| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function is_valid_endpoint_url() in botocore is designed to validate
endpoint URLs, but it fails to detect unsafe characters with Python 3.9.5+
and other versions carrying bpo-43882 fix. The issue is caused by urlsplit()
silently stripping LF, CR, and HT characters while splitting the URL,
which disarms the validator in botocore.
This patch detects unsafe characters in is_valid_endpoint_url() and
is_valid_ipv6_endpoint_url() early, in order to fix rejecting invalid URLs
with unsafe characters.
Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The container stack flexibilty features set defaults (like other
parts of the layer) when 'virtualization' is in the distro features.
That reqirement means that the recipes fail parsing and QA checks
when the distro feature isn't enabled.
The defaults are currently safe for a virtualization enabled and
disabled configuration, so we include them in either case.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support of redirect option for curl, the
linuxcontainers.org sometimes redirect to
other mirror site such like us.lxd.images.canonical.com,
this would cause the lxc-download script report
download failed.
Reproduce and verified on following command:
lxc-create -t download -n test -- --dist archlinux --release current --arch arm64
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We need the kvm distro feature to trigger the proper KERNEL_FEATURES
and hence the proper kvm kernel module packages as listed in this
image.
We can avoid questions and issues by checking for the required distro
feature in the image recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Rather than using virtual-runc (which choses between the old docker and
opencontainer variants), use the newly added
VIRTUAL-RUNTIME_container-runtime variable, which allows switching
betwen runc and crun.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
To make it simpler to vary the container runtime and the
networking infrastructure to be used with podman, we use
the recently introduced VIRTUAL-RUNTIME variables that
control these values.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the configuration file itself:
These variables represent groupings of functionality in the CNCF
landscape. In particular, they are areas where there is a choice
between more than one implementation or an area where abstraction
is beneficial.
The contents of the variables are are runtime components that
recipes may use for RDEPENDS.
Build dependencies are not typically flexible, so do not currently
have DEPENDS equivalents for the components (i.e. DEPENDS on runc
versus crun).
Distro features such as kubernetes or other container stacks
can be used to set different defaults for these variables.
Note: these are "global" values, since they represent choices.
If more than of a grouping is required on target, then the variable
can be appended or set to multiple values. That being said, Recipes
should generally agree on the values, hence the global namespace.
Recipe specific choices can still be done, but they risk
conflicting on target or causing runtime issues / errors.
## CNCF "components"
# engines: docker-ce/docker-moby, virtual-containerd, cri-o, podman
VIRTUAL-RUNTIME_container_engine ??= "podman"
# runtime: runc, crun, runv, runx
VIRTUAL-RUNTIME_container_runtime ??= "virtual-runc"
# networking: cni, netavark
VIRTUAL-RUNTIME_container_networking ??= "cni"
# dns: cni, aardvark-dns
VIRTUAL-RUNTIME_container_dns ??= "cni"
# orchestration: k8s, k3s
VIRTUAL-RUNTIME_container_orchestration ??= "k3s"
## Kubernetes terminology "components"
VIRTUAL-RUNTIME_cri ??= "containerd"
VIRTUAL-RUNTIME_cni ??= "cni"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
The -dev kernel is on 6.2, so we create a .inc file to match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker to version v23.0.1-34-gbfc8e1ae36, which comprises the following commits:
2337258d28 libnet/networkdb: fix nil-dereference panic in test
d6d48dd95d Upgrade to golangci-lint v1.51.2
c4b655830d Migrate away from things deprecated in Go 1.20
c6bf777eae d/l/awslogs: fix ineffective Add in test
da10937926 daemon: handle EISDIR error from runtime
938ed9a1ed distribution/xfer: make off-by-one error a feature
ca712d6947 Fix loop-closure bugs in tests
2c55b264f7 Upgrade containerd/fifo to v1.1.0
8fd038fb71 dependency: bump go.etcd.io/bbolt to v1.3.7
87a1517f8f vendor: golang.org/x/net v0.7.0
d15010643c vendor: golang.org/x/text v0.7.0
0727310950 vendor: golang.org/x/sys v0.5.0
b8c448ef24 Revert "apparmor: Check if apparmor_parser is available"
a3f5319563 vendor: github.com/containerd/containerd v1.6.18
52d667794f [23.0] update containerd binary to v1.6.18
11715a05ca update to go1.19.6
962c238c17 libnet/networkdb: use atomics for stats counters
20d05e235e libnetwork/networkdb: make go test -race ./libnetwork/networkdb pass
c2d69d06b0 api/s/r/swarm: log backend errors at Debug level
7c09feb58c libnetwork: check DNS loopback with user DNS opts
6c2637be11 Do not log connection info before the connection exists
4002fa877b vendor: update buildkit to latest v0.10
Bumping docker-cli to version v23.0.1-2-g1ab7665be, which comprises the following commits:
1810e922a docs: drop dated comments about graphdrivers
27b19a6ac ci: fix branch filter pattern
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping moby to version v23.0.1-34-gbfc8e1ae36, which comprises the following commits:
2337258d28 libnet/networkdb: fix nil-dereference panic in test
d6d48dd95d Upgrade to golangci-lint v1.51.2
c4b655830d Migrate away from things deprecated in Go 1.20
c6bf777eae d/l/awslogs: fix ineffective Add in test
da10937926 daemon: handle EISDIR error from runtime
938ed9a1ed distribution/xfer: make off-by-one error a feature
ca712d6947 Fix loop-closure bugs in tests
2c55b264f7 Upgrade containerd/fifo to v1.1.0
8fd038fb71 dependency: bump go.etcd.io/bbolt to v1.3.7
87a1517f8f vendor: golang.org/x/net v0.7.0
d15010643c vendor: golang.org/x/text v0.7.0
0727310950 vendor: golang.org/x/sys v0.5.0
b8c448ef24 Revert "apparmor: Check if apparmor_parser is available"
a3f5319563 vendor: github.com/containerd/containerd v1.6.18
52d667794f [23.0] update containerd binary to v1.6.18
11715a05ca update to go1.19.6
962c238c17 libnet/networkdb: use atomics for stats counters
20d05e235e libnetwork/networkdb: make go test -race ./libnetwork/networkdb pass
c2d69d06b0 api/s/r/swarm: log backend errors at Debug level
7c09feb58c libnetwork: check DNS loopback with user DNS opts
6c2637be11 Do not log connection info before the connection exists
4002fa877b vendor: update buildkit to latest v0.10
Bumping docker-cli to version v23.0.1-2-g1ab7665be, which comprises the following commits:
1810e922a docs: drop dated comments about graphdrivers
27b19a6ac ci: fix branch filter pattern
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 1.8.1-3-ga09ab72, which comprises the following commits:
11d1baf build(deps): bump actions/upload-artifact from 2 to 3
f8a096b NEWS: tag 1.8.1
4748543 utils: drop magic number 4096
b022227 utils: use mempage size buffer to read /proc/mounts
2da0773 linux: always use direct mapping
6cdf51c container: delete cgroup on errors
fba646e cgroup: rmdir the entire systemd scope
3221684 crun.1.md: fix typo
31bcf8f crun.1.md: fix markup
5007784 build: delete .version file on make clean
46fbeee cgroup: reset systemd unit if start fails
7e7a4db cgroup: do not add default dependencies
4bd4c4e test: run codespell on the correct directory
8b46c45 src: run codespell
b841b71 Support passing an attribute to change the mount_context_type
2ca4233 test: fix path for crictl
ce66b2e Revert "Support passing an attribute to change the mount_context_type"
87b69c3 Support passing an attribute to change the mount_context_type
d23a94a krun: create /dev/sev as part of the OCI configuration
84092f6 handlers: add hook for exec
83f3ab2 handlers: rename exec_func to run_func
93a8e2f krun: always allow /dev/kvm
675e87c handlers: update uses modify_oci_configuration
1efd61a update: move json parsing to container
c9b230a handlers: provide cleanup function
bd22751 handlers: move cookie data under the same struct
71bf884 handlers: add new hook to modify the OCI configuration
b3e167d crun: set handler for all commands
f0f7b8c handlers: initialize handler in the parent process
cfec5ce NEWS: tag 1.8
957796e libcrun: remove unused intprops.h
8363deb linux: move PR_SET_DUMPABLE after userns creation
83de960 dist: do not include binary tests
188e0ce nix: add gcrypt dependency
f7c715d nix: remove protobuf dependency
765161c nix: refactor same command line
98898d2 nix: update image to nixos/nix:2.12.0
bcae634 Add support for ppc64le
9b287dd README.md: add CodeQL badge
ed7598d README.md: drop lgtm badges
1a61b4d utils: shrink read buffer if necessary
2a5cc1d nix: update packages
7d9fa03 tests, centos8-build: add safe.directory /crun
822ca4a utils: add utils to access /proc/$PID/fd/$FD paths
0554b0a utils: change initial size for buffer
742e8fc utils: reallocate only if needed
4e379c6 cgroup: support cpuset mounted with noprefix
58166e6 linux: set PR_SET_DUMPABLE
908bfc4 linux: mount cgroup ro on /sys bind mount fallback
cd1cf0b linux: add two new arguments to get_bind_mount
b84bde9 linux: mount the source cgroup if cgroupns=host
03d2969 linux: refactor out helper function
75f5c1a linux: fix error message
234d77c linux: precreate devices on the host
f23cd15 utils: add functions to read overflow IDs
85767be linux: remove duplicate slash
1e29136 linux: generalize fsopen_mount
a186e8a linux: add dirfd argument to get_bind_mount
7e42a18 linux: add infra to send devices mounts
a6c9453 linux: generalize receive_mounts
b0fe2e4 linux: refactor code in a separate function
05f1298 contrib, seccomp-notify-plugin: free args on error to prevent leak
a34dd94 cri-o,test: skip failing test unrelated to crun
78cf10f crun: fix clang format
278b9b4 src/crun.c: fix build without dlfcn.h
0ebf4e7 build(deps): bump uraimo/run-on-arch-action from 2.3.0 to 2.5.0
4832ca4 Don't clone self from read-only mount
9df7442 tests, wasmedge: copy libraries under /usr/lib64
2044720 tests, wasmedge-build: install which
6f0d03c tests, crio: skip checkpoint/restore tests
d406a97 tests, centos9-build: add safe.directory /crun
81b4ba0 tests, cri-o: add criu-libs rpm
ca41c80 cloned_binary: use cleanup_close
e1c3906 tests, cri-o: update go to 1.19
a83001b cgroups v1: fix legacy mode mount.
26fe138 utils: fix applying AppArmor profile
1cfaf54 tests: disable some CRI-O failing tests
5e3ef32 crun: write setgroups=deny when mapping a single uid/gid
da84be0 github: fix cri-o CI on cgroupv2
cdf7864 tests: disable test that requires io.bfq.weight
c54fc6f github: fix running on cgroupv2
0356bf4 NEWS: tag 1.7.2
d389308 criu: hardcode to libcriu version 2
3880f04 cgroup: always enable controller
258c237 crun: fix compile time check for CRIU
6ce11e8 copr: enable wasmedge on all active envs
ada59b2 tests: fix podman tests
d068462 NEWS: tag 1.7.1
9893e99 utils: Improve debug message
db08071 linux: include terminal \0 when copying mapping
67f58c6 utils: fix creating default userns
5689bd1 krun: disable libkrun's collection of env vars
6b8da56 krun: copy the OCI configuration file
92db973 configure.ac: do not link libcriu dynamically
f6a5109 criu: add check at runtime for the version
8c3fc12 criu: load libcriu dynamically
b3189ef src: run make clang-format
be6c22c fix timestamp format, tv_usec is microsecond not nanosecond
ff95309 copr: enable wasmedge on epel9
40f66c0 seccomp: initialize libgcrypt
9bff00a Add setlinebuf() when --debug and --log=file: are used.
cb6ae27 handlers: set selinux/apparmor profile
0efbe56 utils: change AppArmor profile for the current proc
f1f286a utils: change SELinux label for the current proc
a1cd1a6 handlers: use only the handler name if needed
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The aardvark-dns is an optional runtime dependency of the netavark.
This recipe introduces the aardvark-dns, so it can be integrated
to netavark.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The recipe is generated via cargo-bitbake. Modifications are done
in netavark.inc to allow re-genrating the recipe for future updates.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Redefine do_compile logic to drop {LINKSHARED} to fix the
below build failure.
WARNING: /build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/temp/run.do_compile.923432:185 exit 1 from 'aarch64-wrs-linux-go install -linkshared -p 48 -v -ldflags="-r /usr/lib64/go/pkg/linux_arm64_dynlink -I /lib64/ld-linux-aarch64.so.1 -extldflags ' -mcpu=cortex-a53 -march=armv8-a+crc -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/recipe-sysroot -Wl,-rpath-link=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/recipe-sysroot/usr/lib64/go/pkg/linux_arm64_dynlink -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fmacro-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/yq-4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1=/usr/src/debug/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0 -fdebug-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/yq-4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1=/usr/src/debug/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0 -fmacro-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/build=/usr/src/debug/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0 -fdebug-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/build=/usr/src/debug/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0 -fdebug-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/recipe-sysroot= -fmacro-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/recipe-sysroot= -fdebug-prefix-map=/build/tmp-glibc/work/cortexa53-wrs-linux/yq/4.30.8+gitdd6cf3df146f3e2c0f8c765a6ef9e35780ad8cc1-r0/recipe-sysroot-native= -Wl,-z,relro,-z,now'" -trimpath -buildmode=pie `go_list_packages`'
Before the patch:
# rpm -ql yq
/usr
/usr/bin
/usr/bin/yq
# du -sh /usr/bin/yq
5.2M /usr/bin/yq
After the patch:
# rpm -ql yq
/usr
/usr/bin
/usr/bin/yq
# du -sh /usr/bin/yq
9.0M /usr/bin/yq
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
lxc-test-apparmor-mount and lxc-test-get_item related to apparmor,
since the lxc-test-apparmor has been already skipped, so also skip
those two cases.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Remove the '.git' suffix of the cobra in SRC_URI to make the cobra
SRC_URI exactly the same among the recipes which define cobra to
make sure two local git repos (Yocto supports fetching locally)
which are the same.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We drop our backported patch, since it is now part of the upstream
project.
We also drop {LINKSHARED} from the build, as with the updated buildah
and golang version bumps in oe-core, we get the following build error:
| # github.com/containers/buildah/cmd/buildah
| type:*crypto/elliptic.nistCurve[*crypto/internal/nistec.P384Point]: unreachable sym in relocation: crypto/elliptic.(*nistCurve[*crypto/internal/nistec.P384Point]).Add
| type:*crypto/elliptic.nistCurve[*crypto/internal/nistec.P384Point]: unreachable sym in relocation: crypto/elliptic.(*nistCurve[*crypto/internal/nistec.P384Point]).Add
It is unclear what the linked shared flag was providing in our build,
and we are generally ok with statically linked go applications. So we
drop the flag until a compelling reason exists to debug the linking
failure.
Bumping buildah to version v1.29.1-1-g7fa17a842, which comprises the following commits:
faf0d4fcb [release-1.29] Bump to Buildah v1.29.1
7d5ff3012 Update to c/image 5.24.1
94b723cb5 Bump to v1.29.0
c9cbc6d7d tests: improve build-with-network-test
5e3f26de2 Bump c/storagev1.45.3, c/imagev5.24.0, c/commonv0.51.0
b70fb1765 build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0
fe0256d38 Flake 3710 has been closed. Reenable the test.
f9ef51cbb [CI:DOCS] Fix two diversity issues in a tutorial
3ef898e41 build(deps): bump github.com/fsouza/go-dockerclient from 1.9.2 to 1.9.3
0d87e38b6 vendor in latests containers/(storage, common, image)
15bdd2aad fix bud-multiple-platform-with-base-as-default-arg flake
ac7458e70 stage_executor: while mounting stages use freshly built stage
e1cfcb240 build(deps): bump github.com/fsouza/go-dockerclient from 1.9.0 to 1.9.2
d1c82c29a build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0
4dec25346 vendor in latests containers/(storage, common, image, ocicyrpt)
c0f6c6b7a [Itests: change the runtime-flag test for crun
186b30168 [CI:DOCS] README: drop sudo
1950ab687 Fix multi-arch manifest-list build timeouts
d106e425a Cirrus: Update VM Images
67ab55bbb bud: Consolidate multiple synthetic LABEL instructions
9fced965e build, secret: allow realtive mountpoints wrt to work dir
938c03556 fixed squash documentation
59da1a7f7 build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15
4952862a2 Correct minor comment
820fafc88 Vendor in latest containers/(common, image, storage)
a75b263f7 system tests: remove unhelpful assertions
356668389 buildah: add prune command and expose CleanCacheMount API
a5e177586 vendor: bump c/storage to a747b27
60be7f250 Add support for --group-add to buildah from
00d8d94cb build(deps): bump actions/stale from 6 to 7
e33bb8678 Add documentation for buildah build --pull=missing
5828918bc build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14
4aa28f6a7 build(deps): bump github.com/docker/docker
7a4702ae2 parse: default ignorefile must not point to symlink outside context
67c2e4de5 buildah: wrap network setup errors
d9578d32c build, mount: allow realtive mountpoints wrt to work dir
57a77073a Update to F37 CI VM Images, re-enable prior-fedora
798a250d4 Update vendor or containers/(image, storage, common)
ca96c3678 build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0
e0054a03d Update contact information
e5cc78c43 build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0
46eea3158 Replace io/ioutil calls with os calls
0183471b9 [skip-ci] GHA/Cirrus-cron: Fix execution order
8428bc87b Vendor in containers/common
e60c4d7e5 build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0
ffed85036 remote-cache: support multiple sources and destinations
a1698cde6 Update c/storage after https://github.com/containers/storage/pull/1436
025a8df51 util.SortMounts(): make the returned order more stable
5e792e97b version: Bump to 1.29.0-dev
498b45770 [CI:BUILD] Cirrus: Migrate OSX task to M1
94560581d Update vendor of containers/(common, storage, image)
e6eb05f75 mount=type=cache: seperate cache parent on host for each user
20dd347b9 Fix installation instructions for Gentoo Linux
e162302df build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10
1cfb5eafb GHA: Reuse both cirrus rerun and check workflows
5bd5a4f9d Vendor in latest containers/(common,image,storage)
8e4979e81 build(deps): bump github.com/onsi/gomega from 1.24.0 to 1.24.1
3d755b5eb copier.Put(): clear up os/syscall mode bit confusion
1a18ab341 build(deps): bump golang.org/x/sys from 0.1.0 to 0.2.0
646c28290 Use TypeBind consistently to name bind/nullfs mounts
d4c661a77 Add no-new-privileges flag
1f372c08a Update vendor of containers/(common, image, storage)
b2054360a imagebuildah:build with --all-platforms must honor args for base images
a17238891 codespell code
217b2d524 Expand args and env when using --all-platforms
c554e5330 build(deps): bump github.com/onsi/gomega from 1.23.0 to 1.24.0
ed3707765 GHA: Simplify Cirrus-Cron check slightly
1091222b2 Stop using ubi8
cec864147 remove unnecessary (hence misleading) rmi
ffb00243f chroot: fix mounting of ro bind mounts
a237085fe executor: honor default ARG value while eval base name
481b3cc95 userns: add arbitrary steps/stage to --userns=auto test
dc733f1d2 Don't set allow.mount in the vnet jail on Freebsd
e867db39b copier: Preserve file flags when copying archives on FreeBSD
bf4420f25 Remove quiet flag, so that it works in podman-remote
8b1a490bd test: fix preserve rootfs with --mount for podman-remote
b24449990 test: fix prune logic for cache-from after adding content summary
4290ab5af vendor in latest containers/(storage, common, image)
1d0dd78c3 Fix RUN --mount=type=bind,from=<stage> not preserving rootfs of stage
7aa34b86f Define and use a safe, reliable test image
87e379d5b Fix word missing in Container Tools Guide
57f370d9d Makefile: Use $(MAKE) to start sub-makes in install.tools
3223610ff imagebuildah: pull cache from remote repo after adding content summary
f9693d0a5 Makefile: Fix install on FreeBSD
835668715 Ensure the cache volume locks are unlocked on all paths
0d7414703 Vendor in latest containers/(common,storage)
60382209e Simplify the interface of GetCacheMount and getCacheMount
8f955f801 Fix cache locks with multiple mounts
bdd62ef87 Remove calls to Lockfile.Locked()
cfa10d16c Maintain cache mount locks as lock objects instead of paths
ffb2f27a8 test: cleaning cache must not clean lockfiles
6838cbc81 run: honor lockfiles for multiple --mount instruction
f2e0af5c4 mount,cache: lockfiles must not be part of users cache content
6fa774ddc Update vendor containers/(common,image,storage)
bdb549478 [CI:BUILD] copr: buildah rpm should depend on containers-common-extra
eb9f3648b pr-should-include-tests: allow specfile, golangci
da214d6d4 build(deps): bump dawidd6/action-send-mail from 3.7.0 to 3.7.1
5baed90cd build(deps): bump github.com/docker/docker
82431441a build(deps): bump github.com/fsouza/go-dockerclient from 1.8.3 to 1.9.0
9226bd312 Update vendor containers/(common,image,storage)
26a29674a build(deps): bump actions/upload-artifact from 2 to 3
cadd801fc build(deps): bump actions/checkout from 2 to 3
8ec69a9ad build(deps): bump actions/stale from 1 to 6
356ab96d7 build(deps): bump dawidd6/action-send-mail from 2.2.2 to 3.7.0
27032ea0f build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0
5038a0dae sshagent: LockOSThread before setting SocketLabel
4f272ee49 Update tests for error message changes
788fddb1d Update c/image after https://github.com/containers/image/pull/1299
f232da006 Fix ident for dependabot gha block
acc230dc3 build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6
dc81652ff Fix man pages to match latest cobra settings
7260a4b0d build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
fba8daf13 build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1
df8f0fa88 test: retrofit 'bud with undefined build arg directory'
9d43eb95e imagebuildah: warnOnUnsetBuildArgs while processing stages from executor
1a2af6864 Update contrib/buildahimage/Containerfile
e1c7a5df1 Cirrus CI add flavor parameter
b5c86a8e0 Correction - `FLAVOR` not `FLAVOUR`
f5fc96e79 Changed build argument from `RELEASE` to `FLAVOUR`
36afa3530 Combine buildahimage Containerfiles
472c46f98 bud.bats refactoring: $TEST_SCRATCH_DIR, part 2 of 2
ca65736da bud.bats refactoring: $TEST_SCRATCH_DIR, part 1 of 2
2adbe2a58 System test cleanup: document, clarify, fix
bf0a6e073 test: removing unneeded/expensive COPY
94ea37767 test: warning behaviour for unset/set TARGETOS,TARGETARCH,TARGETPLATFORM
eae3415b1 Bump to v1.28.1-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
skopeo rdepends on it, and skopeo has been extended to native and
nativesdk, so container-host-config needs also be extended.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The /etc/containers/policy.json[1] file is used to specify verification
policy. For now, we can see it's used by both cri-o and skopeo. To avoid
conflict, we use container-host-config to provide this file and make both
skopeo and cri-o depend on it.
[1] https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* don't export CGO_CFLAGS/CGO_CXXFLAGS like the previous version
didn't before:
https://git.yoctoproject.org/meta-virtualization/commit/?id=aceed7bf95cc8a42c8f470d8edf3c6f03d49da00
* both docker-moby and docker-ce have the same issue as shown with
qemuarm build:
docker-moby: http://errors.yoctoproject.org/Errors/Details/690021/
docker-ce: http://errors.yoctoproject.org/Errors/Details/690020/
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The old crio.conf file can cause cri-o start failure. The error
message is as below.
validating runtime config: runtime validation: failed to \
translate monitor fields for runtime runc: cgroupfs manager \
conmon cgroup should be 'pod' or empty
Use new crio.conf file to solve this issue. The file is generated
by 'crio --config="" config --default' command, as indicated in
the old crio.conf file.
With this config file update, the crio.service can now start correctly.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
crio.service now reports the following error messages:
level=error msg="Writing clean shutdown supported file: \
open /var/lib/crio/clean.shutdown.supported: no such file or directory"
level=error msg="Failed to sync parent directory of clean \
shutdown file: open /var/lib/crio: no such file or directory"
Create /var/lib/crio to avoid such error message.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
For cri-o, libselinux is optional, this can be seen from
its Makefile. So let's make selinux optional by using PACKAGECONFIG,
whose default value is determined by the DISTRO_FEATURES. In this
way, meta-selinux dependency is not necessary.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
libseccomp is not in oe-core. There's no need to check
meta-security any more.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
ostree is in meta-oe, libseccomp is in oe-core. So remove these two.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Instead of providing storage and registries configuration files
in this package, we inherit container-host which will provide a
common definition of these configs.
This allows multiple packages to ensure that the configuration
files are present, and not conflict in their installation.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a configuration only recipe that produces a package which
installs some common configuration files.
In this introduction we have both registries.conf and storage.conf.
Packages that require these files should RDEPEND on this package
(or inherit container-host.bbclass) and the files will be installed.
If conflicting requirements for these global configuration files
arise, they can be resolved through additions to this recipe, or by
providing a higher priority version of the .conf files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introducing a small (at the moment) class that represents configuration
and processing required to prepare a target image to be a container
host.
A recipe that requires container configuration should inherit this
class, and the container-host-config package will be added as a
RDEPENDS, and install common configuration files.
In the future, additional functionality or dependencies will be added
here to synchronize the configuration of multiple container host
packages.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping cri-o to version v1.25.2-11-g1a6bb9c9b, which comprises the following commits:
32d1cb665 mocks: update with new c/storage mocks
fb2753ee2 bump c/storage to fix map leak
3a9449924 Make storage unmount less strict
63f413530 Inject release-notes branch from GitHub actions
7037d1568 ResourceStore: delete entries after they're used
dfff7e6b4 ci-verify: Run get-scripts only on main branch
51d3621c2 Fix GitHub actions CI
aba30569c version: bump to 1.25.2
2845bb5f5 Update c/storage to v1.44.0
c431b53ca Use containerd v1.7.0-beta.0
36c4d1bc2 Bump conmon-rs to v0.4.0
dc9a6b1a8 version: bump to 1.25.1
2863b7d6e Fix lint CI on `main`
e7e849359 config: translate monitor fields when printing config
9edf0c5c7 workloads: fix whitespace
bea0f973d template: fix whitespace and comments in runtimes table
aa329a1e3 Update config README
556d85231 Allow complete Runtimes config to change
9dc1a70b4 Add basic integration tests for runtime reload
7fcef1dbd Add notes on runtime reload support to documentation
d51a01ad3 Reload runtime configs on reload
f06c01231 Invert conditional check in ValidateDefaultRuntime
7ef8fac1a Move default runtime validation to its own function
23081649b config: do not remove runc if different default runtime
b6b835512 use AddInheritableCapabilities
4e4749a27 config: add field AddInheritableCapabilities
24feb7778 server: return already created ID for duplicated requests
e2cce29fc resourcestore: add test for stages
7e7a8d923 server: update stages according to progress with resource creation
b15581620 resource store: return stage when a watcher is requested
398964d9e resource store: introduce stages
706f920f9 cli: fix some inconsistencies in the help text
ebc644a68 Update runc to v1.1.4
a05ddfb4a Fix lint CI
f253c4b7c test: add checkpoint/restore tests
b033570b3 test: do not hard code CNI location
15ec8f36c Provide support for checkpoint and restore
f06e5c8d5 vendor: bump conmon-rs to latest main
7076f72ab oci: add --systemd-cgroup to all runtime commands
f09c1d31b oci: refactor runtime command handling
08ce6edce oci: take ExecCmd
4f5ca801b Update golangci-lint, config and timeout
db3b399a8 server: add container GID to additional groups
b3f970d0f build(deps): bump google.golang.org/grpc from 1.48.0 to 1.49.0
f68121a5b build(deps): bump github.com/containers/kubensmnt from 1.1.3 to 1.2.0
cd90ce156 Bump Kubernetes to v1.25.0
3ba908fdd build(deps): bump github.com/containers/kubensmnt from 1.1.2 to 1.1.3
b241c32d8 Adding annotations for image and sandbox name.
9ef68e8e7 Fix bundle e2e tests
45966c89c build(deps): bump github.com/container-orchestrated-devices/container-device-interface
4b6936f8f bump cri-api to k8s 1.25 rc0
e27f28868 build(deps): bump github.com/urfave/cli/v2 from 2.11.1 to 2.11.2
1ecd63643 build(deps): bump github.com/containers/podman/v4
10069a178 build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.8
4b10ed79f build(deps): bump github.com/prometheus/client_golang
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We drop a patch that is now part of the release.
Bumping skopeo to version v1.11.0-39-g95680f3c, which comprises the following commits:
643a2359 Update c/image after https://github.com/containers/image/pull/1816
2c6e15b5 Run codespell on codebase
df708d16 [CI:DOCS] Disable dependabot
2acac8a6 Update module golang.org/x/term to v0.5.0
f9e2c676 Update golang.org/x/exp digest to 46f607a
47c7902e Remove unnecessary blank lines
c1a57ca1 Pre-allocate an array
2a7b1327 Simplify a condition
e7ab33e6 Rename a variable to avoid an underscore
e90c381a Add missing comment punctuation
70c06b4a Fix, or remove, comments using lint syntax
9137ac56 Simplify an increment
efc6e837 Reformat import statements
a8b9e4e3 Use %w when wrapping errors
99215e40 Remove a duplicate word
afa031e8 Use net/netip.Addr instead of net.IP
891ba3d4 s/interface{}/any/g
f2b3a9c0 Use golang.org/x/exp
f1a6d427 Use strings.Cut
22955d05 go mod tidy -go=1.18
007f01c6 [CI:BUILD] enable debuginfo for el8 copr builds
036bf598 [CI:BUILD] copr: fix el8 build and enable debuginfo
f9406bb0 Cirrus: Use human-readable CI VM Images
b41b85ab Update module gopkg.in/yaml.v2 to v3
d2fbec35 Add unit tests for tlsVerifyConfig's yaml.Unmarshaler
9e24a195 [CI:DOCS] Fix up language in README
cc958d3e Move to v1.11.1-dev
9d036f30 Bump to v1.11.0
83bcd136 [CI:DOCS] Format manual page documents
afbdaf8e Update module github.com/containers/common to v0.51.0
c9114248 Update module github.com/containers/image/v5 to v5.24.0
0fad1193 Add (skopeo generate-sigstore-key)
48b9d94c Update c/image after https://github.com/containers/image/pull/1810
80e3fd10 Touch up conscious language issues
9f04dfde Partially fix removal of temporary data in (make test-system)
36c480f6 Don't affect $XDG_RUNTIME_DIR of Podman starting the registry
850bc49d Update module github.com/containers/storage to v1.45.3
a98c1372 Fix storage.conf setup in test-system
19815502 Fix (test-integration), in a container without CI
67a8bef6 Cirrus: Fix c/image CI testing
63da8390 Bump github.com/containers/ocicrypt from 1.1.6 to 1.1.7
1fac61ef Cirrus: Add a common intra-test reset function
292962d3 Fix unnecessary use of podman in CI test
e239f32a Cirrus: Update to F37 CI VM Images
ee804858 Cirrus: Remove redundant package install attempt
0698e82b fix(deps): update module github.com/containers/storage to v1.45.1
bb1ac893 Add support for Fulcio and Rekor, and --sign-by-sigstore=param-file
03b5bdec Update c/image after https://github.com/containers/image/pull/1787
1133a2a3 fix(deps): update module github.com/containers/storage to v1.45.0
d0cf39d8 Cirrus: Skip OSX CI on release-branches
f17eafe8 Correctly use the stdout parameter in some places
58bccf38 fix(deps): update module golang.org/x/term to v0.4.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.4-20-gc6781d10, which comprises the following commits:
f6e2cd3b nsexec: Check for errors in write_log()
9233b3d0 tests/int: test for /dev/null owner regression
fa722c1d libcontainer: skip chown of /dev/null caused by fd redirection
53ceeeab Explicitly pin busybox and debian downloads
3b6625c6 tests/integration/get-images.sh: fix busybox.tar.xz URL
b8ebeece tests: replace local hello world bundle with busybox bundle
e9f8fd32 [1.1] Vagrantfile.fedora: upgrade Fedora to 37
e6a8287c ci: shellcheck: update to 0.8.0, fix/suppress new warnings
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping runc to version v1.1.4-20-gc6781d10, which comprises the following commits:
f6e2cd3b nsexec: Check for errors in write_log()
9233b3d0 tests/int: test for /dev/null owner regression
fa722c1d libcontainer: skip chown of /dev/null caused by fd redirection
53ceeeab Explicitly pin busybox and debian downloads
3b6625c6 tests/integration/get-images.sh: fix busybox.tar.xz URL
b8ebeece tests: replace local hello world bundle with busybox bundle
e9f8fd32 [1.1] Vagrantfile.fedora: upgrade Fedora to 37
e6a8287c ci: shellcheck: update to 0.8.0, fix/suppress new warnings
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping podman-tui to version v0.7.0-68-g907b4d6, which comprises the following commits:
80431f0 Bump golang.org/x/crypto from 0.5.0 to 0.6.0
dc402ba Bump github.com/docker/docker
1fb79aa Bump github.com/rs/zerolog from 1.28.0 to 1.29.0
b1fe3c4 Bump github.com/containerd/containerd from 1.6.8 to 1.6.12
197f356 Bump github.com/sylabs/sif/v2 from 2.8.0 to 2.8.1
7f43ecc Bump github.com/docker/docker
1fdbb8d Bump golang.org/x/crypto from 0.4.0 to 0.5.0
6941d4b Bump github.com/navidys/tvxwidgets from 0.2.0 to 0.3.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We adjust FILES to pickup new systemd utilities, but otherwise the
recipe is unchanged.
Bumping libpod to version v4.4.1-6-g73f52c051, which comprises the following commits:
84521f52d Update to c/image 5.24.1
8e5eb9a79 events + container inspect test: RHEL fixes
65c412383 Bump to v4.4.2-dev
34e8f3933 Bump to v4.4.1
7431f3d00 Update release notes for Podman 4.4.1
68a58c9a1 kube play: do not teardown unconditionally on error
a1cc3733b Resolve symlink path for qemu directory if possible
c3d781de0 events: document journald identifiers
52ae4a2c4 Quadlet: exit 0 when there are no files to process
1ee04fcc7 Cleanup podman-systemd.unit file
f3ea36100 Install podman-systemd.unit man page, make quadlet discoverable
2b7ea6442 Add missing return after errors
1d76a166c oci: bind mount /sys with --userns=(auto|pod:)
20d31a0a6 docs: specify order preference for FROM
590186e0d Cirrus: Fix & remove GraphQL API tests
7407ccdc3 test: adapt test to work on cgroupv1
c2971a66a make hack/markdown-preprocess parallel-safe
322802e40 Fix default handling of pids-limit
6ce1a11b7 system tests: fix volume exec/noexec test
e2a40dfa2 Bump to v4.4.1-dev
3443f453e Bump to v4.4.0
f42972714 Final release notes for v4.4.0
c927ad03b Emergency fix for RHEL8 gating tests
ef4e7b8c7 Do not mount /dev/tty into rootless containers
bbaa54258 Fixes port collision issue on use of --publish-all
c3566cda4 Fix usage of absolute windows paths with --image-path
9eb960707 fix #17244: use /etc/timezone where `timedatectl` is missing on Linux
5c94568e9 podman-events: document verbose create events
45b00b648 Making gvproxy.exe optional for building Windows installer
63f964c08 Add gvproxy to Windows packages
579c5dc80 Match VT device paths to be blocked from mounting exactly
605079dc8 Clean up more language for inclusiveness
f4bf448d8 Set runAsNonRoot=true in gen kube
45b9e17d7 quadlet: Add device support for .volume files
92bae973c fix: running check error when podman is default in wsl
edb7779cd fix: don't output "ago" when container is currently up and running
6870dae23 journald: podman logs only show logs for current user
cd4590908 journald: podman events only show events for current user
097ca6056 Add (podman {image,manifest} push --sign-by-sigstore=param-file.yaml)
916ea3e5d DB: make loading container states optional
de84be54e ps: do not sync container
3a65466ba Allow --device-cgroup-rule to be passed in by docker API
36875c265 [v4.4] Bump to Buildah v1.29.0
8ff381f45 Bump to v4.4.0-dev
dc3dfce94 Bump to v4.4.0-RC3
425da01d4 Create release notes for v4.4.0
300904a84 Cirrus: Update operating branch
9904fbed3 fix APIv2 python attach test flake
9d1c153cf ps: query health check in batch mode
fda62b2d8 make example volume import, not import volume
623ad2a63 Correct output when inspecting containers created with --ipc
2db468204 Vendor containers/(storage, image, common, buildah)
c4aae9b47 Get correct username in pod when using --userns=keep-id
6f519c9bd ps: get network data in batch mode
795708f8b build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0
4ed46c984 add hack/perf for comparing two container engines
b7ab889a7 systems: retrofit dns options test to honor other search domains
5925fe1a5 ps: do not create copy of container config
e2c44c3d4 libpod: set search domain independently of nameservers
06241077c libpod,netavark: correctly populate /etc/resolv.conf with custom dns server
366e1686a podman: relay custom DNS servers to network stack
2b650e37c (fix) mount_program is in storage.options.overlay
b29313811 Change example target to default in doc
86699954b network create: do not allow `default` as name
3ae84fe0a kube-play: add support for HostPID in podSpec
d0794ab9e build(deps): bump github.com/docker/docker
ca91cf416 Let's see if #14653 is fixed or not
8f7886515 Add support for podman build --group-add
f65d79f4c vendor in latests containers/(storage, common, build, image)
7be8ff564 unskip network update test
b5bfc2654 do not install swagger by default
2ad938ec6 pasta: skip "Local forwarder, IPv4" test
3db8ef37d add testbindings Makefile target
5ad72a234 update CI images to include pasta
f07aa2add [CI:DOCS] Add CNI deprecation notices to documentation
07d297ca3 Cirrus: preserve podman-server logs
4faa139b7 waitPidStop: reduce sleep time to 10ms
fd42c1dcb StopContainer: return if cleanup process changed state
e0f671007 StopSignal: add a comment
ac47d0719 StopContainer: small refactor
e8b35a8c2 waitPidStop: simplify code
51836aa47 e2e tests: reenable long-skipped build test
36510f60d Add openssh-clients to podmanimage
0bd51f6c8 Reworks Windows smoke test to tunnel through interactive session.
b5a6f3f91 fix bud-multiple-platform-with-base-as-default-arg flake
ef3f09879 Remove ReservedAnnotations from kube generate specification
6d3858b21 e2e: update test/README.md
17b5bd758 e2e: use isRootless() instead of rootless.IsRootless()
bfc5f07d9 Cleanup documentation on --userns=auto
120d16b61 Bump to v4.4.0-dev
24cc02a64 Bump to v4.4.0-rc2
ddf8e4989 Vendor in latest c/common
dc2bd0857 sig-proxy system test: bump timeout
193b2a836 build(deps): bump github.com/containernetworking/plugins
a581d2a04 rootless: rename auth-scripts to preexec-hooks
bdf100179 Docs: version-check updates
79865c290 commit: use libimage code to parse changes
bdc323cbf [CI:DOCS] Remove experimental mac tutorial
8db2b4b73 man: Document the interaction between --systemd and --privileged
70057c8b4 Make rootless privileged containers share the same tty devices as rootfull ones
067442b57 container kill: handle stopped/exited container
a218960bc Vendor in latest containers/(image,ocicrypt)
6f919af78 add a comment to container removal
5ac5aaa72 Vendor in latest containers/storage
daf747f16 Cirrus: Run machine tests on PR merge
4bb69abd5 fix flake in kube system test
9a206fdc9 kube play: complete container spec
a02a10f3f E2E Tests: Use inspect instead of actual data to avoid UDP flake
c2b36beb4 Use containers/storage/pkg/regexp in place of regexp
c433982d1 Vendor in latest containers/storage
11835d5d0 Cirrus: Support using updated/latest NV/AV in PRs
d9bf3f129 Limit replica count to 1 when deploying from kubernetes YAML
1ab833fb7 Set StoppedByUser earlier in the process of stopping
6ab883448 podman-play system test: refactor
470b68077 Bump to v4.4.0-dev
d8774a93c Bump to v4.4.0-RC1
882cd17f8 network: add support for podman network update and --network-dns-server
d2fb6cf05 service container: less verbose error logs
b10a906b5 Quadlet Kube - add support for PublishPort key
ad12d61c6 e2e: fix systemd_activate_test
758f20e20 Compile regex on demand not in init
3e2b9a28d [docker compat] Don't overwrite the NetworkMode if containers.conf overrides netns.
5b1bdf949 E2E Test: Play Kube set deadline to connection to avoid hangs
f4c81b0aa Only prevent VTs to be mounted inside privileged systemd containers
a5ce3b3cd e2e: fix play_kube_test
81a3f7cb8 Updated error message for supported VolumeSource types
2bf94b764 Introduce pkg retry logic in win installer task
db0323639 logformatter: include base SHA, with history link
37ade6be1 Network tests: ping redhat.com, not podman.io
2d8225cd4 cobra: move engine shutdown to Execute
35d2f61ec Updated options for QEMU on Windows hosts
28f13a74b Update Mac installer to use gvproxy v0.5.0
4cf06fe7e podman: podman rm -f doesn't leave processes
494db3e16 oci: check for valid PID before kill(pid, 0)
cf364703f linux: add /sys/fs/cgroup if /sys is a bind mount
1bd3d32c5 Quadlet: Add support for ConfigMap key in Kube section
4a7a45f97 remove service container _after_ pods
07cc49efd Kube Play - allow setting and overriding published host ports
9fe86ec7f oci: terminate all container processes on cleanup
6dd1d48fd Update win-sshproxy to 0.5.0 gvisor tag
e332b6246 Vendor in latest containers/common
92cdad031 Fix a potential defer logic error around locking
a7f53932a logformatter: nicer formatting for bats failures
ee3380e6b logformatter: refactor verbose line-print
e82045f73 e2e tests: stop using UBI images
6038200fe k8s-file: podman logs --until --follow exit after time
767947ab8 journald: podman logs --until --follow exit after time
c674b3dd8 journald: seek to time when --since is used
5f032256d podman logs: journald fix --since and --follow
7826e1ced Preprocess files in UTF-8 mode
4587e7fdb Bump golang.org/x/tools from 0.4.0 to 0.5.0 in /test/tools
eea78ec7b Vendor in latest containers/(common, image, storage)
54afda22b Switch to C based msi hooks for win installer
710eeb340 hack/bats: improve usage message
d7ac11005 hack/bats: add --remote option
1a2e54ce6 hack/bats: fix root/rootless logic
d0c89e90b Describe copy volume options
bfdffb5b6 Support sig-proxy for podman-remote attach and start
6886e80b4 libpod: fix race condition rm'ing stopping containers
fb73121c4 e2e: fix run_volume_test
86965f758 Add support for Windows ARM64
f9e8e8cfd Add shared --compress to man pages
df02cb51e Add container error message to ContainerState
d92bfd244 Man page checker: require canonical name in SEE ALSO
2a16e0484 system df: improve json output code
03c7f47aa kube play: fix the error logic with --quiet
9f0a37cd4 System tests: quadlet network test
e47964417 Fix: List container with volume filter
cd3492304 adding -dryrun flag
347d5372e Quadlet Container: Add support for EnvironmentFile and EnvironmentHost
68fbebfac Kube Play: use passthrough as the default log-driver if service-container is set
635c00840 System tests: add missing cleanup
8e77f4c99 System tests: fix unquoted question marks
16b595c32 Build and use a newer systemd image
a061d793d Quadlet Network - Fix the name of the required network service
3ebb822e2 System Test Quadlet - Volume dependency test did not test the dependency
a741299ef fix `podman system connection - tcp` flake
1d3fd5383 vendor: bump c/storage to a747b27
598b93722 Fix instructions about setting storage driver on command-line
18b21b89c Test README - point users to hack/bats
2000c4c80 System test: quadlet kube basic test
479052afa Fixed `podman update --pids-limit`
553df8748 podman-remote,bindings: trim context path correctly when its emptydir
9f5f092f1 Quadlet Doc: Add section for .kube files
200f86ede e2e: fix containers_conf_test
0c94f6185 Allow '/' to prefix container names to match Docker
0c6805880 Remove references to qcow2
1635db474 Fix typos in man page regarding transient storage mode.
85ceb7fb5 make: Use PYTHON var for .install.pre-commit
338b28393 Add containers.conf read-only flag support
d27ebf2ee Explain that relabeling/chowning of volumes can take along time
45b180c1f events: support "die" filter
1e84e1a8d infra/abi: refactor ContainerRm
3808067ff When in transient store mode, use rundir for bundlepath
0179aa245 quadlet: Support Type=oneshot container files
236f0cc50 hacks/bats: keep QUADLET env var in test env
97f9d625a New system tests for conflicting options
bfec23c36 Vendor in latest containers/(buildah, image, common)
24b1e81c5 Output Size and Reclaimable in human form for json output
4724fa307 podman service: close duplicated /dev/null fd
8e05caef6 ginkgo tests: apply ginkgolinter fixes
3e48d74c8 Add support for hostPath and configMap subpath usage
3ac5d1009 export: use io.Writer instead of file
1bac16096 rootless: always create userns with euid != 0
90719d38f rootless: inhibit copy mapping for euid != 0
02555d166 pkg/domain/infra/abi: introduce `type containerWrapper`
987c8e3a7 vendor: bump to buildah ca578b290144 and use new cache API
0cf36684c quadlet: Handle booleans that have defaults better
dd428af89 quadlet: Rename parser.LookupBoolean to LookupBooleanWithDefault
ddeb9592c Add podman-clean-transient.service service
80de85081 Stop recording annotations set to false
9187df5b2 Unify --noheading and -n to be consistent on all commands
2bbeba70b pkg/domain/infra/abi: add `getContainers`
ae706e61b Update vendor of containters/(common, image)
24ab178fb specfile: Drop user-add depedency from quadlet subpackage.
e9243f904 quadlet: Default BINDIR to /usr/bin if tag not specified
d974a79e2 Quadlet: add network support
070b69205 Add comment for jsonMarshal command
d1496afb5 Always allow pushing from containers-storage
0bc3d3579 libpod: move NetNS into state db instead of extra bucket
80878f20b Add initial system tests for quadlets
20b10574d quadlet: Add --user option
4fa65ad0d libpod: remove CNI word were no longer applicable
1424f0958 libpod: fix header length in http attach with logs
12d058400 podman-kube@ template: use `podman kube`
3868d2d82 build(deps): bump github.com/docker/docker
f4d0496b5 wait: add --ignore option
461726a3f qudlet: Respect $PODMAN env var for podman binary
a4a647c0b e2e: Add assert-key-is-regex check to quadlet e2e testsuite
84f3ad356 e2e: Add some assert to quadlet test to make sure testcases are sane
97f63da67 remove unmapped ports from inspect port bindings
fa4b34618 update podman-network-create for clarity
3718ac8e9 Vendor in latest containers/common with default capabilities
f0a8c0bd9 pkg/rootless: Change error text ...
290019c48 rootless: add cli validator
71f96c2e6 rootless: define LIBEXECPODMAN
14ee8faff doc: fix documentation for idmapped mounts
dcbf7b448 bump golangci-lint to v1.50.1
b1bb84637 build(deps): bump github.com/onsi/gomega from 1.24.1 to 1.24.2
89939dea9 [CI:DOCS] podman-mount: s/umount/unmount/
46b7d8d1e create/pull --help: list pull policies
bddd3f5b5 Network Create: Add --ignore flag to support idempotent script
866426a93 Make qemu security model none
fdcc2257d libpod: use OCI idmappings for mounts
4a5581ce0 stop reporting errors removing containers that don't exist
80405a2a5 test: added test from wait endpoint with to long label
fd92a6807 quadlet: Default VolatileTmp to off
b4d90b2eb build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.11
f155a4e78 docs/options/ipc: fix list syntax
b3c7c1872 Docs: Add dedicated DOWNLOAD doc w/ links to bins
f825481a4 Make a consistently-named windows installer
45a40bf58 checkpoint restore: fix --ignore-static-ip/mac
95cc7e052 add support for subpath in play kube for named volumes
364ed81b4 build(deps): bump golang.org/x/net from 0.2.0 to 0.4.0
59118b42b golangci-lint: remove three deprecated linters
08741496d parse-localbenchmarks: separate standard deviation
bf66b6ac7 build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0
7bd1dbb75 podman play kube support container startup probe
43e307b84 Add podman buildx version support
7c6873b23 Cirrus: Collect benchmarks on machine instances
b361a42e6 Cirrus: Remove escape codes from log files
59ce7cf1c [CI:DOCS] Clarify secret target behavior
fe3d3256e Fix typo on network docs
9f6cf50d5 podman-remote build add --volume support
2dde30b93 remote: allow --http-proxy for remote clients
2f29639bd Cleanup kube play workloads if error happens
1ed982753 health check: ignore dependencies of transient systemd units/timers
04ea8eade fix: event read from syslog
db4d01871 Fixes secret (un)marshaling for kube play.
7665bbc12 Remove 'you' from man pages
1bfaf5194 build(deps): bump golang.org/x/tools from 0.3.0 to 0.4.0 in /test/tools
97c56eef6 [CI:DOCS] test/README.md: run tests with podman-remote
8b87665f2 e2e: keeps the http_proxy value
9b702460e Makefile: Add podman-mac-helper to darwin client zip
c7b936a41 test/e2e: enable "podman run with ipam none driver" for nv
45f8b1ca9 [skip-ci] GHA/Cirrus-cron: Fix execution order
4fa307f14 kube sdnotify: run proxies for the lifespan of the service
7d16c2b69 Update containers common package
75f421571 podman manpage: Use man-page links instead of file names
86f4bd4f5 e2e: fix e2e tests in proxy environment
4134a3723 Fix test
28774f18c disable healthchecks automatically on non systemd systems
1ea00ebda Quadlet Kube: Add support for userns flag
07a386835 [CI:DOCS] Add warning about --opts,o with mount's -o
93d2ec148 Add podman system prune --external
f1dbfda80 Add some tests for transient store
e74b3f24e runtime: In transient_store mode, move bolt_state.db to rundir
25d9af8f4 runtime: Handle the transient store options
56115d5e5 libpod: Move the creation of TmpDir to an earlier time
c9961e18c network create: support "-o parent=XXX" for ipvlan
2f5025a2d compat API: allow MacAddress on container config
a55413c80 Quadlet Kube: Add support for relative path for YAML file
8c3af7186 notify k8s system test: move sending message into exec
a651cdfbc runtime: do not chown idmapped volumes
f3c5b0f9d quadlet: Drop ExecStartPre=rm %t/%N.cid
d61618ad4 Quadlet Kube: Set SyslogIdentifier if was not set
eaab4b99a Add a FreeBSD cross build to the cirrus alt build task
39b6ccb38 Add completion for --init-ctr
af86b4f62 Fix handling of readonly containers when defined in kube.yaml
98a1b551f Build cross-compilation fixes
6ed8dc17c libpod: Track healthcheck API changes in healthcheck_unsupported.go
16cf34dc3 quadlet: Use same default capability set as podman run
b34ab8b5f quadlet: Drop --pull=never
098ad52ec quadlet: Change default of ReadOnly to no
1c3fddfaf quadlet: Change RunInit default to no
d19ea6a60 quadlet: Change NoNewPrivileges default to false
a93a390b8 test: podman run with checkpoint image
f4401567c Enable 'podman run' for checkpoint images
3a362462c test: Add tests for checkpoint images
bdd5f8245 CI setup: simplify environment passthrough code
10e020c65 Init containers should not be restarted
c83efd0f0 Update c/storage after https://github.com/containers/storage/pull/1436
486790f61 Set the latest release explicitly
d19e1526d add friendly comment
1d84f0adb fix an overriding logic and load config problem
2b6cf1d07 Update the issue templates
2862ecf28 Update vendor of containers/(image, buildah)
1c1a8d33f [CI:DOCS] Skip windows-smoke when not useful
190bab553 [CI:DOCS] Remove broken gate-container docs
bb10095ec OWNERS: add Jason T. Greene
68d41c68d hack/podmansnoop: print arguments
009f5ec67 Improve atomicity of VM state persistence on Windows
052174891 [CI:BUILD] copr: enable podman-restart.service on rpm installation
54ef7f98d macos: pkg: Use -arm64 suffix instead of -aarch64
fe548dd0b linux: Add -linux suffix to podman-remote-static binaries
d22395007 linux: Build amd64 and arm64 podman-remote-static binaries
71f92d263 container create: add inspect data to event
d2ac99d65 Allow manual override of install location
f17479c71 Run codespell on code
cb96eac45 Add missing parameters for checkpoint/restore endpoint
d16129330 Add support for startup healthchecks
2df0d9da9 Add information on metrics to the `network create` docs
96c208efb Introduce podman machine os commands
32d80378e Document that ignoreRootFS depends on export/import
1d031bf3b Document ignoreVolumes in checkpoint/restore endpoint
279a4ac77 Remove leaveRunning from swagger restore endpoint
07940764c libpod: Add checks to avoid nil pointer dereference if network setup fails
dce7b3a5b Address golangci-lint issues
3eeb50d48 Bump golang version to 1.18
fbbef79c8 Documenting Hyper-V QEMU acceleration settings
9a6b70155 Kube Play: fix the handling of the optional field of SecretVolumeSource
35b46a420 Update Vendor of containers/(common, image, buildah)
75f6a1d59 Fix swapped NetInput/-Output stats
f06869168 libpod: Use O_CLOEXEC for descriptors returned by (*Container).openDirectory
fad50a9f2 chore: Fix MD for Troubleshooting Guide link in GitHub Issue Template
64a450c51 test/tools: rebuild when files are changed
2ddf1c5cb ginkgo tests: apply ginkgolinter fixes
c7827957a ginkgo: restructure install work flow
ce7d4bbc7 Fix manpage emphasis
5d26628df specgen: support CDI devices from containers.conf
7eb11e7bb vendor: update containers/common
6502b1faa pkg/trust: Take the default policy path from c/common/pkg/config
ba522e8f3 Add validate-in-container target
3bb9ed4f0 Adding encryption decryption feature
e2fa94e8a container restart: clean up healthcheck state
a4ba5f449 Add support for podman-remote manifest annotate
3084ed468 Quadlet: Add support for .kube files
fb429dbe3 Update vendor of containers/(buildah, common, storage, image)
a891199b9 specgen: honor user namespace value
a575111ad [CI:DOCS] Migrate OSX Cross to M1
285d6c9ba quadlet: Rework uid/gid remapping
f5a43eea2 GHA: Fix cirrus re-run workflow for other repos.
50d72bc63 ssh system test: skip until it becomes a test
e7eed5aa9 shell completion: fix hard coded network drivers
504fcbbf9 libpod: Report network setup errors properly on FreeBSD
dd4d212b0 E2E Tests: change the registry for the search test to avoid authentication
1498f924b pkginstaller: install podman-mac-helper by default
a1b32866c Fix language. Mostly spelling a -> an
caa2dfe01 podman machine: Propagate SSL_CERT_FILE and SSL_CERT_DIR to systemd environment.
72966a32c [CI:DOCS] Fix spelling and typos
ae8a5a892 Modify man page of "--pids-limit" option to correct a default value.
f950b1511 Update docs/source/markdown/podman-remote.1.md
a9094a78a Update pkg/bindings/connection.go
b6850e772 Add more documentation on UID/GID Mappings with --userns=keep-id
0d270ae38 support podman-remote to connect tcpURL with proxy
607cd39e1 Removing the RawInput from the API output
14ef6a91b fix port issues for CONTAINER_HOST
34020b353 CI: Package versions: run in the 'main' step
db34c913b build(deps): bump github.com/rootless-containers/rootlesskit
4c1294ccb pkg/domain: Make checkExecPreserveFDs platform-specific
58869dcc3 e2e tests: fix restart race
7c1ad8a58 Fix podman --noout to suppress all output
9610d4c7b remove pod if creation has failed
f36b3bc81 pkg/rootless: Implement rootless.IsFdInherited on FreeBSD
21f6902ec Fix more podman-logs flakes
1a839a96d healthcheck system tests: try to fix flake
36f8dfaa0 libpod: treat ESRCH from /proc/PID/cgroup as ENOENT
021a23b34 GHA: Configure workflows for reuse
c7073b5fc compat,build: handle docker's preconfigured cacheTo,cacheFrom
dceaa7603 docs: deprecate pasta network name
a9852aa8f utils: Enable cgroup utils for FreeBSD
e5f7fbcbe pkg/specgen: Disable kube play tests on FreeBSD
978c52850 libpod/lock: Fix build and tests for SHM locks on FreeBSD
3371c9d25 podman cp: fix copying with "." suffix
f0dba82bb pkginstaller: bump Qemu to version 7.1.0
f6da2b060 specgen,wasm: switch to crun-wasm wherever applicable
2b4068a03 vendor: bump c/common to v0.50.2-0.20221111184705-791b83e1cdf1
1c79b01f6 libpod: Make unit test for statToPercent Linux only
95bb6efff Update vendor of containers/storage
69d737ef1 fix connection usage with containers.conf
dd98e3cc6 Add --quiet and --no-info flags to podman machine start
00b2bc9b6 Add hidden podman manifest inspect -v option
05c48402b Bump github.com/onsi/gomega from 1.24.0 to 1.24.1
836ca6c00 Add podman volume create -d short option for driver
5df00c6f7 Vendor in latest containers/(common,image,storage)
bc77c034f Add podman system events alias to podman events
ae9a2d26d Fix search_test to return correct version of alpine
75fdbea63 Bump golang.org/x/tools from 0.1.12 to 0.3.0 in /test/tools
329b053cf GHA: Fix undefined secret env. var.
d60c27c9d Release notes for 4.3.1
a13a59a70 GHA: Fix make_email-body script reference
f049fef85 Add release keys to README
dca407d46 GHA: Fix typo setting output parameter
fcfb7d292 GHA: Fix typo.
db439dd23 New tool, docs/version-check
c0a9c6ebc Formalize our compare-against-docker mechanism
a2c43d434 Add restart-sec for container service files
4513fde80 test/tools: bump module to go 1.17
440807210 contrib/cirrus/check_go_changes.sh: ignore test/tools/vendor
9f9bf6fb4 Bump github.com/coreos/go-systemd/v22 from 22.4.0 to 22.5.0
a1323d31d Bump golang.org/x/term from 0.1.0 to 0.2.0
8b8ce8d53 Bump golang.org/x/sys from 0.1.0 to 0.2.0
fa2b4aeef Bump github.com/container-orchestrated-devices/container-device-interface
69ed903b2 build(deps): bump golang.org/x/tools from 0.1.12 to 0.2.0 in /test/tools
d95684676 libpod: Add FreeBSD support in packageVersion
d9aceadea Allow podman manigest push --purge|-p as alias for --rm
b5ee4de8c [CI:DOCS] Add performance tutorial
cfa651f80 [CI:DOCS] Fix build targets in build_osx.md.
3e08f8535 fix --format {{json .}} output to match docker
f807b6784 remote: fix manifest add --annotation
314cba259 Skip test if `--events-backend` is necessary with podman-remote
1c8196a9a kube play: update the handling of PersistentVolumeClaim
616fca9ff system tests: fix a system test in proxy environment
85ae935af Use single unqualified search registry on Windows
cb8c9af5d test/system: Add, use tcp_port_probe() to check for listeners rather than binds
348c3f283 test/system: Add tests for pasta(1) connectivity
b3cf83684 test/system: Move network-related helpers to helpers.network.bash
ea4f168b3 test/system: Use procfs to find bound ports, with optional address and protocol
7e3d04fbc test/system: Use port_is_free() from wait_for_port()
aa47e05ae libpod: Add pasta networking mode
6dd508b8e More log-flake work
3ebcfdbbc Fix test flakes caused by improper podman-logs
919678d2f fix incorrect systemd booted check
0334d8d61 Cirrus: Add tests for GHA scripts
66d857cdd GHA: Update scripts to pass shellcheck
d17b7d852 Cirrus: Shellcheck github-action scripts
2ee40287e Cirrus: shellcheck support for github-action scripts
462ce32e6 GHA: Fix cirrus-cron scripts
d5031946a Makefile: don't install to tmpfiles.d on FreeBSD
85f4d3717 Make sure we can build and read each line of docker py's api client
cdb00332d Docker compat build api - make sure only one line appears per flush
efbad590d Run codespell on code
571833d56 Update vendor of containers/(image, storage, common)
049a5d82f Allow namespace path network option for pods.
f3195c930 Cirrus: Never skip running Windows Cross task
35523d560 GHA: Auto. re-run failed cirrus-cron builds once
3a85d537b GHA: Migrate inline script to file
980d5b362 GHA: Simplify script reference
417490128 test/e2e: do not use apk in builds
3fee351c3 remove container/pod id file along with container/pod
442df2967 Cirrus: Synchronize windows image
274d0f495 Add --insecure,--tls-verify,--verbose flags to podman manifest inspect
cac4919bf runtime: add check for valid pod systemd cgroup
d7e70c748 CI: set and verify DESIRED_NETWORK (netavark, cni)
6ec2bcb68 [CI:DOCS] troubleshooting: document keep-id options
f95ff4f46 Man pages: refactor common options: --security-opt
853072455 Cirrus: Guarantee CNI testing w/o nv/av present
fd9de876f Cirrus: temp. disable all Ubuntu testing
ecd1927b4 Cirrus: Update to F37beta
56fae7dd0 buildah bud tests: better handling of remote
7ec743fe7 quadlet: Warn in generator if using short names
884350d99 Add Windows Smoke Testing
f6c74324b Add podman kube apply command
d1f3dd9e5 docs: offer advice on installing test dependencies
8e55abafd Fix documentation on read-only-tmpfs
b8acdb34c version bump to 4.4.0-dev
b8e03ab44 deps: bump go-criu to v6
fc65d72c3 Makefile: Add cross build targets for freebsd
e23444fbc pkg/machine: Make this build on FreeBSD/arm64
3279342ff pkg/rctl: Remove unused cgo dependency
d76bf4cb5 man pages: assorted underscore fixes
bb78ba19e Upgrade GitHub actions packages from v2 to v3
0d505f20f vendor github.com/godbus/dbus/v5@4b691ce
b20ef9c34 [CI:DOCS] fix --tmpdir typos
9003cdbf6 Do not report that /usr/share/containers/storage.conf has been edited.
71f0c9f33 Eval symlinks on XDG_RUNTIME_DIR
3ad5827b2 hack/podmansnoop
83313c547 rootless: support keep-id with one mapping
5dad34212 rootless: add argument to GetConfiguredMappings
6fe64591d Update vendor containers/(common,storage,buildah,image)
f355900d3 Fix deadlock between 'podman ps' and 'container inspect' commands
59299b519 Add information about where the libpod/boltdb database lives
320ce8c9f Consolidate the dependencies for the IsTerminal() API
871172e6f Ensure that StartAndAttach locks while sending signals
d50a55233 ginkgo testing: fix podman usernamespace join
f0f12658d Test runners: nuke podman from $PATH before tests
3e6637a3b volumes: Fix idmap not working for volumes
237d41f3f FIXME: Temporary workaround for ubi8 CI breakage
11e4c0403 System tests: teardown: clean up volumes
a141c9ac2 update api versions on docs.podman.io
fdc9ca076 system tests: runlabel: use podman-under-test
05bdc7294 system tests: podman network create: use random port
f0ba2d89e sig-proxy test: bump timeout
0ce234425 play kube: Allow the user to import the contents of a tar file into a volume
bac907abf Clarify the docs on DropCapability
33eb45c47 quadlet tests: Disable kmsg logging while testing
b07ba2441 quadlet: Support multiple Network=
8716de2ac quadlet: Add support for Network=...
721922fa7 Fix manpage for podman run --network option
6042ca7fd quadlet: Add support for AddDevice=
f6f65f49d quadlet: Add support for setting seccomp profile
a9f0957c2 quadlet: Allow multiple elements on each Add/DropCaps line
af67f15bc quadlet: Embed the correct binary name in the generated comment
2b0d9cd94 quadlet: Drop the SocketActivated key
d7e248dcf quadlet: Switch log-driver to passthrough
998f834b0 quadlet: Change ReadOnly to default to enabled
0de98b1b6 quadlet tests: Run the tests even for (exected) failed tests
8d41c7d2e quadlet tests: Fix handling of stderr checks
5c3a22e8c Remove unused script file
c4ebe9e2a notifyproxy: fix container watcher
221cfc687 container/pod id file: truncate instead of throwing an error
b7f05cef0 quadlet: Use the new podman create volume --ignore
734c435e0 Add podman volume create --ignore
4966f509b logcollector: include aardvark-dns
6a9c7a580 build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1
e081d22b0 build(deps): bump github.com/BurntSushi/toml from 1.2.0 to 1.2.1
622638b72 docs: generate systemd: point to kube template
c1de4d3ce docs: kube play: mention restart policy
0572e5972 Fixes: 15858 (podman system reset --force destroy machine)
7a9c14d62 fix search flake
4e29ce2ba use cached containers.conf
6c7ae378c adding regex support to the ancestor ps filter function
e5032a8de Fix `system df` issues with `-f` and `-v`
c9c2f644d markdown-preprocess: cross-reference where opts are used
77f8eaa73 Default qemu flags for Windows amd64
e16800e8b build(deps): bump golang.org/x/text from 0.3.8 to 0.4.0
d70ffdaeb Update main to reflect v4.3.0 release
b8c24bbb4 build(deps): bump github.com/docker/docker
b4374f2bd move quadlet packages into pkg/systemd
34235b272 system df: fix image-size calculations
34ee37b91 Add man page for quadlet
84ed9bd5e Fix small typo
120a77e39 testimage: add iproute2 & socat, for pasta networking
30e66d600 Set up minikube for k8s testing
0a6d8b94c Makefile: don't install systemd generator binaries on FreeBSD
cadb64d32 [CI:BUILD] copr: podman rpm should depend on containers-common-extra
02bb7c2cf Podman image: Set default_sysctls to empty for rootless containers
234b2230e Don't use github.com/docker/distribution
9e6b37ec1 libpod: Add support for 'podman top' on FreeBSD
21081355a libpod: Factor out jail name construction from stats_freebsd.go
b82b27cc4 pkg/util: Add pid information descriptors for FreeBSD
62bb59d3b Initial quadlet version integrated in golang
44bac51fc bump golangci-lint to v1.49.0
01a3245d7 Update vendor containers/(common,image,storage)
75222add5 Allow volume mount dups, iff source and dest dirs
cb2631bf3 rootless: fix return value handling
783b4e914 Change to correct break statements
04c126a3b vendor containers/psgo@v1.8.0
c39b71776 Clarify that MacOSX docs are client specific
51c376c8a libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit
bb2b47dc7 Add swagger install + allow version updates in CI
2a622c8af Cirrus: Fix windows clone race
973710c8b build(deps): bump github.com/docker/docker
b35fab6f1 kill: wait for the container
ba276e117 generate systemd: set --stop-timeout for stopping containers
5113343a5 hack/tree_status.sh: print diff at the end
bab816953 Fix markdown header typo
bd4ee2d57 markdown-preprocess: add generic include mechanism
9cdea7fb3 markdown-preprocess: almost complete OO rewrite
33858c1cf Update tests for changed error messages
05119a917 Update c/image after https://github.com/containers/image/pull/1299
8c7673857 Man pages: refactor common options (misc)
617a2de3a Man pages: Refactor common options: --detach-keys
69815a7f1 vendor containers/storage@main
a584bb4e7 Man pages: refactor common options: --attach
0510dd2f1 build(deps): bump github.com/fsnotify/fsnotify from 1.5.4 to 1.6.0
1d18dc267 KillContainer: improve error message
5da54e183 docs: add missing options
57ddeffd0 Man pages: refactor common options: --annotation (manifest)
b256f5f58 build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
f16e9acc6 system tests: health-on-failure: fix broken logic
7ff8c8f79 build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8
00adeda80 build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1
d08b4c133 ContainerEngine.SetupRootless(): Avoid calling container.Config()
03c5f9d02 Container filters: Avoid use of ctr.Config()
af38c79e3 Avoid unnecessary calls to Container.Spec()
55191ecc2 Add and use Container.LinuxResource() helper
7b84a3a43 play kube: notifyproxy: listen before starting the pod
2bee2216c play kube: add support for configmap binaryData
1038f063e Add and use libpod/Container.Terminal() helper
b47b48fd0 Revert "Add checkpoint image tests"
f437078d2 Revert "cmd/podman: add support for checkpoint images"
4dd67272e healthcheck: fix --on-failure=stop
d4052c1aa Man pages: Add mention of behavior due to XDG_CONFIG_HOME
b5950a918 build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6
c34b5be99 Avoid unnecessary timeout of 250msec when waiting on container shutdown
02040089a health checks: make on-failure action retry aware
5b71070e4 libpod: Remove 100msec delay during shutdown
b4b701139 libpod: Add support for 'podman pod' on FreeBSD
7f8964a78 libpod: Factor out cgroup validation from (*Runtime).NewPod
d71160539 libpod: Move runtime_pod_linux.go to runtime_pod_common.go
c35a70d21 specgen/generate: Avoid a nil dereference in MakePod
e187b9711 libpod: Factor out cgroups handling from (*Pod).refresh
713428df0 Adds a link to OSX docs in CONTRIBUTING.md
f8b659d09 Man pages: refactor common options: --os-version
8b189c0a0 Create full path to a directory when DirectoryOrCreate is used with play kube
d4f622da7 Return error in podman system service if URI scheme is not unix/tcp
51c357841 Man pages: refactor common options: --time
0e4eeb52e man pages: document some --format options: images
e136376d1 Clean up when stopping pods
11e83a095 Update vendor of containers/buildah v1.28.0
1e71d124e Proof of concept: nightly dependency treadmill
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The upstream repository has switched to a main branch, we update
our recipe to match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
k3s is using a lot of SRC_URIs and some of them have corrsponding
recipe in meta-virt, which are used by k8s. These components'
SRC_URIs are better to be kept in sync, because this avoids two
local git repos (Yocto supports fetching locally) which are totally
the same. Remove the '.git' suffix from these recipes to sync the
SRC_URIs.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
# ./run-ptest
PASS: acceptance.sh
PASS: bad_args.sh
PASS: basic.sh
PASS: bump-version.sh
PASS: check.sh
PASS: completion.sh
PASS: copy-docs.sh
PASS: coverage.sh
PASS: devtools.sh
PASS: empty.sh
PASS: extract-checksum.sh
PASS: format.sh
PASS: front-matter.sh
PASS: generate-man-page-md.sh
PASS: generate-man-page.sh
PASS: header-processing-off.sh
PASS: inputs-format.sh
PASS: install-man-page.sh
PASS: leading-seperator.sh
PASS: load-file.sh
PASS: output-format.sh
PASS: pipe.sh
PASS: pretty-print.sh
PASS: release-deb.sh
PASS: secure.sh
PASS: setup.sh
PASS: split-printer.sh
PASS: test-docker.sh
PASS: test.sh
PASS: xcompile.sh
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Upgrade yq to 4.30.8 [1].
[1] https://github.com/mikefarah/yq/releases/tag/v4.30.8
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes:
ERROR: yq-1.13.1+gite0f5cb3c5958e57c7f250a7030e92c768c1b2b19-r0 do_package_qa: QA Issue: /usr/lib64/go/src/github.com/mikefarah/yq/debian/rules contained in package yq-dev requires /usr/bin/make, but no providers found in RDEPENDS:yq-dev? [file-rdeps]
ERROR: yq-1.13.1+gite0f5cb3c5958e57c7f250a7030e92c768c1b2b19-r0 do_package_qa: QA Issue: /usr/lib64/go/src/github.com/mikefarah/yq/scripts/xcompile.sh contained in package yq-dev requires /bin/bash, but no providers found in RDEPENDS:yq-dev? [file-rdeps]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping containerd to version v1.7.0-beta.3-71-gfdfdc9bfc, which comprises the following commits:
fe0116ec2 CI: skip some jobs when `repo != containerd/containerd`
b944b108d Clean up repeated package import
76a62e52a Use http constants instead of string
13652e081 fetch: Use data from descriptor when available.
6ae3e5df6 Fix retry logic within devmapper device deactivation
6adb6a727 Rename release CI job
aed3b0a70 Clean CI file
617c66dcc Add critest.exe in $PATH
757b8f702 keep the uppercase letter for flag info
e5c57f242 update hcsshim tag to v0.10.0-rc.5 and revendor
1f35b0336 Fix sandbox exit monitor
d1cd9757e Generate GRPC for runtime task service
86c238c87 Generate GRPC for runtime sandbox API
99580e0aa Update TTRPC and Protobuild dependencies
b9b44ed5c Removing end of line for last line
dbf384a5a Export remote snapshotter label handler
d6070f8a7 go.mod: github.com/urfave/cli v1.22.12
2f1aad03a cleanup useless IntToInt32Array func
e551d734f pkg/epoch: drop timezone
eeab05242 Make `mount.UnmountRecursive` compatible to `mount.UnmountAll`
58bd5a094 go.mod: update github.com/containerd/nri.
c46aaa8df Add integration test for tracing on image pull
7ec75b120 Update CNI to 1.2.0
306db3e70 go.mod: github.com/containerd/cgroups/v3 v3.0.0
5082fb395 go.mod: go.opentelemetry.io/otel v1.12.0
8886b05dc integration: use sleep inf with busybox:1.36
005d30e84 deflake: TestContainerPids
6de94a4cc log/logtest: add `testcase` as debug field
97ddac539 RELEASES.md: update release status
b36b41552 cri: mkdir /etc/cni with 0755, not 0700
7eb652830 release: Ubuntu 18.04 -> 20.04 (glibc 2.27 -> 2.31)
b473c2922 release: Add "cri-containerd.DEPRECATED.txt" in the deprecated cri-containerd-* bundles
d00655092 Update the EOL date for 1.5 release
336c0cd2c Prepare release notes for v1.7.0-beta.3
77e51e9b0 Adding support to run hcsshim from local clone
27cf7f87d fix(docs): minor fix on the windows installation steps
d21578674 runtime docs: Clarify delete cwd behavior
34d587818 Use mount.Target to specify subdirectory of rootfs mount
21fe0ceaa Move PLEG events for pause container to podsandbox
12359559d reused package errdefs for not supported err
4f39b164f pkg/cri: optimize slice initialization
9f6058d02 pushWriter: correctly propagate errors
361291559 Update vendored files
d845b2a9c go.mod: update goresctrl to v0.3.0
ac72483e8 Fix syntax errors in the document
f9f845533 Backport #7393 to sbserver
0cbfb3375 Backport #7661 to sbserver
41eabf134 Backport #7685 to sbserver
b0d7a9697 Backport unit test from #7882 to sbserver
b1c5c57be Fix Memory Limit test
d1e1a1646 release/Dockerfile: set DEBIAN_FRONTEND=noninteractive
7ddd8add4 CI: remove redundant archs from ci.yml
ffabc8a29 CI: test release.yml on every PR
b9bd10c14 use local variable for rt when iterating collectors
1ade777c2 Add basic spec and mounts for Darwin
66eeee043 Update hcsshim tag to v0.10.0-rc.4
3c8469a78 Use Platform instead of generated API
802c6c5c0 fuzzing: improve archive fuzzer
40be96efa Have separate spec builder for each platform
fdfa3519a Remove unused params from platformSpec
1c1d8fb05 Update OCI spec tests for generic platform
f43d8924e Move most of OCI spec options to common builder
21338d277 Add stub to build common OCI spec
f318e5630 Update sandbox API to return target platform
dd22a3a80 Move WithMounts to specs
0ae0399b1 Make OCI spec opts available on all platforms
5f1a42543 shim: move reap log line to debug
515d68099 shim: enable debug logging for delete
c8f4ab3b0 update to go1.19.5, go1.18.10
9c8c4508e cri: Fix TestUpdateOCILinuxResource for host w/o swap controller
82d6c2f93 Revert container_stats_test.go change which caused Windows CRI integration test failure
0b9313c42 ctr/run: flags --detach and --rm cannot be specified together
6f9936e30 mod: update github.com/pelletier/go-toml@v1.9.5
f0917fb6e archive: improve TestSourceDateEpoch
9df5a1714 snapshots: refactor metastore transaction
f9a702105 docs/content-flow: update the description of the content labels
fc905324a docs/content-flow: update the digests of the redis:5.0.9
0de12cf7e Add tracing plugin test
b550526cc Use cleanup.Background instead of context.Background for cleanup
38159694f Prepare release notes for v1.7.0-beta.2
88c8d2e39 docs: fix a typo in tracing documentation
79d09c69b CI: Pass GITHUB_TOKEN to containerd/project-checks
06bfcd658 Enable dupword linter
0abc2f160 ctr: Add platform flag to 'oci spec' command
f606c4eba Add cleanup package for context management during cleanup
419b5ab04 Cirrus CI (Fedora 37, Rocky 8): enable cri-integration
7b1f08bf5 nri_test.go: skip if SELinux is enabled
dcbb32d6f cri-integration: set SelinuxRelabel
0f163d696 TestVolumeOwnership: compare GID, not group name
76d68b080 container_stats_test.go: avoid checking snapshot size
12955d291 Vagrantfile: fix comments about SELinux
bb86c6e57 contrib/Dockerfile.test: add "integration", "cri-integration", "critest" stages
5e84f08c4 Vagrantfile: fix disk resize error with VirtualBox
778e8f2af Use the const labels.LabelUncompressed
a5b979623 Add lease to transfer to preserve streams during transfer
3f0edb249 CRI: Comment cleanup/misc fixes
1753e5af7 Reused errdefs for error
5a00d28a6 Fix TestUpdateContainerResources_Memory* on cgroup v2 hosts
a5ea5935b integration/images: switch away from Docker Hub to avoid rate limit
119bbec9e Vagrantfile: install-rootless-podman: remove `setenforce 0`
d7ef6cbfa [streaming] move response packet after registration
72ef98622 cri: Simplify parseUsernsIDs()
4eed20fc3 cri: Verify userns container config is consisten with sandbox
a44b35627 cri: Fix assert vs require in tests
6b333fd21 `ctr contents ls` sorts the labels of the content
3b48fb5b5 cri: Shadow variables to avoid t.Parallel() issues
6b7e237fc chore: use `go fix` to cleanup old +build buildtag
1d0619bc0 Refactor metastore transaction
ca69ae265 Add integration tests for CRI userns
09243e43f make runc 1.1 for oss_fuzz_build.sh
94c68aa00 oci: appendOSMounts(): remove unused error, and move
d66afd211 add kube v1.26: remove v1alpha2 cri support
e94d92571 CRI sbserver: Prevent server reuse after Shutdown.
b10536d64 Reused errdefs define error
229779a4e oci: Add WithDomainname
ba0a7185f add network plugin metrics
a2df12d1a fix `ctr tasks kill` does not remove cni network under windows
0bc9f7b54 Avoid using canceled context in unpacker cleanup
b6df6708b Check containerd's readiness before calling critest
a27e09548 Fix grammar and spelling mistakes in README
a7adeb697 cri: Support pods with user namespaces
31a644973 Add capability for snapshotters to declare support for UID remapping
36f520dc0 Let OCI runtime create netns when userns is used
47fee791f Add sandbox store plugin type
6e55234c3 Add unit test to function GetCPUVariantFromArch
8d5c04543 Use uname machine field to get CPU variant if fails at /proc/cpuinfo
3ee6dd5c1 CRI: Fix no CNI info for pod sandbox on restart
aa8a389c5 overlay snapshotter: Make use of WithTransaction
2c573de6d Move snapshot event publishing into metadata store
d5dd11dcd Enable checkRename test
415750388 cri: fix `memory.memsw.limit_in_bytes: no such file or directory`
791428005 Prevent a race condition in testHook
54f1bdee3 "make proto-fmt" doesn't like spaces
52a748039 Remove github.com/gogo/protobuf again
ce4ea2695 go.mod: update fuzz-headers and fuzz-build
a4d5c3e5c Support sandboxed shims shutdown
fb7a04234 move up to CRI-TOOLS v1.26.0
84529072d CRI: Add host networking helper
0e33a8fa4 [sb] Fix status
ce3a73270 nil check to avoid panic on upgrade
5a3a9baec fatal error: concurrent map iteration and map write
c5fff10fe Bump golangci-lint to v1.50.1
d7507c3c1 Bump grpc to v1.51.0
b94c1018a disable tracing while handling token
f219f7d1e fix sdNotify func when debug level
75b09ac4a images: support specifying SourceDateEpoch via ctx
dc4834924 epoch: propagate SOURCE_DATE_EPOCH via ctx
66f71ea4d Enable GitHub Actions local Linux CI runs
14a38e12b Upgrade GitHub actions packages in release workflow
33e706aec Prepare release notes for v1.7.0-beta.1
d65269fda Add sandbox shutdown API
423f4388b integration: increase timeout in container_event_test.go
80839f11e allow client to remove created tasks with PID 0
a6929f9f6 Add Evented PLEG support to sandbox server
a338abc90 Add container event support to containerd
69975b92b cri: make swapping disabled with memory limit
cde949077 digest: use github.com/minio/sha256-simd
3b71cfd40 metastore: Add WithTransaction convenience method
9df96dc46 support fetching containerd from non public GCS buckets
c59f1635f add metrics for image pulling: success/failure count; in progress count; thoughput
74813786c fuzzing: improve archive fuzzer
176e8d35c image/label: print more characters of label keys
7afe6d92d Fix incorrect defer usage and refactor judgement
20e7b399f prevent Server reuse after a Shutdown
ccd1d22ad fix incorrect namespace of event when create/update namespace
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping docker to version v23.0.1, which comprises the following commits:
4002fa877b vendor: update buildkit to latest v0.10
e697c9365f builder: define GetRemotes for the worker
4c544c3d5f ci: fix branch filter pattern in buildkit workflow
06aca27cc1 ci: enhance tests distribution
001b2e778a ci: update gotestlist to 0.3.1
38b70ebc3b apparmor: Check if apparmor_parser is available
8a5d341d94 [23.0] vendor: github.com/moby/buildkit v0.10.7-0.20230206124303-b8fdb4b78da0
427101f656 libnet/d/ipvlan: gracefully migrate from older dbs
5b7142073f Dockerfile: configure code dir as "safe" directory
7e03250780 graphdriver/overlay2: usingMetacopy ENOTSUP is non-fatal
975bdb2c96 daemon: identify container exits by ProcessID
610250f06e vendor: github.com/containerd/containerd v1.6.16
63a0f1fe09 vendor: github.com/pelletier/go-toml v1.9.5
699e853be3 hack: display build cmd when DOCKER_DEBUG set
b7e0725e98 hack: remove unnecessary vars in make.sh script
96746238b2 hack: remove ORIG_BUILDFLAGS var
df2fe70049 hack: remove -installsuffix build flag
8b83e09b9c client: improve error messaging on crash
26e9face5a [23.0] update containerd binary to v1.6.16
6641852d51 rootless: support `--ipc=host`
8fc49af4ab hack: check if cross-compiling before setting ARM target name
30134ab177 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
3da45c0fe7 fix blockThreshold full bug
941a07b339 ioutils: add regression test for bytespipe deadlock
a21381a55a Dockerfile: prefer ld for building against arm64
2616ebc5ac libnetwork: Support IPv6 in arrangeUserFilterRule()
7a5f3f8053 libnetwork: fix empty-lines (revive)
7cfd4b3471 libnetwork/config: rename ParseConfigOptions() to New()
1090c5fd4c libnetwork/config: inline LoadDefaultScopes()
c93e1e9e66 libnetwork/config: merge DaemonCfg into Config
031fb72313 libnetwork: remove old integration tests
a96a97bf47 libnetwork/config: remove ParseConfig()
9b383dbd51 libnetwork/config: inline ProcessOptions
bed115e664 libnetwork/config: remove "Experimental" and "Debug" options
64cbbaa883 Dockerfile: smoke tests for static builds
4100226e27 Dockerfile: use clang to build dockerd/docker-proxy
dadeec4205 Disable chrootarchive.init() on Windows
f328486cb3 Add GetLibHome stub for non-linux OS
8e83d28f31 vendor: golang.org/x/net v0.5.0
06eb6ab794 vendor: golang.org/x/text v0.6.0
31cf0bf181 vendor: golang.org/x/sys v0.4.0
0e4548bbe1 Dockerfile: fix PKG_CONFIG for xx
8c12a6648b hack: name for target ARM architecture not specified
10c4ada049 hack: typo in displayed platform name
322149038a Add additional loggig in case of error of renaming runtimes-old and removing it
a8926de2a1 Handle docker start inside overlayfs
524de97334 daemon/config: inform the user when the input JSON contains invalid UTF-8
0b2eecdc8a daemon/config: support alternate (common) unicode encodings using a BOM
abff66b283 daemon/config: clean up tests to use common helper
d9bdb61992 cmd/dockerd: use default SIGQUIT behaviour
c627132dc8 vendor: github.com/moby/ipvs v1.1.0
13a31b67de vendor: github.com/vishvananda/netns v0.0.2
bd5d9f3190 vendor: github.com/vishvananda/netns v0.0.1
c8262e912f libnetwork: Remove iptables nat rule when hairpin is disabled
12e3398f64 update to go1.19.5
076d57104a docs: api: synchronise versioned API docs (v1.39 - v1.41)
8ce4ae1345 docs: api: synchronise versioned API docs (v1.42)
f0fe353ca6 api: swagger: add errorDetail to CreateImageInfo
04371160f8 api: docs: add errorDetail to CreateImageInfo (v1.42)
e753cce70f docs: add 401 to possible status codes of /auth
4d7792417e ci: update buildkit to fix integration tests
5802ca9e08 rootless: move ./rootless to ./pkg/rootless
33572e98c1 Use user paths for plugin discovery in rootless mode
52c7a5d96b daemon/config: New(): initialize config with platform-specific defaults
101bd10d0e daemon/config: group JSON preprocessing steps
def679d0e0 daemon/config: ignore UTF-8 BOM in config JSON
cf8c728f3c graphdriver/btrfs: needs kernel headers >= 4.12, not >= 4.7
e40c2410ca Dockerfile.*: drop libbtrfs
51a65e01ac PACKAGERS: update Btrfs graphdriver dependencies
0cf2b14994 graphdriver/btrfs: use free wrapper consistently
21e6c282e6 graphdriver/btrfs: use kernel UAPI headers
42e7a15a63 graphdriver/btrfs: drop version information
01883e1177 daemon/graphdriver: use strconv instead of fmt.Sprintf
25939ee45e libnetwork: improve logs for DNS failures
691b44b4c3 vendor: github.com/containerd/containerd v1.6.15
5aa0c2cae2 [23.0] update containerd binary to v1.6.15
6acc1701ea integration-cli: Fix hanging TestLogsFollowGoroutines*
8dfd907478 hack: restore copy_binaries func
0d1aba547e hack/make: Don't add -buildmode=pie with -race
4da19e2dca Clear conntrack entries for published UDP ports
fe097e018c Fix volume CreatedAt being altered on initialization
d778bbab84 docs: contributing docs update for cross comp
2dd577955c Dockerfile: add "all" stage to build binaries and extra tools
3ef71f9085 ci: add extra steps to check artifacts
8fbfc2676f Dockerfile: rename dev stages
7e286efcd3 ci: use GITHUB_REF and GITHUB_SHA to set version and commit
f29fe2daec bake: define additional vars
3b90bb6ad3 bake: define DESTDIR
171471b613 hack: update buildmode pie condition
7d8c689923 hack: do not set buildmode pie for statically linked binary
75596bee28 hack: use PKG_CONFIG var when checking libdevmapper
29758a067f IAmStatic not used anymore
5d4ddce5ed hack: remove containerutility script
a85bdbe1ca Dockerfile: use TARGETPLATFORM to build Docker
6a0a2c4f79 Always use iptables -C to look for rules
91f2d963c6 Merge iptables.probe() into iptables.detectIptables()
2bf66f725c Check ipt options before looking for ip6t
1b27ab4c73 libnetwork/iptables: Fix test panic when execute only one test
316231cced daemon/graphdriver/devicemapper: simplify Udev log, and update link
770ace39d8 daemon/logger/gcplogs: remove ensureHomeIfIAmStatic workaround
5e4464798f api: can marshal and unmarshal when args.fields is empty
515219b716 Update delve version
0393897695 daemon/graphdriver/btrfs: workaround field rename in btrfs-progs 6.1
7199300239 cmd/docker-proxy: add "-v / --version" flag
e9075f70c7 gha: update buildkit to fix integration tests
b2d2f012b4 errdefs: FromStatusCode() don't log "FIXME" debug message
9980e64341 vendor: github.com/containerd/containerd v1.6.14
5ebd78d5f8 update containerd binary to v1.6.14
f6c2f20cee Dockerfile: delve cross build with TARGETPLATFORM
3d6908c79b Dockerfile: swagger cross build with TARGETPLATFORM
1dc34e889c Dockerfile: containerutility cross build with TARGETPLATFORM
effd7661df Dockerfile: registry cross build with TARGETPLATFORM
f3e3266373 Dockerfile: dockercli cross build with TARGETPLATFORM
fd6316e631 Dockerfile: rootlesskit cross build with TARGETPLATFORM
fbe4db5be0 Dockerfile: tini cross build with TARGETPLATFORM
f9a356c7e9 Dockerfile: runc cross build with TARGETPLATFORM
6e7cc3b7e3 Dockerfile: containerd cross build with TARGETPLATFORM
582b29f587 Dockerfile: DOCKER_STATIC arg
daa28fcf2d Dockerfile: add dummy stage
4cab584a9c Dockerfile: add cross compilation helper
0b12468116 vendor: github.com/containerd/containerd v1.6.13
6570b654f4 vendor: github.com/Microsoft/hcsshim v0.9.6
d8d11bca37 update containerd binary to v1.6.13
a72fb70eb0 vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
dca58c654a daemon: drop side effect from registerLinks()
6149c333ff daemon: don't checkpoint container until registered
42bffae5ff daemon: fix GetContainer() returning (nil, nil)
a6818fd4cb hack: introduce validate/no-module
45fe08c93c hack: replace go-mod-prepare.sh with wrapper script
c508d13372 hack/go-mod-prepare.sh: find root robustly; make steps transparent
036398f512 hack/validate/vendor: clean up license validation step
a4957d2585 hack/validate/vendor: split tidy from vendor
394eaa8495 hack/vendor.sh: allow running tidy & vendor separately
d80f235c47 vendor: github.com/tinylib/msgp v1.1.6
5ca9231b44 vendor: github.com/philhofer/fwd v1.1.2
ffa2c0b517 image/store: Use errdefs for errors
c0c146fc82 Remove uses of deprecated go-digest.NewDigestFromHex, go-digest.Digest.Hex
6295320d91 use consistent alias for gotest.tools/v3/assert/cmp
1cc1395fae vendor: golang.org/x/net v0.4.0
0163808dbe vendor: github.com/prometheus/client_golang v1.14.0
9b62b83429 vendor: github.com/go-logr/logr v1.2.3
d5ffdeb76c vendor: golang.org/x/crypto v0.2.0
4da8dedaab vendor: golang.org/x/net v0.2.0
b14ffffffd vendor: github.com/opencontainers/runc v1.1.3
173df30ac5 vendor: github.com/klauspost/compress v1.15.12
fe62290eed go.mod: github.com/miekg/dns v1.1.43
4952dc2844 distribution: remove unused RequireSchema2
e7b26fa1b1 use ad-hoc libtrust key
f2463e1e86 distribution: use ad-hoc trustkey for tests
139080d093 daemon/config: remove and local trustkey utilities
46e0317bc1 [23.0] remove libtrust tests
docker-ce/libnetwork: update to -tip
f7cdd0e7 Always use iptables -C to look for rules
a6106f66 Merge iptables.probe() into iptables.detectIptables()
49bb4902 Check ipt options before looking for ip6t
51413ef1 libnetwork: processEndpointCreate: Fix deadlock between getSvcRecords and processEndpointCreate
e460ffec skip TestPortMappingV6Config
64b196bd circleci: update to "next-gen" convenience image
50f192e9 circleci: update to docker 20.10
88744155 update to go1.18.9, gofmt, and regenerate proto
9ed130d8 fix linting issues
5e08bdb1 Revert: Added API to set ephemeral port allocator range
047ac186 Cleanup servicebindings only on Windows
6f36306d Delay network deletion until after lb cleanup
a9c349a6 Log HNS policylist removal failures
Bumping docker-cli to version v23.0.1, which comprises the following commits:
27b19a6ac ci: fix branch filter pattern
14aac2c23 vendor: github.com/docker/docker v23.0.0
0cd15abfd vendor: github.com/containerd/containerd v1.6.16
168f1b55e cli/command/container: exit 126 on EISDIR error
53ed25d9b Fix bad ThrottleDevice path
9e3d5d152 Fix issue where one bad credential helper causes none to be returned
1e3622c50 docs: move doc generation scripts to subdir
9b54d860c rm: allow `docker container remove` as an alias
00070e6e2 docs: add note about MKE CA rotation, which is potentially dangerous
67b961789 manifest: save raw manifest content on download
285e137aa manifest: explicitly error if whitespace reconstruction has failed
070825bc7 manifest: add support for oci image types
551c4e9ab Fix typo in reference doc for docker Signed-off-by: Craig Osterhou <craig.osterhout@docker.com>
8672540f8 vendor: github.com/docker/docker v23.0.0-rc.3
c4fff9da1 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
526e5e7c9 vendor: golang.org/x/net v0.5.0
d7f21ea9c vendor: golang.org/x/term v0.4.0
ae43eb0e0 vendor: golang.org/x/text v0.6.0
caf8b152c vendor: golang.org/x/sys v0.4.0
be30cb370 Fix section docker ps --size
5d04b1c49 note `--user` args usage restriction
9bb70217f Add extra newline after additionalHelp output
59e74b44a cli: additionalHelp() don't decorate output if it's piped
fc6be6ad3 cli: pass dockerCLI's in/out/err to cobra cmds
d347678cd README: fix badges
e04f3dd0d docs: fix duplicated format anchor in plugin_ls
c453cc687 vendor: github.com/docker/docker v23.0.0-rc.2
0d16330dd vendor: github.com/containerd/containerd v1.6.15
b9e1ad3d1 update to go1.19.5
d1f02a273 deprecated: update deprecation for btrfs on CentOS/RHEL 7
bdc7e37b3 deprecation: mark btrfs driver as deprecated for CentOS 7 and RHEL7
35d7fbc81 docs: inspect: remove trailing whitespace from example
79c9e527a docs: generate markdown
186dcf30b docs: fix anchors
c49f1ccb4 update cli-docs-tool to v0.5.1
5a5b7a61d contrib: fix engine logging docs link
4595ce588 cmd: set double quotes as code delimiter
81b051298 docs: fix some more anchors
71e561780 docs: fix anchor links
3613fcc86 docs: deprecated: fix link to Docker Desktop 3.2.0 release notes
b81105718 cli/rm_test: Fix TestRemoveForce race condition
42de5cc7f service/logs: use strings.Cut
3fa18636e internal/test: use strings.Cut
c8bd8932a cli/config: use strings.Cut
3bed830a2 cli/compose: use strings.Cut
cb19bf9f7 cli/command: use strings.Cut
acc45f549 cli/command/volume: use strings.Cut
806f9eab6 cli/command/swarm: use strings.Cut
b3557b284 cli/command/stack: use strings.Cut
2b06c0c42 cli/command/service: use strings.Cut
f29992c0f cli/command/network: use strings.Cut
424401233 cli/command/container: use strings.Cut
6c39bc1f6 opts: use strings.Cut for handling key/value pairs
a473c5b38 opts: rename logOptsValidator, fix unhandled errors in tests
d84256132 remove redundant conversions and braces
720a6a823 docs/run: Fix url to blog "Docker can now run within Docker"
946bb9471 Missing exec_die event
784f66014 cli/command/container: remove unused NetworkDisabled field
6fe14e61f vendor: github.com/docker/docker v23.0.0-rc.1 (use tag)
c5982f373 vendor: github.com/inconshreveable/mousetrap v1.1.0
cc859412c vendor: github.com/docker/docker v23.0.0-beta.1.0.20221221173850-cba986b34090
70d24e854 vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
bab905a44 vendor: golang.org/x/crypto v0.2.0
929f23fcf vendor: golang.org/x/net v0.4.0
2df9ff91e vendor: golang.org/x/term v0.3.0
1b75c7c52 vendor: golang.org/x/text v0.5.0
e3e0b7a6c vendor: golang.org/x/sys v0.3.0
6f2f021b6 vendor: github.com/prometheus/client_golang v1.14.0
dedbcec46 vendor: github.com/opencontainers/runc v1.1.3
cd2098c46 vendor: github.com/klauspost/compress v1.15.12
d7869bead vendor: github.com/containerd/containerd v1.6.14
06eba426d cmd/docker: fix typo in deprecation warning
895e7a3df Added missing backslash to documentation sites cli snippet
2f733b87f cli/flags: remove outdated TODO
60d62fb72 cmd/docker: improve error message if BUILDKIT_ENABLED=0
e547881e2 Fix ssh process killed when context is done
35b42efad [completion/zsh] add volume completion
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh two patches for context in the udpated docker-moby.
Bumping moby to version v23.0.1, which comprises the following commits:
4002fa877b vendor: update buildkit to latest v0.10
e697c9365f builder: define GetRemotes for the worker
4c544c3d5f ci: fix branch filter pattern in buildkit workflow
06aca27cc1 ci: enhance tests distribution
001b2e778a ci: update gotestlist to 0.3.1
38b70ebc3b apparmor: Check if apparmor_parser is available
8a5d341d94 [23.0] vendor: github.com/moby/buildkit v0.10.7-0.20230206124303-b8fdb4b78da0
427101f656 libnet/d/ipvlan: gracefully migrate from older dbs
5b7142073f Dockerfile: configure code dir as "safe" directory
7e03250780 graphdriver/overlay2: usingMetacopy ENOTSUP is non-fatal
975bdb2c96 daemon: identify container exits by ProcessID
610250f06e vendor: github.com/containerd/containerd v1.6.16
63a0f1fe09 vendor: github.com/pelletier/go-toml v1.9.5
699e853be3 hack: display build cmd when DOCKER_DEBUG set
b7e0725e98 hack: remove unnecessary vars in make.sh script
96746238b2 hack: remove ORIG_BUILDFLAGS var
df2fe70049 hack: remove -installsuffix build flag
8b83e09b9c client: improve error messaging on crash
26e9face5a [23.0] update containerd binary to v1.6.16
6641852d51 rootless: support `--ipc=host`
8fc49af4ab hack: check if cross-compiling before setting ARM target name
30134ab177 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
3da45c0fe7 fix blockThreshold full bug
941a07b339 ioutils: add regression test for bytespipe deadlock
a21381a55a Dockerfile: prefer ld for building against arm64
2616ebc5ac libnetwork: Support IPv6 in arrangeUserFilterRule()
7a5f3f8053 libnetwork: fix empty-lines (revive)
7cfd4b3471 libnetwork/config: rename ParseConfigOptions() to New()
1090c5fd4c libnetwork/config: inline LoadDefaultScopes()
c93e1e9e66 libnetwork/config: merge DaemonCfg into Config
031fb72313 libnetwork: remove old integration tests
a96a97bf47 libnetwork/config: remove ParseConfig()
9b383dbd51 libnetwork/config: inline ProcessOptions
bed115e664 libnetwork/config: remove "Experimental" and "Debug" options
64cbbaa883 Dockerfile: smoke tests for static builds
4100226e27 Dockerfile: use clang to build dockerd/docker-proxy
dadeec4205 Disable chrootarchive.init() on Windows
f328486cb3 Add GetLibHome stub for non-linux OS
8e83d28f31 vendor: golang.org/x/net v0.5.0
06eb6ab794 vendor: golang.org/x/text v0.6.0
31cf0bf181 vendor: golang.org/x/sys v0.4.0
0e4548bbe1 Dockerfile: fix PKG_CONFIG for xx
8c12a6648b hack: name for target ARM architecture not specified
10c4ada049 hack: typo in displayed platform name
322149038a Add additional loggig in case of error of renaming runtimes-old and removing it
a8926de2a1 Handle docker start inside overlayfs
524de97334 daemon/config: inform the user when the input JSON contains invalid UTF-8
0b2eecdc8a daemon/config: support alternate (common) unicode encodings using a BOM
abff66b283 daemon/config: clean up tests to use common helper
d9bdb61992 cmd/dockerd: use default SIGQUIT behaviour
c627132dc8 vendor: github.com/moby/ipvs v1.1.0
13a31b67de vendor: github.com/vishvananda/netns v0.0.2
bd5d9f3190 vendor: github.com/vishvananda/netns v0.0.1
c8262e912f libnetwork: Remove iptables nat rule when hairpin is disabled
12e3398f64 update to go1.19.5
076d57104a docs: api: synchronise versioned API docs (v1.39 - v1.41)
8ce4ae1345 docs: api: synchronise versioned API docs (v1.42)
f0fe353ca6 api: swagger: add errorDetail to CreateImageInfo
04371160f8 api: docs: add errorDetail to CreateImageInfo (v1.42)
e753cce70f docs: add 401 to possible status codes of /auth
4d7792417e ci: update buildkit to fix integration tests
5802ca9e08 rootless: move ./rootless to ./pkg/rootless
33572e98c1 Use user paths for plugin discovery in rootless mode
52c7a5d96b daemon/config: New(): initialize config with platform-specific defaults
101bd10d0e daemon/config: group JSON preprocessing steps
def679d0e0 daemon/config: ignore UTF-8 BOM in config JSON
cf8c728f3c graphdriver/btrfs: needs kernel headers >= 4.12, not >= 4.7
e40c2410ca Dockerfile.*: drop libbtrfs
51a65e01ac PACKAGERS: update Btrfs graphdriver dependencies
0cf2b14994 graphdriver/btrfs: use free wrapper consistently
21e6c282e6 graphdriver/btrfs: use kernel UAPI headers
42e7a15a63 graphdriver/btrfs: drop version information
01883e1177 daemon/graphdriver: use strconv instead of fmt.Sprintf
25939ee45e libnetwork: improve logs for DNS failures
691b44b4c3 vendor: github.com/containerd/containerd v1.6.15
5aa0c2cae2 [23.0] update containerd binary to v1.6.15
6acc1701ea integration-cli: Fix hanging TestLogsFollowGoroutines*
8dfd907478 hack: restore copy_binaries func
0d1aba547e hack/make: Don't add -buildmode=pie with -race
4da19e2dca Clear conntrack entries for published UDP ports
fe097e018c Fix volume CreatedAt being altered on initialization
d778bbab84 docs: contributing docs update for cross comp
2dd577955c Dockerfile: add "all" stage to build binaries and extra tools
3ef71f9085 ci: add extra steps to check artifacts
8fbfc2676f Dockerfile: rename dev stages
7e286efcd3 ci: use GITHUB_REF and GITHUB_SHA to set version and commit
f29fe2daec bake: define additional vars
3b90bb6ad3 bake: define DESTDIR
171471b613 hack: update buildmode pie condition
7d8c689923 hack: do not set buildmode pie for statically linked binary
75596bee28 hack: use PKG_CONFIG var when checking libdevmapper
29758a067f IAmStatic not used anymore
5d4ddce5ed hack: remove containerutility script
a85bdbe1ca Dockerfile: use TARGETPLATFORM to build Docker
6a0a2c4f79 Always use iptables -C to look for rules
91f2d963c6 Merge iptables.probe() into iptables.detectIptables()
2bf66f725c Check ipt options before looking for ip6t
1b27ab4c73 libnetwork/iptables: Fix test panic when execute only one test
316231cced daemon/graphdriver/devicemapper: simplify Udev log, and update link
770ace39d8 daemon/logger/gcplogs: remove ensureHomeIfIAmStatic workaround
5e4464798f api: can marshal and unmarshal when args.fields is empty
515219b716 Update delve version
0393897695 daemon/graphdriver/btrfs: workaround field rename in btrfs-progs 6.1
7199300239 cmd/docker-proxy: add "-v / --version" flag
e9075f70c7 gha: update buildkit to fix integration tests
b2d2f012b4 errdefs: FromStatusCode() don't log "FIXME" debug message
9980e64341 vendor: github.com/containerd/containerd v1.6.14
5ebd78d5f8 update containerd binary to v1.6.14
f6c2f20cee Dockerfile: delve cross build with TARGETPLATFORM
3d6908c79b Dockerfile: swagger cross build with TARGETPLATFORM
1dc34e889c Dockerfile: containerutility cross build with TARGETPLATFORM
effd7661df Dockerfile: registry cross build with TARGETPLATFORM
f3e3266373 Dockerfile: dockercli cross build with TARGETPLATFORM
fd6316e631 Dockerfile: rootlesskit cross build with TARGETPLATFORM
fbe4db5be0 Dockerfile: tini cross build with TARGETPLATFORM
f9a356c7e9 Dockerfile: runc cross build with TARGETPLATFORM
6e7cc3b7e3 Dockerfile: containerd cross build with TARGETPLATFORM
582b29f587 Dockerfile: DOCKER_STATIC arg
daa28fcf2d Dockerfile: add dummy stage
4cab584a9c Dockerfile: add cross compilation helper
0b12468116 vendor: github.com/containerd/containerd v1.6.13
6570b654f4 vendor: github.com/Microsoft/hcsshim v0.9.6
d8d11bca37 update containerd binary to v1.6.13
a72fb70eb0 vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
dca58c654a daemon: drop side effect from registerLinks()
6149c333ff daemon: don't checkpoint container until registered
42bffae5ff daemon: fix GetContainer() returning (nil, nil)
a6818fd4cb hack: introduce validate/no-module
45fe08c93c hack: replace go-mod-prepare.sh with wrapper script
c508d13372 hack/go-mod-prepare.sh: find root robustly; make steps transparent
036398f512 hack/validate/vendor: clean up license validation step
a4957d2585 hack/validate/vendor: split tidy from vendor
394eaa8495 hack/vendor.sh: allow running tidy & vendor separately
d80f235c47 vendor: github.com/tinylib/msgp v1.1.6
5ca9231b44 vendor: github.com/philhofer/fwd v1.1.2
ffa2c0b517 image/store: Use errdefs for errors
c0c146fc82 Remove uses of deprecated go-digest.NewDigestFromHex, go-digest.Digest.Hex
6295320d91 use consistent alias for gotest.tools/v3/assert/cmp
1cc1395fae vendor: golang.org/x/net v0.4.0
0163808dbe vendor: github.com/prometheus/client_golang v1.14.0
9b62b83429 vendor: github.com/go-logr/logr v1.2.3
d5ffdeb76c vendor: golang.org/x/crypto v0.2.0
4da8dedaab vendor: golang.org/x/net v0.2.0
b14ffffffd vendor: github.com/opencontainers/runc v1.1.3
173df30ac5 vendor: github.com/klauspost/compress v1.15.12
fe62290eed go.mod: github.com/miekg/dns v1.1.43
4ee3cc2531 vendor: github.com/containerd/containerd v1.6.12
48a0d8a8d1 [23.0] update containerd binary to v1.6.12 (addresses CVE-2022-23471)
4952dc2844 distribution: remove unused RequireSchema2
e7b26fa1b1 use ad-hoc libtrust key
f2463e1e86 distribution: use ad-hoc trustkey for tests
139080d093 daemon/config: remove and local trustkey utilities
46e0317bc1 [23.0] remove libtrust tests
Bumping libnetwork to version v0.7.0-dev.3-1857-g05b93e0d, which comprises the following commits:
f7cdd0e7 Always use iptables -C to look for rules
a6106f66 Merge iptables.probe() into iptables.detectIptables()
49bb4902 Check ipt options before looking for ip6t
51413ef1 libnetwork: processEndpointCreate: Fix deadlock between getSvcRecords and processEndpointCreate
e460ffec skip TestPortMappingV6Config
64b196bd circleci: update to "next-gen" convenience image
50f192e9 circleci: update to docker 20.10
88744155 update to go1.18.9, gofmt, and regenerate proto
9ed130d8 fix linting issues
5e08bdb1 Revert: Added API to set ephemeral port allocator range
047ac186 Cleanup servicebindings only on Windows
6f36306d Delay network deletion until after lb cleanup
a9c349a6 Log HNS policylist removal failures
docker-moby/cli: update to 23.0.x
27b19a6ac ci: fix branch filter pattern
14aac2c23 vendor: github.com/docker/docker v23.0.0
0cd15abfd vendor: github.com/containerd/containerd v1.6.16
168f1b55e cli/command/container: exit 126 on EISDIR error
53ed25d9b Fix bad ThrottleDevice path
9e3d5d152 Fix issue where one bad credential helper causes none to be returned
1e3622c50 docs: move doc generation scripts to subdir
9b54d860c rm: allow `docker container remove` as an alias
00070e6e2 docs: add note about MKE CA rotation, which is potentially dangerous
67b961789 manifest: save raw manifest content on download
285e137aa manifest: explicitly error if whitespace reconstruction has failed
070825bc7 manifest: add support for oci image types
551c4e9ab Fix typo in reference doc for docker Signed-off-by: Craig Osterhou <craig.osterhout@docker.com>
8672540f8 vendor: github.com/docker/docker v23.0.0-rc.3
c4fff9da1 vendor: github.com/moby/swarmkit/v2 v2.0.0-20230119195359-904c221ac281
526e5e7c9 vendor: golang.org/x/net v0.5.0
d7f21ea9c vendor: golang.org/x/term v0.4.0
ae43eb0e0 vendor: golang.org/x/text v0.6.0
caf8b152c vendor: golang.org/x/sys v0.4.0
be30cb370 Fix section docker ps --size
5d04b1c49 note `--user` args usage restriction
9bb70217f Add extra newline after additionalHelp output
59e74b44a cli: additionalHelp() don't decorate output if it's piped
fc6be6ad3 cli: pass dockerCLI's in/out/err to cobra cmds
d347678cd README: fix badges
e04f3dd0d docs: fix duplicated format anchor in plugin_ls
c453cc687 vendor: github.com/docker/docker v23.0.0-rc.2
0d16330dd vendor: github.com/containerd/containerd v1.6.15
b9e1ad3d1 update to go1.19.5
d1f02a273 deprecated: update deprecation for btrfs on CentOS/RHEL 7
bdc7e37b3 deprecation: mark btrfs driver as deprecated for CentOS 7 and RHEL7
35d7fbc81 docs: inspect: remove trailing whitespace from example
79c9e527a docs: generate markdown
186dcf30b docs: fix anchors
c49f1ccb4 update cli-docs-tool to v0.5.1
5a5b7a61d contrib: fix engine logging docs link
4595ce588 cmd: set double quotes as code delimiter
81b051298 docs: fix some more anchors
71e561780 docs: fix anchor links
3613fcc86 docs: deprecated: fix link to Docker Desktop 3.2.0 release notes
b81105718 cli/rm_test: Fix TestRemoveForce race condition
42de5cc7f service/logs: use strings.Cut
3fa18636e internal/test: use strings.Cut
c8bd8932a cli/config: use strings.Cut
3bed830a2 cli/compose: use strings.Cut
cb19bf9f7 cli/command: use strings.Cut
acc45f549 cli/command/volume: use strings.Cut
806f9eab6 cli/command/swarm: use strings.Cut
b3557b284 cli/command/stack: use strings.Cut
2b06c0c42 cli/command/service: use strings.Cut
f29992c0f cli/command/network: use strings.Cut
424401233 cli/command/container: use strings.Cut
6c39bc1f6 opts: use strings.Cut for handling key/value pairs
a473c5b38 opts: rename logOptsValidator, fix unhandled errors in tests
d84256132 remove redundant conversions and braces
720a6a823 docs/run: Fix url to blog "Docker can now run within Docker"
946bb9471 Missing exec_die event
784f66014 cli/command/container: remove unused NetworkDisabled field
6fe14e61f vendor: github.com/docker/docker v23.0.0-rc.1 (use tag)
c5982f373 vendor: github.com/inconshreveable/mousetrap v1.1.0
cc859412c vendor: github.com/docker/docker v23.0.0-beta.1.0.20221221173850-cba986b34090
70d24e854 vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
bab905a44 vendor: golang.org/x/crypto v0.2.0
929f23fcf vendor: golang.org/x/net v0.4.0
2df9ff91e vendor: golang.org/x/term v0.3.0
1b75c7c52 vendor: golang.org/x/text v0.5.0
e3e0b7a6c vendor: golang.org/x/sys v0.3.0
6f2f021b6 vendor: github.com/prometheus/client_golang v1.14.0
dedbcec46 vendor: github.com/opencontainers/runc v1.1.3
cd2098c46 vendor: github.com/klauspost/compress v1.15.12
d7869bead vendor: github.com/containerd/containerd v1.6.14
06eba426d cmd/docker: fix typo in deprecation warning
895e7a3df Added missing backslash to documentation sites cli snippet
2f733b87f cli/flags: remove outdated TODO
60d62fb72 cmd/docker: improve error message if BUILDKIT_ENABLED=0
e547881e2 Fix ssh process killed when context is done
35b42efad [completion/zsh] add volume completion
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This is the start of a container multiconfig reference. See the
container-host image type for an example use of the configuration.
As usual, ensure that: BBMULTICONFIG = "container"
is in your configuration to fully enable its use.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping compose to version v2.14.0-155-ga93f09ef, which comprises the following commits:
51bcfa37 build(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.16
982a8ccb support dry-run for kill command
790712fa update tty and plain text writers to support dry run mode
97752b23 refresh Maintainers list
634a7d2a Support for docker compose build --push when using multiple platforms
a288332f Update docs to add `--scale` argument to `compose create`
9d53ed8f Add `--scale` to `compose create`, refactor scale option
df707352 Fix: Handle concurrent threads using mutex on the rainbowColor function
d8bf175c Remove unecessary files
4816f40b Fix: remove the infinite goroutine
ed5a2e83 Remove unecessary files
fa8d075d Fix: remove the infinite goroutine
33c3f4df alias -n for --tail to align with docker CLI
aa313873 cleanup TUI lines after switching to "compact" mode
d47f0f31 Update docs to mention `COMPOSE_PARALLEL_LIMITS` and ways to configure parallelism
4721c017 fix docs to reflect docker compose ps being aligned with docker ps
5919fcb4 Revert "Fix Goroutine leak in v2/command/formatter"
3a21e1e3 Fix Linting Issues
b670aefb Feat: Clean inifinite Goroutine
220626ec Only account running containers for logs
291e1bd6 bump compose-go to version v1.9.0
e94eb056 allow a TTY to be allocated with -t
c15bf195 debounce refresh requests with quietperiod
0b1c8672 Add tests for filtering containers not created by Compose
82ef9985 Ignore containers created outside compose
fb36f7ff directly embed the orignal APIClient in the DryRunClient
3fac506a identify functions which need to be ovorridden for dry run feature
eb59b0e2 add alpha command to test dry-run
5081ab05 create custom CLI when dry-run mode active update documentation
13ef440d add DryRun API Client with delagation pattern
fbf845c5 add dry-run flag
5a2b7b83 use compose service methods when exist instead of directly service.dockerCli
8c07fa4d mark alpha command as experimental
9daf4189 Adjust terminal height calc
bb9cf322 introduce experimental watch command (skeletton)
69a09624 Skip child events when printer events > terminal height
f2088bb9 fix typo
dadad01e Update docs programatically like you're supposed to
1adc9f54 fix docs yaml
4cebce3a This option lives in the create options, not the run options
bd8e5744 Add remove-orphans functionality to run, because it recommends that in error messages
4ad87463 Add :cucumber: GHA workflow
cc912c62 introduce --remove-orphans in compose create command
3e12a7cb pass proxy config as build args - same as docker/buildx#959
0c197997 Remove unused kube tag
73ebbffb Don't share the options map
b326a9da don't filter by services if no filter was set
f1313f3a use a simpler prompt implementation when we lack a terminal
a226d014 fix CVE-2022-27664 and CVE-2022-32149 high-risk vulnerability
7e2af3aa build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15
96bbda98 add support for uts namespace
aa5cdf2b add support for COMPOSE_PARALLEL_LIMIT (parity with Compose v1)
d5e4f006 introduce --no-attach to ignore some service output
8b4ac37f introduce `--ignore-buildable` to ignore buildable images on pull
b96e27e0 limit build concurrency according to --parallel
37d15d7e Ignore not only auto-removed containers but also "removal in progress" for orphan containers
dde7eea2 Update expected Cucumber `compose ps` output to match changes
a2247807 Set `pullChanged` when setting `--pull` on `compose up`
ffce33ec Fix empty file when using compose config in case of smaller source files
8a3248d0 Update documentation
52e7f0fb build(deps): bump github.com/docker/cli-docs-tool from 0.5.0 to 0.5.1
fd353ffa add support of privileged attribut in service.build section
adf8e753 cleanup framework.go from uncessary debug logs
9f7ad18d reduce cyclomatic complexity
40ebcd62 fix security opts support (seccomp and unconfined)
9bd9f176 check service names based on project, not running containers
5dcadc05 debut output for CI
c72f161a change the way finding the just built compose binary
86a648bd e2e tests display Compose version used to run the test currently the version displayed is the one installed and not the one use for the tests
27a32419 rely on CI timeout
935968fe add buildx plugin to e2e configuration directory
91371fef remove flaky TestLocalComposeLogsFollow
986bc445 service hash MUST exclude replicas
24f83271 don't assume os.Stdout and rely on dockerCLI.streams
dacf2437 dump stdout to help diagnose flaky test
22d2e838 don't fail `logs` when driver:none is set
b4b73199 introduce support for cgroup namespace
aae5ddca build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14
0ab5079c fix race condition on compose logs
89ef8198 update projectOptions to be public by renaming it to ProjectOptions
b8bbdcd8 detect dependency failed to start
d0e95cca set CPU quota
7bc27d44 Use `DOCKER_DEFAULT_PLATFORM` to determine platform when creating container
c1ce53c9 fix regression running pull --ignore-pull-failures
e42673da only list running containers when --all=false
ffb95449 volume: fix WCOW volume mounts
5c1484ec apply uid/gid when creating secret from environment
84984864 load project from explicit --files when set
8566daa9 use recently introduced `withSelectedServicesOnly` to reduce code duplication
84ea395d introduce --timestamp option on compose up
1cb5536a Address review comments
e4850d9c Add --include-deps to push command
8c39b5b7 align `--format` flag and UX with docker cli
bc568eeb align `compose ps` output with `docker ps`
a501ab3a use StatusError from docker/cli, not "dockerd"
d4a4dcf4 resolve --env-file as absolute path
05e987dd fix parsing of repository:tag
0368f190 distinguish stdout and stderr in `up` logs
3ee2ab87 ContainerStart must run sequentially for engine to assing distinct ports within configured range
8f991a20 Fix corner case when there's no container to attach to
0234e134 Don't stop pull for images that can be built
c342891f Squashed commit of the following:
8ef34947 build(deps): bump github.com/containerd/containerd from 1.6.10 to 1.6.12
cc247fdb remove go.* from e2e tests directory
a4ac6ab6 added table of contents inside readme
a73dce44 fix race condition collecting pulled images IDs
804d7163 detect required service are gone to stop watching explicit API to stop the log printer
cc60026c update to go1.19.4
87a0a57f Cleanup tips from output
95bc6c58 check only running containers in after down tests of profiles e2e tests
57a1e1e0 Update `e2e` mod deps
02305756 build(deps): bump go.opentelemetry.io/otel from 1.11.1 to 1.11.2
a0acc20d introduce --parallel to limit concurrent engine calls
053f20ed port: improve error-handling if port not found (#10039)
9b8d520b ci: upgrade to Go 1.19.3 & bump deps
113fb673 schema: add support for tmpfs.mode in mount definition (#10031)
b9e5f9e9 test: speed up Cucumber stop test (#10032)
c74a77e8 Make use of Containers.filter() and isService()
7f975fa4 Fix replacing "service:x" with "container:y"
73691276 use StringToBool to detect COMPOSE_IGNORE_ORPHANS
2e7644ff use api.Separator to print right image names
8f2b7471 use DistributionInspect to resolve image digest
9ac4f699 move image digests resolution to backend
2bef9769 Broken Link fixed in compose docs
707d55c7 add file header and cleanup profiles e2e tests
5edd7830 add e2e tests to check profile activation via targeted service
6fbef296 add e2e tests to check no profile usages
7fe43a8b add e2e tests using explicitly profiles
24ec0b2d pass services list to projectOrName function to add profiles for targeted services
ed38fe0d only stop services started by `up` on interruption
06e71371 docs: fix grammatical issues (#9997)
fb5b90ed implement support for oom_score_adj
10a5d998 useDockerDefaultOrServicePlatform fct should return service.platform if defined and present in the build.platforms list (or if the list is empty)
c3e5e499 configure buildx for plain output if --ansi=never has been set
4bf98c70 change the default branch of the doc repository
d7a24e9c Update `e2e` module deps
19d6ca9c ignore error parsing container number label, just warn
6fe03e93 Update docs
35d31cc5 Add `--build` option to `compose run`
7c5675c3 use platform defined by DOCKER_DEFAULT_PLATFORM when pulling and no service platform defined
a077e8a2 display creation warnings from the engine
8c1e2af3 add e2e tests to check build dependency between services
a9e07020 check if a missing image won't be build via a service declared in depends_on section
32f29b83 add --no-consistency flag to convert command
533fc616 use COMPOSE_PROFILES value only if no command line arg profiles used
bfb9e11f build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10
09e742b3 exclude issues with the kind/feature label from stale bot process
306ae161 ci: upgrade to compose-go v1.7.0
fd4aecef ci: update dependencies to latest
34e945a5 ci: remove uses of deprecated gotest.tools v2 (#9935)
e1899421 Update `e2e` module dependencies
369e9125 build(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.9
7ba9aac5 add support of deploy.reservation.memory
6d64242f Update deps for `e2e` module
eaf27d9d map deploy.restart_policy.condition to engine values
36a91839 build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1
533abc3b go.mod: docker 5aac513617f072b15322b147052cbda0d451d389 / v22.06-dev
197c1690 update docker engine API to apply fix of CVE-2022-39253
c630c8d2 go.mod: update docker-credential-helpers v0.7.0
41cf5ee3 go.mod: remove replace for runc
b7053cad go mod: tidy and group "require" blocks, update comments
717ace99 Update `e2e` module deps
8bdfc627 build(deps): bump go.opentelemetry.io/otel from 1.11.0 to 1.11.1
dd13299e Skip flaky test in CI
3f0550f8 log the error object instead of the string message only
18ce1f41 replace deprecated functions
3bf29d40 bump docker dependencies version
7424a3d3 Fix Makefile target `validate-go-mod` to only run correct bakefile target
6b7e9466 Update `e2e` module deps
91eae4f0 Add Codecov
8b897214 port: fix container name in error message (#9909)
f43a1e3e github: add feature request template
fa1ae635 github: switch to issue template form
afc0263f build(deps): bump go.opentelemetry.io/otel from 1.10.0 to 1.11.0
bb002a76 Update e2e mod dependencies
2ccd57e0 build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping umoci to version v0.4.7-117-gfb2db51, which comprises the following commits:
3544ece build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1
5978bb9 build(deps): bump github.com/vbatts/go-mtree from 0.5.1 to 0.5.2
7c782c4 README: add dummy comment to start to make Hugo happy
777164a build(deps): bump github.com/opencontainers/runc from 1.1.2 to 1.1.4
1714399 build(deps): bump github.com/docker/go-units from 0.4.0 to 0.5.0
ed6b0f4 build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1
14756db build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.8.0
2034a22 test: handle /etc/pki/ca-trust with Fedora images
2163223 *: improve io.Pipe CloseWithError usage
aab35e4 *: implement EINTR-retry logic for io.Copy users
We also switch BUILD_FLAGS to STATIC_BUILD_FLAGS, as the Makefile
variable has changed.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original tar output of the oci image followed the sloci-image
convention of putting the oci contents into a subdirectory in the
tarball. This allows it to work directly with skopeo, etc, but it
isn't the format that tools like podman expect in an oci-image
tarball.
We move the original format to have "-dir" in the name, and let
the more simply named one be the oci-image format as expcted by
various 3rd party tools
1) image_name.tar: compatible with oci tar format, blobs and
rootfs are at the top level. Can load directly from something like podman
2) image_name-dir.tar: original format from meta-virt, is just a
tar'd up oci image directory (compatible with skopeo :dir format)
We also fix a bug in the sloci-image backend, where the sloci tar
was removing the raw oci image directory leaving a dangling symlink.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
