfs
storage driver:
storage root: /var/lib/containers/storage
default GID mappings (format <container>:<host>:<size>):
0:0:4294967295
default UID mappings (format <container>:<host>:<size>):
0:0:4294967295
Additionally 'crictl' was installed (the recipe will be submitted
shortly) and the cri-o Tutorial found here was run
(https://github.com/cri-o/cri-o/blob/master/tutorials/crictl.md)
In order to run the tutorial /etc/cni/net.d/99-loopback.conf and
/etc/containers/policy.json were taken from
./contrib/cni/99-loopback.conf and ./contrib/policy.json in the cri-o
src repo. The sandbox_config.json and container_redis.json were taken
from https://github.com/cri-o/cri-o/blob/master/test/testdata (note:
using core-image-minimal with systemd enabled I had to remove
"cpu_period": 10000 and "cpu_quota": 20000 to get the tutorial to
work). We are not able to use the loopback networking to telnet to the
redis container, but we can use other techniques to validate that it
is running.
root@qemux86-64:~# /usr/lib/go/src/import/_output/crictl --runtime-endpoint unix:///var/run/crio/crio.sock ps
CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID
72718714360ef quay.io/crio/redis:alpine 47 seconds ago Running podsandbox1-redis 0 38b97e5a7bb99
root@qemux86-64:~# /usr/lib/go/src/import/_output/crictl --runtime-endpoint unix:///var/run/crio/crio.sock exec -i 72718714360ef cat /etc/issue
Welcome to Alpine Linux 3.7
Kernel \r on an \m (\l)
The CRIO_BUILD_CROSS approach was no longer valid and was
dropped. There is most likely some other cleanup we can do but this
gets us to a good state on the latest release.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The change to the method of passing compiler flags into the Xen build
system in 6b697676 omitted passing the compiler flags for improving
build reproducibility, so this commit returns them and includes a change
to use the -ffile-prefix-map compiler option to remove host filesystem
artefacts instead of the prior method of redefining the __FILE__ builtin
macro.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add system service for podman which starts a podman instance allow to
access the new HTTP based API (apiv2).
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Bump to the newest podman release 1.8.1. Many new networking features
and a new HTTP API has been added since 1.6.1.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Bump to latest version 2.0.11 of conmon.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When hosts are using VM separation features, they need qemu
on the target to launch guests (and for other purposes) .. but
they do not want *all* of the build qemu targets. To allow a
more fine grained installation off qemu components, this patch
splits packaging into:
- qemu-<arch>
- qemu-support
- qemu-keymaps
Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com>
|
